Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #1202

Details

Module Name
nShield F2 500 and nShield F2 10 PCI
Standard
FIPS 140-2
Status
Historical
 Historical Reason
RNG SP800-131A Revision 1 Transition
Validation Dates
10/6/2009
2/17/2010
Overall Level
2
Caveat
When operated in FIPS mode and initialized to Overall Level 2 per Security Policy
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Physical Security: Level 3
  • Design Assurance: Level 3
Module Type
Hardware
Embodiment
Multi-chip embedded
Description
The nShield modules: nShield F2 500 & nShield F2 10 PCI family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed.
FIPS Algorithms
AES Certs. #994 an #962
AES GCM Cert. #994, vendor affirmed
DSA Cert. #341
ECDSA Cert. #121
HMAC Cert. #560
RNG Cert. #564
RSA Cert. #478
SHS Cert. #960
Triple-DES Certs. #775 and #757
Triple-DES MAC Triple-DES Cert. #775, vendor affirmed
Other Algorithms
ARC FOUR; Aria; Camellia; CAST 6; DES; MD5; SEED; HMAC-MD5, HMAC-Tiger, HMAC-RIPEMD160; RIPEMD 160; Tiger; El-Gamal; KCDSA; HAS 160; AES (Cert. #994, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 192 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); NDRNG; DSA (FIPS 186-3; non-compliant); ECDSA (FIPS 186-3; non-compliant)
Hardware Versions
nC3023P-500, nC3023P-10, Build Standard N
Firmware Versions
2.38.4-2 and 2.38.7-2

Vendor

Thales - nCipher
92 Montvale Ave.
Suite 4500
Stoneham, MA 02180
USA

sales@ncipher.com
sales@ncipher.com
Phone: 800-NCIPHER
Fax: 781-994-4001

Lab

DOMUS
NVLAP Code: 200017-0