U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #4151

Details

Module Name
u.trust Anchor
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
3
Caveat
When operated in FIPS mode
Module Type
Hardware
Embodiment
Multi-Chip Embedded
Description
u.trust Anchor is a new generation of HSM, comprising all traditional hardware security features and introducing containerized HSMs (cHSMs). Each cHSM provides secure cryptographic services such as signing and verification of data, encryption or decryption, hashing, on-board random number generation and secure key generation, key storage and key management functions in a tamper-protected multi-tenant environment. The HSM delivers a highly elastic HSM architecture that scales rapidly on demand and enables service providers to deliver HSM as a Service (HSMaaS) in multiple use cases.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #A1560 and #A1561
CKG vendor affirmed
CVL Cert. #A1560
DRBG Certs. #A1561 and #A1564
DSA Cert. #A1560
ECDSA Certs. #A1560 and #A1561
ENT P
HMAC Certs. #A1560 and #A1561
KAS KAS-SSC Cert. #A1560, KDA Cert. #A1560
KAS KAS-SSC Cert. #A1560, CVL Cert. #A1560
KAS KAS-SSC Cert. #A1561, KDA Cert. #A1561
KAS-SSC Certs. #A1560 and #A1561
KBKDF Certs. #A1560 and #A1561
KDA Certs. #A1560 and #A1561
KTS AES Cert. #A1560 and AES Cert. #A1560
KTS AES Cert. #A1561 and AES Cert. #A1561
KTS AES Cert. #A1560; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS-RSA Cert. #A1560 and #A1561; key establishment methodology provides between 112 and 256 bits of encryption strength
RSA Certs. #A1560 and #A1561
SHA-3 Certs. #A1560 and #A1562
SHS Certs. #A1560, #A1561, #A1563, and #A1564
Triple-DES Cert. #A1560
Allowed Algorithms
EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (shared secret computation provides between 112 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength); Triple-DES (Cert. #1560, key unwrapping)
Hardware Versions
Hardware P/N u.trust Anchor Version 7.03.0.3
Firmware Versions
Device System v1.17.4 and Sensory Controller v3.02.0.7

Vendor

Utimaco IS GmbH
Germanusstraße 4
Aachen 52080
Germany

Erling Wesselhoff
erling.wesselhoff@utimaco.com
Phone: +49 241-1696-200
Fax: +49 241-1696-199

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
2/10/2022 Initial PENUMBRA SECURITY