Module Name
nShield Solo XC F3 [1] and nShield Solo XC F3 for nShield Connect XC [2]
Historical Reason
186-2 transition
Caveat
When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Physical Security: Level 3
- EMI/EMC: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Embedded
Description
The nShield XC F3 PCIe card, sold as nShield XC F3 PCIe server-embedded hardware security modules (HSMs) and also used in the nShield Connect XC network appliance HSMs, are multi-tasking HSMs optimized for symmetric and asymmetric operations on protected keys. The nShield modules are FIPS 140-2 Level 2 embedded devices for applications including but not limited to PKI, SSL/TLS, Secure Manufacturing, Data Protection, Key Management and Provisioning.
Approved Algorithms
AES |
Certs. #3664, #3697 and #3711 |
CKG |
vendor affirmed |
CVL |
Certs. #669, #682, #696 and #1111 |
DRBG |
Cert. #985 |
DSA |
Certs. #1034 and #1039 |
ECDSA |
Certs. #771, #776, #790 and #805 |
HMAC |
Cert. #2414 |
KBKDF |
Certs. #73 and #75 |
KTS |
AES Certs. #3664 and #3711; key establishment methodology provides between 128 and 256 bits of encryption strength |
PBKDF |
vendor affirmed |
RSA |
Certs. #1897, #1903 and #1917 |
SHS |
Certs. #3082 and #3130 |
Triple-DES |
Certs. #2046 and #2073 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #669 and #682, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #669, #682 and #696, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); ECMQV (CVL Certs. #669 and #1111, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Hardware Versions
NC4035E-000 [1] and NC4335N-000 [2], Build Standard A
Firmware Versions
3.3.21, 3.4.1, and 3.4.2