U.S. flag   An unofficial archive of your favorite United States government website
This is an archive
(replace .gov by .rip)

Cryptographic Module Validation Program CMVP

Certificate #3521

Details

Module Name
NITROXIII CNN35XX-NFBE HSM Family
Standard
FIPS 140-2
Status
Active
Sunset Date
1/17/2023
Validation Dates
09/08/2019
Overall Level
3
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security-relevant modification to Cert. #3108
Security Level Exceptions
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Embedded
Description
CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in a virtualization environment to extend services like virtual key management, crypto and TLS offloads to VMs in dedicated I/O channels. This product is suitable for PKI vendors, SSL servers/load balancers.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #2033, #2034, #2035, #3205, #3206 and #4104
CKG vendor affirmed
CVL Certs. #167 and #563
DRBG Cert. #680
DSA Cert #916
ECDSA Cert. #589
HMAC Certs. #1233 and #2019
KAS Cert. #53
KAS SP 800-56B, vendor affirmed
KBKDF Cert #65
KTS AES Certs. #3206 and #4104
KTS Triple-DES Cert. #2242; key establishment methodology provides 112 bits of encryption strength
RSA Certs. #1634 and #2218
SHS Certs. #1780 and #2652
Triple-DES Certs. #1311 and #2242
Allowed Algorithms
MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Hardware Versions
CNL3560P-NFBE-G, CNL3560P-NFBE-2.0-G, CNL3560M-NFBE-2.0G, CNL3560-NFBE-G, CNL3560-NFBE-2.0-G, CNL3530-NFBE-G, CNL3530-NFBE-2.0-G, CNL3510-NFBE-G, CNL3510-NFBE-2.0-G, CNL3510P-NFBE-G, CNL3510P-NFBE-2.0-G, CNN3560P-NFBE-G, CNN3560P-NFBE-2.0-G, CNN3560-NFBE-G, CNN3560-NFBE-2.0-G, CNN3530-NFBE-G, CNN3530-NFBE-2.0-G, CNN3510-NFBE-G and CNN3510-NFBE-2.0-G
Firmware Versions
CNN35XX-NFBE-FW-3.3 build 11

Vendor

Marvell Semiconductor, Inc.
5488 Marvell Lane
Santa Clara, CA 95054
USA

Phanikumar Kancharla
pkkancharla@marvell.com
Phone: 408-943-7496
Fax: N/A
Tejijnder Singh
Tejinder.Singh@marvell.com
Phone: 408-943-7403
Fax: 408-577-1992

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0