Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #2642

Details

Module Name
MiniHSM, MiniHSM for nShield Edge F2, and MiniHSM for Time Stamp Master Clock
Standard
FIPS 140-2
Status
Historical
 Historical Reason
Moved to historical list due to sunsetting
Overall Level
2
Caveat
When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Physical Security: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Embedded
Description
The MiniHSM, MiniHSM for nShield Edge F2 and MiniHSM for Time Stamp Master Clock are fully featured HSMs supplied in a single chip package. The MiniHSM Modules offer all the security and key management features of other nShield modules - but with reduced processing speed. The MiniHSM modules are OEM parts and will be included within other appliances or products, for example switches or routers. The MiniHSM modules have a real time clock which also makes them suitable for use as a time-stamping engine.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Cert. #3419
CVL Cert. #515
DRBG Cert. #824
DSA Cert. #963
ECDSA Cert. #686
HMAC Cert. #2177
KBKDF Cert. #57
KTS AES Cert. #3419; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA Cert. #1751
SHS Cert. #2825
Triple-DES Cert. #1930
Triple-DES MAC Triple-DES Cert. #1930, vendor affirmed
Other Algorithms
ARC4; Aria; Camellia; CAST-256; DES; Diffie-Hellman (CVL Cert. #515, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #515, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); El-Gamal; HAS-160; HMAC-MD5; HMAC-RIPEMD160; HMAC-Tiger; KCDSA; MD5; NDRNG; RIPEMD-160; RSA (encrypt/decrypt); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); SEED; Tiger; TLS KDF (non-compliant); Triple-DES (key wrapping; non-compliant)
Hardware Versions
nC4031Z-10, nC3021U-10, and TSMC200, Build Standard N
Firmware Versions
2.61.1-2 and 2.62.1-2

Vendor

nCipher Security Limited
One Station Square
Cambridge CB1 2GA
United Kingdom

sales@ncipher.com
sales@ncipher.com

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
5/13/2016 Initial DXC Technology
7/24/2018 Update DXC Technology
6/3/2019 Update DXC Technology