Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #2403

Details

Module Name
Thales Luna USB Hardware Security Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
Moved to historical list due to sunsetting
Overall Level
2
Caveat
When operated in FIPS mode and initialized to Overall Level 2 per Security Policy
Security Level Exceptions
  • Physical Security: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
Module Type
Hardware
Embodiment
Multi-chip standalone
Description
The Thales Luna USB Hardware Security Module delivers key management in a portable appliance. All key materials are maintained exclusively within the confines of the hardware. The small form-factor and on-board key storage sets the product apart, making it especially attractive to customers who need to physically remove and store the small appliance holding PKI root keys. The appliance directly connects the HSM to the application server via a USB interface.
Approved Algorithms
AES Certs. #2664 and #2668
DRBG Cert. #428
DSA Certs. #804 and #808
ECDSA Certs. #461 and #464
HMAC Certs. #1655 and #1659
KAS Cert. #44
KBKDF Cert. #15
RSA Certs. #1369 and #1372
SHS Certs. #2237 and #2241
Triple-DES Certs. #1598 and #1600
Triple-DES MAC Triple-DES Certs. #1598 and #1600, vendor affirmed
Other Algorithms
AES (Certs. #2664 and #2668, key unwrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); HRNG; RSA (key wrapping; key establishment methodology provides between 112 and 152 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Certs. #1598 and #1600, key unwrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
LTK-03, Version Code 0102; LTK-03, Version Code 0103
Firmware Versions
6.10.4, 6.10.7 and 6.10.9

Vendor

Thales
20 Colonnade Road, Suite 200
Ottawa, ON K2E 7M6
Canada

Security and Certifications Team
SecurityCertifications@thalesgroup.com

Validation History

Date Type Lab
8/11/2015 Initial EWA CANADA
9/4/2015 Update EWA CANADA
10/26/2015 Update EWA CANADA
1/14/2016 Update EWA CANADA
1/22/2016 Update EWA CANADA
5/12/2016 Update EWA CANADA
1/10/2017 Update CGI Information Systems & Management Consultants Inc
6/23/2017 Update
6/23/2017 Update
2/21/2018 Update EWA CANADA
10/4/2021 Update EWA CANADA