CMVP Main Page

Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules
1995-1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014,
All

Last Update: 6/26/2014

It is important to note that the items on this list are cryptographic modules. A module may either be an embedded component of a product or application, or a complete product in-and-of-itself. If the cryptographic module is a component of a larger product or application, one should contact the product or application vendor in order to determine how the product utilizes the embedded validated cryptographic module. There may be a larger number of security products or applications available which use an embedded validated cryptographic module, than the number of modules which are found in this list. In addition, other vendors, who are not found in this list, may incorporate a validated cryptographic module from this list embedded into their own products.

When selecting a module from a vendor, verify that the module is either the product or application itself (e.g. VPN, SmartCard, USB memory token, etc.) or the module is embedded in a larger product or application (e.g. toolkit, etc.). If the module is embedded in a product or application, ask the product or application vendor to provide a signed letter or statement affirming that the unmodified validated cryptographic module is integrated in the solution; the module provides all the cryptographic services in the solution; and provide reference to the modules validation certificate number from this listing.

NOTE1: Module descriptions are provided by the module vendors and have not been verified for accuracy by the CMVP. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-Approved mode. The algorithms, protocols, and cryptographic functions listed as "other algorithms" (e.g. allowed or non-FIPS-Approved algorithms) have not been tested through the CMVP.

NOTE2: The operator of a cryptographic module is responsible for ensuring that the algorithms and key lengths are in compliance with the requirements of NIST SP 800-131A.

NOTE3: All questions regarding the implementation and/or use of any module located on the CMVP module validation lists should first be directed to the appropriate vendor point-of-contact (listed for each entry).

Please contact the CMVP if any errors are discovered or comments with suggestions for improvement of the validation listings.

Cert# Vendor / CST Lab Cryptographic Module
Module
Type
Val.
Date
Level / Description
372 Giesecke & Devrient
45925 Horseshoe Drive
Dulles, VA 20166
USA

-Michael Poitner
TEL: 650-312-1241
FAX: 650-312-8129

-Jatin Deshpande
TEL: 650-312-8047
FAX: 650-312-8129

CST Lab: NVLAP 200002-0

STARCOS SPK 2.4 CHIP
(Hardware P8WE 5032 M5.1, Software CP5WxSPKI24-01-3-S_V0330)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 12/29/2003;
03/19/2008
Overall Level: 1 

-Roles, Services, and Authentication: Level 2
-Design Assurance: Level 2

-FIPS Approved algorithms: Triple-DES (Cert. #154); SHA-1 (Cert. #137); Triple-DES MAC (Cert. #154, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #200); DES MAC (Cert. #200, vendor affirmed)

Single-chip

"Giesecke & Devrient (G&D) Smart Card Chip Operating System Standard Version with Public Key Extension 2.4 (STARCOS SPK 2.4) is a scaleable multi-application operating system for smart cards and provides functionality that is necessary for public key infrastructure."
371 Giesecke & Devrient
45925 Horseshoe Drive
Dulles, VA 20166
USA

-Michael Poitner
TEL: 650-312-1241
FAX: 650-312-8129

-Jatin Deshpande
TEL: 650-312-8047
FAX: 650-312-8129

CST Lab: NVLAP 200002-0

STARCOS SPK 2.4 in ID-1 Module
(Hardware P8WE 5032 M5.1, Software CP5WxSPKI24-01-3-S_V0330)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 12/29/2003;
03/19/2008
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #154); SHA-1 (Cert. #137); Triple-DES MAC (Cert. #154, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #200); DES MAC (Cert. #200, vendor affirmed)

Single-chip

"Giesecke & Devrient (G&D) Smart Card Chip Operating System Standard Version with Public Key Extension 2.4 (STARCOS SPK 2.4) is a scaleable multi-application operating system for smart cards and provides functionality that is necessary for public key infrastructure."
370 TECTIA Corporation
Kumpulantie 3
Helsinki, FI-00520
Finland

-Nicolas Gabriel-Robez
TEL: +358 20 500 7000
FAX: +358 20 500 7001

CST Lab: NVLAP 200583-0

SSH Cryptographic Library
(Software Version 1.2.0)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Software 12/24/2003;
09/03/2004;
09/21/2004:
03/03/2006;
03/06/2007;
07/30/2010
Overall Level: 1 

-EMI/EMC: Level 3
-Self-Tests: Level 4

-Operational Environment: Tested as meeting Level 1 with Windows XP, Solaris 8, AIX 4.3.3, HP-UX 11i (single user mode)

-FIPS Approved algorithms: AES (Cert. #52); Triple-DES (Cert. #162); DSA (Cert. #82); RSA (PKCS#1, vendor affirmed); SHA-1 (Cert. #145); HMAC-SHA-1 (Cert. #145, vendor affirmed)

-Other algorithms: DES (Cert. #207); MD5; SHA-256; HMAC-MD5; HMAC-SHA-1 96; CAST-128; Blowfish; Twofish; Arcfour; Diffie-Hellman (key agreement)

Multi-chip standalone

"The SSH Cryptographic Library is a standards-based shared library providing FIPS 140-2 certified cryptographic services for SSH Communications Security's security products. The library provides a rich API and a comprehensive set of state-of-the-art algorithms including AES, 3DES, SHA-1, HMAC, RSA and DSA."
369 SPYRUS, Inc.
2355 Oakland Road
Suite 1
San Jose, CA 95131
USA

-Tom Dickens
TEL: 408-953-0700
FAX: 408-953-9835

CST Lab: NVLAP 100432-0

Rosetta CSI sToken
(Software Versions 4.2.2.0 and 4.2.2.1)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Software 12/24/2003;
10/14/2004
Overall Level: 1 

-Roles, Services, and Authentication: Level 2
-EMI/EMC: Level 3
-Design Assurace: Level 3

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows 2000

-FIPS Approved algorithms: Skipjack (Cert. #12); DSA (Cert. #87); SHA-1 (Cert. #162)

-Other algorithms: DES (Cert #78); DES MAC (Cert #78, vendor affirmed); RC2; RSA (non-compliant); MD5; HMAC-SHA-1 (Cert #162, vendor-affirmed); KEA (key agreement); Triple-DES (Cert #179; non-compliant)

Multi-chip standalone

"The Rosetta CSI sToken is a software cryptographic token providing digital signature and encryption services in a PC environment. The Rosetta sToken provides for ease of use, deployment and the assurance provided through independent third party security validation."
368 Entrust, Inc.
One Hanover Park
16633 Dallas Parkway
Suite 800
Addison, TX 75001
USA

-Entrust Sales

CST Lab: NVLAP 200017-0

Entrust Authority™ Security Toolkit for C++
(Software Version 6.2)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Software 12/16/2003;
05/28/2014
Overall Level: 1 

-EMI/EMC: Level 3

-Operational Environment: Tested as meeting Level 1 with Windows XP, SP1a; Windows 2000, SP3; and Windows NT 4.0, SP 6a (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #6); Triple-DES MAC (Cert. #6, vendor affirmed); AES (Cert #59); DSA/SHA-1 (Cert #10); HMAC-SHA-1 (Cert #10, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert #56); DES MAC (Cert #56, vendor affirmed); CAST; CAST3; CAST5; IDEA; RC2; RC4; HMAC-MD5; HMAC-RIPEMD-160; CAST MAC; CAST3 MAC; CAST5 MAC; IDEA MAC; RC2 MAC; RC4 MAC; AES MAC; MD2; MD5; RIPEMD-160; SHA-256; DDiffie-Hellman (key agreement); SPEKE; ECDSA (non-compliant)

Multi-chip standalone

"The Kernel is a C++ class library of cryptographic functions bound together by a common object-oriented Application Programming Interface (API). Depending on the configuration and the runtime environment of the Kernel, the algorithms may be implemented in software, hardware, or a combination of both. The industry standard Cryptoki API, as described in PCKS #11, is used as the internal interface to hardware-based cryptographic tokens. Decisions are made at runtime whether to perform operations via cryptoki or in software, based on a table that records the crypto capabilities of particlular hardware devices. This table is built up at runtime by querying the actual token through Cryptoki."
367 3e Technologies International, Inc.
700 King Farm Blvd.
Suite 600
Rockville, MD 20850
USA

-Ryon Coleman
TEL: 301-944-1403

CST Lab: NVLAP 200427-0

3e-010F Cryptographic Client Software and 3e-010F-C Cryptographic Client Software for Intel® PRO/Wireless 2200BG Network Connection and Intel® PRO/Wireless 2915ABG Network Connection
(3e-010f: Software Versions 2.0, 2.01, and 2.04, and 3e-010F-C: Version 1.0 Build 14)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Software 12/16/2003;
01/20/2004;
01/29/2004;
05/25/2004;
05/27/2004;
11/04/2004;
11/18/2004
Overall Level: 1 

-EMI/EMC: Level 3

-Operational Environment: Tested as meeting Level 1 with Windows 2000, Windows XP, Windows NT 4.0 with Service Pack 6, Windows CE 3.0, and PocketPC 2003 (single user mode)

-FIPS Approved algorithms: Triple-DES (Certs. #136 and #161); AES (Cert. #27); SHA-1 (Cert. #140); HMAC-SHA-1 (Cert. #140, vendlor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: N/A

Multi-chip standalone

"The 3e-010f Crypto Client Software provides advanced wireless RF data security with AES/3DES encryption plus Dynamic Key generation plus session protection. The advanced security options include the standards as established by FIPS-140-2 -- the Federal Information Processing Standards mandated by the US Department of Defense for use in wireless environments."
366 M/A Com, Inc.
221 Jefferson Ridge Parkway
Lynchburg, VA 24501
USA

-Stefan Backstrom
TEL: 434-455-6600
FAX: 434-455-6851

CST Lab: NVLAP 200002-0

EDACS ProVoice Orion System/Scan Mobile Two-Way FM Radios 806 - 870 MHz
(Hardware Version No's. D28LPXE and D28MPXE, Firmware Version No. LZY213773/91 Rev 43A)

Revoked
DES Transition Ended

Security Policy

Certificate

Hardware 12/16/2003;
01/23/2004
Overall Level: 1 

-FIPS Approved algorithms:

-Other algorithms: DES (Cert. #218)

Multi-chip standalone

"The EDACS ProVoice Orion Mobile with FIPS 140-2 security level 1 validation provides digital voice for conventional and trunked communication environments. The Orion also allows for system and scan front mounting."
365 Neopost Technologies
113, rue Jean-Marin Naudin
Bagneux, 92220
France

-Thierry Le Jaoudour
TEL: +33 (0) 1 45 36 30 36

CST Lab: NVLAP 100432-0

Neopostage PSD Module
(Hardware P/N 04K9131, Software Version 1.0.0.0)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 12/16/2003;
10/03/2006;
01/01/2014
Overall Level: 3 

-Physical Security: Level 4

-FIPS Approved algorithms: Triple-DES (Cert. #124); SHA-1 (Cert. #107); DSA (Cert. #68); RSA (ANSI X9.31, vendor affirmed)

-Other algorithms: DES (Cert. #178); DSA (Cert. #84; non-compliant)

Multi-chip embedded

"The Neopostage Postal Security Device (PSD) Module functions as a software-based PSD that utilizes hardware-based cryptographic modules for securely managing and dispensing money and indicia via encryption and digital signature techniques. The module is ideally suited to Internet and high-volume mailing based applications requiring high-speed cryptographic functions. The module is designed to meet the applicable United States Postal Service Information-Based Indicium Program (USPS IBIP) specifications for postage meters."
364 RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

CST Lab: NVLAP 200427-0

RSA BSAFE Crypto-C ME Toolkit
(Software 1.7.2)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Software 12/09/2003;
04/07/2004;
10/01/2004;
01/04/2008;
10/16/2008;
09/07/2010;
03/28/2011;
01/24/2013
Overall Level: 1 

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows 2000, RedHat Linux 7.1, Sun Solaris 8 (5.8), and Pocket PC 2002 (single user mode)

-FIPS Approved algorithms: DSA (Cert. #72); Triple-DES (Cert. #135); AES (Cert. #26); SHA-1 (Cert. #121); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. #121, vendor affirmed)

-Other algorithms: DES (Cert. #186); SHA-2 (256, 384; 512); MD2; MD5; HMAC-MD5; RC2; RC4; RC5; Diffie-Hellman (key agreement); DSA (key sizes: 1032 to 4096 bits)

Multi-chip standalone

"The Crypto-C ME Module is RSA Security, Inc.'s cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors while offering great flexibility and choice by allowing developers to select only the algorithms needed in reduced code sizes. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the high-performing RC5, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more."
363 IBM® Corporation
Saeumerstrasse 4
Rueschlikon, CH 8803
Switzerland

-Michael Osborne
TEL: +41 1 724 8458

CST Lab: NVLAP 200427-0

JCOP21id 32K
(Hardware version: P8WE5033AEV/034188i, Firmware version: Mask 20, Applet Version 1.0)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 11/26/2003 Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Cert.# 150); AES (Cert. # 44); SHA-1 (Cert.# 135); RSA (PKCS#1, vendor affirmed); Triple-DES MAC (Cert.#150, vendor affirmed)

-Other algorithms: DES (Cert.# 197); DES MAC (Cert. #197, vendor affirmed); AES MAC

Single-chip

"The JCOP21id is IBM's multi-application smart card, designed to the Java Card v2.1.1 and Global Platform v2.0.1 specifications. The smart card features IBM's PKCS#15 applet which provides standardized high-level security services including, 2048 bit key generation, DES, 3DES, SHA-1, RSA and AES. Additional features include biometric extensions as defined by the Java Card Forum and DAP/mandated DAP security for post issuance applets."
362 RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Darren Dupre
TEL: 781-515-5000
FAX: 781-515-5010

CST Lab: NVLAP 100432-0

RSA Applets on the Schlumberger Cyberflex Access 64k Platform
(Hardware P/N M512LACC1, Firmware Versions: HardMask 5 V1 & SoftMask 2 V1, Applet Versions: ID Applet 00 01.00 09, GC Applet 00 01.00 09, PKI Applet 00 01.00 09)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 11/20/2003;
10/16/2008;
09/07/2010
Overall Level: 2 

-Physical Security: Level 3
-EMI/EMC: Level 3
-Design Assurance: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #125); Triple-DES MAC (Cert. #125, vendor affirmed); SHA-1 (Cert. #108); RSA (PKCS #1, vendor affirmed)

-Other algorithms: DES (Cert. #179); DES MAC (Cert. #179, vendor affirmed)

Single-chip

"The RSA Applets on the Schlumberger Cyberflex Access 64k Platform module provides authentication, key generation and use, and secure data storage on a mobile platform. The module conforms to JavaCard 2.1.1, OpenPlatform 2.0.1, and GSC/IS 2.0. The module allows end-users to securely store certificates, key pairs, and passwords for authentication, public-key and single sign-on applications."
361 Francotyp-Postalia
Triftweg 21-26
D-16547 Birkenwerder Germany

-Dirk Rosenau
TEL: +49 3303 525 616
FAX: +49 3303 525 609

CST Lab: NVLAP 100432-0

Revenector
(Hardware P/N 58.0036.0001.00/05 and 58.0036.0006.00/02, Firmware Version 3.22)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 11/20/2003 Overall Level: 3 

-FIPS Approved algorithms: RSA (PKCS #1, vendor affirmed); SHA-1 (Cert. # 158)

-Other algorithms: N/A

Multi-chip embedded

"Revenector is an embedded security device that can enhance the security of various kinds of appliances and computerized devices. The hardware of Revenector is designed to protect critical security parameters as well as application specific revenues. Its firmware enables hosting systems to load or update signed application specific firmware."
360 Research in Motion Ltd.
295 Phillip Street
Waterloo, Ontario N2L 3W8
Canada

-Government Certifications Team
TEL: 519-888-7465 x2921
FAX: 519-886-4839

CST Lab: NVLAP 200017-0

BlackBerry® Cryptographic Kernel
(Firmware Versions: 3.6.1, 3.7, and 3.7.1)

Validated to FIPS 140-2

Security Policy

Certificate

Firmware 11/20/2003;
04/29/2004;
08/24/2005
Overall Level: 1 

-Design Assurance: Level 3
-Self Tests: Level 4
-Tested: BlackBerry® 5810 with the BlackBerry® OS, Version 3.6.1, 3.7 and 3.7.1

-FIPS Approved algorithms: Triple-DES (Cert. #167); SHA-1 (Cert. #147); HMAC-SHA-1 (Cert. #147, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: N/A

Multi-chip standalone

"BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-toend solution. The BlackBerry® Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry®."
359 Mitsubishi Electric Corporation
5-1-1 Ofuna
Kamakura, 247-8501
Japan

-Tetsuo Nakakawaji
TEL: +81 0467 41 2186

CST Lab: NVLAP 200556-0

TurboMISTY
(Firmware v2.1.3, Hardware v1.01)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 11/20/2003 Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Cert. # 131); SHA-1 (Cert. #116); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #182); MD5; MISTY1

Multi-chip embedded

"PCI Encryption Accelerator Card"
358 Fortress™ Technologies, Inc.
2 Technology Park Dr
Westford, MA 01886-3140
USA

-Certification Director
TEL: 978-923-6400
FAX: 978-923-6498

CST Lab: NVLAP 200416-0

AirFortress™ Client Cryptographic Module
(Version 2.4.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 11/20/2003;
03/26/2010;
05/17/2013
Overall Level: 1 

-Software Security: Level 3
-Roles and Services: Level 2

-Operational Environment: Tested as meeting Level 1 with Windows XP Pro SP1; Windows 2000 SP2; Windows NT 4.0 SP2; Windows 98 2nd edition; Windows CE 3.0; PalmOS 4.1; MS DOS 6.20 (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #19); SHA-1 (Cert. #34); AES (Cert. #14); HMAC-SHA-1 (Cert. #34, vendor affirmed)

-Other algorithms: DES (Cert. #23); Diffie-Hellman (key agreement)

Multi-chip standalone

"The AirFortress™ Secure Client is a software module designed to deliver security on wireless devices such as bar scanners, handhelds, and laptops using various operating systems. A plug-and-play solution, the Client encrypts and decrypts communication across the WLAN and protects the device against attacks without user intervention."
357 Research In Motion Ltd.
295 Phillip Street
Waterloo, Ontario N2L 3W8
Canada

-Government Certifications Team
TEL: 519-888-7465 x2921
FAX: 519-886-4839

CST Lab: NVLAP 200017-0

BlackBerry® Cryptographic Kernel
(Firmware Version: 3.6)

Validated to FIPS 140-2

Security Policy

Certificate

Firmware 11/20/2003;
04/29/2004;
08/24/2005
Overall Level: 1 

-Self Tests: Level 4
-Design Assurance: Level 3

-Tested: BlackBerry® 5810 with BlackBerry® OS, Version 3.6.0

-FIPS Approved algorithms: Triple-DES (Cert. #167); SHA-1 (Cert. #147); HMAC-SHA-1 (Cert. #147, vendor affirmed); RSA (PKCS #1, vendor affirmed)

-Other algorithms: N/A

Multi-chip standalone

"BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-toend solution. The BlackBerry® Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry®."
356 IBM® Corporation
Seaumerstrasse 4
Rueschlikon, CH 8803
Switzerland

-Michael Osoborne
TEL: +41 1 724 8458
FAX: +41 1 724 8953

CST Lab: NVLAP 200427-0

IBM® CryptoLite in C
(Software Version 3.0 (FIPS 140/Prod))

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Software 11/20/2003 Overall Level: 1 

-Operational Environment: Tested as meeting Level 1 with Windows 2000 Professional with SP3; Red Hat Linux 8.0 (single user mode)

-FIPS Approved algorithms: SHA-1 (Cert. #163); Triple-DES (Cert. #180); AES (Cert. #70); DSA (Cert. #88); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. #163, vendor affirmed)

-Other algorithms: DES (Cert. #220); MD2; MD5; RC2; RC4; RC6; MDC-1; MDC-2; MDC-4; Unix_crypt; Blowfish; SHA-256; SHA-384; SHA-512; Diffie-Hellman (key agreement)

Multi-chip standalone

"IBM CryptoLite is a C software package providing advanced cryptographic services in a very small footprint. CryptoLite supports public key encryption, digital signatures, symmetric ciphers, hash functions, message authentication codes, and other cryptographic algorithms through a simple programming interface. There are no runtime dependencies and the code has been optimized for high performance."
355 3e Technologies International, Inc.
700 King Farm Blvd.
Suite 600
Rockville, MD 20850
USA

-Ryon Coleman
TEL: 301-944-1403

CST Lab: NVLAP 200427-0

3e-521NP, 3e-522FIPS and 3e-530NP Wireless Gateways
(Hardware P/Ns 3e-521NP, 3e-522FIPS and 3e-530NP, Firmware Version 2.0)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 10/27/2003 Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Certs. #136 and #161); AES (Cert. #27); SHA-1 (Cert. #140); HMAC-SHA-1 (Cert. #140, vendor affirmed)

-Other algorithms: RSA (PKCS#1, decryption, vendor affirmed); Diffie-Hellman (key agreement)

Multi-chip standalone

"The 3e family of Secure Wireless Gateways implements a cryptographic suite including AES, 3DES, SHA-1, HMAC SHA-1, Diffie-Hellman, and HTTPS/TLS. These algorithms are used in combination to protect the main Gateway services of bridging from wired uplink LAN to the wireless LAN, NAT routing from the wired uplink LAN to the wireless LAN, and DHCP service to the local LAN allowing a wired local LAN to exist over the local wireless LAN interface."
354 IBM® Corporation
Seaumerstrasse 4
Rueschlikon, CH 8803
Switzerland

-Michael Osoborne
TEL: +41 1 724 8458
FAX: +41 1 724 8953

CST Lab: NVLAP 200427-0

IBM CryptoLite in Java
(Software Version 3.0)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Software 10/27/2003 Overall Level: 1 

-Operational Environment: Tested as meeting Level 1 with Windows 2000 Professional with service pack 3 (JRE 1.3.1_03), Sun Solaris 5.8 (JRE 1.3.1), AIX 5.2 (JRE 1.3.1) (single user mode)

-FIPS Approved algorithms: SHA-1 (Cert. #148); Triple-DES (Cert. #163); AES (Cert.#53); DSA (Cert. #83); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1(Cert. #148, vendor affirmed)

-Other algorithms: DES (Cert. #208); MD2; MD5; RC2; RC4; RC6; MDC-1; MDC-2, MDC-4; Unix_crypt; Blowfish; SHA-256; SHA-384; SHA-512; Diffie-Hellman (key agreement); RSA (encryption/decryption)

Multi-chip standalone

"IBM CryptoLite is a 100% Java software package providing advanced cryptographic services in a very small footprint. CryptoLite supports public key encryption, digital signatures, symmetric ciphers, hash functions, message authentication codes, and other cryptographic algorithms through a simple programming interface. There are no runtime dependencies and the code has been optimized for high performance. It runs on JDK 1.1 or higher."
353 Fortress™ Technologies, Inc.
2 Technology Park Dr
Westford, MA 01886-3140
USA

-Certification Director
TEL: 978-923-6400
FAX: 978-923-6498

CST Lab: NVLAP 200416-0

NetFortress™ Cryptographic Kernel
(Standard Mode and Segemented Mode, Software Version 4.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 10/27/2003;
03/26/2010;
05/17/2013
Overall Level: 1 

-Roles and Services: Level 2
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #19); SHA-1 (Cert. #34)

-Other algorithms: DES (Cert. #23); Diffie-Hellman (key agreement); IDEA

Multi-chip standalone

"The NetFortress™ Cryptographic Kernel secures private communications among corporate divisions, branch offices, and mobile users. Installed by the vendor onto a production-quality hardware platform and deployable on any LAN or WAN, the NF Crypto Kernel provides encryption, data integrity checking, authentication, access control, data compression, and firewall capabilities; it is IPSec compliant."
352 Neopost Technologies
113, rue Jean-Marin Naudin
Bagneux, 92220
France

-Thierry Le Jaoudour
TEL: +33 (0) 1 45 36 30 36

CST Lab: NVLAP 200002-0

NSD Postage Meter
(Versions (Hardware #4127906B-A, Software 10.2), (Hardware #4127906B-B, Software 10.2) and (Hardware #4127907C-A, Software 30.11, 30.13, 30.15 and 30.21))

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 10/21/2003;
08/06/2004;
08/09/2004;
08/11/2004;
10/06/2004;
04/27/2005;
10/18/2005;
10/03/2006
Overall Level: 2 

-Physical Security: Level 3 +EFT
-EMI/EMC: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #119); SHA-1 (Cert. #41); DSA (Cert. #61); ECDSA (vendor affirmed); Triple-DES MAC (Cert. #119, vendor affirmed)

-Other algorithms: N/A

Multi-chip embedded

"The NSD module is a postage meter supporting accounting and cryptographic functions including the generation of 2D barcodes w/ECDSA signatures for secure electronic transactions. Associated with a document transport system and an inkjet print-head, the module is capable of processing up to 250 envelopes per minute."
351 Certicom Corp.
5520 Explorer Drive
4th Floor
Mississauga, Ontario L4W 5L1
Canada

-sales@certicom.com
TEL: 905-507-4220
FAX: 905-507-4230

CST Lab: NVLAP 200002-0

Security Builder® Government Solutions Edition (SBGSE)
(Version 1)

(When operated in FIPS mode - for Palm)

Validated to FIPS 140-2

Security Policy

Certificate

Software 10/10/2003;
10/17/2003;
03/06/2009
Overall Level: 1 

-EMI/EMC: Level 3

-Operational Environment: Tested as meeting Level 1 with Palm OS 4.1

-FIPS Approved algorithms: Triple-DES (Cert. #100); AES (Cert. #5); SHA-1(Cert. #89); HMAC-SHA-1 (Cert. #89, vendor affirmed)

-Other algorithms: DES (Cert. #160); MD5; DESX; HMAC-MD5

Multi-chip standalone

"Security Builder GSE is a standards based cryptographic toolkit that provides application developers with sophistocated tools to flexibly integrate encryption, digital signatures and other security mechanisms into their applications. Security Builder provides the cryptographic core for Certicom's products, including movianCrypt, MovianVPN, SSL and wTLS Plus, and Trustpoint PKI products."
350 IBM® Corporation
IBM/Tivoli
PO Box 3499
Australia Fair
Southport, Queensland 4215
Australia

-Mike Thomas
TEL: +61 7 5552 4030
FAX: +61 7 5571 0420

-Peter Waltenberg
TEL: +61 7 5552 4016
FAX: +61 7 5571 0420

CST Lab: NVLAP 200427-0

IBM® Crypto for C (ICC)
(Software Version 0.1)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Software 10/03/2003;
08/23/2004;
12/02/2004
Overall Level: 1 

-Operational Environment: Tested as meeting Level 1 with SUN Solaris 5.8, AIX 5.2 and Windows 2000 (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #174); AES (Cert. #65); SHA-1 (Cert. #159); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #216); HMAC-SHA-1 (Cert #159, vendor affirmed; non-compliant); RC2; RC2-40; RC2-64; RC4; Blowfish; CAST; RSA (encryption/decryption); MD2; MD4; MD5; RIPEMD; HMAC-MD5

Multi-chip standalone

"The ICC is a C language implementation of cryptographic functions which uses the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider."
349 Colubris Networks Inc.
420 Armand-Frappier
Suite 200
Laval, Québec H7V 4B4
Canada

-Stephane Laroche
TEL: 450-680-1661 x123
FAX: 450-680-1910

CST Lab: NVLAP 200427-0

Colubris CN1050 and CN1054 Wireless LAN Routers
(Hardware Versions CN1050 and CN1054; Firmware Version 1.24-01-1736)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 10/03/2003 Overall Level: 2 

-FIPS Approved algorithms: SHA-1 (Certs. #149, #150; #151); HMAC-SHA-1 (Certs. #149, #150; #151, vendor affirmed); Triple-DES (Certs. #164, #165; #166); AES (Certs. #54 and #55); RSA (ANSI X9.31, vendor affirmed)

-Other algorithms: DES (Cert. #209); MD4; MD5; HMAC-MD5; SHA-2; RC4; Diffie-Hellman (key agreement)

Multi-chip standalone

"Colubris CN105x Secure Wireless LAN Router enables strong security for wireless enterprise networking, using embedded IPSec VPN and firewall functionalities."
348 Francotyp-Postalia
Francotyp-Postalia AG & Co. KG
Triftweg 21-26
Birkenwerder, D-16547
Germany

-Dirk Rosenau
TEL: +49 3303 525 616
FAX: +49 3303 525 609

CST Lab: NVLAP 100432-0

Postal Revenector
(Hardware P/N Version 58.0036.0001.00/05, Firmware P/N Version 90.0036.0006.00/02)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 09/25/2003 Overall Level: 3 

-Physical Security: Level 3 +EFP

-FIPS Approved algorithms: Triple-DES (Cert. #39); SHA-1 (Cert. #43); RSA (PKCS #1, vendor affirmed); ECDSA (FIPS 186-2, vendor affirmed); HMAC-SHA-1 (Cert. #43, vendor affirmed)

-Other algorithms: DES (Cert. #108); DES MAC (Cert. #108, vendor affirmed); Diffie-Hellman (key agreement)

Multi-chip embedded

"The Francotyp-Postalia Postal Revenector employs strong encryption, decryption, and digital signature techniques for the protection of customer revenues in Francotyp-Postalia’s mail handlers. The Postal Revenector has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP)."
347 Information Security Corporation
1141 Lake Cook Road
Suite D
Deerfield, IL 60015
USA

-Michael J. Markowitz
TEL: 847-405-0500

CST Lab: NVLAP 200002-0

ISC Cryptographic Development Kit (CDK) V7.0
(Version 7.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 09/24/2003 Overall Level: 1 

-EMI/EMC: Level 3
-Software Security: Level 3

-Operational Environment: Tested as meeting Level 1 with Windows 2000 (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #115); DSA (Cert. #65); AES (Cert. #9); Skipjack (Cert. #9); SHA-1 (Cert. #100); HMAC-SHA-1 (Cert. #100, vendor affirmed); ECDSA (vendor affirmed); RSA (PDCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #171); MD2; MD5; RC2; RC4; DESX; ElGamal; EC EIGamal; HMAC-MD5; SHA-256; SHA-384; SHA-512

Multi-chip standalone

"A software development toolkit providing a comprehensive set of cryptographic primitives for use in any application. includes RSA, DSA/Diffie-Hellman and elliptic curve algorithms, as well as a wide range of symmetric ciphers and hash functions."
346 IBM® Corporation
2455 South Road / P330
Poughkeepsie, NY 12601
USA

-Barry Ward
TEL: 845-435-4881
FAX: 845-435-5540

CST Lab: NVLAP 100432-0

Security Module with CP/Q++
(Hardware: P/N 04K9036, EC CF75600M, Firmware: Miniboot 0 Version A, Miniboot 1 Version A, CP/Q++ 2.41)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 09/24/2003 Overall Level: 3 

-Self Tests: Level 4

-FIPS Approved algorithms: Triple-DES (Certs. #4 and #124); DSA/SHA-1 (Cert. #34); SHA-1 (Cert. #107); DSA (Cert. #68); RSA (FIPS 186-2, vendor affirmed)

-Other algorithms: DES (Certs. #86 and #178); OAEP; RSA (ISO 9796)

Multi-chip embedded

"The Security Module with CP/Q++ is the security-sensitive portion of the IBM 4758 Cryptographic Coprocessor. The Security Module is a tamper-responding, programmable module containing a CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, and firmware. The CP/Q++ control program provides basic services Coprocessor applications use for cryptographic and secure-storage processing. The validation affirms a secure environment in which to implement or extend an application program requiring secure storage, cryptographic capabilities, and processing integrity. The Coprocessor is available for use in typical PC servers and as features in IBM eServer iSeries, pSeries, and zSeries servers."
345 IBM® Corporation
2455 South Road / P330
Poughkeepsie, NY 12601
USA

-Barry Ward
TEL: 845-435-4881
FAX: 845-435-5540

CST Lab: NVLAP 100432-0

Security Module with CP/Q++
(Hardware: P/N 04K9131, EC F 72272D, Firmware: Miniboot 0 Version A, Miniboot 1 Version A, CP/Q++ 2.41)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 09/24/2003 Overall Level: 3 

-Physical Security: Level 4
-Self Tests: Level 4

-FIPS Approved algorithms: Triple-DES (Certs. #4 and #124); DSA/SHA-1 (Cert. #34); SHA-1 (Cert. #107); DSA (Cert. #68); RSA (FIPS 186-2, vendor affirmed)

-Other algorithms: DES (Certs. #86 and #178); OAEP; RSA (ISO 9796)

Multi-chip embedded

"The Security Module with CP/Q++ is the security-sensitive portion of the IBM 4758 Cryptographic Coprocessor. The Security Module is a tamper-responding, programmable module containing a CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, and firmware. The CP/Q++ control program provides basic services Coprocessor applications use for cryptographic and secure- storage processing. The validation affirms a secure environment in which to implement or extend an application program requiring secure storage, cryptographic capabilities, and processing integrity. The Coprocessor is available for use in typical PC servers and as features in IBM eServer iSeries, pSeries, and zSeries servers."
344 Stonesoft Corporation
115 Perimeter Center Place
Suite 1000
Atlanta, GA 30346
USA

-Klaus Majewski
TEL: 678-259-3411
FAX: 770-668-1131

CST Lab: NVLAP 200002-0

StoneGate High Availability Firewall and VPN
(Version 2.0.5)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Firmware 09/16/2003;
10/07/2003;
04/29/2004
Overall Level: 1 

-Tested: Debian GNU/Linux Version 3.0

-FIPS Approved algorithms: Triple-DES (Certs. #145, #146; #147); AES (Certs. #39 and #40); DSA (Certs. #77 and #78); SHA-1 (Certs. #131 and #132); HMAC-SHA-1 (Cert. #132, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #194); Blowfish; Twofish; CAST-128; SHA-256 (vendor affirmed; non-compliant); MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"StoneGate is a firewall and VPN software solution. It features clustering, load balancing between multiple ISPs, encrypted VPN client connectivity and advanced central administration tools."
343 Wei Dai
13440 SE 24th Street
Bellevue, WA 98005
USA

-Wei Dai
TEL: 425-562-9677

CST Lab: NVLAP 200002-0

Crypto++ Library
(Version 5.0.4)

Validated to FIPS 140-2

Security Policy

Certificate

Software 09/05/2003;
10/28/2005
Overall Level: 1 

-EMI/EMC: Level 3

-Operational Environment: Tested as meeting Level 1 with Windows 2000 Professional Operating System, Service Pack 1 (single user mode)

-FIPS Approved algorithms: AES (Cert. #87); Triple-DES (Cert. #198); Skipjack (Cert. #13); DSA (Cert. #79); SHA-1 (Cert. #134); HMAC-SHA-1 (Cert. #134, vendor affirmed); Triple-DES MAC (Cert. #198, vendor affirmed); ECDSA (vendor affirmed); RSA (PKCS #1, vendor affirmed)

-Other algorithms: Diffie-Hellman (key agreement)

Multi-chip standalone

"The Crypto++ Library is a free, open source C++ class library providing public key encryption, digital signatures, symmetric ciphers, hash functions, message authentication codes, and other cryptographic algorithms. The dynamic link library (DLL) is FIPS 140-2 Level 1 validated. The source code of the validated module is available upon request."
342 Eracom Technologies Australia, Pty. Ltd.
28 Greg Chappell Drive
Burleigh Heads, QLD 4220
Australia

-Gerry Scott
TEL: 916-677-2450
FAX: 916-677-2460

CST Lab: NVLAP 200427-0

ProtectHost Orange Hardware Security Module and ProtectHost Orange Hardware Security Module with ORGA FM
(Hardware Revision A, Firmware Version 1.34.00, Software Version 1.01.11, ORGA FM Version 1.2)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Vendor Product Link
Hardware 09/05/2003;
09/24/2003;
10/18/2005
Overall Level: 3 

-FIPS Approved algorithms: AES (Cert. #37); Triple-DES (Cert. #63); DSA (Cert. #47); ECDSA (vendor affirmed); HMAC-SHA-1 (Cert. #55); RSA (PKCS#1 and ANSI X9.31, vendor affirmed); SHA-1 (Cert. #55); Triple-DES MAC (Cert. #63, vendor affirmed)

-Other algorithms: DES (Cert. #124); DES MAC (Cert. #124, vendor affirmed); Diffie-Hellman (key agreement); CAST 128; IDEA; MD2; MD5; HMAC-MD5; RC2; RC4; RIPEMD-128; RIPEMD-160; HMAC-RIPEMD-128; HMAC-RIPEMD-160; CAST MAC; IDEA MAC; RC2 MAC; RC4 MAC

Multi-chip standalone

"The Eracom protecthost orange is an advanced Hardware Security Module (HSM) offering high speed cryptographic processing and key management. The module implements the PKCS#11 cryptographic API and provides a comprehensive compliance to the PKCS#11 standard as well as vendor specific extensions."
341 ReefEdge, Inc.
2 Executive Dr.
Fort Lee, NJ 07024
USA

-Silvia Ercolani
TEL: 201-242-9700
FAX: 201-242-9760

CST Lab: NVLAP 200556-0

Edge Controller 100x
(Software v3.1.3, Hardware v3.0)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 08/29/2003 Overall Level: 2 

-Self Tests: Level 4

-FIPS Approved algorithms: Triple-DES (Certs. #171, #172; #173); SHA-1 (Certs. #155, #156; #157); HMAC-SHA-1 (Certs. #155, #156; #157, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: RC4; MD5; HMAC-MD5

Multi-chip standalone

"The ReefEdge family of Edge Controllers provides perimeter security and high-speed subnet roaming to the ReefEdge Connect System, connecting an enterprise's access points to its wired LAN. Edge Controllers enforce access control rules, implement bandwidth management, and perform encryption, enabling users to roam freely - among offices, between floors, across campuses - without losing their secure connection."
340 SonicWALL, Inc.
1143 Borregas Ave.
Sunnyvale, CA 94089-1306
USA

-Usha Sanagala
TEL: 408-962-6248

CST Lab: NVLAP 100432-0

Cisco CSS Series 11000 Secure Content Accelerator/SonicWALL SSL-RX
(Hardware P/N 103-500000-00/101-500040-00 Rev E/Rev C, Firmware Version 4.1)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 08/29/2003;
04/25/2007
Overall Level: 2 

-FIPS Approved algorithms: SHA-1 (Cert. #146); HMAC-SHA-1 (Cert. #146, vendor affirmed); Triple-DES (Cert. #157); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #203); RC2; RC4; MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"The SCA2/SSL-RX is an SSL proxy device designed for SSL acceleration and offloading. The SCA2/SSL-RX provides the ability to both terminate and initiate SSL connectio ns, converting cipher-text to clear-text, or clear-text to cipher-text."
339 AKCode, LLC.
13130 Roundup Ave.
San Diego, CA 92129
USA

-Robert Spraggs
TEL: 858-484-5634
FAX: 516-706-6468

CST Lab: NVLAP 100432-0

Anonymous Key Technology-C++ and Java Suite
(Software Versions 1.0.0 and 1.0.2)

Validated to FIPS 140-2

Security Policy

Certificate

Software 07/31/2003;
10/06/2003;
07/28/2005;
08/24/2005;
06/07/2013
Overall Level: 1 

-EMI/EMC: Level 3

-Operational Environment: Tested as meeting Level 1 with Windows 2000, XP, and NT 4.00; SUN Server Solaris Version 8, Linux 2.2, 2.4 and 2.4.18, Microsoft Internet Explorer 5.00 and Netscape 7.01-all configured in single user mode

-FIPS Approved algorithms: AES (Certs. #38 and #47); SHA-1 (Certs. #128 and #142); HMAC-SHA-1 (Certs. #128 and #142, vendor affirmed)

-Other algorithms: PPP (key transport)

Multi-chip standalone

"Product Description: “A non PKI based software suite to allow secure authenticated Internet transactions. The suite incorporates biometrics into the authentication and encryption algorithms. Currently, the suite has been tested with encrypted video conferencing, Internet email, secure Internet transactions, secure data storage and personal authentication. The suite uses smart cards, RF cards, and USB storage devices as personal authentication devices. Operating systems tested include the full suite of Microsoft, LINUX, and SUN Solaris. Supports Windows Mobile, MAC iOS, MAC OSX and Google Android, in version 1.0.2, though not operationally tested. The suite has both client and server components, thus enabling a complete secure solution without using traditional PKI."
338 Axalto Inc.
8311 North FM 620 Rd.
Austin, TX 78726
USA

-David Teo
TEL: 512-257-3895
FAX: 512-257-3881

CST Lab: NVLAP 100432-0

Cyberflex Access e-gate 32K
(Hardware P/N M256LCAEG1, Firmware Version HardMask 2v2, SoftMask 3v1)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 07/07/2003;
09/21/2004;
05/25/2006
Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Cert. #143); Triple-DES MAC (Cert. #143, vendor affirmed); SHA-1 (Cert. #129); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #192); DES MAC (Cert. #192, vendor affirmed);

Single-chip

"Cybeflex Access e-gate 32K serves as a highly portable, secure token for enhancing the security of network access and ensuring secure electronic communications, supporting on-card DES (used only for legacy systems) and RSA algorithms with on-card key generation. It is compliant to Java Card v2.1.1 and Open Platform v2.0.1. The card incorporates, apart from the conventional ISO 7816-3 interface, also the USB interface normally resident in the smart card reader. Thus, it bridges the gulf between the public terminal infrastructure (ISO 7816-3) and the PC world (USB). The Cyberflex Access e-gate 32K is part of a range of Schlumberger highly secure, Java-based smart cards for physical and logical access, e-transactions and other applications."
337 Phaos Technology Corporation
520 Madison Avenue
30th Floor
New York, NY 10022
USA

-Darren Calman
TEL: 212-508-7700

CST Lab: NVLAP 200427-0

Phaos Crypto
(Software Versions 3.0 and 3.0.1)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Software 07/07/2003;
04/30/2004;
08/23/2004
Overall Level: 1 

-Operational Environment: Tested as meeting Level 1 with Window 2000 (Single User mode), Sun Java 2 Runtime Environment (V1.3.1)

-FIPS Approved algorithms: AES (Cert. #42); Triple-DES (Cert. #148); SHA-1 (Cert. #138); HMAC-SHA-1 (Cert. #138, vendor affirmed); RSA (PKCS#1, vendor affirmed); DSA (Cert. #81); ECDSA (vendor affirmed)

-Other algorithms: DES (Cert. #195); RC2; RC4; Blowfish; MD2; MD4; MD5; SHA-2; RSA (encryption/decryption); Diffie-Hellman (key agreement); EC Diffie-Hellman (key agreement)

Multi-chip standalone

"Phaos Crypto provides a state-of-the-art set of core cryptography algorithms in Java. It includes a comprehensive cryptographic library supporting the most current algorithms like AES, RSA-OAEP, SHA- 256/384/512, X.9-42 as well as legacy algorithms that are still used in corporate systems like 3DES, DES, MD2 etc.. Phaos Crypto allows developers to integrate cryptography into any Java application or applet. For high security deployments, Phaos Crypto provides transparent migration to cryptographic hardware without requiring any changes to existing applications."
336 Motorola, Inc.
8220 E Roosevelt St.
Scottsdale, AZ 85257
USA

-Randy Morton
TEL: 480-441-4472
FAX: 480-441-3580

CST Lab: NVLAP 100432-0

Digital Interface Unit Crypto Module (DIU CM)
(Hardware P/N T6721A Version CLN7611C, Firmware Versions R82.00.02 and R82.01.02)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 07/07/2003;
01/05/2004;
03/30/2004
Overall Level: 1 

-Roles, Services, and Authentication: Level 2
-Design Assurance: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #82); AES (Cert. #2)

-Other algorithms: DES (Cert. #151); DES MAC (Cert. #151, vendor affirmed); DES-XL; DVI-XL; DVP-XL; HCA; AES MAC (Cert #2, P25 AES OTAR, vendor affirmed)

Multi-chip embedded

"The DIU CM provides secure voice and Over-the-Air-Rekeying (OTAR) advanced key management for Motorola’s Digital Interface Unit (DIU). The DIU and DIU CM combine to provide these cryptographic services for Motorola’s APCO-25 compliant Astro ™ family of console and base station radio infrastructure equipment."
335 NetScreen Technologies, Inc.
805 11th Avenue
Building 3
Sunnyvale, CA 94089
USA

-Lee Klarich
TEL: 408-543-8209
FAX: 408-543-8200

CST Lab: NVLAP 100432-0

NetScreen-204/208
(Hardware P/N NS-204 and NS-208 Version 0110(0), Software ScreenOS 4.0.0r7.3)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 07/07/2003;
08/29/2003
Overall Level: 2 

-FIPS Approved algorithms: AES (Cert. #11); Triple-DES (Certs. #49 and #118); DSA/SHA-1 (Cert. #76); SHA-1 (Cert. #103); RSA (PKCS #1, vendor affirmed); HMAC-SHA-1 (Cert. #103, vendor affirmed)

-Other algorithms: DES (Certs. #114 and #174); MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"The NetScreen-204/208 are purpose-built network security appliances that deliver firewall, VPN, and traffic shaping optimized for the most demanding environments such as medium and large enterprise offices, e-business sites, data centers, and carrier infrastructures."
334 NetScreen Technologies, Inc.
805 11th Avenue
Building 3
Sunnyvale, CA 94089
USA

-Lee Klarich
TEL: 408-543-8209
FAX: 408-543-8200

CST Lab: NVLAP 100432-0

NetScreen-500
(Hardware P/N NS-500 Version 4110(0), Software ScreenOS 4.0.0r7.3)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 07/07/2003;
08/29/2003
Overall Level: 2 

-FIPS Approved algorithms: AES (Cert. #12); Triple-DES (Certs. #49 and #50); DSA/SHA-1 (Cert. #75); SHA-1 (Cert. #47); RSA (PKCS #1, vendor affirmed); HMAC-SHA-1 (Cert. #47, vendor affirmed)

-Other algorithms: DES (Certs. #114 and #115); MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"The NetScreen-500 is a purpose-built internet security appliance that provides advanced firewall, IPSec VPN, and traffic management functionality, optimized for the most demanding environments such as medium and large enterprise offices, carrier infrastructures, or service providers."
333 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801
USA

-sales@ncipher.com
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nCipher PMC 1600 PCI
(Hardware Version: nC3033M-4K0, Build Standard A, Firmware Version: 2.1.23-3)

(When operated in FIPS mode and initialized to Overall Level 3 per Security Policy)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 06/27/2003 Overall Level: 3 

-Self Tests: Level 4

-FIPS Approved algorithms: Triple-DES (Cert. #109); Triple-DES MAC (Cert. #109, vendor affirmed); AES (Cert. #15); DSA (Cert. #60); SHA-1 (Cert. #95); HMAC-SHA-1 (Cert. #95, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #173); DES MAC (Cert. #173, vendor affirmed); ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; MD2; MD5; SEED; KCDSA; HAS 160

Multi-chip embedded

"The nCipher PMC 1600 PCI secure e-Commerce SSL family of secure ecommerce accelerators are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher PMC 1600 PCI is a FIPS 140-2 level 3 embedded device. The nCipher PMC 1600 PCI improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging."
332 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801
USA

-sales@ncipher.com
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nCipher PMC 1600 PCI
(Hardware Version: nC3033M-4K0, Build Standard A, Firmware Version: 2.1.23-2)

(When operated in FIPS mode and initialized to Overall Level 2 per Security Policy)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 06/27/2003 Overall Level: 2 

-Roles, Services, and Authentication: Level 3
-Physical Security: Level 3
-EMI/EMC: Level 3
-Design Assurance: Level 3
-Self Tests: Level 4

-FIPS Approved algorithms: Triple-DES (Cert. #109); Triple-DES MAC (Cert. #109, vendor affirmed); AES (Cert. #15); DSA (Cert. #60); SHA-1 (Cert. #95); HMAC-SHA-1 (Cert. #95, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #173); DES MAC (Cert. #173, vendor affirmed); ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; MD2; MD5; SEED; KCDSA; HAS 160

Multi-chip embedded

"The nCipher PMC 1600 PCI secure e-Commerce SSL family of secure ecommerce accelerators are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher PMC 1600 PCI may be initialized as a FIPS 140-2 level 2 embedded device. The nCipher PMC 1600 PCI improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging."
331 Motorola, Inc.
8220 E Roosevelt St.
Scottsdale, AZ 85257
USA

-Randy Morton
TEL: 480-441-4472
FAX: 480-441-3580

CST Lab: NVLAP 100432-0

Key Management Facility Crypto Card (KMF CC)
(Hardware P/N T6722A Versions CLN7612B and CLN8306C, Firmware Version R01.08)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 06/27/2003;
03/30/2004;
02/10/2011
Overall Level: 1 

-EMI/EMC: Level 3
-Design Assurance: Level 3

-FIPS Approved algorithms: AES (Cert. #2); Triple-DES (Cert. #82)

-Other algorithms: DES (Cert. #151); DES MAC (Cert. #151, vendor affirmed); DES-XL; DVI-XL; DVP-XL; HCA; AES MAC (Cert #2, P25 AES OTAR, vendor affirmed)

Multi-chip embedded

"The KMF CC provides encryption and decryption services for secure key management and Over-the-Air-Rekeying (OTAR) for Motorola’s Key Management Facility (KMF). The KMF and KMF CC combine to provide these cryptographic services for Motorola’s APCO-25 compliant Astro ™ radio systems."
330 Lipman Electronic Engineering Ltd.
11 Haamal Street
Park Afek, Rosh Haayin 48092
Israel

-David S. Kaplan
TEL: 972-3-902-9730
FAX: 972-3-902-9731

CST Lab: NVLAP 100432-0

NURIT 202 PIN Pad
(Hardware P/N NURIT 0202-XXX-M21-YYY [XXX: Country Code, YYY: Color Code]*, Firmware Version M02.25)

(Refer to the cryptographic module’s security policy for the details on the letters)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 06/27/2003;
04/30/2004
Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #123); Triple-DES MAC (Cert. #123, vendor affirmed)

-Other algorithms: DES (Cert. #177); DES MAC (Cert. #177, vendor affirmed)

Multi-chip standalone

"The NURIT 202 is an advanced, easy-to- use handheld PIN Pad allowing for protected debit/credit transactions. The NURT 202 can be interconnected with any NURIT point-of-sale (POS) terminal, or terminals of other manufacturers."
329 CyberGuard Corporation
2000 W. Commercial
Blvd Suite 200
Ft. Lauderdale, FL 33309
USA

-Soheila Amiri
TEL: 954-958-3900

CST Lab: NVLAP 200416-0

CyberGuard Cryptographic Module
(Version: 5.0P1f)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 06/27/2003 Overall Level: 1 

-Roles and Services: Level 2
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #102); SHA-1 (Cert. #109); AES (Cert. #6); DSA (Cert. #69); HMAC-SHA-1 (Cert. #109, vendor affirmed)

-Other algorithms: DES (Cert. #161); Diffie-Hellman (key agreement); Twofish; Blowfish; CAST-128; MD5; Tiger192; RIPEMD-160; HMAC-MD5

Multi-chip standalone

"The CyberGuard Firewall/VPN is a packet-filtering and application proxy gateway, which allows or blocks the routing of specific network services between networks based on a set of administrator-defined rules."
328 Bodacion Technologies
18-3 E Dundee Rd
Suite 300
Barrington, IL 60010
USA

-Eric Uner
TEL: 847-842-9008

CST Lab: NVLAP 200416-0

HYDRA Server Cryptographic Module
(Hardware Version: 1.4, Firmware Version: 1.4)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 06/27/2003 Overall Level: 1 

-FIPS Approved algorithms: Triple-DES (Cert. #126); SHA-1 (Cert. #110)

-Other algorithms: RSA (non-compliant); AES (non-compliant); RC4; MD5

Multi-chip standalone

"HYDRA is an internet server built without an operating system from the ground up to be totally secure. It contains everything you need to run a high-performance, secure Web site including HTTP, HTTPS, and FTP servers, Web-based administration, and Java/JSP capabilities."
327 Axalto Inc.
8311 North FM 620 Road
Austin, TX 78726
USA

-David Teo
TEL: 512-257-3895
FAX: 512-257-3881

CST Lab: NVLAP 100432-0

Schlumberger Cyberflex Access 32K Smart Card Module with Schlumberger PKI Applets
(Hardware P/N SLE66CX320P, Firmware Version Softmask 7 V2, Hardmask 2 V2; Applets: Gina Applet Version 1.1, Smart Login Applet Version 1.1, PKI Applet Version1.1)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 06/17/2003;
09/21/2004;
05/25/2006
Overall Level: 2 

-Physical Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #65); Triple-DES MAC (Cert. #65, vendor affirmed); SHA-1 (Cert. #57); RSA (PKCS#1, vendor affirmed)

-Other algorithms: N/A

Single-chip

"The Schlumberger Cyberflex Access 32K Smart Card Module with Schlumberger PKI Applets is a single chip implementation of a Java Card 2.1.1 compliant smart card module. It is also compliant with OP 2.0.1, thus establishing a well defined security infrastructure through applet instantiation, key management and security policy configuration which can be performed using FIPS 140-2 compliant mechanisms."
326 NetScreen Technologies, Inc.
805 11th Avenue
Building 3
Sunnyvale, CA 94089
USA

-Lee Klarich
TEL: 408-543-8209
FAX: 408-543-8200

CST Lab: NVLAP 100432-0

NetScreen-5200
(Hardware P/N NS-5200 Version 3010(0), Firmware Version 4.0.0r7.3)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 06/17/2003;
08/29/2003
Overall Level: 2 

-FIPS Approved algorithms: AES (Cert. #11); Triple-DES (Certs. #118 and #133); DSA/SHA-1 (Cert. #76); SHA-1 (Certs. #103 and #119); RSA (PKCS #1, vendor affirmed); HMAC-SHA-1(Certs. #103 and #119, vendor affirmed)

-Other algorithms: DES (Certs. #174 and #184); MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"The NetScreen-5200 is a purpose-built internet security appliance that provides advanced firewall and IPSec VPN functionality, optimized for the most demanding environments such as large enterprise offices, carrier infrastructures, or service providers. The NetScreen-5200 is capable of 2 Gbps 3DES VPN throughput."
325 NetScreen Technologies, Inc.
805 11th Avenue
Building 3
Sunnyvale, CA 94089
USA

-Lee Klarich
TEL: 408-543-8209
FAX: 408-543-8200

CST Lab: NVLAP 100432-0

NetScreen-5XT
(Hardware P/N NS-5XT Version 3010(0), Firmware Version 4.0.0r7.3)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 06/17/2003;
08/29/2003
Overall Level: 2 

-EMI/EMC: Level 3

-FIPS Approved algorithms: AES (Cert. #11); Triple-DES (Certs. #49 and #118); DSA/SHA-1 (Cert. #76); SHA-1 (Cert. #103); RSA (PKCS #1, vendor affirmed); HMAC-SHA-1 (Cert. #103, vendor affirmed)

-Other algorithms: DES (Certs. #114 and #174); MD5; Diffie-Hellman (key agreement)

Multi-chip standalone

"The NetScreen-5XT is a purpose-built internet network security appliance that delivers firewall, VPN, and traffic management optimized for remote offices, home offices, and telecommuters."
324 IP Dynamics, Inc.
2880 Stevens Creek Boulevard
San Jose, CA 95128
USA

-Zulfikar Ramzan
TEL: 408-961-6349
FAX: 408-961-6390

CST Lab: NVLAP 100432-0

VCN Member Agent Cryptographic Module
(Software Version 4.2)

Validated to FIPS 140-2

Security Policy

Certificate

Software 06/06/2003 Overall Level: 1 

-EMI/EMC: Level 3

-Operational Environment: Tested as meeting Level 1 with Window 2000 professional, Service Pack 2 Operation System (single-user mode)

-FIPS Approved algorithms: AES (Cert. #34); SHA-1 (Cert. #126); HMAC-SHA-1 (Cert. #126, vendor affirmed); Triple-DES (Cert. #141)

-Other algorithms: Diffie-Hellman (key agreement)

Multi-chip standalone

"IP Dynamics’ VCN Software Suite creates a secure network services layer above the flat Internet address space allowing the creation of dynamic virtual communities, which are the secure, collaborative communications platforms designed for a wide range of intranet, extranet, remote access and collaboration applications."
323 IP Dynamics, Inc.
2880 Stevens Creek Boulevard
San Jose, CA 95128
USA

-Zulfikar Ramzan
TEL: 408-961-6349
FAX: 408-961-6390

CST Lab: NVLAP 100432-0

VCN Manager Cryptographic Module
(Software Version 4.2)

Validated to FIPS 140-2

Security Policy

Certificate

Software 06/06/2003;
06/27/2003
Overall Level: 1 

-EMI/EMC: Level 3

-Operational Environment: Tested as meeting Level 2 with Solaris Version 8 FCS with AdminSuite Version 3.0.1 FCS with patches 108875 and 108879-02 for SPARC platforms, Sun Ultra 10 with UltraSPARC IIi 333MHz, JDK 1.4.0

-FIPS Approved algorithms: AES (Cert. #34); SHA-1 (Cert. #126); HMAC-SHA-1 (Cert. #126, vendor affirmed)

-Other algorithms: Diffie-Hellman (key agreement)

Multi-chip standalone

"IP Dynamics’ VCN Software Suite creates a secure network services layer above the flat Internet address space allowing the creation of dynamic virtual communities, which are the secure, collaborative communications platforms designed for a wide range of intranet, extranet, remote access and collaboration applications."
322 Palm Solutions Group
400 N. McCarthy Blvd
Milpitas, CA 95035
USA

-Rebecca Taylor
TEL: 408-503-7500
FAX: 408-503-2750

CST Lab: NVLAP 100432-0

Crypto Manager
(Software Version 2.0)

Validated to FIPS 140-2

Security Policy

Certificate

Software 06/06/2003 Overall Level: 1 

-Operational Environment: Tested as meeting Level 1 with Palm OS 4.1

-FIPS Approved algorithms: AES (Cert. #19); SHA-1 (Cert. #115); HMAC-SHA-1 (Cert. #115, vendor affirmed)

-Other algorithms: N/A

Multi-chip standalone

"Crypto Manager Version 2.0 provides cryptographic services to applications on the Palm platform. Using the Crypto Manager API (Application Programming Interface), application developers can access strong cryptographic services without having expertise in cryptography. Crypto manager is designed to be used on any devices running Palm OS 3.0 or higher. It features strong encryption via AES, HMAC SHA-1 message authentication and SHA-1 digests Crypto Manager is built to comply with FIPS 140-2 Level 1."
321 IBM® Corporation
CC1A/502/K301
4205 S. Miami Blvd.
Durham, NC 27703
USA

-Keith Medlin
TEL: 919-543-2014
FAX: 919-486-0675

CST Lab: NVLAP 200556-0

IBM® Everyplace™ Wireless Gateway Cryptographic Module
(Version 1.6)

Validated to FIPS 140-2

Security Policy

Certificate

Software 05/29/2003 Overall Level: 2 

-Operational Environment: Tested as meeting Level 2 with Trusted Solaris 8 4/01 EAL4 (Solaris SunBlade 1000); AIX 5L Version 5.2 EAL4+ (IBM pSeries 660 Model 6H1)

-FIPS Approved algorithms: Triple-DES (Cert. #142); AES (Cert. #36); SHA-1 (Cert. #127); DSA (Cert. #74)

-Other algorithms: DES (Cert. #191)

Multi-chip standalone

"The IBM® Everyplace Wireless Gateway Cryptographic Module provides encryption and other cryptographic services for the IBM® Everyplace Wireless Gateway for Multiplatforms. The IBM® Everyplace Wireless Gateway for Multiplatforms is a distributed, scalable, multipurpose UNIX® communications platform that can support optimized, security-enhanced data access by both Wireless Application Protocol (WAP) clients and non- WAP clients over a wide range of international wireless network technologies, as well as local area (LAN) and wide area (WAN) wire line networks. The cryptographic module was tested on a AIX Version 5.2 platform."
320 IBM® Corporation
CC1A/502/K301
4205 S. Miami Blvd.
Durham, NC 27703
USA

-Keith Medlin
TEL: 919-543-2014
FAX: 919-486-0675

CST Lab: NVLAP 200556-0

IBM® Everyplace™ Wireless Gateway Cryptographic Module
(Version 1.6)

Validated to FIPS 140-2

Security Policy

Certificate

Software 05/29/2003 Overall Level: 1 

-Roles, Services, and Authentication: Level 2
-EMI/EMC: Level 3
-Design Assurance: Level 2

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows 2000 SP2; Microsoft Pocket PC 2002

-FIPS Approved algorithms: Triple-DES (Cert. #142); AES (Cert. #36); SHA-1 (Cert. #127); DSA (Cert. #74)

-Other algorithms: DES (Cert. #191)

Multi-chip standalone

"The IBM® Everyplace Wireless Gateway Cryptographic Module provides encryption and other cryptographic services for the IBM® Everyplace Wireless Gateway for Multiplatforms. The IBM® Everyplace Wireless Gateway for Multiplatforms is a distributed, scalable, multipurpose UNIX® communications platform that can support optimized, securityenhanced data access by both Wireless Application Protocol (WAP) clients and non-WAP clients over a wide range of international wireless network technologies, as well as local area (LAN) and wide area (WAN) wire line networks."
319 ActivCard, Inc.
6623 Dumbarton Circle
Fremont, CA 94555
USA

-Eric Le Saint
TEL: 510-574-0100
FAX: 510-574-0101

CST Lab: NVLAP 100432-0

Cyberflex Access 64K v1 with ActivCard applet suite
(P/N M512LACC1, FW HardMask 5 v1 & SoftMask 2 v1 and 4 v1, Applet versions: ID Applet 1.0.0.23, 1.0.0.24 and 1.14.0.19, PKI Applet 1.0.0.26, 1.0.0.30 and 1.14.0.21, GC Applet 1.0.0.26 and 1.0.0.28)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 05/29/2003;
10/03/2003;
12/03/2003;
08/03/2004
Overall Level: 2 

-Roles, Services, and Authentication: Level 3
-Physical Security: Level 3
-EMI/EMC: Level 3

-FIPS Approved algorithms: Triple-DES (Cert #125); Triple-DES MAC; SHA-1 (Cert. #108); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #179); DES MAC

Single-chip

"Cyberflex Access 64K v1 with ActivCard applet suite, which incorporates PKI (public key infrastructure) and digital signature technology, serve as highly portable, secure tokens for enhancing the security of network access and ensuring secure electronic communications. The SmartCard platform has on board Triple DES and RSA algorithms and can provide on board key generation. It is compliant to Java Card V2.1.1 and Open Platform V2.0.1."
318 Axalto Inc.
8311 North FM 620 Road
Austin, TX 78726
USA

-David Teo
TEL: 512-257-3895
FAX: 512-257-3881

CST Lab: NVLAP 100432-0

Cyberflex Access 64K
(Hardware: M512LACC1, Firmware: HardMask 5v1, SoftMask 2v1, 4v1, and 4v2)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 05/29/2003;
07/03/2003;
07/15/2003;
06/25/2004;
09/21/2004;
06/06/2005;
05/25/2006
Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Cert. #125); Triple-DES MAC; SHA-1 (Cert. #108); RSA (PKCS #1, vendor affirmed)

-Other algorithms: DES (Cert. #179); DES MAC

Single-chip

"The Cyberflex Access 64K can be employed in solutio ns which provide secure PKI (public key infrastructure) and digital signature technology. Cyberflex Access 64K serves as a highly portable, secure token for enhancing the security of network access and ensuring secure electronic communications. Cyberflex Access 64K supports on-card Triple DES and 1024-bit RSA algorithms with on-card key generation. It is compliant to Java Card v2.1.1 and Open Platform v2.0.1. The Cyberflex Access 64K is part of a range of Schlumberger highly secure, Java-based smart cards for physical and logical access, e-transactions and other applications."
317 Motorola, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

-Kirk Mathews
TEL: 847-576-4101
FAX: 847-538-2770

CST Lab: NVLAP 100432-0

Astro Subscriber Encryption Module
(HW PNs Astro Saber, Astro Spectra, Astro Consolette-NTN8967C, Astro XTS3000-0105956v67, FW v03.55, and v03.56)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 05/29/2003;
06/11/2003;
03/30/2004
Overall Level: 1 

-Roles, Services, and Authentication: Level 2

-FIPS Approved algorithms: Triple-DES (Cert. #82); AES (Cert. #2)

-Other algorithms: DES (Cert. #151); DES MAC (Cert. #151, vendor affirmed); DES-XL; DVI-XL; DVI-SPFL; DVP-XL; SHA-1 (non-compliant); AES MAC (Cert #2, P25 AES OTAR, vendor affirmed)

Multi-chip embedded

"Encryption modules used in Motorola Astro family of radios provide secure voice and data capabilities as well as APCO Over-the-Air-Rekeying (OTAR) and advanced key management."
316 Certicom Corp.
5520 Explorer Drive
4th Floor
Mississauga, Ontario L4W 5L1
Canada

-sales@certicom.com
TEL: 905-507-4220
FAX: 905-507-4230

CST Lab: NVLAP 200002-0

Security Builder® Government Solutions Edition (SBGSE)
(Version 1.0.1)

(When operated in FIPS mode - for Windows and WinCE)

Validated to FIPS 140-2

Security Policy

Certificate

Software 05/13/2003;
06/30/2003;
03/06/2009
Overall Level: 1 

-EMI/EMC: Level 3

-Operational Environment: Tested as meeting Level 1 with Dell Optiplex GX1 (Windows 98); Compaq iPAQ Pocket PC (WinCE)

-FIPS Approved algorithms: Triple-DES (Cert. #100); AES (Cert. #5); SHA-1 (Cert. #89); HMAC-SHA-1 (Cert. #89, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #160); MD5; DESX; HMAC-MD5

Multi-chip standalone

"Security Builder GSE is a standards-based cryptography toolkit that provides application developers with the sophisticated tools and flexibility needed to integrate encryption, digital signatures, and other security mechanisms into their applications. Security Builder provides the cryptographic core for a variety of Certicom products, including movianCrypt, movianVPN, SSL Plus, Trustpoint PKI products and toolkits and certificates, and WTLS Plus. Security Builder is also licensed to third party companies."
315 Motorola, Inc.
1301 E. Algonquin Rd.
Schaumburg, IL 60196
USA

-Phil Gemmato
TEL: 847-576-4707
FAX: 847-538-2770

CST Lab: NVLAP 100432-0

Motorola Gold Elite Gateway Secure Card (MGEG SC)
(HW Versions CLN7637b and CLN7637c, FW Versions R01.00.00, R01.03.07 and R01.04.02)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 05/13/2003;
11/26/2003;
12/03/2003;
12/24/2003;
04/13/2004;
07/27/2004
Overall Level: 1 

-Roles, Services, and Authentication: Level 2

-FIPS Approved algorithms: Triple-DES (Cert. #82); AES (Cert. #2)

-Other algorithms: DES (Cert. #151); SHA-1; DES-XL; DVI-XL; DVI-SPFL; DVP-XL; AES MAC (Cert #2, P25 AES OTAR, vendor affirmed)

Multi-chip embedded

"The MGEG Secure Card is a cPCI device which performs encryption and decryption for all voice traffic through the Motorola Gold Elite Gateway (MGEG)."
314 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Hazem Hassan
TEL: 952-808-2372
FAX: 952-890-2726

CST Lab: NVLAP 200427-0

Model 330J with JCCOS Applet
(Firmware Version: 2.0, Hardware Version: P8WE5033AEV/024A181)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 04/24/2003;
02/22/2005
Overall Level: 2 

-Physical Security: Level 3
-EMI/EMC: Level 3
-Design Assurance: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #144); SHA-1 (Cert. #130); RSA (singnature generation/verification PKCS#1 v1.5, vendor affirmed)

-Other algorithms: DES (Cert. #193); RSA (decryption)

Single-chip

"The Model 330J is SAFENET'S multi-application smart card, designed to the JavaCard v2.1.1 and Global Platform v2.0.1 specifications. The Model 330J smart card features SAFENET'S JCCOS operating system applet (Javabased Cryptographic Card Operating System). JCCOS is an advanced cryptographic applet that, when loaded onto a multi-application JavaCard, enables FIPS 140-2 Level 2 validation."
313 Entrust, Inc.
1000 Innovation Drive
Ottawa, Ontario K2K 3E7
Canada

-Entrust Sales

CST Lab: NVLAP 200017-0

Entrust Authority Security Toolkit for Java
(Software Version 6.1)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Software 03/28/2003;
05/28/2014
Overall Level: 1 

-EMI/EMC: Level 3

-Operational Environment: Tested as meeting Level 1 with Win XP SP1a, Win 2000 SP3, Win NT 4.0 SP 6a and WIN ME in single user mode running Sun JRE v1.2.2, 1.3.1 and 1.4.0, and IBM JRE v1.3

-FIPS Approved algorithms: Triple-DES (Cert. #140); Triple-DES MAC (Cert. #140, vendor affirmed); AES (Cert. #31); DSA (Cert. #73); ECDSA (vendor affirmed); SHA-1 (Cert. #125); HMAC-SHA-1 (Cert. #125, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #190); DES MAC (Cert. #190, vendor affirmed); CAST 128; IDEA; RC2; RC4; Rijndael 256; HMAC-MD5; CAST 128 MAC; IDEA MAC; MD2; MD5; Diffie-Hellman (key agreement); SPEKE; RSA (encryption/decryption)

Multi-chip standalone

"Entrust AuthorityTM Toolkits provide customers and partners with the ability to apply best-in-class security to almost any business application. These Toolkits provide a common set of services to permit developers to rapidly deploy applications that solve business problems without having to spend valuable development cycles developing these common services. Entrust Authority's standards-based, application programming interfaces (APIs) make it possible to implement a single enhanced Internet security architecture across multiple applications and platforms. By minimizing the need for separate administration modules with every deployed application, these Toolkits provide a reduction in administrative duplication and help to reduce the cost to deploy across multiple platforms."
312 Research In Motion Ltd.
295 Phillip Street
Waterloo, Ontario N2L 3W8
Canada

-Government Certifications Team
TEL: 519-888-7465 x2921
FAX: 519-886-4839

CST Lab: NVLAP 200017-0

BlackBerry Cryptographic Kernel
(Firmware Versions 3.3 and 3.3.1)

Validated to FIPS 140-2

Security Policy

Certificate

Firmware 03/28/2003;
04/25/2003;
05/02/2003;
04/29/2004;
08/24/2005
Overall Level: 1 

-Tested: BlackBerry 5810 with the RIM Proprietary OS, Version 3.3.0

-FIPS Approved algorithms: Triple-DES (Cert. #167); SHA-1 (Cert. #147); HMAC-SHA-1 (Cert. #147, vendor affirmed); RSA (signature verification: PKCS#1, vendor affirmed)

-Other algorithms: N/A

Multi-chip standalone

"BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-toend solution. The BlackBerryTM Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerryTM."
311 TLC-Chamonix, LLC
120 Village Square
Suite 11
Orinda, CA 94563
USA

-Phil Smith
TEL: 877-479-4500
FAX: 877-639-3470

CST Lab: NVLAP 100432-0

Cranite Wireless Access Controller
(Software Versions 2.0, 3.0, 3.0.5e and 3.0.5f)

Validated to FIPS 140-2

Security Policy

Certificate

Software 03/20/2003;
07/10/2003;
03/29/2004;
02/03/2005;
02/21/2006;
02/24/2006;
03/10/2006;
05/20/2008
Overall Level: 1 

-EMI/EMC: Level 3
-Cryptographic Key Managements: Level 3;

-Operational Environment: Tested as meeting Level 1 with RedHat Linux 7.0

-FIPS Approved algorithms: Triple-DES (Cert. #130); AES (Cert. #24); SHA-1 (Cert. #113); HMAC-SHA-1 (Cert. #113, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: MD5; RSA (key exchange)

Multi-chip standalone

"The Cranite Wireless® Access Controller is a cryptographic software system for wireless LANs that enforces network access rights, encrypts / decrypts authorized traffic, and provides seamless, secure mobility services to users as they mo ve across subnets. The Cranite Wireless Access Controller software installs onto a standard, enterprise-class hardware platform."
310 Standard Networks, Inc.
344 South Yellowstone Drive
Madison, WI 53705
USA

-Reid MacGuidwin
TEL: 608-227-6100

CST Lab: NVLAP 200427-0

MOVEit Crypto
(Versions 1.0.1.0 and 1.1.0.0)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Software 03/11/2003;
03/20/2003;
01/30/2004
Overall Level: 1 

-Operational Environment: Tested as meeting Level 1 with Windows 2000 and RedHat Linux 9.0 (single user mode)

-FIPS Approved algorithms: AES (Cert. #30); SHA-1 (Cert. #124); HMAC-SHA-1 (Cert. #124, vendor affirmed)

-Other algorithms: MD5; HMAC-MD5

Multi-chip standalone

"MOVEit Crypto is a 32-bit compact dynamically linked library (DLL) that provides fast encryption services to applications running on Microsoft Windows operating systems. MOVEit Crypto is supported on Windows 95/98/ME/NT 4.0/2000/XP. MOVEit Crypto provides an API featuring NIST-approved AES encryption, SHA-1 hashing, and pseudo-random number generation algorithms. The easy-to-use programming interface allows applications to be written without special code for details like block size, padding mode, and so on. MOVEit Crypto is a member of the MOVEit security and file transfer product family."
309 RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

CST Lab: NVLAP 200427-0

RSA BSAFE Crypto-C ME Toolkit Module
(Version 1.7)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Vendor Product Link
Software 03/07/2003;
10/01/2004;
01/04/2008;
10/16/2008;
09/07/2010;
03/28/2011;
01/24/2013
Overall Level: 1 

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows 2000 (single user mode)

-FIPS Approved algorithms: DSA (Cert. #72); Triple-DES (Cert. #135); AES (Cert. #26); SHA-1 (Cert. #121); RSA (PKCS #1, vendor affirmed); HMAC-SHA-1 (Cert. #121, vendor affirmed)

-Other algorithms: DES (Cert. #186); SHA-2 (256, 384, 512); MD2; MD5; HMAC-MD5; RC2; RC4; RC5; Diffie-Hellman (key agreement); RSA (encryption/decryption)

Multi-chip standalone

"The Crypto-C ME Module is RSA Security, Inc.’s cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors while offering great flexibility and choice by allowing developers to select only the algorithms needed in reduced code sizes. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the high-performing RC5, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more."
308 Entrust, Inc.
1000 Innovation Drive
Ottawa, Ontario K2K 3E7
Canada

-Entrust Sales

CST Lab: NVLAP 200017-0

Entrust Security Kernel Version 7.0
(Version 7.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 03/07/2003;
05/28/2014
Overall Level: 2 

-Roles and Services: Level 2*
-EMI/EMC: Level 3
-Key Management: Level 2*

-Operating System Security: Tested as meeting Level 2 with Microsoft Windows NT 4.0 with SP6a, TCSEC C3-2-rated on a Compaq ProLiant 7000 Server;

*When operated in the FIPS mode

-FIPS Approved algorithms: Triple-DES (Cert. #6); AES (Cert. #10); HMAC-SHA-1 (Cert. #10, vendor affirmed); DSA/SHA-1 (Cert. #10); RSA (PKCS #1, vendor affirmed)

-Other algorithms: DES (Cert. #56); DES MAC; RC2; RC4; IDEA; MD5; MD2; RIPEMD-160; HMAC-MD5; HMAC-RIPEMD-160; CAST; CAST3; CAST5; Diffie-Hellman (key agreement); Ephemeral-Static Diffie-Hellman; ECDSA (vendor affirmed; non-compliant)

Multi-chip standalone

"The Kernel is a C++ class library of cryptographic functions bound together by a common object-oriented Application Programming Interface (API). Depending on the configuration and runtime environment of the Kernel, the algorithms may be implemented in software, hardware, or a combination of both. The industry standard Cryptoki API, as described in PKCS #11, is used as the internal interface to hardware-based cryptographic tokens. Decisions are made at runtime whether to perform operations via cryptoki or in software, based on a table that records the crypto capabilities of particular hardware devices. This table is built up at runtime by querying the actual token through Cryptoki."
307 Symbol (Columbitech)
641 Alpha Drive
Pittsburgh, PA 15238
USA

-Bill Forrest
TEL: 412-968-2200
FAX: 412-968-2269

CST Lab: NVLAP 100432-0

WTLS Cryptographic Module
(Software Versions 1.2, 1.3.1 and 1.3.3)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Vendor Product Link
Software 03/07/2003;
03/14/2003;
03/20/2003;
05/23/2003;
03/30/2004;
03/11/2005;
09/12/2006
Overall Level: 1 

-EMI/EMC: Level 3
-Design Assurance: Level 2
-Self Tests: Level 4

-Operating Environment: Tested as meeting Level 1 with Windows 2000; Windows XP; Windows NT4.0; Windows CE3.0

-FIPS Approved algorithms: Triple-DES (Cert. #134); AES (Cert. #25); SHA-1 (Cert. #120); HMAC-SHA-1 (Cert. #120, vendor affirmed); RSA (PKCS #1, vendor affirmed)

-Other algorithms: DES (Cert. #185); RSA (encrypt/decrypt); SHA-256; SHA-384; SHA-512; MD5; HMAC-MD5

Multi-chip standalone

"Symbol Technologies Inc is using the WTLS Cryptographic Module in the AirBEAM® Safe product, a software only VPN solution built on standards, installable today, without any proprietary adjustments, and extendable for any future needs and technologies. In summary, AirBEAM® Safe benefits include strong security framework, using an advanced architecture with PKI support, true end-to-end security, authentication outside the firewall; optimized wireless performance using advanced data compression; convenience of always-on connectivity and seamless roaming between different public networks, LAN/WLAN/GPRS. Supported clients; PPC 2002, Windows 2000/XP Supported servers: Windows 2000/NT 4.0"
306 Lucent Technologies, Inc.
101 Crawfords Corner Road
Room 4D-218
Holmdel, NJ 07733
USA

-Steve Reustle
TEL: 732-332-6281
FAX: 732-949-1373

CST Lab: NVLAP 200427-0

Brick 1000
(Software Version 6.0.554, Hardware Version 1000, Part #300533882)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 03/07/2003 Overall Level: 2 

-Roles and Services: Level 3

-FIPS Approved algorithms: Triple-DES (Certs. #108); DSA (Cert. #62); SHA-1 (Certs. #96)

-Other algorithms: DES (Certs. #166); MD5; RC4; HMAC-SHA-1; Diffie-Hellman (key agreement)

Multi-chip standalone

"The Brick 1000 is a carrier-grade integrated firewall and virtual private network (VPN) gateway appliance specifically designed for web/application data center security, large-scale managed security services, and remote access VPN services. Called the Brick because of its rugged, reliable design, this is an ideal platform for service providers seeking wide scalability, ready manageability, and industryleading performance."
305 Lucent Technologies, Inc.
101 Crawfords Corner Road
Room 4D-218
Holmdel, NJ 07733
USA

-Steve Reustle
TEL: 732-332-6281
FAX: 732-949-1373

CST Lab: NVLAP 200427-0

Brick 1000 with Encryption Accelerator Card
(Software Version 6.0.554, Hardware Version 1000, Part #300533890)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 03/07/2003 Overall Level: 2 

-Roles and Services: Level 3

-FIPS Approved algorithms: Triple-DES (Certs. #108 and #111); DSA (Cert. #62); SHA-1 (Certs. #16 and #96)

-Other algorithms: DES (Certs. #43 and #166); MD5; RC4; HMAC-SHA-1; Diffie-Hellman (key agreement)

Multi-chip standalone

"The Brick 1000 is a carrier-grade integrated firewall and virtual private network (VPN) gateway appliance specifically designed for web/application data center security, large-scale managed security services, and remote access VPN services. Called the Brick because of its rugged, reliable design, this is an ideal platform for service providers seeking wide scalability, ready manageability, and industryleading performance."
304 Lucent Technologies, Inc.
101 Crawfords Corner Road
Room 4D-218
Holmdel, NJ 07733
USA

-Steve Reustle
TEL: 732-332-6281
FAX: 732-949-1373

CST Lab: NVLAP 200427-0

Brick 201
(Software Version 6.0.554, Hardware Version 201, Part #300546884)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 03/07/2003 Overall Level: 2 

-Roles and Services: Level 3

-FIPS Approved algorithms: Triple-DES (Certs. #108); DSA (Cert. #62); SHA-1 (Certs. #96)

-Other algorithms: DES (Certs. #166); MD5; RC4; HMAC-SHA-1; Diffie-Hellman (key agreement)

Multi-chip standalone

"The Brick 201 is a carrier-grade integrated firewall and virtual private network (VPN) gateway appliance specifically designed for web/application data center security, large-scale managed security services, and remote access VPN services. Called the Brick because of its rugged, reliable design, this is an ideal platform for service providers seeking wide scalability, ready manageability, and industryleading performance."
303 Lucent Technologies, Inc.
101 Crawfords Corner Road
Room 4D-218
Holmdel, NJ 07733
USA

-Steve Reustle
TEL: 732-332-6281
FAX: 732-949-1373

CST Lab: NVLAP 200427-0

Brick 201 with Encryption Accelerator Card
(Software Version 6.0.554, Hardware Version 201, Part #300546892)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 03/07/2003 Overall Level: 2 

-Roles and Services: Level 3

-FIPS Approved algorithms: Triple-DES (Certs. #108 and #111); DSA (Cert. #62); SHA-1 (Certs. #16 and #96)

-Other algorithms: DES (Certs. #43 and #166); MD5; RC4; HMAC-SHA-1; Diffie-Hellman (key agreement)

Multi-chip standalone

"The Brick 201 is a carrier-grade integrated firewall and virtual private network (VPN) gateway appliance specifically designed for web/application data center security, large-scale managed security services, and remote access VPN services. Called the Brick because of its rugged, reliable design, this is an ideal platform for service providers seeking wide scalability, ready manageability, and industryleading performance."
302 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801
USA

-sales@ncipher.com
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nForce 150 SCSI and nForce 400 SCSI
(Firmware Versions 2.0.0, 2.0.2, 2.0.4 and 2.0.5, Hardware Versions nC3022W-150 and nC3022W-400, Build Standard D)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 03/07/2003;
05/09/2003;
01/23/2004
Overall Level: 2 

-Roles, Services, and Authentication: Level 2 or 3*
-Cryptographic Module Ports and Interfaces: Level 2 or 3*
-Cryptographic Key Management: Level 2 or 3*

*Level Conditional on configuration as per Security Policy

-FIPS Approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC (Cert. #34, vendor affirmed); AES (Cert. #15); DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC (Cert. #24, vendor affirmed); ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; EI-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; KCDSA; HSA 160

Multi-chip standalone

"The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, ecommerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging."
301 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801
USA

-sales@ncipher.com
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nForce 150 PCI and nForce 300 PCI
(Firmware Versions 2.0.0, 2.0.2, 2.0.4 and 2.0.5, Hardware Versions nC3022P-150 and nC3022P-300, Build Standard E)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 03/07/2003;
05/09/2003;
01/23/2004
Overall Level: 2 

-Roles, Services, and Authentication: Level 2 or 3*
-Physical Security: Level 3;
-Cryptographic Module Ports and Interfaces: Level 2 or 3*;
-Cryptographic Key Management: Level 2 or 3*

*Level Conditional on configuration as per Security Policy

-FIPS Approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC (Cert. #34, vendor affirmed); AES (Cert. #15); DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC (Cert. #24, vendor affirmed); ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; EI-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; KCDSA; HSA 160

Multi-chip embedded

"The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, ecommerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging."
300 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801
USA

-sales@ncipher.com
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nShield F3 SCSI, nShield F3 Ultrasign SCSI and nShield F3 Ultrasign 32 SCSI and payShield
(Firmware Versions 2.0.0, 2.0.2, 2.0.4 and 2.0.5, Hardware Versions nC4032W-150, nC4032W-400 and nC4132W-400, Build Standard DP)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 03/07/2003;
05/09/2003;
01/23/2004
Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC (Cert. #34, vendor affirmed); AES (Cert. #15); DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC (Cert. #24, vendor affirmed); ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; EI-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; KCDSA; HSA 160

Multi-chip standalone

"The nCipher nShield "SEE Ready" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions."
299 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801
USA

-sales@ncipher.com
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nShield F2 SCSI, nShield F2 Ultrasign SCSI and nShield F2 Ultrasign 32 SCSI
(Firmware Versions 2.0.0, 2.0.2, 2.0.4 and 2.0.5, Hardware Versions nC4022W-150, nC4022W-400 and nC4122W-400, Build Standard DR)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 03/07/2003;
05/09/2003;
01/23/2004
Overall Level: 2 

-Roles, Services, and Authentication: Level 2 or 3*
-EMI/EMC: Level 3
-Cryptographic Module Ports and Interfaces: Level 2 or 3*
-Cryptographic Key Management: Level 2 or 3*

*Level conditional on configuration as per Security Policy

-FIPS Approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC (Cert. #34, vendor affirmed); AES (Cert. #15); DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC (Cert. #24, vendor affirmed); ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; EI-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; KCDSA; HSA 160

Multi-chip standalone

"The nCipher nShield "SEE Ready" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions."
298 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801
USA

-sales@ncipher.com
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nShield F2 PCI, nShield F2 Ultrasign PCI and nShield F2 Ultrasign 32 PCI
(Firmware Versions 2.0.0, 2.0.2, 2.0.4 and 2.0.5, Hardware Versions nC4022P-150, nC4022P-300 and nC4122P-300, Build Standard ER)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 03/07/2003;
05/09/2003;
01/23/2004
Overall Level: 2 

-Roles, Services, and Authentication: Level 2 or 3*
-Physical Security: Level 3;
-Cryptographic Module Ports and interfaces: Level 2 or 3*;
-Cryptographic Key Management: Level 2 or 3*

*Level conditional on configuration as per Security Policy

-FIPS Approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC (Cert. #34, vendor affirmed); AES (Cert. #15); DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC (Cert. #24, vendor affirmed); ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; EI-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; KCDSA; HSA 160

Multi-chip embedded

"The nCipher nShield "SEE Ready" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions."
297 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801
USA

-sales@ncipher.com
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nShield F3 PCI, nShield F3 Ultrasign PCI and nShield F3 Ultrasign 32 PCI
(Firmware Versions 2.0.0, 2.0.2, 2.0.4 and 2.0.5, Hardware Versions nC4032P-150, nC4032P-300 and nC4132P-300, Build Standard ER)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 03/07/2003;
05/09/2003;
01/23/2004
Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC (Cert. #34, vendor affirmed); AES (Cert. #15); DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #24); DES MAC (Cert. #24, vendor affirmed); ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; EI-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; KCDSA; HSA 160

Multi-chip embedded

"The nCipher nShield "SEE Ready" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions."
296 Hewlett-Packard Company
19091 Pruneridge Ave.
MS 4441
Cupertino, CA 95014
USA

-Theresa Conejero
TEL: 408-447-2964
FAX: 408-447-5525

CST Lab: NVLAP 100432-0

Atalla Cryptographic Engine (ACE)
(ACE Product 524103 Rev. F, ACE Hardware 429728-006 Rev. H, Loader Software 523044-004 Rev. D)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 03/07/2003;
03/18/2003;
09/19/2011
Overall Level: 3 

-Physical Security: Level 3 +EFP
-Self Tests: Level 4

-FIPS Approved algorithms: Triple-DES (Cert. #128); SHA-1 (Cert. #112); Triple-DES MAC (Cert. #128, vendor affirmed)

-Other algorithms: MD5; RIPEMD; RSA (PKCS#1 Version 2 for decryption)

Multi-chip embedded

"The Atalla Cryptographic Engine (ACE) is a multichip module that provides state of the art, secure cryptographic processing. The ACE features secure key management and storage capabilities, and also provides high performance Triple DES processing and Public Key Infrastructure support required to support a broad range of payment and authentication applications. The ACE is used in the Atalla A10100, A9100, and A8100 Network Security Processors Series products."
295 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801
USA

-sales@ncipher.com
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nCipher 800 PCI and nCipher 1600 PCI
(Firmware Versions 2.0.1-2 and 2.0.5-2, Hardware Versions nC3033-800 and nC3033-1K6, Build Standard C)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 03/07/2003;
01/23/2004
Overall Level: 2 

-Roles, Services, and Authentication: Level 3
-Physical Security: Level 3
-EMI/EMC: Level 3
-Design Assurance: Level 3

-FIPS Approved algorithms: Triple-DES (Cert.#109); Triple-DES MAC (Cert. #109, vendor affirmed); AES (Cert. #15); DSA (Cert. #60); SHA-1 (Cert. #95); HMAC-SHA-1 (Cert. #95, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #173); DES MAC (Cert. #173); ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD 160); SHA-256; SHA-384; SHA-512; RIPEMD 160; EI-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; MD2; MD5; SEED; KCDSA; HSA 160

Multi-chip embedded

"The nCipher nForce II secure e-Commerce SSL family of secure ecommerce accelerators are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nForce modules: nForce 800, nForce 1600 are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed."
294 nCipher Corporation Ltd.
500 Unicorn Park Drive
Woburn, MA 01801
USA

-sales@ncipher.com
TEL: 800-NCIPHER
FAX: 781-994-4001

CST Lab: NVLAP 200017-0

nCipher 800 PCI and nCipher 1600 PCI
(Firmware Versions 2.0.1-3 and 2.0.5-3, Hardware Versions nC3033-800 and nC3033-1K6, Build Standard C)

(When operated in FIPS mode)

Validated to FIPS 140-2

Security Policy

Certificate

Hardware 03/07/2003;
01/23/2004
Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Cert.#109); Triple-DES MAC (Cert. #109, vendor affirmed); AES (Cert. #15); DSA (Cert. #60); SHA-1 (Cert. #95); HMAC-SHA-1 (Cert. #95, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #173); DES MAC (Cert. #173); ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD 160); SHA-256; SHA-384; SHA-512; RIPEMD 160; EI-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; MD2; MD5; SEED; KCDSA; HSA 160

Multi-chip embedded

"The nCipher nForce II secure e-Commerce SSL family of secure ecommerce accelerators are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nForce modules: nForce 800, nForce 1600 are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed."
293 Aladdin Knowledge Systems, Ltd.
15 Beit Oved Street
Tel Aviv, 61110
Israel

-Leedor Agam
TEL: +972 3636 2222
FAX: +972 3537 5796

CST Lab: NVLAP 200556-0

eToken PRO 32K
(Version 4.2.5.4)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 02/13/2003 Overall Level: 2 

-Roles and Services: Level 3
-EMI/EMC: Level 3
-Key Management: Level 3
-Module Interfaces: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #153); Triple-DES MAC; SHA-1 (Cert. #118); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #199); DES MAC; RSA (encryption/decryption, PKCS#1)

Multi-chip standalone

"The eToken PRO is a fully portable USB device the size of an average house key offering a cost-Effective method for authenticating users when accessing a network and for securing electronic business applications. The eToken PRO can generate and store users' personal credentials, such as private keys, passwords and digital certificates, inside the protected environment of the token itself. Users' private keys never leave the token."
292 Aladdin Knowledge Systems, Ltd.
15 Beit Oved Street
Tel Aviv, 61110
Israel

-Leedor Agam
TEL: +972 3636 2222
FAX: +972 3537 5796

CST Lab: NVLAP 200556-0

eToken PRO 32K HD
(Version 4.2.5.4.HD)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 02/13/2003 Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Cert.#153); Triple-DES MAC; Triple-SHA-1 (Cert. #118); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #199); DES MAC; RSA (encryption/decryption, PKCS#1)

Multi-chip standalone

"The eToken PRO is a fully portable USB device the size of an average house key offering a cost-effective method for authenticating users when accessing a network and for securing electronic business applications. The eToken PRO can generate and store users' personal credentials, such as private keys, passwords and digital certificates, inside the protected environment of the token itself. Users' private keys never leave the token."
291 Aladdin Knowledge Systems, Ltd.
15 Beit Oved Street
Tel Aviv, 61110
Israel

-Leedor Agam
TEL: +972 3636 2222
FAX: +972 3537 5796

CST Lab: NVLAP 200556-0

eToken PRO 16K
(Version 4.1.5.4)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 02/13/2003 Overall Level: 2 

-Roles and Services: Level 3
-EMI/EMC: Level 3
-Key Management: Level 3
-Module Interfaces: Level 3
-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #152); Triple-DES MAC; SHA-1 (Cert. #118); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #198); DES MAC; RSA (encryption/decryption, PKCS#1)

Multi-chip standalone

"The eToken PRO is a fully portable USB device the size of an average house key offering a cost-Effective method for authenticating users when accessing a network and for securing electronic business applications. The eToken PRO can generate and store users' personal credentials, such as private keys, passwords and digital certificates, inside the protected environment of the token itself. Users' private keys never leave the token."
290 Aladdin Knowledge Systems, Ltd.
15 Beit Oved Street
Tel Aviv, 61110
Israel

-Leedor Agam
TEL: +972 3636 2222
FAX: +972 3537 5796

CST Lab: NVLAP 200556-0

eToken PRO 16K HD
(Version 4.1.5.4.HD)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 02/13/2003 Overall Level: 3 

-FIPS Approved algorithms: Triple-DES (Cert. #152); Triple-DES MAC; SHA-1 (Cert. #118); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #198); DES MAC; RSA (encryption/decryption, PKCS#1)

Multi-chip standalone

"The eToken PRO is a fully portable USB device the size of an average house key offering a cost-effective method for authenticating users when accessing a network and for securing electronic business applications. The eToken PRO can generate and store users' personal credentials, such as private keys, passwords and digital certificates, inside the protected environment of the token itself. Users' private keys never leave the token."
289 RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

-Sandy Carielli
TEL: 781-515-7510

CST Lab: NVLAP 200427-0

RSA BSAFE® Crypto-J Toolkit Module
(Version 3.3.4.2)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Vendor Product Link
Software 02/04/2003;
10/01/2004;
12/14/2004;
12/16/2004;
01/04/2008;
10/16/2008;
09/07/2010;
03/28/2011;
01/24/2013
Overall Level: 1 

-Operating System Security: Tested as meeting Level 1 with Windows NT SP 6 (single user mode), JVM v1.3.1, JRE v1.3.1

-FIPS Approved algorithms: Triple-DES (Cert. #112); AES (Cert. #45); SHA-1 (Cert. #97); DSA (Cert. #63); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Cert. #168); DESX; RC2; RC4; RC5; MD2; MD5; HMAC-SHA-1 (Cert #97); Diffie-Hellman (key agreement); Base64

Multi-chip standalone

"The Crypto-J Module is a Java-language software development kit that allows software and hardware developers to incorporate encryption technologies directly into their products. The tested Crypto-J Module is a Java-language API available as a Java ARchive, or JAR, file."
288 Tumbleweed Communications Corp.
700 Saginaw Drive
Redwood City, CA 94063
USA

-Ann Smith
TEL: 703-248-6931
FAX: 703-248-6932

CST Lab: NVLAP 100432-0

ValiCert Security Module
(SW Version 1.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 02/04/2003;
06/10/2004
Overall Level: 1 

-Operating System Security: Tested as meeting Level 1 with Microsoft Windows 2000 Server, SUN Solaris 2.8 (single user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #83); SHA-1 (Cert. #72); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. #72, vendor affirmed)

-Other algorithms: DES (Cert. #144); MD2; MD5; RC2; RC4; RSA encryption (key distribution)

Multi-chip standalone

"The ValiCert VA Toolkit 4.3 is built on our FIPS 140-1 cryptographic module. The 4.3 toolkit release has several new APIs and features. The library is also used within ValiCert Desktop Validator, Server Validators, Enterprise Validation Server, Document Authority, and Secure Transport Products. New features in VA Toolkit 4.3 include New APIs for fetching CRLs; Extended APIs for Certificate-Store ; Extended support for CRLs ; JITC compliance features ; TLS ; SSL Tunneling via Proxy Servers. The 4.3 release and prior releases support OCSP, SCVP, CRL, CRLdp protocols over HTTP, and HTTPS. The VA Toolkit 4.3 supports Windows 98/ NT/2000, Solaris 5.6/5.7/5.8, HP UX 11.0, and AIX 4.3. The Toolkit works along with FIPS 140-1 Level 3 and Level 4 validated hardware devices: e.g. nCipher, Baltimore, and Chrysalis-ITS hardware signing / encryption modules. The toolkit is also tested for interoperability with various PKI vendors: AOL/Netscape, Sun/Iplanet, Entrust, Baltimore, Verisign, Computer Associates and RSA Security products."
287 Mykotronx, Inc.
357 Van Ness Way
Suite 200
Torrance, CA 90501
USA

-B. Yamamoto
TEL: 310-533-8100

CST Lab: NVLAP 100432-0

82A FORTEZZA Crypto Card
(HW PN 650000-3 Version 6, FW Version 3)

Validated to FIPS 140-1

Security Policy

Certificate

Vendor Product Link
Hardware 02/04/2003 Overall Level: 2 

-EMI/EMC: Level 3

-FIPS Approved algorithms: DSA (Cert. #58); SHA-1 (Cert. #86); Skipjack (Certs. #7 and #10)

-Other algorithms: KEA

Multi-chip standalone

"The Mykotronx 82A FORTEZZA Crypto Card provides cryptographic security and authentication methods in a PC Card hardware token for government and commercial applications. Self- contained, standardized, and easily integrated, the 82A FORTEZZA Crypto Card enables portable security, with onboard storage of user credentials, keys, and digital certificates."
286 Novell, Inc.
1800 South Novell Place
Provo, UT 84606
USA

-Developer Support
TEL: 801-861-7000

CST Lab: NVLAP 200002-0

Novell International Cryptographic Infrastructure (NICI)
(Software Version 2.4.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Software 01/17/2003;
01/22/2003;
01/31/2006
Overall Level: 2 

-EMI/EMC: Level 3

-Operating System Security: Tested as meeting Level 2 with Sun SPARC Ultra-10 running Sun Solaris 8 Operating System (EAL 4 configuration)

-FIPS Approved algorithms: Triple-DES (Cert. #120); AES (Cert. #13); DSA (Cert. #66); SHA-1 (Cert. #104); RSA (signature generation/verification: ANSI X9.31, vendor affirmed); HMAC-SHA-1 (Cert. #104, vendor affirmed)

-Other algorithms: DES (Cert. #175); Diffie-Hellman (key agreement); RSA (encryption/decryption, PKCS#1); RSA (key-distribution); MD2; MD4; MD5; HMAC-MD5; RC2; RC4; RC5; CAST128; Password Based Encryption (PKCS#12); UNIX Crypt; LMdigest (CIFS); TLS-KeyExchange-RSASign; NetWarePassword (Novell)

Multi-chip standalone

"Novell International Cryptographic Infrastructure (NICI) for Solaris is a cryptographic module providing keys, algorithms, various key storage and usage mechanisms, and a large-scale key management system. Supported Novell services utilizing NICI includes eDirectory, Novell Modular Authentication Service (NMAS), Public Key Infrastructure Services, Novell SecretStore, and TLS/SSL."
285 M/A Com, Inc.
221 Jefferson Ridge Parkway
Lynchburg, VA 24501
USA

-Greg Farmer
TEL: 434-455-6600
FAX: 434-455-6851

CST Lab: NVLAP 100432-0

Jaguar 700P/Pi
(HW P/Ns [HA8ESE, HA8ETE, HA8MSE, HA8MTE, HA8SSE, HA8STE, HA8TSE and HA8TTE], FW Version i6r06a01.dsp)

Revoked
DES Transition Ended

Security Policy

Certificate

Hardware 01/17/2003;
02/12/2003
Overall Level: 1 

-FIPS Approved algorithms:

-Other algorithms: DES (Cert. #141)

Multi-chip standalone

"Portable, 64-bit Encryption, EDACS JAGUAR 700P, 800MHZ, 128 SYSTEMS/GROUPS, DATA ENABLED EDACS radio. System and Scan version, with Intrinsically Safe (IS), and Immersion options."
284 NetScreen Technologies, Inc.
805 11th Avenue
Bldg. 3
Sunnyvale, CA 94089
USA

-Lee Klarich
TEL: 408-543-8209
FAX: 408-543-8200

CST Lab: NVLAP 100432-0

NetScreen-204 and NetScreen-208
(Hardware PN's NS-204 and NS-208, Version 0110(0), Software ScreenOS 3.1.0)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Vendor Product Link
Hardware 01/17/2003;
02/21/2003;
06/03/2003
Overall Level: 2 

-Software Security: Level 3

-FIPS Approved algorithms: Triple-DES (Certs. #49 and #118); SHA-1 (Certs. #44 and #103); DSA (Cert. #44); AES (Certs. #11 and #12); HMAC-SHA-1 (Cert. #44, vendor affirmed); RSA (PKCS#1, vendor affirmed)

-Other algorithms: DES (Certs. #114 and #174); RC2; RC4; MD5; RSA (Encryption and Decryption); Diffie-Hellman (key agreement)

Multi-chip standalone

"NetScreen-204 and NetScreen-208 are purpose-built internet security appliances that deliver firewall, VPN, and traffic shaping optimized for the most demanding environments such as medium and large enterprise offices, e-business sites, data centers, and carrier infrastructures."
283 Simple Access Inc.
7755 Boul. Henri Bourassa Ouest
Saint-Laurent, Québec H4S 1P7
Canada

-Gatéan Haché
TEL: 514-335-7676
FAX: 514-335-2099

CST Lab: NVLAP 200017-0

SSL-100 SDK Accelerator
(Hardware Revision 2.0.1.4a, Firmware Version 1.1B)

(When operated in FIPS mode)

Validated to FIPS 140-1

Security Policy

Certificate

Hardware 01/17/2003 Overall Level: 2 

-FIPS Approved algorithms: Triple-DES (Cert. #122); DSA (Cert. #67); SHA-1 (Cert. #106); RSA (PKCS#1, vendor affirmed)

-Other algorithms: MD5; Diffie-Hellman (key agreement)

Multi-chip embedded

"The Simple Access SSL-100 SDK is a high performance drop-in accelerator card that processes up to 4000 1024-bit RSA keys/second. A single SSL-100 SDK will allow a Web server to achieve sustained throughput of up to 1600 new SSL connections per second using 1024-bit operands. The SSL-100 SDK offloads SSL processing and the huge cryptographic computations from the server, freeing the CPU to respond immediately to transactions. This solution eliminates dropped connections, failed transactions and slow response times thereby maintaining user loyalty to transactional Web sites."


Need Assistance?