Module Name
SafeGuard® CryptoServer Se
Historical Reason
Moved to historical list in accordance with SP800-131A Revision 1 Transition (AES/TDES key wrapping)
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Embodiment
Multi-chip embedded
Description
SafeGuard® CryptoServer Se is an encapsulated, tamper-protected hardware security module which provides secure cryptographic services like encryption or decryption, hashing, signing and verification of data, random number generation, on-board secure key generation, key storage and further key management functions.
Approved Algorithms
AES |
Cert. #2739 |
CVL |
Cert. #749 |
DRBG |
Cert. #459 |
ECDSA |
Cert. #840 |
HMAC |
Cert. #1717 |
RSA |
Certs. #1435 and #1436 |
SHS |
Certs. #2308, #2309 and #2310 |
Triple-DES |
Cert. #1649 |
Triple-DES MAC |
Triple-DES Cert. #1649, vendor affirmed |
Other Algorithms
NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); AES (Cert. #2739, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1649, key wrapping; key establishment methodology provides 112 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement); RSA (non-compliant); ECIES; MD5; MDC-2; RIPEMD-160; DES; Retail-TDES MAC; AES MAC (AES Cert. #2739; non-compliant); PIN generation/PIN verification (e.g., VISA/MasterCard); KDF_ENC_DATA; KDF_HASH; KDF_ECDH; KDF_DH; KDF_XOR_BASE_AND_DATA; KDF_CAT_BASE_AND_KEY; KDF_CAT_BASE_AND_DATA; KDF_CAT_DATA_AND_BASE; KDF_EXTRACT_KEY_FROM_KEY
Hardware Versions
P/N CryptoServer Se, Version 3.00.3.1
Firmware Versions
3.0.2.0