Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4433

Details

Module Name
EZPES Centralized Security Module (CSM)
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
3
Caveat
When operated in FIPS mode
Security Level Exceptions
  • Physical Security: Level 4
Module Type
Hardware
Embodiment
Multi-Chip Embedded
Description
The EasyPost Centralized Security Module (CSM) acts as the core security module of a United States Postal Service (USPS) Intelligent Mail Indicia Performance Criteria (IMI PC) conformant online postage evidencing system (PES). Its primary purpose is to perform secure postal financial transactions.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Certs. #C1122, #C1137, #C1138, #C1140, and #C1246
CKG vendor affirmed
CVL Certs. #A1016, #C1141 and #C1165
DRBG Cert. #A1068
DSA Cert. #C1195
ECDSA Cert. #A2367 and #C1196
ENT P
HMAC Cert. #C1142
KAS KAS-SSC Certs. #A2368 and #A2369, KDA Certs. #A1016 and #A2417
KAS-SSC Certs. #A2227, #A2368, and #A2369
KBKDF Cert. #C1164
KDA Certs. #A1016 and #A2417
KTS AES Certs. #C1137, #C1138 and #C1246; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Cert. #C1122 and AES Cert. #C1140
KTS-RSA Cert. #A2370; key establishment methodology provides between 112 and 256 bits of encryption strength
RSA Cert. #C1197
SHA-3 Cert. #C1125
SHS Certs. #A1067, #C1124 and #C1126
Triple-DES Cert. #C1128
Allowed Algorithms
N/A
Hardware Versions
CryptoServer CSe-Series 4.00.5.1
Firmware Versions
CryptoServer CSe-Series 4.32.0.5; App version: 3.0.0.0

Vendor

EasyPost
2889 Ashton Boulevard
Suite 325
Lehi, UT 84043
USA

Andrew A. Bakun
pes@easypost.com

Validation History

Date Type Lab
2/9/2023 Initial PENUMBRA SECURITY