Module Name
CN6000 Series Encryptors
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode
Embodiment
Multi-Chip Stand Alone
Description
The CN6000 Series are high-speed hardware encryption platforms that secure data over optical and twisted-pair Ethernet networks. Models included are the CN6100 10G Ethernet; operating at a line rate of 10Gb/s and the CN6040 1G Ethernet; operating at a line rate of up to 1Gb/s. Data privacy is provided by FIPS approved AES CFB and CTR algorithms. GCM is also available for applications that demand authentication. TRANSEC (aka Traffic Flow Security or TFS) can be used to remove patterns in network traffic and prevent traffic analysis.
FIPS Algorithms
AES |
Certs. #C1339, #C1340 and #C1341 |
CKG |
vendor affirmed |
CVL |
Cert. #C1339 |
DRBG |
Cert. #C1339 |
ECDSA |
Cert. #C1339 |
HMAC |
Cert. #C1339 |
KAS |
Cert. #C1339 |
KBKDF |
Cert. #C1339 |
KTS |
vendor affirmed |
KTS |
AES Cert. #C1339 and HMAC Cert. #C1339; key establishment methodology provides 256 bits of encryption strength |
RSA |
Cert. #C2207 |
SHS |
Cert. #C1339 |
Triple-DES |
Cert. #C1339 |
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C1339, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
Senetas Corp. Ltd. CN6000 Series: A6040B (AC), A6041B (DC), A6042B (AC/DC), A6100B (AC), A6101B (DC) and A6102B (AC/DC); Senetas Corp. Ltd. & SafeNet Inc CN6000 Series: A6040B (AC), A6041B (DC), A6042B (AC/DC), A6100B (AC), A6101B (DC) and A6102B (AC/DC); Senetas Corp. Ltd. & Thales CN6000 Series: A6040B (AC), A6041B (DC), A6042B (AC/DC), A6100B (AC), A6101B (DC) and A6102B (AC/DC)