Module Name
IDProtect Duo with LASER PKI
Historical Reason
Moved to historical list in accordance with SP800-131A Revision 1 Transition (AES/TDES key wrapping)
Caveat
When operated in FIPS mode. No assurance of Secure Channel Protocol (SCP) message integrity
Description
IDProtect is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 80KB of EEPROM. IDProtect is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 3. IDProtect supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC, and RSA and ECC key generation. IDProtect exposes PKI and Biometric APIs and is designed for high-performance government and enterprise smart card applications.
Approved Algorithms
| AES |
Cert. #1830 |
| CVL |
Cert. #8 |
| DRBG |
Cert. #144 |
| ECDSA |
Cert. #253 |
| RSA |
Cert. #919 |
| SHS |
Cert. #1609 |
| Triple-DES |
Cert. #1183 |
| Triple-DES MAC |
Triple-DES Cert. #1183, vendor affirmed |
Other Algorithms
HW RNG; AES-CMAC (non-compliant); EC Diffie-Hellman (CVL Cert. #8, key agreement; key establishment methodology provides 128 bits of encryption strength); AES (Cert. #1830, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength)
Hardware Versions
STMicroelectronics ST23YR80 Rev. G
Firmware Versions
Athena IDProtect 0204.0355.0702 with LASER PKI Applet 3.0
