Module Name
Luna® Backup HSM Cryptographic Module
Historical Reason
Moved to historical list in accordance with SP800-131A Revision 1 Transition (AES/TDES key wrapping)
Caveat
When operated in FIPS mode and initialized to Overall Level 3 per Security Policy
Embodiment
Multi-chip standalone
Description
The Luna® Backup HSM Hardware Security Module (HSM) provides the same level of security as the Luna® SA and Luna® PCI-E HSMs in a convenient, small, low-cost form factor. The Luna Backup HSM ensures that sensitive cryptographic material remains strongly protected in hardware even when not being used. One can easily back up and duplicate keys securely to the Luna Backup HSM for safekeeping in case of emergency, failure or disaster.
Approved Algorithms
AES |
Certs. #2664 and #2668 |
DRBG |
Cert. #428 |
DSA |
Certs. #804 and #808 |
ECDSA |
Certs. #461 and #464 |
HMAC |
Certs. #1655 and #1659 |
KAS |
Cert. #44 |
KBKDF |
Cert. #15 |
RSA |
Certs. #1369 and #1372 |
SHS |
Certs. #2237 and #2241 |
Triple-DES |
Certs. #1598 and #1600 |
Triple-DES MAC |
Triple-DES Certs. #1598 and #1600, vendor affirmed |
Other Algorithms
DES; RC2; RC4; RC5; CAST5; SEED; ARIA; MD2; MD5; HAS-160; DES-MAC; RC2-MAC; RC5-MAC; CAST5-MAC; SSL3-MD5-MAC; SSL3-SHA1-MAC; KCDSA; Diffie-Hellman (key agreement; key establishment methodology provides 112 or 128 bits of encryption strength; non-compliant less than 112 bits of encryption strength); HRNG; AES MAC (AES Cert. #2668; non-compliant); AES (Certs. #2664 and #2668, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Certs. #1598 and #1600, key wrapping; key establishment methodology provides 112 bits of encryption strength); GENERIC-SECRET generation (non-compliant); SSL PRE-MASTER generation (non-compliant); RSA (non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 152 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Hardware Versions
LTK-03, Version Code 0102; LTK-03, Version Code 0103
Firmware Versions
6.10.4, 6.10.7 and 6.10.9