CMVP Main Page
*** NOTE: Module descriptions were provided by the vendors, and their contents have not been verified for accuracy by NIST or CSE. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-approved mode. The algorithms, protocols, and cryptographic functions listed as "other algorithms" (non-FIPS-approved algorithms) have not been validated or tested through the CMVP. ***
Questions regarding modules on this list should first be directed to the appropriate vendor.
| Cert# | Vendor | Cryptographic Module | Val. Date |
Level / Description | |
|---|---|---|---|---|---|
| 939 | Research In Motion Ltd. 295 Phillip Street Waterloo, Ontario N2L 3W8 Canada -Certifications Team
|
(Firmware Versions: 3.8.5.11b and 3.8.5.11c) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Firmware | 04/23/2008 | Overall Level: 1
-Design Assurance: Level 3 -Tested: BlackBerry 8300 with BlackBerry OS Version 4.3 -FIPS-approved algorithms: Triple-DES (Certs. #653 and #654); AES (Certs. #734, #735, #736 and #737); SHS (Certs. #751 and #752); HMAC (Certs. #400 and #401); RSA (Certs. #344 and #345); RNG (Certs. #428 and #429); ECDSA (Certs. #78 and #79) -Other algorithms: EC Diffie-Hellman key agreement; key establishment methodology provides 256 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides 256 bits of encryption strength) Multi-chip standalone"BlackBerry is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry." |
| 938 | IronKey, Inc. 5150 El Camino Real, Suite C31 Los Altos, CA 94022 USA -Gil Spencer
|
(Hardware Versions: P/Ns 46.012.001.01 Version 1.0, 46.012.001.02 Version 1.0, 46.012.001.04 Version 1.0, and 46.012.001.08 Version 1.0; Firmware Version: 1.3) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 04/17/2008 | Overall Level: 2
-Cryptographic Module Specification: Level 3 -Cryptographic Module Ports and Interfaces: Level 3 -Roles, Services, and Authentication: Level 3 -Cryptographic Key Management: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Cert. #655); RNG (Cert. #380); RSA (Cert. #305); SHS (Certs. #689 and #691) -Other algorithms: RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); Triple-DES (non-compliant) Multi-chip standalone"The IronKey Secure Flash Drive has been designed to be the world's most secure flash drive. The onboard AES, RSA, SHA, and RNG engines deliver the gold standard in data and identity protection for consumers, enterprises, and government users alike. For more information, visit https://www.ironkey.com." |
| 937 | Memory Experts International, Inc. 227 Rue Montcalm, Suite 202 Gatineau, Quebec J8Y 2B9 Canada -Scott Ashdown
|
(Hardware Version: P/N 8A-SFS-0000-09P, Version A; Firmware Versions: 6.600 and 6.612) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 04/17/2008 | Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: AES (Cert. #464); RSA (Cert. #200); RNG (Cert. #263); SHS (Cert. #555) -Other algorithms: RSA (encrypt/decrypt) Multi-chip embedded"The MXI Cryptographic NAND Controller (CNC) provides FIPS 140-2 Approved security functionality to DiskOnKey USB flash drives. The CNC employs Federal Information Processing Standard (FIPS 140-2) encryption and key management functionality to ensure the protection of data stored on FLASH memory. The module is a multi-chip embedded cryptographic module, as defined by FIPS 140-2, and consists of the S2 controller and an EEPROM. Both components are encased in a hard, opaque, production grade integrated circuit packaging." |
| 936 | Verbatim Americas LLC 1200 West WT Harris Blvd. Charlotte, NC 28262 USA -Mark Rogers
|
(Hardware Version: P/N 8A-SFS-0000-09P, Version A; Firmware Versions: 6.600 and 6.612) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 04/17/2008 | Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: AES (Cert. #464); RSA (Cert. #200); RNG (Cert. #263); SHS (Cert. #555) -Other algorithms: RSA (encrypt/decrypt) Multi-chip embedded"The Store 'n' Go Corporate Secure FIPS provides FIPS 140-2 Approved security functionality to DiskOnKey flash drives. The Store 'n' Go Corporate Secure FIPS employs Federal Information Processing Standard (FIPS 140-2) encryption and key management functionality to ensure the protection of data stored on DiskOnKey FLASH memory. The module is a multi-chip embedded cryptographic module, as defined by FIPS 140-2, and consists of the S2 controller and an EEPROM. Both components are encased in a hard, opaque, production grade integrated circuit packaging." |
| 935 | Tait Electronics Ltd 175 Roydvale Avenue Christchurch, New Zealand -Werner Hoepf
|
(Firmware Version: 1.1.0) Validated to FIPS 140-2 Security PolicyCertificate |
Firmware | 04/17/2008 | Overall Level: 1
-Tested: Texas Instruments TMS320C5509 and TNS320C5510 Digital Signal Processors
-FIPS-approved algorithms: AES (Cert. #537); TDES (Cert. #539); SHS (Cert. #672); HMAC (Cert. #327); RNG (Cert. #343) -Other algorithms: N/A Single-chip"Firmware implementation of the Tait FIPS 140-2 Crypto module used in the Tait Electronics Ltd digital product range." |
| 934 | Neopost Technologies 113 rue Jean-Marin Naudin Bagneaux, 92220 France -Patrick Blanluet
|
(Hardware Version: P/N 4139955L; Firmware Version: P/N 4139419UA Version 21.2) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Hardware | 04/17/2008 | Overall Level: 3
-Physical Security: Level 3 + EFP/EFT
-FIPS-approved algorithms: Triple-DES (Cert. #558); Triple-DES MAC (Triple-DES Cert. #558, vendor affirmed); AES (Cert. #563); SHS (Cert. #629); RNG (Cert. #328); RSA (Cert. #260); HMAC (Cert. #300) -Other algorithms: RSA (key wrapping; key establishment methodology provides 96 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 90 bits of encryption strength) Multi-chip embedded"Neopost PSD (Postal Secure Device) for Middle to High Range Franking Machines." |
| 933 | Trapeze Networks 5753 W. Las Positas Blvd. Pleasanton, CA 94588 USA -Ted Fornoles
|
(Hardware Version: P/N MP-422F Rev. A; Firmware Version: MSS 6.1.0.3) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 04/08/2008 | Overall Level: 2
-FIPS-approved algorithms: AES CCM (Cert. #641); HMAC (Cert. #330); SHS (Cert. #676) -Other algorithms: RSA (key wrapping; key establishment methodology provides 80 bits of encryption strength); MD5; RNG (non-compliant) Multi-chip standalone"Trapeze Networks delivers Smart Mobile WLAN network solutions, enabling govt. agencies and enterprises to deploy and manage scalable, secure, mobile applications. It supports the IEEE 802.11i security specification and wireless IDS, application-aware switching, location tracking, voice and seamless indoor/outdoor mobility. The Smart Mobile family of wireless products includes high-performance Mobility Exchange® LAN controllers and Mobility Point® access points for secure indoor and outdoor wireless networks, Mobility System Software® and RingMaster® lifecycle WLAN management software." |
| 932 | SanDisk Corporation 601 McCarthy Boulevard Milpitas, CA 95035-0459 USA -Daniel Shefer
|
(Hardware Version: P/N 8A-SFS-0000-09P, Version A; Firmware Version: 6.600 and 6.612) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 04/08/2008; 05/08/2008 |
Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: AES (Cert. #464); RSA (Cert. #200); RNG (Cert. #263); SHS (Cert. #555) -Other algorithms: RSA (encrypt/decrypt) Multi-chip embedded"The SanDisk S2 FIPS DiskOnKey Controller provides FIPS 140-2 Approved security functionality to SanDisk DiskOnKey USB flash drives. The S2 FIPS DiskOnKey Controller employs Federal Information Processing Standard (FIPS 140-2) encryption and key management functionality to ensure the protection of data stored on DiskOnKey FLASH memory. The module is a multi-chip embedded cryptographic module, as defined by FIPS 140-2, and consists of the S2 controller and an EEPROM. Both components are encased in a hard, opaque, production grade integrated circuit packaging." |
| 931 | Secure Computing Corporation 2340 Energy Park Drive St. Paul, MN 55108 USA -Chuck Monroe
|
(Software Version: 9.7.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 03/31/2008 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with SecureOS® v6.1 and v7.0 (single-user mode)
-FIPS-approved algorithms: Triple-DES (Cert. #548); AES (Cert. #552); DSA (Cert. #225); SHS (Cert. #617); HMAC (Cert. #293); RSA (Cert. #248); RNG (Cert. #320) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); MD5; RSA (key wrapping; key establishment methodology provides between 80 and 256 bits of encryption strength) Multi-chip standalone"The Cryptographic Module for SecureOS® is software providing cryptographic services for applications on versions of Sidewinder® and Sidewinder G2® Security Appliance™. Sidewinder is a line of comprehensive network gateway security appliances consolidating a variety of Internet security functions including TrustedSource™, IPS, firewall, VPN, anti-virus, anti-spam, SSL decryption, and more. Sidewinder G2® is Common Criteria EAL4+ certified as compliant with the US DoD Application-level Firewall Protection Profile for Medium Robustness." |
| 930 | Hewlett-Packard Company, Atalla Security Products 19091 Pruneridge Ave. MS 4441 Cupertino, CA 95014 USA -Ted Hadley
|
(Hardware Version: P/N 543856-001; Firmware Versions: Loader Version 1.0, PSMCU Version 7.0) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 04/14/2008 | Overall Level: 4
-FIPS-approved algorithms: AES (Cert. #406); RNG (Cert. #200); RSA (Cert. #148); SHS (Cert. #473) -Other algorithms: N/A Multi-chip embedded"The ACS is a multi-chip embedded cryptographic module. It consists of a secure hardware platform (a full length PCI Card) and a secure firmware loader. The purpose of the module is to load application programs, called "personalities," in a secure manner." |
| 929 | Kingston Technology Company 17600 Newhope Street Fountain Valley, CA 92708 USA -Mark Akoubian
|
(Hardware Version: P/N 8A-SFS-0000-09P, Version A; Firmware Versions: 6.600 and 6.612) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 03/18/2008; 04/04/2008 |
Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: AES (Cert. #464); RSA (Cert. #200); RNG (Cert. #263); SHS (Cert. #555) -Other algorithms: RSA (encrypt/decrypt) Multi-chip embedded"The Kingston S2 CM is the core component of this performance secure USB Flash Drive. All data stored in the userÆs private partition is encrypted in hardware without reducing performance. The Kingston S2 CM provides encryption, user authentication and access control independent of the host software and hardware." |
| 928 | Comtech Mobile Datacom Corporation 20430 Century Blvd. Gaithersburg, MD 20874 USA -John Fossaceca
-Bill Vaughan
|
(Hardware Version: P/N CMDC-203-X0GA1, Revision A2; Firmware Version: Commercial Firmware: C.3.7.Y and Boot Code: 2.3.E) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Hardware | 03/18/2008; 04/29/2008 |
Overall Level: 2
-FIPS-approved algorithms: AES (Cert. #626); HMAC (Cert. #245); RNG (Cert. #271); SHS (Cert. #561); Triple-DES (Cert. #502) -Other algorithms: AES (key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; RNG (non-compliant); Triple-DES (key wrapping; key establishment methodology provides 112 bits of encryption strength) Multi-chip standalone"CMDC's MTM-203 is a small, low power L-Band satellite transceiver for power, weight and space-restrictive applications. The MTM-203 is designed for easy integration into systems that benefit from secure, near real-time, over-the-horizon communications. The MTM-203 is based on battlefield proven technology that enables many new applications, such as handheld and covert devices. The module provides messaging connectivity worldwide with other mobile and terrestrial connected users of CMDC's proprietary network. CMDC's products operate on a variety of satellite providers without reconfiguration." |
| 927 | Mocana Corporation 350 Sansome Street Suite 210 San Francisco, CA 94104 USA -Lee Cheng
|
(Software Versions: 3.06.1 and 3.06.1a) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 03/14/2008; 05/08/2008 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows CE 4.2; Linux Kernel 2.6; uCLinux Kernel 2.4 (single-user mode)
-FIPS-approved algorithms: AES (Cert. #665); Triple-DES (Cert. #611); SHS (Cert. #697); HMAC (Cert. #349); RSA (Cert. #308); DSA (Cert. #247); RNG (Cert. #384) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 128 bits of encryption strength) Multi-chip standalone"The Mocana Cryptographic Module is used in conjunction with Mocana's scalable, high performance embedded security solutions. These include: Mocana EAP supplicant/authenticator, Mocana SSL/TLS Client & Server, Mocana SSH Client & Server and Mocana IPsec/IKE." |
| 926 | Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 03/11/2008 | Overall Level: 2
-FIPS-approved algorithms: -Other algorithms: Multi-chip standalone | |
| 925 | Athena Smartcard Inc. 20380 Town Center Lane Suite 240 Cupertino, CA 95014 USA -Ian Simmons
|
(Hardware Version: P/N AT90SC25672RCT Revision D; Firmware Version: 0106.6340.0101) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 03/14/2008 | Overall Level: 3
-Physical Security: Level 4
-FIPS-approved algorithms: Triple-DES (Cert. #560); Triple-DES MAC (Triple-DES Cert. #560, vendor affirmed); AES (Cert. #577); SHS (Cert. #633); RNG (Cert. #332); RSA (Cert. #264) -Other algorithms: RSA (key wrapping; key establishment methodology provides between 80 and 112 bits of encryption strength) Single-chip"Athena Smartcard Solutions is a global smart card company offering a wide range of smart card products and solutions for Government, Enterprise and Financial institutions. Athena's products include advanced smart card operating systems, cross-platform cryptographic middleware and innovative biometric and card management solutions as well as advanced smart card readers. Athena offers FIPS and VISA certified Java Card solutions for ID and Finance on various smart card silicon and in a variety of form-factors." |
| 924 | Certicom Corp. 5520 Explorer Drive 4th Floor Mississauga, Ontario L4W 5L1 Canada -Mike Harvey
-Worldwide Sales & Marketing Headquarters
|
(Firmware Versions: 4.0 B and 4.0 S) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Firmware | 03/14/2008 | Overall Level: 1
-Tested: ARM 920T processor, running Hand Held Products BASE firmware 31205423-052; Hand Held Products Scanner firmware 31205480-025
-FIPS-approved algorithms: AES (Certs. #547 and #590); SHS (Certs. #612 and #641); HMAC (Certs. #288 and #307); RNG (Certs. #315 and #336); DSA (Certs. #222 and #232) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength; non-compliant less than 80-bits of encryption strength) Multi-chip standalone"The Security Builder® FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." |
| 923 | Fortress Technologies, Inc. 4023 Tampa Rd. Suite 2000 Oldsmar, FL 34677 USA -Bill McIntosh
|
(Hardware Versions: AF2100 and AF7500; Firmware Version: 3.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 02/29/2008 | Overall Level: 2
-FIPS-approved algorithms: AES (Cert. #550); HMAC (Cert. #291); RNG (Cert. #318); SHS (Cert. #615); Triple-DES (Cert. #546) -Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength; non-compliant less than 80 bits of encryption strength); MD5 Multi-chip standalone"The AirFortress® Wireless Security Gateways are electronic encryption modules that enforces network access rights and encrypts and decrypts communication across a WLAN. Installed by the vendor onto a production-quality hardware platform and deployable on any LAN or WAN, the AirFortress« Wireless Security Gateways provide encryption, data integrity checking, authentication, access control, and data compression." |
| 922 | Software House 70 Westview St Lexington, MA 02421 USA -Rick Focke
|
(Hardware Version: STAREX004W-64; Firmware Version: 4.1.1.12045) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Hardware | 02/29/2008; 03/07/2008 |
Overall Level: 2
-FIPS-approved algorithms: AES (Cert. #433); RNG (Cert. #283); SHS (Cert. #575); RSA (Cert. #219) -Other algorithms: RSA (key wrapping; key establishment methodology provides 80 bits of encryption strength) Multi-chip standalone"The iSTAR eX controller is a security door controller which is connected to at least one card reader and a door. The iSTAR eX controller works from a database stored internally in memory for determining access privilege of an individual. When a card is swiped by a reader the data goes to the iSTAR eX controller. The controller then sends a notify message to the access database to determine if access is allowed. If access is granted then the iSTAR eX controller sends an open command back to the door and access is granted. If access is not granted the door remains closed and locked." |
| 921 | Sterling Commerce, Inc. 4600 Lakehurst Court Dublin, OH 43016-2000 USA -Shryl Tidmore
-Terrence Shaw
|
(Software Version: 1.5) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 02/29/2008 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2003; Sun Solaris 10; IBM AIX 5L(TM) 5.3; and HP-UX 11i v2 (single-user mode)
-FIPS-approved algorithms: SHS (Cert. #655); HMAC (Cert. #312); RSA (Cert. #280); DSA (Cert. #235); RNG (Cert. #403); Triple-DES (Cert. #578); AES (Cert. #605) -Other algorithms: DES; RC2; RC4; Blowfish; CAST; MD2; MD4; MD5; RIPEMD; HMAC-MD5; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength) Multi-chip standalone"Sterling Crypto-C is a software module implemented as two dynamic libraries. Sterling Crypto-C provides security capabilities, such as encryption, authentication, and signature generation and verification for Sterling Commerce's managed file transfer solutions." |
| 920 | Security First Corp. 22362 Gilberto Suite 130 Rancho Santa Margarita, CA 92688 USA -Rick Orsini
|
(Software Versions: 4.5.0 and 4.5.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 02/29/2008 | Overall Level: 1
-Cryptographic Module Specification: Level 3 -Cryptographic Key Management: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows XP, Window Server 2003, Red Hat Linux Enterprise v4, SUSE Linux Enterprise v10 (single user mode) -FIPS-approved algorithms: AES (Certs. #594 and #687); RNG (Certs. #330 and #401); RSA (Certs. #262 and #321); DSA (Certs. #229 and #260); SHS (Certs. #631and #716); HMAC (Certs. #302 and #366); ECDSA (Certs. #63 and #77) -Other algorithms: RSA (key wrapping; key establishment methodology provides 128 bits of encryption strength) Multi-chip standalone"The SecureParser is a security and high data availability architecture delivered in the form of a software toolkit that provides cryptographic data splitting (data encryption, random or deterministic distribution to multiple shares including additional fault tolerant bits, key splitting, authentication, integrity, share reassembly, key restoration and decryption) of arbitrary data. During the split process, additional redundant data may be optionally written to each share enabling the capability of restoring the original data when all shares are not available." |
| 919 | Hughes Network Systems 11717 Exploration Lane Germantown, MD 20876 USA -Vivek Gupta
|
(Firmware Version: 1.2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Firmware | 02/29/2008 | Overall Level: 1
-Tested: Hughes 7700S Satellite Router running VxWorks 5.4
-FIPS-approved algorithms: AES (Cert. #616); SHS (Cert. #664); HMAC (Cert. #319); DSA (Cert. #239); RNG (Cert. #351) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength) Multi-chip standalone"The Hughes Crypto Kernel (HCK) is a FIPS 140-2 Level 1 cryptographic module available for the Hughes HN and HX systems. The HCK enables the use of end-to-end bidirectional encryption between a remote site and the enterprise data center, while still enabling the use of all Hughes satellite acceleration features, as well as Hughes' advanced routing, prioritization and access control capabilities. The HCK uses AES 128 bit encryption to encrypt user traffic, uses IKE to dynamically generate session keys used for encryption, and ensures message authentication and integrity using HMAC-SHA-1." |
| 918 | Open Source Software Institute Administrative Office P.O. Box 547 Oxford, MS 38655 USA -John Weathersby
|
(Source Content Version: 1.1.2; Resultant Compiled Software Version: 1.1.2) (When built, installed, protected and initialized as specified in the provided Security Policy. Appendix B of the provided Security Policy specifies the complete set of source files of this module. There shall be no additions, deletions or alterations of this set as used during module build. All source files, including the specified OpenSSL distribution tar file, shall be verified as specified in Appendix B of the provided Security Policy. Installation, protection, and initialization shall be completed as specified in Appendix C of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Software | 02/29/2008 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with SuSE Linux Version 10.2 (gcc Compiler Version 4.1.2)
-FIPS-approved algorithms: Triple-DES (Cert. #613); AES (Cert. #668); SHS (Cert. #701); HMAC (Cert. #352); RSA (Cert. #310); RNG (Cert. #387) -Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength); DSA (Cert. #250; non-compliant) Multi-chip standalone"The OpenSSL FIPS Object Module is a cryptographic library that can be downloaded from http://www.openssl.org/source/" |
| 917 | CardLogix Corporation 16 Hughes, Suite 100 Irvine, CA 92618 USA -Ken Indorf
|
(Hardware Version: P/N AT90SC12872RCFT Rev. J; Firmware Version: Credentsys-J PIV applet Version 2.3.0.8, OS755 Version 07.0107.04 (PIV Card Application: Cert. #9) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Hardware | 02/13/2008; 04/29/2008 |
Overall Level: 2
-Cryptographic Module Specification: Level 3 -Roles, Services, and Authentication: Level 3 -Physical Security: Level 4 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #566); Triple-DES MAC (Triple-DES Cert. #566, vendor affirmed); AES (Cert. #595); RNG (Cert. #339); RSA (Cert. #272); SHS (Cert. #644) -Other algorithms: RSA (key wrapping; key establishment methodology provides between 80 and 112 bits of encryption strength) Single-chip"CREDENTSYS-J is a secure smart card that is designed for National ID systems and multi-use enterprise security environments. The CREDENTSYS-J card is based on Java Card TM 2.2.1 and Global Platform 2.1.1 architectures and is readily deployable into existing or new PKI environments. CREDENTSYS-J cards offer a combination of high performance and cost-effectiveness by running on advanced 32-bit RISC processor cores with TDES and PKI cryptographic accelerations." |
| 916 | Ingrian Networks, Inc. 350 Convention Way Redwood City, CA 94063 USA -Eric Murray
|
(Hardware Versions: P/N DS-0116-0100-00 (i116); P/N DS-0416-0100-00 (i416); P/N DS-0426-0100-00 (i426); Firmware Version: 4.6.2p01) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 02/29/2008 | Overall Level: 2
-Roles, Services, and Authentication: Level 3
-FIPS-approved algorithms: Triple-DES (Cert. #565); AES (Cert. #588); DSA (Cert. #231); RNG (Cert. #335); RSA (Cert. #269); SHS (Cert. #640); HMAC (Cert. #306) -Other algorithms: RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength); DES; SEED; MD5; RC4 Multi-chip standalone"The Ingrian Networks DataSecure Appliance is a dedicated hardware product designed specifically for security and cryptographic processing, allowing organizations to protect structured and unstructured data, from within the data center out to remote locations, and ensure compliance with legislative and policy mandates for security. With its capabilities for granular encryption, seamless integration, and centralized key and policy management, DataSecure enables organizations to guard against a range of security threats, with unparalleled ease and cost effectiveness." |
| 915 | Hughes Network Systems 11717 Exploration Lane Germantown, MD 20876 USA -Vivek Gupta
|
(Software Version: 1.2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Software | 02/13/2008 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2003 (single-user mode)
-FIPS-approved algorithms: AES (Cert. #616); SHS (Cert. #664); HMAC (Cert. #319); DSA (Cert. #239); RNG (Cert. #351) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength) Multi-chip standalone"The Hughes Crypto Kernel (HCK) is a FIPS 140-2 Level 1 cryptographic module available for the Hughes HN and HX systems. The HCK enables the use of end-to-end bidirectional encryption between a remote site and the enterprise data center, while still enabling the use of all Hughes satellite acceleration features, as well as Hughes' advanced routing, prioritization and access control capabilities. The HCK uses AES 128 bit encryption to encrypt user traffic, uses IKE to dynamically generate session keys used for encryption, and ensures message authentication and integrity using HMAC-SHA-1." |
| 914 | C4 Technology, Inc. Meguro Tokyu Bldg. 5th Floor 2-13-17 Kamiosaki Shinagawa-ku,, Tokyo 141-0021 Japan -Hirohisa Ogawa
|
(Software Versions: 2.1.0 (C4CS Lite) and 2.1.0 (CSL)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 02/07/2008 | Overall Level: 2
-EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 2 with Microsoft Windows 2000 with SP3 and Q326886 Hotfix running on a Dell Optiplex GX400 -FIPS-approved algorithms: AES (Cert. #360); SHS (Cert. #435); RNG (Cert. #173); HMAC (Cert. #160); RSA (Cert. #207) -Other algorithms: RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength); C4Custom (C4CS Lite only); SSS Multi-chip standalone"C4CS Lite and CSL are software cryptographic modules that provide symmetric/asymmetric ciphers, hash functions, and secret sharing schemes in FIPS mode." |
| 913 | Cisco Systems Inc. 170 West Tasman Drive San Jose, CA 95134 USA -Brian Mansfield
|
(Hardware Versions: 1131 Revision C0, 1242 Revision A0; Firmware Version: 4.1.171.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 02/07/2008; 03/07/2008 |
Overall Level: 2
-FIPS-approved algorithms: AES (Certs. #370, #591 and #592); HMAC (Cert. #308); RNG (Cert. #337); RSA (Cert. #270); SHS (Cert. #642) -Other algorithms: RC4; MD5; HMAC MD5; RSA (key wrapping; key establishment methodology provides 96 bits of encryption strength) Multi-chip standalone"The Cisco LWAPP Aironet 1131 & 1242 access points deliver the versatility, high capacity, security, and enterprise-class features required for small, medium and large Government deployments. In FIPS 140-2 mode of operation, the Cisco APs support the LWAPP, MFP, IEEE 802.11i & IEEE 802.1x standards & AES for WPA2 encryption. WPA2 is the Wi-Fi Alliance certification for interoperable, standards-based WLAN security. The Cisco APs are also Wi-FI CERTIFIED for IEEE 802.11a, IEEE 802.11b and IEEE 802.11g radio standards." |
| 912 | Sterling Commerce 4600 Lakehurst Court PO Box 8000 Dublin, OH 43016-2000 USA -Shryl Tidmore
-Adrian Glanvill
|
(Software Version: 2.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 03/12/2008 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Sun Java Runtime Environment (JRE) 1.3.1, 1.4.2 and 1.5.0 running on Windows XP 32-bit; Windows XP 64-bit; Red Hat Linux Application Server 3.0 32-bit; Red Hat Linux Application Server 4.0 64-bit; Solaris 9 32-bit; Solaris 9 64-bit; Solaris 10 32 bit SPARC (single-user mode)
-FIPS-approved algorithms: Triple-DES (Cert. #485); AES (Cert. #469); SHS (Cert. #537); HMAC (Cert. #227); RNG (Cert. #254); DSA (Cert. #193); ECDSA (Cert. #41); RSA (Cert. #191) -Other algorithms: ARC2; ARC4; MD2; MD5; HMAC-MD5; DES; DESX; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength; non-compliant less than 80-bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 256 bits of encryption strength; non-compliant less than 80-bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); EC MQV (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength) Multi-chip standalone"The Sterling FIPS Crypto-J Module is a cryptographic toolkit for Java language users, providing services of various cryptographic algorithms such as hash algorithms, encryption schemes, message authentication, and public key cryptography." |
| 911 | Tyco Electronics, M/A-COM, Inc. 221 Jefferson Ridge Parkway Lynchburg, VA 24501 USA -Dennis Maddox
|
(Software Version: R1A) (While operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 02/07/2008 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows XP Professional SP2; Windows Server 2003 SP2 (single-user mode)
-FIPS-approved algorithms: AES (Cert. #637); Triple-DES (Cert. #591); SHS (Cert. #673); HMAC (Cert. #328); RNG (Cert. #363) -Other algorithms: AES MAC (AES Cert. #637; non-compliant); DES; DES MAC Multi-chip standalone"The M/A-COM Wireless Systems Cryptographic Library is a software-based cryptographic module that provides encryption, authentication, and other security support services to various M/A-Com product applications. It specifically satisfies FIPS 140-2 Level 1 requirements." |
| 910 | IBM Corporation Nymollevej 91 Lyngby, DK-2800 Denmark -Crypto Competence Center Copenhagen
|
(Software Version: 4.2) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 02/07/2008; 03/07/2008 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Microsoft Windows Vista with Sun Java JRE 1.6.0 (single user mode)
-FIPS-approved algorithms: AES (Cert. #659); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); ECDSA (Cert. #71); HMAC (Cert. #341); RNG (Cert. #379); SHS (Cert. #692) -Other algorithms: N/A Multi-chip standalone"The IBM CryptoLite for Java (CLiJ) v4 is a Java Cryptographic Extension (JCE) compliant cross-platform software library which provides APIs for the cryptographic functions specified in NSA Suite B. CLiJ includes specific high performance implementations of a number of cryptographic algorithms and services. CliJ has highly optimized elliptic curve operations and very efficient implementation of finite field arithmetic.CLiJ can be used on any JVM running Java version 1.5 or higher. CLiJ is compliant with ANSI X9.62, ANSI X9.63 and IEEE 1363." |
| 909 | Pitney Bowes, Inc. 35 Waterview Drive Shelton, CT 06484 USA -Kostas Vassilakis
|
(Hardware Versions: P/Ns 41U0438 and 12R8561, Model 4764-001; Firmware Version: Miniboot FW v1.25, Segment 2 FW v1.3, CCV Application FW v3.02.05) (When operated with module IBM eServer Cryptographic Coprocessor Security Module validated to FIPS 140-2 under Cert. #661 and operating in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 02/07/2008 | Overall Level: 3
-Physical Security: Level 4
-FIPS-approved algorithms: Triple-DES (Cert. #215); Triple-DES MAC (Triple-DES Cert. #215, vendor affirmed); SHS (Cert. #194); DSA (Cert. #147); RNG (Cert. #132) -Other algorithms: DES MAC Multi-chip embedded"The Pitney Bowes Cryptographic Coprocessor for Virtual Meter (CCV) module provides security services to support the secure accounting and cryptographic functions necessary for value evidencing of electronic transactions, such as the United States Postal Service Information-Based Indicium Program (USPS IBIP)." |
| 908 | GlobalSCAPE, Inc. 6000 Northwest Parkway Suite 100 San Antonio, TX 78249 USA -Mike Hambidge
|
(Software Version: 1.0.2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 02/07/2008 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2003 (single-user mode)
-FIPS-approved algorithms: AES (Cert. #618); Triple-DES (Cert. #586); DSA (Cert. #240); SHS (Cert. #666); RSA (Cert. #287); HMAC (Cert. #320); RNG (Cert. #388) -Other algorithms: RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); DES; MD2; MD4; MD5; MDC2; RIPEMD160; Blowfish; CAST5; RC2; RC4; RC5; IDEA Multi-chip standalone"The GlobalSCAPE® Cryptographic Module (GSCM) provides cryptographic services for the GlobalSCAPE family of software products such as Secure FTP Server and EFT Server. The services include symmetric/asymmetric encryption/decryption, digital signatures, message digest, message authentication, random number generation, and SSL/TLS support. The GSCM is intended for use by applications through the moduleÆs Application Programming Interface (API), which is based on the OpenSSL API defined by the OpenSSL Project." |
| 907 | C4 Technology, Inc. Meguro Tokyu Bldg. 5th Floor 2-13-17 Kamiosaki Shinagawa-ku,, Tokyo 141-0021 Japan -Hirohisa Ogawa
|
(Software Versions: 1.1.0 (C4CS Lite) and 1.1.0 (CSL)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 02/07/2008 | Overall Level: 1
-EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Microsoft Windows XP SP2 (single-user mode) -FIPS-approved algorithms: AES (Cert. #360); SHS (Cert. #435); RNG (Cert. #173); HMAC (Cert. #160); RSA (Cert. #207) -Other algorithms: RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength); C4Custom (C4CS Lite only); SSS Multi-chip standalone"C4CS Lite and CSL are software cryptographic modules that provide symmetric/asymmetric ciphers, hash functions, and secret sharing schemes in FIPS mode." |
| 906 | Cisco Systems, Inc. 170 West Tasman Dr. San Jose, CA 95134 USA -Chris Romeo
|
(Hardware Versions: 5505 and 5550; Firmware Version: 7.2.2.18) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 01/25/2008 | Overall Level: 2
-FIPS-approved algorithms: AES (Certs. #105, #536 and #564); HMAC (Certs. #125, #283 and #301); RNG (Certs. #144, #309 and #329); RSA (Certs. #106, #242 and #261); SHS (Certs. #196, #606 and #630); Triple-DES (Certs. #217, #538 and #559) -Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides 80 or 96 bits of encryption strength; non-compliant less than 80 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength); HMAC MD5; MD5; RC4; RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength; non-compliant less than 80 bits of encryption strength) Multi-chip standalone"The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes." |
| 905 | Fortinet Inc. 1090 Kifer Road Sunnyvale, CA 94086 USA -Jeff Lake, Vice President, Federal Operations
|
(Hardware Versions: FortiGate-200/200A-HD (build C4AY89); FortiGate-300/300A-HD (build C4FK88); FortiGate-500/500A-HD (build C4BE21); FortiGate-800 (build C4UT39); Firmware Version: FortiOS 3.00, build 8317, 061121) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Hardware | 01/25/2008; 02/21/2008 |
Overall Level: 2
-Cryptographic Module Ports and Interfaces: Level 3 -Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: Triple-DES (Certs. #486, #487, #489 and #490); RNG (Cert. #251); AES (Certs. #471, #472, #475 and #476); SHS (Certs. #539, #540, #543 and #544); RSA (Cert. #193); HMAC (Certs. #228, #229, #232 and #233) -Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 201 bits of encryption strength; non-compliant less than 80-bits of encryption strength); RSA (key wrapping; key establishment methodology provides 110 bits of encryption strength); MD5; HMAC-MD5 Multi-chip standalone"FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network." |
| 904 | Foundry Networks 4980 Great America Pkwy Santa Clara, CA 95054 USA -Michael Hong
|
(Hardware Versions: FN1120-VBD-03-0200, FN1010-VBD-03-0200 and FN1005-VBD-03-0200; Firmware Version: 4.6.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 01/23/2008 | Overall Level: 3
-FIPS-approved algorithms: AES (Certs. #551 and #189); DSA (Cert. #224); ECDSA (Cert. #58); HMAC (Cert. #292); RNG (Cert. #319); RSA (Cert. #247); SHS (Cert. #616); Triple-DES (Certs. #547 and #286); Triple-DES MAC (Triple-DES Certs. #547 and #286, vendor affirmed) -Other algorithms: AES-MAC (Certs. #551 and #189; non-compliant); DES; RC2; RC4; RC5; CAST; CAST3; CAST5; SEED; MD2; MD5; HAS-160; DES-MAC; RC2-MAC; RC5-MAC; CAST-MAC; CAST3-MAC; CAST5-MAC; SSL3-MD5-MAC; SSL3-SHA1-MAC; HMAC-MD5; KCDSA; PBE-MD2-DES; PBE-MD5-DES; PBE-MD5-CAST; PBE-MD5-CAST3; PBE-SHA-1-CAST5; GENERIC-SECRET; SSL PRE-MASTER; SEED; RC2-MAC; RC5-MAC; Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength); Elliptic Curve Diffie Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength) Multi-chip embedded"The Foundry Networks FIPS 140-2 Cryptographic Modules resides on PCI card and provides cryptographic key protection and acceleration for both asymmetric and symmetric encryption operations. It is contained in its own secure enclosure that provides physical resistance to tampering and zeroization of plaintext cryptographic material in the event the enclosure is opened." |
| 903 | Foundry Networks 4980 Great America Pkwy Santa Clara, CA 95054 USA -Michael Hong
|
(Hardware Versions: FN1120-VBD-03-0200, FN1010-VBD-03-0200 and FN1005-VBD-03-0200; Firmware Version: 4.6.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 01/23/2008 | Overall Level: 2
-Physical Security: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: AES (Certs. #551 and #189); DSA (Cert. #224); ECDSA (Cert. #58); HMAC (Cert. #292); RNG (Cert. #319); RSA (Cert. #247); SHS (Cert. #616); Triple-DES (Certs. #547 and #286); Triple-DES MAC (Triple-Des Certs. #547 and #286, vendor affirmed) -Other algorithms: AES-MAC (Certs. #551 and #189, non-compliant); DES; RC2; RC4; RC5; CAST; CAST3; CAST5; SEED; MD2; MD5; HAS-160; DES-MAC; RC2-MAC; RC5-MAC; CAST-MAC; CAST3-MAC; CAST5-MAC; SSL3-MD5-MAC; SSL3-SHA1-MAC; HMAC-MD5; KCDSA; PBE-MD2-DES; PBE-MD5-DES; PBE-MD5-CAST; PBE-MD5-CAST3; PBE-SHA-1-CAST5; GENERIC-SECRET; SSL PRE-MASTER; SEED; RC2-MAC; RC5-MAC; Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength); Elliptic Curve Diffie Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength) Multi-chip embedded"The Foundry Networks FIPS 140-2 Cryptographic Module resides on a PCI card and provides cryptographic key protection and acceleration for both asymmetric and symmetric encryption operations. It is contained in its own secure enclosure that provides physical resistance to tampering and zeroization of plaintext cryptographic material in the event the enclosure is opened." |
| 902 | Juniper Networks 1194 N. Mathilda Avenue Building 3 Sunnyvale, CA 94089 USA -Su-Chen Lin (Sue)
-Tim Stahlke
|
(Hardware Version: NS-5GT; Firmware Version: 5.4.0r4) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Hardware | 01/23/2008 | Overall Level: 2
-Cryptographic Module Specification: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #532); AES (Cert. #525); DSA (Cert. #216); SHS (Cert. #598); RNG (Cert. #301); RSA (Cert. #235); HMAC (Cert. #276) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 97 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); DES; MD5 Multi-chip standalone"The NetScreen-5GT appliance is a feature-rich, enterprise-class, network security solution that integrates a complete set of best-in-class UTM security features including IPS, Antivirus (includes Anti-Spyware, Anti-Adware, Anti-Phishing), Anti-Spam, and Web Filtering which allow the NetScreen-5GT to defend the network against worms, Spyware, Trojans, malware and other emerging attacks. The NetScreen-5GT Ethernet solution is ideal for environments that need hardwired connectivity backed by robust network, application and payload level security." |
| 901 | Juniper Networks, Inc. 1194 N. Mathilda Avenue Building 3 Sunnyvale, CA 94089 USA -Su-Chen Lin (Sue)
-Tim Stahlke
|
(Hardware Version: NS-500; Firmware Version: ScreenOS 5.4.0r4) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Hardware | 01/16/2008 | Overall Level: 2
-Cryptographic Module Specification: Level 3
-FIPS-approved algorithms: DSA (Cert. #214); SHS (Cert. #590); Triple-DES (Cert. #527); AES (Cert. #517); HMAC (Cert. #268); RSA (Cert. #231); RNG (Cert. #293) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 97 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); DES; MD5 Multi-chip standalone"The NetScreen-500 is a purpose-built, security system designed to provide a flexible, high performance solution for medium and large enterprise central sites and service providers. The NetScreen-500 security system integrates firewall, DoS, VPN and traffic management functionality in a low-profile, modular chassis. It provides high levels of total throughput for firewall and VPN plus support for virtual systems and security zones." |
| 900 | Juniper Networks, Inc. 1194 N. Mathilda Avenue Building 3 Sunnyvale, CA 94089 USA -Su-Chen Lin (Sue)
-Tim Stahlke
|
(Hardware Versions: P/N SSG-5 and SSG-20; Firmware Version: ScreenOS 5.4.0r4) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Hardware | 01/16/2008 | Overall Level: 2
-Cryptographic Module Specification: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #533); AES (Cert. #526); DSA (Cert. #217); SHS (Cert. #599); RNG (Cert. #302); RSA (Cert. #236); HMAC (Cert. #277) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 97 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); DES; MD5 Multi-chip standalone"The Juniper Networks Secure Services Gateway 5 (SSG 5) and Secure Services Gateway 20 (SSG 20) are purpose-built security appliances that deliver a perfect blend of performance, security and LAN\WAN connectivity for small branch office and small business deployments. Traffic flowing in and out of the branch office can be protected from worms, Spyware, Trojans, and malware by a complete set of Universal Threat Management (UTM) security features including Stateful firewall, IPSec VPN, IPS, Antivirus (includes Anti-Spyware, Anti-Adware, Anti-Phishing), Anti-Spam, and Web Filtering." |
| 899 | IBM® Corporation Nymøllevej 91 Lyngby, DK-2800 Denmark -Crypto Competence Center Copenhagen
|
(Software Version: 4.5) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Software | 01/16/2008 | Overall Level: 1
-Cryptographic Module Specification: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows Vista Ultimate; Red Hat Enterprise Linux v4 (single-user mode) -FIPS-approved algorithms: AES (Cert. #615); Triple-DES (Cert. #585); SHS (Cert. #663); DSA (Cert. #238); RSA (Cert. #286); RNG (Cert. #350); HMAC (Cert. #318); ECDSA (Cert. #66) -Other algorithms: DES; CAST-5; CAST-6; RC2; ArcFour; Blowfish; Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength; non-compliant less than 80-bits of encryption strength); ECDH (key agreement; key establishment methodology provides 80 to 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 80 to 256 bits of encryption strength; non-compliant less than 80-bits of encryption strength); MD2; MD5; Whirlpool; HMAC MD5 Multi-chip standalone"IBM CryptoLite is a C software package providing advanced cryptographic services in a very small footprint. CryptoLite supports public key encryption, digital signatures, symmetric ciphers, hash functions, message authentication codes, and other cryptographic algorithms through a simple programming interface. There are no runtime dependencies and the code has been optimized for high performance." |
| 898 | Juniper Networks, Inc. 1194 N. Mathilda Avenue Building 3 Sunnyvale, CA 94089 USA -Su-Chen Lin (Sue)
-Tim Stahlke
|
(Hardware Versions: NS-204 and NS-208; Firmware Version: ScreenOS 5.4.0r4) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Hardware | 01/16/2008 | Overall Level: 2
-Cryptographic Module Specification: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: DSA (Cert. #215); SHS (Cert. #591); Triple-DES (Cert. #528); AES (Cert. #518); HMAC (Cert. #269); RSA (Cert. #232); RNG (Cert. #294) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 97 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); DES; MD5 Multi-chip standalone"The Juniper Networks NetScreen-200 Series is one of the most versatile pair of security appliances available today. They easily integrate and secure many different network environments, including medium and large enterprise offices, e-business sites, data centers, and carrier infrastructure. Complete with either four or eight auto-sensing 10/100 Base-T Ethernet ports, the NetScreen-200 Series performs firewall functions at wire speed (375 Mbps on the NetScreen-204 and NetScreen-208)." |
| 897 | Juniper Networks, Inc. 1194 N. Mathilda Avenue Building 3 Sunnyvale, CA 94089 USA -Su-Chen Lin (Sue)
-Tim Stahlke
|
(Hardware Versions: NS-5200 and NS-5400; Firmware Version: ScreenOS 5.4.0r4) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Hardware | 01/16/2008 | Overall Level: 2
-Cryptographic Module Specification: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: DSA (Cert. #212); SHS (Cert. #587); Triple-DES (Cert. #524); AES (Cert. #514); HMAC (Cert. #265); RSA (Cert. #228); RNG (Cert. #290) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 97 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); DES; MD5 Multi-chip standalone"The Juniper Networks NetScreen-5000 series is a line of purpose-built, high-performance firewall/VPN security systems designed to deliver a new level of high-performance capabilities for large enterprise, carrier, and data center networks. The NetScreen-5000 series consists of two products: the 2-slot NetScreen-5200 system and the 4-slot NetScreen-5400 system. NetScreen-5000 security systems integrate firewall, VPN, DoS and DDoS protection, and traffic-management functionality, in a low-profile modular chassis." |
| 896 | Juniper Networks, Inc. 1194 N. Mathilda Avenue Building 3 Sunnyvale, CA 94089 USA -Su-Chen Lin (Sue)
-Tim Stahlke
|
(Hardware Versions: P/N NS-ISG-1000 and NS-ISG-2000; Firmware Version: ScreenOS 5.4.0r4) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Hardware | 01/16/2008 | Overall Level: 2
-Cryptographic Module Specification: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: DSA (Cert. #213); SHS (Cert. #588); Triple-DES (Cert. #525); AES (Cert. #515); HMAC (Cert. #266); RSA (Cert. #229); RNG (Cert. #219) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 97 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); DES; MD5 Multi-chip standalone"The Juniper Networks NetScreen ISG 1000 and ISG 2000 are Internet security devices that integrate firewall, virtual private networking (VPN), and traffic shaping functions. Through the VPN, the NetScreen ISG devices provide the following: IPSec standard security, Triple-DES, and Advanced Encryption Standard (AES) encryption, Manual and automated IKE (ISAKMP), and Use of RSA and DSA certificates." |
| 895 | Xirrus, Inc. 370 N. Westlake Blvd. Suite 200 Westlake Village, CA 91362 USA -Patrick Parker
|
(Hardware Versions: Models: XS-3900 P/Ns 190-0001-001, 190-0001-002, 190-0001-003, 190-0001-004 Version B1; XS-3700 P/Ns 190-0005-001, 190-0005-002, 190-0005-003, 190-0005-004 Version B1; XS-3500 P/Ns 190-0004-001, 190-0004-003 Version A1; WFX-3900 P/N 190-0016-001 Version A1; WFX-3700 P/N 190-0017-001 Version A1; WFX 3500 P/N 190-0018-001 Version A; XS4 P/N 190-0092-001 Version A; XS8 P/N 190-0091-001 Version A; XS16 P/N 190-0090-001 Version A; Firmware Version: 3.2-0477) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 01/10/2008 | Overall Level: 2
-Roles, Services, and Authentication: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: AES (Cert. #470); RNG (Cert. #255); HMAC (Cert. #304); SHS (Cert. #638); RSA (Cert. #290) -Other algorithms: RC4; MD5 Multi-chip standalone"The Xirrus Wireless LAN Array represents the next generation in enterprise wireless LAN architecture - combining the functionality of a WLAN switch and Integrated Access Points (IAPs) in a single device. The WLAN Array delivers Gigabit-class Wi-Fi bandwidth to an extended coverage area simplifying the wireless LAN setup." |
| 894 | Microsoft Corporation One Microsoft Way Redmond, WA 98052-6399 USA -Dave Friant
|
(Software Version: 6.0.6000.16386) (When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #890 operating in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 01/10/2008 | Overall Level: 1
-Operational Environment: tested as meeting Level 1 with Microsoft Windows Vista Ultimate Edition (x86 Version); Microsoft Windows Vista Ultimate Edition (x64 version) (single-user mode)
-FIPS-approved algorithms: DSA (Cert. #226); RNG (Cert. #321); SHS (Cert. #618); Triple-DES (Cert. #549); Triple-DES MAC (Triple-DES Cert. #549, vendor affirmed) -Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 150 bits of encryption strength; non-compliant less than 80 bits of encryption strength); MD5; RC2; RC2 MAC; RC4 Multi-chip standalone"DSSENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Software developers dynamically link the Microsoft DSSENH module into their applications to provide FIPS 140-2 compliant cryptographic support." |
| 893 | Microsoft Corporation One Microsoft Way Redmond, WA 98052-6399 USA -Dave Friant
|
(Software Version: 6.0.6000.16386) (When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #890 operating in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 01/10/2008 | Overall Level: 1
-Operational Environment: tested as meeting Level 1 with Microsoft Windows Vista Ultimate Edition (x86 Version); Microsoft Windows Vista Ultimate Edition (x64 version) (single-user mode)
-FIPS-approved algorithms: AES (Cert. #553); HMAC (Cert. #297); RNG (Cert. #321); RSA (Certs. #255 and #258); SHS (Cert. #618); Triple-DES (Cert. #549) -Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength) Multi-chip standalone"RSAENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Developers dynamically link the Microsoft RSAENH module into their applications to provide FIPS 140-2 compliant cryptographic support." |
| 892 | Microsoft Corporation One Microsoft Way Redmond, WA 98052-6399 USA -Dave Friant
|
(Software Version: 6.0.6000.16386) (When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #890 operating in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 01/10/2008 | Overall Level: 1
-Operational Environment: tested as meeting Level 1 with Microsoft Windows Vista Ultimate Edition (x86 Version); Microsoft Windows Vista Ultimate Edition (x64 version) (single-user mode)
-FIPS-approved algorithms: AES (Cert. #553); DSA (Cert. #227); ECDSA (Cert. #60); HMAC (Cert. #298); RNG (Cert. #321); RSA (Certs. #257 and #258); SHS (Cert. #618); Triple-DES (Cert. #549) -Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 150 bits of encryption strength; non-compliant less than 80 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4 Multi-chip standalone"BCRYPT.DLL provides cryptographic services, through its documented interfaces, to Windows Vista components and applications running on Windows Vista. The cryptographic module, BCRYPT.DLL, encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CNG (Cryptography, Next Generation) API. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-2 compliant cryptography." |
| 891 | Microsoft Corporation One Microsoft Way Redmond, WA 98052-6399 USA -Dave Friant
|
(Software Version: 6.0.6000.16386) (When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #890 operating in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 01/10/2008 | Overall Level: 1
-Operational Environment: tested as meeting Level 1 with Microsoft Windows Vista Ultimate Edition (x86 Version); Microsoft Windows Vista Ultimate Edition (x64 version) (single-user mode)
-FIPS-approved algorithms: AES (Cert. #553); ECDSA (Cert. #60); HMAC (Cert. #298); RNG (Cert. #321); RSA (Certs. #257 and #258); SHS (Cert. #618); Triple-DES (Cert. #549) -Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides between 50 and 150 bits of encryption strength; non-compliant less than 80 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 to 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; HMAC MD5 Multi-chip standalone"KSECDD.SYS runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows Vista kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request irp (I/O request packet)." |
| 890 | Microsoft Corporation One Microsoft Way Redmond, WA 98052-6399 USA -Dave Friant
|
(Software Version: 6.0.6000.16386) (When operated in FIPS mode with Winload OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #889 operating in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 01/10/2008 | Overall Level: 1
-Operational Environment: tested as meeting Level 1 with Microsoft Windows Vista Ultimate Edition (x86 Version); Microsoft Windows Vista Ultimate Edition (x64 version) (single-user mode)
-FIPS-approved algorithms: RSA (Cert. #255); SHS (Cert. #618) -Other algorithms: N/A Multi-chip standalone"This is a dynamically linked library that runs as ntoskrnl.exe. It verifies the integrity of executable files, including kernel mode drivers, critical system components and user mode crypto modules, before these files are loaded from disk into memory by the memory manager." |
| 889 | Microsoft Corporation One Microsoft Way Redmond, WA 98052-6399 USA -Dave Friant
|
(Software Versions: 6.0.6000.16386, 6.0.6000.16476 and 6.0.6000.20586) (When operated in FIPS mode with Boot Manager (bootmgr) validated to FIPS 140-2 under Cert. #888 operating in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 01/10/2008 | Overall Level: 1
-Operational Environment: tested as meeting Level 1 with Microsoft Windows Vista Ultimate Edition (x86 Version); Microsoft Windows Vista Ultimate Edition (x64 version) (single-user mode)
-FIPS-approved algorithms: AES (Cert. #424); RSA (Cert. #255); SHS (Cert. #618) -Other algorithms: N/A Multi-chip standalone"This is the OS loader. It loads the boot-critical driver image files and the OS kernel image file itself." |
| 888 | Microsoft Corporation One Microsoft Way Redmond, WA 98052-6399 USA -Dave Friant
|
(Software Version: 6.0.6000.16386) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 01/10/2008 | Overall Level: 1
-Operational Environment: tested as meeting Level 1 with Microsoft Windows Vista Ultimate Edition (x86 Version); Microsoft Windows Vista Ultimate Edition (x64 version) (single-user mode)
-FIPS-approved algorithms: AES (Cert. #424); HMAC (Cert.#298); RSA (Cert. #255); SHS (Cert. #618) -Other algorithms: N/A Multi-chip standalone"This is the system boot manager, called by the bootstrapping code that resides in the boot sector. It checks its own integrity and then checks the integrity of the OS loader and launches it." |
| 887 | ARX (Algorithmic Research) 10 Nevatim Street Kiryat Matalon, Petach Tikva 49561 Israel -Ezer Farhi
|
(Hardware Version: 4.0; Firmware Version: 4.3) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 01/07/2008; 03/07/2008 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Certs. #498 and #523); Triple-DES MAC (Triple-DES Cert. #498, vendor affirmed); SHS (Certs. #554 and #586); HMAC (Cert. #241); RNG (Cert. #265); RSA (Cert. #227) -Other algorithms: RSA (key wrapping; key establishment methodology provides 80 bits of encryption strength) Multi-chip standalone"CoSign is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organizationÆs end-users. End-users will connect securely to CoSign from their PC for the purpose of signing documents and data." |
| 886 | Fortress Technologies, Inc. 4023 Tampa Rd. Suite 2000 Oldsmar, FL 34677 USA -Bill McIntosh
|
(Hardware Version: 1.0; Firmware Version: 2.1.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Hardware | 01/07/2008 | Overall Level: 1
-FIPS-approved algorithms: AES (Cert. #545); Triple-DES (Cert. #541); SHS (Cert. #609); RNG (Cert. #312); HMAC (Cert. #286) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 112 bits of encryption strength; non-compliant less than 80-bits of encryption strength); DSA (non-compliant); RSA (non-compliant); MD2; MD5; Blowfish; CAST; IDEA; RC2; RC4; RC5 Multi-chip standalone"The Fortress Secure Client Bridge is a hardware module designed to deliver security on wireless and wired devices that cannot run the Fortress Secure Client software. A plug-and-play solution, the Secure Client Bridge encrypts and decrypts communication across the WLAN and LAN and protects the device against attacks without user intervention." |
| 885 | L-3 Communications Linkabit 3033 Science Park Road San Diego, CA 92121 USA -Rick Roane
|
(Hardware Versions: P/N 119811-1, 119903-30 and 119903-33; Firmware Version: 121423-00) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 01/07/2008 | Overall Level: 2
-FIPS-approved algorithms: AES (Certs. #439, #440 and #441); RNG (Cert. #228); DSA (Cert. #180); HMAC (Cert. #206); SHS (Cert. #507) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength) Multi-chip standalone"The MPM-1000 is a dual-use civilian/military modem used to transport IP data traffic over satellite communication links using a secure Multi-Frequency Time Division Multiple Access (MF-TDMA) protocol. The MPM-1000 also functions as a MIL-STD-165A modem for use in Single Channel Per Carrier (SCPC) Frequency Division Multiple Access (FDMA) satellite communications." |