Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3960

Details

Module Name
DocuSign HSM Appliance
Standard
FIPS 140-2
Status
Historical
 Historical Reason
SP 800-56Arev3 transition
Overall Level
3
Caveat
When operated in FIPS mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. No assurance of the minimum strength of generated keys
Security Level Exceptions
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
DocuSign HSM Appliance is a high-performance cryptographic service provider. It performs high-speed cryptographic operations while protecting sensitive data. Its features include Triple-DES, AES, CCM, HMAC, RSA, ECDSA, SHA-1, SHA-256, SHA-384, SHA-512, public key database and certificate support, authenticated and encrypted communication with the module, secure storage of secret/private keys, software key medium and smartcard support, tamper-responsive enclosure, high level API requiring no cryptographic expertise, in-depth logging and auditing, and secure backup capabilities.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Certs. #C1160 and #C1161
CKG vendor affirmed
CVL Cert. #C1160
DRBG Certs. #98 and #C1161
ECDSA Cert. #C1161
HMAC Certs. #C1160 and #C1161
KTS AES Cert. #C1160 and HMAC Cert. #C1160
KTS AES Cert. #C1161 and AES Cert. #C1161; key establishment methodology provides 128 bits of encryption strength
RSA Cert. #C1161
SHS Certs. #1465, #C1160 and #C1161
Triple-DES Cert. #C1161
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
5.0
Firmware Versions
5.0.4

Vendor

DocuSign, Inc.
221 Main St.
Suite 1000
San Francisco, CA 94105
USA

Ezer Farhi
[email protected]
Phone: 972-39279529
Fax: 972-39230864
Moshe Harel
[email protected]
Phone: 972-3-9279578
Fax: 972-3-9230864

Validation History

Date Type Lab
6/27/2021 Initial CYGNACOM SOLUTIONS INC