Module Name
DocuSign Signature Appliance
Caveat
When operated in FIPS mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. No assurance of the minimum strength of generated keys
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The DocuSign Signature Appliance is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization's end-users. End-users will connect securely to the appliance from their PC for the purpose of signing documents and data. The DocuSign Signature Appliance also enables organization using AES based encryption keys for encrypting/decrypting data.
Approved Algorithms
AES |
Certs. #A1517, #A1518, #C1251 and #C1252 |
CKG |
vendor affirmed |
CVL |
Certs. #A1518 and #C1252 |
DRBG |
Certs. #98, #A1517 and #C1251 |
HMAC |
Certs. #A1517, #A1518, #C1251 and #C1252 |
KTS |
AES Certs. #A1517 and #C1251 and AES Certs. #A1517 and #C1251; key establishment methodology provides 128 bits of encryption strength |
KTS |
AES Certs. #A1518 and #C1252 and HMAC Certs. #A1518 and #C1252; key establishment methodology provides 128 or 256 bits of encryption strength |
PBKDF |
Cert. #A1517 and vendor affirmed |
RSA |
Certs. #A1517 and #C1251 |
SHS |
Certs. #1465, #A1517, #A1518, #C1251 and #C1252 |
Triple-DES |
Certs. #A1517 and #C1251 |
Allowed Algorithms
MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); Triple-DES (Certs. #A1517 and #C1251, key unwrapping; key establishment methodology provides 112 bits of encryption strength)
Firmware Versions
9.3.9.20 and 9.4.9.20