Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4328

Details

Module Name
Thales Cryptovisor K7+ Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
3
Caveat
When operated in FIPS mode and initialized to Overall Level 3 per Security Policy
Security Level Exceptions
  • Physical Security: Level 4
Module Type
Hardware
Embodiment
Multi-Chip Embedded
Description
The Thales Cryptovisor K7+ Cryptographic Module is a high-assurance, Hardware Security Module with a tamper-active physical enclosure targeted at the service provider market. The cryptographic module secures sensitive data and critical applications by storing, protecting and managing cryptographic keys. It provides end users with industry-leading security and performance, and can quickly be embedded directly into servers and security appliances for FIPS 140-2 validated key security for elastic deployments particularly in support of cloud applications.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Cert. #5652
CKG vendor affirmed
CVL Cert. #A1171
DRBG Cert. #2283
DSA Cert. #1452
ECDSA Certs. #1526 and #A1171
ENT P
HMAC Certs. #3766 and #A1171
KAS KAS-SSC Cert. #A1171, KDA Cert. #A1171; key establishment methodology provides between 112 and 256 bits of encryption strength
KAS-SSC Cert. #A1171
KBKDF Cert. #234
KDA Cert. #A1171
KTS AES Cert. #5652; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS-RSA Certs. #A1170 and #A1171; key establishment methodology provides between 112 and 201 bits of encryption strength
RSA Certs. #2631, #2632, #3042, #3043, #A1170 and #A1171
SHA-3 Cert. #A1171
SHS Certs. #3951, #3952, #4533
Allowed Algorithms
AES (Cert. #5652, key unwrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); EC Diffie-Hellman (shared secret computation provides between 112 and 285-bits of encryption strength).
Hardware Versions
808-000069-001 and 808-000070-001
Firmware Versions
2.0.0 and 2.0.2 with Boot Loader versions 1.1.1, 1.1.2, 1.1.4 and 1.1.5

Vendor

Thales
20 Colonade Road, Suite 200
Ottawa, ON K2E 7M6
Canada

Security & Certifications Team
SecurityCertifications@thalesgroup.com

Validation History

Date Type Lab
10/12/2022 Initial EWA CANADA
3/27/2023 Update EWA CANADA