U.S. flag   An official website of the United States government

Cryptographic Module Validation Program CMVP

Certificate #1782

Details

Module Name
ProtectServer Internal Express (PSI-e)
Standard
FIPS 140-2
Status
Historical
 Historical Reason
RNG SP800-131A Revision 1 Transition
Validation Dates
08/07/2012;11/05/2012;10/16/2014;01/27/2016;07/07/2016
Overall Level
3
Caveat
When operated in FIPS mode
Module Type
Hardware
Embodiment
Multi-chip embedded
Description
The SafeNet PSI-e is a high-end intelligent PCI adapter card, used either standalone or in the SafeNet PSE appliance, that provides a wide range of cryptographic functions using firmware and dedicated hardware processors. The module provides key management (e.g., generation, storage, deletion, and backup), an extensive suite of cryptographic mechanisms, and process management including separation between operators. The PSI-e also features non-volatile tamper protected memory for key storage, a hardware random number generator, and an RTC.
FIPS Algorithms
AES Certs. #1859 and #1860
DSA Cert. #579
ECDSA Cert. #259
HMAC Cert. #1106
RNG Cert. #975
RSA Cert. #940
SHS Cert. #1636
Triple-DES Certs. #1206 and #1207
Triple-DES MAC Triple-DES Cert. #1206, vendor affirmed
Other Algorithms
AES MAC (AES Cert. #1859; non-compliant); ARIA; CAST-128; CAST MAC; DES; DES MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); ECIES; EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); IDEA; IDEA MAC; MD2; MD5; MD5 HMAC; RC2; RC2 MAC; RC4; RIPEMD-128; RIPEMD-160; RMD128 HMAC; RMD160 HMAC; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); SEED; SEED MAC; Triple-DES (Certs. #1206 and #1207, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); AES (Certs. #1859 and #1860, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength)
Hardware Versions
VBD-04-0302 and VBD-04-0303
Firmware Versions
3.20.00, 3.20.01, 3.20.05, 3.20.09 and 3.20.10

Vendor

SafeNet, Inc.
20 Colonnade Drive
Suite 200
Ottawa, Ontario K2E 7M6
Canada

Security and Certifications Team
SecurityCertifications@safenet-inc.com

Lab

SAIC
NVLAP Code: 200427-0