Historical Reason
SP 800-131A transition which disallows key wrapping not compliant to SP 800-38F.
Caveat
When operated in FIPS mode and initialized to Overall Level 2 per Security Policy
Security Level Exceptions
- Physical Security: Level 3
- EMI/EMC: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Embedded
Description
The nToken Hardware Security Module improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions.
Approved Algorithms
AES |
Cert. #2122 |
CKG |
vendor affirmed |
CVL |
Cert. #27 |
DRBG |
Cert. #232 |
DSA |
Cert. #664 |
ECDSA |
Cert. #318 |
HMAC |
Cert. #1292 |
SHS |
Cert. #1844 |
Triple-DES |
Cert. #1349 |
Triple-DES MAC |
Triple-DES Cert. #1349, vendor affirmed |
Allowed Algorithms
AES (Cert. #2122, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Diffie-Hellman (CVL Cert. #27, key agreement; key establishment methodology provides 112 or 128 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #27, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG; Triple-DES (Cert. #1349, key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
nC2023E-000, Build Standard N
Firmware Versions
2.51.10-2 and 2.55.1-2