Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4684

Details

Module Name
Thales Luna K7 Cryptographic Module
Standard
FIPS 140-3
Status
Active
Sunset Date
4/1/2029
Overall Level
3
Caveat
When operated in approved mode
Security Level Exceptions
  • Operational environment: N/A
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Hardware
Embodiment
Multi-Chip Embedded
Description
The Thales Luna K7 Cryptographic Module is a multi-chip embedded hardware cryptographic module in the form of a PCIe card which typically resides within a custom computing or secure communications appliance.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES-CBC
AES-CFB128
AES-CFB8
AES-CMAC
AES-CTR
AES-ECB
AES-GCM
AES-KW
AES-KW
AES-KWP
AES-KWP
AES-OFB
AES-XTS
Counter DRBG
DSA KeyGen (FIPS186-4)
DSA KeyGen (FIPS186-4)
DSA PQGGen (FIPS186-4)
DSA PQGGen (FIPS186-4)
DSA SigGen (FIPS186-4)
DSA SigVer (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA KeyGen (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigVer (FIPS186-4)
ECDSA SigVer (FIPS186-4)
HMAC-SHA-1
HMAC-SHA2-224
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-512
HMAC-SHA3-224
HMAC-SHA3-256
HMAC-SHA3-384
HMAC-SHA3-512
KAS-ECC Sp800-56Ar3
KAS-ECC Sp800-56Ar3
KAS-ECC Sp800-56Ar3
KAS-ECC-SSC Sp800-56Ar3
KAS-ECC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KAS-IFC
KAS-IFC
KAS-IFC
KAS-IFC
KDA OneStep Sp800-56Cr1
KDA OneStep SP800-56Cr2
KDF ANS 9.42
KDF ANS 9.63
KDF SP800-108
KTS-IFC
KTS-IFC
KTS-IFC
KTS-IFC
PBKDF
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA KeyGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
SHA-1
SHA-1
SHA2-224
SHA2-256
SHA2-256
SHA2-384
SHA2-384
SHA2-512
SHA2-512
SHA3-224
SHA3-256
SHA3-384
SHA3-512
SHAKE-128
SHAKE-256
TDES-CBC
TDES-CFB64
TDES-CFB8
TDES-CTR
TDES-ECB
TDES-OFB
Allowed Algorithms
AES Cert. #C1707 (Key unwrapping; SSP establishment methodology provides between 128 and 256 bits of encryption strength; Clone partition objects between partitions, Clone SMK between partitions, Import secret or private key using key wrapping.);Triple-DES Cert #C1707 (Key unwrapping; SSP establishment methodology provides 112 bits of encryption strength; Import secret or private key using key wrapping.);KAS-ECC-SSC Cert. #A480 (Key establishment methodology provides between 112 and 256-bits of encryption strength.; Derive key from existing partition secret or private key object.);KAS-ECC-SSC Cert. #A478 (Key establishment methodology provides between 112 and 256-bits of encryption strength.; Derive key from existing partition secret or private key object.)
Hardware Versions
808-000048-002, 808-000048-003, 808-000066-001, 808-000073-001, 808-000073-002
Firmware Versions
7.8.4 with bootloader version 1.1.1, 1.1.2, 1.1.4 or 1.1.5

Vendor

Thales
20 Colonnade Road
Suite 200
Ottawa, Ontario K2E 7M6
Canada

Security and Certifications Team
securitycertifications@thalesgroup.com
Phone: 33-0-1-57-77-80-00

Validation History

Date Type Lab
4/2/2024 Initial LEIDOS CSTL