CMVP Main Page

Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules

Historical, 1995-1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016
All

Last Updated: 7/06/2016

It is important to note that the items on this list are cryptographic modules. A module may either be an embedded component of a product or application, or a complete product in-and-of-itself. If the cryptographic module is a component of a larger product or application, one should contact the product or application vendor in order to determine how the product utilizes the embedded validated cryptographic module. There may be a larger number of security products or applications available which use an embedded validated cryptographic module, than the number of modules which are found in this list. In addition, other vendors, who are not found in this list, may incorporate a validated cryptographic module from this list embedded into their own products.

When selecting a module from a vendor, verify that the module is either the product or application itself (e.g. VPN, SmartCard, USB memory token, etc.) or the module is embedded in a larger product or application (e.g. toolkit, etc.). If the module is embedded in a product or application, ask the product or application vendor to provide a signed letter or statement affirming that the unmodified validated cryptographic module is integrated in the solution; the module provides all the cryptographic services in the solution; and provide reference to the modules validation certificate number from this listing.

NOTE1: Module descriptions are provided by the module vendors and have not been verified for accuracy by the CMVP. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-Approved mode. The algorithms, protocols, and cryptographic functions listed as "other algorithms" (e.g. allowed or non-FIPS-Approved algorithms) have not been tested through the CMVP.

NOTE2: The operator of a cryptographic module is responsible for ensuring that the algorithms and key lengths are in compliance with the requirements of NIST SP 800-131A.

NOTE3: All questions regarding the implementation and/or use of any module located on the CMVP module validation lists should first be directed to the appropriate vendor point-of-contact (listed for each entry).

Please contact the CMVP if any errors are discovered or comments with suggestions for improvement of the validation listings.

Cert#Vendor / CST LabCryptographic ModuleModule
Type
Val.
Date
Level / Description
39Chrysalis-ITS, Incorporated
One Chrysalis Way
Ottawa, Ontario K2G 6P9
Canada

Bill Cullen
TEL: 613-723-5077
FAX: 613-723-5069

CST Lab: NVLAP 200017-0
Luna2
(Firmware Version: 2.2)
(For services provided by the listed FIPS-Approved algorithms and using Triple-DES)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware12/08/1998Overall Level: 2

-Software Security: Level 3
-Self Tests: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #13)

-Other algorithms: DES (Cert. #32); Triple-DES (allowed for US Government use); CAST; CAST3; CAST5; RC2; RC4; RC5; MD2; MD5; RSA; Diffie-Hellman (key agreement)

Multi-chip standalone

"Luna2 is a hardware crypto engine for identification and authentication (I&A) and digital signing; supports encryption/decryption and random number generation. Its target is certification authority systems that require a secure key generation and signing capability. Luna2 is a token based on the PCMCIA standard - now known as PC Card."
38SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

Randy Kun
TEL: 613-723-5077
FAX: 613-723-5078

CST Lab: NVLAP 200017-0
LunaCA
(Firmware Version: 2.2)
(For services provided by the listed FIPS-Approved algorithms and using Triple DES)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware12/08/1998
10/18/2004
Overall Level: 2

-Software Security: Level 3
-Self Tests: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #13)

-Other algorithms: DES (Cert. #32); Triple-DES (allowed for US Government use); CAST; CAST3; CAST5; RC2; RC4; RC5; MD2; MD5; RSA; Diffie-Hellman (key agreement)

Multi-chip standalone

"LunaCA is a hardware crypto engine for identification and authentication (I&A) and digital signing; supports encryption/decryption and random number generation. Its target is certification authority systems that require a secure key generation and signing capability. LunCA is a token based on the PCMCIA standard - now known as PC Card."
36Litronic, Inc.
2030 Main St
Suite 1250
Irvine, CA 92614
USA

Robert Gray
TEL: 949-851-1085
FAX: 949-851-8588

CST Lab: NVLAP 100432-0
Argus/300 Security Adapter
(Hardware Versions: PN's 050-1038 and 024-0300 rev. B)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware11/25/1998
05/14/2004
Overall Level: 3

-FIPS Approved algorithms: SHA-1 (Cert. #41)

-Other algorithms: DES (Cert. #254)

Multi-chip embedded

"Cryptographic Module and Smart Card Reader."
35IBM® Corporation
2455 South Rd
Mail Station P339
Poughkeepsie, NY 12601-5400
USA

Helmy El-Sherif
TEL: 845-435-7033
FAX: 845-435-4092

CST Lab: NVLAP 100432-0
IBM 4758 PCI Cryptographic Coprocessor(Miniboot Layers 0 and 1)
(Hardware Versions: ID: PN IBM 4758-001, Miniboot 0 version B,Miniboot 1 version B)
(When configured for DSS Authentication)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware11/25/1998Overall Level: 4

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #16)

-Other algorithms: DES (Cert. #41); Triple-DES (allowed for US Government use); RSA

Multi-chip embedded

"The 4758 is a tamper-responding, programmable, cryptographic PCI card, containing CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, firmware, and software."
34nCipher Corporation Ltd.
100 Unicorn Park Dr
Woburn, MA 01801-3371
USA

Greg Dunne
TEL: 978-691-6487
FAX: 978-687-4442

CST Lab: NVLAP 200017-0
nFastnF75KM 1C, nF150KM 1C, and nF300KM 1CCryptographic Accelerators
(Firmware Version: v1.33.1)
(When operated in FIPS mode)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware11/18/1998Overall Level: 2

-Module Interfaces: Level 3
-Roles and Services: Level 2*
-Software Security: Level 3
-EMI/EMC: Level 3
-Self Tests: Level 2*
-Key Management: Level 2*
*(Level 3 is met in these areas when the "FIPS_level3" flag is set during initialization.)

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #11)

-Other algorithms: DES (Cert. #24); DES MAC; Triple-DES (allowed for US Government use); Triple-DES MAC; CAST; RSA; ElGamal; Diffie-Hellman (key agreement)

Multi-chip standalone

"The firmware is used in the nFast series of devices and has been validated on the nFast nF75KM 1C, nF150KM 1C, and nF300KM 1C Cryptographic Accelerators."
33Fortress™ Technologies, Inc.
2 Technology Park Dr
Westford, MA 01886-3140
USA

Certification Director
TEL: 978-923-6400
FAX: 978-923-6498

CST Lab: NVLAP 200002-0
NetFortress™ GVPN
(Hardware Version: 1)
(When factory configured in FIPS mode)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware11/18/1998
03/26/2010
05/17/2013
Overall Level: 2

-Other algorithms: DES (Cert. #23); Triple-DES (allowed for US Government use); IDEA

Multi-chip standalone

"VPN Encryptor."
32Dallas Semiconductor, Inc.
4401 Beltwood Pkwy
Dallas, TX 75244-3292
USA

Mr. Dennis Jarrett
TEL: 972-371-4416

CST Lab: NVLAP 200002-0
DS1954B Cryptographic iButton™
(Hardware Version: ID: B4-V1.02)
(When using vendor-initialized SHA-1 in transaction group 1)

(Note: This validation has been superseded by validation certificate #41, which meets an Overall Level 3)

Validated to FIPS 140-1

Certificate

Security Policy

Hardware10/28/1998Overall Level: 2

-Physical Security: Level 3 +EFP
-EMI/EMC: Level 3

-FIPS Approved algorithms: SHA-1 (Cert. #8)

-Other algorithms: MD5; RSA

Multi-chip standalone

"Provides hardware cryptographic services (e.g., secure private key storage, high-speed math accelerator for 1024-bit public key crypto, hashing). Services are provided using a single silicon chip packaged in a 16mm stainless steel case. Can be worn or attached to an object for info at point of use. Can withstand harsh outdoor environments and is durable for everyday wear."
31Neopost Ltd.
30955 Huntwood Ave.
Hayward, CA 94544-7084
USA

Neil Graver
TEL: 510-489-6800

CST Lab: NVLAP 200002-0
PostagePlus™ Client Communication Module
(Software Version: 1.0)

Validated to FIPS 140-1

Certificate

Security Policy
Software10/28/1998Overall Level: 1

-Operating System Security: Tested as meeting Level 1 for Windows95

-FIPS Approved algorithms: SHA-1 (Cert. #12)

-Other algorithms: DES (Cert. #38); Triple-DES (allowed for US Government use); RSA

Multi-chip standalone

"This module is part of the PostagePlus™ system that provides security services to support the secure accounting and cryptographic functions required to implement the United States Postal Service's Information-Based Indicia Program."
29SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

Randy Kun
TEL: 613-723-5077
FAX: 613-723-5078

CST Lab: NVLAP 200017-0
LunaCA³
(Firmware Version: 2.2)
(For services provided by the listed FIPS-Approved algorithms and using Triple DES)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware10/02/1998
10/18/2004
Overall Level: 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #13)

-Other algorithms: DES (Cert. #32); Triple-DES (allowed for US Government use) CAST, CAST3, CAST5, RC2, RC4, MD2, MD5, RSA; Diffie-Hellman (key agreement)

Multi-chip standalone
28nCipher Corporation Ltd.
100 Unicorn Park Dr
Woburn, MA 01801-3371
USA

Greg Dunne
TEL: 978-691-6487
FAX: 978-687-4442

CST Lab: NVLAP 200017-0
nFastnF75CA 00, nF150CA 00, and nF300CA 00 Cryptographic Accelerators
(Firmware Version: v1.33.1)
(When operated in FIPS mode)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware09/22/1998Overall Level: 3

-Roles and Services: Level 3*
-Self Tests: Level 3*
-Key Management: Level 3*
*(Level 3 is met in these areas when the "FIPS_level3" flag is set during initialization.)

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #11)

-Other algorithms: DES (Cert. #24); DES MAC; Triple-DES (allowed for US Government use), Triple-DES MAC, CAST, RSA, ElGamal; Diffie-Hellman (key agreement)

Multi-chip standalone

"The firmware is used in the nFast series of devices and has been validated on the nFast nF75CA 00, nF150CA 00, and nF300CA 00 Cryptographic Accelerators."
27nCipher Corporation Ltd.
100 Unicorn Park Dr
Woburn, MA 01801-3371
USA

Greg Dunne
TEL: 978-691-6487
FAX: 978-687-4442

CST Lab: NVLAP 200017-0
nFastnF75CA 1C, nF150CA 1C, and nF300CA 1CCryptographic Accelerators
(Firmware Version: v1.33.1)
(When operated in FIPS mode)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware09/22/1998Overall Level: 3

-Roles and Services: Level 3*
-Self Tests: Level 3*
-Key Management: Level 3*
*(Level 3 is met in these areas when the "FIPS_level3" flag is set during initialization.)

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #11)

-Other algorithms: DES (Cert. #24); DES MAC; Triple-DES (allowed for US Government use), Triple-DES MAC, CAST, RSA, ElGamal; Diffie-Hellman (key agreement)

Multi-chip standalone

"The firmware is used in the nFast series of devices and has been validated on the nFast nF75CA 1C, nF150CA 1C, and nF300CA 1C Cryptographic Accelerators.."
26SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0
Cylink Link Encryptor NRZ-L
(Firmware Versions: v1.03 and v1.04)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware09/11/1998
12/04/2003
10/18/2004
Overall Level: 2

-Physical Security: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #5)

-Other algorithms: DES (Certs. #11 and #26); Triple-DES (allowed for US Government use); Diffie-Hellman (key agreement)

Multi-chip standalone

"Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks."
25SafeNet, Inc.
4690 Millennium DriveSuite 300 Raleigh,
Belcamp, MD 21017
USA

Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0
Cylink Link Encryptor NRZ-H
(Firmware Versions: v1.03 and v1.04)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware09/11/1998
12/04/2003
10/18/2004
Overall Level: 2

-Physical Security: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #5)

-Other algorithms: DES (Certs. #11 and #26); Triple-DES (allowed for US Government use); Diffie-Hellman (key agreement)

Multi-chip standalone

"Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks."
24V-ONE Corporation, Inc.
20250 Century Blvd
Suite 300
Germantown, MD 20874
USA

Tim Armstrong
TEL: 301-515-5200 x5394

CST Lab: NVLAP 200002-0
SmartPass Virtual Cryptographic Authentication Token (VCAT)
(Software Version: 3.2)

Validated to FIPS 140-1

Certificate

Security Policy
Software09/11/1998
06/18/2003
Overall Level: 1

-EMI/EMC: Level 3
-Operating System Security: Tested as meeting Level 1 for Microsoft Windows95.

-FIPS Approved algorithms: SHA-1 (Cert.#10)

-Other algorithms: DES

Multi-chip standalone
23GTE Internetworking
70 Fawcett St.
Cambridge, MA 02140
USA

John Lowry
TEL: 617-873-2435

CST Lab: NVLAP 200002-0
SafeKeyper™ Signer
(Hardware Version: Release 4p)
(When initialized to DSA)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware09/11/1998Overall Level: 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #9)

-Other algorithms: DES (Cert. #22); RSA; MD2; MD5; Shamir Secret-sharing Algorithm

Multi-chip standalone
22SPYRUS, Inc.
2355 Oakland Road
Suite 1
San Jose, CA 95131
USA

Tom Dickens
TEL: 408-953-0700
FAX: 408-953-9835

CST Lab: NVLAP 200002-0
LYNKS Metering Device (LMD)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware08/13/1998Overall Level: 2

-Physical Security: Level 3 +EFT
-EMI/EMC: Level 3

-FIPS Approved algorithms: Skipjack (Cert. #1); DSA/SHA-1 (Cert. #1)

Multi-chip standalone
21nCipher Corporation Ltd.
100 Unicorn Park Dr
Woburn, MA 01801-3371
USA

Greg Dunne
TEL: 978-691-6487
FAX: 978-687-4442

CST Lab: NVLAP 200017-0
nFastnF75KM 00, nF150KM 00, and nF300KM 00 Cryptographic Accelerators
(Firmware Version: v1.33.1)
(When operated in FIPS mode)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware08/13/1998Overall Level: 2

-Module Interfaces: Level 3
-Roles and Services: Level 2*
-Software Security: Level 3
-EMI/EMC: Level 3
-Self-Tests: Level 2*
-Key Management: Level 2*
*(Level 3 is met in these areas when the "FIPS_level3" flag is set during initialization)

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #11)

-Other algorithms: DES (Cert. #24); DES MAC; Triple-DES (allowed for US Government use), Triple-DES MAC, CAST, RSA, ElGamal; Diffie-Hellman (key agreement)

Multi-chip standalone

"The firmware is used in the nFast series of devices and has been validated on the nFast nF75KM 00, nF150KM 00, and nF300KM 00 Cryptographic Accelerators."
20Entrust, Inc.
1000 Innovation Drive
Ottawa, Ontario K2K 3E7
Canada

Entrust Sales

CST Lab: NVLAP 200017-0
Entrust Cryptographic Kernel, v4.0
(When operated in FIPS mode)

Validated to FIPS 140-1

Certificate

Security Policy
Software07/30/1998
07/18/2002
05/28/2014
Overall Level: 1

-EMI/EMC: Level 3
-Operating System Security: Tested as meeting Level 1 for Windows95 and WindowsNT 4.0 workstation (operated in single user mode).

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #10)

-Other algorithms: DES (Cert. #1); DES MAC; Triple-DES (allowed for US Government use); RC2; MD5; MD2; HMAC-SHA-1; HMAC-MD5; RSA; CAST; CAST3; CAST5; Diffie-Hellman (key agreement)

Multi-chip standalone

"This module is used in the Entrust family of products."
19Dallas Semiconductor, Inc.
4401 Beltwood Pkwy
Dallas, TX 75244-3292
USA

Mr. Dennis Jarrett
TEL: 972-371-4416

CST Lab: NVLAP 200002-0
DS1954 Cryptographic iButton™
(Hardware Version: ID: A7-V1.01)
(When using vendor-initialized SHA-1 in transaction group 1)

(Note: This validation has been superseded by validation certificate #41, which meets an Overall Level 3)

Validated to FIPS 140-1

Certificate

Security Policy

Hardware06/29/1998Overall Level: 2

-Physical Security: Level 3 +EFP
-EMI/EMC: Level 3

-FIPS Approved algorithms: SHA-1 (Cert. #8)

-Other algorithms: MD5; RSA

Multi-chip standalone

"Provides hardware cryptographic services (e.g., secure private key storage, high-speed math accelerator for 1024-bit public key crypto, hashing). Services are provided using a single silicon chip packaged in a 16mm stainless steel case. Can be worn or attached to an object for info at point of use. Can withstand harsh outdoor environments and is durable for everyday wear."
18Entrust, Inc.
1000 Innovation Drive
Ottawa, Ontario K2K 3E7
Canada

Entrust Sales

CST Lab: NVLAP 200017-0
Entrust Cryptographic Kernel, v3.1
(When operated in FIPS mode)

Validated to FIPS 140-1

Certificate

Security Policy
Software05/11/1998
07/18/2002
05/28/2014
Overall Level: 1

-EMI/EMC: Level 3
-Operating System Security: Tested as meeting Level 1 for Windows95 and WindowsNT 4.0 workstation (operated in single user mode).

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #10)

-Other algorithms: DES (Cert. #1); DES MAC; Triple-DES (allowed for US Government use); RC2; MD5; MD2; RSA; CAST; CAST3; CAST5; Diffie-Hellman (key agreement)

Multi-chip standalone

"This module is used in the Entrust family of products."
17GTE Internetworking
70 Fawcett St.
Cambridge, MA 02140
USA

John Lowry
TEL: 617-873-2435

CST Lab: NVLAP 200002-0
SafeKeyper™ Signer
(Hardware Version: Release 4)
(When initialized to DSA.)

(Note: This module has been superseded by Certificate #23)

Validated to FIPS 140-1

Certificate
Not Available

Security Policy

Hardware05/11/1998Overall Level: 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #9)

-Other algorithms: DES (Cert. #22); RSA; MD2; MD5; Shamir Secret-sharing Algorithm

Multi-chip standalone