Module Name
GSP3000 Hardware Security Module
Historical Reason
SP 800-131A transition which disallows key wrapping not compliant to SP 800-38F.
Caveat
When operated in FIPS mode
Embodiment
Multi-Chip Embedded
Description
The GSP3000 is a general purpose cryptographic module incorporated into multiple Futurex products to ensure data confidentiality, integrity, and authenticity. It is designed to meet and exceed compliance mandates and security best practices in environments requiring enterprise-class protection for sensitive information.
Approved Algorithms
| AES |
Certs. #4117 and #4118 |
| CVL |
Cert. #925 |
| DRBG |
Cert. #1240 |
| ECDSA |
Cert. #935 |
| HMAC |
Cert. #2689 |
| KBKDF |
Cert. #104 |
| KTS |
AES Cert. #4118 |
| KTS |
AES Cert. #4117 and HMAC Cert. #2689 |
| KTS |
Triple-Des Cert. #2248 and HMAC Cert. #2689; key establishment methodology provides 112 bits of encryption strength |
| RSA |
Cert. #2226 |
| SHS |
Cert. #3387 |
| Triple-DES |
Certs. #2248 and #2254 |
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 256 bits of encryption strength); NDRNG; RSA (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Cert. #2248, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); AKB/TR-31; DES; DUKPT; HMAC MD5; HMAC RIPEMD-160; MD5; RIPEMD-160
Hardware Versions
P/N 9800-2079 Rev7
Firmware Versions
6.2.0.0
