Module Name
TecSec Armored Card - Contact Cryptographic Module
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated with the fingerprint authentication mechanism parameters configured as indicated in the Security Policy Section 9. No assurance of Secure Channel Protocol (SCP) message integrity
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Physical Security: Level 4
- EMI/EMC: Level 3
- Design Assurance: Level 3
Description
The TecSec Armored Card is a cryptographic module which provides enterprise personnel identification, persistent data security for data in transit and at rest, with additional support for physical/logical/functional/content authorization. The Chip is part of a dual-chip PIV smart card that is fully compliant with the end-point service specified in SP800-73-1. This Contact Chip Provides 368k eprom memory leveraging a common robust identity process and additionally providing a federation platform for multiple applications from multiple owners enforced by cryptographic separation.
Approved Algorithms
02/06/14: |
Certs. #218 and #222 |
AES |
Certs. #1654 and #2226 |
CVL |
Cert. #2 |
DRBG |
Cert. #98 |
ECDSA |
Cert. #214 |
HMAC |
Cert. #1354 |
KBKDF |
Cert. #4 |
RSA |
Cert. #824 |
SHS |
Cert. #1465 |
Triple-DES |
Cert. #1087 |
Other Algorithms
NDRNG; EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); AES-CMAC (non-compliant)
Hardware Versions
P/N Inside Secure AT90SC320288RCT Revision E
Firmware Versions
P/Ns Athena IDProtect Version 0108.0264.0001, TecSec SSD Applet Version 1.001, TecSec PIV Applet Version 1.007, TecSec BOCC Applet Version 1.001, TecSec CKM Attribute Container Applet Version 1.002, TecSec CKM Info Applet Version 1.000