U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Cryptographic Module Validation Program CMVP

Certificate #4263

Details

Module Name
NITROXIII CNN35XX-NFBE HSM Family
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
3
Caveat
When operated in FIPS mode
Security Level Exceptions
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Embedded
Description
CNN35XX-NFBE HSM Family is a high performance purpose built solution for key management and crypto acceleration compliance to FIPS 140-2 level 3. The module supports flexible key store that can be partitioned up to 32 individually managed and isolated partitions. This is a SRIOV capable PCIe adapter and can be used in a virtualization environment to extend services like virtual key management, offloading general and TLS specific crypto operations through dedicated logical I/O channels. This product is suitable for PKI users, vendors, TLS servers/load balancers.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #2033, #2034, #2035, #3205 and #3206
CKG vendor affirmed
CVL Certs. #167, #563, #A1936 and #A1937
DRBG Cert. #680
DSA Cert. #916
ECDSA Cert. #589
ENT P
HMAC Certs. #1233 and #2019
KAS Cert. #A1934
KAS-RSA Cert. #A1935
KBKDF Cert. #65
KTS AES Cert. #3206
RSA Certs. #1634 and #A1936
SHS Certs. #1780 and #2652
Triple-DES Cert. #1311
Allowed Algorithms
RSA (CVL Cert #A1936, key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength)
Hardware Versions
P/Ns CNL3560P-NFBE-G, CNL3560P-NFBE-2.0-G, CNL3560P-NFBE-3.0-G, CNL3560B-NFBE-2.0-G, CNL3560B-NFBE-3.0-G, CNL3560-NFBE-G, CNL3560-NFBE-2.0-G, CNL3560-NFBE-3.0-G, CNL3560A-NFBE-3.0-G, CNL3560C-NFBE-3.0-G, CNL3560D-NFBE-3.0-G, CNL3560E-NFBE-3.0-G, CNL3560F-NFBE-3.0-G, CNL3530-NFBE-G, CNL3530-NFBE-2.0-G, CNL3530-NFBE-3.0-G, CNL3530B-NFBE-2.0-G, CNL3530B-NFBE-3.0-G, CNL3530A-NFBE-3.0-G, CNL3530C-NFBE-3.0-G, CNL3530D-NFBE-3.0-G, CNL3530E-NFBE-3.0-G, CNL3530F-NFBE-3.0-G, CNL3510-NFBE-G, CNL3510-NFBE-2.0-G, CNL3510-NFBE-3.0-G, CNL3510P-NFBE-G, CNL3510P-NFBE-2.0-G, CNL3510P-NFBE-3.0-G, CNL3510A-NFBE-3.0-G, CNL3510C-NFBE-3.0-G, CNL3510D-NFBE-3.0-G, CNL3510E-NFBE-3.0-G, CNL3510F-NFBE-3.0-G, CNN3560P-NFBE-G, CNN3560P-NFBE-2.0-G, CNN3560P-NFBE-3.0-G, CNN3560-NFBE-G, CNN3560-NFBE-2.0-G, CNN3560-NFBE-3.0-G, CNN3560A-NFBE-3.0-G, CNN3560C-NFBE-3.0-G, CNN3560D-NFBE-3.0-G, CNN3560E-NFBE-3.0-G, CNN3560F-NFBE-3.0-G, CNN3530-NFBE-G, CNN3530-NFBE-2.0-G, CNN3530-NFBE-3.0-G, CNN3530A-NFBE-3.0-G, CNN3530C-NFBE-3.0-G, CNN3530D-NFBE-3.0-G, CNN3530E-NFBE-3.0-G, CNN3530F-NFBE-3.0-G, CNN3510-NFBE-G, CNN3510-NFBE-2.0-G, CNN3510-NFBE-3.0-G, CNN3510A-NFBE-3.0-G, CNN3510C-NFBE-3.0-G, CNN3510D-NFBE-3.0-G, CNN3510E-NFBE-3.0-G, CNN3510F-NFBE-3.0-G, CNN3510LP-NFBE-2.0-G, CNN3510LP-NFBE-3.0-G, CNN3510LPB-NFBE-2.0-G, CNN3510LPB-NFBE-3.0-G, CNN3510LPA-NFBE-3.0-G, CNN3510LPC-NFBE-3.0-G, CNN3510LPD-NFBE-3.0-G, CNN3510LPE-NFBE-3.0-G, CNN3510LPF-NFBE-3.0-G, CNN3505LP-NFBE-2.0-G, CNN3505LP-NFBE-3.0-G, CNN3505LPA-NFBE-3.0-G,CNN3505LPC-NFBE-3.0-G, CNN3505LPD-NFBE-3.0-G, CNN3505LPE-NFBE-3.0-G and CNN3505LPF-NFBE-3.0-G
Firmware Versions
CNN35XX-NFBE-FW-1.1 build 02 and CNN35XX-NFBE-FW-1.1 build 05

Vendor

Marvell
5488 Marvell Lane
Santa Clara, CA 95054
USA

Phanikumar Kancharla
pkancharla@marvell.com
Srinivas Mangipudi
smangipudi@marvell.com
Phone: +91-9949025466

Validation History

Date Type Lab
7/13/2022 Initial UL VERIFICATION SERVICES INC