Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3141

Details

Module Name
DocuSign Signature Appliance
Standard
FIPS 140-2
Status
Historical
 Historical Reason
Moved to historical list due to dependency on certificate #1883
Overall Level
3
Caveat
When operated in FIPS mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
The DocuSign Signature Appliance is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization's end-users. End-users will connect securely to the appliance from their PC for the purpose of signing documents and data.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Certs. #5058 and #5448
CKG vendor affirmed
CVL Certs. #1615 and #1894
DRBG Certs. #98, #1864 and #2133
HMAC Certs. #3363, #3378, #3606 and #3607
KTS AES Cert. #5058 and HMAC Cert. #3378
KTS AES Cert. #5448 and HMAC Cert. #3607
KTS Triple-DES Cert. #2616 and HMAC Cert. #3378; key establishment methodology provides 112 bits of encryption strength
KTS Triple-DES Cert. #2739 and HMAC Cert. #3607; key establishment methodology provides 112 bits of encryption strength
KTS Triple-DES Certs. #2603 and #2738 and Triple-DES MAC, vendor affirmed; key establishment methodology provides 112 bits of encryption strength
PBKDF vendor affirmed
RSA Certs. #2729, #2743, #2924 and #2925
SHS Certs. #1465, #4108, #4123, #4367 and #4368
Triple-DES Certs. #2603, #2616, #2738 and #2739
Triple-DES MAC Triple-DES Certs. #2603 and #2738, vendor affirmed
Allowed Algorithms
MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
8.0
Firmware Versions
8.5 and 8.51.9.0

Vendor

DocuSign, Inc.
221 Main St.
Suite 1000
San Francisco, CA 94105
USA

Ezer Farhi
Ezer.Farhi@docusign.com
Phone: 972-3-9279529
Fax: 972-3-9230864

Validation History

Date Type Lab
2/27/2018 Initial CYGNACOM SOLUTIONS INC
8/17/2018 Update CYGNACOM SOLUTIONS INC