Module Name
TASS Crypto Engine
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode. The tamper evident seals installed as indicated in Section 10.1 of the Security Policy.
Embodiment
Multi-Chip Stand Alone
Description
TASS Crypto Engine is a hardware security module with modern cryptography technology, and features physical security protection measures. It has key management and key wrapping mechanisms, and provides secure application-level cryptographic services for business systems, including message verification, data encryption and decryption, signature generation and verification, etc.
Approved Algorithms
AES |
Cert. #C1323 |
CKG |
vendor affirmed |
CVL |
Cert. #C1323 |
DRBG |
Cert. #C1323 |
ECDSA |
Cert. #C1323 |
ENT |
NP |
HMAC |
Cert. #C1323 |
KBKDF |
Cert. #C1323 |
KTS |
AES Cert. #C1323; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
AES Cert. #C1323; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Cert. #C1323 and AES Cert. #C1323; key establishment methodology provides between 128 and 256 bits of encryption strength |
RSA |
Certs. #A48, #A51, #A185 and #C1323 |
SHA-3 |
Cert. #C1323 |
SHS |
Cert. #C1323 |
Allowed Algorithms
EC Diffie-Hellman (with CVL Cert. #C1323, key agreement; key establishment methodology provides 128 bits of encryption strength); RSA (Cert. #C1323, key wrapping; key establishment methodology provides between 112 and 149 bits of encryption strength)
Hardware Versions
CE2-A2H0O4
Firmware Versions
H1.00.00