Module Name
nShield 4000 [1], nShield 2000 [2], nShield 2000 for netHSM [3], nShield 800 [4], nShield 500 [5], nShield 500 for netHSM [6] and nShield Plus [7]
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode and initialized to Overall Level 2 per Security Policy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Physical Security: Level 3 +EFP/EFT
- Cryptographic Key Management: Level 3
- EMI/EMC: Level 3
- Design Assurance: Level 3
Embodiment
Multi-chip embedded
Description
The nCipher modules: nCipher 4000 PCI, nShield 800 PCI, and nShield Plus PCI family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed.
Approved Algorithms
| AES |
Cert. #258 |
| DSA |
Cert. #136 |
| ECDSA |
Cert. #2 |
| HMAC |
Cert. #68 |
| RNG |
Cert. #91 |
| RSA |
Cert. #68 |
| SHS |
Cert. #333 |
| Triple-DES |
Cert. #339 |
| Triple-DES MAC |
Triple-DES Cert. #339, vendor affirmed |
Other Algorithms
ARC FOUR; CAST5; CAST 6; DES; DES MAC; MD2; MD5; SEED; HMAC (MD2, MD5, and RIPEMD160); RIPEMD 160; El-Gamal; Blowfish; Twofish; Serpent; KCDSA; HSA 160; Diffie-Hellman (key agreement, key establishment methodology provides 112 bits to 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement, key establishment methodology provides 192 bits of encryption strength); RSA (key wrapping, key establishment methodology provides 112 bits to 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Hardware Versions
nC4033P-4K0 [1], nC4033P-2K0 [2], nC4033P-2K0N [3], nC4033P-800 [4], nC4133P-500 [5], nC4133P-500N [6] and nC4033P-50 [7], Build Standards L & N
Firmware Versions
2.22.6-2, 2.22.34-2 and 2.22.43-2
