Module Name
DocuSign Signature Appliance
Caveat
When operated in FIPS mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. No assurance of the minimum strength of generated keys
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The DocuSign Signature Appliance is a digital signature appliance that is connected to the organizational network and manages all signature keys and certificates of organization's end-users. End-users will connect securely to the appliance from their PC for the purpose of signing documents and data. The DocuSign Signature Appliance also enables organization using AES based encryption keys for encrypting/decrypting data.
Approved Algorithms
| AES |
Certs. #C85 and #C86 |
| CKG |
vendor affirmed |
| CVL |
Cert. #C86 |
| DRBG |
Certs. #98 and #C85 |
| HMAC |
Certs. #C85 and #C86 |
| KTS |
AES Cert. #C85 and AES Cert. #C85; key establishment methodolody provides 128 bits of encryption strength |
| KTS |
AES Cert. #C86 and HMAC Cert. #C86; key establishment methodology provides 128 or 256 bits of encryption strength |
| PBKDF |
vendor affirmed |
| RSA |
Certs. #C85 and #C86 |
| SHS |
Certs. #1465, #C85 and #C86 |
| Triple-DES |
Cert. #C85 |
| Triple-DES MAC |
Cert. #C85, vendor affirmed |
Allowed Algorithms
MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); Triple-DES (Cert. #C85, key unwrapping)
Firmware Versions
9.0.9.10
