Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3731

Details

Module Name
nShield F3 10+ 500+ 6000+ & nShield F3 500+ 1500+ 6000+ for nShield Connect+, Connect CLX and HSMi
Standard
FIPS 140-2
Status
Active
Sunset Date
10/20/2025
Overall Level
2
Caveat
When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Physical Security: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Embedded
Description
The nShield modules: nShield F3 10+ 500+ 6000+ & nShield F3 500+ 1500+ 6000+ for nShield Connect+, Connect CLX and HSMi are tamper evident and tamper responsive Hardware Security Modules which provide support for the widest range of cryptographic algorithms, application programming interfaces (APIs) and host operating systems, enabling the devices to be used with virtually any business application. The units are identical in operation and only vary in the processing speed.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Cert. #C754
CKG vendor affirmed
CVL Cert. #C754
DRBG Cert. #C754
DSA Cert. #C754
ECDSA Cert. #C754
HMAC Cert. #C754
KBKDF Cert. #C754
KTS AES Cert. #C754; key establishment methodology provides between 112 and 256 bits of encryption strength
KTS vendor affirmed
RSA Cert. #C754
SHS Cert. #C754
Triple-DES Cert. #C754
Allowed Algorithms
Diffie-Hellman (CVL Cert. #C754, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C754, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC MQV (CVL Cert. #C754, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG
Hardware Versions
nC4033E-010, nC4433E-500, nC4433E-6K0, nC4433E-500N, nC4433E-1K5N and nC4433E-6K0N, Build Standard N
Firmware Versions
12.50.8

Vendor

Entrust
One Station Square
Cambridge CB1 2GA
United Kingdom

Security Certification Team
DPS-Certification@entrust.com

Validation History

Date Type Lab
10/21/2020 Initial Lightship Security, Inc.
2/17/2022 Update Lightship Security, Inc.