CMVP Main Page

Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules

Historical , 1995-1997 , 1998 , 1999 , 2000 , 2001 , 2002 , 2003 , 2004 , 2005 , 2006 , 2007 , 2008 , 2009 , 2010 , 2011 , 2012 , 2013 , 2014 , 2015 , 2016
All

Last Update: 4/27/2016

It is important to note that the items on this list are cryptographic modules. A module may either be an embedded component of a product or application, or a complete product in-and-of-itself. If the cryptographic module is a component of a larger product or application, one should contact the product or application vendor in order to determine how the product utilizes the embedded validated cryptographic module. There may be a larger number of security products or applications available which use an embedded validated cryptographic module, than the number of modules which are found in this list. In addition, other vendors, who are not found in this list, may incorporate a validated cryptographic module from this list embedded into their own products.

When selecting a module from a vendor, verify that the module is either the product or application itself (e.g. VPN, SmartCard, USB memory token, etc.) or the module is embedded in a larger product or application (e.g. toolkit, etc.). If the module is embedded in a product or application, ask the product or application vendor to provide a signed letter or statement affirming that the unmodified validated cryptographic module is integrated in the solution; the module provides all the cryptographic services in the solution; and provide reference to the modules validation certificate number from this listing.

NOTE1: Module descriptions are provided by the module vendors and have not been verified for accuracy by the CMVP. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-Approved mode. The algorithms, protocols, and cryptographic functions listed as "other algorithms" (e.g. allowed or non-FIPS-Approved algorithms) have not been tested through the CMVP.

NOTE2: The operator of a cryptographic module is responsible for ensuring that the algorithms and key lengths are in compliance with the requirements of NIST SP 800-131A.

NOTE3: All questions regarding the implementation and/or use of any module located on the CMVP module validation lists should first be directed to the appropriate vendor point-of-contact (listed for each entry).

Please contact the CMVP if any errors are discovered or comments with suggestions for improvement of the validation listings.

Cert# Vendor / CST Lab Cryptographic Module Module
Type
Val.
Date
Level / Description
84 Pitney Bowes, Inc.
35 Waterview Dr
Shelton, CT 06484
USA

David Riley
TEL: 203-924-3500
FAX: 203-924-3385

CST Lab: NVLAP 100432-0
ClickStamp™ Online CCV
(Hardware Versions: ID: CCV assembly, ClickStamp™ Online CCV 1.40.5 and 1.40.23; KMS, K180034-AAA; IBM 4758-001 Cert. #35)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 12/22/1999
08/21/2001
Overall Level: 3

-Physical Security: Level 4 +EFP/EFT

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #23); Triple-DES (vendor affirmed)

-Other algorithms: DES (Cert. #58); RSA

Multi-chip embedded

"The module provides security services to support the secure accounting and cryptographic functions necessary for value evidencing of electronic transactions, such as the United States Postal Service Information-Based Indicium Program (USPS IBIP)."
83 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0
Cylink Link Encryptor NRZ E1-75ohms and Link Encryptor RS-232
(Firmware Versions: 1.25 and 1.26)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 12/22/1999
12/04/2003
10/18/2004
Overall Level: 2

-Physical Security: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #5); Triple-DES (DES Certs. #11 and #26, vendor affirmed)

-Other algorithms: DES (Certs. #11 and #26); Diffie-Hellman (key agreement)

Multi-chip standalone

"Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks."
82 Motorola, Inc.
Secure Design Center
IL02 Room 0509A
1301 East Algonquin Rd
Schaumburg, IL 60196
USA

Geoff Hobar
TEL: 847-576-9066
FAX: 847-538-2770

CST Lab: NVLAP 100432-0
ASTRO Subscriber Encryption Module
(Software Versions: 3.40, 3.43, 3.44, 3.46, 3.47 and 3.53a)
(When operated in FIPS mode by selection of the DES algorithm<P> <B>Universal Crypto Module (UCM), (v3.44)</B>)

Revoked
DES Transition Ended

Security Policy
Hardware 12/22/1999
03/30/2001
08/17/2001
10/04/2001
05/15/2002
09/10/2002
Overall Level: 1

-Roles and Services: Level 2
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (vendor affirmed)

-Other algorithms: DES; DES-XL; DVP-XL; DVI-XL; DVI-SPFL

Multi-chip embedded

"Encryption modules used in Motorola Astro™ Saber, Astro™ Spectra, Astro™ Consolette, and XTS3000 radios. Provides secure voice and data capabilities as well as APCO Over-the-Air-Rekeying and advanced key management."
81 IBM® Corporation
2455 South Rd
Mail Station P339
Poughkeepsie, NY 12601-5400
USA

Helmy El-Sherif
TEL: 845-435-7033
FAX: 845-435-4092

CST Lab: NVLAP 100432-0
IBM 4758 PCI Cryptographic Coprocessor (Miniboot Layers 0 and 1)
(Hardware Versions: ID: PN IBM 4758-013, Miniboot 0 version B, Miniboot 1 version B)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 11/29/1999
Overall Level: 3

-Physical Security: Level 3 +EFP/EFT
-Cryptographic Module Specification: Level 4
-Module Interfaces: Level 4
-Roles and Services: Level 4
-Finite State Machine Model: Level 4
-Software Security: Level 4
-EMI/EMC: Level 4
-Self Tests: Level 4
-Key Management.: Level 4

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #16); Triple-DES (vendor affirmed)

-Other algorithms: DES (Cert. #41); RSA

Multi-chip embedded

"The 4758 is a tamper-responding, programmable, cryptographic PCI card, containing CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, firmware, and software."
80 Dallas Semiconductor, Inc.
4401 Beltwood Pkwy
Dallas, TX 75244-3292
USA

Mr. Dennis Jarrett
TEL: 972-371-4416

CST Lab: NVLAP 200002-0
DS1954B-006 Cryptographic iButton™
(Hardware Version: ID: B7-V1.02)
(When using vendor-initialized SHA-1 in transaction group 1)<p>(Note: This validation supersedes validation certificate #63)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 11/29/1999
Overall Level: 3

-Physical Security: Level 3 +EFP

-FIPS Approved algorithms: SHA-1 (Cert. #8)

-Other algorithms: MD5; RSA

Multi-chip standalone

"Inside the steel perimeter, the secure accounting and cryptographic services are performed to meet the requirements of the United States Postal Service Information Based Indicia Program. See Cert. #41."
79 Motorola, Inc.
Secure Design Center
IL02 Room 0509A
1301 East Algonquin Rd
Schaumburg, IL 60196
USA

Jennifer Mitchell
TEL: 847-576-7251

CST Lab: NVLAP 200002-0
KVL 3000
(Hardware Version: CLN6738B; Firmware Version: R02.50.00)
(When operated in FIPS mode by selection of the DES algorithm)

Revoked
DES Transition Ended

Security Policy
Hardware 11/29/1999
Overall Level: 1

-Other algorithms: DES (Cert. #5); DES-XL; DVP-XL; DVI-XL; DVI-SPEL

Multi-chip standalone

"The KVL3000 Key Variable Loader is a battery-powered portable unit used to create, store, and transfer encryption keys used by Motorola's secure communications products. The KVL3000 supports the following Motorola encryption protocols: SECURENET™, Advanced SECURENET™, ASTRO™, and ASTRO™25 systems."
78 SPYRUS, Inc.
2355 Oakland Road
Suite 1
San Jose, CA 95131
USA

Tom Dickens
TEL: 408-953-0700
FAX: 408-953-9835

CST Lab: NVLAP 200002-0
LYNKS Privacy Card
(Hardware Version: 2.0; Firmware Version: 1.2)
(For services provided by the listed FIPS-Approved algorithms)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 11/29/1999
Overall Level: 2

-FIPS Approved algorithms: Skipjack (Cert. #1); DSA/SHA-1 (Cert. #1); Triple-DES (vendor affirmed)

-Other algorithms: DES (Cert. #50); RSA; Diffie-Hellman (key agreement); KEA; MD5

Multi-chip standalone

"The SPYRUS family of LYNKS Privacy Card tokens provides high performance, high assurance cryptographic processing in a personal, portable PC card form factor. The LYNKS Privacy Card product enables security- critical capabilities such as user authentication, message privacy and integrity, authentication, and secure storage in rugged, tamper-evident hardware."
77 Attachmate Corporation
424 Wards Corner Road
Loveland, OH 45140
USA

Bill Evans
TEL: 513-794-8140

CST Lab: NVLAP 200002-0
CryptoConnect ETS
(Software Version: 2.2.1)
(For services provided by the listed FIPS-Approved algorithms)

Validated to FIPS 140-1

Certificate

Security Policy
Software 11/29/1999
Overall Level: 1

-EMI/EMC: Level 3
-Operating System Security: Tested as meeting Level 1 with Microsoft Windows95, Windows98, and WindowsNT 4.0, with SP3 or later (single- user mode).

-FIPS Approved algorithms: Triple-DES (vendor affirmed); DSA/SHA-1 (Cert. #18)

-Other algorithms: DES (Cert. #46); RSA (encryption); RC2; RC4

Multi-chip standalone

"CryptoConnect ETS is an INFOConnect transport system that provides encryption of all data between Attachmate's PEP/UTS client and Unisys 2200/ClearPath/IX Systems."
76 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Dave Friant
TEL: 425-704-7984

CST Lab: NVLAP 200002-0
Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enchanced Cryptographic Provider, and Enhanced Cryptographic Provider
(Software Version: 5.0.2150.1)
(For services provided by the listed FIPS-Approved algorithms)

Validated to FIPS 140-1

Certificate

Security Policy
Software 11/09/1999
10/15/2007
Overall Level: 1

-EMI/EMC: Level 3
-Operating System Security: Tested as meeting Level 1 with Microsoft Windows2000 (operated in single-user mode).

-FIPS Approved algorithms: Triple-DES (vendor affirmed); DSA/SHA-1 (Certs. #28 and 29); RSA (vendor affirmed)

-Other algorithms: DES (Certs. #65, 66, 67 and 68); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"These are general-purpose software-based cryptomodules. They provide services that enable application developers to utilize several different cryptographic algorithms and functions via the Microsoft CryptoAPI without knowing the underlying implementation."
75 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Dave Friant
TEL: 425-704-7984

CST Lab: NVLAP 200002-0
Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enchanced Cryptographic Provider, and Enhanced Cryptographic Provider
(Software Versions: 5.0.1877.6 and 5.0.1877.7)
(For services provided by the listed FIPS-Approved algorithms)

Validated to FIPS 140-1

Certificate

Security Policy
Software 11/09/1999
10/15/2007
Overall Level: 1

-EMI/EMC: Level 3
-Operating System Security: Tested as meeting Level 1 with Microsoft Windows95 and Windows98 (operated in single-user mode).

-FIPS Approved algorithms: Triple-DES (vendor affirmed); SHA-1 (Certs. #20 and 21); DSA/SHA-1 (Certs. #25 and 26); RSA (vendor- affirmed)

-Other algorithms: DES (Certs. #61, 62, 63 and 64); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"These are general-purpose software-based cryptomodules. They provide services that enable application developers to utilize several different cryptographic algorithms and functions via the Microsoft CryptoAPI without knowing the underlying implementation."
74 RedCreek Communications
3900 Newpark Mall Rd
Newark, CA 94056
USA

Nicholas Brigman, Product Marketing
TEL: 510-795-6919

CST Lab: NVLAP 200002-0
Personal Ravlin
(Hardware Version: v08; Firmware Version: v3.32 Standard)
(For services provided by the listed FIPS-Approved algorithms)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 11/04/1999
Overall Level: 2

-FIPS Approved algorithms: Triple-DES (vendor affirmed); DSA/SHA-1 (Cert. #22)

-Other algorithms: DES (Cert. #53); MD5

Multi-chip standalone

"The Personal Ravlin is a cost-effective network security solution. It addresses the needs of individual remote users who access corporations via cable, xDSL, and ISDN modems. It is also an ideal solution for network administrators who seek to establish private communications within a corporate intranet by providing security at the desktop level."
73 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0
Cylink Link Encryptor NRZ-L
(Firmware Versions: v1.25 and v1.26)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 10/25/1999
12/04/2003
10/18/2004
Overall Level: 2

-Physical Security: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #5)

-Other algorithms: DES (Certs. #11 and #26); Triple-DES (allowed for US and Canadian Government use); Diffie-Hellman (key agreement)

Multi-chip standalone

"Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks."
72 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0
Cylink Link Encryptor NRZ-H
(Firmware Versions: v1.25 and v1.26)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 10/25/1999
12/04/2003
10/18/2004
Overall Level: 2

-Physical Security: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #5)

-Other algorithms: DES (Certs. #11 and #26); Triple-DES (allowed for US and Canadian Government use); Diffie-Hellman (key agreement)

Multi-chip standalone

"Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks."
71 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0
Cylink Frame Encryptor CFE-L
(Hardware Versions: revisions 4 and 5; Firmware Versions: v4.02 and v4.04)
(When operated in FIPS mode)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 09/13/1999
12/04/2003
10/18/2004
Overall Level: 3

-Module Interfaces: Level 3*
-Roles and Services: Level 3*
*(Level 3 - Console interface disabled
Level 2 - Console interface enabled.)

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #5)

-Other algorithms: DES (Certs. #11 and #20); Triple-DES (allowed for US and Canadian Government use); Diffie-Hellman (key agreement)

Multi-chip standalone

"Cylink Frame Encryptors secure sensitive data transmitted over high-speed, Frame Relay communication links."
70 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0
Cylink Frame Encryptor CFE-H
(Hardware Versions: revisions 4 and 5; Firmware Versions: v4.02 and v4.04)
(When operated in FIPS mode)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 09/13/1999
07/18/2002
12/04/2003
10/18/2004
Overall Level: 3

-Module Interfaces: Level 3*
-Roles and Services: Level 3*
*(Level 3 - Console interface disabled
Level 2 - Console interface enabled.)

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #5)

-Other algorithms: DES (Certs. #11 and #20); Triple-DES (allowed for US and Canadian Government use); Diffie-Hellman (key agreement)

Multi-chip standalone

"Cylink Frame Encryptors secure sensitive data transmitted over high-speed, Frame Relay communication links."
69 Mykotronx, Inc.
357 Van Ness Way
Suite 200
Torrance, CA 90501
USA

Kevin Cook
TEL: 310-533-8100
FAX: 310-533-0527

CST Lab: NVLAP 100432-0
FORTEZZA Crypto Card
(Hardware Version: Part Number 650000-2)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 09/13/1999
Overall Level: 2

-EMI/EMC: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #2); Skipjack (Cert. #2)

-Other algorithms: KEA

Multi-chip standalone

"The Mykotronx FORTEZZA card is a PC Card hardware token for advanced cryptography and authorization methods. The card incorporates the National Security Agency-certified CAPSTONE RISC-based cryptographic processor."
68 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Dave Friant
TEL: 425-704-7984

CST Lab: NVLAP 200002-0
Base Cryptographic Provider, Enhanced Cryptographic Provider, Base DSS Cryptographic Provider, and DSS/Diffie-Hellman Enchanced Cryptographic Provider
(Software Versions: 5.0.1877.6 and 5.0.1877.7)
(For services provided by the listed FIPS-Approved algorithms and using Triple DES)

Validated to FIPS 140-1

Certificate

Security Policy
Software 09/13/1999
10/15/2007
Overall Level: 1

-EMI/EMC: Level 3
-Operating System Security: Tested as meeting Level 1 with Microsoft WindowsNT 4.0 with Service Pack 6 (operated in single-user mode).

-FIPS Approved algorithms: SHA-1 (Certs. #20 and 21); DSA/SHA- 1 (Certs. #25 and 26); RSA (vendor affirmed)

-Other algorithms: DES (Certs. #61, 62, 63 and 64); Triple-DES (allowed for US and Canadian Government use); RC2; RC4; MD2; MD4; MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"These are general-purpose software-based cryptomodules. They provide services that enable application developers to utilize several different cryptographic algorithms and functions via the Microsoft CryptoAPI without knowing the underlying implementation."
67 Admiral Secure Products, Ltd.
866 Mantle Crescent
Mississauga, Ontario L5V 2G3
Canada

Alex Chartier
TEL: 905-542-3351

CST Lab: NVLAP 100432-0
CERTIFAX Fax Encryptor CF3102
(ID: firmware version 2.21)
(When operated in FIPS mode using the listed FIPS-approved algorithms, and Triple DES not valid for FS1000 interoperability)

Validated to FIPS 140-1

Certificate

Security Policy
Firmware 09/13/1999
10/24/2002
Overall Level: 3

-Self Tests: Level 4

-FIPS Approved algorithms: SHA-1 (Cert. #15)

-Other algorithms: DES (Cert. #42); Triple-DES (allowed for US and Canadian Government use); ECDSA; ECMQV2; Diffie-Hellman (key agreement)

Multi-chip standalone

"CERTIFAX 3000 secures sensitive facsimile communications from inadvertent or intentional disclosure. CERTIFAX ensures faxes get to the intended recipient every time, that the contents are never disclosed to unauthorized parties, that the sender is who it claims to be, and that the message is always kept private and unaltered. CERTIFAX provides two-way authentication using Certicom's Elliptic Curve Cryptography, and strong encryption using Triple DES. CERTIFAX's secure mailbox memory provides storage and retrieval for incoming faxes, and CERTIFAX can support up to 99 secure Virtual Private Fax Networks. The CF3102 also implements a non-FIPS mode for communications with Certicom's Legacy Fax Secret 1000 fax encryptor."
66 Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

Juan C. Asenjo
TEL: 888-744-4976 x6202
FAX: 954-888-6211

CST Lab: NVLAP 200002-0
Datacryptor® 2000 (DC2K) Link / Channelized / Frame Relay
(Hardware Version: Issue 2 Motherboard; Software Version: 1.02.36)
(When key zeroization is enabled)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 09/08/1999
01/08/2003
05/19/2003
10/13/2005
Overall Level: 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #24)

-Other algorithms: DES (Cert. #57); Triple-DES (allowed for US and Canadian Government use); Diffie-Hellman (key agreement)

Multi-chip standalone

"The Datacryptor 2000 is a stand-alone multi-chip cryptographic module that secures communications using signed Diffie-Hellman key exchange and Triple-DES encryption. The unit also provides integrated secure unit management capability employing the same techniques used for traffic encryption."
65 RedCreek Communications
3900 Newpark Mall Rd
Newark, CA 94056
USA

Nicholas Brigman, Product Marketing
TEL: 510-795-6919

CST Lab: NVLAP 200002-0
Ravlin 10
(Hardware Version: v 09; Software Version: v 3.32 Radius)
(For services provided by the listed FIPS-Approved algorithms and using Triple DES)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 09/08/1999
Overall Level: 2

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #22)

-Other algorithms: DES (Cert. #53); Triple-DES (allowed for US and Canadian Government use); MD5

Multi-chip standalone

"The Ravlin 10/5100 is a network security solution that performs encryption and decryption with a throughput of the theoretical maximum of Ethernet (or wire speed). Network administrators use it to establish private communications within secure intranets (between corporate divisions, workgroups, branch offices, and individuals) or within secure extranets (between customers, suppliers, and strategic partners). This may be done over private or public IP networks."
64 PGP Corporation
200 Jefferson Dr.
Menlo Park, CA 94025
USA

Vinnie Moscaritolo
TEL: 650-319-9000
FAX: 650-319-9001

CST Lab: NVLAP 100432-0
PGP Cryptographic SDK
(Software Version: 1.5)
(When operated in FIPS mode using the listed FIPS-approved algorithms and using Triple DES)

Validated to FIPS 140-1

Certificate

Security Policy
Software 08/26/1999
02/20/2003
03/07/2008
07/28/2008
Overall Level: 2

-Operating System Security: Tested as meeting Level 2 with Compaq DeskPro 5/166 w/ WindowsNT Workstation 3.51 w/ Service Pack 4 (ITSEC-rated).

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #20)

-Other algorithms: DES (Cert. #40); Triple-DES (allowed for US Government use); RSA, El Gamal; CAST5; IDEA; MD5; RIPEMD60; HMAC; Shamir Threshold Secret Sharing

Multi-chip standalone

"The PGP SDK provides all cryptographic and key management functionality for the PGP suite of products, including PGP Desktop Security, PGPnet VPN Client, PGPdisk and the PGP Certificate Server. This is a high-level toolkit for use with C/C++ applications on Windows. It also supports PGP/MIME, TLS, Certificate Server management, LDAP, and Blakely-Shamir Key Splitting, as well as many user interface components for simple integration into other applications. PGP SDK implements only strong cryptography, and the source code is published in book form for peer review."
63 Dallas Semiconductor, Inc.
4401 Beltwood Pkwy
Dallas, TX 75244-3292
USA

Mr. Dennis Jarrett
TEL: 972-371-4416

CST Lab: NVLAP 200002-0
DS1954B Cryptographic iButton™
(Hardware Version: ID: B7-V1.02)
(When using vendor-initialized SHA-1 in transaction group 1)<p>(Note: This validation is superseded by validation certificate #80)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 08/26/1999
Overall Level: 3

-Physical Security: Level 3 +EFP

-FIPS Approved algorithms: SHA-1 (Cert. #8)

-Other algorithms: MD5; RSA

Multi-chip standalone

"Inside the steel perimeter, the secure accounting and cryptographic services are performed to meet the requirements of the United States Postal Service Information Based Indicia Program. See Cert. #41."
62 Francotyp-Postalia GmbH
Triftweg 21-26
Birkenwerder D-16547
Birkenwerder, D-16547
Germany

Andreas Wagner

CST Lab: NVLAP 100432-0
Francotyp-Postalia Security Module (FPSM)
(Hardware Version: 1.0; Software Version: 1.1)
(When operated in FIPS mode using using Triple DES)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 08/17/1999
Overall Level: 2

-Physical Security: Level 3
-Key Management: Level 3
-Module Interfaces: Level 3
-Software Security: Level 3
-Self Tests: Level 3
-EMI/EMC: Level 3

-Other algorithms: DES (Cert. #59); Triple-DES (allowed for US Government use)

Multi-chip embedded

"The FPSM is a multi-chip embedded cryptomodule. The FPSM is embedded in Postage Meters and provides security services to support the secure accounting and cryptographic functions necessary to implement a value evidencing apparatus."
61 Kasten Chase Applied Research, Ltd.
5100 Orbitor Drive
Mississauga, Ontario L4W 4Z4
Canada

Cyril Fernandes
TEL: 905-238-6900 x3310
FAX: 905-212-2003

CST Lab: NVLAP 200002-0
Palladium Secure Modem / FORTEZZA CryptoCard
(Hardware Version: 1.5; Software Version: p1.81)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 08/11/1999
Overall Level: 1

-EMI/EMC: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #2); Skipjack (Cert. #2)

Multi-chip standalone
60 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Dave Friant
TEL: 425-704-7984

CST Lab: NVLAP 200002-0
DSS/Diffie-Hellman Enhanced Cryptographic Provider
(Software Version: 5.0.1998.1)
(For services provided by the listed FIPS-Approved algorithms and using Triple DES)

Validated to FIPS 140-1

Certificate

Security Policy
Software 08/05/1999
10/15/2007
Overall Level: 1

-EMI/EMC: Level 3
-Operating System Security: Tested as meeting Level 1 with Microsoft WindowsNT 4.0 with Service Pack 4 (operated in single-user mode).

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #17)

-Other algorithms: DES (Cert. #45); Triple-DES (allowed for US Government use); RC2; RC4; MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"Microsoft's DSSENH is a general-purpose software-based cryptographic module. It provides services that enable application developers to utilize several different cryptographic algorithms and functions via the Microsoft CryptoAPI without knowing the underlying implementation."
59 Admiral Secure Products, Ltd.
866 Mantle Crescent
Mississauga, Ontario L5V 2G3
Canada

Alex Chartier
TEL: 905-542-3351

CST Lab: NVLAP 100432-0
CERTIFAX Fax Encryptor CF3002 and CF3003
(ID: firmware version 2.20)
(When operated in FIPS mode)

Validated to FIPS 140-1

Certificate

Security Policy
Firmware 08/05/1999
10/24/2002
Overall Level: 3

-Self Tests: Level 4

-FIPS Approved algorithms: SHA-1 (Cert. #15)

-Other algorithms: DES (Cert. #42); Triple-DES (allowed for US Government use); ECDSA; ECMQV2; Diffie-Hellman (key agreement)

Multi-chip standalone

"CERTIFAX 3000 secures sensitive facsimile communications from inadvertent or intentional disclosure. CERTIFAX ensures faxes get to the intended recipient every time, that the contents are never disclosed to unauthorized parties, that the sender is who it claims to be, and that the message is always kept private and unaltered. CERTIFAX provides two-way authentication using Certicom's Elliptic Curve Cryptography, and strong encryption using Triple DES. CERTIFAX's secure mailbox memory provides storage and retrieval for incoming faxes, and CERTIFAX can support up to 99 secure Virtual Private Fax Networks."
58 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

Randy Kun
TEL: 613-723-5077
FAX: 613-723-5078

CST Lab: NVLAP 200017-0
LunaCA³
(Firmware Versions: 3.2, 3.9 and 3.93)
(For services provided by the listed FIPS-Approved algorithms and using Triple DES)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 08/05/1999
09/14/2001
10/18/2004
Overall Level: 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #13); RSA (vendor affirmed)

-Other algorithms: DES (Cert. #32); Triple-DES (allowed for US Government use); CAST; CAST3; CAST5; RC2; RC4; MD2; MD5; Diffie-Hellman (key agreement)

Multi-chip standalone
57 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

Randy Kun
TEL: 613-723-5077
FAX: 613-723-5078

CST Lab: NVLAP 200017-0
LunaCA
(Firmware Version: 3.2)
(For services provided by the listed FIPS-Approved algorithms and using Triple DES)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 08/05/1999
10/18/2004
Overall Level: 2

-Software Security: Level 3
-Self Tests: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #13); RSA (vendor affirmed)

-Other algorithms: DES (Cert. #32); Triple-DES (allowed for US Government use); CAST; CAST3; CAST5; RC2; RC4; RC5; MD2; MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"LunaCA is a hardware crypto engine for identification and authentication (I&A) and digital signing; supports encryption/decryption and random number generation. Its target is certification authority systems that require a secure key generation and signing capability. LunCA is a token based on the PCMCIA standard - now known as PC Card."
56 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

Randy Kun
TEL: 613-723-5077
FAX: 613-723-5078

CST Lab: NVLAP 200017-0
Luna2
(Firmware Versions: 3.2 and 3.9)
(For services provided by the listed FIPS-Approved algorithms and using Triple DES)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 08/08/1999
09/14/2001
10/18/2004
Overall Level: 2

-Software Security: Level 3
-Self Tests: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #13); RSA (vendor affirmed)

-Other algorithms: DES (Cert. #32); Triple-DES (allowed for US Government use); CAST; CAST3; CAST5; RC2; RC4; RC5; MD2; MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"Luna2 is a hardware crypto engine for identification and authentication (I&A) and digital signing; supports encryption/decryption and random number generation. Its target is certification authority systems that require a secure key generation and signing capability. Luna2 is a token based on the PCMCIA standard - now known as PC Card."
55 Admiral Secure Products, Ltd.
866 Mantle Crescent
Mississauga, Ontario L5V 2G3
Canada

Alex Chartier
TEL: 905-542-3351

CST Lab: NVLAP 200002-0
Elliptic Curve Security Module (CLv)
(Hardware Version: R4; Firmware Version: R1.4.1)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 06/21/1999
10/24/2002
Overall Level: 2

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #19)

-Other algorithms: DES (Cert. #51); Triple-DES (allowed for US Government use); EC-DH

Multi-chip embedded
54 TimeStep Corporation
359 Terry Fox Dr
Kanata, Ontario K2K 2E7
Canada

Brett Howard
TEL: 613-599-3610 x4554
FAX: 613-599-3617

CST Lab: NVLAP 200017-0
PERMIT/Gate 2520™ Cryptographic Module
(Hardware Version: 1.20)
(When operated in FIPS mode)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 06/15/1999
Overall Level: 2

-Software Security: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #21)

-Other algorithms: DES; Triple-DES (allowed for US Government use); MD5

Multi-chip standalone

"PERMIT/Gate 2520™ is a high-speed VPN component of the PERMIT™ Enterprise product suite. It is a tamper-resistant gateway that secures data communications for Intranets, Extranets, and Internet remote access. The 2520 has 4Mbps throughput."
53 TimeStep Corporation
359 Terry Fox Dr
Kanata, Ontario K2K 2E7
Canada

Brett Howard
TEL: 613-599-3610 x4554
FAX: 613-599-3617

CST Lab: NVLAP 200017-0
PERMIT/Gate 4520™ Cryptographic Module
(Hardware Version: 1.20)
(When operated in FIPS mode)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 06/15/1999
Overall Level: 2

-Software Security: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #21)

-Other algorithms: DES; Triple-DES (allowed for US Government use); MD5

Multi-chip standalone

"PERMIT/Gate 4520™ is a high-speed VPN component of the PERMIT™ Enterprise product suite. It is a tamper-resistant gateway that secures data communications for Intranets, Extranets, and Internet remote access. The 4520 has 10Mbps throughput. The 4520 is the same as the 2520, except that the 4520 has a faster CPU, running at a higher bus frequency."
52 Admiral Secure Products, Ltd.
866 Mantle Crescent
Mississauga, Ontario L5V 2G3
Canada

Alex Chartier
TEL: 905-542-3351

CST Lab: NVLAP 100432-0
CERTIFAX Fax Encryptor CF3001
(ID: firmware version 2.2)
(When operated in FIPS mode)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 06/15/1999
10/24/2002
Overall Level: 3

-Self Tests: Level 4

-FIPS Approved algorithms: SHA-1 (Cert. #15)

-Other algorithms: DES (Cert. #42); Triple-DES (allowed for US Government use); ECDSA; ECMQV2

Multi-chip standalone

"CERTIFAX 3000 secures sensitive facsimile communications from inadvertent or intentional disclosure. CERTIFAX provides two-way authentication using Certicom's Elliptic Curve Cryptography, and strong encryption using Triple DES. CERTIFAX can support up to 99 secure Virtual Private Fax Networks."
51 Pitney Bowes, Inc.
1 Elmcroft Rd
Stamford, CT 06926-0700
USA

Frederick W. Ryan, Jr.
TEL: 203-924-3500
FAX: 203-924-3385

CST Lab: NVLAP 100432-0
Clickstamp
(Hardware Versions: Part #P200, AAA; AAB - 03/15/2000)
(Validated only for the DES MAC authenticated services: Credit, Put IBIP Data, and Zeroize Keys)

Revoked
DES Transition Ended

Security Policy
Hardware 05/10/1999
Overall Level: 3

-FIPS Approved algorithms: SHA-1 (Cert. #11)

-Other algorithms: DES (Cert. #35); RSA

Multi-chip standalone

"The module provides security services to support the secure accounting and cryptographic functions necessary for value evidencing of electronic transactions, such as the United States Postal Service Information-Based Indicium Program (USPS IBIP)."
50 RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

Rohit Mathur
TEL: +61 7 3032 5220

CST Lab: NVLAP 200002-0
BSAFE Crypto-C Toolkit, Version 4.11
(Software Version: 4.11)
(For services provided by the listed FIPS-Approved algorithms and using Triple DES)

Validated to FIPS 140-1

Certificate

Security Policy
Software 04/29/1999
01/04/2008
10/16/2008
09/07/2010
03/28/2011
01/24/2013
02/12/2016
Overall Level: 1

-EMI/EMC: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #18)

-Other algorithms: DES (Cert. #46); Triple-DES (allowed for US Government use); RSA; MD2; MD5; HMAC; DESX; RC2; RC4; Elliptic Curve (F2&Fp); Elliptic Curve Encryption Scheme; Elliptic Curve DSA; Bloom-Shamir

Multi-chip standalone

"Cryptographic Toolkit provides cryptographic services to calling applications."
49 Intel Network Systems, Inc.
2 Eva Road
Suite 220
Toronto, Ontario M9C 2A8
Canada

Robert Eng
TEL: 416-622-8987
FAX: 416-622-7577

CST Lab: NVLAP 200017-0
LAN Rover VPN Gateway (LRVG) V6.59
(Firmware Version: V6.59)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 04/28/1999
Overall Level: 2

-Software Security: Level 3
-EMI/EMC: Level 3

-FIPS Approved algorithms: SHA-1 (Cert. #18)

-Other algorithms: DES; Triple-DES (allowed for US Government use)

Multi-chip standalone

"The LRVG is a network packet encryption device which incorporates firewall and tunneling functionality compatible with a variety of protocols over Ethernet, V.35, and RS-232."
48 SPYRUS, Inc.
2355 Oakland Road
Suite 1
San Jose, CA 95131
USA

Tom Dickens
TEL: 408-953-0700
FAX: 408-953-9835

CST Lab: NVLAP 200002-0
FORTEZZA Crypto Card
(Hardware Version 0.1, Firmware v0.5, v0.6 and v0.7) Jumbo FORTEZZA Crypto Card (Hardware Version 0.2, Firmware vA1)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 04/23/1999
05/14/2001
06/18/2003
Overall Level: 2

-FIPS Approved algorithms: Skipjack (Cert. #1); DSA/SHA-1 (Cert. #1)

-Other algorithms: KEA

Multi-chip standalone

"SPYRUS's FORTEZZA is a PC Card that is used to provide cryptographic services."
47 Netscape Communications Corporation
6905 Rockledge Dr
Suite 820
Bethesda, MD 20817
USA

Ed Hicks
TEL: 301-571-3900

Mitch Green

CST Lab: NVLAP 100432-0
Netscape Security Module 1.01
(Software Version: ID: fipscm_v1.01)
(When operated in FIPS mode and when correctly implementing the tamper evident mechanism specified in the security policy.)

Validated to FIPS 140-1

Certificate
Not Available

Security Policy
Software 03/17/1999
Overall Level: 2

-Physical Security: Level 2
-Operating System Security: Tested as meeting Level 2 with Sun Ultra-5 w/ Sun Trusted Solaris version 2.5.1 (ITSEC-rated).

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #14); RSA (vendor affirmed)

-Other algorithms: DES (Certs. #33 and #34); Triple-DES (allowed for US Government use); RC2; RC4; MD2; MD5

Multi-chip standalone

"Security module used in various Netscape products."
46 SPYRUS, Inc.
2355 Oakland Road
Suite 1
San Jose, CA 95131
USA

Tom Dickens
TEL: 408-953-0700
FAX: 408-953-9835

CST Lab: NVLAP 200002-0
LYNKS Metering Device (LMD)
(Firmware Version: 9012)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 03/17/1999
Overall Level: 2

-Physical Security: Level 3 +EFT

-FIPS Approved algorithms: Skipjack (Cert. #1); DSA/SHA-1 (Cert. #1)

Multi-chip standalone
45 Netscape Communications Corporation
6905 Rockledge Dr
Suite 820
Bethesda, MD 20817
USA

Ed Hicks
TEL: 301-571-3900

Mitch Green

CST Lab: NVLAP 100432-0
Netscape Security Module 1.01
(Software Version: ID: fipscm_v1.01)
(When operated in FIPS mode)

Validated to FIPS 140-1

Certificate
Not Available

Security Policy
Software 03/17/1999
Overall Level: 1

-Operating System Security: Tested as meeting Level 1 for WindowsNT 4.0 workstation (single-user mode).

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #14); RSA (vendor affirmed)

-Other algorithms: DES (Certs. #33 and #34); Triple-DES (allowed for US Government use); RC2; RC4; MD2; MD5

Multi-chip standalone

"Security module used in various Netscape products."
44 M/A Com, Inc.
221 Jefferson Ridge Parkway
Lynchburg, VA 24501
USA

John Casler
TEL: 434-455-6600
FAX: 434-455-6851

CST Lab: NVLAP 200002-0
Aegis MR-K I and II System/Scan Radios<br> VHF range: 136-174 MHz<br> UHF range: 378-500 MHz<br> 800 range: 806-870 MHz
(Hardware Versions: PK1GEXE, PK1PEXE, PK1XEXE, PK18EXE, PK2GEXE, PK2PEXE, PK2XEXE, PK28EXE, PK3GEXE, PK3PEXE, PK3XEXE, PK38EXE, (SYSTEM) PK2NEXE, (SCAN) PK3NEXE; Software Versions: Load: CXC 112 1279/1, Version: M2G30408)

Revoked
DES Transition Ended

Security Policy
Hardware 03/04/1999
11/16/2001
12/06/2001
04/05/2002
03/07/2003
03/13/2003
Overall Level: 1

-Other algorithms: DES (04/22/1994)

Multi-chip standalone

"The M-RK II System/Scan (AEGIS) and M-RK I handheld personal portable two-way FM radio is a high-quality, high performance FM radio. The radio is synthesized and operates in both trunked (EDACS™) and conventional communications systems. The trunked mode allows selection of either a communications group or an individual radio within a system. Both the selected group and the individual radio are secured through AEGIS digital signaling and DES encryption."
43 SafeNet, Inc.
4690 Millennium Drive
Suite 300
Belcamp, MD 21017
USA

Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 100432-0
Turbo Crypto Card (TCC), v09, 14.04
(Hardware Version: Part#: AB-14094-050-09)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 02/17/1999
12/04/2003
10/18/2004
Overall Level: 1

-EMI/EMC: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #5)

-Other algorithms: DES (Certs. #11and #20); Diffie-Hellman (key agreement)

Multi-chip embedded

"Turbo Crypto Card is used in a variety of Cylink's host encryption products, including the Secure Frame Unit (SFU) and the Secure Domain Unit (SDU)."
42 Fortress™ Technologies, Inc.
2 Technology Park Dr
Westford, MA 01886-3140
USA

Certification Director
TEL: 978-923-6400
FAX: 978-923-6498

CST Lab: NVLAP 200002-0
Segmented NetFortress™ GVPN-S
(Hardware Version: 1)
(When factory configured in FIPS mode and using Triple-DES)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 01/27/1999
03/26/2010
05/17/2013
Overall Level: 2

-EMI/EMC: Level 3

-Other algorithms: DES (Cert.#23); Triple-DES (allowed for US Government use); IDEA

Multi-chip standalone

"VPN Encryptor."
41 Dallas Semiconductor, Inc.
4401 Beltwood Pkwy
Dallas, TX 75244-3292
USA

Mr. Dennis Jarrett
TEL: 972-371-4416

CST Lab: NVLAP 200002-0
DS1954B Cryptographic iButton™
(Hardware Version: ID: B4-V1.02)
(When using vendor-initialized SHA-1 in transaction group 1)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 01/26/1999
Overall Level: 3

-Physical Security: Level 3 +EFP

-FIPS Approved algorithms: SHA-1 (Cert. #8)

-Other algorithms: MD5; RSA

Multi-chip standalone

"Provides hardware cryptographic services (e.g., secure private key storage, high-speed math accelerator for 1024-bit public key crypto, hashing). Services are provided using a single silicon chip packaged in a 16mm stainless steel case. Can be worn or attached to an object for info at point of use. Can withstand harsh outdoor environments and is durable for everyday wear."
40 IBM® Corporation
2455 South Rd
Mail Station P371
Poughkeepsie, NY 12601-5400
USA

Clark D. Norberg
TEL: 845-435-6434
FAX: 845-435-1858

Phil C. Yeh

CST Lab: NVLAP 100432-0
IBM S/390 CMOS Cryptographic Coprocessor
(Hardware Versions: ID: IBM Part #s 88H3637 and 29L3659)
(When configured for External Key Entry)

Validated to FIPS 140-1

Certificate

Security Policy
Hardware 01/07/1999
Overall Level: 4

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #4, 12); RSA (internal use)

-Other algorithms: DES (Certs. #7 and 29); Triple-DES (allowed for US Government use); CDM; MDC-2; MDC-4; Diffie-Hellman (key agreement); ANSI: X3106, X99, X919

Single-chip

"Encryption module for S/390 CMOS Enterprise Server family."