Module Name
nShield Solo XC F2
Historical Reason
186-2 transition
Caveat
When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Physical Security: Level 3
- EMI/EMC: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Embedded
Description
The nShield XC F2 PCIe card, sold as nShield XC F2 PCIe server-embedded hardware security modules (HSMs) are multi-tasking HSMs optimized for symmetric and asymmetric operations on protected keys. The nShield module is FIPS 140-2 Level 2 embedded devices for applications including but not limited to PKI, SSL/TLS, Secure Manufacturing, Data Protection, Key Management and Provisioning.
Approved Algorithms
AES |
Certs. #3664, #3697 and #3711 |
CKG |
vendor affirmed |
CVL |
Certs. #669, #682, #696 and #1111 |
DRBG |
Cert. #985 |
DSA |
Certs. #1034 and #1039 |
ECDSA |
Certs. #771, #776, #790 and #805 |
HMAC |
Cert. #2414 |
KBKDF |
Certs. #73 and #75 |
KTS |
AES Certs. #3664 and #3711; key establishment methodology provides between 128 and 256 bits of encryption strength |
PBKDF |
vendor affirmed |
RSA |
Certs. #1897, #1903 and #1917 |
SHS |
Certs. #3082 and #3130 |
Triple-DES |
Certs. #2046 and #2073 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #669 and #682, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #669, #682 and #696, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); ECMQV (CVL Certs. #669 and #1111, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Hardware Versions
NC3025E-000
Firmware Versions
3.3.21, 3.4.1, and 3.4.2