Module Name
Entrust IdentityGuard PIV Credential
Historical Reason
01-2999 was dropped so this certificate is moving to the historical list.
Caveat
When operated in FIPS mode with PIN policies configured as indicated in the Security Policy Section 9
Security Level Exceptions
- Cryptographic Module Specification: Level 3
- Roles, Services, and Authentication: Level 3
- Physical Security: Level 4
- EMI/EMC: Level 3
- Design Assurance: Level 3
Description
The Entrust IdentityGuard PIV Credential is a cryptographic module intended for use by US Federal agencies and other markets that require smartcards conformant with the PIV standards. The module can also be configured for use in markets where the set of keys and data objects, or the access control rules governing their use, differ from the PIV data model.
Approved Algorithms
AES |
Cert. #1769 |
CVL |
Cert. #5 |
CVL |
Certs. #219 and #223 |
ECDSA |
Cert. #237 |
RNG |
Cert. #942 |
RSA |
Cert. #885 |
Triple-DES |
Cert. #1144 |
Triple-DES MAC |
Triple-DES Cert. #1144, vendor affirmed |
Other Algorithms
HW RNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); AES (Cert. #1769, key wrapping; key establishment methodology provides 256 bits of encryption strength); Triple-DES (Cert. #1144, key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
SCHW 1.0
Firmware Versions
SCOS 1.0 with Entrust IdentityGuard PIV Applet 1.0.1 Patch 172799