Module Name
Thales Luna Backup HSM Cryptographic Module
Caveat
When operated in FIPS mode.
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Thales Luna Backup HSM Cryptographic Module is a multi-chip standalone hardware cryptographic module in the small form factor device that connects to a computer workstation or server via USB. The cryptographic module is contained in its own enclosure that provides physical resistance to tampering.
Approved Algorithms
| AES |
Cert. #C2020 |
| CKG |
Vendor Affirmed |
| CVL |
Certs. #C2020 and #C2021 |
| DRBG |
Cert. #C2020 |
| ECDSA |
Cert. #C2020 |
| HMAC |
Cert. #C2020 |
| KAS |
Cert. #A2125 |
| KAS-RSA |
Cert. #A2125; key establishment methodology provides 150 bits of encryption strength |
| KBKDF |
Cert. #C2020 |
| KDA |
Cert. #A2125 |
| KTS |
AES Cert. #C2020 |
| KTS-RSA |
Cert. #A2125; key establishment methodology provides 150 bits of encryption strength |
| PBKDF |
Cert. #A2125 |
| RSA |
Certs. #A674, #A675, #C2020, #C2021 and #C2022 |
| SHS |
Certs. #C2020 and #C2022 |
Allowed Algorithms
AES (Cert. #C2020, key unwrapping; key establishment methodology provides 256 bits of encryption strength); NDRNG; RSA (CVL Certs. #C2020 and #C2021, key unwrapping; key establishment methodology provides between 112 and 150 bits of encryption strength)
Hardware Versions
808-000064-005, 808-000064-006
Firmware Versions
7.7.1 and bootloader version 1.3.0 or 1.5.0
