Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4110

Details

Module Name
ProtectServer PCIe HSM 3
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
3
Caveat
When operated in FIPS mode. When utilizing a Trusted Path as specified in the security policy
Module Type
Hardware
Embodiment
Multi-Chip Embedded
Description
The ProtectServer PCIe HSM 3 is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that provides a wide range of cryptographic functions using firmware and dedicated hardware processors
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Cert. #C2089
CKG vendor affirmed
CVL Cert. #A678
DRBG Cert. #C2089
DSA Cert. #C2089
ECDSA Certs. #C1945 and #C2089
HMAC Certs. #A678 and #C2089
KAS KAS-SSC Cert. #A678, KDA Cert. #A678
KAS-SSC Cert. #A678
KDA Cert. #A678
KTS AES Cert. #C2089; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Cert. #C2089; key establishment methodology provides 112 bits of encryption strength
KTS-RSA Cert. #A678; key establishment methodology provides between 112 and 150 bits of encryption strength
RSA Certs. #A678 and #C2089
SHA-3 Cert. #C2089
SHS Certs. #C1945 and #C2089
Triple-DES Cert. #C2089
Allowed Algorithms
AES (Cert. #C2089, key unwrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength); Triple-DES (Cert. #C2089, key unwrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
808-000048-002, 808-000048-003, 808-000073-001, 808-000073-002
Firmware Versions
7.00.01, 7.01.01, 7.01.02, 7.02.02 or 7.02.04 with bootloader versions 1.2.0 or 1.2.1

Vendor

Thales
20 Colonnade Road
Suite 200
Ottawa, Ontario K2E 7M6
Canada

Security and Certifications Team
SecurityCertifications@thalesgroup.onmicrosoft.com

Validation History

Date Type Lab
12/20/2021 Initial LEIDOS CSTL
4/20/2022 Update LEIDOS CSTL
5/3/2022 Update LEIDOS CSTL
10/6/2022 Update LEIDOS CSTL
4/21/2023 Update LEIDOS CSTL
10/24/2023 Update LEIDOS CSTL
5/3/2024 Update LEIDOS CSTL