Module Name
Enterprise Secure Key Manager
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Utimaco Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover.
Approved Algorithms
| AES |
Cert. #5951 |
| CKG |
vendor affirmed |
| CVL |
Certs. #2186, #2187, #2188, #2189, #2190 and #C235 |
| DRBG |
Certs. #2501 and #2502 |
| DSA |
Cert. #C235 |
| ECDSA |
Cert. #1597 |
| HMAC |
Cert. #3923 |
| KTS |
AES Cert. #5951 and HMAC Cert. #3923; key establishment methodology provides between 128 and 256 bits of encryption strength |
| KTS |
AES Cert. #5951; key establishment methodology provides 128 or 256 bits of encryption strength |
| KTS |
AES Cert. #5951; key establishment methodology provides between 128 and 256 bits of encryption strength |
| KTS |
Triple-DES Cert. #2899 and HMAC Cert. #3923; key establishment methodology provides 112 bits of encryption strength |
| RSA |
Cert. #C235 |
| SHS |
Cert. #4703 |
| Triple-DES |
Cert. #2899 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #C235 and #2190; key agreement; key establishment methodology provides between 112 and 200 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #2186 and #2187; key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #2186 and #2190; key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); NDRNG; RSA (CVL Cert. #2188, key wrapping; key establishment methodology provides between 112 and 152 bits of encryption strength)
Hardware Versions
HW-ESKM-V1 , Version 5.1 or 5.3
Firmware Versions
7.3.1 or 7.3.0
