U.S. flag   An official website of the United States government

Cryptographic Module Validation Program CMVP

Certificate #2480

Details

Module Name
Luna® PCI-e Cryptographic Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
Moved to historical list in accordance with SP800-131A Revision 1 Transition (AES/TDES key wrapping)
Validation Dates
12/02/2015;01/10/2017;06/23/2017;06/23/2017
Overall Level
2
Caveat
This validation entry is a non-security relevant modification to Cert. #1693.
Security Level Exceptions
  • Physical Security: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
Module Type
Hardware
Embodiment
Multi-Chip Embedded
Description
The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card.
FIPS Algorithms
AES Certs. #1743, #1750 and #1756
DRBG Cert. #114
DSA Certs. #545, #546 and #548
ECDSA Certs. #230, #231 and #233
HMAC Certs. #1021 and #1027
KAS Cert. #23
KBKDF SP800-108, vendor affirmed
RSA Certs. #865 and #870
SHS Certs. #1531 and #1537
Triple-DES Certs. #1130, #1134 and #1137
Triple-DES MAC Triple-DES Certs. #1130, #1134 and #1137, vendor-affirmed
Other Algorithms
ARIA; AES (Certs. #1743, #1750 and #1756, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); AES MAC (Cert. #1750; non-compliant); CAST5; CAST5-MAC; DES; DES MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 128 bits of encryption strength); HAS-160; KCDSA; MD2; MD5; RC2; RC2-MAC; RC4; RC5; RC5-MAC; RSA (key wrapping; key establishment methodology provides between 112 and 152 bits of encryption strength; non-compliant less than 112 bits of encryption strength); SEED; Triple-DES (Certs. #1130, #1134 and #1137, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Hardware Versions
VBD-05-0100, VBD-05-0101 and VBD-05-0103
Firmware Versions
6.2.1 and 6.2.5

Vendor

SafeNet, Inc.
20 Colonnade Road, Suite 200
Ottawa, ON K2E 7M6
Canada

Security and Certifications Team
SecurityCertifications@gemalto.com

Lab

EWA - Canada IT Security Evaluation & Test Facility
NVLAP Code: 200556-0