Cryptographic Module Validation Program CMVP

Certificate #2638

Details

Module Name
nShield F3 10+, nShield F3 500+, nShield F3 6000+, nShield F3 500+ for nShield Connect+, nShield F3 1500+ for nShield Connect+ and nShield F3 6000+ for nShield Connect+
Standard
FIPS 140-2
Status
Active
Sunset Date
5/12/2021
Validation Dates
05/13/2016;06/20/2018;07/27/2018;06/03/2019
Overall Level
2
Caveat
When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Physical Security: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Embedded
Description
The nShield modules: nShield F3 10+, nShield F3 500+, nShield F3 6000+, nShield F3 500+ for nShield Connect+, nShield F3 1500+ for nShield Connect+, nShield F3 6000+ for nShield Connect+ are tamper evident and tamper responsive Hardware Security Modules which provide support for the widest range of cryptographic algorithms, application programming interfaces (APIs) and host operating systems, enabling the devices to be used with virtually any business application. The units are identical in operation and only vary in the processing speed.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #3420 and #3446
CVL Certs. #516 and #532
DRBG Cert. #825
DSA Cert. #964
ECDSA Cert. #695
HMAC Cert. #2178
KBKDF Cert. #56
KTS AES Cert. #3446; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA Cert. #1752
SHS Cert. #2826
Triple-DES Cert. #1931
Triple-DES MAC Triple-DES Cert. #1931, vendor affirmed
Other Algorithms
ARC4; Aria; Camellia; CAST-256; DES; Diffie-Hellman (CVL Cert. #516, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #532, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); El-Gamal; HAS-160; HMAC-MD5; HMAC-RIPEMD160; HMAC-Tiger; KCDSA; MD5; NDRNG; RIPEMD-160; RSA (encrypt/decrypt); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); SEED; Tiger; TLS KDF (non-compliant); Triple-DES (key wrapping; non-compliant)
Hardware Versions
nC4033E-010, nC4433E-500, nC4433E-6K0, nC4433E-500N, nC4433E-1K5N and nC4433E-6K0N, Build Standard N
Firmware Versions
2.61.2-2 and 2.62.1-2

Vendor

nCipher Security Limited
One Station Square
Cambridge CB1 2GA
United Kingdom

sales@ncipher.com
sales@ncipher.com

Lab

Computer Sciences Corporation
NVLAP Code: 200996-0