Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #1733

Details

Module Name
nShield F3 6000e [1], nShield F3 1500e [2], nShield F3 500e [3], nShield F3 10e [4], nShield F3 6000e for nShield Connect [5], nShield F3 1500e for nShield Connect [6] and nShield F3 500e for nShield Connect [7]
Standard
FIPS 140-2
Status
Historical
 Historical Reason
Moved to historical list in accordance with SP800-131A Revision 1 Transition (AES/TDES key wrapping)
Validation Dates
6/20/2012
3/8/2013
8/16/2013
11/16/2015
Overall Level
2
Caveat
When operated in FIPS mode and initialized to Overall Level 2 per Security Policy
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Physical Security: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
Module Type
Hardware
Embodiment
Multi-chip embedded
Description
The nShield modules: nShield F3 6000e, nShield F3 1500e, nShield F3 500e, nShield F3 10e, nShield F3 6000e for nShield Connect, nShield F3 1500e for nShield Connect and nShield F3 500e for nShield Connect family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed.
FIPS Algorithms
AES Certs. #397 and #1579
CVL Cert. #1
DRBG Cert. #72
DSA Cert. #487
ECDSA Cert. #192
HMAC Cert. #925
RSA Certs. #770 and #1092
SHS Cert. #1398
Triple-DES Certs. #435 and #1035
Triple-DES MAC Triple-DES Cert. #1035, vendor affirmed
Other Algorithms
ARC4; Aria; Camellia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 112 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength)
Hardware Versions
nC4033E-6K0 [1], nC4033E-1K5 [2], nC4033E-500 [3], nC4033E-030 [4], nC4033E-6K0N [5], nC4033E-1K5N [6] and nC4033E-500N [7], Build Standard N
Firmware Versions
2.50.16-2, 2.51.10-2, 2.50.35-2 and 2.55.1-2

Vendor

Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

sales@thalesesec.com
sales@thalesesec.com
Phone: 888-744-4976

Lab

CSC
NVLAP Code: 200426-0