Module Name
DocuSign Signature Appliance
Historical Reason
Moved to historical list due to dependency on certificate #1883
Caveat
When operated in FIPS mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The DocuSign Signature Appliance is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization's end-users. End-users will connect securely to the appliance from their PC for the purpose of signing documents and data.
Approved Algorithms
| AES |
Certs. #5058 and #5448 |
| CKG |
vendor affirmed |
| CVL |
Certs. #1615 and #1894 |
| DRBG |
Certs. #98, #1864 and #2133 |
| HMAC |
Certs. #3363, #3378, #3606 and #3607 |
| KTS |
AES Cert. #5058 and HMAC Cert. #3378 |
| KTS |
AES Cert. #5448 and HMAC Cert. #3607 |
| KTS |
Triple-DES Cert. #2616 and HMAC Cert. #3378; key establishment methodology provides 112 bits of encryption strength |
| KTS |
Triple-DES Cert. #2739 and HMAC Cert. #3607; key establishment methodology provides 112 bits of encryption strength |
| KTS |
Triple-DES Certs. #2603 and #2738 and Triple-DES MAC, vendor affirmed; key establishment methodology provides 112 bits of encryption strength |
| PBKDF |
vendor affirmed |
| RSA |
Certs. #2729, #2743, #2924 and #2925 |
| SHS |
Certs. #1465, #4108, #4123, #4367 and #4368 |
| Triple-DES |
Certs. #2603, #2616, #2738 and #2739 |
| Triple-DES MAC |
Triple-DES Certs. #2603 and #2738, vendor affirmed |
Allowed Algorithms
MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Firmware Versions
8.5 and 8.51.9.0
