Module Name
nShield F3 4000, nShield F3 2000, nShield F3 2000 for netHSM, nShield F3 500 and nShield F3 500 for netHSM
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Physical Security: Level 3 +EFP/EFT
- Cryptographic Key Management: Level 3
- EMI/EMC: Level 3
- Design Assurance: Level 3
Embodiment
Multi-chip embedded
Description
The nShield modules: nCipher 4000, nShield 2000, nShield 2000 for netHSM, nShield 500 and nShield 500 for netHSM family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed.
Approved Algorithms
| AES |
Cert. #599 |
| AES GCM |
Cert. #599, vendor affirmed |
| DSA |
Cert. #233 |
| ECDSA |
Cert. #64 |
| HMAC |
Cert. #309 |
| RNG |
Cert. #340 |
| RSA |
Cert. #274 |
| SHS |
Cert. #648 |
| Triple-DES |
Cert. #570 |
| Triple-DES MAC |
Triple-DES Cert. #570, vendor affirmed |
Other Algorithms
ARC FOUR; Aria; Camellia; CAST 6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; and HMAC-RIPEMD160; RIPEMD 160; Tiger; El-Gamal; KCDSA; HAS 160; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 192 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength), ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Hardware Versions
nC4033P-4K0, nC4033P-2K0, nC4033P-2K0N, nC4133P-500 and nC4133P-500N, Build Standard N
Firmware Versions
2.33.60-2
