Module Name
Luna® PCI Cryptographic Module
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode
Security Level Exceptions
- Physical Security: Level 3
- EMI/EMC: Level 3
Embodiment
Multi-chip embedded
Description
Luna PCI offers dedicated hardware key management to protect sensitive cryptographic keys from attack. The high-security hardware design ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the HSM to increase performance and maintain security. Luna PCI HSMs provide hardware secured key generation, storage, secure key backup and accelerated encryption in a range of models and configurations offering a wide selection of security, performance and operational capabilities.
Approved Algorithms
AES |
Certs. #510 and #934 |
DSA |
Cert. #332 |
ECDSA |
Cert. #117 |
HMAC |
Cert. #523 |
RNG |
Cert. #535 |
RSA |
Cert. #453 |
SHS |
Cert. #918 |
Triple-DES |
Certs. #520 and #748 |
Triple-DES MAC |
Triple-DES Certs. #520 and #748, vendor affirmed |
Other Algorithms
ARIA; DES; RC2; RC4; RC5; CAST; CAST3; CAST5; SEED; DES-MAC; RC2-MAC; RC5-MAC; CAST-MAC; CAST3-MAC; CAST5-MAC; MD2; MD5; HAS-160; HMAC-MD5; SSL3-MD5-MAC; SSL3-SHA1-MAC; SSL PRE-MASTER; PBE-MD2-DES; PBE-MD5-DES; PBE-MD5-CAST; PBE-MD5-CAST3; PBE-SHA-1-CAST5; KCDSA; Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength; non-compliant)
Hardware Versions
VBD-03-0100