Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3726

Details

Module Name
nShield F2 500+ & nShield F2 1500+ & nShield F2 6000+
Standard
FIPS 140-2
Status
Active
Sunset Date
10/18/2025
Overall Level
2
Caveat
When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Physical Security: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Embedded
Description
The nShield modules: nShield F2 500+ & nShield F2 1500+ & nShield F2 6000+ family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Cert. #C754
CKG vendor affirmed
CVL Cert. #C754
DRBG Cert. #C754
DSA Cert. #C754
ECDSA Cert. #C754
HMAC Cert. #C754
KBKDF Cert. #C754
KTS AES Cert. #C754; key establishment methodology provides between 112 and 256 bits of encryption strength
KTS vendor affirmed
RSA Cert. #C754
SHS Cert. #C754
Triple-DES Cert. #C754
Allowed Algorithms
Diffie-Hellman (CVL Cert. #C754, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C754, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC MQV (CVL Cert. #C754, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG
Hardware Versions
nC3423E-500, nC3423E-1K5 and nC3423E-6K0, Build Standard N
Firmware Versions
12.50.8

Vendor

Entrust
One Station Square
Cambridge CB1 2GA
United Kingdom

Security Certification Team
DPS-Certification@entrust.com

Validation History

Date Type Lab
10/19/2020 Initial Lightship Security, Inc.
2/9/2022 Update Lightship Security, Inc.