Module Name
DocuSign HSM Appliance
Historical Reason
Moved to historical list due to dependency on certificate #1883
Caveat
When operated in FIPS mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
DocuSign HSM Appliance is a high-performance cryptographic service provider. It performs high-speed cryptographic operations while protecting sensitive data. Its features include Triple-DES, AES, Triple-DES MAC, CCM, HMAC, RSA, ECDSA, SHA-1, SHA-256, SHA-384, SHA-512, public key database and certificate support, authenticated and encrypted communication with the module, secure storage of secret/private keys, software key medium and smartcard support, tamper-responsive enclosure, high level API requiring no cryptographic expertise, in-depth logging and auditing, and secure backup capabilities.
Approved Algorithms
AES |
Certs. #4029, #4031, #4640, #4641, #5283 and #5284 |
CVL |
Certs. #857, #1039, #1296, #1297, #1745 and #1746 |
DRBG |
Certs. #98, #1205, #1565 and #2030 |
ECDSA |
Certs. #900, #1143 and #1378 |
HMAC |
Certs. #2630, #2632, #3073, #3074, #3490 and #3491 |
KTS |
AES Cert. #4029 and HMAC Cert. #2630, AES Cert. #4641 and HMAC Cert. #3074 and AES Cert. #5284 and HMAC Cert. #3491 |
RSA |
Certs. #2069, #2533 and #2822 |
SHS |
Certs. #1465, #3325, #3326, #3804, #3805, #4242 and #4243 |
Triple-DES |
Certs. #2207, #2469 and #2669 |
Triple-DES MAC |
Triple-DES Certs. #2207, #2469 and #2669, vendor affirmed |
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Firmware Versions
5.0.0, 5.0.2 and 5.0.3