U.S. flag   An official website of the United States government

Cryptographic Module Validation Program CMVP

Certificate #1453

Details

Module Name
Luna® PCI 7000 Cryptographic Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
RNG SP800-131A Revision 1 Transition
Validation Dates
11/22/2010;02/10/2011;12/03/2012
Overall Level
2
Caveat
When operated in FIPS mode and configured to Overall Level 2 per Security Policy
Security Level Exceptions
  • Physical Security: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
Module Type
Hardware
Embodiment
Multi-chip embedded
Description
Luna® PCI offers dedicated hardware key management to protect sensitive cryptographic keys from attack. The high-security hardware design ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the HSM to increase performance and maintain security. Luna® PCI HSMs provide hardware secured key generation, storage, secure key backup and accelerated encryption in a range of models and configurations offering a wide selection of security, performance and operational capabilities.
FIPS Algorithms
AES Certs. #510 and #1298
DSA Cert. #420
ECDSA Cert. #154
HMAC Cert. #755
RNG Cert. #723
RSA Cert. #620
SHS Cert. #1190
Triple-DES Certs. #520 and #912
Triple-DES MAC Triple-DES Certs. #520 and #912, vendor affirmed
Other Algorithms
DES; RC2; RC4; RC5; CAST5; RSA X509; SEED; ARIA; MD2; MD5; HAS-160; AES MAC (AES Cert. #510; non-compliant); DES-MAC; RC2-MAC; RC5-MAC; CAST5-MAC; SSL3-MD5-MAC; SSL3-SHA1-MAC; KCDSA; AES (Certs. #510 and #1298, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Certs. #520 and #912, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength; non-compliant)
Hardware Versions
VBD-03-0100
Firmware Versions
4.8.1 or 4.8.2

Vendor

SafeNet, Inc.
20 Colonnade Road
Suite 200
Nepean, Ontario K2E 7M6
Canada

Terry Fletcher
Terry.Fletcher@safenet-inc.com
Phone: 613-221-5009
Fax: 613-723-5079

Lab

EWA
NVLAP Code: 200556-0