CMVP Main Page

Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules
1995-1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014,
All

Last Update: 6/26/2014

It is important to note that the items on this list are cryptographic modules. A module may either be an embedded component of a product or application, or a complete product in-and-of-itself. If the cryptographic module is a component of a larger product or application, one should contact the product or application vendor in order to determine how the product utilizes the embedded validated cryptographic module. There may be a larger number of security products or applications available which use an embedded validated cryptographic module, than the number of modules which are found in this list. In addition, other vendors, who are not found in this list, may incorporate a validated cryptographic module from this list embedded into their own products.

When selecting a module from a vendor, verify that the module is either the product or application itself (e.g. VPN, SmartCard, USB memory token, etc.) or the module is embedded in a larger product or application (e.g. toolkit, etc.). If the module is embedded in a product or application, ask the product or application vendor to provide a signed letter or statement affirming that the unmodified validated cryptographic module is integrated in the solution; the module provides all the cryptographic services in the solution; and provide reference to the modules validation certificate number from this listing.

NOTE1: Module descriptions are provided by the module vendors and have not been verified for accuracy by the CMVP. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-Approved mode. The algorithms, protocols, and cryptographic functions listed as "other algorithms" (e.g. allowed or non-FIPS-Approved algorithms) have not been tested through the CMVP.

NOTE2: The operator of a cryptographic module is responsible for ensuring that the algorithms and key lengths are in compliance with the requirements of NIST SP 800-131A.

NOTE3: All questions regarding the implementation and/or use of any module located on the CMVP module validation lists should first be directed to the appropriate vendor point-of-contact (listed for each entry).

Please contact the CMVP if any errors are discovered or comments with suggestions for improvement of the validation listings.

Cert# Vendor / CST Lab Cryptographic Module
Module
Type
Val.
Date
Level / Description
282 Motorola, Inc.
1301 E. Algonquin Road
Schaumburg, IL 60196
USA

-Kirk Mathews
TEL: 847-576-4101
FAX: 847-538-2770

CST Lab: NVLAP 100432-0

ASTRO Subscriber Universal Crypto Module
(HW P/Ns NTN9801B, NTN9738C, NNTN5032D, NNTN5032G, 0104020J49, 0104020J50, 0104020J51, 0104024J43, 0104024J44, 0104024J45, 0104025J11 and 0104025J12; FW R05.00.13, R05.02.00, R05.02.02, R05.03.00, R05.04.01 and R05.05.01)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 12/20/2002;
05/30/2003;
06/11/2003;
11/26/2003;
12/24/2003;
03/30/2004;
07/27/2004;
01/13/2006;
12/19/2006
Overall Level: 1 

-Roles, Services, and Authentication: Level 2

-FIPS Approved algorithms: Triple-DES (Cert. #82); AES (Cert. #2)

-Other algorithms: DES (Cert. #151); DES MAC; SHA-1; AES MAC (Cert #2, P25 AES OTAR, vendor affirmed)

Multi-chip embedded

"Encryption modules used in Motorola ASTRO™ family of radios provides secure voice and data capabilities as well as APCO Over-the-Air-Rekeying (OTAR) and advanced key management."
281 V-ONE Corporation, Inc.
20250 Century Blvd.
Suite 300
Germantown, MD 20874
USA

-Chris Brook
TEL: 301-515-5242
FAX: 301-515-5280

CST Lab: NVLAP 200416-0

SmartGate®
(Version 4.3)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 12/23/2002;
01/09/2003;
06/18/2003
Overall Level: 1 

-Roles and Services: Level 2
-Software Security: Level 3

-Operating System Security: Tested as meeting Level 1 with Red Hat Pro Linux 7.2 and Sun Solaris 8 (Single User Mode)

-FIPS Approved algorithms: Triple-DES (Cert. #46); SHA-1 (Cert. #10); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #159); DES MAC (Cert. #159); MD5; RC4; Diffie-Hellman (key agreement)

Multi-chip standalone

"V-ONE Corporations SmartGate is leading client/server Virtual Private Network (VPN) software that provides enterprise-level security to network-based users for private information and private TCP/IP application services. SmartGate provides encryption, strong user authentication, authorization, management, accounting, key distribution, and proxy capabilities. It consists of server (SmartGate) and client (SmartPass) software."
280 Tricipher, Inc.
1900 Alameda de las Pulgas
Suite 112
San Mateo, CA 94403
USA

-Tim Renshaw
TEL: 650-372-1300

CST Lab: NVLAP 200416-0

Secure Identity Appliance
(Hardware: Dell 2550 Server, Software version 2.5.1)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 12/12/2002;
02/22/2005
Overall Level: 2 

-Roles and Services: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #101); SHA-1 (Cert. #90); RSA (PKCS #1, vendor affirmed)

-Other algorithms: HMAC-SHA-1 (Cert #90, vendor affirmed); MD5; RSA (encryption)

Multi-chip standalone

"The SingleSignOn.Net Secure Identity Appliance is a Public Key Infrastructure (PKI) and password authentication solution. It allows for the easy deployment of PKI scalable to large numbers of users and provides an ID/Password system that uses the underlying PKI to provide security and robustness. The Secure Identity Appliance is able to perform public key-based cryptography, including digital signatures and encryption."
279 McAfee, Inc.
3965 Freedom Circle
Santa Clara, CA 95054
USA

-Mike Siegel
TEL: 888-847-8766

CST Lab: NVLAP 200002-0

McAfee Endpoint Encryption for PCs Client (formerly SafeBoot Client)
(Software Version 4.1)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 11/26/2002;
08/18/2006;
08/29/2006;
04/30/2007;
06/23/2008
Overall Level: 1 

-Operating System Security: Tested as meeting Level 1 with Microsoft Windows 95 SR2 (single user mode)

-FIPS Approved algorithms: AES (Cert. #21); DSA (Cert. #53); SHA-1 (Cert. #71)

-Other algorithms: Diffie-Hellman (key agreement)

Multi-chip standalone

"McAfee Endpoint Encryption for PCs Client is a high performance software solution that provides sector-level encryption of a PC's hard drive in a manner that is totally transparent to the user. In addition, the centralized McAfee Endpoint Encryption management system provides robust recovery tools, administration, and implementation."
278 Entrust CygnaCom
7925 Jones Branch Drive
Suite 5200
McLean, VA 22102
USA

-Entrust Sales

CST Lab: NVLAP 200427-0

Entrust CygnaCom IPSec Cryptographic Module
(Version 1.0)

Validated to FIPS 140-1

Security Policy

Certificate

Software 11/07/2002;
08/23/2004;
05/28/2014
Overall Level: 1 

-Operating System Security: Tested as meeting Level 1 with SCO CMW+ V3.0.1 Operating System (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #91); SHA-1 (Cert. #79); HMAC-SHA-1 (Cert. #79, vendor affirmed)

-Other algorithms: Diffie-Hellman (key agreement)

Multi-chip standalone

"The Entrust CygnaCom IPSec Cryptographic Module is a software cryptographic module intended to provide secure IPSEC communications between client workstations/laptops and servers. The communications are secured by the use of Triple DES (TDES) running in the Triple Cipher Block Chaining (TCBC) mode of operation to encrypt and the data portion of TCP/IP packets using either the IPSEC ESP-tunneled mode or ESP-transport mode. HMAC SHA-1 is used to authenticate IPSEC message headers and protocol data units."
277 M/A Com, Inc.
221 Jefferson Ridge Parkway
Lynchburg, VA 24501
USA

-Stefan Backstom
TEL: 434-455-6600
FAX: 434-455-6851

CST Lab: NVLAP 200002-0

Enhanced Digital Access Communications System (EDACS) Orion System/Scan (AEGIS) Mobile Two-Way FM Radios
VHF-L range: 136-153 MHz
VHF-M range: 150-174 MHz
UHF-L range: 403-440 MHz
UHF-M range: 440-470 MHz
UHF-H range: 470-512 MHz
800 range: 806-870 MHz

(Hardware Versions: (VHF-L [D2GHTXE(110W) D2GMTXE(50W)], VHF-M [D2HHTXE(110W) D2HMTXE(50W)], UHF-L [D2PHTXE(100W) D2PMTXE(40W)], UHF-M [D2UHTXE(110W) D2UMTXE(40W)], UHF-H [D2VHTXE(80W) D2VMTXE(35W)] and 800 [D28MTXE(35W) D28LTXE(12W)]), Software Version: R42A)

Revoked
DES Transition Ended

Security Policy

Certificate

Hardware 11/07/2002;
01/16/2003;
03/07/2003;
03/13/2003
Overall Level: 1 

-FIPS Approved algorithms:

-Other algorithms: DES ( 04/22/94)

Multi-chip standalone

"The EDACS Orion Mobile with FIPS 140-1 security level 1 validation. Aegis digital voice, conventional and trunked; system and scan front mounting."
276 Securit-e-Doc, Inc.
515 North Flagler Drive
Suite 203
West Palm Beach, FL 33401
USA

-Robert Barron
TEL: 561-833-2303

CST Lab: NVLAP 200416-0

Securit-e-Doc® SITT CryptoSystem
(Version 3.0)

Validated to FIPS 140-1

Security Policy

Certificate

Software 10/31/2002;
06/10/2004
Overall Level: 1 

-Operating System Security: Tested as meeting Level 1 with Windows 2000 (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #114); SHA-1 (Cert. #99); AES (Cert. #7); Skipjack (Cert. #8)

-Other algorithms: N/A

Multi-chip standalone

"Securit-e-Doc(R) provides secure server-based transmission and storage of files and messages using interactive, Web-enabled interfaces. All components of the Securit-e-Doc system derive their security services from the underlying SITT(R) CryptoSystem. SITT(R), implemented within the Securit-e-Doc application software, provides real-time cryptographic services for symmetric encryption and decryption, random number generation and message digesting."
275 RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

CST Lab: NVLAP 200427-0

RSA BSAFE® Crypto-J Toolkit Module
(Version 3.3.3)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Vendor Product Link
Software 10/31/2002;
10/01/2004;
01/04/2008;
10/16/2008;
09/07/2010;
03/28/2011;
01/24/2013
Overall Level: 1 

-Operating System Security: Tested as meeting Level 1 with Windows NT SP6 (single user mode), JVM v1.3.1, JRE v1.3.1

-FIPS Approved algorithms: Triple-DES (Cert. #112); DSA (Cert. #63); SHA-1 (Cert. #97); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #168); AES; DESX; RC2; RC4; RC5; RC6; MD2; MD5; HMAC-SHA-1; Diffie-Hellman (key agreement); Base64

Multi-chip standalone

"The Crypto-J Module is a Java- language software development kit that allows software and hardware developers to incorporate encryption technologies directly into their products. The tested Crypto-J Module is a Java-language API available as a Java Archive, or JAR, file."
274 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0

SafeNet ATM Encryptor
(Hardware Versions 4.5, ATM Encryptor Models: 450-016-003/004/005/006/007/008/009, Firmware Version 5.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 10/24/2002;
04/16/2003;
10/19/2004
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #110); DSA/SHA-1 (Cert. #14); RSA (signature verification: PKCS#1, vendor affirmed)

-Other algorithms: Diffie-Hellman (key agreement)

Multi-chip standalone

"The SafeNet™ SafeEnterprise™ ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The SafeNet™ SafeEnterprise™ ATM Encryptor can be centrally controlled or managed across multiple remote stations using SafeNet™ SafeEnterprise™ Security Management Center, an SNMP-based security management system."
273 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0

SafeNet ATM Encryptor
(Hardware Versions 4.0, ATM Encryptor Models: 460-006-001/002/003/004/005/006/007/008/009, Firmware Version 5.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 10/24/2002;
04/16/2003;
10/19/2004
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #15); DSA/SHA-1 (Cert. #14); RSA (signature verification: PKCS#1, vendor affirmed)

-Other algorithms: Diffie-Hellman (key agreement)

Multi-chip standalone

"The SafeNet™ SafeEnterprise™ ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The SafeNet™ SafeEnterprise™ ATM Encryptor can be centrally controlled or managed across multiple remote stations using SafeNet™ SafeEnterprise™ Security Management Center, an SNMP-based security management system."
272 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0

SafeNet ATM Encryptor
(Hardware Versions 3.5 and 3.6, ATM Encryptor Models: 450-004-001/002/003/004/005/006/007 and 450-013-003/004/005/006/007/008/009, Firmware Version 5.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 10/24/2002;
04/16/2003;
10/19/2004
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #110); DSA/SHA-1 (Cert. #14); RSA (signature verification: PKCS#1, vendor affirmed)

-Other algorithms: Diffie-Hellman (key agreement)

Multi-chip standalone

"The SafeNet™ SafeEnterprise™ ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The SafeNet™ SafeEnterprise™ ATM Encryptor can be centrally controlled or managed across multiple remote stations using SafeNet™ SafeEnterprise™ Security Management Center, an SNMP-based security management system."
271 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0

SafeNet ATM Encryptor
(Hardware Versions 3.0 and 3.1, ATM Encryptor Models: 450-002-001/002/003/004/005/006/007 and 450-003-001/002/003/004/005/006/007/008/009, Firmware Version 5.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 10/24/2002;
04/16/2003;
10/19/2004
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #15); DSA/SHA-1 (Cert. #14); RSA (signature verification: PKCS#1, vendor affirmed)

-Other algorithms: Diffie-Hellman (key agreement)

Multi-chip standalone

"The SafeNet™ SafeEnterprise™ ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The SafeNet™ SafeEnterprise™ ATM Encryptor can be centrally controlled or managed across multiple remote stations using SafeNet™ SafeEnterprise™ Security Management Center, an SNMP-based security management system."
270 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Randy Kun
TEL: 613-723-5077
FAX: 613-723-5078

CST Lab: NVLAP 200017-0

Luna® DSM
(Hardware Versions 1 and 2, Firmware Version 3.98)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 10/18/2002;
10/18/2004
Overall Level: 2 

-Software Security: Level 3
-Self Tests: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #73); DSA (Cert. #51); SHA-1(Cert. #64); Triple-DES MAC; RSA (FIPS 186-2, vendor affirmed)

-Other algorithms: DES (Cert. #134); DES MAC; RC2; RC4; RC5; CAST; CAST 3; CAST 5; CAST MAC; CAST 3 MAC; CAST 5 MAC; HMAC-SHA-1; MD2; MD5; Diffie-Hellman (key agreement); RSA (Encryption and Decryption)

Multi-chip standalone

"The Chrysalis-ITS™ Luna® DSM Digital Signature Module is a hardware-based, multiple-chip standalone module in the form of a PC card “token” based on the PCMCIA standard. The LUNA DSM token is a hardware crypto engine for digital signing, identification and authentication and is used in applications that require FIPS Level II key generation, protection and storage for limited numbers of digital keys."
269 Cryptek, Inc.
1501 Moran Road
Sterling, VA 20166
USA

-Timothy Williams
TEL: 571-434-2000
FAX: 571-434-2001

CST Lab: NVLAP 100432-0

DiamondVPN™
(Software 2.1.4A, 2.1.6 and 2.1.6.1, Hardware 2020, P/N DV100-F)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Vendor Product Link
Hardware 10/18/2002;
02/25/2003;
10/02/2003;
04/08/2005
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #71); SHA-1 (Cert. #63)

-Other algorithms: DES (Cert. #132); Diffie-Hellman (key agreement); MD5

Multi-chip standalone

"DiamondVPN™ is a rack- mounted network security appliance that can be installed at a LAN edge for a work group or department operating on your enterprise network to enforce a single security profile for traffic outbound from the LAN and access to the LAN from the outside. Unlike traditional VPNs, DiamondVPN™ also offers secure pass-through to networks in which DiamondLink™ protects some users."
268 Cryptek, Inc.
1501 Moran Road
Sterling, VA 20166
USA

-Timothy Williams
TEL: 571-434-2000
FAX: 571-434-2001

CST Lab: NVLAP 100432-0

DiamondPak™ and DiamondVPN-6™
(Software 2.1.4A, 2.1.6 and 2.1.6.1, Hardware 2020, P/N's DP600-F and DV600-F)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Vendor Product Link
Hardware 10/18/2002;
02/25/2003;
07/31/2003;
10/02/2003;
04/08/2005
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #71); SHA-1 (Cert. #63)

-Other algorithms: DES (Cert. #132); Diffie-Hellman (key agreement); MD5

Multi-chip standalone

"DiamondPak" is a rack- mounted network appliance for protecting multiple servers with each server protected by a dedicated self-protecting DiamondTEK" security computer enforcing a single security profile. DiamondPak"'s advanced access-control system for protecting critical backend systems is available in configurations to protect 2, 4, or 6 systems. DiamondVPN-6 is a network security appliance for protecting a group of servers or users within an organization with each group protected by a dedicated self-protecting DiamondTEK security computer enforcing a single security profile. DiamondVPN s advanced access control system for protecting critical backend groups is available in a configuration to protect 6 individual groups."
267 Cryptek, Inc.
1501 Moran Road
Sterling, VA 20166
USA

-Timothy Williams
TEL: 571-434-2000
FAX: 571-434-2001

CST Lab: NVLAP 100432-0

DiamondLink™
(Software 2.1.4A, 2.1.6 and 2.1.6.1, Hardware 2000 and 2010 (fiber), P/N's DL 100-F and DL 100F-F)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Vendor Product Link
Hardware 10/18/2002;
02/25/2003;
10/02/2003;
04/08/2005
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #71); SHA-1 (Cert. #63)

-Other algorithms: DES (Cert. #132); Diffie-Hellman (key agreement); MD5

Multi-chip standalone

"DiamondLink™ is an external, drop- in network appliance for individual users that features a built- in security computer and authentication card reader in a single device. With its plug-and-play flexibility, DiamondLink™ can be easily extended to other network devices such as printers, fax machines, and networked manufacturing devices."
266 F-Secure Corporation
Tammasaarenkatu 7
PL 24
Helsinki, 00180
Finland

-Alexey Kirichenko
TEL: +358 9 2520 5548

CST Lab: NVLAP 200427-0

F-Secure Pocket PC Cryptographic Library (Compact Version)
(Version 1.1.9)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Software 10/18/2002 Overall Level: 1 

-EMI/EMC: Level 3
-Self Tests: Level 3

-Operating Environment: Tested as meeting Level 1 with Windows CE 3.0

-FIPS Approved algorithms: AES (Cert. #4); SHA-1 (Cert. #122); HMAC-SHA-1 (Cert. #122, vendor affirmed)

-Other algorithms: N/A

Multi-chip standalone

"The F-Secure Pocket PC Cryptographic Library is a software module, implemented as a 32-bit Windows CE compatible DLL for Pocket PC and Pocket PC 2002 platforms. It provides an assortment of cryptographic services to any client process that attaches an instance of the module DLL. The services are accessible for the client through a C-language Application Program Interface. The cryptographic services are also available in the form of a static library and as source code."
265 F-Secure Corporation
Tammasaarenkatu 7
PL 24
Helsinki, 00180
Finland

-Alexey Kirichenko
TEL: +358 9 2520 5548

CST Lab: NVLAP 200427-0

F-Secure Pocket PC Cryptographic Library (Full Version)
(Version 1.1.7)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Vendor Product Link
Software 10/18/2002;
07/31/2003
Overall Level: 1 

-EMI/EMC: Level 3
-Self Tests: Level 3

-Operating Environment: Tested as meeting Level 1 with Windows CE 3.0

-FIPS Approved algorithms: Triple-DES (Cert. #106); AES (Cert. #4); SHA-1 (Cert. #122); HMAC-SHA-1 (Cert. #122, vendor affirmed)

-Other algorithms: DES (Cert. #165); Blowfish; MD5; HMAC-MD5

Multi-chip standalone

"The F-Secure Pocket PC Cryptographic Library is a software module, implemented as a 32-bit Windows CE compatible DLL for Pocket PC and Pocket PC 2002 platforms. It provides an assortment of cryptographic services to any client process that attaches an instance of the module DLL. The services are accessible for the client through a C-language Application Program Interface. The cryptographic services are also available in the form of a static library and as source code."
264 Lucent Technologies, Inc.
1600 Osgood St.
20-3E-15
North Andover, MA 01845
USA

-Lori Heseltine
TEL: 978-960-6827

CST Lab: NVLAP 200427-0

Access Point 600 with 10/100 Ethernet, HSSI, ATM DS3, ATM OC3/STM-1 MMF, ATM OC3/STM-1 SMF-IR, 4-Port T1/E1, ATM OC3/STM-1 SMF-LR, MSSI, Frame-Based DS3, ISDN S/T, and ISDN U
(Hardware Version 4.2 with 10/100 Ethernet (AP-PMC-01/AP-SP-PMC-01), HSSI (AP-PMC-02/AP-SP-PMC-02), ATM DS3 (AP-PMC-03/AP-SP-PMC-03), ATM OC3/STM-1 MMF (AP-PMC-04/AP-SP-PMC-04), ATM OC3/STM-1 SMF-IR (AP-PMC-05/AP-SP-PMC-05), 4-Port T1/E1 (AP-PMC-06/AP-SP-PMC-06), ATM OC3/STM-1 SMF-LR (AP-PMC-07/AP-SP-PMC-07), MSSI (AP-PMC-08/AP-SP-PMC-08), Frame-Based DS3 (AP-PMC-0D/AP-SP-PMC-0D), ISDN S/T (AP-PMC-0S/AP-SP-PMC-0S), and ISDN U (AP-PMC-0U/AP-SP-PMC-0U) Firmware Version V2.6.0.R3.IPSVCS)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 10/11/2002;
11/18/2002
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #105); SHA-1 (Cert. #94); DSA (Cert. #59); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #164); MD5; HMAC MD-5; HMAC-SHA-1; Diffie-Hellman (key agreement)

Multi-chip standalone

"The Access Point 600 is a next-generation, high performance IP services router optimized for service providers wishing to quickly introduce man-aged IP services at mid-size branch and regional enterprise customer premises locations. Access Point 600 is purpose-built to deliver IP services with multi-access routing, Quality of Service (QoS) with Class-Based Queuing (CBQ), secure Virtual Private Networks (VPN), firewall security, and policy management. And the service provider has the advantages of easy deployment to multi-size customer premises locations, and the implementation of flexible management facilities that can be both customer and/or service provider managed."
263 Communication Devices, Inc.
#1 Forstmann Court
Clifton, NJ 07011
USA

-Donald Snook
TEL: 973-772-6997
FAX: 973-772-0740

CST Lab: NVLAP 200002-0

UniGuard-V90
(Hardware Version UG-V90, Firmware Version 7.17.01)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 10/11/2002 Overall Level: 2 

-Physical Security: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #79); Triple-DES MAC

-Other algorithms: DES (Cert. #140); DES MAC

Multi-chip standalone

"Single port Triple DES encryption modem."
262 Communication Devices, Inc.
#1 Forstmann Court
Clifton, NJ 07011
USA

-Donald Snook
TEL: 973-772-6997
FAX: 973-772-0740

CST Lab: NVLAP 200002-0

UniGuard-V34
(Hardware Version UG-V34, Firmware Version 7.17.01)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 10/11/2002 Overall Level: 2 

-Physical Security: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #79); Triple-DES MAC

-Other algorithms: DES (Cert. #140); DES MAC

Multi-chip standalone

"Single port Triple DES encryption modem."
261 Pitney Bowes, Inc.
35 Waterview Drive
Shelton, CT 06484-8000
USA

-Douglas Clark
TEL: 203-924-3500
FAX: 203-924-3406

CST Lab: NVLAP 100432-0

Compliant Meter Postal Security Device
(Part number 1A00, Revisions AAA, AAB, AAC, AAD, and AAE.)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 10/11/2002;
10/21/2002;
02/20/2003;
03/07/2003
Overall Level: 3 

-Physical Security: Level 3 +EFP

-FIPS Approved algorithms: Triple-DES (Cert. #98); Triple-DES MAC; DSA (Cert. #58); SHA-1 (Cert. #86); Skipjack (Cert. #6)

-Other algorithms: DES; HMAC; RSA (PKCS#1, key exchange, vendor affirmed)

Multi-chip standalone

"The Pitney Bowes Compliant Meter Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP). It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes IBIP Metering products. The PSD has been designed to support international postal markets and their rapidly evolving requirements for digital indicia."
260 Motorola, Inc.
200 N. Center East
Suite 400
Alpharetta, GA 30022
USA

-Christopher Yasko
TEL: 770-521-5150
FAX: 770-521-8067

CST Lab: NVLAP 100432-0

Encryption Services Module
(Version 5.3)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 10/08/2002 Overall Level: 1 

-EMI/EMC: Level 3
-Key Mangement: Level 3
-Software Security: Level 3

-Operating System Security: Tested as meeting Level 1 with Microware OS-9, Version 2.2 (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #104); SHA-1 (Cert. #92)

-Other algorithms: DES ECB (Cert. #163); DES MAC (DES CBC Cert. #188); RC4

Multi-chip embedded

"The Encryption Services Module is incorporated into the operating platform software of the Accompli 009 -- the first wireless communications device to incorporate tri-band GSM and GPRS protocols, telephone functionality, Internet access, e- mail, Triple-DES encryption, WAP browser and short message service (SMS) with a full QWERTY keyboard and 256-color screen."
259 Motorola, Inc.
200 North Point Center East
Suite 400
Alpharetta, GA 30022
USA

-Alfred Adler, Ph.D.
TEL: 770-521-5128
FAX: 770-521-8066

CST Lab: NVLAP 100432-0

Encryption DLL Module
(Version 3.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 10/08/2002 Overall Level: 1 

-EMI/EMC: Level 3
-Key Management: Level 3
-Sofware Security: Level 3

-Operating System Security: Tested as meeting Level 1 with Windows NT 4.0, SP 6 (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #103); SHA-1 (Cert. #93)

-Other algorithms: DES ECB (Cert. #162); DES MAC (DES CBC Cert. #189); RC4

Multi-chip standalone

"The Encryption DLL Module is incorporated into the Motorola Messaging Server, an enterprise system for managing data between a corporate e- mail or data base system and a wireless device, and the Motorola MyMail Desktop Plus, a personal application to manage e- mail between the desktop and a wireless device."
258 Tumbleweed Communications Corp.
700 Saginaw Drive
Redwood City, CA 94063
USA

-Ken Beer
TEL: 650-216-2083

CST Lab: NVLAP 200427-0

Tumbleweed Secure Mail™ Security Kernel
(Version 5.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 10/08/2002 Overall Level: 1 

-Operating System Security: Tested as meeting Level 1 with Windows NT 4.0, SP 6 (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #70); DSA (Cert. #49); SHA-1 (Cert. #59); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #131); MD2; MD5; RC2; RC5; RSA (key exchange)

Multi-chip standalone

"The Tumbleweed Secure MailTM Application is a software products designed to allow organizations to apply content filtering and secure messaging policies on email. The Secure MailTM Application uses a shared set of cryptographic functionality called the Secure MailTM Security Kernel. The Secure MailTM Security Kernel exposes cryptographic application programming interface (API) calls to the other portions of Secure MailTM."
257 ActivCard, Inc.
6623 Dumbarton Circle
Fremont, CA 94555
USA

-Eric Le Saint
TEL: 510-574-0100
FAX: 510-574-0101

CST Lab: NVLAP 100432-0

ActivCard Applet suite on SchlumbergerSema Cyberflex Access 32K
(Hardware PN 15006436, Firmware M256EAPLP1_S1_9C_02, Softmask 7, Version 2)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 09/30/2002 Overall Level: 2 

-Physical Security: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #65); SHA-1 (Cert. #57); RSA (PKCS#1 for signaure generation, vendor affirmed)

-Other algorithms: N/A

Single-chip

"The ActivCard Applet suite is based on the SchlumbergerSema Cyberflex Access 32K smart card platform, which is Java Card V2.1.1 and Global Platform V2.0.1 compliant. The applet suite relies on the security offered by Global Platform services to allow secure post-issuance operations, such as applet instantiation, key management and security policy configuration. The external interface provided by the applet suite is compliant with the smart card interoperability specification defined by the GSA."
256 Neopost Technologies
113, rue Jean-Marin Naudin
Bagneux, 92220
France

-Thierry Le Jaoudour
TEL: +33 (0) 1 45 36 30 36

CST Lab: NVLAP 100432-0

N90i Secure Metering Moddule (SMM)
(Hardware 3000099C_FIPS, Software SH1 3800157W, SH2 3800159Y)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 09/26/2002;
10/25/2002;
10/03/2006
Overall Level: 3 

-Physical Security: Level 3 +EFP/EFT

-FIPS Approved algorithms: DSA/SHA (Cert. #39)

-Other algorithms: N/A

Multi-chip embedded

"The module provides services to an office and post room based mailing system. The systems features include hand or auto feed mail processing speeds in excess of 5000 envelopes per hour using Ink jet technology, a moistening option, scale interface, internal modem for remote recrediting and memory card for slogan and rate loading, external printer for reports."
255 Altarus Corporation
607 Herndon Pkwy
Suite 200
Herndon, VA 20170
USA

-Ludge Olivier
TEL: 703-689-2223

CST Lab: NVLAP 200416-0

Altarus Cryptographic Module
(Version 1.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 09/20/2002 Overall Level: 1 

-EMI/EMC: Level 3
-Software Security: Level 3

-Operating System Security: Tested as meeting Level 1 with MS Windows 2000 Version 5.0 with SP2

-FIPS Approved algorithms: Triple-DES (Cert. #99); SHA-1 (Cert. #88); HMAC-SHA-1 (Cert. #88, vendor affirmed)

-Other algorithms: RSA

Multi-chip standalone

"The Altarus offering provides a premier platform and rapid development tools for creating, extending, and deploying secure enterprise applications to the desktop, mobile devices, or handheld devices"
254 ITT
ITT A/CD
PO Box 3700
Ft. Wayne, IN 46801-3700
USA

-Tom Jewel
TEL: 260-451-6000

CST Lab: NVLAP 200427-0

NEXCOM MDR/MDT Interface Security Card (MMISC)
(Software Version 14.FIPS, Hardware Version 8196204-1)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 09/20/2002 Overall Level: 1 

-FIPS Approved algorithms: RSA (PKCS#1, vendor affirmed); SHA-1 (Cert. #91)

-Other algorithms: N/A

Multi-chip embedded

"Software hosted on a Single Board Computer that acts as a public key, RSA/SHA-1 - based authentication agent within the FAA's NEXCOM Multi-Mode Digital Radio."
253 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Holland
TEL: 410-931-7500
FAX: 410-931-7524

CST Lab: NVLAP 200017-0

HighAssurance™ 2000 Gateway (HA2000)
(Firmware Versions 5.00.17 and 5.00.25, Hardware Versions: 01 and 03)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 09/20/2002;
07/03/2003;
10/19/2004
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #36); DSA/SHA-1 (Cert. #5); RSA (PKCS #1, vendor affirmed)

-Other algorithms: DES (Cert. #104); DES MAC; HMAC-MD5; HMAC-SHA-1; Diffie-Hellman (key agreement)

Multi-chip standalone

"The HA2000 is a multi-chip standalone hardware-based, Virtual Private Network (VPN) box that provides authenticated, encrypted network communications. Secure, remote management is provided using the IPSec and SNMPv2 protocols. Custom hardware allows for speed and reliability along with high security and low cost."
252 Novell, Inc.
1800 South Novell Place
Provo, UT 84606
USA

-Developer Support
TEL: 801-861-7000

CST Lab: NVLAP 200002-0

Novell International Cryptographic Infrastructure (NICI)
(Version 2.2.1)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 09/20/2002;
01/22/2003;
01/31/2006
Overall Level: 2 

-Operating System Security: Tested as meeting Level 2 with Microsoft Windows NT 4.0 with SP6a, TCSEC C2-rated on a Compaq Proliant 7000 Server

-FIPS Approved algorithms: Triple-DES (Cert. #35); SHA-1 (Cert. #40); DSA/SHA-1 (Cert. #18); RSA (ANSI X9.31 for signature generation and verification, vendor affirmed)

-Other algorithms: DES (Cert. #103); RSA (encryption/decryption); MD2; MD4; MD5; RC2; RC4; RC5; CAST-128; HMAC-MD5; HMAC-SHA-1; Diffie-Hellman (key agreement)

Multi-chip standalone

"Novell International Cryptographic Infrastructure for Windows"
251 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0

SafeEnterprise™ Link Encryptor-T1 (SLE-T1) and SafeEnterprise™ Link Encryptor-E1 120ohms (SLE-E1-120)
(Firmware version 1.33, Hardware version: 16284-020-04)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 09/19/2002;
07/03/2003;
10/19/2004
Overall Level: 2 

-Physical Security: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Certs. #21 and #22)

-Other algorithms: DES (Certs. #11 and #26); Diffie-Hellman (key agreement)

Multi-chip standalone

"SLEs secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 4 Mbps over public and private data networks."
250 Lucent Technologies, Inc.
1600 Osgood St.
20-3E-15
North Andover, MA 01845
USA

-Lori Heseltine
TEL: 978-960-6827

CST Lab: NVLAP 200427-0

Access Point 300-ST, 300-M-ST, 300-2M-ST, 300-2T1E1-ST, 300-M-U, and 300-2T1E1-U
(Hardware Versions (300-M-U and 300-2T1E1-U; v1.0) (300-ST; v1.1) (300-ST, 300-M-ST, 300-2M-ST, and 300-2T1E1-ST; v3.0) Firmware Version V2.6.2.R3.IPSVCS)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 09/19/2002;
11/05/2002;
03/17/2003
Overall Level: 1 

-Roles and Services: Level 2

-FIPS Approved algorithms: Triple-DES (Cert. #105); SHA-1 (Cert. #94); DSA (Cert. #59); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #164); MD5; HMAC MD-5; HMAC-SHA-1; Diffie-Hellman (key agreement)

Multi-chip standalone

"The Access Point 300 is a next-generation, high performance IP Services router optimized for service providers wishing to quickly introduce high demand managed IP services at small to medium-sized enterprise customer premises locations."
249 Motorola, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Kirk Mathews
TEL: 847-576-4101
FAX: 847-538-2770

CST Lab: NVLAP 100432-0

ASTRO Subscriber Encryption Module
(NTN8967 and 0105956v67, Firmware Version 3.53)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 09/18/2002 Overall Level: 1 

-Roles and Services: Level 2
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #82); AES (Cert. #2)

-Other algorithms: DES (Cert. #151); DES-XL; DVI-XL; DVI-SPFL; DVP-XL

Multi-chip embedded

"Encryption modules used in Motorola Astro™ family of radios. Provides secure voice and data capabilities as well as APCO Over-the-Air- Rekeying and dvanced key management."
248 Sun Microsystems, Inc.
USCA 17-201
4170 Network Circle
Santa Clara, CA 95054
USA

-Stephen Borcich
TEL: 408-276-3964
FAX: 408-276-4952

CST Lab: NVLAP 100432-0

Network Security Services
(Software Version: 3.2.2)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 09/04/2002 Overall Level: 2 

-Operating System Security: Tested as meeting Level 2 with Solaris v8.0 with AdminSuite 3.0.1 as specified in UK IT SEC CC Report No. P148 EAL4 on a SUN SPARC Ultra-1

-FIPS Approved algorithms: Triple-DES (Cert. #72); SHA-1 (Cert. #70); DSA (Cert. #52); RSA (PKCS#1. Vendor affirmed)

-Other algorithms: DES (Cert. #133); MD2; MD5; RC2; RC4; Diffie-Hellman (key agreement)

Multi-chip standalone

"Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled applications. The Sun Microsystems, Inc., Network Security Services (NSS) module is a library that provides a series of cryptographic services to client programs. It provides support for a FIPS 140-1 compatible subset of SSL and TLS."
247 Sun Microsystems, Inc.
USCA 17-201
4170 Network Circle
Santa Clara, CA 95054
USA

-Stephen Borcich
TEL: 408-276-3964
FAX: 408-276-4952

CST Lab: NVLAP 100432-0

Network Security Services
(Software Version: 3.2.2)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 08/30/2002;
02/04/2003
Overall Level: 1 

-Roles and Services: Level 2

-Operating System Security: Tested as meeting Level 1 with Windows 98 (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #72); SHA-1 (Cert. #70); DSA (Cert. #52); RSA (PKCS#1. Vendor affirmed)

-Other algorithms: DES (Cert. #133); MD2; MD5; RC2; RC4; Diffie-Hellman (key agreement)

Multi-chip standalone

"Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled applications. The Sun Microsystems, Inc., Network Security Services (NSS) module is a library that provides a series of cryptographic services to client programs. It provides support for a FIPS 140-1 compatible subset of SSL and TLS."
246 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0

SafeEnterprise™ Link Encryptor NRZ-H (SLE NRZ-H) and SafeEnterprise™ Link Encryptor NRZ-L (SLE NRZ-L)
(Firmware Version: 1.33, Hardware Version: 16284-020-04)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 08/30/2002;
07/03/2003;
10/19/2004
Overall Level: 2 

-Physical Security: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Certs. #21 and #22); DSA/SHA-1 (Cert. #5)

-Other algorithms: DES (Certs. #11 and #26); Diffie-Hellman (key agreement)

Multi-chip standalone

"SLEs secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 4 Mbps over public and private data networks."
245 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0

SafeEnterprise™ Link Encryptor RS-232 (SLE RS-232) and SafeEnterprise™ Link Encryptor-E1 75ohms (SLE-E1-75)
(Firmware Version: 1.33, Hardware Versions: 16284-010-04 and 16284-020-04)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 08/30/2002;
07/03/2003;
10/19/2004
Overall Level: 2 

-Physical Security: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Certs. #21 and #22); DSA/SHA-1 (Cert. #5)

-Other algorithms: DES (Certs. #11 and #26); Diffie-Hellman (key agreement)

Multi-chip standalone

"SLEs secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 4 Mbps over public and private data networks."
244 3S Group Incorporated
125 Church St. NE
Vienna, VA 22180
USA

-Satpal S Sahni
TEL: 703-281-5015
FAX: 703-281-7816

CST Lab: NVLAP 200002-0

Type 2 Cryptographic Support Server (T2CSS)
([Hardware Version 1.0, Firmware Version 1.0], [Hardware Version 1.1 and Firmware Version 1.1], [Hardware Version 1.2, Firmware Version 1.2] and [Hardware Version 2.0, Firmware Version 1.2])

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 08/13/2002;
01/17/2003;
05/01/2007;
07/28/2008
Overall Level: 2 

-EMI/EMC: Level 3

-FIPS Approved algorithms: Skipjack (Cert. #5); Triple-DES (Cert. #88); DSA (Cert. #55); SHA-1 (Cert. #77); RSA (PKCS#1 for signatures, vendor affirmed)

-Other algorithms: DES (Cert. # 154); KEA (key exchange)

Multi-chip embedded

"T2CSS is a multiple cryptoprocessor PCI board and cryptographic server. Provides high assurance security services; secure session/virtual token management; scalable server performance (multiple boards); Government and commercial algorithms; FORTEZZA CI, PKCS #11, other APIs; and Windows NT/2000, Solaris and Linux support."
243 Entrust, Inc.
1000 Innovation Drive
Ottawa, Ontario K2K 3E7
Canada

-Entrust Sales

CST Lab: NVLAP 200017-0

Entrust GUTS Security Kernel 6.1
(Version 6.1)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 08/15/2002;
05/27/2003;
05/28/2014
Overall Level: 2 

-Roles and Services: Level 2*
-EMI/EMC: Level 3
-Key Management: Level 2*

-Operating System Security: Tested as meeting Level 2 with Microsoft Windows NT 4.0 with SP6a, TCSEC C2-rated on a Compaq Proliant 7000 Server

*When operated in FIPS mode

-FIPS Approved algorithms: AES (Cert. #10); Triple-DES (Cert. #6); DSA/SHA-1 (Cert. #10); RSA (FIPS 186-2 and PKCS #1, vendor affirmed); HMAC-SHA-1 (Cert. #10, vendor affirmed)

-Other algorithms: DES (Cert. #56); DES MAC; RC2; RC4; IDEA; MD5; MD2; RIPEMD-160; HMAC-MD5; HMAC-RMD160; CAST; CAST3; CAST5; Diffie-Hellman (key agreement); Ephemeral-Static Diffie-Hellman; ECDSA (non-compliant)

Multi-chip standalone

"The Kernel is a C++ class library of cryptographic functions bound together by a common object-oriented Application Programming Interface (API). Depending on the configuration and runtime environment of the Kernel, the algorithms may be implemented in software, hardware, or a combination of both. The industry standard Cryptoki API, as described in PKCS #11, is used as the internal interface to hardware-based cryptographic tokens. Decisions are made at runtime whether to perform operations via cryptoki or in software, based on a table that records the crypto capabilities of particular hardware devices. This table is built up at runtime by querying the actual token through Cryptoki."
242 Axalto Inc.
36-38 rue de la Princesse BP 45
78431 Louveciennes, France

-Francisco Alcalde
TEL: +33 1 3008 4685
FAX: +33 1 3008 4527

CST Lab: NVLAP 100432-0

Cryptoflex e-Gate 32K Smart Card
(Hardware ST19XT34, Firmware Hardmask 01 Version 01, Softmask 05 Version 01 and Hardmask 01 Version 03 and Software 05 Version 02)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 08/01/2002;
08/28/2002;
09/21/2004;
05/16/2006
Overall Level: 2 

-EMI/EMC: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #97); SHA-1 (Cert. #80); RSA (PKCS #1, vendor affirmed)

-Other algorithms: DES (Cert. #158);

Single-chip

"The Cryptoflex e-Gate card is a credit-card sized computer with a crypto-processor dedicated to security. Cryptoflex e-Gate card implements security industry functions based on public key cryptography directly onto the card, therefore eliminating the risk of sending secret data across a network. Keys and certificates for a variety of applications are stored in a single secure location, isolated from computer disks, which can fail or damaged and are susceptible to security breaches ad theft. The card provides maximum security and flexibility of system integration thanks to administrative functions such as secure key loading, on-card key generation and ciphering of imported/exported data. The Cryptoflex e- gate card incorporates, apart from the conventional ISO 7816-3 interface, also the USB interface normally resident in the smart card reader. Thus, it bridges the gulf between the public terminal infrastructure (ISO 7816-3) and the PC world (USB)."
241 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052
USA

-Dave Friant
TEL: 425-704-7984

CST Lab: NVLAP 200002-0

Kernel Mode Cryptographic Module for Windows XP
(Software Version 5.1.2600.0)

(For services provided by the FIPS-Approved algorithms listed on the reverse)

Validated to FIPS 140-1

Security Policy

Certificate

Software 08/01/2002;
10/15/2007
Overall Level: 1 

-EMI/EMC: Level 3

-Operating System Security: Tested as meeting Level 1 with Microsoft Windows XP (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #16); DSA/SHA-1 (Cert. #35); HMAC-SHA-1 (Cert. #35, vendor affirmed)

-Other algorithms: DES (Cert. #89)

Multi-chip standalone

"Microsoft Kernel Mode Cryptographic Module (FIPS.SYS) is a FIPS 140-1 Level 1 compliant, general-purpose, software-based, cryptographic module residing at the Kernel Mode level of the Windows Operating System. It runs as a kernel mode export driver (a kernel-mode DLL) and encapsulates several different cryptographic algorithms in an easy-touse cryptographic module accessible by other kernel mode drivers. It can be linked into other kernel mode services to permit the use of FIPS 140-1 Level 1 compliant cryptography."
240 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052
USA

-Dave Friant
TEL: 425-704-7984

CST Lab: NVLAP 200002-0

DSS/Diffie-Hellman Enhanced Cryptographic Provider for Windows XP
(Software Versions 5.1.2518.0 and 5.1.2600.2133)

(For services provided by the FIPS-Approved algorithms listed on the reverse)

Validated to FIPS 140-1

Security Policy

Certificate

Software 08/01/2002;
02/25/2005;
10/15/2007
Overall Level: 1 

-EMI/EMC: Level 3

-Operating System Security: Tested as meeting Level 1 with Microsoft Windows XP and XP Service Pack 2 (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #16); DSA/SHA-1 (Cert. #29)

-Other algorithms: DES (Cert. #66); RC2; RC4; MD5; DES40; Diffie-Hellman (key agreement)

Multi-chip standalone

239 Nortel Networks
80 Central Street
Boxboro, MA 01719
USA

-Jonathan Lewis
TEL: 978-264-7045 x277
FAX: 978-264-7600

CST Lab: NVLAP 200002-0

Contivity Extranet Switch 600
(Firmware version #3.61.02, Hardware version #600)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 07/24/2002 Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Certs. #29 and #53); SHA-1 (Certs. #28, #31 and #51); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Certs. #44, #48 and #101); DES MAC; MD5; HMAC (MD5 and SHA-1); 40-bit DES; RC4 (40-bit and 128-bit); Diffie-Hellman (key agreement)

Multi-chip standalone

"The Contivity 600 Extranet Switch provides up to 30 branch office or end user IPSEC tunnels with a flexible easy to manage and cost effective package. The Switch provides an optional PCI expansion slot and dual 10/100 LAN ports."
238 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Dave Friant
TEL: 425-704-7984

CST Lab: NVLAP 200427-0

Microsoft Enhanced Cryptographic Provider
(Versions 5.1.2518.0, 5.1.2600.1029 and 5.1.2600.2161)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 07/11/2002;
11/18/2002;
02/25/2005;
10/15/2007
Overall Level: 1 

-Operating System Security: Tested as meeting Level 1 with Microsoft Windows XP, XP Service Pack 1 and XP Service Pack 2 (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #81); AES (Cert. #33); SHA-1 (Cert. #83); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. #83, vendor affirmed)

-Other algorithms: DES (Cert. #156); RC2; RC4; MD5

Multi-chip standalone

"The Microsoft Enhanced Cryptographic Provider (RSAENH) is a FIPS 140-1 Level 1 compliant, general-purpose, software-based, cryptographic module. Like other cryptographic providers that ship with Microsoft Windows XP, RSAENH encapsulates several different cryptographic algorithms (including SHA-1, DES, 3DES, AES, RSA, SHA-1-based HMAC) in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-1 Level 1 compliant cryptography."
237 F-Secure Corporation
Tammasaarenkatu 7
PL 24
Helsinki, 00180
Finland

-Alexey Kirichenko
TEL: +358 9 2520 5548

CST Lab: NVLAP 200427-0

F-Secure Kernel Mode Cryptographic Driver
(Version 1.1.7)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Vendor Product Link
Software 07/15/2002;
07/31/2003;
02/09/2007
Overall Level: 1 

-Self Tests: Level 3

-Operating Environment: Tested as meeting Level 1 with Windows 2000 (SP2); Windows NT 4.0 (SP6); Windows XP

-FIPS Approved algorithms: Triple-DES (Cert. #106); AES (Cert. #3); SHA-1 (Cert. #84); HMAC-SHA-1 (Cert. #84, vendor affirmed)

-Other algorithms: DES (Cert. #165); Blowfish; CAST-128; MD5; HMAC-MD5

Multi-chip standalone

"The F-Secure Kernel Mode Cryptographic Driver is a FIPS 140-2 Level 1 validated software module, implemented as a 32-bit Windows NT/2000/XP compatible export driver. When loaded into computing system memory, it resides at the kernel mode level of the Windows OS and provides an assortment of cryptographic services that are accessible by other kernel mode drivers through a C-language Application Program Interface. The cryptographic services are also available in the form of a static library and as source code."
236 Motorola, Inc.
8220 East Roosevelt Street
Scottsdale, AZ 85257
USA

-Randy Morton
TEL: 480-441-4472
FAX: 480-441-3580

CST Lab: NVLAP 100432-0

Digital Interface Unit Crypto Module
(Firmware R01.09.00 / 81, Hardware T6721B)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 07/11/2002 Overall Level: 1 

-Roles and Services: Level 2
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #82); AES (Cert. #2)

-Other algorithms: DES (Cert. #151); DES-XL; DVI-XL; DVP-XL; HCA

Multi-chip embedded

"The DIU CM provides secure voice and Over-the-Air-Rekeying (OTAR) advanced key management for Motorola’s Digital Interface Unit (DIU). The DIU and DIU CM combine to provide these cryptographic services for Motorola’s APCO-25 compliant Astro ™ family of console and base station radio infrastructure equipment."
235 AEP Networks
Focus 31, West Wing
Cleveland Road
New Hempstead, Herts HP2 7BW
United Kingdom

-David Miller
TEL: +44 1442 458617

CST Lab: NVLAP 200017-0

Advanced Configurable Crypto Environment (ACCE)
(Firmware Versions 2.2 and 2.3, Hardware 2640-G3)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 07/11/2002;
07/22/2002;
10/04/2002;
06/05/2003;
04/21/2005
Overall Level: 4 

-FIPS Approved algorithms: Triple-DES (Certs. #24 and #25); Triple-DES MAC: SHA-1 (Cert. #38); DSA (Cert. #36); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES MAC; MD5; Diffie-Hellman (key agreement); RSA (encryption and decryption); RSA (ISO 9796 and X509)

Multi-chip embedded

"The AEP Networks Advanced Configurable Crypto Environment (ACCE) provides highly-secure cryptographic services and key storage. It is used in a range of AEP Networks and OEM products including the SureWare Keyper family."
234 Check Point Software Technologies Ltd.
9900 Belward Campus Drive
Suite 250
Rockville, MD 20850
USA

-David Ambrose
TEL: 703-628-2935

-Malcolm Levy
TEL: +972-37534561

CST Lab: NVLAP 200002-0

VPN-1 Gateway NG FP 1
(NG FP1)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 06/19/2002;
06/28/2002;
02/09/2004;
05/19/2004;
11/17/2005;
01/06/2006;
05/02/2008;
05/28/2009
Overall Level: 2 

-Operating System Security: Tested as meeting Level 2 with Microsoft Windows NT4.0 with SP6a; TCSEC C2-rated on a Compaq ProLiant 7000 Server

-FIPS Approved algorithms: Triple-DES (Cert. #80); SHA-1 (Cert. #69); RSA (PKCS #1, vendor affirmed); HMAC-SHA-1 (Cert. #69, vendor affirmed)

-Other algorithms: DES (Cert. #142); Diffie-Hellman (key agreement); AES; CAST; MD5; HMAC-MD5; FWZ; FWZ1

Multi-chip standalone

"Check Point VPN-1 Gateway Next Generation (NG) is a tightly integrated software solution combining the FireWall-1® security suite with sophisticated VPN technologies. With Check Point’s Secure Virtual Network architecture, VPN-1 Gateway NG meets the demanding requirements of Internet, intranet, and extranet VPNs by providing secure connectivity to corporate networks, remote and mobile users, satellite offices, and key partners."
233 Entrust, Inc.
1000 Innovation Drive
Ottawa, Ontario K2K 3E7
Canada

-Entrust Sales

CST Lab: NVLAP 200017-0

Entrust TruePass Applet Cryptographic Module
(Version 6.0)

(When operated in FIPS mode with FIPS validated browser services operating in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 06/19/2002;
06/28/2002;
07/18/2002;
05/28/2014
Overall Level: 1 

-Operating System Security: Tested as meeting Level 1 with Windows NT4.0 (SP3); Windows 95/98; Windows 2000 (SP2) and Netscape 4.72 (Cert. #47) or Microsoft IE 5.5 (Cert. #103) (operated in single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #69); SHA-1 (Cert. #60); RSA (PKCS #1; vendor affirmed)

-Other algorithms: DES (Cert. #130); CAST 128

Multi-chip standalone

"The module performs low level cryptographic operations – encryption, decryption and hashes – implemented in software using the high-level Java programming language. Currently, the module is imbedded into an applet as part of the TruePass product suite that allows integration of cryptographic security into web applications."
232 Proofpoint Inc.
892 Ross Drive
Sunnyvale, CA 94089
USA

-Stephen Lewis
TEL: 408-517-4710
FAX: 408-517-4711

CST Lab: NVLAP 200427-0

Sigaba Gateway
(Software version 3.0.20-FIPS)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 06/19/2002;
07/18/2002
Overall Level: 1 

-Operating System Security: Tested as meeting Level 1 with Microsoft Windows NT4 SP6 (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #94); SHA-1 (Cert. #78); DSS (Cert. #56); HMAC-SHA-1 (Cert. #78, vendor affirmed)

-Other algorithms: AES; MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"Sigaba Gateway ensures the confidentiality, integrity and authenticity of all email sent over the Internet. Sigaba Gateway resides between an organization's email server and firewall. It encrypts outbound messages and decrypts inbound messages based on organization-defined policies. It uses a key server to retrieve a unique key to individually encrypt each outgoing message and decrypt each incoming message. The Sigaba Gateway works with any authentication mechanism."
231 Fortress™ Technologies, Inc.
2 Technology Park Dr
Westford, MA 01886-3140
USA

-Certification Director
TEL: 978-923-6400
FAX: 978-923-6498

CST Lab: NVLAP 200416-0

AirFortress Wireless Security Gateway Cryptographic Module
(Versions 2.0 and 2.1)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 06/19/2002;
07/26/2002;
03/26/2010;
05/17/2013
Overall Level: 1 

-Roles and Services: Level 2
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #19); SHA-1 (Cert. #34); HMAC-SHA-1 (Cert. #34, vendor affirmed); AES (Cert. #14)

-Other algorithms: DES (Cert. #23); Diffie-Hellman (key agreement); IDEA

Multi-chip standalone

"The AirFortress™ Wireless Security Gateway is an electronic encryption module that enforces network access rights and encrypts and decrypts communication across a WLAN. Installed by the vendor onto a production-quality hardware platform and deployable on any LAN or WAN, the AF Gateway provides encryption, data integrity checking, authentication, access control, and data compression."
230 Motorola, Inc.
1301 E Algonquin Road
Schaumburg, IL 60196
USA

-Arun Victor
TEL: 847-538-5221
FAX: 847-538-2770

CST Lab: NVLAP 200002-0

KVL 3000 Plus
(Hardware Version 8482867Y02 rev. B, Software Version R3.51.06)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 06/19/2002 Overall Level: 1 

-FIPS Approved algorithms: Triple-DES (Cert. #82); AES (Cert. #2)

-Other algorithms: DES (Cert. #151); DES-XL; DVI-XL; DVP-XL; DVI-SPEL

Multi-chip standalone

"The KVL 3000 Plus is a portable key distribution device. Encryption keys can be loaded into the KVL manually through its keypad interface or transferred from a Key Management Facility through its serial interface. These keys can then be distributed to various secure communications equipment such as mobile and portable radios, base stations, zone controllers, data controllers, and other fixed network devices. The KVL also includes a PCMCIA interface for software upgrades. This version of the product supports AES in addition to other FIPS approved algorithms."
229 Motorola, Inc.
1301 E Algonquin Road
Schaumburg, IL 60196
USA

-Arun Victor
TEL: 847-538-5221
FAX: 847-538-2770

CST Lab: NVLAP 200002-0

KVL 3000 Plus
(Hardware Version 8482867Y02 rev. B, Software Version R3.51.01)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 06/19/2002 Overall Level: 1 

-FIPS Approved algorithms: Triple-DES (Cert. #82)

-Other algorithms: DES (Cert. #151); DES-XL; DVI-XL; DVP-XL; DVI-SPEL

Multi-chip standalone

"The KVL 3000 Plus is a portable key distribution device. Encryption keys can be loaded into the KVL manually through its keypad interface or transferred from a Key Management Facility through its serial interface. These keys can then be distributed to various secure communications equipment such as mobile and portable radios, base stations, zone controllers, data controllers, and other fixed network devices. The KVL also includes a PCMCIA interface for software upgrades."
228 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801-3371
USA

-Sales
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nForce 400 SCSI and nForce 150 SCSI
(Firmware version 1.77.100; Hardware versions nC3022W-400 and nC3022W-150, Build standard D)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 06/05/2002;
07/22/2002;
01/23/2004;
03/09/2006;
03/15/2006
Overall Level: 2 

-Roles and Services: Level 3*
-Key Management: Level 3*
-Module Interfaces: Level 3
-Software Security: Level 3
-Self Tests: Level 3

*When operated in FIPS mode

-FIPS Approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent

Multi-chip standalone

"The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging."
227 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801-3371
USA

-Sales
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nForce 300 PCI and nForce 150 PCI
(Firmware version 1.77.100; Hardware versions nC3022P-300 and nC3022P-150, Build standard E)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 06/05/2002;
07/22/2002;
01/23/2004;
03/09/2006;
03/15/2006
Overall Level: 2 

-Roles and Services: Level 3*
-Physical Security: Level 3
-Key Management: Level 3*
-Module Interfaces: Level 3
-Software Security: Level 3
-Self Tests: Level 3

*When operated in FIPS mode

-FIPS Approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent

Multi-chip standalone

"The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging."
226 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801-3371
USA

-Sales
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nForce 300 SCSI, nForce 150 SCSI and nForce 75 SCSI
(Firmware version 1.77.100; Hardware versions nC3021S-300, nC3021S-150 and nC3021S-75, Build standard E)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 06/05/2002;
07/22/2002;
03/09/2006;
03/15/2006
Overall Level: 2 

-Roles and Services: Level 3*
-Key Management: Level 3*
-Module Interfaces: Level 3
-Software Security: Level 3
-Self Tests: Level 3

*When operated in FIPS mode

-FIPS Approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent

Multi-chip standalone

"The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging."
225 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801-3371
USA

-Sales
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nShield 300 SCSI, nShield 150 SCSI and nShield 75 SCSI
(Firmware version 1.77.100; Hardware versions nC3031S-300, nC3031S-150 and nC3031S-75, Build standard E)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 06/05/2002;
07/22/2002;
03/09/2006;
03/15/2006
Overall Level: 3 

-Roles and Services: Level 3*
-Key Management: Level 3*

*When operated in FIPS mode

-FIPS Approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent

Multi-chip standalone

"The nCipher nShield range of tamper resistant Hardware Security Modules improves the security of cryptographic keys and increases server throughput for digital signature and encryption applications. Supporting many commercial public key infrastructure (PKI) products such as certificate authorities and on-line validation servers, the nShield family of HSMs is also used for building custom security applications requiring secure and flexible key management."
224 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801-3371
USA

-Sales
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nShield F2 PCI and nShield F2 Ultrasign PCI
(Firmware version 1.77.100; Hardware versions nC4022P-300 and nC4022P-150, Build standard E)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 06/05/2002;
07/22/2002;
01/23/2004;
03/09/2006;
03/15/2006
Overall Level: 2 

-Roles and Services: Level 3*
-Physical Security: Level 3
-Key Management: Level 3*
-Module Interfaces: Level 3
-Software Security: Level 3
-Self Tests: Level 3

*When operated in FIPS mode

-FIPS Approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent

Multi-chip standalone

"The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions."
223 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801-3371
USA

-Sales
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nShield F2 SCSI and nShield F2 Ultrasign SCSI
(Firmware version 1.77.100; Hardware versions nC4022W-400 and nC4022W-150, Build standard D)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 06/05/2002;
07/22/2002;
01/23/2004;
03/09/2006;
03/15/2006
Overall Level: 2 

-Roles and Services: Level 3*
-Key Management: Level 3*
-Module Interfaces: Level 3
-Software Security: Level 3
-Self Tests: Level 3

*When operated in FIPS mode

-FIPS Approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent

Multi-chip standalone

"The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions."
222 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801-3371
USA

-Sales
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nShield F3 PCI and nShield F3 Ultrasign PCI
(Firmware version 1.77.100; Hardware versions nC4032P-300 and nC4032P-150, Build standard E)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 06/05/2002;
07/22/2002;
01/23/2004;
03/09/2006;
03/15/2006
Overall Level: 3 

-Roles and Services: Level 3*
-Key Management: Level 3*

*When operated in FIPS mode

-FIPS Approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent

Multi-chip standalone

"The nCipher nShield "SEE Ready" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions."
221 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801-3371
USA

-Sales
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nShield F3 SCSI, nShield F3 Ultrasign SCSI and payShield
(Firmware version 1.77.100; Hardware versions nC4032W-400 and nC4032W-150, Build standard D)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 06/05/2002;
07/22/2002;
10/04/2002;
01/23/2004;
03/09/2006;
03/15/2006
Overall Level: 3 

-Roles and Services: Level 3*
-Key Management: Level 3*

*When operated in FIPS mode

-FIPS Approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent

Multi-chip standalone

"The nCipher nShield "SEE Ready" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions.

payShield meets the stringent security requirements of the online payments industry and speeds up cryptographic processing through its secure, tamper resistant hardware and dedicated cryptographic processors. In addition to generic cryptographic functions, payShield supports a number of payments specific protocols and functions which provide support for 3-D Secure, EMV and PIN processing."
220 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Randy Kun
TEL: 613-723-5077
FAX: 613-723-5078

CST Lab: NVLAP 200017-0

Luna® XPplus
(Hardware Versions: 1 and 2, Firmware Version 3.97)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 05/28/2002;
10/18/2004
Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Cert. #73); DSA (Cert. #51); SHA-1 (Cert. #64); Triple-DES MAC; RSA (ANSI X9.31, vendor affirmed)

-Other algorithms: DES (Cert. #134); DES MAC; RC2; RC4; RC5; CAST; CAST3; CAST5; CAST MAC; CAST 3 MAC; CAST 5 MAC; MD2; MD5; Diffie-Hellman (key agreement); RSA (Encryption/Decryption);

Multi-chip standalone

"Luna XPplus, Luna XL/XLR and XL/XLR Premium are cryptographic modules based on a board that is equivalent to two Luna CA3 tokens with hardware cryptographic acceleration support. The XL/XLR is configured as a Level 2 stand-alone module. The XPplus and XL/XLR Premium operate as subordinate devices in conjunction with a Luna CA3 token. Each module can support all cryptographic algorithms listed in Appendix A of the Luna XPplus, XL/XLR and XL/XLR Premium Security Policy."
219 Oberthur Card Systems
4250 Pleasant Valley Road
Chantilly, VA 20151
USA

-Antoine Kelman
TEL: 703-263-0100
FAX: 703-263-7134

CST Lab: NVLAP 200002-0

CosmopollC V4 Smart Card with ActivCard Applets
(Hardware Version: CosmpollC V4, Software Configurations CAC01-D904 and CAC02-D906)

(Certificate 219a supersedes and replaces Certificate 219)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 05/28/2002;
12/12/2002;
12/20/2002;
02/27/2004;
03/30/2004;
09/23/2005
Overall Level: 2 

-Software Security: Level 3
-EMI/EMC: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #87); SHA-1 (Cert. #75); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #148);

Single-chip

"The Oberthur Card Systems CosmopolIC product is a highly secure and powerful multi-application Java Card platform for smart card. With a better management of memory (ROM and EEPROM), it offers more space for the development of e-commerce, m-commerce, payment (Debit/ Credit), network access, pay-TV, loyalty and many other applications including WAP."
218 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Randy Kun
TEL: 613-723-5077
FAX: 613-723-5078

CST Lab: NVLAP 200017-0

Luna® XLR Premium
(Hardware Versions: LXL-002-101 and LXL-003-001, Firmware Version 3.96)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 04/30/2002;
10/18/2004
Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Cert. #73); DSA (Cert. #51); SHA-1 (Cert. #64); Triple-DES MAC; RSA (FIPS 186-2, vendor affirmed)

-Other algorithms: DES (Cert. #134); DES MAC; RC2; RC4; RC5; CAST; CAST3; CAST5; CAST MAC; CAST 3 MAC; CAST 5 MAC; MD2; MD5; Diffie-Hellman (key agreement); RSA (Encryption/Decryption);

Multi-chip standalone

"Luna® XLR Premium provides high-performance hardware-based key management and cryptographic acceleration for secure web servers, e-commerce servers and Internet-based financial systems in a 1U Rack-mount form factor. Combining the Luna® XLR with the proven Luna® CA3 cryptographic token, the Luna® XLR Premium offers the ultimate security solution for SSL transaction processing, based on the key management strength of the Luna® cryptographic engine and, at the same time, offers easily scalable improvement in system performance."
217 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Randy Kun
TEL: 613-723-5077
FAX: 613-723-5078

CST Lab: NVLAP 200017-0

Luna® XLR
(Hardware Versions: LXL-002-101 and LXL-003-001, Firmware Version 3.96)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 04/30/2002;
10/18/2004
Overall Level: 2 

-Physical Security: Level 3
-EMI/EMC: Level 3
-Software Security: Level 3
-Self Tests: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #73); DSA (Cert. #51); SHA-1 (Cert. #64); Triple-DES MAC; RSA (FIPS 186-2, vendor affirmed)

-Other algorithms: DES (Cert. #134); DES MAC; RC2; RC4; RC5; CAST; CAST3; CAST5; CAST MAC; CAST 3 MAC; CAST 5 MAC; MD2; MD5; Diffie-Hellman (key agreement); RSA (Encryption/Decryption);

Multi-chip standalone

"Luna® XLR provides high-performance hardware-based key management and cryptographic acceleration for secure web servers, e-commerce servers and Internet-based financial systems in a 1U Rack-mount form factor. Luna® XLR offers a highly secure solution for SSL transaction processing, based on the key management strength of the Luna® cryptographic engine and, at the same time, offers easily scalable improvement in system performance."
216 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Randy Kun
TEL: 613-723-5077
FAX: 613-723-5078

CST Lab: NVLAP 200017-0

Luna® XL Premium
(Hardware Version: LXP-002-101, Firmware Version 3.96)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 04/30/2002;
10/18/2004
Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Cert. #73); DSA (Cert. #51); SHA-1 (Cert. #64); Triple-DES MAC; RSA (FIPS 186-2, vendor affirmed)

-Other algorithms: DES (Cert. #134); DES MAC; RC2; RC4; RC5; CAST; CAST3; CAST5; CAST MAC; CAST 3 MAC; CAST 5 MAC; MD2; MD5; Diffie-Hellman (key agreement); RSA (Encryption/Decryption);

Multi-chip standalone

"Luna® XL Premium provides high-performance hardware-based key management and cryptographic acceleration for secure web servers, e-commerce servers and Internet-based financial systems in a desktop form factor. Combining the Luna® XL with the proven Luna® CA3 cryptographic token, the Luna® XL Premium offers the ultimate security solution for SSL transaction processing, based on the key management strength of the Luna® cryptographic engine and, at the same time, offers easily scalable improvement in system performance."
215 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Randy Kun
TEL: 613-723-5077
FAX: 613-723-5078

CST Lab: NVLAP 200017-0

Luna® XL
(Hardware Version: LXP-002-101, Firmware Version 3.96)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 04/30/2002;
10/18/2004
Overall Level: 2 

-Physical Security: Level 3
-EMI/EMC: Level 3
-Software Security: Level 3
-Self Tests: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #73); DSA (Cert. #51); SHA-1 (Cert. #64); Triple-DES MAC; RSA (FIPS 186-2, vendor affirmed)

-Other algorithms: DES (Cert. #134); DES MAC; RC2; RC4; RC5; CAST; CAST3; CAST5; CAST MAC; CAST 3 MAC; CAST 5 MAC; MD2; MD5; Diffie-Hellman (key agreement); RSA (Encryption/Decryption);

Multi-chip standalone

"Luna® XL provides high-performance hardware-based key management and cryptographic acceleration for secure web servers, e-commerce servers and Internet-based financial systems. Luna® XL offers a highly secure solution for SSL transaction processing, based on the key management strength of the Luna® cryptographic engine and, at the same time, improves system performance."
214 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Randy Kun
TEL: 613-723-5077
FAX: 613-723-5078

CST Lab: NVLAP 200017-0

Luna® CA³
(Hardware Versions: 1 and 2, Firmware Versions 3.97 and 3.102)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 04/30/2002;
04/05/2004;
10/18/2004
Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Cert. #73); DSA (Cert. #13); SHA-1 (Cert. #64); Triple-DES MAC; RSA (ANSI X9.31, vendor affirmed)

-Other algorithms: DES (Cert. #32); DES MAC; RC2; RC4; RC5; CAST; CAST3; CAST5; CAST MAC; CAST 3 MAC; CAST 5 MAC; MD2; MD5; Diffie-Hellman (key agreement); RSA (Encryption/Decryption);

Multi-chip standalone

"The Luna® CA³ token securely stores data and keying material inside its cryptographic boundary. It also performs cryptographic operations on data provided by external applications using the keying material stored in the token. These abilities are defined as key management, object management, and cryptographic capability."
213 Cryptek, Inc.
1501 Moran Road
Sterling, VA 20166
USA

-Timothy Williams
TEL: 571-434-2000
FAX: 572-434-2001

CST Lab: NVLAP 100432-0

DiamondPak
(Part Number DP600, Hardware Version 2020, Software Versions 2.1.3, 2.1.4, 2.1.4A, 2.1.6 and 2.1.6.1)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 04/16/2002;
04/16/2002;
08/08/2002;
02/25/2003;
04/08/2005
Overall Level: 1 

-Roles and Services: Level 2

-FIPS Approved algorithms: Triple-DES (Cert. #71); SHA-1 (Cert. #63)

-Other algorithms: DES (Cert. #132); Diffie-Hellman (key agreement); MD5

Multi-chip standalone

"DiamondPak™ is a rack-mounted network appliance for protecting multiple servers with each server protected by a dedicated self-protecting DiamondTEK™ security computer enforcing a single security profile."
212 Gemplus Corp. and ActivCard Inc.
Avenue du Pic de Bretagne
BP 100
Gémenos Cedex, 13881
France

-Lus Astier
TEL: +33 (0) 4 42 36 5000

-Eric Le Saint
TEL: 510-745-0100 x6211

CST Lab: NVLAP 200427-0

Gemplus GemXpresso Pro E64 PK - FIPS ICC with ActivCard Applet Suite
(Hardware Version GP92, Software Versions GXP3-FIPS, GXP3-FIPS EI15, GXP3-FIPS EI15 with single ATR, and GXP3-FIPS EI19 with new ATR and fast ATR)

Validated to FIPS 140-1

Security Policy

Certificate

Vendor Product Link
Hardware 04/10/2002;
07/26/2002;
07/15/2003;
10/30/2003;
01/19/2005
Overall Level: 2 

-Physical Security: Level 3
-EMI/EMC: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #95); SHA-1 (Cert. #82); RSA (PKCS#1; vendor affirmed)

-Other algorithms: DES (Cert. #155);

Single-chip

"The “GemXpresso Pro E64 PK – FIPS ICC with ActivCard Applet Suite” is based on a Gemplus Open OS Smart Card with 64K of EEPROM, and on platform-independent cryptographic applets developed by ActivCard. The card and applets provide authentication and digital signature cryptographic services to end-users."
211 Cisco Systems, Inc.
7025-6 Kit Creek Road
PO Box 14987
Research Triangle Park, NC 27709-4987
USA

-Global Certification Team
TEL:

CST Lab: NVLAP 200416-0

VPN 3002-8E and VPN 3002 Hardware Client
(Hardware Models 3002-8E and 3002; Firmware version: 3.1 FIPS)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 03/26/2002;
04/05/2002;
06/10/2002;
01/10/2003;
05/24/2005;
05/28/2010;
02/23/2012
Overall Level: 2 

-EMI/EMC: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. 86); DSA (Cert. #54); SHA-1 (Cert. #73); HMAC/SHA-1 (Cert. #73; vendor affirmed); RSA (PKCS#1; vendor affirmed)

-Other algorithms: DES (Cert. #147); MD5; HMAC/MD5; RC4; Diffie-Hellman (key agreement)

Multi-chip standalone

"The Cisco VPN 3002-8E Hardware Client is a small hardware appliance that operates as a client in Virtual Private Networking (VPN) environments. It combines the best features of a software client, including scalability and easy deployment, with the stability and independence of a hardware platform."
210 Cisco Systems, Inc.
7025-6 Kit Creek Road
PO Box 14987
Research Triangle Park, NC 27709-4987
USA

-Global Certification Team
TEL:

CST Lab: NVLAP 200416-0

VPN 3000 Concentrator Series
(Hardware models: 3005, 3015, 3030, 3060, 3080, Firmware version: 3.1 FIPS)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 03/26/2002;
01/10/2003;
05/24/2005;
05/28/2010;
02/23/2012
Overall Level: 2 

-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Certs. #32 and #86); DSA/SHA-1 (Cert. #38); DSA (Cert. #54); SHA-1 (Cert. #73); RSA (PKCS#1; vendor affirmed); HMAC SHA-1 (Cert. #73; vendor affirmed)

-Other algorithms: DES (Certs. #100 and #147); MD5; HMAC/MD5; RC4; Diffie-Hellman (key agreement)

Multi-chip standalone

"The Cisco VPN 3000 Concentrator Series is a family of purpose-built, remote access Virtual Private Network (VPN) platforms and client software that incorporates high availability, high performance and scalability with the most advanced encryption and authentication techniques available today."
209 WinMagic Incorporated
200 Matheson Blvd W.
Suite 201
Mississauga, Ontario L5R 3L7
Canada

-Thi Nguyen-Huu
TEL: 905-502-7000

CST Lab: NVLAP 200017-0

SecureDoc® Cryptographic Engine
(Version 3.2)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 03/26/2002;
04/04/2002;
05/08/2002;
07/02/2007
Overall Level: 2 

-Roles and Services: Level 3

-Operating System Security: Tested as meeting Level 2 with Microsoft Windows NT 4.0 with SP6a, TCSEC C2-rated on a Compaq Professional Workstation 5100

-FIPS Approved algorithms: Triple-DES (Cert. #7); SHA-1 (Cert. #76); AES (Cert. #1); Triple-DES MAC

-Other algorithms: DES (Cert. #87); DES MAC; RIPEMD 160; AES MAC

Multi-chip standalone

"SecureDoc® Cryptographic kernel used in all of WinMagic’s SecureDoc® cryptographic products including the Disk Encryption application and the Central Database administration facility."
208 Check Point Software Technologies Ltd.
9900 Belward Campus Drive
Suite 250
Rockville, MD 20850
USA

-David Ambrose
TEL: 703-628-2935

-Malcolm Levy
TEL: +972-37534561

CST Lab: NVLAP 200002-0

Pointsec 4.1
(Software version 4.1)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 03/21/2002;
03/28/2002;
06/18/2003;
04/29/2008;
05/28/2009
Overall Level: 1 

-Operating System Security: Tested as meeting Level 1 with Microsoft Windows 2000, Windows 95 and NT Server/Workstation 4.0 (SP6a)

-FIPS Approved algorithms: Triple-DES (Cert. #85)

-Other algorithms: DES (Cert. #146); BLOWFISH; AES; CAST

Multi-chip standalone

"Pointsec version 4.1 employs hard disk encryption to guarantee that no users can access or manipulate information on an encrypted device, either from available files, erased files, or temporary files. Pointsec version 4.1 safeguards the operating system and the important system files (which often contain clues to passwords for Windows), shared devices, and the network."
207 Motorola, Inc.
8220 E. Roosevelt St.
Scottsdale, AZ 85257
USA

-Randy Morton
TEL: 480-441-4472
FAX: 480-441-3580

CST Lab: NVLAP 100432-0

Key Management Facility Crypto Card (KMF CC)
(Hardware Issue O, Software Version R01.06)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 03/01/2002 Overall Level: 1 

-EMI/EMC: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #82)

-Other algorithms: DES (Cert. #151); DES-XL; DVI-XL; DVP-XL; HCA

Multi-chip embedded

"The KMF CC provides encryption and decryption services for secure key management and Over-the-Air-Rekeying (OTAR) for Motorola’s Key Management Facility (KMF). The KMF and KMF CC combine to provide these cryptographic services for Motorola’s APCO-25 compliant Astro ™ radio systems."
206 Axalto Inc.
36-38 rue de la Princesse BP 45
78431 Louveciennes, France

-Francisco Alcalde
TEL: +33 1 3008 4685
FAX: +33 1 3008 4527

CST Lab: NVLAP 100432-0

Cryptoflex 8K Smart Card
(Hardware ST19CF68 revision B, Firmware v2)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 02/27/2002;
09/21/2004
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #67); SHA-1 (Cert. #61)

-Other algorithms: RSA (non-compliant)

Single-chip

"Cryptoflex is a credit-card sized computer with a crypto-processor dedicated to security. Cryptoflex implements security industry functions based on public key cryptography directly onto the card, therefore eliminating the risk of sending secret data across a network. Keys and certificates for a variety of applications are stored in a single secure location, isolated from computer disks, which can fail or damaged and are susceptible to security breaches ad theft."
205 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0

Cylink ATM Encryptor
(Hardware Versions 3.0 and 3.1, Cylink ATM Encryptor Models: 450-002-001, 450-002-002, 450-002-003, 450-002-004, 450-002-005, 450-002-006, 450-002-007, 450-003-001, 450-003-002, 450-003-003, 450-003-004, 450-003-005, 450-003-006, 450-003-007, 450-003-008 and 450-003-009, Firmware Versions 4.0 and 4.1)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 01/31/2002;
02/01/2002;
06/17/2002;
12/04/2003;
10/18/2004
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #15); DSA/SHA-1 (Cert. #14)

-Other algorithms: Diffie-Hellman (key agreement)

Multi-chip standalone

"The Cylink ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The Cylink ATM Encryptor can be centrally controlled or managed across multiple remote stations using Cylink's PrivaCy Manager®, an SNMP-based security management system."
204 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0

SafeEnterprise™ Frame Encryptor II (SFE II)
(Firmware Version 4.08, Hardware Version 16326-06(6B) and Firmware Version 4.09, Hardware Version 16826-06(2C))

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 01/31/2002;
04/11/2002;
07/18/2002;
12/17/2002;
12/27/2002;
07/03/2003;
10/19/2004
Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Certs. #5 and #22); DSS (Cert. #57); SHA-1 (Cert. #81)

-Other algorithms: Diffie-Hellman (key agreement)

Multi-chip standalone

"The SFE protects information flowing between nodes or sites of a frame relay network. It can be con-figured to either allow or disallow information flow between two frame relay nodes. Furthermore, the information flow can be either protected through encryption or passed without encryption. The SFE II supports Full-Duplex throughput of up to 4 Mbps and 1022 active secure connections."
203 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Glenn Constable
TEL: 919-462-1900 x212
FAX: 919-462-1933

CST Lab: NVLAP 200017-0

SafeEnterprise™ Frame Encryptor-L (SFE-L) and SafeEnterprise™ Frame Encryptor-H (SFE-H)
(Firmware Version 4.08, Hardware Version 4B & 5B)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 01/31/2002;
04/11/2002;
07/18/2002;
07/03/2003;
10/19/2004
Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Certs. #21 and #22); DSS (Cert. #57); SHA-1 (Cert. #81)

-Other algorithms: DES (Certs. #11 and #20); Diffie-Hellman (key agreement)

Multi-chip standalone

"The SFE protects information flowing between nodes or sites of a frame relay network. It can be configured to either allow or disallow information flow between two frame relay nodes. Furthermore, the information flow can be either protected through encryption or passed without encryption. The SFE-L supports Full-Duplex throughput of 256 Kbps traffic and 32 active secure connections.The SFE-H supports Full-Duplex throughput of 8 Mbps and 1022 active secure connections."
202 PrivyLink Pte Ltd.
77 Science Park Drive
#02-05/07
CINTECH III
Singapore Science Park 1, 118254
Singapore

-Daphne Tng
TEL: (65) 882-0700
FAX: (65) 872-5490

CST Lab: NVLAP 100432-0

TrustField™ Cryptographic Key Server, CKS Model 2000-J
(Version T2000, Hardware Version 2A, Firmware Version 2.0)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 01/25/2002 Overall Level: 3 

-Self Tests: Level 4

-FIPS Approved algorithms: Triple-DES (Cert. #62); ShA-1 (Cert. #53); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #123);

Multi-chip standalone

"TrustField™ Cryptographic Key Server (CKS) is a hardware security solution that offers a tamper-resistant environment for highly sensitive e-commerce transaction processing. It adds hardware-based security functionality to Internet, Intranet, Extranet, and enterprise applications such as Banking, e-Banking, Public Key Management for e-Commerce, and Secure e-Transaction."
201 Neopost Online, Inc.
3400 Bridge Parkway
Suite 201
Redwood City, CA 94065
USA

-Chandra Shah
TEL: 650-620-3600

CST Lab: NVLAP 200002-0

PROmail II
(Simply Postage III)

(Hardware Version: FAB 7480079; Software Version: 85)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 01/25/2002 Overall Level: 3 

-Physical Secuirty: Level 3 +EFT

-FIPS Approved algorithms: DSA/SHA-1 (Cert. #39)

-Other algorithms: N/A

Multi-chip embedded

"The Promail II is an electronic device developed by Neopost Online that stores revenue and dispenses it to a host computer, such as a PC compatible, under control and direction of a Neopost Online customer. The Promail II attaches to and communicates with the host computer via either a serial or USB interface. The revenue is dispensed from the Promail II in the form of a digitally signed indicium, a unique bit pattern that can be determined to have originated from a particular device at a particular point in time."


Need Assistance?