Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4679

Details

Module Name
JCOP 4.5 on P71D600
Standard
FIPS 140-3
Status
Active
Sunset Date
3/10/2029
Overall Level
3
Caveat
When installed, initialized and configured as specified in Section 11 of the Security Policy.
Security Level Exceptions
  • Operational environment: N/A
  • Physical security: Level 4
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Hardware
Embodiment
Single Chip
Description
The Module, validated to FIPS 140-3 overall Level 3, is a single chip module named P71D600 implementing the GlobalPlatform operational environment (Card Manager (ISD/SSD)) and the applications: NXP IoT applet v7.2.22 and NXP SEMS Lite applet v2.0.2.11.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES-CBC
AES-CCM
AES-CMAC
AES-CTR
AES-ECB
AES-GCM
AES-GMAC
AES-KW
Counter DRBG
ECDSA KeyGen (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigVer (FIPS186-4)
HMAC-SHA-1
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-512
KAS-ECC-SSC Sp800-56Ar3
KDA HKDF Sp800-56Cr1
KDA OneStep Sp800-56Cr1
KDA OneStep Sp800-56Cr1
KDF SP800-108
KDF SP800-108
KDF TLS
PBKDF
RSA Decryption Primitive
RSA KeyGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA Signature Primitive
RSA SigVer (FIPS186-4)
SHA-1
SHA2-224
SHA2-256
SHA2-384
SHA2-512
Allowed Algorithms
AES (Cert. #A2713, key unwrapping; key establishment methodology provides between 128 and 256 bits of encryption strength Per IG D.G; Symmetric key unwrapping (according to RFC3394) );AES (Cert. #A2713, key unwrapping; key establishment methodology provides 128 bits of encryption strength Per IG D.G; Symmetric key unwrapping (according to GlobalPlatform Amendment-I));ECDSA with non-NIST recommended curves (Provides between 112 and 256 bits of encryption strength Per IG C.A; Signature Generation/Verification using non-NIST curves [Brainpool224r1, Brainpool256r1, Brainpool320r, Brainpool384r1, Brainpool512r1, Secp224k1, Secp256k1 with strengths ]112, 128, 192 and 256 bits]);EC Diffie-Hellman with non-NIST recommended curves (Provides between 112 and 256 bits of encryption strength Per IGs D.F and C.A; Shared secret computation using non-NIST curves [Brainpool224r1, Brainpool256r1, Brainpool320r, Brainpool384r1, Brainpool512r1, Secp224k1, Secp256k1 with strengths ]112, 128, 192 and 256 bits])
Hardware Versions
N7122 A1
Firmware Versions
[Platform ID J3R6000373181200 and ROM ID B3375FE9B5508BC4 and Patch ID 0000000000000000 and NXP IoT applet v7.2.22 and NXP SEMS Lite applet v2.0.2.11]

Vendor

NXP Semiconductors, Inc.
Troplowitzstrasse 20
Hamburg D-22529
Germany

Tim 't Hart
tim.t.hart@nxp.com
Phone: 31639186402
David Herrgesell
david.herrgesell@nxp.com
Phone: 4331242998963

Validation History

Date Type Lab
3/11/2024 Initial ACUMEN SECURITY, LLC