CMVP Main Page

Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules

Historical , 1995-1997 , 1998 , 1999 , 2000 , 2001 , 2002 , 2003 , 2004 , 2005 , 2006 , 2007 , 2008 , 2009 , 2010 , 2011 , 2012 , 2013 , 2014 , 2015 , 2016
All

Last Update: 2/12/2016

It is important to note that the items on this list are cryptographic modules. A module may either be an embedded component of a product or application, or a complete product in-and-of-itself. If the cryptographic module is a component of a larger product or application, one should contact the product or application vendor in order to determine how the product utilizes the embedded validated cryptographic module. There may be a larger number of security products or applications available which use an embedded validated cryptographic module, than the number of modules which are found in this list. In addition, other vendors, who are not found in this list, may incorporate a validated cryptographic module from this list embedded into their own products.

When selecting a module from a vendor, verify that the module is either the product or application itself (e.g. VPN, SmartCard, USB memory token, etc.) or the module is embedded in a larger product or application (e.g. toolkit, etc.). If the module is embedded in a product or application, ask the product or application vendor to provide a signed letter or statement affirming that the unmodified validated cryptographic module is integrated in the solution; the module provides all the cryptographic services in the solution; and provide reference to the modules validation certificate number from this listing.

NOTE1: Module descriptions are provided by the module vendors and have not been verified for accuracy by the CMVP. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-Approved mode. The algorithms, protocols, and cryptographic functions listed as "other algorithms" (e.g. allowed or non-FIPS-Approved algorithms) have not been tested through the CMVP.

NOTE2: The operator of a cryptographic module is responsible for ensuring that the algorithms and key lengths are in compliance with the requirements of NIST SP 800-131A .

NOTE3: All questions regarding the implementation and/or use of any module located on the CMVP module validation lists should first be directed to the appropriate vendor point-of-contact (listed for each entry).

Please contact the CMVP if any errors are discovered or comments with suggestions for improvement of the validation listings.

Cert# Vendor / CST Lab Cryptographic Module Module
Type
Val.
Date
Level / Description
1247 Good Technology, Inc.
430 N. Mary Avenue
Suite 200
Sunnyvale, CA 94085
USA

Rick Pitz
TEL: 408-212-7878

CST Lab: NVLAP 200002-0
FIPSCrypto on Windows Mobile
(Software Version: 4.7.0.50906)

Validated to FIPS 140-2

Certificate

Security Policy
Software 12/29/2009
02/05/2010
06/02/2010
10/25/2010
01/20/2011
07/19/2011
10/18/2011
04/04/2012
09/27/2012
10/25/2012
04/24/2013
10/18/2013
09/25/2014
04/10/2015
04/17/2015
10/12/2015
Overall Level: 1

-Design Assurance: Level 3

-Operational Environment: Tested as meeting Level 1 with Windows CE 5.2

-FIPS Approved algorithms: AES (Cert. #1219); Triple-DES (Cert. #879); SHS (Cert. #1122); HMAC (Cert. #712)

-Other algorithms: N/A

Multi-chip standalone

"The FIPSCrypto is a FIPS 140-2 validated software-based cryptographic module that implements Triple-DES, AES, SHA-1, and HMAC-SHA-1."
1235 Advanced Communications Concepts Inc
8831 N.Capital of Texas Highway
Suite 212
Austin, TX 78759
USA

Eric Sweeney
TEL: 512-275-6245

CST Lab: NVLAP 200427-0
TUCrypt Cryptographic Module
(Software Version: 2.32.0.0)

Validated to FIPS 140-2

Certificate

Security Policy
Software 12/07/2009
01/28/2010
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows XP Pro (32-bit edition), Microsoft Windows Vista (32-bit and 64-bit editions), and Microsoft Windows 7 (32-bit and 64-bit editions) (single-user mode)

-FIPS Approved algorithms: AES (Certs. #1057, #1058 and #1102); SHS (Certs. #1003, #1004 and #1025); HMAC (Certs. #595, #596 and #616)

-Other algorithms: AES (Certs. #1057, #1058 and #1102, key wrapping)

Multi-chip standalone

"The TUCrypt Cryptographic Module is a multi-chip standalone software module that executes on a IBM compatable personal computer. The software module is intended to be used by other ACCI software to provide FIPS 140-2 approved cryptographic services."
1228 Atos Wordline S.A./N.V.
Haachtsesteenweg 1442 ChaussΘe de Haecht
Brussels 1130
Brussels, 1130
Belgium

Filip Demaertelaere
TEL: +32 2 727 61 67
FAX: +32-2-727-6250

Sam Yala
TEL: +32-2-727-6194
FAX: +32-2-727-6250

CST Lab: NVLAP 200636-0
DEP/PCI v4
(Hardware Version: PCI card: 033-120010-1.0; Alarm card: 033-120020-2.0; Firmware Version: Boot firmware: 4.0.l; FPGA firmware: 661442; Alarm firmware: 5.0.m)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware 11/24/2009
Overall Level: 3

-FIPS Approved algorithms: AES (Cert. #883); SHS (Cert. #875)

-Other algorithms: N/A

Multi-chip embedded

"The DEP/PCI (a PCI adapter board) is a hardware cryptographic module, also known as a hardware security module (HSM). Its boot software together with its cryptographic coprocessor implements different cryptographic algorithms which are used for secure key entry, secure application loading and secure boot firmware update. The alarm firmware implements the tamper detection and tamper responsive logic."
1221 Bull SAS
Rue Jean Jaurès
B.P.68
Les Clayes sous Bois 78340
Les Clayes sous Bois, 78340
France

Jean-Luc CHARDON
TEL: +33 1 30 80 79 14
FAX: +33 1 30 80 78 87

Pierre-Jean AUBOURG
TEL: +33 1 30 80 77 02
FAX: +33 1 30 80 78 87

CST Lab: NVLAP 200017-0
CHR Cryptographic Module
(Hardware Version: 003/A [1] or 004/A [2]; Firmware Version: V1.02-00L [1] or V1.03-00L [2])

Validated to FIPS 140-2

Certificate

Security Policy
Hardware 11/17/2009
07/05/2011
Overall Level: 3

-Physical Security: Level 3 + EFP/EFT

-FIPS Approved algorithms: RSA (Cert. #438); SHS (Cert. #893)

-Other algorithms: N/A

Multi-chip standalone

"The BULL CHR is a multi-chip standalone security module providing functionality for the secure loading of applications. The CHR is the corner stone of a range of security products developed and signed by BULL as Application Provider and known as "CRYPT2Pay HR" product range available for different domain of applications including Banks and Financial Institutions. Additional products may be developed by Application Providers, based on the CHR."
1211 Motorola, Inc.
1 Motorola Plaza
Holtsville, NY 11742
USA

Steven Chew
TEL: 631-738-3507
FAX: 631-738-4164

Bert Scaramozzino
TEL: 631-738-3215
FAX: 631-738-4164

CST Lab: NVLAP 200648-0
Motorola Wireless Fusion on Windows CE Cryptographic Module
(Hardware Version: CX 55222; Software Version: 3.00)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software-Hybrid 11/18/2009
05/05/2010
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Windows CE 6.0

-FIPS Approved algorithms: AES (Certs. #1035 and #1037); SHS (Cert. #988); HMAC (Cert. #581)

-Other algorithms: RC4; TKIP

Multi-chip standalone

"Motorola Wireless Fusion Cryptographic Module is a component of Motorola Wireless Mobile Computing devices that are equipped with a WLAN radio. These devices are used for business process automation applications in a number of vertical markets like retail, manufacturing, transportation, health and government."
1210 Motorola, Inc.
1 Motorola Plaza
Holtsville, NY 11742
USA

Steven Chew
TEL: 631-738-3507
FAX: 631-738-4164

Bert Scaramozzino
TEL: 631-738-3215
FAX: 631-738-4164

CST Lab: NVLAP 200648-0
Motorola Wireless Fusion on Windows Mobile Cryptographic Module
(Hardware Version: CX 55222; Software Version: 3.00)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software-Hybrid 11/18/2009
05/05/2010
06/02/2010
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Windows Mobile 6.1 and 6.5

-FIPS Approved algorithms: AES (Certs. #1036 and #1038); SHS (Cert. #989); HMAC (Cert. #582)

-Other algorithms: RC4; TKIP

Multi-chip standalone

"Motorola Wireless Fusion Cryptographic Module is a component of Motorola Wireless Mobile Computing devices that are equipped with a WLAN radio. These devices are used for business process automation applications in a number of vertical markets like retail, manufacturing, transportation, health and government."
1204 Midland Radio Corporation
5900 Parretta Drive
Kansas City, MO 64120
USA

David Berneking
TEL: 816-462-0421

CST Lab: NVLAP 200427-0
Midland Radio Base Station Cryptographic Module
(Hardware Versions: 91-1060A, 91-1060B, 91-1110A, 91-1110B, 91-4050A, 91-4050B, 91-4100A, 91-4100B, 91-4100C, 91-4100D, 91-7100B and 91-8100B; Firmware Version: FIPS_ver010b)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware 10/06/2009
Overall Level: 1

-FIPS Approved algorithms: AES (Cert. #485); SHS (Cert. #945); HMAC (Cert. #548); DRBG (Cert. #7)

-Other algorithms: DES

Multi-chip standalone

"The Midland BTIII Base Stations provide Project 25 encrypted and clear voice, data and Short Message Service communications in accordance with the Project 25 Digital Land Mobile Radio standards suite. In addition, conventional analog radio voice communications are supported. It is multi-chip standalone cryptographic module validated at a FIPS 140-2 Security Level 1."
1190 Raytheon Oakley Systems, Inc.
2755 E. Cottonwood Parkway
Suite 600
Salt Lake City, UT 84121
USA

Mindy Gilbert
TEL: 801-733-1443
FAX: 801-944-5800

Morgan Greenwood
TEL: 801-733-1433
FAX: 801-844-5800

CST Lab: NVLAP 200427-0
FIPS Linux Cryptographic Module
(Software Version: 1.0)

Validated to FIPS 140-2

Certificate

Security Policy
Software 09/21/2009
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Red Hat Enterprise Linux v4 (single-user mode)

-FIPS Approved algorithms: AES (Cert. #943); HMAC (Cert. #524); SHS (Cert. #919)

-Other algorithms: N/A

Multi-chip standalone

"The Raytheon Oakley Systems FIPS Linux Cryptographic Module is a software module providing cryptographic functionality for the Raytheon Oakley Systems InnerView insider threat product. InnerView is an enterprise monitoring, threat detection, and policy enforcement solution."
1186 Midland Radio Corporation
5900 Parretta Drive
Kansas City, MO 64120
USA

David Kingsolver
TEL: 816-462-0421

CST Lab: NVLAP 200427-0
Syn-Tech III P25 Radio Series
(Hardware Versions: STP105B, STP404A, STP404B, STM1050B, STM1055B, STM1115B, STM4040A, STM4045A, STM4040B, STM4045B, STM4085A, STM4085B, SDT1090, SDT4080A and SDT4080B; Firmware Versions: Control Micro-Processor Boot Firmware Version: 1.00 Build:1080, Control Micro-Processor Firmware Version: MDV 1.01 Build:3320, Digital Signal Processor(DSP) Firmware Version: SPV 1.03 Build:0556)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware 09/21/2009
Overall Level: 1

-FIPS Approved algorithms: AES (Cert. #645); SHS (Cert. #916); HMAC (Cert. #521); DRBG (Cert. #5)

-Other algorithms: DES

Multi-chip standalone

"The Midland Syn-Tech III P25 radios provide Project 25 encrypted and clear voice, data and Short Message Service communications in accordance with the Project 25 Digital Land Mobile Radio standards suite. In addition, conventional analog radio voice communications are supported. It is a multi-chip standalone cryptographic module consisting of production grade components in accordance to FIPS 140-2 security level 1."
1185 RELM Wireless Corporation
7100 Technology Drive
West Melbourne, FL 32904
USA

Jim Holthaus
TEL: 402-896-6406
FAX: 785-856-1302

CST Lab: NVLAP 100432-0
FIPSCOM Cryptographic Module
(Hardware Versions: P/N 7011-30967-000, Versions (011111, 071609 or 042009) [1] or (011211, 071709 or 042109) [2]; Firmware Versions: 0722-05072-000 [1] or 0722-05072-001 [2] (bootcodes) and 0722-05073-007 [011x11], 0722-05073-004 [071x09] or 0722-05073-003 [042x09] (application))
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware 09/21/2009
10/16/2009
05/11/2011
Overall Level: 1

-FIPS Approved algorithms: AES (Cert. #899); RSA (Cert. #139); SHS (Cert. #462)

-Other algorithms: DES; AES (AES Cert. #899, key wrapping; key establishment methodology provides 256 bits of encryption strength)

Multi-chip embedded

"The FIPSCOM is an embedded cryptographic module that provides encryption functions for secure digital communications products. The FIPSCOM can be incorporated into any BK Radio brand subscriber equipment requiring FIPS 140-2, Level 1 security."
1183

CST Lab: NVLAP 200427-0


Validated to FIPS 140-2

Certificate

Security Policy
Software 08/31/2009
10/26/2010
Overall Level: 2

Multi-chip standalone
1175

CST Lab: NVLAP 100432-0


Validated to FIPS 140-2

Certificate

Security Policy
Hardware 08/13/2009
Overall Level: 2

Multi-chip embedded
1166 Accellion, Inc.
1900 Embarcadero Road, Suite 207
Palo Alto, CA 94303
USA

Prateek Jain
TEL: 650-739-0095
FAX: 650-739-0561

CST Lab: NVLAP 100432-0
Secure File Transfer Appliance
(Hardware Version: P/N ACFIPS-01 Version 1.0.0; Firmware Versions: FTA_8_0_3, FTA_8_0_136 and FTA_8_0_488)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware 08/18/2009
10/02/2009
12/08/2010
Overall Level: 2

-Roles, Services, and Authentication: Level 3

-FIPS Approved algorithms: AES (Certs. #843, #844 and #845); SHS (Certs. #835, #836 and #842); HMAC (Cert. #468); DSA (Cert. #307); Triple-DES (Cert. #771)

-Other algorithms: Triple-DES (Cert. #771, key wrapping; key establishment methodology provides 80 bits of encryption strength; non-compliant); AES (Cert. #845, key wrapping; key establishment methodology provides 128 or 256 bits of encryption strength); Blowfish; MD5; RSA (key wrapping; key establishment methodology provides 80 bits of encryption strength; non-compliant)

Multi-chip standalone

"The Accellion Secure File Transfer Appliance is a key component of Accellion's secure file transfer solution that enables enterprises an easy to use solution for securely transferring large files. It helps eliminate FTP servers and offload file attachments from email resulting in improved email performance and reduced email storage. Extensive tracking and reporting tools enable companies to demonstrate compliance with SOX, HIPAA, FDA, and GLB regulations. Accellion appliances provide the highest level of security and ease of use of any enterprise file transfer solution."
1159 RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

Rohit Mathur
TEL: +61 7 3032 5220

CST Lab: NVLAP 200427-0
RSA BSAFE® Crypto-Kernel
(Software Versions: 1.3.1 [1] and 1.3.1.1 [2])
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software 07/29/2009
08/20/2010
09/07/2010
02/12/2016
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Windows Server 2003 SP2 (x86 Celeron) [1]
Windows Server 2003 SP2 (Itanium 2) [1]
Windows Server 2003 SP2 (x64 AMD Athlon X2) [2] (single-user mode)

-FIPS Approved algorithms: AES (Certs. #1105 [1] and #1415 [2]); HMAC (Certs. #617 [1] and #835 [2]); SHS (Certs. #1028 [1] and #1285 [2])

-Other algorithms: AES-XTS

Multi-chip standalone

"RSA BSAFE® Crypto-Kernel is a cryptographic library from RSA, The Security Division of EMC, to provide symmetric encryption, hashing, and message authentication code creation, in the operating system kernel. It provides Advanced Encryption Standard (AES) cipher, SHA-256 message digest, and HMAC capabilities."
1157 Oracle Corporation
500 Eldorado Blvd.
Bldg 5
Broomfield, CO 80021
USA

David Hostetter
TEL: 303-272-7126

CST Lab: NVLAP 100432-0
Sun StorageTek™ T10000A Tape Drive
(Hardware Version: P/N 315462802; Firmware Versions: 1.40.108, 1.41.110 and 1.41.111)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware 07/16/2009
09/02/2009
05/05/2010
Overall Level: 1

-Roles, Services, and Authentication: Level 2
-Design Assurance: Level 2

-FIPS Approved algorithms: AES (Certs. #495, #647, #941, #942 and #967); DRBG (Cert. #6); HMAC (Certs. #398 and #540); SHS (Certs. #736 and #937); RSA (Cert. #334)

-Other algorithms: AES (Cert. #941, key wrapping; key establishment methodology provides 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); MD5

Multi-chip standalone

"The Sun StorageTek™ T10000A tape drive provides 500 GB native capacity and 120 MB/sec throughput. The T10000A is designed for maximum security and performance in enterprise-level applications. It employs AES-256 encryption to protect and authenticate customer data while also using AES-256 to provide secure and authenticated transmission of key material. Designed for maximum performance, the drive allows the use of multiple keys per tape with a cache memory to minimize the overhead of key transmission. Works seamlessly with the Sun KMA 2.x to provide a secure end-to-end management solution."
1156 Oracle Corporation
500 Eldorado Blvd.
Bldg 5
Broomfield, CO 80021
USA

David Hostetter
TEL: 303-272-7126

CST Lab: NVLAP 100432-0
Sun StorageTek™ T10000B Tape Drive
(Hardware Version: P/N 315488302; Firmware Versions: 1.40.208, 1.41.210 and 1.41.211)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware 07/16/2009
09/02/2009
05/05/2010
Overall Level: 2

-FIPS Approved algorithms: AES (Certs. #495, #647, #941, #942 and #967); DRBG (Cert. #6); HMAC (Certs. #398 and #540); SHS (Certs. #736 and #937); RSA (Cert. #334)

-Other algorithms: AES (Cert. #941, key wrapping; key establishment methodology provides 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); MD5

Multi-chip standalone

"The Sun StorageTek™ T10000B tape drive provides 1 TB native capacity and 120 MB/sec throughput using the same media and with backward read compatibility to the T10000A. Designed for maximum security and performance, the T10000B provides AES-256 encryption to protect and authenticate customer data and to provide secure, authenticated transmission of key material. Designed for maximum performance, the drive allows the use of multiple keys per tape with a cache memory to minimize the overhead of key transmission. Works seamlessly with the Sun KMA 2.x to provide a secure end-to-end management solution."
1150

CST Lab: NVLAP 100432-0


Validated to FIPS 140-2

Certificate

Security Policy
Hardware 06/22/2009
12/11/2009
05/03/2012
Overall Level: 2

Multi-chip embedded
1147

CST Lab: NVLAP 200427-0


Validated to FIPS 140-2

Certificate

Security Policy
Hardware 06/18/2009
Overall Level: 1

Multi-chip standalone
1143 Mitsubishi Electric Corporation Kamakura Works
325 Kamimachiya
Kamakura, Kanagawa 247-8520
Japan

Masanori Sato
TEL: +81-467-41-6640
FAX: +81-467-41-6975

Koichiro Sasaki
TEL: +81-467-41-6670
FAX: +81-467-41-6975

CST Lab: NVLAP 200017-0
Command Encryption Module
(Firmware Version: 1.1)
(When operated in FIPS mode with the Operational Environment configuration specified on the reverse with the Firewall configured per Section 11 in the Security Policy)

Validated to FIPS 140-2

Certificate

Security Policy
Firmware 06/24/2009
Overall Level: 2

-EMI/EMC: Level 3
-Tested: HP Compaq DC 5100 Running Microsoft Windows 2000 SP4 and Zone Labs Zone Alarm Pro Firewall version 7.0.481.000

-FIPS Approved algorithms: Triple-DES (Cert. #759)

-Other algorithms: N/A

Multi-chip standalone

"Command Encryption Module is a firmware module designed to perform Triple DES CFB mode encryption functions."
1142

CST Lab: NVLAP 200427-0


Validated to FIPS 140-2

Certificate

Security Policy
Hardware 06/03/2009
Overall Level: 2

Multi-chip standalone
1119 LiteScape Technologies, Inc.
1000 Bridge Parkway, Suite 200
Redwood Shores, CA 94065
USA

Kayvan Alikhani

CST Lab: NVLAP 200427-0
LiteScape SPAR
(Hardware Version: 021013A; Firmware Versions: 1.0.7, Bootloader: v52b4)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware 04/03/2009
Overall Level: 2

-FIPS Approved algorithms: AES (Cert. #822); HMAC (Certs. #455, #456 and #457); SHS (Certs. #820, #821 and #822)

-Other algorithms: N/A

Multi-chip standalone

"SPAR (Secure Personal Authentication Reader) is a multi-factor authentication device that provides RFID, Biometric and Magnetic-card interfaces. Using the SPAR at the edge of VOIP networks when coupled with devices such as IP phone terminals dramatically increases the security, validation and personalization process for business applications."
1105 AJA Video Systems, Inc.
443 Crown Point Circle
Grass Valley, CA 95945
USA

Fred Dominikus
TEL: 530-274-2048
FAX: 530-274-9442

CST Lab: NVLAP 100432-0
JPG2K
(Hardware Versions: 102387-00, 102387-02 and 102387-03; Firmware Versions: 1.0, 1.5 and 1.6)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware 03/26/2009
01/06/2010
10/13/2011
Overall Level: 3

-FIPS Approved algorithms: RSA (Cert. #392)

-Other algorithms: N/A

Multi-chip embedded

"The JPG2K is a PCIe card that provides a platform for secure media processing."
1096

CST Lab: NVLAP 200002-0


Validated to FIPS 140-2

Certificate

Security Policy
Firmware 02/24/2009
04/03/2009
Overall Level: 1

Multi-chip standalone
1093 Vertex Standard LMR, Inc.
Sumitomo Fudosan Tamachi First
Building, 4‐6‐8 Shibaura
Minato‐ku, Tokyo 108‐0023
Japan

Yukimasa Tomita

CST Lab: NVLAP 100432-0
Vertex Standard Cryptographic Module 001
(Hardware Version: P/N 013790D; Firmware Version: 71.72)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware 03/03/2009
06/05/2014
07/31/2014
Overall Level: 1

-EMI/EMC: Level 3

-FIPS Approved algorithms: AES (Cert. #813); SHS (Cert. #813)

-Other algorithms: DES; LFSR

Multi-chip embedded

"The Vertex Standard Cryptographic Module 001 (VSCM) is a cryptographic module (also processes digital data) that is to be incorporated into two-way digital radio products. These digital radios are for use in communication with other APCO Project 25 compatible devices."
1092 RSA, The Security Division of EMC
174 Middlesex Turnpike
Bedford, MA 01730
USA

Rohit Mathur
TEL: +61 7 3032 5220

CST Lab: NVLAP 200427-0
RSA BSAFE® Crypto-C Micro Edition
(Software Versions: 3.0.0.1 [1], 3.0.0.14 [2], 3.0.0.15 [3], 3.0.0.19 [4], 3.0.0.21 [5] and 3.0.0.23 [6])
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software 02/24/2009
03/06/2009
09/07/2010
03/28/2011
10/04/2011
04/02/2012
12/12/2012
01/24/2013
04/03/2014
06/27/2014
12/31/2014
02/12/2016
Overall Level: 1

-Cryptographic Module Specification: Level 3

-Operational Environment: Tested as meeting Level 1 with Red Hat Enterprise Linux AS 4.0 (x86 32-bit) with LSB 3.0.3 [1]
Windows Vista Ultimate (x86 32-bit) - Visual Studio 2005 SP1 /MD option [1]
Windows XP Professional SP2 (x86 32-bit) - Visual Studio 2005 SP1 /MT option [1]
Linux 2.6.28-rt16 PowerPC (32-bit) [2, 4]
NetBSD v2.0.3 (x86 32-bit) [3]
NetBSD v2.0.3 MIPS (RM7035c 32-bit) [3]
TimeSys Linux 2.6.33.9-rt (ARM 32-bit) [5]
TimeSys Linux 3.0.0-rt (ARM 32-bit) [5]
Linaro Linux (kernel 3.10.33) [6] (single user mode)

-FIPS Approved algorithms: AES (Certs. #860 [1], #1771 [2, 4], #1951 [3], #2808 [5] and #3120 [6]); AES GCM (Certs. #860 [1], #1771 [2, 4], #1951 [3], #2808 [5] and #3120 [6], vendor affirmed: SP 800-38D); DRBG (Certs. #4 [1], #122 [2, 4], #172 [3], #480 [5] and #632 [6]); DSA (Certs. #311 [1], #554 [2, 4], #623 [3], #850 [5] and #904 [6]); ECDSA (Certs. #98 [1], #100 [1], #239 [2, 4], #240 [2, 4], #281 [3], #282 [3], #491 [5], #492 [5], #503 [5], #504 [5], #565 [6] and #569 [6]); HMAC (Certs. #477 [1], #1040 [2, 4], #1177 [3], #1759 [5] and #1959 [6]); RNG (Certs. #492 [1], #943 [2, 4], #1027 [3], #1274 [5] and #1330 [6]); RSA (Certs. #412 [1], #887 [2, 4], #1012 [3], #1470 [5], #1489 [5] and #1591 [6]); SHS (Certs. #855 [1], #1555 [2, 4], #1713 [3], #2356 [5] and #2578 [6]); Triple-DES (Certs. #707 [1], #1147 [2, 4], #1268 [3], #1686 [5] and #1791 [6])

-Other algorithms: DES; DES40; Diffie-Hellman; EC Diffie-Hellman; ECAES (non-compliant); ECIES; HMAC MD5; MD2; MD5; PBKDF1 SHA-1; PBKDF2 HMAC SHA-1/SHA-224/SHA-256/SHA-384/SHA-512 (non-compliant); RC2; RC4; RC5; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA PKCS #1 v2.0 (OAEP; non-compliant)

Multi-chip standalone

"The Crypto-C Micro Edition (ME) Module is RSA Security, Inc.'s cryptographic library designed for securing mobile devices like wireless phones and personal digital assistants. It contains assembly-level optimizations on key wireless processors. Its functionality includes a wide range of data encryption and signing algorithms, including Triple-DES, the Advanced Encryption Standard (AES) algorithm, the RSA Public Key Cryptosystem, the DSA government signature algorithm, MD5 and SHA1 message digest routines, and more."
1084 NetLib®
A Subsidiary of Communication Horizons, LLC
65 High Ridge Road
Suite 428
Stamford, CT 06905
USA

Neil Weicher
TEL: 203-321-1278 x91

CST Lab: NVLAP 200416-0
NetLib® Encryptionizer® for SQL Server
(Software Version: 8.601.1)

Validated to FIPS 140-2

Certificate

Security Policy
Software 02/03/2009
06/04/2009
04/12/2011
Overall Level: 1

-Design Assurance: Level 2

-Operational Environment: Tested as meeting Level 1 with Windows 2000 Server
Windows 2003 Server
Windows 2003 x64 Server (single user mode)

-FIPS Approved algorithms: AES (Cert. #857); SHS (Cert. #851); HMAC (Cert. #474)

-Other algorithms: N/A

Multi-chip standalone

"The NetLib® Encryptionizer® for SQL Server 8.601.1 provides encryption of data stored in MS SQL Server databases and backups. It can be deployed without programming and without adding any administrative overhead. The purpose of whole database encryption is to make a database unusable if it is stolen, copied, downloaded, lost, or otherwise improperly accessed."