Module Name
TecSec Armored Card - Contactless Cryptographic Module
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated with the fingerprint authentication mechanism parameters configured as indicated in the Security Policy Section 9. No assurance of Secure Channel Protocol (SCP) message integrity
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Physical Security: Level 3
- EMI/EMC: Level 3
- Design Assurance: Level 3
Description
The TecSec Armored Card is a cryptographic module which provides enterprise personnel identification, persistent data security for data in transit and at rest, with additional support for physical/logical/functional/content authorization. The Chip is part of a dual-chip PIV smart card that is fully compliant with the end-point service specified in SP800-73-1. This Chip provides the contactless functionality leveraging a common robust identity process in support of the federation platform capabilities of the overall card.
Approved Algorithms
AES |
Certs. #1655 and #2226 |
CVL |
Cert. #2 |
CVL |
Certs. #218 and #222 |
DRBG |
Cert. #98 |
ECDSA |
Cert. #214 |
HMAC |
Cert. #1354 |
KBKDF |
Cert. #4 |
RSA |
Cert. #824 |
SHS |
Cert. #1465 |
Triple-DES |
Cert. #1088 |
Other Algorithms
NDRNG; EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); AES-CMAC (non-compliant)
Hardware Versions
P/N Inside Secure AT90SC28880RCFV Revision G
Firmware Versions
P/Ns Athena IDProtect Duo Version 010E.0264.0001, TecSec SSD Applet Version 1.001, TecSec PIV Applet Version 1.007, TecSec BOCC Applet Version 1.001, TecSec CKM Attribute Container Applet Version 1.002, TecSec CKM Info Applet Version 1.000