Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #1453

Details

Module Name
Luna® PCI 7000 Cryptographic Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
RNG SP800-131A Revision 1 Transition
Overall Level
2
Caveat
When operated in FIPS mode and configured to Overall Level 2 per Security Policy
Security Level Exceptions
  • Physical Security: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
Module Type
Hardware
Embodiment
Multi-chip embedded
Description
Luna® PCI offers dedicated hardware key management to protect sensitive cryptographic keys from attack. The high-security hardware design ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the HSM to increase performance and maintain security. Luna® PCI HSMs provide hardware secured key generation, storage, secure key backup and accelerated encryption in a range of models and configurations offering a wide selection of security, performance and operational capabilities.
Approved Algorithms
AES Certs. #510 and #1298
DSA Cert. #420
ECDSA Cert. #154
HMAC Cert. #755
RNG Cert. #723
RSA Cert. #620
SHS Cert. #1190
Triple-DES Certs. #520 and #912
Triple-DES MAC Triple-DES Certs. #520 and #912, vendor affirmed
Other Algorithms
DES; RC2; RC4; RC5; CAST5; RSA X509; SEED; ARIA; MD2; MD5; HAS-160; AES MAC (AES Cert. #510; non-compliant); DES-MAC; RC2-MAC; RC5-MAC; CAST5-MAC; SSL3-MD5-MAC; SSL3-SHA1-MAC; KCDSA; AES (Certs. #510 and #1298, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Certs. #520 and #912, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength; non-compliant)
Hardware Versions
VBD-03-0100
Firmware Versions
4.8.1 or 4.8.2

Vendor

SafeNet, Inc.
20 Colonnade Road
Suite 200
Nepean, Ontario K2E 7M6
Canada

Terry Fletcher
Terry.Fletcher@safenet-inc.com
Phone: 613-221-5009
Fax: 613-723-5079

Related Files

Security Policy
Certificate

Validation History

Date Type Lab
11/22/2010 Initial EWA CANADA
2/10/2011 Update EWA CANADA
12/3/2012 Update