Module Name
CryptoServer CSe-Series
Caveat
When operated in FIPS mode
Security Level Exceptions
- Physical Security: Level 4
Embodiment
Multi-Chip Embedded
Description
The CryptoServer CSe-Series is an encapsulated, protected security module realized as a multi-chip embedded cryptographic module per FIPS 140-2. Its realization meets overall FIPS 140-2 Level 3 requirements, with Level 4 "Physical Security". The module's primary purpose is to provide secure cryptographic services such as encryption or decryption (for various algorithms like AES and Triple-DES), hashing, signing and verification of data (RSA, ECDSA, DSA), random number generation, on-board secure key generation, key storage and further key management functions in a tamper-protected environment.
Approved Algorithms
| AES |
Certs. #C1122, #C1137, #C1138, #C1140 and #C1246 |
| CKG |
vendor affirmed |
| CVL |
Certs. #A1016, #C1141 and #C1165 |
| DRBG |
Cert. #A1068 |
| DSA |
Cert. #C1195 |
| ECDSA |
Certs. #C1196 and #A2367 |
| ENT |
P |
| HMAC |
Cert. #C1142 |
| KAS |
KAS-SSC Certs. #A2368 and #A2369, KDA Certs. #A1016 and #A2417 |
| KAS-SSC |
Certs. #A2368, #A2369 and #A2227 |
| KBKDF |
Cert. #C1164 |
| KDA |
Certs. #A1016 and #A2417 |
| KTS |
AES Certs. #C1137, #C1138 and #C1246; key establishment methodology provides between 128 and 256 bits of encryption strength |
| KTS |
AES Cert. #C1122 and AES Cert. #C1140 |
| KTS-RSA |
Cert. #A2370; key establishment methodology provides between 112 and 256 bits of encryption strength |
| RSA |
Cert. #C1197 |
| SHA-3 |
Cert. #C1125 |
| SHS |
Certs. #A1067, #C1124 and #C1126 |
| Triple-DES |
Cert. #C1128 |
Allowed Algorithms
EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (shared secret computation provides between 112 and 256 bits of encryption strength)
Hardware Versions
CryptoServer CSe-Series 4.00.5.0 and CryptoServer CSe-Series 4.00.5.1
Firmware Versions
SecurityServer-CSe-Series-4.32.0.3-FIPS
