U.S. flag   An official website of the United States government

Cryptographic Module Validation Program CMVP

Certificate #2036

Details

Module Name
Luna® PCI-E Cryptographic Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
SP 800-131A transition which disallows key wrapping not compliant to SP 800-38F.
Validation Dates
11/13/2013;01/10/2017;06/23/2017;06/23/2017
Overall Level
3
Caveat
When operated in FIPS mode and initialized to Overall Level 3 per Security Policy
Module Type
Hardware
Embodiment
Multi-chip embedded
Description
The Luna® PCI-E for Luna® IS cryptographic module features powerful cryptographic processing and hardware key management for applications where performance and security are the priority. The multi-chip embedded hardware cryptographic module offers hardware-based key management and cryptographic operations to protect sensitive keys. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-E card.
FIPS Algorithms
AES Certs. #1756, #2262 and #2282
DRBG Cert. #277
DSA Certs. #548, #704 and #712
ECDSA Certs. #233, #364 and #369
HMAC Certs. #1386 and #1398
KAS Cert. #38
KBKDF Cert. #6
RSA Certs. #1159 and #1173
SHS Certs. #1947 and #1964
Triple-DES Certs. #1137, #1414 and #1430
Triple-DES MAC Triple-DES Certs. #1137, #1414 and #1430, vendor-affirmed
Other Algorithms
ARIA; AES MAC (Cert. #2282; non-compliant); CAST5; CAST5-MAC; CAST5-ECB; CAST5-CBC; DES; DES MAC; DES-ECB; DES-CBC; GENERIC-SECRET; HAS-160; KCDSA; MD2; MD5; RC2; RC2-MAC; RC2-ECB; RC2-CBC; RC4; RC5; RC5-MAC; RC5-ECB; RC5-CBC; RSA (X-509; non-compliant); SEED; SSL3-MD5-MAC; SSL3-SHA1-MAC; SSL PRE-MASTER; Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 152 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA OAEP (key wrapping; key establishment methodology provides between 112 and 152 bits of encryption strength; non-compliant less than 112 bits of encryption strength); AES (Certs. #1756, #2262 and #2282, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Certs. #1137, #1414 and #1430, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Hardware Versions
VBD-05, Version Code 0103
Firmware Versions
6.3.1

Vendor

SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

Security and Certifications Team
SecurityCertifications@gemalto.com

Lab

CGI
NVLAP Code: 200928-0