Module Name
nShield Solo XC F3 and nShield Solo XC F3 for nShield Connect XC and for nShield Issuance HSM
Validation Dates
12/10/2020
Caveat
When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Physical Security: Level 3
- EMI/EMC: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Embedded
Description
The nShield XC F3 PCIe card, sold as nShield XC F3 PCIe server-embedded hardware security modules (HSMs) and also used in the nShield Connect XC and nShield Issuance HSM network appliance HSMs, are multi-tasking HSMs optimized for symmetric and asymmetric operations on protected keys. The nShield modules are FIPS 140-2 Level 2 embedded devices for applications including but not limited to PKI, SSL/TLS, Secure Manufacturing, Data Protection, Key Management and Provisioning.
FIPS Algorithms
AES |
Cert. #C1105 |
CKG |
vendor affirmed |
CVL |
Cert. #C1105 |
DRBG |
Cert. #C1105 |
DSA |
Cert. #C1105 |
ECDSA |
Certs. #805 and #C1105 |
HMAC |
Cert. #C1105 |
KBKDF |
Cert. #C1105 |
KTS |
AES Cert. #C1105; key establishment methodology provides between 112 and 256 bits of encryption strength |
KTS |
vendor affirmed |
RSA |
Cert. #C1105 |
SHS |
Certs. #3130 and #C1105 |
Triple-DES |
Cert. #C1105 |
Allowed Algorithms
Diffie-Hellman (CVL Cert. #C1105, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C1105, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC MQV (CVL Cert. #C1105, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG
Hardware Versions
NC4035E-000 and NC4335N-000, Build Standard A
Firmware Versions
12.50.11