Module Name
MiniHSM [1], MiniHSM for nShield Edge [2] and MiniHSM for Time Stamp Master Clock [3]
Historical Reason
Moved to historical list in accordance with SP800-131A Revision 1 Transition (AES/TDES key wrapping)
Caveat
When operated in FIPS mode and initialized to Overall Level 3 per Security Policy
Embodiment
Multi-chip embedded
Description
The MiniHSM, MiniHSM for nShield Edge and MiniHSM for Time Stamp Master Clock are fully featured HSMs supplied in a single chip package. The MiniHSM Modules offer all the security and key management features of other nShield modules - but with reduced processing speed. The MiniHSM modules are OEM parts and will be included within other appliances or products, for example switches or routers. The MiniHSM modules have a real time clock which also makes them suitable for use as a time-stamping engine.
Approved Algorithms
AES |
Cert. #1770 |
CVL |
Cert. #6 |
DRBG |
Cert. #120 |
DSA |
Cert. #553 |
ECDSA |
Cert. #238 |
HMAC |
Cert. #1039 |
RSA |
Cert. #886 |
SHS |
Cert. #1554 |
Triple-DES |
Cert. #1146 |
Triple-DES MAC |
Triple-DES Cert. #1146, vendor affirmed |
Other Algorithms
ARC4; Aria; Camellia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA;
HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption
strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 112 bits of encryption
strengh; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength);
Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of
encryption strengh; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112
and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256
bits of encryption strengh; non-compliant less than 112 bits of encryption strength)
Hardware Versions
nC4031Z-10 [1], nC4031U-10 [2] and TSMC200 [3], Build Standard N
Firmware Versions
2.50.17-3, 2.51.10-3, 2.50.35-3 and 2.55.1-3