CMVP Main Page

Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules

Historical , 1995-1997 , 1998 , 1999 , 2000 , 2001 , 2002 , 2003 , 2004 , 2005 , 2006 , 2007 , 2008 , 2009 , 2010 , 2011 , 2012 , 2013 , 2014 , 2015 , 2016
All

Last Update: 5/12/2016

It is important to note that the items on this list are cryptographic modules. A module may either be an embedded component of a product or application, or a complete product in-and-of-itself. If the cryptographic module is a component of a larger product or application, one should contact the product or application vendor in order to determine how the product utilizes the embedded validated cryptographic module. There may be a larger number of security products or applications available which use an embedded validated cryptographic module, than the number of modules which are found in this list. In addition, other vendors, who are not found in this list, may incorporate a validated cryptographic module from this list embedded into their own products.

When selecting a module from a vendor, verify that the module is either the product or application itself (e.g. VPN, SmartCard, USB memory token, etc.) or the module is embedded in a larger product or application (e.g. toolkit, etc.). If the module is embedded in a product or application, ask the product or application vendor to provide a signed letter or statement affirming that the unmodified validated cryptographic module is integrated in the solution; the module provides all the cryptographic services in the solution; and provide reference to the modules validation certificate number from this listing.

NOTE1: Module descriptions are provided by the module vendors and have not been verified for accuracy by the CMVP. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-Approved mode. The algorithms, protocols, and cryptographic functions listed as "other algorithms" (e.g. allowed or non-FIPS-Approved algorithms) have not been tested through the CMVP.

NOTE2: The operator of a cryptographic module is responsible for ensuring that the algorithms and key lengths are in compliance with the requirements of NIST SP 800-131A.

NOTE3: All questions regarding the implementation and/or use of any module located on the CMVP module validation lists should first be directed to the appropriate vendor point-of-contact (listed for each entry).

Please contact the CMVP if any errors are discovered or comments with suggestions for improvement of the validation listings.

Cert# Vendor / CST Lab Cryptographic Module Module
Type
Val.
Date
Level / Description
1640 Watchdata Technologies Pte Ltd
No.2 Yandong Business Park
Wanhong West Street
Capital Airport Road
Beijing, Chaoyang District 100015
People's Republic of China

Bai Jing

CST Lab: NVLAP 200658-0
WatchKey USB Token
(Hardware Versions: K6 with Z32L256D32U and K003010A; Firmware Version: 360C6702)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 11/17/2011
Overall Level: 2

-Physical Security: Level 3
-EMI/EMC: Level 3

-FIPS Approved algorithms: AES (Cert. #1616); Triple-DES (Cert. #1057); RSA (Cert. #794); DRBG (Cert. #85); SHS (Cert. #1425)

-Other algorithms: SHA-1 (non-compliant)

Multi-chip standalone

"The WatchKey USB token provides digital signature generation and verification for online authentication of online transactions and data encryption/decryption to online service users."
1639 Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

Global Certification Team

CST Lab: NVLAP 200427-0
Cisco 5940 Embedded Services Routers
(Hardware Versions: Cisco 5940 ESR air-cooled card and Cisco 5940 ESR conduction-cooled card; Firmware Version: 15.2(3)GC)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 11/16/2011
02/23/2012
07/18/2012
02/08/2013
Overall Level: 1

-Design Assurance: Level 2

-FIPS Approved algorithms: AES (Certs. #962, #1535 and #1643); DRBG (Cert. #89); HMAC (Certs. #537 and #965); RSA (Cert. #811); SHS (Certs. #933 and #1444); Triple-DES (Certs. #757 and #1073)

-Other algorithms: DES; DES MAC; HMAC-MD5; MD4; MD5; RC4; Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); GDOI (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)

Multi-chip embedded

"The Cisco 5940 is a high-performance, ruggedized router. With onboard hardware encryption, the Cisco 5940 offloads encryption processing from the router to provide highly secure yet scalable video, voice, and data services for mobile and embedded outdoor networks. The Cisco 5940 Embedded Services Routers provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 1 requirements. The Cisco 5940 Router Card uses industrial-grade components and is optimized for harsh environments that require Cisco IOS Software routing technology."
1638 Chunghwa Telecom Co., Ltd.
12, Lane 551, Min-Tsu Road SEC.5
Yang-Mei
Taoyuan, Taiwan 326
Republic of China

Yeou-Fuh Kuan
TEL: +886-3-424-4333
FAX: +886-3-424-4129

Char-Shin Miou
TEL: +886-3-424-4381
FAX: +886-3-424-4129

CST Lab: NVLAP 200928-0
HiKey - Flash and HiKey PKI Token
(Hardware Versions: 2.0 and 2.1; Firmware Version: 2.0; Software Version: Card OS version 3.2 with PKI Applet: 2.1)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 11/16/2011
Overall Level: 2

-Roles, Services, and Authentication: Level 3
-EMI/EMC: Level 3
-Design Assurance: Level 3

-FIPS Approved algorithms: AES (Cert. #1710); Triple-DES (Cert. #1100); Triple-DES MAC (Triple-DES Cert. #1100, vendor affirmed); SHS (Cert. #1493); HMAC (Cert. #988); DRBG (Cert. #106); RSA (Cert. #839)

-Other algorithms: MD5; HMAC-MD5; RIPEMD 160; HMAC-RIPEMD 160; RSA (encrypt/decrypt); AES MAC (AES Cert. #1710; non-compliant)

Multi-chip standalone

"The HiKey Flash and HiKey PKI Token modules are multi-chip standalone implementations of a cryptographic module. The Hikey - Flash and HiKey PKI Token modules are USB tokens that adhere to ISO/IEC specifications for Integrated Circuit Chip (ICC) based identification cards. The HiKey - Flash and HiKey PKI Token cryptographic modules contain an implementation of the Global Platform (GP) Version 2.1.1 specification defining a secure infrastructure for post-issuance programmable smart cards."
1636 Seagate Technology LLC
1280 Disc Drive
Shakopee, MN 55379
USA

David R Kaiser, PMP
TEL: 952-402-2356
FAX: 952-402-1273

CST Lab: NVLAP 200427-0
Seagate Secure Constellation® ES [22-32] and Constellation®.2 [1-21] Self-Encrypting Drives FIPS 140 Module
(Hardware Versions: 9XU268 [1, 6, 18, 19], 9XU268-251 [2, 7, 9, 11, 14, 16], 9XU268-257 [3, 8, 10, 12, 13, 15, 17], 9XU268-047 [4], 9XU268-090 [5], 9XU264 [1, 6, 18, 19], 9XU264-251 [2, 7, 9, 11, 14, 16], 9XU264-257 [3, 8, 10, 12, 13, 15, 17], 9XU264-047 [4], 9XU264-090 [5], 9XU168 [20, 21], 9XU164 [20, 21], 9XU162 [20, 21], 1AV268 [22, 24, 30], 1AV264 [22, 24, 30], 1AV264-257 [23, 26, 28], 1AV264-251 [25, 27, 29], 1AV262 [22, 24, 30], 1AV168 [31, 32], 1AV164 [31, 32] and 1AV162 [31, 32]; Firmware Versions: A002 [1], ASF2 [2], ANF1 [3], NS01 [4], QF70 [5], 0003 [6, 14], ASF5 [7], AEF3 [8], ASF8 [9], AEF5 [10], ASF9 [11], AEF6 [12], AEF7 [13], ASFC [14], AEFB [15], ASFD [16], AEFC [17], 0004 [18], 0005 [19], 0002 [20, 24, 32], 0003 [21, 30], A001 [22, 31], PNF0 [23], PSF1 [25], PEF3 [26], PSF4 [27], PEF4 [28], and PSF5 [29])
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 11/10/2011
03/14/2012
06/21/2012
10/17/2012
12/12/2012
01/25/2013
02/20/2014
09/26/2014
10/23/2014
Overall Level: 2

-EMI/EMC: Level 3

-FIPS Approved algorithms: AES (Certs. #1416, #1417 and #1343); DRBG (Cert. #62); SHS (Cert. #1225); RSA (Cert. #650)

-Other algorithms: N/A

Multi-chip embedded

"The Seagate Secure Enterprise Self-Encrypting Drives FIPS 140 Module is embodied in Seagate Constellation®.2 and Constellation® ES SED model disk drives. These products meet the performance requirements of the most demanding Enterprise applications. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA bands and authenticated FW download."
1635 Seagate Technology LLC
1280 Disc Drive
Shakopee, MN 55379
USA

David R Kaiser, PMP
TEL: 952-402-2356
FAX: 952-402-1273

CST Lab: NVLAP 200427-0
Seagate Secure Constellation® ES.2 [41-68], Savvio® 10K.5 [1-26] and Savvio® 15K.3 [27-40] Self-Encrypting Drives FIPS 140 Module
(Hardware Versions: 9XS066 [1, 7, 21], 9XS066-251 [2, 8, 13, 16, 20], 9XS066-257 [3, 9, 14, 17, 18], 9XS066-047 [4], 9XS066-090 [5, 11, 22, 23], 9XS066-031 [10, 19], 9XS066-037 [10, 19], 9XS066-046 [12], 9XR066 [1, 7, 21], 9XR066-251 [2, 8, 13, 16, 20], 9XR066-257 [3, 9, 14, 17, 18], 9XR066-047 [4], 9XR066-090 [5, 11, 22, 23], 9XR066-038 [6, 15, 24, 25, 26], 9XR066-046 [12], 9XP066 [1, 7, 21], 9XP066-047 [4], 9XP066-090 [5, 11, 22, 23], 9XP066-046 [12], 9XN066 [1, 7, 21], 9XN066-251 [2, 8, 13, 16, 20], 9XN066-257 [3, 9, 14, 17, 18], 9XN066-047 [4], 9XN066-090 [5, 11, 22, 23], 9XN066-046 [12], 9XM066 [27, 30, 40], 9XM066-251 [28, 31, 33, 35, 37, 39], 9XM066-257 [29, 32, 34, 37, 38], 9XL066 [27, 30, 40], 9XL066-251 [28, 31, 33, 35, 37, 39], 9XL066-257 [29, 32, 34, 37, 38], 9XT260 [41, 47, 59, 64, 65, 66], 9XT260-251 [42, 48, 52, 55, 60, 61, 62], 9XT260-257 [43, 49, 53, 55, 57, 63], 9XT260-038 [44, 54], 9XT260-047 [45], 9XT260-090 [46], 9XT260-031 [50, 58], 9XT260-037 [50, 58], 9XT260-046 [51], 9XT267 [47, 59, 64, 65], 9XT160 [67, 68]; Firmware Versions: A002 [1, 27], CSF2 [2], CNF1 [3], NS03 [4], HF72 [5], NA00 [6, 54], 0003 [7, 30, 64], CSF4 [8], CEF3 [9], CE01 [10], HF75 [11], 6E01 [12], CSF7 [13], CEF4 [14], F740 [15], CSF8 [16], CEF5 [17], CEF6 [18], CE06 [19], CSFA[20], 0004 [21, 40, 65], HF7C [22], HF7D [23], NA01 [24], NA04 [25], F744 [26], YSF3 [28], YNF2 [29], YSF5 [31], YEF4 [32], YSF8 [33], YEF5 [34], YSF9 [35], YEF6 [36], YSFB [37], YEF9 [38], YSFC [39], 0002 [41], RSF3 [42], RNF3 [43], NQE1 [44], NS01 [45], NF72 [46], 0005 [47], RSF5 [48], REF5 [49], YE01 [50], 6EA1 [51], RSF8 [52], REF6 [53], RSFA [55], REF7 [56], REF8 [57], YE04 [58], 0006 [59], RSFC [60], RSFD [61], RSFE [62], REFB [63], A006[66], F000 [67] and F003 [68])
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 11/10/2011
11/17/2011
03/14/2012
06/21/2012
10/17/2012
12/12/2012
01/25/2013
10/18/2013
02/20/2014
06/05/2014
09/26/2014
10/23/2014
12/10/2015
04/04/2016
Overall Level: 2

-EMI/EMC: Level 3

-FIPS Approved algorithms: AES (Certs. #1416, #1417 and #1343); DRBG (Cert. #62); SHS (Cert. #1225); RSA (Cert. #650)

-Other algorithms: N/A

Multi-chip embedded

"The Seagate Secure Enterprise Self-Encrypting Drives FIPS 140 Module 2 is embodied in Seagate Constellation® ES.2, Savvio® 15K.3, and Savvio® 10K.5 SED model disk drives. These products meet the performance requirements of the most demanding Enterprise applications. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA bands and authenticated FW download."
1634 Pierson Capital Technology LLC
129 North La Salle Street
Suite 3800
Chicago, IL 60602
USA

Frank Psaila
TEL: +86 13501108625
FAX: +86 1085183930

Likely Lee
TEL: +86 13810220119
FAX: +86 1085183930

CST Lab: NVLAP 200658-0
MIIKOO
(Hardware Version: D4; Firmware Versions: Device Bootstrap v3.1, Device Application 006262 and Cryptographic Algorithm v2.1)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 11/10/2011
Overall Level: 3

-FIPS Approved algorithms: RSA (Cert. #737); Triple-DES (Cert. #1004); SHS (Cert. #1351); HMAC (Cert. #884); DRBG (Cert. #63)

-Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength)

Multi-chip standalone

"MIIKOO combines fingerprint recognition and additional cryptography capabilities to generate Dynamic PINs. It is compatible with any type of bank cards by seamlessly providing the added biometrical triggering of dynamic PIN security over the existing financial transaction network."
1629 Protected Mobility LLC
6259 Executive Blvd
Rockville, MD 20852
USA

Paul Benware
TEL: 585-582-5601
FAX: 585-582-3297

Donald Paris
TEL: 301-770-4556
FAX: 240-238-6637

CST Lab: NVLAP 200697-0
PMCryptolib
(Software Version: 1.0)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 11/16/2011
Overall Level: 1

-Design Assurance: Level 3


-Operational Environment: Tested as meeting Level 1 with iOS 4.2
iOS 4.3
Android 2.2
Android 2.3
Android 3.0
(single-user mode)

-FIPS Approved algorithms: AES (Cert. #1716); SHS (Cert. #1499); DRBG (Cert. #108); HMAC (Cert. #991); ECDSA (Cert. #222)

Multi-chip standalone

"PMCryptolib is a dynamic linked library software module. The module provides cryptographic services through a Application Programming Interface (API)."
1628 NAL Research Corporation
9300 West Courthouse Rd.
Suite 102
Manassas, VA 20110
USA

Peter Kormendi
TEL: 703-392-1136

CST Lab: NVLAP 200697-0
XM Crypto Module
(Firmware Version: 1.1.0)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Firmware 11/07/2011
Overall Level: 1


-Tested: A3LA-XM with A3LA-XM OS ver. 1.1.0

-FIPS Approved algorithms: AES (Cert. #1698)

-Other algorithms: N/A

Multi-chip standalone

"A3LA-XM is a modem comprised of the XM Crypto Module encryption board and a communication board. It is designed to transmit AES 256-bit encrypted data via a communication network. The A3LA-XM has an internal micro-controller programmed to monitor the modems connectivity status to prevent hardware lock-up. Similar to a standard landline modem, the A3LA-XM can be controlled by any DTE (data terminal equipment) capable of sending standard AT commands via an RS232 serial or a USB 2.0 port."
1627 Communication Devices, Inc.
#1 Forstmann Court
Clifton, NJ 07011
USA

Donald Snook
TEL: 973-334-1980

CST Lab: NVLAP 200002-0
Port Authority Series
(Hardware Versions: PA111-SA CDI 01-03-0912B, PA111-RM CDI 01-03-0912B, PA155-RM CDI 01-03-0912B and PA199-RM CDI 01-03-0912B; Firmware Version: 10.00.78)
(When operated in FIPS mode)

This module is in process for the RNG transition.
Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 11/01/2011
Overall Level: 2

-Roles, Services, and Authentication: Level 3

-FIPS Approved algorithms: AES (Cert. #1375); SHS (Cert. #1257); HMAC (Cert. #808); RNG (Cert. #758)

-Other algorithms: AES (Cert. #1375, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength)

Multi-chip standalone

"Secure Out of Band Management appliance with network port, internal modem, and up to 9 serial ports. Allows Secure Out of Band Access to Firewalls, Routers, Network appliances etc.. Supports up to 256 bit AES CFB encryption."
1624

CST Lab: NVLAP 100432-0


Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 10/24/2011
12/21/2011
Overall Level: 4

Multi-chip embedded
1623

CST Lab: NVLAP 100432-0


Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 10/24/2011
12/21/2011
Overall Level: 4

Multi-chip embedded
1621 Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

Global Certification Team

CST Lab: NVLAP 200427-0
Cisco 7606-S and 7609-S Routers with Supervisor SUP720-3B
(Hardware Versions: 7606-S and 7609-S with SUP720-3B; Firmware Version: 15.1(3)S5)
(When operated in FIPS mode with the tamper evident labels and opacity shields installed as indicated in the Security Policy)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 10/28/2011
02/09/2012
02/23/2012
07/09/2012
08/16/2013
Overall Level: 2

-Roles, Services, and Authentication: Level 3

-FIPS Approved algorithms: AES (Cert. #1634); DRBG (Cert. #88); HMAC (Cert. #961); RSA (Cert. #808); SHS (Cert. #1439); Triple-DES (Cert. #1070)

-Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 156 bits of encryption strength; non-compliant less than 112 bits of encryption strength); DES; DES MAC; HMAC MD5; MD4; MD5; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)

Multi-chip standalone

"The Cisco 7606-S and 7609-S routers are designed for deployment at the network edge, where robust performance and IP/Multiprotocol Label Switching services are necessary to meet the requirements of both enterprises and service providers. It enables Carrier Ethernet service providers to deploy an advanced network infrastructure that supports a range of IP video and triple-play (voice, video, and data) system applications in both the residential and business services markets. They also deliver WAN and metropolitan-area network networking solutions at the enterprise edge."
1618

CST Lab: NVLAP 200427-0


Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 10/18/2011
Overall Level: 2

Multi-chip standalone
1614 Mocana Corporation
350 Sansome Street
Suite 1010
San Francisco, CA 94104
USA

James Blaisdell
TEL: 415-617-0055
FAX: 415-617-0056

CST Lab: NVLAP 100432-0
Mocana Cryptographic Suite B Module
(Software Version: 5.4f)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 09/30/2011
10/26/2011
11/08/2011
04/12/2016
Overall Level: 1



-Operational Environment: Tested as meeting Level 1 with Vx Works 6.7
Android 2.2
VxWorks 5.5
VxWorks 6.2
VxWorks 6.4
WindRiver 4.0 using Linux 2.6.34 (single-user mode)

-FIPS Approved algorithms: AES (Certs. #1505, #1506, #1507, #1509 and #1510); Triple-DES (Cert. #1006); SHS (Cert. #1353); HMAC (Cert. #885); RSA (Cert. #738); DSA (Cert. #472); ECDSA (Cert. #187); DRBG (Cert. #64)

-Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 128 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); DES; Blowfish; ARC2; ARC4; MD2; MD4; MD5; HMAC-MD5; AES EAX (non-compliant); AES XCBC (non-compliant); RSA (encrypt/decrypt); RNG; Dual EC DRBG

Multi-chip standalone

"The Mocana Cryptographic Suite B Module is the engine of Mocana's Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com."
1610 EMC Corporation
176 South Street
Hopkinton, MA 01748
USA

Dan Reddy
TEL: 508-249-2733

Kerry Mahoney
TEL: 508-249-4940
FAX: 508-249-3172

CST Lab: NVLAP 200427-0
4 Gb/s FC I/O Module with Encryption
(Hardware Version: 303-176-100B B04)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 09/26/2011
Overall Level: 1

-Design Assurance: Level 3

-FIPS Approved algorithms: AES (Cert. #1638)

-Other algorithms: AES (Cert. #1638, key wrapping)

Multi-chip embedded

"Data at Rest Encryption provides hardware-based, back-end encryption for EMC storage systems. Back-end encryption protects information from unauthorized access when drives are physically removed from the system. It also offers a convenient means of decommissioning all drives in the system at once. EMC 4Gb/s Fibre Channel I/O modules implement AES-XTS 256-bit encryption on all drives in the system. These modules encrypt/decrypt data as it is written to and read from a drive. The drives need not be self-encrypting because the I/O module encrypts. All back end drive types are thus supported."
1607 Verdasys, Inc.
404 Wyman St.
Suite 320
Waltham, MA 02451
USA

Harvey Morrison
TEL: 781-788-8180

CST Lab: NVLAP 200002-0
Verdasys Secure Cryptographic Module
(Software Version: 1.0)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 09/26/2011
08/24/2012
Overall Level: 1



-Operational Environment: Tested as meeting Level 1 with Windows XP 32-bit
Windows XP 64-bit (single-user mode)

-FIPS Approved algorithms: AES (Cert. #1384); SHS (Cert. #1261); DRBG (Cert. #50); HMAC (Cert. #814); RSA (Cert. #677)

-Other algorithms: RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RNG (non-compliant)

Multi-chip standalone

"The Verdasys FIPS Kernel Mode Cryptographic Module, VSEC.SYS, is a software module that provides cryptographic services for Digital Guardian's server and endpoint products. The Verdasys FIPS Kernel Mode Cryptographic Module is leveraged in a variety of functions including securing communication, protecting agent components, and file encryption."
1604 Centrify Corporation
785 N. Mary Avenue
Suite 200
Sunnyvale, CA 94085
USA

Kitty Shih
TEL: 408-542-7500
FAX: 408-542-7575

CST Lab: NVLAP 200648-0
Centrify Cryptographic Module
(Software Version: 1.0)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 09/20/2011
12/01/2011
Overall Level: 1



-Operational Environment: Tested as meeting Level 1 with Mac OS X 10.6.5
Mac OS X 10.7
RedHat Enterprise Linux ES v5 (single-user mode)

-FIPS Approved algorithms: Triple-DES (Certs. #1018 and #1208); AES (Certs. #1554 and #1861); SHS (Certs. #1375 and #1637); HMAC (Certs. #904 and #1108); RSA (Certs. #755 and #941); DSA (Certs. #480 and #580); DRBG (Certs. #69 and #149)

-Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 219 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 219 bits of encryption strength; non-compliant less than 112 bits of encryption strength)

Multi-chip standalone

"Centrify Cryptographic Module is a general purpose cryptographic library. The Centrify Cryptographic Module provides the cryptographic services for all Centrify products."
1598 Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
USA

John Bordwine
TEL: 703-885-3854
FAX: 301-514-3726

CST Lab: NVLAP 200556-0
Symantec Cross-Platform Cryptographic Module
(Software Version: 1.0)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 09/02/2011
Overall Level: 1



-Operational Environment: Tested as meeting Level 1 with Windows 2003 Server (32-bit)
RHEL 5 (32-bit)
Solaris 10 (single-user mode)

-FIPS Approved algorithms: AES (Cert. #1614); Triple-DES (Cert. #1055); RSA (Cert. #792); DSA (Cert. #502); SHS (Cert. #1423); HMAC (Cert. #946); DRBG (Cert. #83)

-Other algorithms: DES; Camellia; SEED; RC2; RC4; MD2; MD5; RSA (Cert. #792, key wrapping; key establishment methodology provides between 112 and 192 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)

Multi-chip standalone

"The Symantec Cross-Platform Cryptographic Module (SymCPM) is a software module with a multi-chip standalone embodiment. The overall security level of the module is 1. SymCPM is implemented in the C programming language and consists of three components. It is designed to execute on a host system with a General Purpose Computer (GPC) hardware platform."
1592 Harris Corporation
221 Jefferson Ridge Parkway
Lynchburg, VA 24501
USA

Brian Justice
TEL: 434-455-9586

Joyce O'Quinn
TEL: 434-455-6458

CST Lab: NVLAP 200427-0
Harris Unified Audio Card
(Hardware Version: EA-103168-002; Firmware Versions: MPC 860: SK-007765-007 v R03A08, DSP: SK-007765-013 v R03A05, Boot Loader / Factory Test: R03A02, Low Level Boot: R01D01 and DSP Factory Test: R01D02)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 08/22/2011
04/13/2016
Overall Level: 1

-FIPS Approved algorithms: AES (Certs. #1652 and #1653); HMAC (Cert. #970); SHS (Cert. #1450)

-Other algorithms: AES MAC (AES Cert. #1653, vendor affirmed; P25 AES OTAR); RNG

Multi-chip embedded

"The Harris UAC is a multi-channel analog audio gateway used to interface analog radio communication equipment such as conventional base stations to radio systems and other devices on a Voice Interoperability Data Access (VIDA) network."
1590 BAE Systems
2525 Network Place
Herndon, VA 22171
USA

John Ata
TEL: 703-736-4384
FAX: 703-736-4348

CST Lab: NVLAP 200427-0
STOP OS 7 Kernel Cryptographic Module
(Software Version: 1.1)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 08/10/2011
Overall Level: 1



-Operational Environment: Tested as meeting Level 1 with STOP 7.3 Beta 1 (single-user mode)

-FIPS Approved algorithms: AES (Cert. #1603); DRBG (Cert. #78); HMAC (Cert. #939); SHS (Cert. #1416); Triple-DES (Cert. #1048)

-Other algorithms: DES

Multi-chip standalone

"The STOP 7 Kernel Cryptographic Module is a library that is distributed as part of the monolithic kernel. The module provides the general purpose cryptographic functionality used by the kernel and kernel modules."
1589 ZTE Corporation
NO. 55, Hi-tech Road South
Shen Zhen, Guangdong Province 518057
People's Republic of China

Mr. Royce Wang
TEL: +86-755-2677 0345
FAX: +86-755-2677 0347

CST Lab: NVLAP 200658-0
UEP Cryptographic Module
(Software Version: 4.11.10)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 08/10/2011
Overall Level: 1



-Operational Environment: Tested as meeting Level 1 with NewStart CGS Linux V3.02 with Sun JDK/JRE 1.6.0_11 (single-user mode)

-FIPS Approved algorithms: Triple-DES (Certs. #1039 and #1040); AES (Certs. #1583 and #1584); DSA (Certs. #489 and #490); SHS (Certs. #1402 and #1403); RSA (Certs. #773 and #774); HMAC (Certs. #929 and #930); DRBG (Certs. #73 and #74)

-Other algorithms: N/A

Multi-chip standalone

"UEP cryptographic mpdule provides general purpose cryptographic services intended to protect data in transit and at rest."
1586 ZTE Corporation
NO. 55, Hi-tech Road South
Shen Zhen, Guangdong Province 518057
People's Republic of China

Mr. Royce Wang
TEL: +86-755-2677 0345
FAX: +86-755-2677 0347

CST Lab: NVLAP 200658-0
Unified Platform Cryptographic Library
(Software Version: 1.1)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 08/09/2011
Overall Level: 1



-Operational Environment: Tested as meeting Level 1 with EMBSYS (TM) Carrier Grade Embedded Linux V3 (single-user mode)

-FIPS Approved algorithms: AES (Certs. #1585 and #1586); Triple-DES (Certs. #1041 and #1042); SHS (Certs. #1404 and #1405); RSA (Certs. #775 and #776); DSA (Certs. #491 and #492); HMAC (Certs. #931 and #932); DRBG (Certs. #75 and #76)

-Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); IDEA; DES; RC2; RC4; MD2; MD4; MD5; RIPEMD; CAST; Blowfish

Multi-chip standalone

"Unified Platform Cryptographic Library provides general purpose cryptographic services intended to protect data in transit and at rest."
1579 Certicom Corp.
4701 Tahoe Blvd.,
Building A
Mississauga, Ontario L4W 0B5
Canada

Certicom Support
TEL: 905-507-4220

Certicom Sales
TEL: 905-507-4220

CST Lab: NVLAP 200426-0
Security Builder FIPS Module
(Software Versions: 5.6, 5.6.1 or 5.6.2)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 07/21/2011
06/05/2012
08/16/2012
03/13/2015
01/26/2016
Overall Level: 1



-Operational Environment: Tested as meeting Level 1 with QNX Neutrino Version 6.6
QNX Neutrino Version 6.5 (single-user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #1054); AES (Cert. #1609); SHS (Cert. #1422); HMAC (Cert. #945); DRBG (Cert. #82); DSA (Cert. #500); ECDSA (Cert. #200); RSA (Cert. #791); KAS (Cert. #14; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112-bits of encryption strength)

-Other algorithms: DES; DESX; AES CCM* (non-compliant); ARC2; ARC4; MD2; MD4; MD5; HMAC-MD5; ECNR; ECQV; ECIES; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RNG; DRBG (non-compliant)

Multi-chip standalone

"The Security Builder FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API."
1578 BlackBerry
295 Phillip Street
Waterloo, Ontario N2L 3W8
Canada

Security Certifications Team
TEL: 519-888-7465 x 72921
FAX: (519) 888-9852

CST Lab: NVLAP 200426-0
BlackBerry OS Cryptographic Library
(Software Versions: 5.6, 5.6.1 or 5.6.2)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 07/21/2011
06/05/2012
08/16/2012
01/24/2013
02/22/2013
04/11/2014
01/24/2016
Overall Level: 1



-Operational Environment: Tested as meeting Level 1 with BlackBerry® Tablet OS Version 2.0 (Binary compatible to BlackBerry® Tablet OS Version 1.0) (single-user mode)

-FIPS Approved algorithms: Triple-DES (Cert. #1053); AES (Cert. #1608); SHS (Cert. #1421); HMAC (Cert. #944); DRBG (Cert. #81); DSA (Cert. #499); ECDSA (Cert. #199); RSA (Cert. #790); KAS (Cert. #13; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112-bits of encryption strength)

-Other algorithms: DES; DESX; AES CCM* (non-compliant); ARC2; ARC4; MD2; MD4; MD5; HMAC-MD5; ECNR; ECQV; ECIES; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RNG; DRBG (non-compliant)

Multi-chip standalone

"The BlackBerry OS Cryptographic Library is a software module that provides the cryptographic functionality required for secure operation of the BlackBerry® PlayBook™ and devices running the BlackBerry® 10 OS ."
1577 Futurex
864 Old Boerne Rd.
Bulverde, TX 78163
USA

Paul Enman
TEL: 830-980-9782
FAX: 830-438-8782

CST Lab: NVLAP 100432-0
EXP9000 Hardware Security Module
(Hardware Versions: P/N 9750-2075, Revision B; Firmware Version: 4.0.0)
(When operated in FIPS mode)

This module is in process for the RNG transition.
Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 08/05/2011
Overall Level: 3

-FIPS Approved algorithms: RSA (Cert. #810); AES (Cert. #1636); Triple-DES (Cert. #1072); SHS (Cert. #1441); HMAC (Cert. #962); RNG (Cert. #877)

-Other algorithms: RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); MD5; DES; TR-31

Multi-chip embedded

"The EXP9000 cryptographic module provides secure encryption, storage, and transmission of sensitive data used in a wide variety of applications including Futurex Hardware Security Modules (HSM) and Key Management Servers (KMS)."
1576 Teledyne Webb Research
82 Technology Park Drive
East Falmouth, MA 02536
USA

David Pingal
TEL: 508-548-2077 x 146

CST Lab: NVLAP 200002-0
MiniCrypt
(Software Version: 1.2)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 07/21/2011
Overall Level: 1



-Operational Environment: Tested as meeting Level 1 with Persistor CF1 HW system with Motorola MC68CK338CPV14 processor running PicoDOS version 2.26

-FIPS Approved algorithms: AES (Cert. #1268); SHS (Cert. #1168); HMAC (Cert. #738)

-Other algorithms: N/A

Multi-chip standalone

"MiniCrypt is a small, low resource utilization, software library for use in embedded systems, providing encryption, decrypting, hashing and message authentication functions."
1572 Harris Corporation
1680 University Avenue
Rochester, NY, NY 14610
USA

Hang Liu
TEL: 434-455-9610

Dennis Boyer
TEL: 919-609-0608

CST Lab: NVLAP 200426-0
Harris AES Software Load Module
(Software Version: 1.0)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 07/13/2011
Overall Level: 1



-Operational Environment: Tested as meeting Level 1 with Texas Instruments DSP/BIOS Software Kernel Version 5.33.03 (single-user mode)

-FIPS Approved algorithms: AES (Cert. #1482)

-Other algorithms: N/A

Multi-chip standalone

"The Harris AES Software Load Module is a single software component which provides cryptographic services directly to a Digital Signal Processor (DSP) application on Harris terminals."
1561 Oracle Corporation
500 Eldorado Blvd., Bldg 5
Broomfield, CO 80021
USA

David Hostetter
TEL: 303-272-7126
FAX: 303-272-6555

CST Lab: NVLAP 100432-0
StorageTek™ T10000C Tape Drive
(Hardware Version: P/N 316052503; Firmware Version: 1.51.318)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 06/17/2011
Overall Level: 1

-FIPS Approved algorithms: AES (Certs. #1564, #1565, #1566, #1567, #1568, #1569 and #1570); DRBG (Cert. #71); HMAC (Certs. #916 and #917); SHS (Certs. #1389 and #1390); RSA (Cert. #763)

-Other algorithms: AES (Cert. #1567, key wrapping; key establishment methodology provides 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); MD5

Multi-chip standalone

"The StorageTek™ T10000C Tape Drive provides 5 TB native capacity and 240 MB/sec throughput using BaFe media and with backward read compatibility to the T10000A/B. Designed for maximum security and performance, the T10000C provides AES-256 encryption to protect and authenticate customer data and to provide secure, authenticated transmission of key material. Designed for maximum performance, the drive allows the use of multiple keys per tape with a cache memory to minimize the overhead of key transmission. Works seamlessly with the Oracle OKM to provide a secure end-to-end management solution."
1543 CareFusion
10020 Pacific Mesa Blvd.
San Diego, CA 92121
USA

Tom Miller
TEL: 858-617-2000

CST Lab: NVLAP 100432-0
Alaris™ PC Unit Model 8015
(Hardware Version: Model 8015 a/b/g or Model 8015 a/b/g/n with FIPS Kit 11935165; Firmware Versions: 9.7.40, 9.12.40, 9.17.1 or 9.19)
(When operated in FIPS mode with tamper evident seals installed as indicated in the Security Policy)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 05/27/2011
01/11/2012
09/27/2012
06/05/2014
02/13/2015
07/23/2015
08/07/2015
Overall Level: 2

-Cryptographic Module Specification: Level 3
-Design Assurance: Level 3

-FIPS Approved algorithms: AES (1) (Cert. #1436); SHS (Cert. #1301)

-Other algorithms: AES (2) (non-compliant); RC4; MD5; SHS (non-compliant); RIPEMD; DES; Triple-DES (non-compliant); RC2-CBC, RC2-ECB, RC2-CFB64, RC2-OFB64; Blowfish; CAST; RSA (non-compliant); DSA (non-compliant); Diffie-Hellman; RNG (non-compliant)

Multi-chip standalone

"The CareFusion Alaris™ PC Unit Model 8015 is a point-of-care unit, which is the main component of the Alaris System. The Alaris System is a modular system intended for adult, pediatric, and neonatal care in a professional healthcare environment. The Alaris System brings a higher level of medication error prevention to the point of patient care."
1542

CST Lab: NVLAP 200427-0


Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 05/05/2011
Overall Level: 2

Multi-chip standalone
1541 3e Technologies International, Inc.
9715 Key West Avenue
Suite 500
Rockville, MD 20850
USA

Harinder Sood
TEL: 301-944-1325
FAX: 301-670-6989

CST Lab: NVLAP 200427-0
3e-523-F2 and 3e-523-3 Secure Multi-function Wireless Data Points
(Hardware Versions: (1.0, 1.1 or 1.2) (3e-523-F2) and 2.0 (3e-523-3); Firmware Version: 4.4)
(When operated in FIPS mode)

This module is in process for the RNG transition.
Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 04/29/2011
Overall Level: 2

-Cryptographic Module Ports and Interfaces: Level 3
-Roles, Services, and Authentication: Level 3
-Design Assurance: Level 3

-FIPS Approved algorithms: AES (Certs. #1021, #1022 and #1023); HMAC (Certs. #570, #571 and #572); RNG (Cert. #583); RSA (Cert. #490); SHS (Certs. #975, #976 and #977); Triple-DES (Cert. #783)

-Other algorithms: AES (Cert. #1021, key wrapping); RSA (key wrapping; key establishment methodology provides 80 bits of encryption strength; non-compliant); MD5

Multi-chip standalone

"The 3e-523-F2 and 3e-523-3 operate as either a gateway connecting a local area network to wide area network (WAN), an access point within a wireless local area network (WLAN), a client within a WLAN, or a wireless bridging device. 3eTI software provides the following major services in FIPS mode: Wireless 802.11a/b/g Access Point functionality; Wireless 802.11a/b/g Client functionality; Wireless 802.11a/b/g Bridge functionality; Wireless 802.11a/b/g Mesh functionality (auto-forming, self-healing wireless capability); IEEE 802.11i."
1532 NetLib®
A Subsidiary of Communication Horizons, LLC
65 High Ridge Road, Suite 428
Stamford, CT 06905
USA

Niel Weicher
TEL: 203-246-6507

CST Lab: NVLAP 200416-0
NetLib® Encryptionizer® DE/FIPS
(Software Versions: 2010.201.10.0 and 2010.501.10.0)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 04/12/2011
Overall Level: 1

-Design Assurance: Level 2


-Operational Environment: Tested as meeting Level 1 with Windows 7 (x86)
Windows Server 2003 (x86)
Windows Server 2008 (x86)
Windows 7 (x64)
Windows Server 2003 (x64)
Windows Server 2008 (x64) (single-user mode)

-FIPS Approved algorithms: AES (Certs. #1502 and #1528); SHS (Certs. #1376 and #1377); HMAC (Certs. #905 and #906)

-Other algorithms: N/A

Multi-chip standalone

"The NetLib® Encryptionizer® DE/FIPS versions 2010.201.10.0 and 2010.501.10.0 provide encryption of data stored in server-based and desktop-based databases and files, including MS SQL Server databases and backups . It can be deployed without programming and without adding any administrative overhead. The purpose of whole database encryption is to make a database or file unusable if it is stolen, copied, downloaded, lost, or otherwise improperly accessed. It supports both 32-bit and 64-bit applications."
1530

CST Lab: NVLAP 200802-0


Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 04/04/2011
10/10/2012
05/13/2013
12/13/2013
07/11/2014
03/20/2015
07/24/2015
08/13/2015
09/28/2015
11/18/2015
03/18/2016
Overall Level: 2

Multi-chip standalone
1528

CST Lab: NVLAP 200427-0


Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 03/30/2011
Overall Level: 2

Multi-chip standalone
1527 Systematic Development Group, LLC
350 Jim Moran Blvd.
Suite 122
Deerfield Beach, FL 33442
USA

George Wolf
TEL: 954-889-3535 x315

CST Lab: NVLAP 100432-0
LOK-IT™ 10 KEY (Series SDG003FM) and LOK-IT™ 5 KEY (Series SDG004FP)
(Hardware Versions: HW003-16 Rev:01, HW003-16 Rev:02, HW003-08 Rev:01, HW003-04 Rev:01 (10 Key) and HW004-08 Rev:01 (5 Key); Firmware Versions: USB Controller Firmware Revision V01.12A09-F01 (10 Key and 5 Key) or V01.12A12-F01 (10 Key) ; Security Controller Firmware Revisions SDG003FM-008 (10 Key) and SDG004FP-008 (5 Key))

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 03/28/2011
10/04/2011
Overall Level: 3

-FIPS Approved algorithms: AES (Cert. #1514)

-Other algorithms: N/A

Multi-chip standalone

"LOK-IT™ is a USB Flash drive with a multi-chip embedded cryptographic module architecture as defined by FIPS 140-2. It consists of an Initio 1861 USB controller, NAND Flash memory and a Microchip PIC16F688 security controller. The product supports 256 bit AES encryption of data stored in NAND Flash memory. The drive provides self-contained user authentication without the need for host computer applications. Two derivations of the product exist differing in the number of numeric buttons; the SDG003FM has 10 numeric buttons and the SDG004FP has 5 numeric buttons."
1519 Code Corporation
14870 S. Pony Express Rd.
Suite 200
Bluffdale, UT 84065
USA

Tim Jackson
TEL: 801-984-7865
FAX: 801-495-0280

CST Lab: NVLAP 100432-0
Code Reader 2500 FIPS and Code Reader 3500 FIPS
(Hardware Versions: P/Ns 2512FIPS_01 and 3512FIPS_01; Firmware Version: 4641)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 03/11/2011
04/04/2011
Overall Level: 2

-Cryptographic Module Specification: Level 3
-Design Assurance: Level 3

-FIPS Approved algorithms: AES (Cert. #1457); DRBG (Cert. #55)

-Other algorithms: NDRNG

Multi-chip standalone

"Code Corporation’s Code Reader 2500 FIPS or Code Reader 3500 FIPS bar code readers, when used in conjunction with a CodeXML® FIPS Bluetooth® Modem, provide an encrypted wireless bar code reading solution with a working range of up to 300 feet. Code Corporation’s FIPS bar code readers employ a FIPS approved AES-256 algorithm to generate per session keys to encrypt data and a separate key to encrypt overhead communications ensure that the connection between modem and bar code reader is highly secure. The FIPS code has been optimized to provide line speed communications over the wireless link."
1515 Motorola Solutions, Inc.
1301 East Algonquin Road
Schaumburg, IL 60196
USA

Richard Carter
TEL: 44-0-1364-655500
FAX: 44-0-1364-654625

CST Lab: NVLAP 100432-0
Motorola PTP 600 Series
(Hardware Versions: P/Ns BP5830BHC, BP5830BHC15, BP5530BHC, BP5530BHC15, WB2781, WB3039, WB3037, WB3092, WB3094, WB3387, WB3389, WB3222, BP5830BH, BP5830BH15, BP5530BH, BP5530BH15, WB2780, WB3036, WB3038, WB3091, WB3093, WB3386, WB3388 and WB3221; P/N WB3593 (HW Security Upgrade Kit); Firmware Version: PTP600 08-50)
(When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 03/09/2011
03/28/2011
Overall Level: 2

-Cryptographic Module Specification: Level 3
-Roles, Services, and Authentication: Level 3
-Design Assurance: Level 3

-FIPS Approved algorithms: SHS (Cert. #1101); DSA (Cert. #399); AES (Certs. #708 and #1144); DRBG (Cert. #21); HMAC (Cert. #700); Triple-DES (Cert. #863)

-Other algorithms: MD5; RSA (key wrapping; key establishment methodology provides 80 bits of encryption strength; non-compliant)

Multi-chip standalone

"PTP 600 Series Ethernet bridges offer high performance connectivity and backhaul in challenging non-line-of-sight environments. With carrier-grade reliability, PTP 600 links have class-leading sensitivity and power output which enable links to go farther, while sustaining high throughput regardless of conditions. With data rates up to 300 Mbps and reaching distances up to 124 miles, this Series of high-performance and secure wireless bridges make cost-effective connectivity and backhaul a reality for a wide range of enterprises, service providers and public safety organizations."
1511 Cavium Networks
805 E. Middlefield Road
Mountain View, CA 94043
USA

TA Ramanujam
TEL: 650-623-7039
FAX: 650-625-9751

CST Lab: NVLAP 100432-0
NITROX XL 1600-NFBE HSM Family
(Hardware Versions: P/Ns CN1620-NFBE1NIC-2.0-G, CN1620-NFBE2NIC-2.0-G, CN1620-NFBE3NIC-2.0-G, CN1610-NFBE1NIC-2.0-G, CN1620-NFBE1-2.0-G, CN1620-NFBE2-2.0-G, CN1620-NFBE3-2.0-G and CN1610-NFBE1-2.0-G, Version: 2.0; Firmware Version: 2.0)
(When operated in FIPS mode)

This module is in process for the RNG transition.
Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 03/04/2011
Overall Level: 3

-FIPS Approved algorithms: AES (Certs. #1265 and #1266); DRBG (Cert. #32); ECDSA (Certs. #150 and #188); HMAC (Cert. #736); KAS (Cert. #5); RNG (Cert. #707); RSA (Certs. #607 and #742); SHS (Certs. #1165 and #1166); Triple-DES (Cert. #898); DSA (Cert. #474)

-Other algorithms: RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); AES (Cert. #1265, key wrapping; key establishment methodology provides 256 bits of encryption strength); RC4; MD5; PBE

Multi-chip embedded

"The NITROX XL 1600-NFBE HSM adapter family delivers the world’s fastest FIPS 140-2 Level 3 Hardware Security Module (HSM) with PCIe Gen 2.0. The NITROX XL family of adapters offers up to 45,000 RSA operations per second and 5 Gbps of bulk crypto performance and is certified to the stringent US Government security standards. This FIPS family delivers an unmatched solution to the increasing performance, cryptographic and time to market requirements of the financial, government and healthcare vertical markets"
1509 Code Corporation
14870 S. Pony Express Rd.
Suite 200
Bluffdale, UT 84065
USA

Tim Jackson
TEL: 801-984-7865
FAX: 801-495-0280

CST Lab: NVLAP 100432-0
CodeXML® FIPS Bluetooth® Modem
(Hardware Version: P/N BTHDFIPS-M2_01; Firmware Version: 0187)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 03/02/2011
04/04/2011
Overall Level: 2

-Cryptographic Module Specification: Level 3
-Design Assurance: Level 3

-FIPS Approved algorithms: AES (Cert. #1456)

-Other algorithms: N/A

Multi-chip standalone

"Code Corporation’s CodeXML® FIPS Bluetooth® Modem, when used in conjunction with the Code Reader 2500 FIPS or Code Reader 3500 FIPS bar code readers, provides an encrypted wireless bar code reading solution with a working range of up to 300 feet. The CodeXML® FIPS Bluetooth® Modem employs a FIPS approved AES-256 algorithm with per session keys to ensure that the connection between modem and bar code reader is highly secure. The FIPS code has been optimized to provide line speed communications over the wireless link."
1506

CST Lab: NVLAP 200658-0


Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 02/28/2011
Overall Level: 1

Multi-chip standalone
1504 DataLocker Inc.
7007 College Blvd Suite 240
Overland Park, MN 66211
USA

Jay Kim
TEL: 913-310-9088
FAX: 800-858-4709

CST Lab: NVLAP 200658-0
Data Locker Enterprise, V2.0
(Hardware Versions: P/Ns DL500E2 and DL1000E2; Firmware Version: 2.30)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 02/24/2011
03/01/2011
Overall Level: 1

-Roles, Services, and Authentication: Level 2
-EMI/EMC: Level 3

-FIPS Approved algorithms: AES (Cert. #250)

-Other algorithms: N/A

Multi-chip standalone

"The Data Locker Enterprise is a fully platform independent, portable encrypted hard drive. Compatible with MAC, Windows and Linux systems, the Data Locker operates without any host based software or drivers. It utilizes an embedded LCD touch screen interface for all authentication and administrative functions. The device is fully 256bit AES CBC Mode encrypted via a dedicated crypto engine."
1497 Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

Global Certification Team

CST Lab: NVLAP 200427-0
Cisco Secure Access Control Server (ACS) FIPS module (NSS)
(Software Versions: 3.12.5 and 3.12.5.1)
(When operated in FIPS mode)

Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Software 02/10/2011
02/23/2012
04/05/2013
Overall Level: 1



-Operational Environment: Tested as meeting Level 1 with Cisco CARS 1.2.0.182 (single-user mode)

-FIPS Approved algorithms: AES (Cert. #1475); DRBG (Cert. #59); DSA (Cert. #466); HMAC (Cert. #868); RSA (Cert. #722); SHS (Cert. #1334); Triple-DES (Cert. #993)

-Other algorithms: Camellia; DES; Diffie-Hellman; EC Diffie-Hellman; MD2; MD5; RC2; RC4; SEED

Multi-chip standalone

"The Cisco Secure Access Control Server (ACS) FIPS module (NSS) Version 3.12.5 is a software cryptographic library that provides cryptographic services to the Cisco Access Control Server (ACS) application. The Cisco ACS FIPS module (NSS) is a general-purpose cryptographic library, with an API based on the industry standard PKCS #11 version 2.20."
1495

CST Lab: NVLAP 100432-0


Validated to FIPS 140-2
Consolidated Validation Certificate

Security Policy
Hardware 02/28/2011
06/08/2012
10/15/2012
Overall Level: 2

Multi-chip standalone