U.S. flag   An official website of the United States government

Cryptographic Module Validation Program CMVP

Certificate #1857

Details

Module Name
Luna® PCI 7000 Cryptographic Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
RNG SP800-131A Revision 1 Transition
Validation Dates
11/29/2012
Overall Level
3
Caveat
When operated in FIPS mode and configured to Overall Level 3 per Security Policy
Module Type
Hardware
Embodiment
Multi-chip embedded
Description
Luna® PCI offers dedicated hardware key management to protect sensitive cryptographic keys from attack. The high-security hardware design ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the HSM to increase performance and maintain security. Luna® PCI HSMs provide hardware secured key generation, storage, secure key backup and accelerated encryption in a range of models and configurations offering a wide selection of security, performance and operational capabilities.
FIPS Algorithms
AES Certs. #510 and #1904
DSA Cert. #600
ECDSA Cert. #269
HMAC Cert. #1142
KAS Cert. #29
KBKDF vendor affirmed
RNG Cert. #998
RSA Certs. #974 and #975
SHS Cert. #1671
Triple-DES Certs. #520 and #1236
Triple-DES MAC Triple-DES Certs. #520 and #1236, vendor affirmed
Other Algorithms
DES; RC2; RC4; RC5; CAST5; RSA (non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 152 bits of encryption strength; non-compliant less than 112 bits of encryption strength); SEED; ARIA; MD2; MD5; HAS-160; AES MAC (AES Cert. #1904; non-compliant); DES MAC; RC2 MAC; RC5 MAC; CAST5 MAC; SSL3 MD5 MAC; SSL3 SHA1 MAC; KCDSA; Diffie-Hellman (key agreement; key establishment methodology provides 112 or 128 bits of encryption strength); HRNG; AES (Certs. #510 and #1904, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Certs. #520 and #1236, key wrapping; key establishment methodology provides 112 bits of encryption strength); Generic-Secret generation (non-compliant); SSL Pre-Master generation (non-compliant)
Hardware Versions
VBD-03-0100
Firmware Versions
4.8.7

Vendor

SafeNet, Inc.
20 Colonnade Road
Suite 200
Ottawa, Ontario K2E 7M6
Canada

Mark Yakabuski
Mark.Yakabuski@safenet-inc.com
Phone: 613-614-3407
Fax: 613-723-5079
Chris Brych
Chris.Brych@safenet-inc.com
Phone: 613-221-5081
Fax: 613-723-5079

Lab

EWA
NVLAP Code: 200556-0