Module Name
Thales Luna Backup HSM Cryptographic Module
Caveat
When operated in FIPS mode.
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Thales Luna Backup HSM Cryptographic Module is a multi-chip standalone hardware cryptographic module in the small form factor device that connects to a computer workstation or server via USB. The cryptographic module is contained in its own enclosure that provides physical resistance to tampering.
Approved Algorithms
AES |
Cert. #C2020 |
CKG |
Vendor Affirmed |
CVL |
Certs. #C2020 and #C2021 |
DRBG |
Cert. #C2020 |
ECDSA |
Cert. #C2020 |
HMAC |
Cert. #C2020 |
KAS |
Cert. #A2125 |
KAS-RSA |
Cert. #A2125; key establishment methodology provides 150 bits of encryption strength |
KBKDF |
Cert. #C2020 |
KDA |
Cert. #A2125 |
KTS |
AES Cert. #C2020 |
KTS-RSA |
Cert. #A2125; key establishment methodology provides 150 bits of encryption strength |
PBKDF |
Cert. #A2125 |
RSA |
Certs. #A674, #A675, #C2020, #C2021 and #C2022 |
SHS |
Certs. #C2020 and #C2022 |
Allowed Algorithms
AES (Cert. #C2020, key unwrapping; key establishment methodology provides 256 bits of encryption strength); NDRNG; RSA (CVL Certs. #C2020 and #C2021, key unwrapping; key establishment methodology provides between 112 and 150 bits of encryption strength)
Hardware Versions
808-000064-005, 808-000064-006
Firmware Versions
7.7.1 and bootloader version 1.3.0 or 1.5.0