CMVP Main Page

Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules

Historical, 1995-1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016
All

Last Updated: 9/13/2016

It is important to note that the items on this list are cryptographic modules. A module may either be an embedded component of a product or application, or a complete product in-and-of-itself. If the cryptographic module is a component of a larger product or application, one should contact the product or application vendor in order to determine how the product utilizes the embedded validated cryptographic module. There may be a larger number of security products or applications available which use an embedded validated cryptographic module, than the number of modules which are found in this list. In addition, other vendors, who are not found in this list, may incorporate a validated cryptographic module from this list embedded into their own products.

When selecting a module from a vendor, verify that the module is either the product or application itself (e.g. VPN, SmartCard, USB memory token, etc.) or the module is embedded in a larger product or application (e.g. toolkit, etc.). If the module is embedded in a product or application, ask the product or application vendor to provide a signed letter or statement affirming that the unmodified validated cryptographic module is integrated in the solution; the module provides all the cryptographic services in the solution; and provide reference to the modules validation certificate number from this listing.

NOTE1: Module descriptions are provided by the module vendors and have not been verified for accuracy by the CMVP. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-Approved mode. The algorithms, protocols, and cryptographic functions listed as "other algorithms" (e.g. allowed or non-FIPS-Approved algorithms) have not been tested through the CMVP.

NOTE2: The operator of a cryptographic module is responsible for ensuring that the algorithms and key lengths are in compliance with the requirements of NIST SP 800-131A.

NOTE3: All questions regarding the implementation and/or use of any module located on the CMVP module validation lists should first be directed to the appropriate vendor point-of-contact (listed for each entry).

Please contact the CMVP if any errors are discovered or comments with suggestions for improvement of the validation listings.

Cert#Vendor / CST LabCryptographic ModuleModule
Type
Val.
Date
Level / Description
1475Wind River Systems, Inc.
1500 Wind River Way
Alameda, CA 94501
USA

Millind Kukanur
TEL: 510-749-2494

CST Lab: NVLAP 200658-0
Network Security Services (NSS)
(Software Version: 3.12.4)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy

Vendor Product Link
Software12/28/2010Overall Level: 1

-Roles, Services, and Authentication: Level 2

-Operational Environment: Tested as meeting Level 1 with Wind River Linux Secure 1.0 (single-user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #949); AES (Cert. #1374); DSA (Cert. #450); ECDSA (Cert. #174); SHS (Cert. #1256); RSA (Cert. #673); DRBG (Cert. #49); HMAC (Cert. #807)

-Other algorithms: MD5; MD2; RC2; RC4; DES; SEED; Camellia; Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 bits and 192 bits of encryption strength; non-compliant less than 112 bits of encryption strength)

Multi-chip standalone

"Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards."
1472Enova Technology Corporation
1st Floor, No. 11, Research & Development 2nd Road, Science-based Industrial Park
Hsin Chu City, Taiwan 30076
Republic of China

Robert Wann
TEL: +886 3 577 2767
FAX: +886 3 577 2770

CST Lab: NVLAP 100432-0
X-Wall MX-256C
(Hardware Version: X-Wall MX-256C; Firmware Version: 1.1.0)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware12/28/2010Overall Level: 1

-Physical Security: Level 3
-Design Assurance: Level 3

-FIPS Approved algorithms: AES (Cert. #250)

-Other algorithms: N/A

Single-chip

"The patented X-Wall MX-256C (MX-256C) ASIC is the 7th gen of Enova X-Wall real-time Full Disk Encryption technology. Engineered specifically to encrypt entire drive (MBR, FAT, and OS) at SATA wire speed (sustained AES 256-bit throughput of 120MB/sec). MX-256C, a SATA to SATA chip engineered to include the full SATA protocol stacks, is transparent to host/drive. Authentication is separated from the core design of the MX-256C and can be versatile which may include Smartcard, Pre-boot PIN, TPM or Fingerprint. The MX-256C contains no NVM. Therefore at each power on reset authentication is needed."
1471Enova Technology Corporation
1st Floor, No. 11, Research & Development 2nd Road, Science-based Industrial Park
Hsin Chu, Taiwan 30076
Republic of China

Robert Wann
TEL: +886 3 577 2767
FAX: +886 3 577 2770

CST Lab: NVLAP 100432-0
X-Wall MX-256
(Hardware Version: X-Wall MX-256; Firmware Version: 1.1.0)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware12/28/2010Overall Level: 1

-Physical Security: Level 3
-Design Assurance: Level 3

-FIPS Approved algorithms: AES (Cert. #60)

-Other algorithms: N/A

Single-chip

"The patented X-Wall MX-256 (MX-256) ASIC is the 7th gen of Enova X-Wall real-time Full Disk Encryption technology. Engineered specifically to encrypt entire drive (MBR, FAT, and OS) at SATA wire speed (sustained AES 256-bit throughput of 120MB/sec).MX-256, a SATA to SATA chip engineered to include the full SATA protocol stacks, is transparent to host/drive. Authentication is separated from the core design of the MX-256 and can be versatile which may include Smartcard, Pre-boot PIN, TPM or Fingerprint. The MX-256 contains no NVM. Therefore at each power on reset authentication is needed."
1469JVC KENWOOD Corporation
1-16-2, Hakusan, Midori-ku
Yokohama-shi, Kanagawa 226-8525
Japan

Tamaki Shimamura
TEL: +81 45 939 6254
FAX: +81 45 939 7093

Joe Watts
TEL: 678-474-4700
FAX: 678-474-4730

CST Lab: NVLAP 100432-0
Secure Cryptographic Module (SCM)
(Hardware Versions: P/N KWD-AE20, Version 1.0.0; Firmware Version: A2.0.2 or A2.0.3)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware12/28/2010
12/07/2011
01/31/2012
04/02/2012
Overall Level: 1

-Cryptographic Module Specification: Level 3
-EMI/EMC: Level 3

-FIPS Approved algorithms: AES (Certs. #831 and #832); SHS (Cert. #827)

-Other algorithms: DES; DES MAC; LFSR; AES MAC (AES Cert. #831, vendor affirmed; P25 AES OTAR)

Multi-chip embedded

"The Secure Cryptographic Module (SCM) meets overall FIPS 140-2 Level 1 requirements providing KENWOOD radios secure and encrypted digital communication. The SCM supports 256 bit key AES encryption as well as DES encryption."
1467Motorola, Inc.
One Motorola Plaza
Holtsville, NY 11742
USA

Jay Greenrose
TEL: 631-738-3844
FAX: 631-738-4656

Mariya Wright
TEL: 914-574-8189
FAX: 631-738-4656

CST Lab: NVLAP 200648-0
Motorola EMS Cryptographic Module
(Firmware Versions: DAABDS00-001-R00 and DAABGS00-001-R00)

Validated to FIPS 140-2

Certificate

Security Policy
Firmware12/21/2010
11/17/2011
Overall Level: 1

-Tested: DS6878 with Micrium OS II V2.85
CR0078 with Micrium OS II V2.85
STB2078 with Micrium OS II V2.85
DS3578 with Micrium OS II V2.85
STB3578-CF007WR with Micrium OS II V2.85
FLB3578-CF007WR with Micrium OS II V2.85

-FIPS Approved algorithms: AES (Certs. #1395 and #1397); SHS (Certs. #1266 and #1268); HMAC (Certs. #819 and #821)

-Other algorithms: N/A

Multi-chip standalone

"The Motorola EMS Cryptographic Module provides FIPS 140-2 Level 1 certified encryption and security practices to protect data sensitive transmission between the Motorola Embedded deices which include cordless scanners, cradles and terminals."
1462Adara Networks, Inc.
2150 N. First Street
San Jose, CA 95131
USA

Lillian Withrow
TEL: 408-433-4900
FAX: 408-456-0190

CST Lab: NVLAP 100432-0
Kernel NPX Cryptographic Module
(Software Version: 1.0)

Validated to FIPS 140-2

Certificate

Security Policy
Software12/21/2010Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with FreeBSD 8.0 (single-user mode)

-FIPS Approved algorithms: AES (Cert. #1410); HMAC (Cert. #831); SHS (Cert. #1280); Triple-DES (Cert. #963)

-Other algorithms: N/A

Multi-chip standalone

"The Adara Networks product is an open standards and open architecture based full stack router that provides high performance multipath routing capabilities, end to end QOS, data interoperability, virtualization web services, federation of databases and a secure cloud computing platform for inter-enterprise collaborations. It can be visualized as a transparent performance overlay network which improves performance and provides innovative features and tightened security over a legacy network infrastructure."
1458

CST Lab: NVLAP 200427-0


Validated to FIPS 140-2

Certificate

Security Policy
Hardware11/23/2010Overall Level: 2

Multi-chip standalone
1452AvaLAN Wireless Systems, Inc.
125A Castle Drive
Madison, AL 35758
USA

Michael Derby, Founder/CTO
TEL: 650-575-7332
FAX: 650-249-3591

Jason Hennig
TEL: 650-206-2321
FAX: 650-249-3591

CST Lab: NVLAP 200017-0
AW140
(Hardware Version: AW140 r1.1; Firmware Version: 1.1)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware11/22/2010Overall Level: 2

-EMI/EMC: Level 3

-FIPS Approved algorithms: AES (Cert. #1291)

-Other algorithms: N/A

Multi-chip embedded

"The AW140 is a modular AES cryptographic subassembly that can be embedded into finished communications products. AW140's cryptographic boundary is encapsulated within this subassembly and allows finished products to inherit the AW140's NIST FIPS 140-2 validation."
1433IBM® Corporation
12 - 14 Marine Parade
Seabank Centre
Southport, QLD 4215
Australia

Alex Hennekam
TEL: +61 7-5552-4045
FAX: +61 7 5571 0420

Peter Waltenburg
TEL: +61 - 5552-4016
FAX: +61 7 5571 0420

CST Lab: NVLAP 200658-0
IBM® Crypto for C
(Software Version: 8.0.0)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software11/02/2010
12/21/2010
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2008® 64-bit operating system (x86-64)
Microsoft Windows Server 2008® 32-bit operating system (x86-64)
AIX® 6.1 64-bit operating system (PowerPC 64)
Solaris® 10 64-bit operating system (UltraSparc-64)
Red Hat Linux Enterprise Server 5 32-bit operating system (x86-64)
Red Hat Linux Enterprise Server 5 64-bit operating system (x86-64, zSeries-64 and PowerPC-64) (single user mode)

-FIPS Approved algorithms: AES (Certs. #1318, #1319, #1320, #1321, #1322, #1323, #1324, #1325, #1326, #1327, #1328, #1329, #1330 and #1331); Triple-DES (Certs. #917, #918, #919, #920, #921, #922, #923, #924, #925, #926, #927, #928, #929 and #930); DSA (Certs. #422, #423, #424, #425, #426, #427, #428, #429, #430, #431, #432, #433, #434 and #435); ECDSA (Certs. #157, #158, #159, #160, #161, #162, #163, #164, #165, #166, #167, #168, #169 and #170); RSA (Certs. #630, #631, #632, #633, #634, #635, #636, #637, #638, #639, #640, #641, #642 and #643); SHS (Certs. #1204, #1205, #1206, #1207, #1208, #1209, #1210, #1211, #1212, #1213, #1214, #1215, #1216 and #1217); HMAC (Cert. #766, #767, #768, #769, #770, #771, #772, #773, #774, #775, #776, #777, #778 and #779); DRBG (Cert. #34, #35, #36, #37, #38, #39, #40, #41, #42, #43, #44, #45, #46 and #47)

-Other algorithms: RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; MDC2; RIPEMD; HMAC MD5; DES; CAST; Camellia; Blowfish; RC4; RC2

Multi-chip standalone

"The IBM Crypto for C® v8.0 (ICC) cryptographic module is implemented in the C programming language. It is packaged as dynamic (shared) libraries usable byapplications written in a language that supports C language linking conventions (e.g. C, C++, Java, Assembler, etc.) for use on commercially available operating systems. The ICC allows these applications to access cryptographic functions using an Application Programming Interface (API) provided through an ICC import library and based on the API defined by the OpenSSL group."
1432

CST Lab: NVLAP 200802-0


Validated to FIPS 140-2

Certificate

Security Policy
Hardware10/26/2010Overall Level: 2

Multi-chip standalone
1423Apani Networks
1800 E. Imperial Hwy., Suite 210
Brea, CA 92821
USA

Cory Stockhoff
TEL: 714-674-1600
FAX: 714-674-1755

CST Lab: NVLAP 200556-0
Apani Kernel Crypto Module
(Software Version: V1.0.1)

Validated to FIPS 140-2

Certificate

Security Policy
Software10/25/2010Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with 32-bit and 64-bit Microsoft® Windows® XP
32-bit and 64-bit Microsoft Windows Server® 2003
32-bit and 64-bit Microsoft Windows Server® 2008 (single-user mode)

-FIPS Approved algorithms: AES (Cert. #1313); Triple-DES (Cert. #915); SHS (Cert. #1201); HMAC (Cert. #764)

-Other algorithms: N/A

Multi-chip standalone

"The AKCM is a software library that runs on a wide variety of computing platforms and performs encryption, hashing and message authentication generation functions."
1420

CST Lab: NVLAP 100432-0


Validated to FIPS 140-2

Certificate

Security Policy
Hardware10/14/2010Overall Level: 2

Multi-chip standalone
1419

CST Lab: NVLAP 100432-0


Validated to FIPS 140-2

Certificate

Security Policy
Hardware10/14/2010Overall Level: 2

Multi-chip standalone
1413Icom Inc.
1-1-32, Kamiminami
Hirano-Ku, Osaka 547-0003
Japan

Masaaki Takahashi
TEL: 425-450-6043



CST Lab: NVLAP 200427-0
UT-125 FIPS #11 Cryptographic Module
(Hardware Version: 1.1; Firmware Version: 1.1)
(When operated in FIPS mode. No assurance of the minimum strength of generated keys)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware09/28/2010
03/11/2016
Overall Level: 1

-Mitigation of Other Attacks: N/A
-Operational Environment: N/A

-FIPS Approved algorithms: AES (Cert. #3842); DRBG (Cert. #1087); HMAC (Cert. #2492); SHS (Cert. #3165)

-Other algorithms: AES MAC (AES Cert. #3842, vendor affirmed; P25 AES OTAR); DES; DES-MAC; RNG

Multi-Chip Embedded

"The UT-125 FIPS #11 is an optional unit available for Icom radios that provides secure voice and data capabilities as well as APCO OTAR and advanced key management."
1407G4S Technology Limited
Challenge House, International Drive
Tewkesbury, Gloucestershire GL20 8UQ
United Kingdom

Steve Amos
TEL: +44 1684 850977
FAX: +44 1684 294845

Kevin Hollingworth
TEL: +44 1684 850977
FAX: +44 1684 294845

CST Lab: NVLAP 200427-0
Symmetry Cryptographic Module
(Software Version: 1.2.0.0)

Validated to FIPS 140-2

Certificate

Security Policy
Software09/15/2010Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows XP with SP3
Microsoft Windows 7
Microsoft Windows Vista with SP2
Microsoft Windows Server 2003 with SP2
Microsoft Windows Server 2008 with SP2 (single-user mode)

-FIPS Approved algorithms: AES (Cert. #1314); HMAC (Cert. #765); SHS (Cert. #1202)

-Other algorithms: N/A

Multi-chip standalone

"The Symmetry Cryptographic Module provides AES 256 bit encryption functionality to enable a client application to provide a secure channel for transmission of data across a network."
1372KoolSpan, Inc.
4962 Fairmont Avenue
Bethesda, MD 20814
USA

Bill Supernor
TEL: 240-880-4407
FAX: 240-238-7534

CST Lab: NVLAP 200416-0
KoolSpan TrustChip Developer Kit (TDK) Cryptographic Library
(Software Version: 3.0)

Validated to FIPS 140-2

Certificate

Security Policy
Software07/21/2010
04/12/2011
Overall Level: 1

-Design Assurance: Level 3

-Operational Environment: Tested as meeting Level 1 with Fedora 10 running on an Intel Core 2 Duo
MAC OS X 10.5 running on an Intel Core 2 Duo
Windows Mobile 6.1 running on an ARM 32-bit
Windows XP running on an Intel Core 2 Duo
Linux 2.6 (Android) running on an ARM 7 (single-user mode)

-FIPS Approved algorithms: AES (Cert. #1108); SHS (Cert. #1031); HMAC (Cert. #641)

-Other algorithms: N/A

Multi-chip standalone

"The KoolSpan TrustChip® Developer Kit (TDK) Cryptographic Library provides cross-platform cryptographic security functions for application developers to integrate cryptographic services into a library, application, or system."
1371FalconStor Software, Inc.
2 Huntington Quadrangle
Melville, NY 11747
USA

Yeggy Javadi
TEL: 631-773-6745
FAX: 631-777-6882

Wai Lam
TEL: 631-962-1116
FAX: 631-501-7633

CST Lab: NVLAP 200427-0
FalconStor Cryptographic Module
(Software Version: 3.12.4)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software07/21/2010Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Oracle Enterprise Linux 5.3

-FIPS Approved algorithms: AES (Cert. #1173); DRBG (Cert. #22); DSA (Cert. #384); HMAC (Cert. #674); RSA (Cert. #558); SHS (Cert. #1085); Triple-DES (Cert. #850)

-Other algorithms: Camellia; DES; Diffie-Hellman; MD2; MD5; RC2; RC4; SEED

Multi-chip standalone

"Cryptographic Library for Authentication and Encryption Implementations for All FalconStor Software Products"
1369Cavium Networks
805 E. Middlefield Road
Mountain View, CA 94043
USA

TA Ramanujam
TEL: 650-623-7039
FAX: 650-625-9751

CST Lab: NVLAP 100432-0
NITROX XL 1600-NFBE HSM Family
(Hardware Versions: CN1620-NFBE1NIC-2.0-G [1], CN1620-NFBE2NIC-2.0-G [1], CN1620-NFBE3NIC-2.0-G [1], CN1610-NFBE1NIC-2.0-G [1], CN1620-NFBE1NIC-2.0-FW1.2-G [2], CN1620-NFBE2NIC-2.0-FW1.2-G [2], CN1620-NFBE3NIC-2.0-FW1.2-G [2], CN1610-NFBE1NIC-2.0-FW1.2-G [2], CN1620-NFBE1-2.0-G [1], CN1620-NFBE2-2.0-G [1], CN1620-NFBE3-2.0-G [1], CN1610-NFBE1-2.0-G [1], CN1620-NFBE1-2.0-FW1.2-G [2], CN1620-NFBE2-2.0-FW1.2-G [2], CN1620-NFBE3-2.0-FW1.2-G [2], CN1610-NFBE1-2.0-FW1.2-G [2], CN1620-NFBE1-3.0-FW1.1-G [1], CN1620-NFBE2-3.0-FW1.1-G [1], CN1620-NFBE3-3.0-FW1.1-G [1], CN1620-NFBE1-3.0-FW1.2-G [2], CN1620-NFBE2-3.0-FW1.2-G [2] and CN1620-NFBE3-3.0-FW1.2-G [2]; Firmware Versions: 1.1 [1], 1.1.1 [1] and 1.2 [2])
(When operated in FIPS mode)

This module is in process for the RNG transition.
Validated to FIPS 140-2

Certificate

Security Policy
Hardware07/21/2010
12/06/2010
12/27/2012
07/24/2014
Overall Level: 3

-FIPS Approved algorithms: AES (Certs. #1265 and #1266); DRBG (Cert. #32); ECDSA (Cert. #150); HMAC (Cert. #736); KAS (Cert. #5); RNG (Cert. #707); RSA (Cert. #607); SHS (Certs. #1165 and #1166); Triple-DES (Cert. #898)

-Other algorithms: RSA (key wrapping; key establishment methodology provides 128 bits of encryption strength); AES (Cert. #1265, key wrapping; key establishment methodology provides 256 bits of encryption strength); RC4; MD5; PBE

Multi-chip embedded

"The NITROX XL 1600-NFBE HSM adapter family delivers the worldÆs fastest FIPS 140-2 Level 3 Hardware Security Module (HSM) with PCIe Gen 2.0. The NITROX XL family of adapters offers up to 45,000 RSA operations per second and 5 Gbps of bulk crypto performance and is certified to the stringent US Government security standards. This FIPS family delivers an unmatched solution to the increasing performance, cryptographic and time to market requirements of the financial, government and healthcare vertical markets"
1363Ipswitch, Inc.
83 Hartwell Ave
Lexington, MA 02421
USA

Mark Riordan
TEL: 608-824-3632

CST Lab: NVLAP 200427-0
MOVEit Crypto
(Software Version: 1.2.0.0)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software07/12/2010
04/26/2016
04/27/2016
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Red Hat Enterprise Linux 5 (x86)
Red Hat Enterprise Linux 5 (x64)
Windows Server 2008 (x86)
Windows Server 2008 (x64) (single-user mode)

-FIPS Approved algorithms: AES (Cert. #1226); HMAC (Cert. #716); SHS (Cert. #1126)

-Other algorithms: HMAC-MD5; MD5; RNG

Multi-chip standalone

"MOVEit Crypto is a compact and fast dynamically-linked library for Windows and Linux. It provides AES encryption, SHA-1 and SHA-2 hashing, and pseudo-random number generation. Both 32-bit and 64-bit versions are available for each operating system. MOVEit Crypto is a member of the MOVEit security and file transfer product family."
1352Telephonics Corp.
815 Broad Hollow Road
Farmingdale, NY 11735
USA

Barry Wernick
TEL: 631-755-7321
FAX: 631-549-6588

CST Lab: NVLAP 100432-0
TruLink Control Logic Module CL6792-M1
(Hardware Version: P/N 010.6792-01 Rev. H1; Firmware Versions: Boot: SW7098 v2.5 and Application: SW7099 v8.12)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware07/12/2010Overall Level: 1

-FIPS Approved algorithms: AES (Cert. #871); HMAC (Cert. #487); SHS (Cert. #865)

-Other algorithms: N/A

Multi-chip embedded

"TruLink is a wireless intercom system for use in military and harsh industrial environments. It provides fully duplex wireless communication. TruLink users can converse among themselves without pressing a Push to Talk button or waiting for another user to finish their transmission. The system supports 50 channels. Up to 31 users can be logged on to a channel. Each channel is an independent network. TruLink employs a unique noise cancellation system that automatically adjusts its VOX switching level to match the ambient noise level and subtracts this noise from the user's transmitted audio."
1351Telephonics Corp.
815 Broad Hollow Road
Farmingdale, NY 11735
USA

Barry Wernick
TEL: 631-755-7321
FAX: 631-549-6588

CST Lab: NVLAP 100432-0
TruLink Control Logic Module CL6882-M1
(Hardware Version: P/N 010.6882-01 Rev. B1; Firmware Versions: Boot: SW7158 v2.4 and Application: SW7151 v1.12)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware07/12/2010Overall Level: 1

-FIPS Approved algorithms: AES (Cert. #872); HMAC (Cert. #488); SHS (Cert. #866)

-Other algorithms: N/A

Multi-chip embedded

"TruLink is a wireless intercom system for use in military and harsh industrial environments. It provides fully duplex wireless communication. TruLink users can converse among themselves without pressing a Push to Talk button or waiting for another user to finish their transmission. The system supports 50 channels. Up to 31 users can be logged on to a channel. Each channel is an independent network. TruLink employs a unique noise cancellation system that automatically adjusts its VOX switching level to match the ambient noise level and subtracts this noise from the user's transmitted audio."
1339Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Nils Dussart
TEL: 800-MICROSOFT

CST Lab: NVLAP 200427-0
Windows Server 2008 R2 BitLocker™ Drive Encryption
(Software Versions: 6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655 or 6.1.7601.21675)
(When operated in FIPS mode with Windows Server 2008 R2 Boot Manager (bootmgr) (Cert. #1321), Windows Server 2008 R2 Winload OS Loader (winload.exe) (Cert. #1333), Windows Server 2008 R2 Code Integrity (ci.dll) (Cert. #1334), Microsoft Windows Server 2008 R2 Kernel Mode Cryptographic Primitives Library (cng.sys) (Cert. #1335) and Microsoft Windows Server 2008 R2 Cryptographic Primitives Library (bcryptprimitives.dll) (Cert. #1336) all validated under FIPS 140-2 and all operating in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software11/15/2010
03/28/2011
06/01/2011
10/04/2011
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Windows Server 2008 R2 (x64 version)
Microsoft Windows Server 2008 R2 SP1 (x64 version) (single-user mode)

-FIPS Approved algorithms: AES (Certs. #1168 and #1177); HMAC (Cert. #675); SHS (Cert. #1081)

-Other algorithms: Elephant Diffuser

Multi-chip standalone

"Windows BitLocker Drive Encryption is a data protection feature available in Windows Server 2008 R2. BitLocker provides enhanced protection against data theft or exposure on computers that are lost or stolen, and more secure data deletion when BitLocker-protected computers are decommissioned."
1337Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Tim Myers
TEL: 800-MICROSOFT

CST Lab: NVLAP 200427-0
Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH)
(Software Version: 6.1.7600.16385)
(When operated in FIPS mode with Windows Server 2008 R2 Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #1334 operating in FIPS mode and Microsoft Windows Server 2008 R2 Kernel Mode Cryptographic Primitives Library (cng.sys) validated to FIPS 140-2 under Cert. #1335 operating in FIPS mode.)

Validated to FIPS 140-2

Certificate

Security Policy
Software08/19/2010
06/01/2011
06/21/2011
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2008 R2 (x64 Version)
Microsoft Windows Server 2008 R2 (IA64 version)
Microsoft Windows Server 2008 R2 SP1 (x64 version)
Microsoft Windows Server 2008 R2 SP1 (IA64 version) (single-user mode)

-FIPS Approved algorithms: AES (Cert. #1168); DRBG (Cert. #23); HMAC (Cert. #687); SHS (Cert. #1081); RSA (Certs. #559 and #568); Triple-DES (Cert. #846)

-Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)

Multi-chip standalone

"RSAENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Developers dynamically link the Microsoft RSAENH module into their applications to provide FIPS 140-2 compliant cryptographic support."
1334Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Tim Myers
TEL: 800-MICROSOFT

CST Lab: NVLAP 200427-0
Windows Server 2008 R2 Code Integrity (ci.dll)
(Software Versions: 6.1.7600.16385, 6.1.7600.17122, 6.1.7600.21320, 6.1.7601.17514, 6.1.7601.17950 and 6.1.7601.22108)
(When operated in FIPS mode with Windows Server 2008 R2 Winload OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #1333 operating in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software06/15/2010
06/01/2011
06/21/2011
01/24/2013
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2008 R2 (x64 Version)
Microsoft Windows Server 2008 R2 (IA64 version)
Microsoft Windows Server 2008 R2 SP1 (x64 version)
Microsoft Windows Server 2008 R2 SP1 (IA64 version) (single-user mode)

-FIPS Approved algorithms: RSA (Cert. #568); SHS (Cert. #1081)

-Other algorithms: MD5

Multi-chip standalone

"This is a dynamically linked library that runs as ntoskrnl.exe. It verifies the integrity of executable files, including kernel mode drivers, critical system components and user mode crypto modules, before these files are loaded from disk into memory by the memory manager."
1333Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Tim Myers
TEL: 800-MICROSOFT

CST Lab: NVLAP 200427-0
Windows Server 2008 R2 Winload OS Loader (winload.exe)
(Software Versions: 6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655 and 6.1.7601.21675)
(When operated in FIPS mode with Windows Server 2008 R2 Boot Manager (bootmgr) validated to FIPS 140-2 under Cert. #1321 operating in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software06/15/2010
06/01/2011
06/21/2011
10/17/2011
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2008 R2 (x64 Version)
Microsoft Windows Server 2008 R2 (IA64 version)
Microsoft Windows Server 2008 R2 SP1 (x64 version)
Windows Server 2008 R2 SP1 (IA64 version) (single-user mode)

-FIPS Approved algorithms: AES (Certs. #1168 and #1177); RSA (Cert. #568); SHS (Cert. #1081)

-Other algorithms: MD5

Multi-chip standalone

"This is the OS loader. It loads the boot-critical driver image files and the OS kernel image file itself."
1332Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Nils Dussart
TEL: 800-MICROSOFT

CST Lab: NVLAP 200427-0
Windows 7 BitLocker™ Drive Encryption
(Software Versions: 6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655 or 6.1.7601.21675)
(When operated in FIPS mode with Windows 7 Boot Manager (bootmgr) (Cert. #1319), Windows 7 Winload OS Loader (winload.exe) (Cert. #1326), Windows 7 Code Integrity (ci.dll) (Cert. #1327), Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library (cng.sys) (Cert. #1328) and Microsoft Windows 7 Cryptographic Primitives Library (bcryptprimitives.dll) (Cert. #1329) all validated under FIPS 140-2 and all operating in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software11/15/2010
03/28/2011
06/01/2011
10/04/2011
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Windows 7 Ultimate Edition (x86 Version)
Windows 7 Ultimate Edition (x64 version)
Microsoft Windows 7 Ultimate Edition SP1 (x86 version)
Microsoft Windows 7 Ultimate Edition SP1 (x64 version) (single-user mode)

-FIPS Approved algorithms: AES (Certs. #1168 and #1177); HMAC (Cert. #675); SHS (Cert. #1081)

-Other algorithms: Elephant Diffuser

Multi-chip standalone

"Windows BitLocker Drive Encryption is a data protection feature available in Windows 7 Enterprise and Windows 7 Ultimate for client computers. BitLocker provides enhanced protection against data theft or exposure on computers that are lost or stolen, and more secure data deletion when BitLocker-protected computers are decommissioned."
1330Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Tim Myers
TEL: 800-MICROSOFT

CST Lab: NVLAP 200427-0
Windows 7 Enhanced Cryptographic Provider (RSAENH)
(Software Version: 6.1.7600.16385)
(When operated in FIPS mode with Windows 7 Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #1327 operating in FIPS mode and Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library (cng.sys) validated to FIPS 140-2 under Cert. #1328 operating in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software08/18/2010
06/01/2011
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows 7 Ultimate Edition (x86 Version)
Microsoft Windows 7 Ultimate Edition (x64 version)
Microsoft Windows 7 Ultimate Edition SP1 (x86 version)
Microsoft Windows 7 Ultimate Edition SP1 (x64 version) (single-user mode)

-FIPS Approved algorithms: AES (Cert. #1168); DRBG (Cert. #23); HMAC (Cert. #673); SHS (Cert. #1081); RSA (Certs. #557 and #559); Triple-DES (Cert. #846)

-Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 256-bits of encryption strength; non-compliant less than 112 bits of encryption strength)

Multi-chip standalone

"RSAENH encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. Developers dynamically link the Microsoft RSAENH module into their applications to provide FIPS 140-2 compliant cryptographic support."
1327Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Tim Myers
TEL: 800-MICROSOFT

CST Lab: NVLAP 200427-0
Windows 7 Code Integrity (ci.dll)
(Software Versions: 6.1.7600.16385, 6.1.7600.17122, 6.1.7600.21320, 6.1.7601.17514, 6.1.7601.17950 and 6.1.7601.22108)
(When operated in FIPS mode with Windows 7 Winload OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #1326 operating in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software06/15/2010
06/01/2011
01/24/2013
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows 7 Ultimate Edition (x86 Version)
Microsoft Windows 7 Ultimate Edition (x64 version)
Microsoft Windows 7 Ultimate Edition SP1 (x86 version)
Microsoft Windows 7 Ultimate Edition SP1 (x64 version) (single-user mode)

-FIPS Approved algorithms: RSA (Cert. #557); SHS (Cert. #1081)

-Other algorithms: MD5

Multi-chip standalone

"This is a dynamically linked library that runs as ntoskrnl.exe. It verifies the integrity of executable files, including kernel mode drivers, critical system components and user mode crypto modules, before these files are loaded from disk into memory by the memory manager."
1326Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Tim Myers
TEL: 800-MICROSOFT

CST Lab: NVLAP 200427-0
Windows 7 Winload OS Loader (winload.exe)
(Software Versions: 6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655and 6.1.7601.21675)
(When operated in FIPS mode with Windows 7 Boot Manager (bootmgr) validated to FIPS 140-2 under Cert. #1319 operating in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software06/15/2010
06/01/2011
10/17/2011
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows 7 Ultimate Edition (x86 Version)
Microsoft Windows 7 Ultimate Edition (x64 version)
Microsoft Windows 7 Ultimate Edition SP1 (x86 version)
Microsoft Windows 7 Ultimate Edition SP1 (x64 version) (single-user mode)

-FIPS Approved algorithms: AES (Certs. #1168 and 1177); RSA (Cert. #557); SHS (Cert. #1081)

-Other algorithms: MD5

Multi-chip standalone

"This is the OS loader. It loads the boot-critical driver image files and the OS kernel image file itself."
1325PGP Corporation
200 Jefferson Dr.
Menlo Park, CA 94025
USA

Vinnie Moscaritolo
TEL: 650-319-9000
FAX: 650-319-9001

CST Lab: NVLAP 200802-0
PGP Cryptographic Engine
(Software Version: 4.0)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software06/22/2010Overall Level: 1

-Design Assurance: Level 3

-Operational Environment: Tested as meeting Level 1 with Windows XP Professional SP2 (Kernel Mode)
Mac OS X 10.5 (i386) (single-user mode)

-FIPS Approved algorithms: Triple-DES (Certs. #848 and #895); AES (Certs. #1170 and #1253); SHS (Certs. #1082 and #1149); HMAC (Certs. #670 and #732)

-Other algorithms: AES (EME2 mode; non-compliant)

Multi-chip standalone

"The PGP Cryptographic Engine includes a wide range of field-tested and standards-based encryption, and encoding algorithms used by PGP Whole Disk Encryption."
1324Comtech Mobile Datacom Corporation
20430 Century Boulevard
Germantown, MD 20874
USA

Saad Anis
TEL: 240-686-3363
FAX: 240-686-3301

Stratis Marneris
TEL: 240-686-3371

CST Lab: NVLAP 200427-0
Transceiver Cryptographic Module (TCM)
(Hardware Version: C80101 Rev. 2; Firmware Version: 0.1.L)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware07/12/2010
04/18/2016
Overall Level: 2

-EMI/EMC: Level 3

-FIPS Approved algorithms: AES (Cert. #1201); HMAC (Cert. #698); SHS (Cert. #1106); Triple-DES (Cert. #869)

-Other algorithms: DES; Towitko MAC

Multi-chip embedded

"The Transceiver Cryptographic Module is a compact hardware module with a firmware component for implementation of cryptographic algorithms. The Crypto Module, in connetion with Comtech's ASDR Transceiver, enables secure over-the-air communications. The module provides a serial interface for communication over a pair of SPI ports."
1323

CST Lab: NVLAP 100432-0


Validated to FIPS 140-2

Certificate

Security Policy
Hardware05/20/2010
09/07/2010
10/26/2010
Overall Level: 2

Multi-chip embedded
1322Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

James Torjussen
TEL: +44 0 1844-204167
FAX: +44 0 1844-208550

CST Lab: NVLAP 100432-0
TSPP
(Hardware Versions: P/Ns TSPP-A and TSPP-B Version 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4 or 1.0.5; Firmware Version: 1.10.2)

Validated to FIPS 140-2

Certificate

Security Policy

Vendor Product Link
Hardware06/22/2010
03/28/2011
04/12/2011
11/08/2011
01/11/2012
07/09/2012
03/28/2013
Overall Level: 3

-FIPS Approved algorithms: DSA (Cert. #375); SHS (Cert. #1071)

-Other algorithms: N/A

Multi-chip embedded

"Thales' TSPP is the multi-chip embedded cryptographic module in its payShield 9000 family of hardware security modules used in the Banking and Finance sector for securing card-based payment transactions. The product family is also used to provide dedicated functionality for key management and message security using algorithms such as Triple-DES, RSA, SHA, HMAC, and AES. TSPP contains a secure bootstrap that authenticates application loading using DSA 2048, so that only application software written by and "signed" by Thales can be loaded and run on TSPP-based products."
1321Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Tim Myers
TEL: 800-MICROSOFT

CST Lab: NVLAP 200427-0
Windows Server 2008 R2 Boot Manager (bootmgr)
(Software Version: 6.1.7600.16385 or 6.1.7601.17514)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software06/22/2010
06/01/2011
06/21/2011
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2008 R2 (x64 Version)
Microsoft Windows Server 2008 R2 (IA64 version)
Microsoft Windows Server 2008 R2 SP1 (x64 version)
Microsoft Windows Server 2008 R2 SP1 (IA64 version) (single-user mode)

-FIPS Approved algorithms: AES (Certs. #1168 and #1177); HMAC (Cert. #675); RSA (Cert. #568); SHS (Cert. #1081)

-Other algorithms: MD5

Multi-chip standalone

"This is the system boot manager, called by the bootstrapping code that resides in the boot sector. It checks its own integrity and then checks the integrity of the OS loader and launches it."
1319Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Tim Myers
TEL: 800-MICROSOFT

CST Lab: NVLAP 200427-0
Windows 7 Boot Manager (bootmgr)
(Software Version: 6.1.7600.16385 or 6.1.7601.17514)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software06/09/2010
06/01/2011
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows 7 Ultimate Edition (x86 Version)
Microsoft Windows 7 Ultimate Edition (x64 version)
Microsoft Windows 7 Ultimate Edition SP1 (x86 version)
Microsoft Windows 7 Ultimate Edition SP1 (x64 version) (single-user mode)

-FIPS Approved algorithms: AES (Certs. #1168 and #1177); HMAC (Cert. #675); RSA (Cert. #557); SHS (Cert. #1081)

-Other algorithms: MD5

Multi-chip standalone

"This is the system boot manager, called by the bootstrapping code that resides in the boot sector. It checks its own integrity and then checks the integrity of the OS loader and launches it."
1318Redline Communications
302 Town Centre Blvd.
Markham, Ontario L3R 0E8
Canada

Leigh Chang
TEL: 905-479-8344 x2507
FAX: 905-479-5331

CST Lab: NVLAP 200017-0
AN-80i Broadband Wireless Infrastructure Radio
(Hardware Version: AN-80i; Firmware Versions: 4.00.075 and 13.00.135)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy

Vendor Product Link
Hardware06/01/2010
06/14/2010
Overall Level: 2

-EMI/EMC: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #777); AES (Certs. #997 and #944); SHS (Cert. #962); HMAC (Cert. #562); DRBG (Cert. #9); RSA (Cert. #480); DSA (Cert. #343)

-Other algorithms: Redline 64 bit Proprietary Encryption; Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); MD5

Multi-chip standalone

"The AN-80i system is a broadband wireless infrastructure product designed to provide long range Ethernet connectivity between points of presence spread across a metro or regional area network. It operates in Point-to-Point (PTP) and Point to Multipoint (PMP) configuration in the same hardware platform.Operating in both licensed and unlicensed frequency bands, the AN-80i is a rugged all outdoor system that enables organizations such as government and public safety agencies, schools, large mission critical enterprises including banks, hospitals, utilities, as well as service providers to sol"
1317Harris Corporation
RF Communications Division
1680 University Avenue
Rochester, NY 14610
USA

Elias Theodorou
TEL: 585-720-8790
FAX: 585-241-8459

CST Lab: NVLAP 200017-0
RF-7800W Broadband Ethernet Radio
(Hardware Version: RF-7800W; Firmware Versions: 4.00.72, 4.10.039, 13.00.127 and 13.01.129)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy

Vendor Product Link
Hardware06/01/2010
06/14/2010
03/14/2012
Overall Level: 2

-EMI/EMC: Level 3

-FIPS Approved algorithms: Triple-DES (Cert. #776); AES (Certs. #996 and #930); SHS (Cert. #961); HMAC (Cert. #561); DRBG (Cert. #8); RSA (Cert. #479); DSA (Cert. #342)

-Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); MD5

Multi-chip standalone

"The RF-7800W-OU440 Broadband Ethernet Radio (BER) is designed for High Capacity Line of Sight (HCLOS) networks with broadband Ethernet requirements. The radio can be mounted on a mast for quick deployment or on a tower system designed for long haul back bone systems. The BER operates in the 4.4 to 5.0 GHz frequency band. The BER is an ideal wireless networking solution for public safety, first responders, training, and simulation networks, and long haul/short haul battlefield communications. The RF-7800W operates in Point-to-Point (PTP) and Point to Multipoint (PMP) in the same platform."
1293Red Hat®, Inc.
1801 Varsity Drive
Raleigh, NC 27606
USA

Robert Relyea
TEL: 650-254-4236

CST Lab: NVLAP 200427-0
Network Security Services (NSS) Cryptographic Module (Freebl)
(Software Version: 3.12.4)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy

Vendor Product Link
Software04/14/2010Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Red Hat Enterprise Linux v5 (single-user mode)

-FIPS Approved algorithms: DSA (Cert. #366); SHS (Cert. #1048)

-Other algorithms: MD2; MD5

Multi-chip standalone

"Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major crypto algorithms and Internet security standards, and supports smartcards and hardware crypto devices. NSS is available free of charge under the Mozilla Public License, the GNU General Public License, and the GNU Lesser General Public License. For more information, see http://www.mozilla.org/projects/security/pki/nss/"
1289Pitney Bowes, Inc.
35 Waterview Drive
Shelton, CT 06484
USA

Robert Sisson
TEL: 203-924-3061
FAX: 203-924-3518

CST Lab: NVLAP 100432-0
Cygnus X3 PSD Cryptographic Module
(Hardware Version: P/N 1R84000 Version A; Firmware Version: 01.00.06; Software Versions: 03.00.0064 (PSD Application) and 01.00.0053 (SDU))

Validated to FIPS 140-2

Certificate

Security Policy
Hardware04/12/2010
05/05/2010
Overall Level: 3

-Physical Security: Level 3 + EFP

-FIPS Approved algorithms: DSA (Cert. #374); SHS (Cert. #650); AES (Cert. #1069); Triple-DES (Cert. #572); Triple-DES MAC (Triple-DES Cert. #572, vendor affirmed); DRBG (Cert. #20); KAS (Cert. #3); HMAC (Cert. #601); ECDSA (FIPS 186-3, vendor affirmed)

-Other algorithms: AES (AES Cert. #1069, key wrapping; key establishment methodology provides 128 bits of encryption strength)

Single-chip

"The Pitney Bowes Cygnus X3 Postal Security Device (PSD) has been designed in compliance with FIPS 140-2 and IPMAR security protection profile in order to support the USPS IBIP and international digital indicia standards globally. The Cygnus X3 PSD Cryptographic Module employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes Postage Metering products."
1288Oracle Corporation
500 Eldorado Blvd.
Bldg 5
Broomfield, CO 80021
USA

David Hostetter
TEL: 303-272-7126

CST Lab: NVLAP 100432-0
Sun StorageTek™ T9840D Tape Drive
(Hardware Version: P/N 315479501; Firmware Version: 1.44.710)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware04/12/2010
05/05/2010
Overall Level: 1

-Cryptographic Module Specification: Level 3

-FIPS Approved algorithms: AES (Certs. #495, #1059, #1060, #1061, #1062 and #1063); DRBG (Cert. #11); HMAC (Certs. #597 and #598); RSA (Cert. #503); SHS (Certs. #1005 and #1006)

-Other algorithms: AES (Cert. #1060, key wrapping; key establishment methodology provides 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); MD5

Multi-chip standalone

"The Sun StorageTek T9840D drive provides 75 GB native capacity and 30 MB/sec throughput using the same media and with backward read compatibility to the non-encrypting T9840 A, B and C. Designed for maximum security and performance, the T9840D uses AES-256 encryption to protect and authenticate customer data and secure, authenticated transmission of key material. Designed for fast access to data, the drive allows the use of multiple keys per tape with a cache memory to minimize key transmission overhead. Works seamlessly with the Sum KMA 2.x for a secure end-to-end management solution."
1280Sun Microsystems, Inc., Red Hat®, Inc. and Mozilla Foundation, Inc.
4150 Network Circle
Santa Clara, CA 95054
USA

Glen Beasley
TEL: 800-555-9SUN

Robert Relyea
TEL: 650-254-4236

CST Lab: NVLAP 200427-0
Network Security Services (NSS) Cryptographic Module
(Software Version: 3.12.4)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy

Vendor Product Link
Software03/29/2010Overall Level: 2

-Operational Environment: Tested as meeting Level 2 with Red Hat Enterprise Linux v5 running on an IBM System x3550
Red Hat Enterprise Linux v5 running on an HP ProLiant DL145

-FIPS Approved algorithms: AES (Cert. #1126); DSA (Cert. #366); DRBG (Cert. #16); HMAC (Cert. #636); RSA (Cert. #533); SHS (Cert. #1048); Triple-DES (Cert. #821)

-Other algorithms: Camellia; DES; Diffie-Hellman; EC Diffie-Hellman; MD2; MD5; RC2; RC4; SEED

Multi-chip standalone

"Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major crypto algorithms and Internet security standards, and supports smartcards and hardware crypto devices. NSS is available free of charge under the Mozilla Public License, the GNU General Public License, and the GNU Lesser General Public License. For more information, see http://www.mozilla.org/projects/security/pki/nss/"
1279Sun Microsystems, Inc., Red Hat®, Inc. and Mozilla Foundation, Inc.
4150 Network Circle
Santa Clara, CA 95054
USA

Glen Beasley
TEL: 800-555-9SUN

Robert Relyea
TEL: 650-254-4236

CST Lab: NVLAP 200427-0
Network Security Services (NSS) Cryptographic Module (Extend ECC)
(Software Version: 3.12.4)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy

Vendor Product Link
Software03/29/2010Overall Level: 2

-Operational Environment: Tested as meeting Level 2 with Sun Solaris 10 5/08 running on a Sun SunBlade 2000 workstation
Sun Solaris 10 5/08 running on a Sun W2100z workstation

-FIPS Approved algorithms: AES (Cert. #1127); DSA (Cert. #367); DRBG (Cert. #17); ECDSA (Cert. #132); HMAC (Cert. #637); RSA (Cert. #534); SHS (Cert. #1049); Triple-DES (Cert. #822)

-Other algorithms: Camellia; DES; Diffie-Hellman; EC Diffie-Hellman; MD2; MD5; RC2; RC4; SEED

Multi-chip standalone

"Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major crypto algorithms and Internet security standards, and supports smartcards and hardware crypto devices. NSS is available free of charge under the Mozilla Public License, the GNU General Public License, and the GNU Lesser General Public License. For more information, see http://www.mozilla.org/projects/security/pki/nss/"
1278Sun Microsystems, Inc., Red Hat®, Inc. and Mozilla Foundation, Inc.
4150 Network Circle
Santa Clara, CA 95054
USA

Glen Beasley
TEL: 800-555-9SUN

Robert Relyea
TEL: 650-254-4236

CST Lab: NVLAP 200427-0
Network Security Services (NSS) Cryptographic Module (Basic ECC)
(Software Version: 3.12.4)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy

Vendor Product Link
Software03/29/2010Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows XP with SP3
Apple Mac OS X 10.5 (single-user mode)

-FIPS Approved algorithms: AES (Cert. #1128); DSA (Cert. #368); DRBG (Cert. #18); ECDSA (Cert. #133); HMAC (Cert. #638); RSA (Cert. #535); SHS (Cert. #1050); Triple-DES (Cert. #823)

-Other algorithms: Camellia; DES; Diffie-Hellman; EC Diffie-Hellman; MD2; MD5; RC2; RC4; SEED

Multi-chip standalone

"Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major crypto algorithms and Internet security standards, and supports smartcards and hardware crypto devices. NSS is available free of charge under the Mozilla Public License, the GNU General Public License, and the GNU Lesser General Public License. For more information, see http://www.mozilla.org/projects/security/pki/nss/"
1272

CST Lab: NVLAP 100432-0


Validated to FIPS 140-2

Certificate

Security Policy
Hardware03/09/2010
07/02/2010
Overall Level: 1

Multi-chip standalone
1265

CST Lab: NVLAP 200427-0


Validated to FIPS 140-2

Certificate

Security Policy
Software03/03/2010
04/15/2010
10/26/2010
Overall Level: 2

Multi-chip standalone
1264DeltaCrypt Technologies, Inc.
261A, Chemin des Épinettes
Piedmont, Québec J0R 1K0
Canada

Ann Marie Colizza
TEL: 450-744-0137
FAX: 450-227-9043

Olivier Fournier
TEL: 450-227-6622
FAX: 450-227-9043

CST Lab: NVLAP 200017-0
DeltaCrypt FIPS Module
(Software Version: 1.0.0.0)

Validated to FIPS 140-2

Certificate

Security Policy

Vendor Product Link
Software03/29/2010Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2003
Microsoft Windows 2000
Microsoft Windows Vista
Microsoft Windows XP (single-user mode)

-FIPS Approved algorithms: AES (Cert. #1065); SHS (Cert. #1008); HMAC (Cert. #600); RSA (Cert. #505); DRBG (Cert. #12)

-Other algorithms: N/A

Multi-chip standalone

"DeltaCrypt FIPS Module v1.0.0.0 is a software module providing cryptographic functionality implemented in DeltaCrypt Encryption Applications that complies with FIPS 140-2 level 1 requirements. DeltaCrypt FIPS Module provides data encryption for DeltaCrypt applications protecting files and folders on computer hard disks, mobile data, CD-ROMs and DVDs. It also ensures data protection of removable drives used in combination with DeltaCrypt Mobile Device Control which controls removable drives used on a network, offers audit and tracking capabilities as well as threat detection and policy"
1262Silex Technology
157 West 7065 South
Salt Lake City, UT 84047
USA

Keith Sugawara
TEL: 801-748-1199
FAX: 714-258-0730

CST Lab: NVLAP 200802-0
SX-500 Cryptographic Module
(Hardware Versions: STA part number 132-00188-120 rev. B, rev. C, or rev. D; Firmware Versions: Version 2.02 main firmware and Version 3.1 boot loader)
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Hardware02/15/2010
12/13/2011
Overall Level: 1

-EMI/EMC: Level 3

-FIPS Approved algorithms: AES (Certs. #1138, #1139 and #1140); RSA (Cert. #540); HMAC (Certs. #647 and #648); SHS (Certs. #1058 and #1059); DRBG (Cert. #19)

-Other algorithms: MD5; RC4; HMAC-MD5; MD4; DES; non-deterministic hardware RNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)

Multi-chip standalone

"The FIPS 140-2 Level 1 compliant Silex SX-500 is an excellent solution for applications requiring an easy to implement, secure wireless LAN connection for serial or Ethernet attached peripheral devices."
1257Comtech Mobile Datacom Corporation
20430 Century Boulevard
Germantown, MD 20874
USA

Lajuana Johnson
TEL: 240-686-3300

CST Lab: NVLAP 200427-0
Comtech Mobile Datacom Corporation Cryptographic Library (libcmscrypto)
(Software Versions: 1.0 [1] and 1.2 [2])
(When operated in FIPS mode)

Validated to FIPS 140-2

Certificate

Security Policy
Software01/28/2010
01/24/2013
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Red Hat Enterprise Linux v5.0[1]
Red Hat EnterpriseLinux v6.2 [2] (single-user mode)

-FIPS Approved algorithms: AES (Certs. #1124 [1] and #2288 [2]); HMAC (Certs. #635 [1] and #1404 [2]); SHS (Certs. #1047 [1] and #1969 [2])

-Other algorithms: DES; Triple-DES (non-compliant)

Multi-chip standalone

"libcmscrypto is a library implemented in the Comtech Mobile Datacom Corp. products and provides the basic cryptographic functionality that includes Advanced Encryption Standard (AES) algorithm, SHA1 message digest, HMAC SHA-1 Keyed-Hash message authentication code."
1240Asigra, Inc.
1120 Finch Avenue West
Suite 400
Toronto, Ontario M3J 3H7
Canada

David Farajun
TEL: 416-736-8111 ext 1800
FAX: 416-736-7120

CST Lab: NVLAP 200427-0
AsigraEncModule Encryption Library
(Software Version: 1.0)

Validated to FIPS 140-2

Certificate

Security Policy
Software01/12/2010
06/03/2016
Overall Level: 1

-Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2003 (32-bit) Enterprise Edition, 5.2.3790, Service Pack 2
Microsoft Windows Server 2003 (64-bit), Standard Edition, 5.2.3790, Service Pack 1
RedHat Enterprise Linux 5 (32-bit), Update 6
RedHat Enterprise Linux 5 (64-bit), Update 6
Mac OS X, 10.5 (single user mode)

-FIPS Approved algorithms: AES (Cert. #968); SHS (Cert. #938); HMAC (Cert. #541)

-Other algorithms: PRNG

Multi-chip standalone

"The AsigraEncModule ("Cryptographic Module" or "Module") is a cryptographic library for C++ language users providing hash algorithms, AES symmetric encryption algorithms and random number generation."