Module Name
ProtectServer PCIe HSM 3
Caveat
When operated in FIPS mode. When utilizing a Trusted Path as specified in the security policy
Embodiment
Multi-Chip Embedded
Description
The ProtectServer PCIe HSM 3 is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that provides a wide range of cryptographic functions using firmware and dedicated hardware processors
Approved Algorithms
| AES |
Cert. #C2089 |
| CKG |
vendor affirmed |
| CVL |
Cert. #A678 |
| DRBG |
Cert. #C2089 |
| DSA |
Cert. #C2089 |
| ECDSA |
Certs. #C1945 and #C2089 |
| HMAC |
Certs. #A678 and #C2089 |
| KAS |
KAS-SSC Cert. #A678, KDA Cert. #A678 |
| KAS-SSC |
Cert. #A678 |
| KDA |
Cert. #A678 |
| KTS |
AES Cert. #C2089; key establishment methodology provides between 128 and 256 bits of encryption strength |
| KTS |
Triple-DES Cert. #C2089; key establishment methodology provides 112 bits of encryption strength |
| KTS-RSA |
Cert. #A678; key establishment methodology provides between 112 and 150 bits of encryption strength |
| RSA |
Certs. #A678 and #C2089 |
| SHA-3 |
Cert. #C2089 |
| SHS |
Certs. #C1945 and #C2089 |
| Triple-DES |
Cert. #C2089 |
Allowed Algorithms
AES (Cert. #C2089, key unwrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength); Triple-DES (Cert. #C2089, key unwrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
808-000048-002, 808-000048-003, 808-000073-001, 808-000073-002
Firmware Versions
7.00.01, 7.01.01, 7.01.02, 7.02.02 or 7.02.04 with bootloader versions 1.2.0 or 1.2.1
