CMVP Main Page
It is important to note that the items on this list are cryptographic modules. A module may either be an embedded component of a product
or application, or a complete product in-and-of-itself. If the cryptographic module is a component of a larger product or application, one should
contact the product or application vendor in order to determine if their product utilizes an embedded
validated cryptographic module. There is
inevitably a larger number of security products or applications available which use embedded validated cryptographic modules, than the number of modules which are found in
this list. In addition, it is possible that other vendors, who are not found in this list, might incorporate a validated cryptographic module from
this list embedded into their own products.
When selecting a module from a vendor, verify that the product or application that is being offered is either a validated cryptographic module itself
(e.g. VPN, SmartCard, etc) or the product or application uses an embedded validated cryptographic module (toolkit, etc). Ask the vendor to supply a
signed letter stating their application, product or module is a validated module or incorporates a validated module, the module provides all the
cryptographic services in the solution, and reference the modules validation certificate number from this listing. *** NOTE: Module descriptions were provided by the vendors, and their contents have not been verified for accuracy by NIST or CSEC. The
descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the
capabilities of the modules when operated in the FIPS-Approved mode. The algorithms, protocols, and cryptographic functions listed as "other
algorithms" (non-FIPS-Approved algorithms) have not been validated or tested through the CMVP. ***
Questions regarding modules on this list should first be directed to the indicated module vendor.
| Cert# | Vendor / CST Lab | Cryptographic Module | Val. Date |
Level / Description | |
|---|---|---|---|---|---|
| 1719 | Green Hills Software 30 W Sola Street Santa Barbara, CA 93101 USA -David Sequino
-Douglas Kovach
CST Lab: NVLAP 200492-0 |
(Software Version: 1.0.5) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software | 05/22/2012 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with RHEL 5; Green Hills Software INTEGRITY OS v5.0.11 (single-user mode) -FIPS-approved algorithms: AES (Cert. #1762); ECDSA (Cert. #235); HMAC (Cert. #1033); RNG (Cert. #939); RSA (Cert. #878); SHS (Cert. #1546) -Other algorithms: ARCFour; DES; Diffie-Hellman; EC Diffie-Hellman; ECMQV; DSA (non-compliant); MD5; RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength); Triple-DES (non-compliant) Multi-chip standalone"Green Hills Software, Integrity Security Services (ISS) High Assurance Embedded Cryptographic Toolkit (HA-ECT) is a standards-based, flexible cryptographic toolkit providing developers with a software framework to integrate encryption, digital signatures and other security mechanisms into a wide range of applications. The ISS HA-ECT FIPS Module is designed to support multiple cryptographic software and hardware providers with a single common API, easily targeted to a variety operating systems." |
| 1718 | Juniper Networks, Inc. 1194 North Mathilda Ave Sunnyvale, CA 94089 USA -Robert Smith
CST Lab: NVLAP 200697-0 |
(Hardware Version: LN1000-V with JNPR-FIPS-TAMPER-LBLS; Firmware Version: 11.2S4) (The tamper evident seals and security devices installed as indicated in the Security Policy) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate Vendor Product Link |
Hardware | 5/7/2012 | Overall Level: 2
-Design Assurance: Level 3
-FIPS-approved algorithms: Triple-DES (Certs. #1269 and #1270); AES (Certs. #1956 and #1957); DSA (Cert. #624); SHS (Certs. #1715 and #1716); RNG (Cert. #1028); RSA (Cert. #1013); HMAC (Certs. #1178 and #1179) -Other algorithms: RSA (key wrapping; key establishment methodology provides 80 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 96 bits of encryption strength) Multi-chip standalone"Juniper Networks LN1000 Mobile Secure Router is an edge access router that delivers a high-performance routing firewall and intrusion detection service (IDS). The LN1000 addresses the growing demand for a network access presence in military, first responder and transportation vehicles, mining and exploration equipment, unmanned aircraft, and power grids." |
| 1717 | Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA CST Lab: NVLAP 200492-0 |
(Hardware Version: 6506-E -M0 [1], 6509-E -N0 [2], 6513-E -S0 [3], Supervisor Card VS-S2T-10G -B0, Supervisor Card VS-S2T-10G-XL -C0, Line Card WS-X6908-10G -A0, Line Card WS-X6908-10G-2TXL version -B0 and FIPS kit packaging (CVPN6500FIPS/KIT=); Firmware Version: 15.0(1)SY1) (When operated in FIPS mode and when tamper evident labels and security devices are installed on the initially built configuration as indicated in the Security Policy) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 05/03/2012 | Overall Level: 2
-Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Certs. #1426, #1427 and #1816); DRBG (Cert. #140); HMAC (Cert. #1072); RSA (Cert. #911); SHS (Cert. #1593); Triple-DES (Cert. #1171) -Other algorithms: DES; HMAC-MD5; MD5; RC4; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 112 bits of encryption strength); AES (Cert. #1816, key wrapping; key establishment methodology provides 256 bits of encryption strength) Multi-chip standalone"The Catalyst 6500 series switches offer versatility, integration, and security to branch offices. With numerous network modules and service modules available, the modular architecture of the Cisco switches easily allows interfaces to be upgraded to accommodate network expansion. The Catalyst 6500 series switches provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements." |
| 1716 | Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 05/02/2012 | Overall Level: 2
-FIPS-approved algorithms: -Other algorithms: Multi-chip standalone | |
| 1715 | Hewlett-Packard Development Company, L.P. 2344 Boulevard Alfred-Nobel St-Laurent, QC H4S 0A4 Canada -Gilbert Moineau
CST Lab: NVLAP 200002-0 |
(Hardware Versions: J9654A [1], J9651A [2], J9652A [3], J9655A [4], J9591A [5], J9589A [6], J9656A [7], J9622A [8] and J9620A [9] with FIPS kit J9740A; Firmware Version: 5.6.0) (When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate Vendor Product Link |
Hardware | 05/03/2012 | Overall Level: 2
-FIPS-approved algorithms: AES (Certs. #1823 and #1840); Triple-DES (Cert. #1176); SHS (Cert. #1602); HMAC (Cert. #1078); RNG (Cert. #960); RSA (Cert. #916) -Other algorithms: Blowfish; MD5; HMAC-MD5; SHA-[224, 256, 384 and 512] (Cert. #1602; non-compliant); HMAC-SHA-[224, 256, 384 and 512] (Cert. #1078; non-compliant); Diffie-Hellman (key agreement; key establishment methodology provides 80 or 96 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); AES (Cert. #1840, key wrapping; key establishment methodology provides 128 bits of encryption strength) Multi-chip standalone"The MSM430, MSM460 and MSM466 Access Points allow wireless devices to connect to a wired network using Wi-Fi 802.11abgn." |
| 1713 | Research In Motion Ltd. 295 Phillip Street Waterloo, Ontario N2L 3W8 Canada -Certifications Team
CST Lab: NVLAP 200928-0 |
(Software Version: 2.0.0.10) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software | 05/03/2012 | Overall Level: 1
-EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows XP Professional 2002 with SP3, 32-bit edition (single-user mode) -FIPS-approved algorithms: Triple-DES (Cert. #1193); AES (Cert. #1839); SHS (Cert. #1621); HMAC (Cert. #1094); RNG (Cert. #966); ECDSA (Cert. #254) -Other algorithms: Rijndael; EC Diffie-Hellman (key agreement, key establishment methodology provides 256 bits of encryption strength); ECMQV (key agreement, key establishment methodology provides 256 bits of encryption strength) Multi-chip standalone"BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry® Cryptographic Library is a software module that provides cryptographic services to many BlackBerry® desktop products such as the BlackBerry® Enterprise Server, BlackBerry® Desktop Software, and many other BlackBerry® products." |
| 1712 | Kanguru Solutions 1360 Main Street Millis, MA 02054 USA -Nate Cote
CST Lab: NVLAP 200802-0 |
(Hardware Versions: P/Ns KDF2000-2G, KDF2000-4G and KDF2000-8G, Version 1.0; Firmware Version: 2.02.10) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate Vendor Product Link |
Hardware | 05/03/2012 | Overall Level: 2
-Cryptographic Module Specification: Level 3 -Roles, Services, and Authentication: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: HMAC (Cert. #954); AES (Cert. #1623); SHS (Cert. #1432); RSA (Cert. #801); DRBG (Cert. #86); PBKDF (vendor affirmed) -Other algorithms: NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength) Multi-chip standalone"The Kanguru Defender 2000 is a 256-bit AES hardware encrypted USB flash drive. It is used to securely store sensitive data housed on the device." |
| 1711 | Athena Smartcard, Inc. 20380 Town Center Lane Suite 240 Cupertino, CA 95014 USA -Ian Simmons
CST Lab: NVLAP 100432-0 |
(Hardware Version: Inside Secure AT90SC28872RCU Rev. G; Firmware Version: Athena IDProtect 010B.0352.0005 with LASER PKI Applet 3.0) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 04/30/2012 | Overall Level: 3
-FIPS-approved algorithms: AES (Cert. #1654); RSA (Cert. # 824); Triple-DES (Cert. #1087); Triple-DES MAC (Triple-DES Cert. #1087, vendor affirmed); DRBG (Cert. #98); SHS (Cert. #1465); ECDSA (Cert. # 214); CVL (Cert. #2) -Other algorithms: HW RNG; AES-CMAC (non-compliant); EC Diffie-Hellman; AES (Cert. #1654, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength) Single-chip"IDProtect is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 72KB of EEPROM. IDProtect is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 3. IDProtect supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC, and RSA and ECC key generation. IDProtect exposes PKI and Biometric APIs and is designed for high-performance government and enterprise smart card applications." |
| 1710 | Red Hat, Inc. 1801 Varsity Drive Raleigh, NC 27606 USA -Robert Relyea
CST Lab: NVLAP 200492-0 |
(Software Version: 3.12.9.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate Vendor Product Link |
Software | 04/30/2012 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Red Hat Enterprise Linux v6.2 32-bit running on an Intel Core i7 system; Red Hat Enterprise Linux v6.2 64-bit running on an Intel Core i7 system (single-user mode) -FIPS-approved algorithms: DSA (Cert. #602); SHS (Cert. #1675) -Other algorithms: MD2; MD5 Multi-chip standalone"The NSS Freebl cryptographic module is an open-source, general-purpose cryptographic hash library. It is available for free under the Mozilla Public License, the GNU General Public License, and the GNU Lesser General Public License. The NSS Freebl cryptographic module is jointly developed by Red Hat and Oracle engineers and is used in the GNU glibc library. For more information, see http://www.mozilla.org/projects/security/pki/nss/" |
| 1709 | Hewlett-Packard TippingPoint 14231 Tandem Blvd Austin, TX 78728 USA -Dinesh Vakharia
-Freddie Jimenez Jr.
CST Lab: NVLAP 200492-0 |
(Hardware Version: S6100N; Firmware Version: 3.2.1.1639) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 04/27/2012 | Overall Level: 1
-Roles, Services, and Authentication: Level 3 -Design Assurance: Level 2 -FIPS-approved algorithms: AES (Cert. #1855); HMAC (Cert. #1102); RNG (Cert. #973); RSA (Cert. #938); SHS (Cert. #1632); Triple-DES (Cert. #1202) -Other algorithms: Blowfish; DES; Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength); HMAC-MD5; MD5; NDRNG; RC2; RC4; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength). Multi-chip standalone"Inserted transparently into the network, the HP TippingPoint Intrusion Prevention System (IPS) is an in-line security device that performs high-performance, deep packet inspection to protect customer networks from attack. The IPS blocks malicious and unwanted traffic, while allowing good traffic to pass unimpeded. In fact, the IPS optimizes the performance of good traffic by continually cleansing the network and prioritizing applications that are mission critical." |
| 1708 | Thales-eSecurity Inc. 2200 North Commerce Parkway Suite 200 Weston, FL 33326 USA -sales@thalesesec.com
CST Lab: NVLAP 200426-0 |
(Hardware Versions: nC4033P-4K0 [1], nC4033P-2K0 [2], nC4033P-2K0N [3], nC4133P-500 [4] and nC4133P-500N [5], Build Standard N; Firmware Version: 2.50.16-3) (When operated in FIPS mode and initialized to Overall Level 3 per Security Policy) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate Vendor Product Link |
Hardware | 04/27/2012 | Overall Level: 3
-Physical Security: Level 4
-FIPS-approved algorithms: AES (Cert. #1579); Triple-DES (Certs. #132 and #1035); HMAC (Cert. #925); Triple-DES MAC (Triple-DES Cert. #1035, vendor affirmed); SHS (Cert. #1398); DSA (Cert. #487); ECDSA (Cert. #192); RSA (Cert. #770); DRBG (Cert. #72); CVL (Cert. #1) -Other algorithms: ARC4; Aria; Camelia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 256 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength) Multi-chip embedded"The nShield modules: nCipher 4000, nShield 2000, nShield 2000 for NetHSM, nShield 500, and nShield 500 for NetHSM family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." |
| 1707 | Fortinet, Inc. 326 Moodie Drive Ottawa, ON K2H 8G3 Canada -Alan Kaye
CST Lab: NVLAP 200426-0 |
(Hardware Version: C4GY52; Firmware Version: FortiMail 4.0, build0369, 110615) (When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 04/12/2012 | Overall Level: 2
-Cryptographic Module Ports and Interfaces: Level 3 -Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Cert. #1604); Triple-DES (Cert. #1049); RNG (Cert. #860); SHS (Cert. #1417); HMAC (Cert. #940); RSA (Cert. #786) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides between 96 and 196 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); DES; MD5; HMAC-MD5; SHA-256 (non-compliant); HMAC-SHA-256 (non-compliant) Multi-chip standalone"The FortiMail family of messaging security appliances provide an effective barrier against the ever-rising volume of spam, maximum protection against sophisticated message based attacks, and features designed to facilitate regulatory compliance. FortiMail appliances offer both inbound and outbound scanning, advanced antispam and antivirus filtering capabilities, IP address black/white listing functionality, and extensive quarantine and archiving capabilities." |
| 1706 | Fortinet, Inc. 326 Moodie Drive Ottawa, ON K2H 8G3 Canada -Alan Kaye
CST Lab: NVLAP 200426-0 |
(Firmware Version: FortiMail 4.0, build0369, 110615) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Firmware | 04/12/2012 | Overall Level: 1
-Cryptographic Module Ports and Interfaces: Level 3 -Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -Tested: FortiMail-3000C -FIPS-approved algorithms: AES (Cert. #1604); Triple-DES (Cert. #1049); RNG (Cert. #860); SHS (Cert. #1417); HMAC (Cert. #940); RSA (Cert. #786) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides between 96 and 196 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); DES; MD5; HMAC-MD5; SHA-256 (non-compliant); HMAC-SHA-256 (non-compliant) Multi-chip standalone"FortiMail OS is a firmware based operating system that runs exclusively on Fortinet’s FortiMail product family (PC-based, purpose built appliances). FortiMail offers both inbound and outbound scanning, advanced antispam and antivirus filtering capabilities, IP address black/white listing functionality, and extensive quarantine and archiving capabilities." |
| 1705 | Thales-eSecurity Inc. 2200 North Commerce Parkway Suite 200 Weston, FL 33326 USA -sales@thalesesec.com
CST Lab: NVLAP 200426-0 |
(Hardware Versions: nC4033P-500 [1], nC4033P-500N [2] and nC4033P-10 [3], Build Standard N; Firmware Version: 2.50.16-2) (When operated in FIPS mode and initialized to Overall Level 2 per Security Policy) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate Vendor Product Link |
Hardware | 04/12/2012 | Overall Level: 2
-Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Certs. #962 and #1579); Triple-DES (Certs. #757 and #1035); HMAC (Cert. #925); Triple-DES MAC (Triple-DES Cert. #1035, vendor affirmed); SHS (Cert. #1398); DSA (Cert. #487); ECDSA (Cert. #192); RSA (Cert. #770); DRBG (Cert. #72); CVL (Cert. #1) -Other algorithms: ARC4; Aria; Camelia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 256 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength) Multi-chip embedded"The nShield modules: nShield F3 500, F3 500 for NetHSM, & nShield F3 10 family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." |
| 1704 | Juniper Networks, Inc. 1194 North Mathilda Ave Sunnyvale, CA 94089 USA -Robert Smith
CST Lab: NVLAP 200697-0 |
(Hardware Versions: (SRX650-BASE-SRE6-645AP and SRX650-BASE-SRE6-645DP) with JNPR-FIPS-TAMPER-LBLS; Firmware Version: 11.2S4) (The tamper evident seals and security devices installed as indicated in the Security Policy) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate Vendor Product Link |
Hardware | 04/05/2012 | Overall Level: 2
-Design Assurance: Level 3
-FIPS-approved algorithms: Triple-DES (Certs. #1271 and #1272); AES (Certs. #1959 and #1960); DSA (Cert. #625); SHS (Certs. #1718 and #1719); RNG (Cert. #1029); RSA (Cert. #1014); HMAC (Certs. #1180 and #1181) -Other algorithms: RSA (key wrapping; key establishment methodology provides 80 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 96 bits of encryption strength) Multi-chip standalone"SRX650 Services Gateways are secure routers that provide essential capabilities that connect, secure, and manage work force locations sized from handfuls to hundreds of users. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience. All SRX Series Services Gateways, including products scaled for the branch, campus and data center applications, are powered by Juniper Networks JUNOS the proven" |
| 1703 | S&C Electric Company 6601 Northridge Boulevard Chicago, IL 60626-3997 USA -Prakash Ramadass
CST Lab: NVLAP 100432-0 |
(Hardware Version: IntelliCom WAN 1720; Firmware Version: 1.1.0.0) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 04/03/2012 | Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: AES (Certs. #1114 and #1235); HMAC (Cert. #720); RNG (Cert. #618); RSA (Cert. #592); SHS (Cert. #1133) -Other algorithms: AES (non-compliant); RSA (key wrapping; key establishment methodology provides 80 bits of encryption strength) Multi-chip standalone"IntelliCom(TM) WAN Mesh Node, a wireless high-speed wide-area networking router that combines ultra-high throughput - up to 400 Mbps - with extremely low latencies of less than one millisecond. IntelliCom WAN Mesh Node features 802.11n mesh radio latencies of less than one millisecond. IntelliCom WAN Mesh Node features 802.11n mesh radio unlicensed bands as well as the 4.9-GHz municipal licensed band. This network architecture is selfforming and self-healing; communication is not inhibited by the loss of any single node." |
| 1702 | Entrust, Inc. One Lincoln Centre 5400 LBJ Freeway Suite 1340 Dallas, TX 75240 USA -James Kendry
CST Lab: NVLAP 100432-0 |
(Software Version: 8.1sp1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software | 04/12/2012 | Overall Level: 2
-Operational Environment: Tested as meeting Level 2 with Windows Server 2008 R2 Enterprise Edition running on Dell Optiplex 755 -FIPS-approved algorithms: AES (Cert. #1923); HMAC (Cert. #1158); SHS (Cert. #1689); DRBG (Cert. #167); RSA (Cert. #992); Triple-DES (Cert. #1253); Triple-DES MAC (Triple-DES Cert. #1253, vendor affirmed); CVL (Cert. #15 and SP 800-135, vendor affirmed, key agreement); RNG (Cert. #1011); ECDSA (Cert. #275); DSA (Cert. #610) -Other algorithms: RSA (key wrapping; key establishment methodology provides between 80 and 128 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); MD2; MD5; RMD-160; CAST; CAST3; CAST5; DES; IDEA; RC2; RC4; PAKE; AES-DAC; CAST-DAC; CAST3-DAC; CAST5-DAC; DES-DAC; IDEA-DAC; RC2-DAC Multi-chip standalone"By managing the full lifecycles of digital certificate-based identities, Entrust Authority PKI enables encryption, digital signature and certificate authentication capabilities to be consistently and transparently applied across a broad range of applications and platforms." |
| 1701 | Apple Inc. 11921 Freedom Drive Reston, VA 20190 USA -Shawn Geddis
CST Lab: NVLAP 200002-0 |
(Software Version: 1.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software | 03/30/2012 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Mac OS X 10.7.0 (single-user mode) -FIPS-approved algorithms: AES (Cert. #1872); DSA (Cert. #585); ECDSA (Cert. #262); HMAC (Cert. #1116); RNG (Cert. #981); RSA (Cert. #952); SHS (Cert. #1645); Triple-DES (Cert. #1216) -Other algorithms: ASC; Blowfish; CAST; DES; RC2; RC4; RC5; FEE; MD2; MD5; HMAC-MD5; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 112 bits of encryption strength; non-compliant less than 80 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 128 bits of encryption strength; non-compliant less than 80 bits of encryption strength); RSA (non-compliant key generation) Multi-chip standalone"Apple's OS X Lion (v10.7) security services are now built on a newer 'Next Generation Cryptography' platform and does not use the CDSA/CSP module previously validated. Apple is re-validating the same CDSA/CSP module under OS X Lion to provide validation solely for third-party applications." |
| 1700 | Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA CST Lab: NVLAP 200492-0 |
(Hardware Versions: 881W and 881GW with [FIPS Kit (CISCO-FIPS-KIT=), Revision -B0]; Firmware Version: Router Firmware Version: IOS 15.1(3)T2 and AP Firmware Version: 12.4(25d)JA1) (When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 03/28/2012; 04/02/2012 |
Overall Level: 2
-Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Certs. #962, #1535, #1791, #1792 and #1793); DRBG (Cert. #129); HMAC (Certs. #537, #1056 and #1057); RNG (Cert. #950); RSA (Cert. #896); SHS (Certs. #933, #1574 and #1575); Triple-DES (Certs. #757 and #1160) -Other algorithms: DES; HMAC-MD5; MD5; RC4; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 112 bits of encryption strength); GDOI (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength); AES (Cert. #1791, key wrapping; key establishment methodology provides 128 bits of encryption strength) Multi-chip standalone"The Cisco 881W and Cisco 881GW Integrated Services Routers (ISR) provide connectivity and security services in a single, secure device. These routers offer broadband speeds and simplified management to small businesses, and enterprise small branch and teleworkers. The module is also a wireless access point that provide secure wireless access to clients." |
| 1699 | McAfee, Inc. 2821 Mission College Blvd. Santa Clara, CA 95054 USA -David Gerendas
CST Lab: NVLAP 200556-0 |
(Software Version: 1.0) (When operated with module Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1337 operating in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software | 03/28/2012 | Overall Level: 1
-Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2008 R2 (x64 Version) (single-user mode) -FIPS-approved algorithms: AES (Cert. #1168); HMAC (Cert. #687); SHS (Cert. #1081) -Other algorithms: N/A Multi-chip standalone"The McAfee EMM Cryptographic Module provides cryptographic operations for McAfee Enterprise Mobility Manager, an enterprise class security solution which provides centralized mobile device management, provisioning, security, support, and auditing." |
| 1698 | Hitachi Solutions, Ltd. 4-12-7, Higashishinagawa Shinagawa-ku, Tokyo 140-0002 Japan -Applied Security Development Department
CST Lab: NVLAP 200835-0 |
(Software Version: 1.0 Rev. 2) Validated to FIPS 140-2 Consolidated Validation Certificate |
Software | 03/28/2012 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Pre-boot 16-bit (single-user mode) -FIPS-approved algorithms: AES (Cert. #1779); SHS (Cert. #1561); HMAC (Cert. #1044) -Other algorithms: N/A Multi-chip standalone"HIBUN Cryptographic Module for Pre-boot is the cryptographic library module which operates on the Pre-boot environment." |
| 1697 | Hitachi Solutions, Ltd. 4-12-7, Higashishinagawa Shinagawa-ku, Tokyo 140-0002 Japan -Applied Security Development Department
CST Lab: NVLAP 200835-0 |
(Software Version: 1.0 Rev. 2) Validated to FIPS 140-2 Consolidated Validation Certificate |
Software | 03/28/2012 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows XP Professional; Windows Vista Ultimate; Windows 7 Ultimate; Windows 7 Ultimate 64bit (single-user mode) -FIPS-approved algorithms: AES (Cert. #1787); SHS (Cert. #1569); HMAC (Cert. #1052) -Other algorithms: N/A Multi-chip standalone"HIBUN Cryptographic Module for Kernel-Mode is the cryptographic library module which operates on the Windows Kernel-Mode. Full listing of testing configuration: Windows XP Professional; Windows Vista Ultimate; Windows 7 Ultimate; Windows 7 Ultimate 64bit (single-user mode)" |
| 1696 | Hitachi Solutions, Ltd. 4-12-7, Higashishinagawa Shinagawa-ku, Tokyo 140-0002 Japan -Applied Security Development Department
CST Lab: NVLAP 200835-0 |
(Software Version: 1.0 Rev. 2) Validated to FIPS 140-2 Consolidated Validation Certificate |
Software | 03/28/2012 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows XP Professional; Windows Vista Ultimate; Windows 7 Ultimate; Windows 7 Ultimate 64bit; Linux Kernel 2.6 (Fedora 12) (single-user mode) -FIPS-approved algorithms: AES (Cert. #1780); SHS (Cert. #1562); HMAC (Cert. #1045); DRBG (Cert. #125) -Other algorithms: N/A Multi-chip standalone"HIBUN Cryptographic Module for User-Mode is the cryptographic library module which operates on the Windows User-Mode and Linux User-Mode. Full testing configuration: Windows XP Professional; Windows Vista Ultimate; Windows 7 Ultimate; Windows 7 Ultimate 64bit; Linux Kernel 2.6 (Fedora 12) (single-user mode)" |
| 1694 | SafeNet, Inc. 20 Colonnade Dr, Suite 200 Ottawa, ON K2E 7M6 Canada -Chris Brych
-Mark Yakabuski
CST Lab: NVLAP 200492-0 |
(Hardware Version: VBD-05-0100 and VBD-05-0101; Firmware Version: 6.2.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 03/30/2012 | Overall Level: 3
-FIPS-approved algorithms: AES (Certs. #1743, #1750 and #1756); DRBG (Cert. #114); DSA (Certs. #545, #546 and #548); ECDSA (Certs. #230, #231 and #233); HMAC (Certs. #1021 and #1027); KAS (Cert. #23); RSA (Certs. #865 and #870); SHS (Certs. #1531 and #1537); KKDF (SP 800-108, vendor affirmed); Triple-DES (Certs. #1130, #1134 and #1137); Triple-DES MAC (Certs. #1130, #1134 and #1137, vendor-affirmed) -Other algorithms: ARIA; AES (Certs. #1743, #1750 and #1756, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); AES MAC (Cert. #1750; non-compliant); CAST5; CAST5-MAC; DES; DES MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 128 bits of encryption strength); HAS-160; KCDSA; MD2; MD5; RC2; RC2-MAC; RC4; RC5; RC5-MAC; RSA (key wrapping; key establishment methodology provides between 80 and 152 bits of encryption strength); SEED; Triple-DES (Certs. #1130, #1134 and #1137, key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength) Multi-chip embedded"The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card." |
| 1693 | SafeNet, Inc. 20 Colonnade Drive, Suite 200 Ottawa, ON K2E 7M6 Canada -Chris Brych
-Mark Yakabuski
CST Lab: NVLAP 200492-0 |
(Hardware Versions: VBD-05-0100 and VBD-05-0101; Firmware Version: 6.2.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 03/28/2012 | Overall Level: 2
-Physical Security: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Certs. #1743, #1750 and #1756); DRBG (Cert. #114); DSA (Certs. #545, #546 and #548); ECDSA (Certs. #230, #231 and #233); HMAC (Certs. #1021 and #1027); KAS (Cert. #23); RSA (Certs. #865 and #870); SHS (Certs. #1531 and #1537); KKDF (SP800-108, vendor affirmed); Triple-DES (Certs. #1130, #1134 and #1137); Triple-DES MAC (Certs. #1130, #1134 and #1137, vendor-affirmed) -Other algorithms: ARIA; AES (Certs. #1743, #1750 and #1756, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); AES MAC (Cert. #1750; non-compliant); CAST5; CAST5-MAC; DES; DES MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 128 bits of encryption strength); HAS-160; KCDSA; MD2; MD5; RC2; RC2-MAC; RC4; RC5; RC5-MAC; RSA (key wrapping; key establishment methodology provides between 80 and 152 bits of encryption strength); SEED; Triple-DES (Certs. #1130, #1134 and #1137, key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength) Multi-chip embedded"The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card." |
| 1692 | IBM® Corporation 2455 South Road Poughkeepsie, NY 12601 USA -William F Penny
CST Lab: NVLAP 200658-0 |
(Hardware Version: FC3863 w/System Driver Level 86E, and optional CEX3A and CEX3C [CEX3A and CEX3C are separately configured versions of 4765-001 (P/N 45D6048)]; Software Version: System SSL level HCPT3D0/JCPT3D1 w/ APAR OA36775, RACF level HRF7780 and ICSF level HCR7780 w/ APAR OA36882; Firmware Version: 4765-001 (e1ced7a0)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software-Hybrid | 03/12/2012 | Overall Level: 1
-Cryptographic Module Specification: Level 3 -Operational Environment: Tested as meeting Level 1 with IBM® zEnterprise (TM) 196 (z196) with CP Assist for Cryptographic Functions DES/TDES Enablement Feature 3863 [Base GPC, and optional Crypto Express3 Card (Coprocessor (CEX3C)); Crypto Express3 Card (Accelerator (CEX3A)) and Crypto Express3 Cards (Coprocessor (CEX3C) and Accelerator (CEX3A))] [IBM® zEnterprise (TM) (z196) with CP Assist for Cryptographic Functions DES/TDES Enablement Feature 3863 includes FC3863 w/System Driver Level 86E and z/OS® V1R13] (single-user mode) -FIPS-approved algorithms: AES (Certs. #1713, #1864 and #1865); Triple-DES (Certs. #1103, #1210 and #1211); DSA (Certs. #582 and #583); RSA (Certs. #944, #945, #946, #947 and #948); SHS (Certs. #1497, #1639 and #1640); HMAC (Certs. #1110 and #1111); RNG (Certs. #977 and #978) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength); DES; RC2; ArcFour; MD5; MD2; HMAC-MD5; ECDSA (non-compliant) Multi-chip standalone"System SSL is a set of generic services provided in z/OS to protect TCP/IP communications using the SSL/TLS protocol. System SSL is exploited by many SSL enabled servers and clients in z/OS to meet the transport security constraints required in an On Demand environment. The System SSL APIs are also externalized to customer applications. System SSL has evolved through the latest releases of z/OS to support the new TLS (Transaction Layer Security) standard, to reach an unmatched level of performance and to extend the APIs available to applications to new functions." |
| 1691 | Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 03/09/2012 | Overall Level: 3
-FIPS-approved algorithms: -Other algorithms: Multi-chip standalone | |
| 1690 | Gemalto Avenue du Jujubier Z.I Athelia IV La Ciotat, 13705 France -Frederic Garnier
CST Lab: NVLAP 200492-0 |
(Hardware Version: A1023378; Firmware Version: Build#11 - M1005011+ Softmask V03, Applet Version: Protiva PIV v1.55) (PIV Card Application: Cert. #27) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 03/09/2012 | Overall Level: 2
-Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Cert. #1363); ECDSA (Cert. #172); RNG (Cert. #749); RSA (Cert. #664); SHS (Cert. #1243); Triple-DES (Cert. #938); Triple-DES MAC (Triple-DES Cert. #938, vendor affirmed) -Other algorithms: N/A Single-chip"This module is based on a Java Card platform (TOP DL V2) with 128K EEPROM memory and the Protiva PIV Applet loaded on the Java Card platform. The Cryptographic Module provides dual interfaces (i.e. contact and contact-less) where the same security level is achieved." |
| 1689 | Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA CST Lab: NVLAP 200492-0 |
(Hardware Versions: (CP-7906G: V01-V09), (CP-7911G: V01-V09), (CP-7931G: V01-V05), (CP-7941G: V01-V02), (CP-7942G: V01-V10), (CP-7945G: V01-V11), (CP-7961G: V01-V02), (CP-7961GE: V01), (CP-7962G: V01-V11), (CP-7965G: V01-V11), (CP-7970G: V01-V02), (CP-7971G/7971GE: V01-V03) and (CP-7975G: V01-V12); Firmware Version: 9.2(1)SR2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 03/09/2012 | Overall Level: 1
-FIPS-approved algorithms: AES (Certs. #1745 and #1747); HMAC (Certs. #1022 and #1024); RNG (Cert. #931); RSA (Cert. #868); SHS (Certs. #1532 and #1534); Triple-DES (Cert. #1132) -Other algorithms: HMAC MD5; MD5; RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength) Multi-chip standalone"The Cisco Unified IP Phones 7900 Series deliver cost-effective, full-featured voice communication services in a clutter-free and earth-friendly, ergonomic design." |
| 1688 | Seagate Technology LLC 389 Disc Drive Longmont, CO 80503 USA -Monty Forehand
CST Lab: NVLAP 200492-0 |
(Hardware Version: ST9500326AS; Firmware Version: 566) (When operated in FIPS mode. Files distributed with the module mounted within the CD Drive are excluded from the validation.) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 03/09/2012 | Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: AES (Certs. #797 and #1341); HMAC (Cert. #883); SHS (Cert. #1223); RNG (Cert. #737); RSA (SigVer, Cert. #648); Triple-DES (Cert. #697) -Other algorithms: DES Multi-chip embedded"The Momentus® Attached Storage FDE Drives, FIPS 140 Modules are FIPS 140-2 Level 2 modules which provide full disk encryption with user authentication These products are designed to prevent data breaches due to loss or theft on the road, in the office. The cryptographic module provides a wide range of cryptographic services using FIPS approved algorithms in DriveTrust Security Mode. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, and authenticated FW download." |
| 1687 | Mitsubishi Space Software Co., Ltd. Tsukuba Mitsui Bldg., 1-6-1, Takezono Tsukuba-shi, Ibaraki-ken 305-0032 Japan -Shinichi Shimazaki
-Ikuo Shionoya
CST Lab: NVLAP 200928-0 |
(Firmware Version: 2.0) (When operated in FIPS mode with the Operational Environment configuration specified on the reverse with the Firewall configured per Section 11 in the Security Policy) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Firmware | 03/30/2012 | Overall Level: 2
-EMI/EMC: Level 3 -Tested: HP Compaq 6000 Pro Small Form Factor PC running Microsoft Windows XP Professional SP2 and Zone Labs Zone Alarm Pro Firewall version 10.0.250.000 -FIPS-approved algorithms: Triple-DES (Cert. #1119) -Other algorithms: Multi-chip standalone"Command Encryption Module is a firmware module designed to perform Triple DES CFB mode encryption functions." |
| 1686 | McAfee, Inc. 2821 Mission College Blvd. Santa Clara, CA 95054 USA -David Gerendas
CST Lab: NVLAP 200416-0 |
(Software Version: 6.1.3) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software | 03/09/2012 | Overall Level: 1
-Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with (Windows XP 32-bit or Windows 7 64-bit running on Intel Core i3 without AES-NI; Windows 7 32-bit or Windows Vista 32-bit running on Intel Core i5 with AES-NI; Windows 7 64-bit or Windows Vista 64-bit running on Intel Core i7 with AES-NI) [1]; (McAfee Endpoint Encryption Preboot OS running on Intel Core i3 without AES-NI; McAfee Endpoint Encryption Preboot OS running on Intel Core i5 or i7 with AES-NI) [2] (single-user mode) -FIPS-approved algorithms: AES (Certs. #1881, #1882 and #1883); DRBG (Cert. #156); HMAC (Cert. #1124 and #1125); SHS (Certs. #1653 and #1654); -Other algorithms: RC5; PKCS#5; AES (non-compliant); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); AES (Cert. #1881, key wrapping; key establishment methodology provides 256 bits of encryption strength) Multi-chip standalone |
| 1685 | ZyFLEX Technologies Incorporation 4F, No.5-2, Industry E. 9th Rd. Science Park Hsinchu Hsin-Chu, 30075 Taiwan, R.O.C. -Nick Tseng
CST Lab: NVLAP 200824-0 |
(Hardware Version: AAM; Firmware Version: 1.1) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 03/09/2012 | Overall Level: 3
-FIPS-approved algorithms: AES (Certs. #1670 and #1671); DSA (Cert. #521); HMAC (Cert. #980); RNG (Certs. #888 and #889); RSA (Cert. #827); SHS (Cert. #1462) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); NDRNG Multi-chip embedded"ZyFLEX Crypto Module ZCM-100 is a hardware multichip embedded module that targets high speed data link layer (OSI layer 2) secure data transmission applications in an IP-based network. ZCM-100 implements AES-256 encryption/decryption algorithms and other Approved security functions by using both hardware FPGA circuitry and a 32-bit microcontroller. Its miniaturized size and low power consumption features make ZCM-100 suitably fit in a portable wireless communication device such as a handheld radio." |
| 1684 | Symantec Corporation 350 Ellis Street Mountain View, CA 94043 USA -Vinnie Moscaritolo
CST Lab: NVLAP 200802-0 |
(Software Version: 4.2.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software | 02/24/2012 | Overall Level: 1
-Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Mac OS X 10.7; IOS 5 (single-user mode) -FIPS-approved algorithms: Triple-DES (Cert. #1151); AES (Cert. #1778); SHS (Cert. #1559); HMAC (Certs. #1043) -Other algorithms: AES (EME2 mode; non-compliant) Multi-chip standalone"The PGP Cryptographic Engine includes a wide range of field-tested and standards-based encryption, and encoding algorithms used by PGP Whole Disk Encryption." |
| 1683 | Lenel Systems International, Inc. 1212 Pittsford-Victor Road Pittsford, NY 14534 USA -Robert Pethick
CST Lab: NVLAP 100432-0 |
(Software Versions: 5.12.110, 6.0.148, 6.1.22, 6.3.249 or 6.4.500) (When operated in FIPS mode with [(Windows 7 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1330 operating in FIPS mode) or (Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH) validated to FIPS 140-2 under Cert. #1337 operating in FIPS mode)]) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software | 02/15/2012 | Overall Level: 1
-EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Microsoft Windows 7; Microsoft Windows Server 2008 (single-user mode) -FIPS-approved algorithms: AES (Cert. #1650); RNG (Cert. #882) -Other algorithms: RC2 Multi-chip standalone"The Communication Server module's primary purpose is to provide secure communications with external access control devices. The module is part of the Lenel's advanced access control and alarm monitoring system. The Lenel advanced access control and alarm monitoring system is built on an open architecture platform, offers unlimited scalability, database segmentation, fault tolerance, and biometrics and smart card support. The Lenel advanced access control and alarm monitoring system is fully customizable, and can be seamlessly integrated into the OnGuard total security solution." |
| 1682 | Voltage Security, Inc. 20400 Stevens Creek Blvd. Cupertino, CA 95014 USA -Luther Martin
CST Lab: NVLAP 200802-0 |
(Software Version: 4.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate Vendor Product Link |
Software | 02/14/2012; 02/23/2012 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows 7 Professional SP1, 32-bit; Red Hat Enterprise Linux Server 5.3, 32-bit (single-user mode) -FIPS-approved algorithms: AES (Cert. #1752); Triple-DES (Cert. #1135); DSA (Cert. #547); SHS (Cert. #1539); RNG (Cert. #934); RSA (Cert. #871); HMAC (Cert. #1029); DRBG (Cert. #115) -Other algorithms: IBE; BBX; FFX; RSA (key wrapping; key establishment methodology provides 80 bits or 112 bits encryption strength); MD5; Diffie-Hellman; DES Multi-chip standalone"Voltage IBE Cryptographic Module implements the following algorithms: DSA; TDES; AES (ECB, CBC, CFB, OFB, FPE); DRNG; DRBG; SHS; HMAC; CMAC; RSA; DH; BF IBE; BB1 IBE; MD; DES" |
| 1681 | Symantec Corporation 350 Ellis St. Mountain View, CA 94043 USA -Vinnie Moscaritolo
CST Lab: NVLAP 200802-0 |
(Software Version: 4.2.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software | 02/28/2012 | Overall Level: 1
-Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows XP Professional SP3; Mac OS X 10.7; Linux, 32-bit: CentOS 5.5; iOS 5 (single-user mode) -FIPS-approved algorithms: Triple-DES (Cert. #1150); AES (Cert. #1777); RSA (Cert. #888); DSA (Cert. #558); SHS (Cert. #1558); HMAC (Cert. #1042); DRBG (Cert. #124) -Other algorithms: AES (EME2 mode; non-compliant); DSA (FIPS 186-3 with SHA-256; non-compliant); CAST-5; IDEA; Two-Fish; Blow-Fish; ARC4-128; MD5; HMAC-MD5; RIPEMD-160; ElGamal; EC Diffie-Hellman; ECDSA (non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 128 bits of encryption strength); Shamir Threshold Secret Sharing Multi-chip standalone"The PGP Software Developer's Kit (SDK) Cryptographic Module is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for PGP products including: PGP Whole Disk Encryption, PGP NetShare, PGP Command Line, PGP Universal, and PGP Desktop. It includes a wide range of field-tested and standards-based encryption, digital signature, and encoding algorithms as well as a variety of secure network protocol implementations. The PGP SDK offers developers this same cryptographic library that is at the heart of PGP products." |
| 1680 | Absolute Software Corporation Suite 1600, Four Bentall Centre 1055 Dunsmuir Street PO Box 49211 Vancouver, BC V7X 1K8 Canada -Tim Parker
CST Lab: NVLAP 200556-0 |
(Software Version: 1.2.0.46) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software | 02/14/2012 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Microsoft Windows Server 2008 64-bit; Windows 7 32-bit; Windows XP 32-bit; Windows Vista 32-bit; Windows Vista 64-bit; Red Hat Enterprise Linux (RHEL) 6 32-bit; Mac OS X v10.6.7 32-bit (single-user mode) -FIPS-approved algorithms: AES (Cert. #1610); RNG (Cert. #864) -Other algorithms: RSA (key wrapping; key establishment methodology provides 128 bits of encryption strength) Multi-chip standalone"Absolute Software Corporation provides security products for the central management of all IT assets. The Absolute Encryption Engine is a dynamic-linked library (DLL) defined as the encryption module on the client and server callable by applications via an Application Programming Interface (API). The module is currently used by the Absolute Computrace product." |
| 1679 | Senetas Corporation Ltd. Level 1, 11 Queens Road Melbourne, Victoria 3004 Australia -John Weston
-Horst Marcinsky
CST Lab: NVLAP 200426-0 |
(Hardware Version: A5175B; Firmware Version: 1.9.3) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate Vendor Product Link |
Hardware | 02/14/2012 | Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #1158); AES (Certs. #1775 and #1786); SHS (Cert. #1568); RNG (Cert. #948); DSA (Cert. #562); RSA (Cert. #893); HMAC (Cert. #1051) -Other algorithms: MD5; RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength) Multi-chip standalone"The CN1000 Fibre Channel Encryptor is a high-speed, standards based, encryptor specifically designed to secure data transmitted over Fibre Channel point-to-point networks at line rates up to 4.25Gb/s. Data privacy is provided by FIPS approved AES algorithms." |
| 1678 | Giesecke & Devrient 45925 Horseshoe Drive Dulles, VA 20166 USA -Jatin Deshpande
-Thomas Palsherm
CST Lab: NVLAP 200492-0 |
(Hardware Version: P5CC081; Firmware Version: Sm@rtCafT Expert 6.0) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 02/09/2012 | Overall Level: 3
-FIPS-approved algorithms: AES (Cert. #1755); DRBG (Cert. #116); RSA (Cert. #874); SHS (Cert. #1542); Triple-DES (Cert. #1136); Triple-DES MAC (Triple-DES Cert. #1136, vendor affirmed) -Other algorithms: AES (Cert. #1755, key wrapping; key establishment methodology provides 128 to 256 bits of encryption strength) Multi-chip standalone"Giesecke & Devrient (G&D) Smart Card Chip Operating System Sm@rtCafT Expert 6.0 is a Java Card 3 and Global Platform v2.1.1 compliant smart card module supporting both contact and contactless interfaces. It also supports, at a minimum, RSA up to 2048 bits(RSA and RSA-CRT) with on-card key generation, Hash algorithms(including SHA256), AES(up to 256 bits), ECDSA, and Triple-DES. The Sm@rtCafT Expert 6.0 is suitable for government and corporate identification, payment and banking, health care, and Web applications." |
| 1677 | McAfee, Inc. 2821 Mission College Blvd. Santa Clara, CA 95054 USA -David Gerendas
CST Lab: NVLAP 200416-0 |
(Software Version: 6.1.3) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software | 02/09/2012 | Overall Level: 1
-Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows XP 32-bit or Windows 7 64-bit running on Intel Core i3 without AES-NI; Windows Vista 32-bit or Windows 7 32-bit running on Intel Core i5 with AES-NI; Windows Vista 64-bit or Windows 7 64-bit running on Intel Core i7 with AES-NI (single-user mode) -FIPS-approved algorithms: AES (Cert. #1882); HMAC (Cert. #1125); SHS (Cert. #1654) -Other algorithms: RC5; AES (non-compliant) Multi-chip standalone |
| 1676 | Symantec Corporation 350 Ellis Street Mountain View, CA 94043 USA -John Bordwine
CST Lab: NVLAP 200556-0 |
(Software Version: 1.1) (When operated in FIPS mode with module RSA BSAFE® Crypto-J Software Module validated to FIPS 140-2 under Cert. #1291 operating in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software | 03/09/2012 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Microsoft Windows XP SP2 with Sun JRE 5.0; Microsoft Windows XP SP2 with Sun JRE 6.0 (single-user mode) -FIPS-approved algorithms: AES (Cert. #1109); DSA (Cert. #357); ECDSA (Cert. #130); DRBG (Cert. #15); HMAC (Cert. #621); RNG (Cert. #616); RSA (Cert. #522); SHS (Cert. #1032); Triple-DES (Cert. #806) -Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 112 bits of encryption strength); DESX; ECAES (non-compliant); EC Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); ECIES; MD2; MD5; PBE (non-compliant); RIPEMD 160; RC2; RC4; RC5; RSA OAEP (non-compliant); Raw RSA (non-compliant); RSA Keypair Generation MultiPrime (non-compliant); RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength; non-compliant less than 80 bits of encryption strength); HMAC-MD5; ANSI X9.31 RNG (non-compliant); MD5Random; SHA1Random (non-compliant) Multi-chip standalone"The Symantec Java Cryptographic Module Version 1.1 provides a comprehensive set of cryptographic services for Symantec products including, but not limited to, the Symantec Data Loss Prevention Suite." |
| 1675 | Uplogix, Inc. 7600B N. Capital of Texas Highway Austin, TX 78731 USA -Martta Howard
CST Lab: NVLAP 200492-0 |
(Hardware Versions: (43-1002-50 and 43-1102-50) [1] and (37-0326-03 and 37-0326-04) [2]; Firmware Version: 4.3.5.19979) (When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 02/06/2012 | Overall Level: 2
-Roles, Services, and Authentication: Level 3
-FIPS-approved algorithms: AES (Certs. #1644 and #1647); DRBG (Cert. #90); DSA (Certs. #515 and #517); HMAC (Certs. #966 and #968); RNG (Cert. #881); RSA (Certs. #812 and #815); SHS (Certs. #1445 and #1448); Triple-DES (Certs. #1074 and #1076) -Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 192 bits of encryption strength); HMAC-MD5-96; HMAC-SHA-96 (non-compliant); MD5; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength) Multi-chip standalone"Uplogix is a network independent management platform that locates with - and directly connects to - managed devices. Standing alone or augmenting existing centralized management tools, Uplogix provides configuration, performance and security management actions that are best performed locally. Local Management reduces operational costs, speeds problem resolution, and improves security and compliance versus centralized-only management. Our local focus on network device automation enables the transition to more network sensitive cloud and virtual infrastructure technologies." |
| 1674 | Avaya, Inc. 211 Mt. Airy Road Basking Ridge, NJ 07920 USA -Dragan Grebovich
CST Lab: NVLAP 200556-0 |
(Hardware Version: Chassis: 4134, Interface Cards: 2-port T1/E1 Small Card (Assembly Number: 333-70225-01 Rev 4); 2-port Serial Small Card (Assembly Number: 333-70240-01 Rev 02.0011); 1-port ADSL2+ Annex A Small Card (Assembly Number: 333-70260-01 Rev 01); 1-port HSSI Medium Card (Part Number: 333-70290-01 Rev 9); 1-port Channelized / Clear Channel T3 Medium Card (Part Number: 333-70280-01 Rev 8); 8-port T1/E1 Medium Card (Part Number: 333-70275-01 Rev 01.0012); 10-port Gigabit Ethernet (GbE) Medium Card (Part Number: 333-70330-01 Rev 01.0023); 24-port Fast Ethernet (FE) Medium Card (Part Number: 333-70325-01 Rev 15); 24-port Fast Ethernet/Power over Ethernet (FE/PoE) Medium Card (Part Number: 333-70325-02 Rev 01.0017); Firmware Version: 10.3.0.100) (When operated in FIPS mode, the tamper evident seals are installed as indicated in the Security Policy and with all interface card slots filled or covered) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 02/06/2012 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #275 and #1050); AES (Certs. #173 and #1605); SHS (Cert. #1418); HMAC (Cert. #941); RSA (SigVer, Cert. #787); DSA (Certs. #496 and #501); DRBG (Cert. #79) -Other algorithms: MD5; NDRNG; Blowfish; DES; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 128 bits of encryption strength); RSA (SigGen and KeyGen, Cert. #787; non-compliant) Multi-chip standalone"The Secure Router 4134 is a modular, multi-service branch router that combine IP routing, wide-area networking (WAN), voice/PSTN gateway and security services in a single platform. With advanced services - including IPv4/IPv6 routing, high-performance WAN, SIP survivable gateway, and IPSec VPN and firewall security - they are well-suited to address enterprise branch, regional and even headquarter WAN routing needs." |
| 1673 | Avaya, Inc. 211 Mt. Airy Road Basking Ridge, NJ 07920 USA -Dragan Grebovich
CST Lab: NVLAP 200556-0 |
(Hardware Version: Chassis: 2330, Interface Cards: 2-port T1/E1 Small Card (Assembly Number: 333-70225-01 Rev 4); 2-port Serial Small Card (Assembly Number: 333-70240-01 Rev 02.0011); 1-port ADSL2+ Annex A Small Card (Assembly Number: 333-70260-01 Rev 01); Firmware Version: 10.3.0.100) (When operated in FIPS mode, the tamper evident seals are installed as indicated in the Security Policy, with all interface card slots filled or covered) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 02/06/2012 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #210 and #1051); AES (Certs. #96 and #1606); SHS (Certs. #187 and #1419); HMAC (Cert.#942); RSA (SigVer, Cert. #788); DSA (Cert. #497); DRBG (Cert. #80) -Other algorithms: MD5; NDRNG; Blowfish; DES; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 128 bits of encryption strength); RSA (SigGen and KeyGen, Cert. #788; non-compliant) Multi-chip standalone"The Secure Router 2330 is a modular, multi-service branch router that combine IP routing, wide-area networking (WAN), voice/PSTN gateway and security services in a single platform. With advanced services - including IPv4/IPv6 routing, high-performance WAN, SIP survivable gateway, and IPSec VPN and firewall security - they are well-suited to address enterprise branch, regional and even headquarter WAN routing needs." |
| 1672 | IBM Corporation 2455 South Road Poughkeepsie, NY 12601 USA -William F Penny
-James Sweeny
CST Lab: NVLAP 200658-0 |
(Hardware Version: CPACF (P/N COP) and optional 4765-001 (P/N 45D6048); Software Version: ICSF level HCR7780 w/ APAR OA36882 and RACF level HRF7780; Firmware Version: CPACF (FC3863 w/ System Driver Level 86E) and optional 4765-001 (e1ced7a0)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate Vendor Product Link |
Software-Hybrid | 02/06/2012 | Overall Level: 1
-Cryptographic Module Specification: Level 3 -Operational Environment: Tested as meeting Level 1 with IBM® zEnterprise (TM) 196 (z196) with CP Assist for Cryptographic Functions DES/TDES Enablement Feature 3863 [Base GPC, and optional Crypto Express3 Card (Accelerator (CEX3A) is a separately configured version of 4765-001 (P/N 45D6048))] [IBM® zEnterprise (TM) (z196) with CP Assist for Cryptographic Functions DES/TDES Enablement Feature 3863 includes FC3863 w/System Driver Level 86E and z/OS® V1R13] (single-user mode) -FIPS-approved algorithms: AES (Certs. #1713 and #1866); Triple-DES (Certs. #1103 and #1212); DSA (Cert. #584); ECDSA (Cert. #261); RSA (Certs. #946, #949 and #971); SHS (Certs. #1497 and #1641); HMAC (Cert. #1112); DRBG (Cert. #151); CVL (Cert. #9) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 112 bits of encryption strength; non-compliant less than 80-bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength; non-compliant less than 80-bits of encryption strength); DES; Triple-DES (non-compliant); DSA (non-compliant); HMAC (non-compliant); RC4; BLOWFISH; MD5; MD2; RIPE-MD; EC Brainpool Multi-chip standalone"The ICSF PKCS #11 module consists of software-based cryptographic algorithms, as well as symmetric and hashing algorithms provided by the CP Assist for Cryptographic Function (CPACF) and RSA Hardware clear key modular math cryptography provided through the Crypto Express3 card (CEX3A). The RSA hardware support is accessed through auxiliary module CSFINPVT which acts as a pipe between ICSF PKCS #11 and the cryptographic cards." |
| 1671 | Sensage, Inc. 1400 Bridge Parkway Suite 202 Redwood City, CA 94065 USA -Brad Kekst
-Rao Yendluri
CST Lab: NVLAP 200002-0 |
(Software Version: 1.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate Vendor Product Link |
Software | 02/06/2012 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Redhat Enterprise Linux Version 5.1; Redhat Enterprise Linux Version 5.5 (single-user mode) -FIPS-approved algorithms: AES (Cert. #1761); Triple-DES (Cert. #1140); RSA (Cert. #877); DSA (Cert. #551); SHS (Cert. #1545); HMAC (Cert. #1032); RNG (Cert. #938) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 219 bits of encryption strength); HMAC-MD5; MD5; DES; CAST5; Blowfish; RSA (key wrapping; key establishment methodology provides between 80 and 256 bits of encryption strength) Multi-chip standalone"Sensage’s purpose-built event data warehouse products enable users to easily collect and store large volumes of log and event data, while also providing an ability to query and perform analyses on the event data that are available. Their Private Encryption File System solution gives product administrators the ability to employ FIPS-validated encryption and decryption on stored data, providing protection of data-at-rest (log files, configuration files, and other stored data) within the product." |
| 1670 | Dolby Laboratories, Inc. 100 Potrero Avenue San Francisco, CA 94103 USA -Dean Bullock
CST Lab: NVLAP 100432-0 |
(Hardware Versions: P/N CAT862Z, Revisions FIPS_1.0, FIPS_1.1, FIPS_1.2 and FIPS_1.3; Firmware Version: 4.4.0.37) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 02/02/2012; 02/09/2012 |
Overall Level: 3
-FIPS-approved algorithms: AES (Certs. #519, #520 and #1067); SHS (Certs. #592 and #1086); RSA (Cert. #233); HMAC (Certs. #270 and #676); RNG (Certs. #296 and #650) -Other algorithms: MD5; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength) Multi-chip embedded"The CAT862 Dolby JPEG2000/MPEG2 Media Block IDC performs all the cryptography, license management, and video decoding functions for the DSS200 Dolby Screen Server, which forms the nucleus of the Dolby Digital Cinema system. The system offers superb picture quality and outstanding reliability. It includes support for JPEG 2000 playback, as specified by DCI, and MPEG-2 for compatibility with alternative content such as preshow advertising. The system also meets DCI specifications for security, data rate, storage capacity, and redundancy." |
| 1669 | Research In Motion Ltd. 295 Phillip Street Waterloo, Ontario N2L 3W8 Canada -Certifications Team
CST Lab: NVLAP 200928-0 |
(Firmware Versions: 3.8.7.0 [1] and 3.8.7.1 [1,2]) (When operated in FIPS mode) Security Policy Consolidated Validation Certificate |
Firmware | 01/19/2012 | Overall Level: 1
-Design Assurance: Level 3 -Tested: BlackBerry 9900 with BlackBerry OS Versions 7.0 [1] and 7.1 [2] -FIPS-approved algorithms: Triple-DES (Certs. #1163 and #1164); AES (Certs. #1798, #1799, #1800 and #1801); SHS (Certs. #1581 and #1582); HMAC (Certs. #1063 and #1064); RSA (Certs. #902 and #903); DRBG (Certs. #132 and #133); ECDSA (Certs. #244 and #245) -Other algorithms: EC Diffie-Hellman (key agreement; key establishment methodology provides 256 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides 256 bits of encryption strength) Multi-chip standalone"BlackBerry is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry." |
| 1668 | Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA -Global Certification Team
CST Lab: NVLAP 200492-0 |
(Hardware Versions: Intel [Core i5, Core i7 and Xeon] with AES-NI; Software Version: 0.9.8r.1.1) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software-Hybrid | 01/19/2012; 02/23/2012 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with FreeBSD 8.2 or Windows 7 SP1 running on Intel Core i5 with AES-NI; Red Hat Enterprise Linux v5 running on Intel Xeon with AES-NI or Intel Core i7 with AES-NI (single-user mode) -FIPS-approved algorithms: AES (Cert. #1758); DSA (Cert. #550); ECDSA (Cert. #234); HMAC (Cert. #1031); RNG (Cert. #937); RSA (Cert. #876); SHS (Cert. #1544); Triple-DES (Cert. #1139) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 152 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 152 bits of encryption strength) Multi-chip standalone"The Cisco Common Cryptographic Module (C3M) is a software-hybrid that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS validated cryptographic algorithms for services such as sRTP, SSH, TLS, 802.1x etc. The module does not implement any of the protocols directly. Instead, it provides the cryptographic primitives and functions to allow a developer to implement various protocols." |
| 1667 | Qube Cinema, Inc. 601 S. Glenoaks Blvd. Ste. 102 Burbank, CA 91502 USA -Rajesh Ramachandran
CST Lab: NVLAP 100432-0 |
(Hardware Versions: Z-OEM-DCI-Q-R0, Z-OEM-DCI-Q-R2 and Z-OEM-DCI-Q-R3; Firmware Version: 1.0.1.0) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 01/11/2012 | Overall Level: 3
-FIPS-approved algorithms: AES (Certs. #812 and #1455); HMAC (Certs. #450 and #854); RNG (Certs. #467 and #797); RSA (Certs. #392 and #711); SHS (Certs. #809, #810, #811 and #1318) -Other algorithms: RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); MD5 Multi-chip embedded"The Qube Secure Media Block is used in Digital Cinema applications, providing core functionality required to playback Digital Cinema Packages. The module performs essence decryption when processing encrypted content, it ensures link encryption downstream to a projector device, and it provides other features as to enable a fully capable Digital Cinema Server. Content owners and other stake holders rely upon the security features provided by the Qube Secure Media Block to protect their valuable content, and to perform secure logging of operations within a theatre auditorium." |
| 1666 | Motorola Mobility, Inc. 600 North US Highway 45 Libertyville, IL 60048 USA -Ed Simon
CST Lab: NVLAP 100432-0 |
(Software Version: 5.4fm) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Software | 01/25/2012; 03/07/2012; 03/14/2012 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Android 2.3 (single-user mode) -FIPS-approved algorithms: AES (Cert. #1930); Triple-DES (Cert. #1256); SHS (Cert. #1695); HMAC (Cert. #1164); RSA (Cert. #996); DSA (Cert. #613); RNG (Cert. #1015) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength); DES; Blowfish; ARC2; ARC4; MD2; MD4; MD5; HMAC-MD5; AES EAX (non-compliant); AES XCBC (non-compliant) Multi-chip standalone"The Motorola Mobility Cryptographic Suite B Module is used in Motorola Business Ready Android devices to encrypt sensitive application data. For details on Motorola Business Ready, see www.motorola.com/Business-Ready/US-EN/Home." |
| 1665 | McAfee, Inc. 2821 Mission College Blvd. Santa Clara, CA 95054 USA -Sakthikumar Subramanian
CST Lab: NVLAP 100432-0 |
(Hardware Version: P/N M-8000 S, Version 1.40; FIPS Kit P/N IAC-FIPS-KT8; Firmware Version: 6.1.15.35) (When operated with the tamper evident seals installed as indicated in the Security Policy) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 01/10/2012 | Overall Level: 2
-Design Assurance: Level 3
-FIPS-approved algorithms: AES (Cert. #880); Triple-DES (Cert. #781); RSA (Certs. #425 and #830); DSA (Cert. #345); SHS (Certs. #871 and #970); RNG (Cert. #505); HMAC (Cert. #971) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength); MD5 Multi-chip standalone"Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks." |
| 1664 | Certicom Corp. 4701 Tahoe Blvd. Building A Mississauga, ON L4W 0B5 Canada -Certicom Sales
-Kris Orr
CST Lab: NVLAP 200928-0 |
(Firmware Versions: 4.0 B and 4.0 S) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Firmware | 01/10/2012; 03/30/2012 |
Overall Level: 1
-Tested: ARM 920T processor running Hand Held Products BASE firmware 31205423-052 or Hand Held Products Scanner firmware 31205480-025; ARM 926EJ-S processor running Honeywell Xenon 1902 Cordless Base Firmware or Honeywell Xenon 1902 Cordless Scanner firmware -FIPS-approved algorithms: AES (Certs. #547 and #590); SHS (Certs. #612 and #641); HMAC (Certs. #288 and #307); RNG (Certs. #315 and #336); DSA (Certs. #222 and #232) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength; non-compliant less than 80-bits of encryption strength) Multi-chip standalone"The Security Builder® FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." |
| 1663 | CST Lab: NVLAP 200492-0 |
Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 01/05/2012 | Overall Level: 2
-FIPS-approved algorithms: -Other algorithms: Multi-chip standalone |
| 1651 | Nexgrid, LLC 4444 Germanna Hwy Locust Grove, VA 22508 USA -Thomas McLure
-Haim Shaul
CST Lab: NVLAP 200492-0 |
(Hardware Versions: ENSL2, ENSL5 and ENMSA2; Firmware Version: 3.1.2-FIPS) Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 01/05/2012 | Overall Level: 2
-FIPS-approved algorithms: AES (Cert. #1665); DSA (Cert. #520); HMAC (Cert. #979); RNG (Cert. #887); RSA (Cert. #820); SHS (Cert. #1459); Triple-DES (Cert. #1083) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 224 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 256 bits of encryption strength) Multi-chip standalone"ecoNet smart grid gateways provide the central link between intelligent endpoint devices and the Utility's backhaul or WAN enabling real time network control and monitoring." |
| 1631 | CST Lab: NVLAP 100432-0 |
Validated to FIPS 140-2 Security PolicyConsolidated Validation Certificate |
Hardware | 01/24/2012; 05/03/2012 |
Overall Level: 2
-FIPS-approved algorithms: -Other algorithms: Multi-chip standalone |