Module Name
CN9000 Series Encryptors
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode
Security Level Exceptions
- Cryptographic Module Ports and Interfaces: Level 3
- Roles, Services, and Authentication: Level 3
- Finite State Model: Level 3
- Physical Security: Level 3
- Operational Environment: Level 3
- EMI/EMC: Level 3
- Self-Tests: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The CN9000 Series are high-speed hardware encryption platforms that secure data over optical Ethernet networks. The models included are the CN9100 and CN9120 100G Ethernet Encryptors, operating at line rates of 100Gb/s with pluggable transceivers to support a variety of optical network interfaces. Data privacy is provided by FIPS approved AES CTR algorithms.
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 150 bits of encryption strength)
Hardware Versions
Senetas Corp. Ltd. CN9000 Series: A9100B (AC), A9101B (DC), A9102B (AC/DC); Senetas Corp. Ltd. CN9000 Series: A9120B (AC), A9121B (DC), A9122B (AC/DC); Senetas Corp. Ltd. & SafeNet Inc. CN9000 Series: A9100B (AC), A9101B (DC), A9102B (AC/DC); Senetas Corp. Ltd. & SafeNet Inc. CN9000 Series: A9120B (AC), A9121B (DC), A9122B (AC/DC)
Firmware Versions
3.0.1 and 3.0.2