CMVP Main Page

Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules
1995-1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014,
All

Last Update: 6/26/2014

It is important to note that the items on this list are cryptographic modules. A module may either be an embedded component of a product or application, or a complete product in-and-of-itself. If the cryptographic module is a component of a larger product or application, one should contact the product or application vendor in order to determine how the product utilizes the embedded validated cryptographic module. There may be a larger number of security products or applications available which use an embedded validated cryptographic module, than the number of modules which are found in this list. In addition, other vendors, who are not found in this list, may incorporate a validated cryptographic module from this list embedded into their own products.

When selecting a module from a vendor, verify that the module is either the product or application itself (e.g. VPN, SmartCard, USB memory token, etc.) or the module is embedded in a larger product or application (e.g. toolkit, etc.). If the module is embedded in a product or application, ask the product or application vendor to provide a signed letter or statement affirming that the unmodified validated cryptographic module is integrated in the solution; the module provides all the cryptographic services in the solution; and provide reference to the modules validation certificate number from this listing.

NOTE1: Module descriptions are provided by the module vendors and have not been verified for accuracy by the CMVP. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-Approved mode. The algorithms, protocols, and cryptographic functions listed as "other algorithms" (e.g. allowed or non-FIPS-Approved algorithms) have not been tested through the CMVP.

NOTE2: The operator of a cryptographic module is responsible for ensuring that the algorithms and key lengths are in compliance with the requirements of NIST SP 800-131A.

NOTE3: All questions regarding the implementation and/or use of any module located on the CMVP module validation lists should first be directed to the appropriate vendor point-of-contact (listed for each entry).

Please contact the CMVP if any errors are discovered or comments with suggestions for improvement of the validation listings.

Cert# Vendor / CST Lab Cryptographic Module
Module
Type
Val.
Date
Level / Description
130 Entrust, Inc.
1000 Innovation Drive
Ottawa, Ontario K2K 3E7
Canada

-Entrust Sales

CST Lab: NVLAP 200017-0

Entrust Cryptographic Kernel, v5.1
(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Software 12/20/2000;
07/18/2002;
05/28/2014
Overall Level: 2 

-EMI/EMC: Level 3

-Operating System Security: Microsoft WindowsNT 4.0 with SP6a, TCSEC C2-rated on a Compaq ProLiant 7000 Server.

-FIPS Approved algorithms: Triple-DES (Cert. #6); DSA/SHA-1 (Cert. #10); RSA (vendor affirmed); ECDSA (vendor affirmed)

-Other algorithms: DES (Cert. #56); DES MAC; RC2; RC4; IDEA; MD5; MD2; RIPEMD-160; HMAC-SHA-1; HMAC-MD5; HMAC-RMD160; CAST; CAST3; CAST5; Diffie-Hellman (key agreement); Ephemeral-Static Diffie-Hellman

Multi-chip standalone

"This module is used in the Entrust® family of products."
129 nCipher Corporation Ltd.
500 Unicorn Park Dr
Woburn, MA 01810-3371
USA

-Sales
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nShield SCSI Ultrasign
and nShield SCSI
Cryptographic Accelerators

(Firmware v1.77.100; Hardware versions nC4032W-400, 150)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Hardware 12/20/2000;
09/14/2001;
03/09/2006;
03/15/2006
Overall Level: 3 

-Roles and Services: Level 3*
-Self Tests: Level 3*
-Key Management: Level 3*

*(Level 3 is met in these areas when the "FIPS_level3" flag is set during initialization.)

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #11); Triple-DES (DES Cert. #34); Triple-DES MAC; RSA (vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC; CAST5; HMAC (MD2, MD5, SHA-1 and RIPEMD160); ElGamal; Diffie-Hellman (key agreement)

Multi-chip standalone

"The nCipher nShield range of tamper resistent Hardware Security Modules improves the security of cryptographic keys and increases server throughput for digital signature and encryption applications. Supporting many commercial public key infrastructure (PKI) products such as certificate authorities and on-line validation servers, the nShield family of HSMs is also used for building custom security applications requiring secure and flexible key management."
128 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01810-3371
USA

-Sales
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nShield 300, nShield 150
and nShield 75
Cryptographic Accelerators

(Firmware v1.77.100; Hardware nC3031S-300, 150, 75, Build Standard E)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Hardware 12/20/2000;
09/14/2001;
03/09/2006;
03/15/2006
Overall Level: 3 

-Roles and Services: Level 3*
-Self Tests: Level 3*
-Key Management: Level 3*

*(Level 3 is met in these areas when the "FIPS_level3" flag is set during initialization.)

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #11); Triple-DES (DES Cert. #34); Triple-DES MAC; RSA (vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC; CAST5; HMAC (MD2, MD5, SHA-1; RIPEMD160); ElGamal; Diffie-Hellman (key agreement)

Multi-chip standalone

"The nCipher nShield range of tamper resistent Hardware Security Modules improves the security of cryptographic keys and increases server throughput for digital signature and encryption applications. Supporting many commercial public key infrastructure (PKI) products such as certificate authorities and on-line validation servers, the nShield family of HSMs is also used for building custom security applications requiring secure and flexible key management."
127 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01810-3371
USA

-Sales
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nForce SCSI 400
and nForce SCSI 150
Cryptographic Accelerators

(Firmware v1.77.100; Hardware versions nC3022W-400, 150)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Hardware 12/20/2000;
09/14/2001;
03/09/2006;
03/15/2006
Overall Level: 2 

-Roles and Services: Level 3*
-Software Security: Level 3
-EMI/EMC: Level 3
-Self Tests: Level 3*
-Key Management: Level 3*

*(Level 3 is met in these areas when the "FIPS_level3" flag is set during initialization.)

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #11); Triple-DES (Cert. #34); Triple-DES MAC; RSA (vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC; CAST5; HMAC (MD2, MD5, SHA-1 and RIPEMD160); ElGamal; and Diffie-Hellman (key agreement)

Multi-chip standalone

"The nCipher nForce family of secure e-commerce accelerators improves data security and increases server transaction throughput in applications using the Secure Socket Layer (SSL) protocol such as secure web servers, or application servers that process secure transactions. nForce provides hardware key storage in addition to off-loading the SSL cryptographic processing from the host CPU."
126 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01810-3371
USA

-Sales
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nForce 300, nForce 150
and nForce 75
Cryptographic Accelerators

(Firmware v1.77.100; Hardware nC3021S-300, 150, 75 Build Standard E)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Hardware 12/20/2000;
09/14/2001;
03/09/2006;
03/15/2006
Overall Level: 2 

-Roles and Services: Level 3*
-Software Security: Level 3
-EMI/EMC: Level 3
-Self Tests: Level 3*
-Key Management: Level 3*

*(Level 3 is met in these areas when the "FIPS_level3" flag is set during initialization.)

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #11); Triple-DES (Cert. #34); Triple-DES MAC; RSA (vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC; CAST5; HMAC (MD2, MD5, SHA-1 and RIPEMD160); ElGamal; and Diffie-Hellman (key agreement)

Multi-chip standalone

"The nCipher nForce family of secure e-commerce accelerators improves data security and increases server transaction throughput in applications using the Secure Socket Layer (SSL) protocol such as secure web servers, or application servers that process secure transactions. nForce provides hardware key storage in addition to off-loading the SSL cryptographic processing from the host CPU."
125 nCipher Corporation Ltd.
100 Unicorn Park Dr
Woburn, MA 01801-3371
USA

-Greg Dunne
TEL: 978-691-6487
FAX: 978-687-4442

CST Lab: NVLAP 200017-0

nForce 300, nForce 150
and nForce 75
Cryptographic Accelerators

(Firmware v1.54.28; Hardware Build Standard D)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Hardware 12/20/2000;
03/01/2001;
03/09/2006;
03/15/2006
Overall Level: 2 

-Roles and Services: Level 3*
-Software Security: Level 3
-EMI/EMC: Level 3
-Self Tests: Level 3*
-Key Management: Level 3*

*(Level 3 is met in these areas when the "FIPS_level3" flag is set during initialization.)

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #11); Triple-DES (Cert. #34); Triple-DES MAC; RSA (vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC; CAST5; HMAC (MD2, MD5, SHA-1 and RIPEMD160); ElGamal; and Diffie-Hellman (key agreement)

Multi-chip standalone

"The nCipher nFast/nForce/nShield range of hardware cryptographic accelerators increases server throughput in data security and electronic commerce applications such as: secure Web sites, financial transactions over the Internet, authenticated access to intranets and extranets, certification authorities and digital signatures, secure messaging including X.400/EDI."
124 Thales e-Security
2200 North Commerce Parkway
Suite 200
Weston, FL 33326
USA

-Juan C. Asenjo
TEL: 888-744-4976 x6202
FAX: 954-888-6211

CST Lab: NVLAP 200002-0

Datacryptor® 2000 (DC2K) X.25 / IP / ATM
(Hardware Version Issue 2 and Issue 3 Motherboard; Software Version 3.1)

(When key zeroization is enabled)

Validated to FIPS 140-1

Security Policy

Vendor Product Link
Hardware 12/07/2000;
01/08/2003;
05/19/2003;
10/13/2005
Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Cert. #31); DSA/SHA-1 (Cert. #24)

-Other algorithms: DES (Cert. #57); Diffie-Hellman (key agreement); Rijndael

Multi-chip standalone

"The Datacryptor 2000 is a stand-alone multi-chip cryptographic module that secures communications using signed Diffie-Hellman key exchange and Triple-DES encryption. The unit also provides integrated secure unit management capability employing the same techniques used for traffic encryption."
123 AEP Networks
Focus 31, West Wing
Cleveland Road
New Hempstead, Herts HP2 7BW
United Kingdom

-David Miller
TEL: +44 1442 458617

CST Lab: NVLAP 200017-0

Advanced Configurable Crypto Environment - Security Processor (ACCE SP and ACCE SP2)
(Hardware Version 1E,
Firmware Versions:
ACCE SP: v1.0 and v1.1
ACCE SP2: v2.1)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Hardware 12/07/2000;
11/05/2001;
11/09/2001;
12/04/2001;
07/22/2002;
10/04/2002;
04/21/2005
Overall Level: 4 

-FIPS Approved algorithms: Triple-DES (Certs. #23 and #24); Triple-DES MAC; DSA/SHA-1 (Cert. #36); RSA (vendor affirmed)

-Other algorithms: DES (Certs. #81 and #82); DES MAC; Diffie-Hellman (key agreement); MD5

Multi-chip embedded

"The ACCE SP & SP2 provide highly-secure cryptographic services and key storage. They are used in a range of AEP Networks and OEM products along with an application (the single user of the module) to provide custom functionality. Example uses are the Europay NSP (ACCE SP) and Europay ESP (ACCE SP2) which were developed for Europay, a major European financial institution."
122 IBM® Corporation
2455 South Rd
Mail Station P330
Poughkeepsie, NY 12601
USA

-Barry Ward
TEL: 845-435-4881
FAX: 845-435-5540

CST Lab: NVLAP 100432-0

IBM 4758-013 PCI Cryptographic Coprocessor with CP/Q++ (Layer 2)
(ID: P/N 04K9077 (FIPS 140-1 Cert. #81), Miniboot 0 version A, Miniboot 1 version A, CP/Q++ v1.26)

(When configured for DSS Authentication and using the listed FIPS-Approved algorithms)

Validated to FIPS 140-1

Security Policy

Hardware 11/15/2000 Overall Level: 3 

-Self Tests: Level 4

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #23)

-Other algorithms: DES (Cert. #58); DES MAC; Triple-DES; RSA (non-compliant)

Multi-chip embedded

"The 4758 secure coprocessor is a state-of-the-art, tamper-sensing and responding, programmable PCI card. Its specialized cryptographic electronics, along with a microprocessor, memory, and random number generator are housed within a tamper-responding environment to provide a highly secure subsystem in which data processing and cryptography can be performed."
121 IBM® Corporation
2455 South Rd
Mail Station P330
Poughkeepsie, NY 12601
USA

-Barry Ward
TEL: 845-435-4881
FAX: 845-435-5540

CST Lab: NVLAP 100432-0

IBM 4758-001 PCI Cryptographic Coprocessor with CP/Q++ (Layer 2)
(ID: P/N 04K9078 (FIPS 140-1 Cert. #35), Miniboot 0 version A, Miniboot 1 version A, CP/Q++ version)

(When configured for DSS Authentication and using the listed FIPS-Approved algorithms)

Validated to FIPS 140-1

Security Policy

Hardware 11/15/2000 Overall Level: 3 

-Physical Security: Level 4
-Self Tests: Level 4

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #23)

-Other algorithms: DES (Cert. #58); DES MAC; Triple-DES; RSA (non-compliant)

Multi-chip embedded

"The 4758 secure coprocessor is a state-of-the-art, tamper-sensing and responding, programmable PCI card. Its specialized cryptographic electronics, along with a microprocessor, memory, and random number generator are housed within a tamper-responding environment to provide a highly secure subsystem in which data processing and cryptography can be performed."
120 Alcatel
Managed IP Services
600 March Road
5T1
Kanata, Ontario K2K 2E6
Canada

-Doug Wiemer
TEL: 613-784-3146
FAX: 613-599-3617

CST Lab: NVLAP 200017-0

TimeStep PERMIT/Gate™ 7520 series 20 and 30 / Alcatel 7137
(Hardware TSCMP30 v2.00; Software versions 3.00.026 and 3.01.026)

(When operated in FIPS-compliant "Secure" and "Minimum" modes)

Validated to FIPS 140-1

Security Policy

Hardware 10/12/2000 Overall Level: 2 

-Physical Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #26); DSA/SHA-1 (Cert. #21)

-Other algorithms: DES; Diffie-Hellman (key agreement); MD5

Multi-chip standalone

"The TimeStep PERMIT/Gate™ line of products (also referred to as the Alcatel Secure VPN Gateway) is a network appliance that provides IPSec compliant VPN services. It is a tamper-resistant gateway that secures data communications for Intranets, Extranets, and Internet remote access."
119 Alcatel
Managed IP Services
600 March Road
5T1
Kanata, Ontario K2K 2E6
Canada

-Doug Wiemer
TEL: 613-784-3146
FAX: 613-599-3617

CST Lab: NVLAP 200017-0

TimeStep PERMIT/Gate™ 1520 series 50 / Alcatel 7132;
TimeStep PERMIT/Gate™ 2520 series 40 and 50 / Alcatel 7133;
TimeStep PERMIT/Gate™ 4520 series 40 and 50; and
TimeStep PERMIT/Gate™ 4620 series 40 and 50 / Alcatel 7134

(Hardware TSCMP30 v2.00; Software versions 3.00.026 and 3.01.026)

(When operated in FIPS-compliant "Secure" and "Minimum" modes)

Validated to FIPS 140-1

Security Policy

Hardware 10/12/2000 Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #26); DSA/SHA-1 (Cert. #21)

-Other algorithms: DES; Diffie-Hellman (key agreement); MD5

Multi-chip standalone

"The TimeStep PERMIT/Gate™ line of products (also referred to as the Alcatel Secure VPN Gateway) is a network appliance that provides IPSec compliant VPN services. It is a tamper-resistant gateway that secures data communications for Intranets, Extranets, and Internet remote access."
118 IBM® Corporation
2455 South Rd
Mail Station P371
Poughkeepsie, NY 12601
USA

-Clark Norberg
TEL: 845-435-6434

CST Lab: NVLAP 100432-0

IBM eServer zSeries 900 CMOS Cryptographic Coprocessor
(ID: IBM PN 09K1592)

(When configured for External Key Entry)

Validated to FIPS 140-1

Security Policy

Hardware 09/26/2000 Overall Level: 4 

-FIPS Approved algorithms: Triple-DES (Cert. #28); DSA/SHA-1 (Cert. #37); RSA (internal use)

-Other algorithms: DES (Cert. #98); Diffie-Hellman (key agreement); CDM; MDC-2; MDC-4; ANSI: X3106, X99, X919

Single-chip

"Technology remap encryption module for the IBM eServer zSeries 900 system that provides improved throughput performance over the previous part numbers of the IBM S/390 CMOS Cryptographic Coprocessor (FIPS 140-1 cert. #40)."
117 IBM® Corporation
2455 South Rd
Mail Station P330
Poughkeepsie, NY 12601
USA

-Barry Ward
TEL: 845-435-4881
FAX: 845-435-5540

CST Lab: NVLAP 100432-0

IBM 4758-023 PCI Cryptographic Coprocessor (Miniboot Layers 0 and 1)
(ID: PN 04K9036, EC C75600M, Miniboot 0 version A, Miniboot 1 version A)

(When configured for DSS Authentication)

Validated to FIPS 140-1

Security Policy

Hardware 09/18/2000;
08/08/2002;
09/23/2002
Overall Level: 3 

-Physical Security: Level 3 +EFP/EFT
-Cryptomodule Design: Level 4
-Module Interfaces: Level 4
-Roles and Services: Level 4
-Finite State Machine Model: Level 4
-Software Security: Level 4
-EMI/EMC: Level 4
-Self Tests: Level 4
-Key Mgmnt.: Level 4

-FIPS Approved algorithms: Triple-DES (Cert. #4); DSA/SHA-1 (Cert. #34)

-Other algorithms: DES (Cert. #86); DES MAC; RSA

Multi-chip embedded

"The 4758 is a tamper-responding, programmable, cryptographic PCI card, containing CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, firmware, and software. The Coprocessor is available for use in typical PC servers and as features in IBM eServer iSeries, pSeries, and zSeries servers."
116 IBM® Corporation
2455 South Rd
Mail Station P330
Poughkeepsie, NY 12601
USA

-Barry Ward
TEL: 845-435-4881
FAX: 845-435-5540

CST Lab: NVLAP 100432-0

IBM 4758-002 PCI Cryptographic Coprocessor (Miniboot Layers 0 and 1)
(ID: PN 04K9131, EC F72272D, Miniboot 0 version A, Miniboot 1 version A)

(When configured for DSS Authentication)

Validated to FIPS 140-1

Security Policy

Hardware 09/18/2000;
08/08/2002
Overall Level: 4 

-FIPS Approved algorithms: Triple-DES (Cert. #4); DSA/SHA-1 (Cert. #34)

-Other algorithms: DES (Cert. #86); DES MAC; RSA

Multi-chip embedded

"The 4758 is a tamper-responding, programmable, cryptographic PCI card, containing CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, firmware, and software. The Coprocessor is available for use in typical PC servers and as and as features in IBM eServer iSeries, pSeries, and zSeries servers."
115 Thales e-Security
Meadow View House
Crendon Industrial Estate
Long Crendon
Aylesbury, Buckinghamshire HP18 9EQ
United Kingdom

-Tim Fox
TEL: +44 (0)1844 201800
FAX: +44 (0)1844 208550

CST Lab: NVLAP 200002-0

Secure Generic Sub-System (SGSS)
(Version 1.1)

Validated to FIPS 140-1

Security Policy

Vendor Product Link
Hardware 09/13/2000;
01/08/2003;
05/09/2003;
05/19/2003;
03/21/2005;
04/05/2005;
10/13/2005
Overall Level: 4 

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #24)

-Other algorithms:

Multi-chip embedded

"The Secure Generic Sub-System (SGSS) is a multi-chip embedded module used to provide secure system initialization for a cryptographic device, such as the Datacryptor 2000, WebSentry and HSM products. The module contains a secure bootstrap and authenticates application-loading using the Digital Signature Algorithm (DSA)."
114 Technical Communications Corporation
100 Domino Drive
Concord, MA 01742
USA

-John I. Gill
TEL: 978-287-5100

CST Lab: NVLAP 200017-0

CipherX 7200
(Version 1.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Hardware 09/13/2000 Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Certs. #13 and #14); SHA-1 (Cert. #29)

-Other algorithms: DES

Multi-chip standalone

"The CipherX 7200 offers centrally managed end-to-end security that can seamlessly integrate into Internet Protocol (IP) Wide Area Networks (WANs) and Local Area Networks (LANs) providing secure Virtual Private Network (VPN) solutions. The Cipher X 7200 supports encryption, authentication, firewall and secure community capabilities to enable flexible transparent end-to-end network security."
113 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0

Cylink ATM Encryptor
(Software versions 4.0 and 4.1; Hardware version 2.0)

Validated to FIPS 140-1

Security Policy

Hardware 09/13/2000;
06/17/2002;
12/04/2003;
10/18/2004
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #15); DSA/SHA-1 (Cert. #14)

-Other algorithms: Diffie-Hellman (key agreement)

Multi-chip standalone

"Cylink ATM Encryptors secure sensitive data transmitted over high-speed ATM networks. The system supports full wirespeed encryption at data rates from 1.5Mbps to 622 Mbps over public and private networks."
112 AEP Networks
Focus 31, West Wing
Cleveland Road
New Hempstead, Herts HP2 7BW
United Kingdom

-David Miller
TEL: +44 1442 458617

CST Lab: NVLAP 200017-0

Advanced Configurable Crypto Environment (ACCE)
(Firmware version 1, Releases 3G1 and 3G2)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Hardware 09/08/2000;
07/18/2001;
07/22/2002;
10/04/2002;
04/21/2005
Overall Level: 4 

-FIPS Approved algorithms: Triple-DES (Certs. #24 and #25); Triple-DES MAC; DSA/SHA-1 (Cert. #36); RSA (vendor affirmed)

-Other algorithms: DES (Cert. #92); DES MAC; Diffie-Hellman (key agreement); MD5

Multi-chip embedded

"The ACCE provides highly-secure cryptographic services and key storage. It is used in a range of AEP Networks and OEM products including the SureWare Keyper family. There are two versions available: Version 1.3G1 will power-down and zeroize the SMK if the module's temperature exceeds the specified operational temperature range. Version 1.3G2 will power-down and zeroize the SMK when the specified operational temperature is exceeded, and zeroize the IMK when the storage temperature is exceeded."
111 Dallas Semiconductor, Inc.
4401 Beltwood Pkwy
Dallas, TX 75244-3292
USA

-Mr. Dennis Jarrett
TEL: 972-371-4416

CST Lab: NVLAP 200002-0

DS1955B Java™-powered Cryptographic iButton™
(Version 1.11)

(When using vendor-configured with the FIPS 140-1 Applet)

Validated to FIPS 140-1

Security Policy

Hardware 08/30/2000 Overall Level: 3 

-Physical Security: Level 3 +EFP

-FIPS Approved algorithms: SHA-1 (Cert. #36)

-Other algorithms:

Multi-chip standalone

"The Dallas Semiconductor 1955 Java-Powered Cryptographic iButton, when operated in FIPS mode, provides SHA-1 hashing, identity-based challenge-response authentication, statistical random number generator tests, and a SHA-1 known answer test. When not operated in FIPS mode, the device provides more cryptographic services such as a high-speed math accelerator for 1024-bit public key cryptography. The module's single silicon chip is encased in a stainless steel button which is rugged enough to withstand harsh outdoor environments."
110 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Dave Friant
TEL: 425-704-7984

CST Lab: NVLAP 200002-0

Outlook Cryptographic Provider (EXCHCSP)
(Version SR-1A (3821))

Validated to FIPS 140-1

Security Policy

Software 08/15/2000;
10/15/2007
Overall Level: 1 

-Operating System Security: Tested as meeting Level 1 with Microsoft Windows2000 with SP2 or higher (operated in single-user mode).

-FIPS Approved algorithms: Triple-DES (Cert. #18); SHA-1 (Cert. #32); RSA (vendor affirmed)

-Other algorithms: DES (Cert. #91); DES MAC; RC2; MD2; MD5

Multi-chip standalone

"The Microsoft Outlook Cryptographic Provider (EXCHCSP) is a FIPS 140-1 Level 1 compliant general-purpose software-based cryptographic module. EXCHCSP encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-1 Level 1 compliant cryptography."
109 Cisco Systems, Inc.
7025-6 Kit Creek Road
PO Box 14987
Research Triangle Park, NC 27709-4987
USA

-Global Certification Team
TEL:

CST Lab: NVLAP 200002-0

Secure Integrated VPN
(3640, 7140, and 7206 Module Access Routers w/ IOS V12.1(1)T software)

(When configured in a FIPS mode of operation)

Validated to FIPS 140-1

Security Policy

Hardware 08/01/2000;
01/10/2003;
05/24/2005;
05/28/2010;
02/23/2012
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #17); HMAC-SHA-1 (SHA-1 Cert. #26)

-Other algorithms: DES (Cert. #74); RSA; MD4; MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"The Cisco 3640, 7140, and 7206 Secure Integrated VPNs are routers that provide data protection on a network providing packet encryption. The modules perform all of the functions of a typical router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules, providing a secure connection at the packet level."
108 L-3 Communication Systems
One Federal Street
Camden, NJ 08102
USA

-privatel@L-3com.com
TEL: 877-628-3694

CST Lab: NVLAP 200002-0

Privatel™ Model 960v
(Model 960v (Part Number: K10047665, Software version v6.01) and (Part Number: K10047665-503, Software version v7.10))

Validated to FIPS 140-1

Security Policy

Hardware 08/01/2000;
09/18/2000;
04/21/2005
Overall Level: 1 

-FIPS Approved algorithms: Triple-DES (Cert. #20); SHA-1 (Cert. #33)

-Other algorithms: Session Key Development Algorithm (SKDA)

Multi-chip standalone

"The Privatel™ Model 960v provides security for voice telephony applications. The Privatel™ product is an applique to an existing office telephone that provides voice coding, traffic encryption, key management, and modem functions. The module uses the strongest commercially-available cryptography, which provides end-to-end secure communications that protect telephone conversations from eavesdropping and unauthorized monitoring and recording, displaying a unique Key Fingerprint during every secure session."
107 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0

Cylink Frame Encryptor CFE-H and Frame Encryptor CFE-L
(Firmware v4.05 and v4.06; Hardware revisions 4 and 5)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Hardware 07/31/2000;
03/12/2001;
07/18/2002;
12/04/2003;
10/18/2004
Overall Level: 3 

-Module Interfaces: Level 3*
-Roles and Services: Level 3*-FIPS Approved algorithms: Triple-DES (Certs. #21 and #22); DSA/SHA-1 (Cert. #5)

-Other algorithms: DES (Certs. #11 and #20); Diffie-Hellman (key agreement)

Multi-chip standalone

"Cylink Frame Encryptors secure sensitive data transmitted over high-speed, Frame Relay communication links."
106 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Dave Friant
TEL: 425-704-7984

CST Lab: NVLAP 200002-0

Kernel Mode Cryptographic Module (FIPS.SYS)
(Version 5.0.2195.1569)

Validated to FIPS 140-1

Security Policy

Software 07/31/2000;
10/15/2007
Overall Level: 1 

-Operating System Security: Tested as meeting Level 1 with Microsoft Windows2000 with SP2 or higher (operated in single-user mode).

-FIPS Approved algorithms: Triple-DES (Cert. #16); SHA-1 (Cert. #35)

-Other algorithms: DES (Cert. #89)

Multi-chip standalone

"Microsoft's Kernel Mode Cryptographic Module (FIPS.SYS) is a general-purpose, software-based cryptographic module residing at the Kernel Mode level of the Windows Operating System. It runs as a kernel mode export driver (kernel-mode DLL) and encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible by other kernel mode drivers. It can be linked into other kernel mode services to permit the use of FIPS 140-1 Level 1 compliant cryptography."
105 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0

Cylink Link Encryptor NRZ E1-75ohms and Link Encryptor RS-232
(Firmware versions 1.27, 1.31 and 1.33)

Validated to FIPS 140-1

Security Policy

Hardware 07/31/2000;
09/14/2001;
05/15/2002;
07/18/2002;
12/04/2003;
10/18/2004
Overall Level: 2 

-Physical Security: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Certs. #21 and #22); DSA/SHA-1 (Cert. #5)

-Other algorithms: DES (Certs. #11, #26); Diffie-Hellman (key agreement)

Multi-chip standalone

"Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks."
104 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0

Cylink Link Encryptor NRZ-H and Link Encryptor NRZ-L
(Firmware versions 1.27, 1.31 and 1.33)

Validated to FIPS 140-1

Security Policy

Hardware 07/31/2000;
09/14/2001;
05/15/2002;
07/18/2002;
12/04/2003;
10/18/2004
Overall Level: 2 

-Physical Security: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Certs. #21 and #22); DSA/SHA-1 (Cert. #5)

-Other algorithms: DES (Certs. #11, #26); Diffie-Hellman (key agreement)

Multi-chip standalone

"Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks."
103 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Dave Friant
TEL: 425-704-7984

CST Lab: NVLAP 200002-0

Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider
((Base DSS: 5.0.2150.1391 [SP1], 5.0.2195.2228 [SP2] and 5.0.2195.3665 [SP3]),
(Base: 5.0.2150.1391 [SP1], 5.0.2195.2228 [SP2] and 5.0.2195.3839 [SP3]),
(DSS/DH Enh: 5.0.2150.1391 [SP1], 5.0.2195.2228 [SP2] and 5.0.2195.3665 [SP3]),
(Enh: 5.0.2150.1391 [SP1], 5.0.2195.2228 [SP2] and 5.0.2195.3839 [SP3]))

(For services provided by the listed FIPS-Approved algorithms)

Validated to FIPS 140-1

Security Policy

Software 07/10/2000;
12/14/2001;
07/31/2002;
10/15/2007
Overall Level: 1 

-EMI/EMC: Level 3

-Operating System Security: Tested as meeting Level 1 with Microsoft Windows 2000 SPx (operated in single-user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #16); DSA/SHA-1 (Certs. #28 and #29); RSA (vendor affirmed)

-Other algorithms: DES (Certs. #65, 66, 67 and 68); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD4; MD5

Multi-chip standalone

"These are general-purpose software-based cryptomodules. They provide services that enable application developers to utilize several different cryptographic algorithms and functions via the Microsoft CryptoAPI without knowing the underlying implementation."
102 Cryptek, Inc.
1501 Moran Road
Sterling, VA 20166
USA

-Timothy Williams
TEL: 571-434-2000
FAX: 571-434-2001

CST Lab: NVLAP 100432-0

DiamondNIC and DiamondLINK
(Software v1.2 and v1.2.2; Hardware v1.000)

Validated to FIPS 140-1

Security Policy

Hardware 07/10/2000;
11/20/2000;
02/15/2002
Overall Level: 1 

-Roles and Services: Level 2

-FIPS Approved algorithms: Triple-DES (Cert. #10); SHA-1 (Cert. #30)

-Other algorithms: DES; Diffie-Hellman (key agreement); MD5; KPDK_MD5

Multi-chip embedded

"DiamondNIC and DiamondLINK provide a cost-effective and flexible end-to-end network security solution for the LAN, WAN, or Internet. They not only provide a high level of trust and data separation through the established end-to-end session, they additionally provide added levels of security by bringing firewall filtering functionality to the desktop. These modules provide strong I&A and user selectable/dynamically downloaded security policies to the desktop."
101 Dallas Semiconductor, Inc.
4401 Beltwood Pkwy
Dallas, TX 75244-3292
USA

-Mr. Dennis Jarrett
TEL: 972-371-4416

CST Lab: NVLAP 200002-0

DS1954B-007 Cryptographic iButton™
(ID: B9-V1.02)

(When using vendor-initialized SHA-1 in transaction group 1)

Validated to FIPS 140-1

Security Policy

Hardware 06/22/2000 Overall Level: 3 

-Physical Security: Level 3 +EFP

-FIPS Approved algorithms: SHA-1 (Cert. #8)

-Other algorithms: MD5; RSA

Multi-chip standalone

"Inside the steel perimeter, the secure accounting and cryptographic services are performed to meet the requirements of the United States Postal Service Information Based Indicia Program. See Cert. #41."
100 Fortress™ Technologies, Inc.
2 Technology Park Dr
Westford, MA 01886-3140
USA

-Certification Director
TEL: 978-923-6400
FAX: 978-923-6498

CST Lab: NVLAP 200416-0

NetFortress® 10
(Version 4.0 firmware)

(When factory configured in FIPS mode)

Validated to FIPS 140-1

Security Policy

Hardware 06/22/2000;
03/26/2010;
05/17/2013
Overall Level: 2 

-Software Security: Level 3.

-FIPS Approved algorithms: Triple-DES (Cert.#19); SHA-1 (Cert.#34)

-Other algorithms: DES (Cert.#23); Diffie-Hellman (key agreement)

Multi-chip standalone

"The NetFortress® 10 is a tamper-resistant network communications security solution that establishes private communications between corporate divisions, branch offices, and mobile users. It integrates seamlessly and economically into any LAN and WAN environment for optimum flexibility and scalability. NetFortress 10’s security feature set includes encryption, data integrity checking, authentication, access control, data compression and firewall capabilities. It is compliant with IPSec."
99 Cisco Systems, Inc.
7025-6 Kit Creek Road
PO Box 14987
Research Triangle Park, NC 27709-4987
USA

-Global Certification Team
TEL:

CST Lab: NVLAP 200002-0

Cisco Secure Integrated VPN
(2621 Module Access Router w/ IOS V12.1(1)T software)

(When configured in a FIPS mode of operation)

Validated to FIPS 140-1

Security Policy

Hardware 06/13/2000;
06/22/2000;
01/10/2003;
05/24/2005;
05/28/2010;
02/23/2012
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #17); HMAC-SHA-1 (SHA-1 Cert. #26)

-Other algorithms: DES (Cert. #74); RSA; MD4; MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"The Cisco 2621 Modular Access Router supports the full IOS feature set including advanced security features such as Virtual Private Network (VPN) Access and integrated Firewall protection. The Cisco 2621 supports multiple encrypted tunnels using Cisco IOS IPSec and DES/3DES encryption."
98 Nortel Networks
600 Technology Park
Billerica, MA 01821
USA

-Jonathan Lewis
TEL: 978-288-8590
FAX: 978-288-4004

CST Lab: NVLAP 200002-0

Contivity Extranet Switch
(Firmware version 2.60, 4500 Hardware)

(When operated in the 'FIPS-enabled' mode using FIPS-Approved algorithms)

Validated to FIPS 140-1

Security Policy

Hardware 05/23/2000;
09/20/2001;
12/06/2001
Overall Level: 2 

-FIPS Approved algorithms: SHA-1 (Cert. #31); Triple-DES (DES Cert. #47)

-Other algorithms: DES (Cert. #47); RSA; RC4; MD5

Multi-chip standalone

"The Contivity 4500 Extranet Switch provides up to 5000 branch office or end user IPSEC tunnels with a flexible easy to manage and cost effective package. 5 PCI expansion slots, dual 10/100 LAN ports, dual redundant power supplies and storage, unlimited IPSEC client licenses."
97 Stamps.com
3420 Ocean Park Blvd.
Suite 1040
Santa Monica, CA 90405
USA

-Craig Ogg
TEL: 310-581-7200
FAX: 310-581-7500

CST Lab: NVLAP 100432-0

Postage Server Cryptomodule
(Versions 1.01 and 1.02)

Validated to FIPS 140-1

Security Policy

Hardware 05/18/2000 Overall Level: 3 

-Physical Security: Level 4

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #23, 27); Triple-DES (Cert. #2)

-Other algorithms: DES (Certs. #58 and #69); RSA; Diffie-Hellman (key agreement)

Multi-chip embedded

"The module provides the services to support high-speed, highly secure E-commerce transactions, including the production and verification of United States Postal Service Information-Based Indicia."
96 Pitney Bowes, Inc.
35 Waterview Dr
Shelton, CT 06484
USA

-David Riley
TEL: 203-924-3500
FAX: 203-924-3385

CST Lab: NVLAP 100432-0

ClickStamp™ Online Client Cryptographic Module (CCM)
(Version 0.3.60A)

Validated to FIPS 140-1

Security Policy

Software 05/18/2000 Overall Level: 1 

-Operating System Security: Tested as meeting Level 1 with Microsoft Windows95/98, WindowsNT Workstation 4.0 w/SP3 or later (single-user mode).

-FIPS Approved algorithms: SHA-1 (Cert. #27); Triple-DES (Cert. #3)

-Other algorithms: DES (Cert. #83)

Multi-chip standalone

"The module provides security services to support the secure accounting and cryptographic functions necessary for value evidencing of electronic transactions, such as the United States Postal Service Information-Based Indicium Program (USPS IBIP)."
95 SPYRUS, Inc.
2355 Oakland Road
Suite 1
San Jose, CA 95131
USA

-Tom Dickens
TEL: 408-953-0700
FAX: 408-953-9835

CST Lab: NVLAP 200002-0

Rosetta Smart Card
(Version 2.01)

(For services provided by the listed FIPS-Approved algorithms)

Validated to FIPS 140-1

Security Policy

Hardware 05/08/2000;
01/01/2014
Overall Level: 2 

-EMI/EMC: Level 3

-FIPS Approved algorithms: Skipjack (Cert. #4);

-Other algorithms: DES (Cert. #78); Triple-DES (non-compliant); DSA (Cert. #31; non-compliant); KEA (primitives only); RSA

Single-chip

"The SPYRUS Rosetta Smart Card is an ISO 7816 compliant public key smart card based upon the SPYCOS card operating system."
94 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Hazem Hassan
TEL: 952-808-2372
FAX: 952-890-2726

CST Lab: NVLAP 200002-0

SignaSURE Model 330 Smart Card
(Version 1.0)

(When using the 'FIPS-mode Configuration File')

Validated to FIPS 140-1

Security Policy

Hardware 05/08/2000;
02/22/2005
Overall Level: 2 

-EMI/EMC: Level 3

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #35); Triple-DES (DES Cert. #88, vendor affirmed); RSA/SHA-1 (vendor affirmed)

-Other algorithms: DES (Cert. #88); Diffie-Hellman (key agreement)

Single-chip

"The SignaSURE Model 330 Smart Card is a complete public key cryptographic module that is ISO 7816 compliant. This module supports PKI with a highly efficient cryptographic co-processor and the DKCCOS v2.0 smart card OS. The OS is extensible and allows new algorithms to be added."
93 Entrust, Inc.
1000 Innovation Drive
Ottawa, Ontario K2K 3E7
Canada

-Entrust Sales

CST Lab: NVLAP 200017-0

Entrust Cryptographic Kernel, v5.0 and v5.0a
(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Software 04/20/2000;
07/18/2002;
05/28/2014
Overall Level: 2 

-EMI/EMC: Level 3

-Operating System Security: Level 2 for Microsoft WindowsNT 4.0 with SP6a (TCSEC C2-rated on a Compaq ProLiant 7000 Server).

-FIPS Approved algorithms: Triple-DES (Cert.#6); DSA/SHA-1 (Cert. #10); RSA (vendor affirmed); ECDSA (vendor affirmed)

-Other algorithms: DES (Cert. #56); DES MAC; RC2; RC4; IDEA; MD5; MD2; RIPEMD-160; HMAC-SHA-1; HMAC-MD5; HMAC-RMD160; CAST; CAST3; CAST5; ECDSA; Diffie-Hellman (key agreement)

Multi-chip standalone

"This module is used in the Entrust® family of products."
92 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MA 21017
USA

-Rick DeFelice
TEL: 410-931-7500
FAX: 410-931-7524

CST Lab: NVLAP 100432-0

SafeNet CGX (Crypto Graphic eXtensions) Library
(Software v1.14, v1.15 and v1.16)

(For services provided by the FIPS-Approved algorithms listed [in the description column])

Validated to FIPS 140-1

Security Policy

Software 04/07/2000;
11/20/2000;
07/02/2002;
10/19/2004
Overall Level: 1 

-EMI/EMC: Level 3
-Software Security: Level 3
-Self Tests: Level 4

-Operating System Security: Tested as meeting Level 1 when using Windows95/98, WindowsNT Workstation 4.0 w/ SP 3 or later (single-user mode).

-FIPS Approved algorithms: Triple-DES (Cert. #11); DSA/SHA-1 (Cert. #30)

-Other algorithms: DES (Cert. #72); RC5; MD2; MD5; HMAC-SHA-1; HMAC-MD5; RIPEMD-128; RIPEMD-160; RSA; Diffie-Hellman (key agreement)

Multi-chip standalone

"The SafeNet CGX (Crypto Graphic eXtensions) cryptographic module is used in the SafeNet product line including S/Speed, S/Smart, S/Soft, PCI Card as well as the ADSP 2141 Safenet/DSP."
91 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MA 21017
USA

-Rick DeFelice
TEL: 410-931-7500
FAX: 410-931-7524

CST Lab: NVLAP 100432-0

SafeNet CGX (Crypto Graphic eXtensions) Library
(Software v1.14, v1.15 and v1.16)

(For services provided by the FIPS-Approved algorithms listed [in the description column])

Validated to FIPS 140-1

Security Policy

Software 04/07/2000;
11/20/2000;
07/02/2002;
10/18/2004
Overall Level: 2 

-EMI/EMC: Level 3
-Software Security: Level 3
-Self Tests: Level 4

-Operating System Security: Tested as meeting Level 2 when using Compaq DeskPro 6400 w/ WindowsNT Workstation 4.0, SP3 (ITSEC-certified).

-FIPS Approved algorithms: Triple-DES (Cert. #11); DSA/SHA-1 (Cert. #30)

-Other algorithms: DES (Cert. #72); RC5; MD2; MD5; HMAC-SHA-1; HMAC-MD5; RIPEMD-128; RIPEMD-160; RSA; Diffie-Hellman (key agreement)

Multi-chip standalone

"The SafeNet CGX (Crypto Graphic eXtensions) cryptographic module is used in the SafeNet product line including S/Speed, S/Smart, S/Soft, PCI Card as well as the ADSP 2141 Safenet/DSP."
90 Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
USA

-Security Evaluations Manager
TEL: +44 118 9243860
FAX: +44 118 9243171

CST Lab: NVLAP 100432-0

Oracle® Advanced Security
(Software Version 8.1.6)

(When operated in FIPS mode using the FIPS Approved algorithms [listed in the description column])

Validated to FIPS 140-1

Security Policy

Software 03/21/2000;
04/04/2002;
07/07/2003
Overall Level: 2 

-Operating System Security: Tested as meeting Level 2 with Sun Solaris Version 2.6SE running on a Sun Ultra SPARC-1 workstation.

-FIPS Approved algorithms: SHA-1 (Cert. #18)

-Other algorithms: DES (Cert. #52); RC4; MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"Oracle® Advanced Security is a comprehensive suite of security features for distributed environments. It provides a single source of integration with network encryption, authentication, and single sign-on services, delivers PKI solutions and integrates with LDAP directories. Oracle® Advanced Security is an option available with Oracle8i™ Enterprise Edition."
89 RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

CST Lab: NVLAP 200002-0

BSAFE Crypto-C Toolkit, Version 4.31
(Software version 4.31)

(For services provided by the listed FIPS-Approved algorithms listed [in the description column])

Validated to FIPS 140-1

Security Policy

Software 03/21/2000;
01/04/2008;
10/16/2008;
09/07/2010;
03/28/2011;
01/24/2013
Overall Level: 1 

-EMI/EMC: Level 3

-Operating System Security: Tested as meeting Level 1 with Microsoft WindowsNT 4.0 (single-user mode).

-FIPS Approved algorithms: Triple-DES (DES Cert. #46, vendor affirmed); SHA-1 (Cert. #18); RSA (vendor affirmed)

-Other algorithms: DES (Cert. #46); RSA (encrypt/decrypt); MD2; MD5; HMAC; DESX; RC2; RC4; Elliptic Curve (F2&Fp); Elliptic Curve Encryption Scheme; Elliptic Curve DSA; Bloom-Shamir

Multi-chip standalone

"Cryptographic Toolkit provides cryptographic services to calling applications."
88 Motorola, Inc.
Secure Design Center
IL02 Room 0509A
1301 East Algonquin Rd
Schaumburg, IL 60196
USA

-Geoff Hobar
TEL: 847-576-9066
FAX: 847-538-2770

CST Lab: NVLAP 200017-0

Key Management Facility / Radio Network Controller (KMF/RNC) Encryption Module Controller (EMC)
(Version R3.0A; Firmware Version R02.23.00)

(When operated in FIPS mode by selection of the DES algorithm)

Revoked
DES Transition Ended

Security Policy

Hardware 02/23/2000 Overall Level: 1 

-FIPS Approved algorithms:

-Other algorithms: DES (Cert. #73); DES-XL; DVI-XL; DVP-XL; DVI-SPFL

Multi-chip standalone

"The RNC 3000 provides data communications between mobile data and host applications in an ASTRO integrated voice and data system. The RNC Encryption Module Controller provides data encryption services for the RNC 3000."
87 nCipher Corporation Ltd.
100 Unicorn Park Dr
Woburn, MA 01801-3371
USA

-Greg Dunne
TEL: 978-691-6487
FAX: 978-687-4442

CST Lab: NVLAP 200017-0

nShield 300, nShield 150
and nShield 75
Cryptographic Accelerators

(Firmware v1.54.28; Hardware Build Standard D)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Hardware 01/18/2000;
03/01/2001;
03/09/2006;
03/15/2006
Overall Level: 3 

-Roles and Services: Level 3*
-Self Tests: Level 3*
-Key Management: Level 3*

*(Level 3 is met in these areas when the "FIPS_level3" flag is set during initialization.)

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #11); Triple-DES (DES Cert. #24, vendor affirmed); RSA (vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC; CAST; HMAC; Triple-DES MAC; ElGamal; Diffie-Hellman (key agreement)

Multi-chip standalone

86 Motorola, Inc.
Secure Design Center
IL02 Room 0509A
1301 East Algonquin Rd
Schaumburg, IL 60196
USA

-Geoff Hobar
TEL: 847-576-9066
FAX: 847-538-2770

CST Lab: NVLAP 200017-0

ASTRO-TAC Digital Interface Unit (DIU) Encryption Module Controller (EMC)
(Hardware v. 3.0A; Firmware v. 6.9 & 7.1)

(When operated in FIPS mode by selection of the DES algorithm)

Revoked
DES Transition Ended

Security Policy

Hardware 01/05/2000 Overall Level: 1 

-Roles and Services: Level 2

-FIPS Approved algorithms:

-Other algorithms: DES (Cert.#73); DES-XL; DVP-XL; DVI-XL; DVI-SPFL

Multi-chip standalone

"The ASTRO DIU provides an interface between an analog console and an ASTRO base station or ASTRO-TAC comparator for ASTRO clear and analog two-way radio communications. The DIU EMC is available as an option with ASTRO DIUs to provide encryption capability. The DIU will then support ASTRO encrypted two-way radio communications."
85 Entrust, Inc.
1000 Innovation Drive
Ottawa, Ontario K2K 3E7
Canada

-Entrust Sales

CST Lab: NVLAP 200017-0

Entrust Cryptographic Kernel, v5.0
(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Software 01/07/2000;
07/18/2002;
05/28/2014
Overall Level: 1 

-EMI/EMC: Level 3
-Roles and Services: Level 2
-Physical Security: Level 2

-Operating System Security: Level 1 for Microsoft Windows95/98; WindowsNT 3.5 and 3.51; WindowsNT 4.0 with SP3, SP4, SP5 or SP6 (single user mode).

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #10); RSA (vendor affirmed); Triple-DES (DES Cert.#56, vendor affirmed)

-Other algorithms: DES (Cert. #56); DES MAC; RC2; RC4; IDEA; MD5; MD2; RIPEMD-160; HMAC-SHA-1; HMAC-MD5; HMAC-RMD160; CAST; CAST3; CAST5; ECDSA; Diffie-Hellman (key agreement)

Multi-chip standalone

"This module is used in the Entrust family of products."


Need Assistance?