Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3960

Details

Module Name
DocuSign HSM Appliance
Standard
FIPS 140-2
Status
Historical
 Historical Reason
SP 800-56Arev3 transition
Overall Level
3
Caveat
When operated in FIPS mode. This module contains the embedded module eToken 5105 validated to FIPS 140-2 under Cert. #1883 operating in FIPS mode. No assurance of the minimum strength of generated keys
Security Level Exceptions
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
DocuSign HSM Appliance is a high-performance cryptographic service provider. It performs high-speed cryptographic operations while protecting sensitive data. Its features include Triple-DES, AES, CCM, HMAC, RSA, ECDSA, SHA-1, SHA-256, SHA-384, SHA-512, public key database and certificate support, authenticated and encrypted communication with the module, secure storage of secret/private keys, software key medium and smartcard support, tamper-responsive enclosure, high level API requiring no cryptographic expertise, in-depth logging and auditing, and secure backup capabilities.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Certs. #C1160 and #C1161
CKG vendor affirmed
CVL Cert. #C1160
DRBG Certs. #98 and #C1161
ECDSA Cert. #C1161
HMAC Certs. #C1160 and #C1161
KTS AES Cert. #C1160 and HMAC Cert. #C1160
KTS AES Cert. #C1161 and AES Cert. #C1161; key establishment methodology provides 128 bits of encryption strength
RSA Cert. #C1161
SHS Certs. #1465, #C1160 and #C1161
Triple-DES Cert. #C1161
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
5.0
Firmware Versions
5.0.4

Vendor

DocuSign, Inc.
221 Main St.
Suite 1000
San Francisco, CA 94105
USA

Ezer Farhi
Ezer.Farhi@docusign.com
Phone: 972-39279529
Fax: 972-39230864
Moshe Harel
Moshe.Harel@docusign.com
Phone: 972-3-9279578
Fax: 972-3-9230864

Validation History

Date Type Lab
6/27/2021 Initial CYGNACOM SOLUTIONS INC