CMVP Main Page
*** NOTE: Module descriptions were provided by the vendors, and their contents have not been verified for accuracy by NIST or CSE. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-approved mode. The algorithms, protocols, and cryptographic functions listed as "other algorithms" (non-FIPS-approved algorithms) have not been validated or tested through the CMVP. ***
Questions regarding modules on this list should first be directed to the appropriate vendor.
| Cert# | Vendor | Cryptographic Module | Val. Date |
Level / Description | |
|---|---|---|---|---|---|
| 200 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable
|
(Firmware Version 4.08 and 4.09, Hardware Version 3) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 12/18/2001; 04/11/2002; 05/15/2002; 07/18/2002; 07/03/2003; 10/19/2004 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Certs. #5 and #22); DSA/SHA-1 (Cert. #5) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone"The SFE-HSSI protects information flowing between nodes or sites of a frame relay network. It can be con-figured to either allow or disallow information flow between two frame relay nodes. Furthermore, the information flow can be either protected through encryption or passed without encryption. The SFE-HSSI support full-duplex traffic throughput of between 56-256 kbps for 32-1022 secure connections. The SFE will achieve this throughput for the smaller frames as well (64 byte frames is a target)." |
| 199 | F-Secure Corporation Tammasaarenkatu 7 PL 24 Helsinki, 00181 Finland -Alexey Kirichenko
|
(Software Version: 1.1) (When operated in FIPS mode and using FIPS Approved algorithms and processes as listed) Validated to FIPS 140-1 Security PolicyCertificate Vendor Product Link |
Software | 12/18/2001; 07/31/2003 |
Overall Level: 1
-EMI/EMC: Level 3 -Operating System Security: Tested as meeting Level 1 with Microsoft Windows NT 4.0 SP6 -FIPS-approved algorithms: Triple-DES (Cert. #68); DSA (Cert. #50); SHA-1 (Cert. #62); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #129); RSA Encryption/Decryption; IDEA; Blowfish; CAST-128; Rijndael; Arcfour; MD5; RIPEMD-160; HMAC-SHA-1; HMAC-MD5; HMAC-RMD160; Diffie-Hellman (key agreement) Multi-chip standalone"The F-Secure Cryptographic Service Provider is a FIPS 140-1 Level 1 compliant software module, implemented as a 32-bit Windows™ NT compatible DLL, which provides a variety of cryptographic services and can be dynamically linked into applications by software developers to get access to general-purpose cryptographic functionality." |
| 198 | Mailroom Technology, Inc. 230 Long Hill Cross Road Shelton, CT 06484 USA -Richard Rosen
|
(Software Versions 3.1.1, 3.3.2, 3.3.3 and 3.4.0; Hardware Versions 411, 412 and 413) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 12/14/2001; 06/21/2002; 09/01/2006; 04/26/2007 |
Overall Level: 3
-Physical Security: Level 3 +EFT
-FIPS-approved algorithms: Triple-DES (Cert. #47); DSA/SHA-1 (Cert. #43) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip embedded"SAFE CV provides the physical and logical resources necessary to function as a United States Postal Service (USPS), Information-Based Indicia Program (IBIP), Postal Security Device (PSD). It is used for securely managing and dispensing money via encryption and digital signature techniques and protects the interests of user, service provider and recipient. The device is ideally suited to both embedded and PC based applications requiring high-speed cryptographic functions. Additionally, this device has been approved for export for use in markets throughout the world." |
| 197 | CTAM, Inc. 600 17th Street 600 17th Street Suite 950 South Denver, CO 80202 USA -Network Security Product Manager
|
(Hardware Version 3, Firmware Version 2.1.0) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 12/14/2001 | Overall Level: 2
-Roles and Services: Level 3 -EMI/EMC: Level 3 -Key Management: Level 3 -Module Interfaces: Level 3 -Software Security: Level 3 -Self Tests: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #78); SHA-1 (Cert. #68); RSA (PKCS#1 for signature, vendor affirmed) -Other algorithms: DES (Certs. #138 and #139); Multi-chip standalone"CypherCell is a hardware encryption product for Asynchronous Transfer Mode (ATM) networks. It supports multiple speeds with AC or DC Power" |
| 196 | Cisco Systems, Inc. 7025-6 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
2651 Modular Access Router with Crypto Accelerator Card (Hardware Versions: 2621 and 2651, IOS Version: 12.1(5)T, Accelerator Card: AIM-VPN/BP, Hardware Version: 1.0, Board Rev; A0) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 12/12/2001; 01/10/2003; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #17 and #32); SHA-1 (Cert. #26); DSA/SHA-1 (Cert. #38) -Other algorithms: DES (Certs. #74 and #100); RSA (encryption); HMAC-SHA-1; AH-SHA-HMAC; ESP-SHA-HMAC; MD4; MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Modular Access Router is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 195 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable
|
(Firmware Versions 3.00 and 3.01, Hardware Revision 16697-010-03) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 12/12/2001; 05/23/2002; 07/18/2002; 07/03/2003; 10/19/2004 |
Overall Level: 2
-Physical Security: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Certs. #22 and #56); DSA/SHA-1 (Cert. #5) -Other algorithms: DES (Cert. #109); Diffie-Hellman (key agreement) Multi-chip standalone"The SLE-T3 secures public and private DS3/T3 data links at 44.7 MHz, encrypting data at the full data rate, and meeting the T3 industry standard. Both C-Bit and M13 framing are supported." |
| 194 | Cisco Systems, Inc. 7025-6 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
2651 Modular Access Router (Hardware Versions: 2621 and 2651, Software Version: IOS 12.1(5)T) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 12/12/2001; 01/10/2003; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #17); SHA-1 (Cert. #26) -Other algorithms: DES (Cert. #74); RSA (encryption); HMAC-SHA-1; AH-SHA-HMAC; ESP-SHA-HMAC; MD4; MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Modular Access Router is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 193 | Cisco Systems, Inc. 7025-6 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(Hardware: 7206, Software: IOS 12.1(9)E, ISA Accelerator: Hardware Version 1.0, Board Version B0) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 12/12/2001; 01/10/2003; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #17 and #76); SHA-1 (Certs. #26 and #66) -Other algorithms: DES (Certs. #74 and #136); RSA (encryption); HMAC-SHA-1; AH-SHA-HMAC; ESP-SHA-HMAC; MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Secure Integrated VPN is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 192 | Cisco Systems, Inc. 7025-6 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(Hardware: 7206 VXR, Software: IOS Version: 12.1(9)E) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 12/12/2001; 01/10/2003; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #17); SHA-1 (Cert. #26) -Other algorithms: DES (Cert. #74); RSA (encryption); HMAC-SHA-1; AH-SHA-HMAC; ESP-SHA-HMAC; MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Secure Integrated VPN is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 191 | Cisco Systems, Inc. 7025-6 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
7140 VPN Router with Dual ISA and ISM Accelerator Cards (7140: Hardware Version: 7140, Software: IOS 12.1(9)E; ISM Accelerator: Hardware Version: 1.0, Board Rev: AO 7140 Dual: Hardware Version: 7140, Software: IOS 12.1(9)E, ISM Accelerator: Hardware Version: 1.0, Board Version: AO; ISA Accelerator: Hardware Version 1.0, Board Version B0) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 12/12/2001; 02/25/2002; 01/10/2003; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #17, #76 and #77); SHA-1 (Certs. #26, #66 and #67) -Other algorithms: DES (Certs. #74, #136 and #137); RSA (encryption); HMAC-SHA-1; AH-SHA-HMAC; ESP-SHA-HMAC; MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Secure Integrated VPN is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 190 | Cisco Systems, Inc. 7025-6 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(Hardware Version: 7140, Software Version: IOS 12.1(9)E) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 12/12/2001; 01/10/2003; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #17); SHA-1 (Cert. #26) -Other algorithms: DES (Cert. #74); RSA (encryption); HMAC-SHA-1; AH-SHA-HMAC; ESP-SHA-HMAC; MD4; MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Secure Integrated VPN is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 189 | Cisco Systems, Inc. 7025-6 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
3660 VPN Router with Crypto Accelerator Card (3640: H/W Version: 3640, IOS Version: 12.1(5)T, Accelerator Card: NM-VPN/MP, Hardware Version: 1.0, Board Rev: AO 3660: H/W Version: 3660, IOS Version: 12.1(5)T, Accelerator Card: AIM-VPN/HP, Hardware Version: 1.0, Board Rev: AO) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 12/12/2001; 01/10/2003; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #17 and #32); SHA-1 (Cert. #26); DSA/SHA-1 (Cert. #38) -Other algorithms: DES (Certs. #74 and #100); RSA (encryption); HMAC-SHA-1; AH-SHA-HMAC; ESP-SHA-HMAC; MD4; MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Secure Integrated VPN is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 188 | Cisco Systems, Inc. 7025-6 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
3660 Modular Access Router (Hardware Version: 3640 and 3660, Software Version: IOS 12.1(5)T) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 12/12/2001; 01/10/2003; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #17); SHA-1 (Cert. #26) -Other algorithms: DES (Cert. #74); RSA (encryption); HMAC-SHA-1; AH-SHA-HMAC; ESP-SHA-HMAC; MD4; MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Modular Access Router is a router that provides data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 187 | Cryptek, Inc. 1501 Moran Road Sterling, VA 20166 USA -Timothy Williams
|
(Hardware Version 2000, Software Versions 2.0.3, 2.0.8, 2.1.3, 2.1.4, 2.1.4A, 2.1.6 and 2.1.6.1) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 11/27/2001; 12/12/2001; 02/15/2002; 04/16/2002; 08/08/2002; 02/25/2003; 04/08/2005 |
Overall Level: 1
-Roles and Services: Level 2
-FIPS-approved algorithms: Triple-DES (Cert. #71); SHA-1 (Cert. #63) -Other algorithms: DES (Cert. #132); Diffie-Hellman (key agreement); MD5 Multi-chip embedded"DiamondLink provides a cost-effective and flexible end-to-end network security solution for the LAN, WAN, or Internet. It not only provides a high level of trust and data separation through the established end-to-end sessions, it additionally provides added levels of security by bringing firewall filtering functionality to the desktop. This module provides strong I&A with user selectable/dynamically downloaded security policies to the desktop." |
| 186 | Corsec Security, Inc. 10340 Democracy Lane Suite 201 Fairfax, VA 22030 USA -Matthew Appler
|
Validated to FIPS 140-1 Certificate |
Software | 11/27/2001; 06/10/2002; 09/06/2002 |
Overall Level: 1
-FIPS-approved algorithms: -Other algorithms: Multi-chip standalone |
| 185 | Nortel Networks 600 Technology Park Billerica, MA 01821 USA -Jonathan Lewis
|
(Firmware Version 3.61.01, Hardware Version 4600) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 11/27/2001; 12/06/2001 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #29 and #53); SHA-1 (Cert. #28, #31 and #51); RSA (PKCS #1, vendor affirmed) -Other algorithms: DES (Cert. #44, #48 and #101); DES MAC; MD5; HMAC (MD5, SHA-1); 40-bit DES; RC4 (40-bit and 128-bit) Multi-chip standalone"The Contivity 4600 Extranet Switch provides up to 5000 branch office or end user IPSEC tunnels with a flexible easy to manage and cost effective package. The Switch provides 5 PCI expansion slots and dual 10/100 LAN ports, dual redundant power supplies and storage." |
| 184 | Algorithmic Research Ltd. 10 Nevatim Street Petach Tikva, 49561 Israel -Gadi Aharoni
|
([Firmware Version 3.0, Hardware Versions 3.0] and [Firmware Version 3.1, Hardware Version 3.1]) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate Vendor Product Link |
Hardware | 11/27/2001; 12/13/2002; 02/10/2003; 07/15/2003 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #66); SHA-1 (Cert. #58); RSA digital signature (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert.#127); MD5; RSA (encryption); ISO9796; ARDFP; Diffie-Hellman (key agreement) Multi-chip standalone"The PrivateServer is a high-performance cryptographic service provider. Contained within a secure, tamper-responsive steel case, the PrivateServer performs high-speed cryptographic operations while protecting sensitive data. Its features include strong cryptography using DES, triple-DES, and SHA-1, public key database and certificate support, authenticated and encrypted communication with the module, secure storage of secret/private keys, software key medium and smartcard support, tamper-responsive enclosure, high level API requiring no cryptographic expertise, in-depth logging and auditing, and secure backup capabilities." |
| 183 | Motorola, Inc. 8220 East Roosevelt Street Scottsdale, AZ 85257 USA -Kerry Johns-Vano
|
(Firmware Versions: R05.00.02, R05.00.03, R05.00.12 and R05.00.13, Hardware Version: Issue O) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 11/19/2001; 02/07/2002; 10/04/2002; 10/21/2002; 01/06/2003 |
Overall Level: 1
-Roles and Services: Level 2 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #82) -Other algorithms: DES (09/22/1995); DES-XL; DVI-XL; DVI-SPFL; DVP-XL Multi-chip embedded"Encryption modules used in Motorola Astro™ family of radios. Provides secure voice and data capabilities as well as APCO Over-the-Air-Rekeying and advanced key management." |
| 182 | Hasler, Inc. 19 Forest Parkway Shelton, CT 06484 USA -Richard Rosen
|
(Software Version 3.1.1 and 3.3.2, Hardware Version 401) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 11/09/2001; 06/21/2002 |
Overall Level: 3
-Physical Security: Level 3 +EFT
-FIPS-approved algorithms: Triple-DES (Cert. #47); DSA/SHA-1 (Cert. #43) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip embedded"SAFE CV provides the physical and logical resources necessary to function as a United States Postal Service (USPS), Information-Based Indicia Program (IBIP), Postal Security Device (PSD). It is used for securely managing and dispensing money via encryption and digital signature techniques and protects the interests of user, service provider and recipient. The device is ideally suited to both embedded and PC based applications requiring high-speed cryptographic functions. Additionally, this device has been approved for export for use in markets throughout the world." |
| 181 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales
|
(Firmware versions 5.0 (1.71.15) and 5.0.1 (1.71.91), Hardware versions nC3022P-150 and nC3022P-300, Build standard E) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 11/09/2001; 01/23/2004 |
Overall Level: 2
-Roles and Services: Level 3* -Physical Security: Level 3 -Key Management: Level 3* -Software Security: Level 3 -Self Tests: Level 3* *When operated in the FIPS mode -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); RSA (vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; Rijndael; ARC FOUR; CAST5; HMAC (SHA-1, SHA-192, SHA-256, MD2, MD5; RIPEMD160); El-Gamal; Diffie-Hellman (key agreement) Multi-chip embedded"The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging including X.400/EDI." |
| 180 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales
|
(Firmware versions 5.0 (1.71.15) and 5.0.1 (1.71.91), Hardware versions nC4032W-150 and nC4032W-400, Build standard D) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 11/09/2001; 01/23/2004 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); RSA (vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; Rijndael; ARC FOUR; CAST5; HMAC (SHA-1, SHA-192, SHA-256, MD2, MD5; RIPEMD160); El-Gamal; Diffie-Hellman (key agreement) Multi-chip standalone"The nCipher nShield "SEE Ready" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." |
| 179 | Nortel Networks 600 Technology Park Billerica, MA 01821 USA -Jonathan Lewis
|
(Firmware version 3.60.45, Hardware Version 2600) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 10/30/2001; 12/06/2001 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #29 and #53); SHA-1 (Cert. #28, #31 and #51); RSA (PKCS #1, vendor affirmed) -Other algorithms: DES (Cert. #44, #48 and #101); DES MAC; MD5; HMAC (MD5, SHA-1); DES (40-bit); RC4 (40-bit and 128-bit) Multi-chip standalone"The Contivity 2600 Extranet Switch provides up to 1000 branch office or end user IPSEC tunnels with a flexible easy to manage and cost effective package. The Switch provides 3 PCI expansion slots and dual 10/100 LAN ports." |
| 178 | Nortel Networks 600 Technology Park Billerica, MA 01821 USA -Jonathan Lewis
|
(Firmware version 3.60.45, Hardware Version 1600) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 10/30/2001; 12/06/2001 |
Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: Triple-DES (Cert. #29 and #53); SHA-1 (Cert. #28, #31 and #51); RSA (PKCS #1, vendor affirmed) -Other algorithms: DES (Cert. #44, #48 and #101); DES MAC; MD5; HMAC (MD5, SHA-1); DES (40-bit); RC4 (40-bit and 128-bit) Multi-chip standalone"The Contivity 1600 Extranet Switch provides up to 200 branch office or end user IPSEC tunnels with a flexible easy to manage and cost effective package. The Switch provides a PCI expansion slot and dual 10/100 LAN ports." |
| 177 | Entrust, Inc. 1000 Innovation Drive Ottawa, Ontario K2K 3E7 Canada -Pierre Boucher
|
(Version 5.2) (When operated in FIPS mode with FIPS validated browser services operating in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Software | 10/30/2001; 11/15/2001; 06/28/2002; 07/18/2002 |
Overall Level: 1
-Operating System Security: Tested as meeting Level 1 with Windows NT 4.0 SP3, Windows 95/98, Windows 2000 SP2 and Netscape 4.72 (Cert. #47) or Microsoft IE 5.5 (Cert. #103) (operated in single user mode)
-FIPS-approved algorithms: Triple-DES (Cert. #69); SHA-1 (Cert. #60); RSA (PKCS #1, vendor affirmed) -Other algorithms: DES (Cert. #130); Multi-chip standalone"The module performs low level cryptographic operations – encryption, decryption and hashes – implemented in software using the high-level Java programming language. Currently, the module is imbedded into an applet as part of the TruePass product suite that allows integration of cryptographic security into web applications." |
| 176 | Entrust, Inc. 1000 Innovation Drive Ottawa, Ontario K2K 3E7 Canada -Pierre Boucher
|
(Version 6.0) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Software | 10/30/2001; 05/09/2002; 07/18/2002; 05/27/2003 |
Overall Level: 2
-EMI/EMC: Level 3 -Operating System Security: Tested as meeting Level 2 with Microsoft Windows NT 4.0 with SP6a, TCSEC C2-rated on a Compaq ProLiant 7000 Server -FIPS-approved algorithms: AES (Cert. #10); Triple-DES (Cert. #6); DSA/SHA-1 (Cert. #10); RSA (FIPS 186-2 and PKCS #1, vendor affirmed) -Other algorithms: DES ((Cert. #56); DES MAC; RC2; RC4; IDEA; MD5; MD2; RIPEMD-160; HMAC-SHA-1; HMAC-MD5; HMAC-RMD160; CAST; CAST3; CAST5; Diffie-Hellman (key agreement); Ephemeral-Static Diffie Hellman; ECDSA (vendor affirmed; non-compliant) Multi-chip standalone"This module is used in the Entrust® family of products." |
| 175 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales
|
(Firmware versions 5.0 (1.71.15) and 5.0.1 (1.71.91), Hardware versions nC4022P-150 and nC4022P-300, Build standard E) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 10/11/2001; 01/23/2004 |
Overall Level: 2
-Roles and Services: Level 3* -Physical Security: Level 3 -Key Management: Level 3* -Module Interfaces: Level 3 -Software Security: Level 3 -Self Tests: Level 3* *When operated in the FIPS mode -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); RSA (vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; Rijndael; ARC FOUR; CAST5; HMAC (SHA-1, SHA-192, SHA-256, MD2, MD5; RIPEMD160); El-Gamal; Diffie-Hellman (key agreement) Multi-chip embedded"The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." |
| 174 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales
|
(Firmware versions 5.0 (1.71.15) and 5.0.1 (1.71.91), Hardware versions nC4032P-150 and nC4032P-300, Build standard E) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 10/11/2001; 01/23/2004 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); RSA (vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; Rijndael; ARC FOUR; CAST5; HMAC (SHA-1, SHA-192, SHA-256, MD2, MD5; RIPEMD160); El-Gamal; Diffie-Hellman (key agreement) Multi-chip embedded"The nCipher nShield "SEE Ready" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." |
| 173 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Randy Kun
|
(Version 3.9) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 10/11/2001; 10/18/2004 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #73); SHA-1 (Cert. #64); DSA (Cert. #51); RSA (vendor affirmed) -Other algorithms: DES (Cert. #134); RC2; RC4; RC5; CAST; CAST3; CAST5; HMAC-SHA1; HMAC-MD5; RSA (encryption/decryption); MD2; MD5; Diffie-Hellman -1024 (key agreement) Multi-chip standalone"Luna® XPplus offers hardware-accelerated signing, secure key management, and signature validation for high volume transaction applications such as transaction coordinators and OCSP (Online Certificate Status Protocol) responders. Luna® XPplus is a scalable, hardware security module for high-performance digital signing of e-business transactions in a FIPS 140-1 level 3-validated solution. The product operates in conjunction with Luna® CA³ root key protection systems leveraging ultimate private key integrity for high-volume digital signing applications. Luna® XPplus signing devices allow you to add signature processing throughput as needed." |
| 172 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales
|
(Firmware versions 5.0 (1.71.15) and 5.0.1 (1.71.91), Hardware versions nC4022W-150 and nC4022W-400, Build standard D) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 10/15/2001; 01/23/2004 |
Overall Level: 2
-Roles and Services: Level 3* -EMI/EMC: Level 3 -Key Management: Level 3* -Module Interfaces: Level 3 -Software Security: Level 3 -Self Tests: Level 3* *When operated in the FIPS mode -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); RSA (vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; Rijndael; ARC FOUR; CAST5; HMAC (SHA-1, SHA-192, SHA-256, MD2, MD5; RIPEMD160); El-Gamal; Diffie-Hellman (key agreement) Multi-chip standalone"The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." |
| 171 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales
|
(Firmware versions 5.0 (1.71.15) and 5.0.1 (1.71.91), Hardware versions nC3022W-150 and nC3022W-400, Build standard D) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 10/15/2001; 01/23/2004 |
Overall Level: 2
-Roles and Services: Level 3* -Key Management: Level 3* -Module Interfaces: Level 3 -Software Security: Level 3 -Self Tests: Level 3* *When operated in the FIPS mode -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); RSA (vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; Rijndael; ARC FOUR; CAST5; HMAC (SHA-1, SHA-192, SHA-256, MD2, MD5; RIPEMD160); El-Gamal; Diffie-Hellman (key agreement) Multi-chip standalone"The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging including X.400/EDI." |
| 170 | NetScreen Technologies, Inc. 805 11th Avenue Bldg. 3 Sunnyvale, CA 94089 USA -Lee Klarich
|
(Hardware Revision 3010, Software Version ScreenOS 2.6.1) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate Vendor Product Link |
Hardware | 09/27/2001; 02/13/2003; 06/03/2003 |
Overall Level: 2
-EMI/EMC: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Certs. #49 and #50); SHA-1 (Cert. #47); DSA/SHA-1 (Cert. #44); RSA (SigVer; PKCS #1; vendor affirmed) -Other algorithms: DES (Certs. #114 and #115); RC2; RC4; MD5; RSA (encryption/decryption); Diffie-Hellman (key agreement); Blowfish; HMAC Multi-chip standalone"The NetScreen-5XP is a purpose-built Internet security appliance that delivers firewall, VPN and traffic shaping that offers a complete security solution for telecommuters, small-sized companies and branch offices. Featuring two 10Base-T Ethernet ports (trust and untrust), the NetScreen-5XP performs at near wire-speed, protecting the LAN from attack and providing IPSEC based VPN capabilities." |
| 169 | NetScreen Technologies, Inc. 805 11th Avenue Bldg. 3 Sunnyvale, CA 94089 USA -Lee Klarich
|
(Hardware Revision 4110, Software Version ScreenOS 2.6.1) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate Vendor Product Link |
Hardware | 09/27/2001; 02/13/2003; 06/03/2003 |
Overall Level: 2
-Software Security: Level 3
-FIPS-approved algorithms: Triple-DES (Certs. #49 and #50); SHA-1 (Cert. #47); DSA/SHA-1 (Cert. #44); RSA (SigVer; PKCS #1; vendor affirmed) -Other algorithms: DES (Certs. #114 and #115); RC2; RC4; MD5; RSA (encryption/decryption); Diffie-Hellman (key agreement); Blowfish; HMAC Multi-chip standalone"The NetScreen-500 is a purpose-built security system integrating stateful inspection firewall, VPN, and traffic management together in a compact system that only requires 2U of rack space. Designed for high performance, redundancy, manageability, and multiple security domains, the NetScreen-500 implements a modular design, it offers many of the compelling functionality of an appliance. In addition, there are redundant dedicated high availability ports, dedicated management port, 4 traffic module bays, and a programmable LCD." |
| 168 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Randy Kun
|
(Firmware v3.9, Hardware v 1 and 2) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 09/25/2001; 10/18/2004 |
Overall Level: 2
-Software Security: Level 3 -Self Tests: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #74); Triple-DES MAC; DSA/SHA-1 (Cert. #13); RSA (vendor affirmed) -Other algorithms: DES (Cert. #32); DES MAC; HMAC-SHA-1; Diffie-Hellman (key agreement); MD2; MD5; HMAC-MD5; RC2; RC4; RC5; CAST/CAST3/CAST5 (40 and 64 bit keys) Multi-chip standalone"The Chrysalis-ITS® LUNA RA Secure Issuance HSM token is a hardware-based, multiple-chip standalone module which is a delta production of the Chrysalis-ITS® LUNA 2 token (certificate #56, dated 08/08/1999). Like the LUNA 2, the LUNA RA is in the form of a PC card “token” based on the PCMCIA standard. The LUNA RA token offers secure key distribution, fast key generation and secure key backup functionality to increase security and reduce operational overhead. The Luna RA token is integral to the secure issuance of keys to smart cards, cable modems, mobile phones and other PKI-enabled devices." |
| 167 | SPYRUS, Inc. 2355 Oakland Road Suite 1 San Jose, CA 95131 USA -Tom Dickens
|
(Firmware Version: SPYCOS 2.01(FUP03), Hardware Version: SC410-G) (When operated in FIPS mode and using FIPS Approved algorithms and processes as listed) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 09/25/2001 | Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #54); Skipjack (Cert. #4); DSA (SigGen, KeyGen Cert. #31); RSA (vendor affirmed) -Other algorithms: DES (Cert. #78); KEA (key exchange) Multi-chip standalone"The SPYRUS Rosetta Smart Card is an ISO 7816 compliant public key smart card based upon the SPYCOS card operating system." |
| 166 | SPYRUS, Inc. 2355 Oakland Road Suite 1 San Jose, CA 95131 USA -Tom Dickens
|
(Firmware Version: SPYCOS 2.01(FUP03), Hardware Version: USB110-GBL) (When operated in FIPS mode and using FIPS Approved algorithms and processes as listed) Validated to FIPS 140-1 Security PolicyCertificate Vendor Product Link |
Hardware | 09/10/2001 | Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #54); Skipjack (Cert. #4); DSA (SigGen, KeyGen Cert. #31); RSA (vendor affirmed); -Other algorithms: DES (Cert. #78); KEA (key exchange) Multi-chip standalone"The Rosetta USB is a low cost cryptographic token ideal for public key operations, key generation, and certificate storage. USB compatibility means simple “plug and play” ease of use. Rosetta USB provides user authentication, digital signatures, and data privacy all in a familiar key-shaped token. With both commercial and government cryptographic algorithms, Rosetta USB supports messaging and authentication requirements at a lower cost of deployment than smart cards or PC cards. Combined with the Rosetta Executive Suite software, Rosetta USB seamlessly plugs into e-mail, browsing, and data security applications." |
| 165 | Axalto Inc. 8311 North FM 620 Road Austin, TX 78726 USA -David Teo
-David Wen
|
(Hardware PN 15006436 and 15008973, Firmware M256EPALP1_SI_9C_02 Softmask 7 version 2) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 09/10/2001; 11/02/2001; 02/25/2002; 05/09/2003; 09/21/2004; 05/25/2006 |
Overall Level: 2
-Physical Security: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #57); SHA-1 (Cert. #65); RSA (Signature; PKCS #1; vendor affirmed) -Other algorithms: Single-chip"Cyberflex Access 32K with Applets, which incorporates PKI (public key infrastructure) and digital signature technology, serve as highly portable, secure tokens for enhancing the security of network access and ensuring secure electronic communications. Cyberflex Access 32K with Applets has on board Triple DES and RSA algorithms and can provide on board key generation. It is compliant to Java Card V2.1.1 and Open Platform V2.0.1. The Cyberflex Access 32K with Applets smart card is part of a range of highly secure, Java-based smart cards for physical and logical access, e-transactions and other applications. The ActivCard applets add to the smart card platform the following services: cardholder authentication, digital signature, and secure data storage. The external interface provided by the applets is compliant with the smart card interoperability specification defined by the GSA." |
| 164 | Kasten Chase Applied Research, Ltd. 5100 Orbitor Drive Mississauga, Ontario L4W 4Z4 Canada -Cyril Fernandes
|
(Hardware Version 1.5, Firmware Versions P539 and P539.2) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 08/23/2001; 08/01/2003 |
Overall Level: 1
-EMI/EMC: Level 3
-FIPS-approved algorithms: DSA/SHA-1 (Cert. #2); Skipjack (Cert. #2) -Other algorithms: KEA Multi-chip standalone |
| 163 | RSA Security, Inc. 177 Bovet Road Suite 200 San Mateo, CA 94402-3118 USA -Kathy Kriese
|
(Version 5.2.1) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Software | 08/15/2001; 08/27/2001; 01/04/2008 |
Overall Level: 1
-Operating System Security: Tested as meeting Level 1 with Windows 98 (single user mode)
-FIPS-approved algorithms: Triple-DES (Cert. #70); SHA-1 (Cert. #59); DSA (Cert. #49); RSA (ANSI X9.31 and PKCS#1 for Signature; vendor affirmed); ECDSA (vendor affirmed) -Other algorithms: DES (Cert. #131); RSA Encryption; MD; MD5; HMAC SHA-1; HMAC MD5; AES (Rijndael); DESX; RC2; RC4; RC6; Elliptic Curve (F2&Fp); Elliptic Curve Encryption Scheme; Elliptic Curve Diffie-Hellman (key agreement); Bloom-Shamir; Diffie-Hellman (key agreement) Multi-chip standalone"The RSA BSAFE® Crypto-C Module version 5.2.1 is a software development kit that allows software and hardware developers to incorporate encryption technologies directly into their products. It provides a variety of cryptographic services to calling applications that are documented in RSA’s RSA BSAFE® Crypto-C Security Components for C Library Reference Manual. RSA BSAFE® Crypto-C is a C-language API available as a static library, a dynamic library and as source code." |
| 162 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Randy Kun
|
(Hardware P/N 107316, Firmware Versions 5.6.27 and 5.6.28) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 08/15/2001; 08/27/2001; 11/19/2002; 10/18/2004 |
Overall Level: 3
-Self Tests: Level 4
-FIPS-approved algorithms: Triple-DES (Cert. #30); SHA-1 (Cert. #16); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #43); RC4; MD5; HMAC MD5; HMAC SHA-1; RSA Encryption; DSA (non-compliant) Multi-chip embedded"The CryptoSwift HSM is for high-assurance applications requiring a high degree of physical security as well as optimal cryptographic processing performance. With its tamper active design, the evasive measures of the CryptoSwift HSM defeat physical attacks through detection and response to ensure the integrity and confidentiality of keying information. The key management features allow operators to backup or clone keys securely and easily. In addition, strong two-factor authentication is provided for Security Officers and Operators with the CryptoSwift HSM's trusted channel, a USB port with Rainbow Technologies iKey authentication solution." |
| 161 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Randy Kun
|
(Hardware versions (A and 909-23002) and 909-25001; Firmware version 0.6) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 08/03/2001; 09/21/2004; 10/18/2004; 01/11/2007 |
Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: DSA/SHA-1 (Cert. #35); RSA (vendor affirmed) -Other algorithms: DES (Cert. #88); Triple-DES (vendor affirmed, non-compliant); Diffie-Hellman (key agreement) Multi-chip standalone"The iKey 2032 is a powerful and portable two-factor authentication USB device suited for applications demanding high security. The iKey 2032 specifically supports Public Key Infrastructure (PKI) needs by providing on-board cryptographic key generation; secure storage of key pairs and X.509 digital certificates; and performing digital signature signing operations on-board." |
| 160 | Eracom Technologies Group, Eracom Technologies Australia, Pty. Ltd. 28 Greg Chappell Drive Burleigh Heads, QLD 4220 Australia -Gerry Scott
|
(Hardware Version: Revision G, Cprov Firmware Version 1.10) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate Vendor Product Link |
Hardware | 07/27/2001; 10/18/2005 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #63); DSA (Cert. #47); SHA-1 (Cert. #55); RSA (PKCS #1 for Signatures; vendor affirmed) -Other algorithms: DES (Cert. #124); HMAC-SHA-1; RSA; CAST128; IDEA; AES (Rijndael); RC2; RC4; MD2; MD5; Diffie-Hellman (key agreement) Multi-chip embedded"The Eracom CSA8000 Cryptographic Adapter is an intelligent PCI adapter card that provides a wide range of cryptographic functions with dedicated DES/3DES and RSA hardware accelerators. The module implements the PKCS#11 cryptographic API and provides a comprehensive compliance to the PKCS#11 standard as well as vendor specific extensions." |
| 159 | Avaya, Inc. 1500 Buckeye Drive Milpitas, CA 95035 USA -Kevin Johnson
|
(Hardware Version 02, Software Version 3.1.34) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 07/27/2001; 08/02/2002 |
Overall Level: 2
-FIPS-approved algorithms: SHA-1 (Certs. #28 and #52); Triple-DES (Certs. #60 and #61); RSA (vendor affirmed) -Other algorithms: DES (Certs. #44 and #122); MD5; Diffie-Hellman (key agreement) Multi-chip embedded"The VSU™ series of VPN gateways provide high performance ICSA certified IPSec VPN and firewall services for networks of all sizes and complexity. All VSU models are tamper evident network security appliances that cost effectively provide secure authenticated communications over public IP networks, and protect private enterprise networks from attack or intrusion." |
| 158 | Avaya, Inc. 1500 Buckeye Drive Milpitas, CA 95035 USA -Kevin Johnson
|
(Hardware Version 02, Software Version 3.1.34) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 07/27/2001; 08/02/2002 |
Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: SHA-1 (Certs. #28 and #52); Triple-DES (Certs. #60 and #61); RSA (vendor affirmed) -Other algorithms: DES (Certs. #44 and #122); MD5; Diffie-Hellman (key agreement) Multi-chip embedded"The VSU™ series of VPN gateways provide high performance ICSA certified IPSec VPN and firewall services for networks of all sizes and complexity. All VSU models are tamper evident network security appliances that cost effectively provide secure authenticated communications over public IP networks, and protect private enterprise networks from attack or intrusion." |
| 157 | SPYRUS, Inc. 2355 Oakland Road Suite 1 San Jose, CA 95131 USA -Tom Dickens
|
(Firmware Version: SPYCOS 2.01(FUP02), Hardware Version: USB110-FGR) (When operated in FIPS mode and using FIPS Approved algorithms and processes as listed) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 07/17/2001 | Overall Level: 2
-Roles and Services: Level 3 -EMI/EMC: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Skipjack (Cert. #4); DSA (Cert. #31); RSA (vendor affirmed) -Other algorithms: DES (Cert. #78); Triple-DES (Cert #54; non-Compliant); KEA (key exchange) Multi-chip standalone"The Rosetta USB is a low cost cryptographic token ideal for public key operations, key generation, and certificate storage. USB compatibility means simple "plug and play" ease of use. Rosetta USB provides user authentication, digital signatures, and data privacy all in a familiar key-shaped token. With both commercial and government cryptographic algorithms, Rosetta USB supports messaging and authentication requirements at a lower cost of deployment than smart cards or PC cards. Combined with the Rosetta Executive Suite software, Rosetta USB seamlessly plugs into e-mail, browsing, and data security applications." |
| 156 | Hasler, Inc. 19 Forest Parkway Shelton, CT 06484 USA -Richard Rosen
|
(Software Version 1.4.14, Hardware Version 2.0) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 07/12/2001; 06/21/2002 |
Overall Level: 2
-Physical Security: Level 3 +EFP/EFT -EMI/EMC: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #47); DSA/SHA-1 (Cert. #43) -Other algorithms: ElGamal Multi-chip embedded"The SAFE device is dsigned as a single electronic circuit board. The primary objective of the SAFE device is to protect funds and to apply respective access rules." |
| 155 | AEP Networks Focus 31, West Wing Cleveland Road New Hempstead, Herts HP2 7BW United Kingdom -David Miller
|
(Firmware Version v2.1, Hardware Version 2710-G1) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 07/05/2001; 07/18/2001; 07/22/2002; 10/04/2002; 04/21/2005 |
Overall Level: 3
-Physical Security: Level 3 +EFT -Software Security: Level 4 -Self Tests: Level 4 -FIPS-approved algorithms: Triple-DES (Certs. #24 and #25); Triple-DES MAC; DSA/SHA-1 (Cert. #36) -Other algorithms: DES (Certs. #82 and #92); DES MAC; MD5; RSA (PKCS1 and ISO9796); Diffie-Hellman (key agreement) Multi-chip embedded"The ACCE provides highly-secure cryptographic services and key storage. It is used in a range of AEP Networks and OEM products including the SureWare Keyper family." |
| 154 | Blue Ridge Networks 14120 Parke Long Court Chantilly, VA 20151 USA -Tom Gilbert
|
(Version 6.0) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 06/21/2001 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #57 and #58); SHA-1 (Cert. #49 and #50) -Other algorithms: DES (Cert. #119 and #120); NSC-1; IDEA; HMAC (MD5 and SHA-1); RSA; Diffie-Hellman (key agreement) Multi-chip standalone"A network security appliance for the construction of secure Virtual Private Networks between Internet sites, and between Internet sites and individual remote users." |
| 153 | NetScreen Technologies, Inc. 805 11th Avenue Bldg. 3 Sunnyvale, CA 94089 USA -Lee Klarich
|
(Sofware Version 2.6.1, Hardware Revision 4) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate Vendor Product Link |
Hardware | 06/15/2001; 02/13/2003; 06/03/2003 |
Overall Level: 2
-Roles and Services: Level 3 -Key Management: Level 3 -Module Interfaces: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #49 and #50); SHA-1 (Cert. #47); DSA/SHA-1 (Cert. #44) -Other algorithms: DES (Cert. #114 and #115); RC2; RC5; MD5; RSA; HMAC; Diffie-Hellman (key agreement); Blowfish Multi-chip standalone"The NetScreen-100 is a purpose-built Internet security appliance that delivers firewall, VPN and traffic shaping that is optimized for the most demanding environments such as high traffic sites." |
| 152 | Tumbleweed Communications Corp. 700 Saginaw Drive Redwood City, CA 94063 USA -Ken Beer
|
(Version 4.0) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate Vendor Product Link |
Software | 06/13/2001 | Overall Level: 1
-EMI/EMC: Level 3 -Operating System Security: Tested as meeting Level 1 with Windows NT Version 4.0 (single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #40); DSA/SHA-1 (Cert. #18); RSA (vendor affirmed) -Other algorithms: DES (Cert. #46); MD2; MD5; RC2; RC5 Multi-chip standalone"The Tumbleweed Messaging Management System (MMS) is a suite of software products designed to allow organizations to apply content filtering and secure messaging policies on e-mail and Web traffic. All portions of the MMS use a shared set of cryptographic functionality called the MMS Security Kernel. The MMS Security Kernel exposes cryptographic application programming interface (API) calls to the other portions of the MMS." |
| 151 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable
|
(Firmware v2.1, Hardware Rev 3) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 06/04/2001; 07/18/2002; 07/03/2003; 10/19/2004 |
Overall Level: 2
-Physical Security: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Certs. #22 and #56); DSA/SHA-1 (Cert. #5) -Other algorithms: DES (Cert. #109); Diffie-Hellman (key agreement) Multi-chip standalone"The SLE-HSSI secures data over high speed synchronous data links up to 52MHz, encrypting data at the full data rate, and meeting the HSSI industry standard. It contains the cryptographic module, which is the case containing all electronics, excluding the battery & its holder." |
| 150 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales
|
(Firmware versions 4.0 (1.71.11) and 4.0.1 (1.71.91), Hardware versions nC4032W-150 and nC4032W-400) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 05/23/2001; 01/23/2004 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); RSA (vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; Rijndael, ARC FOUR, CAST5; HMAC (MD2, MD5, SHA-1, SHA-192, SHA-256 and RIPEMD160); ElGamal; Diffie-Hellman (key agreement) Multi-chip standalone"The nCipher nShield "SEE Ready" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." |
| 149 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales
|
(Firmware version 3.2, Hardware versions nC3022P-150 and nC3022P-300) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 05/23/2001 | Overall Level: 2
-Cryptographic Module Design: Level 3 -Roles and Services: Level 3* -Key Management: Level 3* -Module Interfaces: Level 3 -Finite State Machine Model: Level 3 -Software Security: Level 3 -Self Tests: Level 3* *(Level 3 is met in these areas when the 'FIPS_level3' flag is set during initialization.) -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); RSA (vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; Rijndael, ARC FOUR, CAST5; HMAC (MD2, MD5, SHA-1, SHA-192, SHA-256 and RIPEMD160); ElGamal; Diffie-Hellman (key agreement) Multi-chip standalone"The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging including X.400/EDI" |
| 148 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales
|
(Firmware versions 4.0 (1.71.11) and 4.0.1 (1.71.91), Hardware versions nC4022W-150 and nC4022W-400) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 05/23/2001; 09/14/2001; 01/23/2004 |
Overall Level: 2
-Cryptographic Module Design: Level 3 -Roles and Services: Level 3* -EMI/EMC: Level 3 -Key Management: Level 3* -Module Interfaces: Level 3 -Finite State Machine Model: Level 3 -Software Security: Level 3 -Self Tests: Level 3* *(Level 3 is met in these areas when the 'FIPS_level3' flag is set during initialization.) -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); RSA (vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; Rijndael, ARC FOUR, CAST5; HMAC (MD2, MD5, SHA-1, SHA-192, SHA-256 and RIPEMD160); ElGamal; Diffie-Hellman (key agreement) Multi-chip standalone"The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." |
| 147 | Attachmate Corporation 424 Wards Corner Road Loveland, OH 45140 USA -Karen M. Patterson
|
(Version 6.7) (For services provided by the FIPS-approved algorithms listed.) Validated to FIPS 140-1 Security PolicyCertificate |
Software | 05/14/2001 | Overall Level: 1
-EMI/EMC: Level 3
-Operating System Security: Tested as meeting Level 1 with Microsoft Windows 95, 98, and NT 4.0 Server SP3 or higher. (single-user mode)
-FIPS-approved algorithms: Triple-DES (vendor affirmed); DSA/SHA-1 (Cert. #18) -Other algorithms: DES (Cert. #46); Multi-chip standalone"CryptoConnect ES is an encryption option that provides encryption of all TCP data between sessions in Attachmate's Extra! Personal Client (TN3270, TN5250 or Telnet) and their respective host systems." |
| 146 | AEP Networks Focus 31, West Wing Cleveland Road New Hempstead, Herts HP2 7BW United Kingdom -David Miller
|
(Firmware Version v2.1, Hardware Version 2640-G3) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 04/23/2001; 07/18/2001; 07/22/2002; 10/04/2002; 04/21/2005 |
Overall Level: 4
-FIPS-approved algorithms: Triple-DES MAC; Triple-DES (Certs. #24 and #25); DSA/SHA-1 (Cert. #36) -Other algorithms: DES (Certs. #82 and #92); DES MAC; RSA (PKCSI and ISO9796); MD5; Diffie-Hellman (key agreement) Multi-chip embedded"The ACCE provides highly-secure cryptographic services and key storage. It is used in a range of AEP Networks and OEM products including the SureWare Keyper family." |
| 145 | SafeNet, Inc. 4690 Millennium Drive Santa Clara, Belcamp 21017 USA -Chris Holland
|
(Firmware v2.1, Hardware Versions 01 and 03) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 04/23/2001; 07/18/2002; 10/18/2004 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #36); DSA/SHA-1 (Cert. #5) -Other algorithms: DES (Cert. #104); Diffie-Hellman (key agreement); MD5 Multi-chip standalone"The Cylink NetHawk is a hardware-based, multiple-chip standalone Virtual Private Network (VPN) device that provides authenticated, encrypted network communications." |
| 144 | SPYRUS, Inc. 2355 Oakland Road Suite 1 San Jose, CA 95131 USA -Tom Dickens
|
(Firmware Version: SPYCOS 2.01(FUP02), Hardware Version: USB110-FBK) (When operated in FIPS mode and using FIPS Approved algorithms and processes as listed) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 04/16/2001; 07/03/2001 |
Overall Level: 2
-Roles and Services: Level 3
-EMI / EMC: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Skipjack (Cert. #4); DSA (Cert. #31); RSA (vendor affirmed) -Other algorithms: DES (Cert. #78); Triple-DES (Cert #54; non-Compliant); KEA (key exchange) Multi-chip standalone"The Rosetta USB is a low cost cryptographic token ideal for public key operations, key generation, and certificate storage. USB compatibility means simple "plug and play" ease of use. Rosetta USB provides user authentication, digital signatures, and data privacy all in a familiar key-shaped token. With both commercial and government cryptographic algorithms, Rosetta USB supports messaging and authentication requirements at a lower cost of deployment than smart cards or PC cards. Combined with the Rosetta Executive Suite software, Rosetta USB seamlessly plugs into e-mail, browsing, and data security applications." |
| 143 | Algorithmic Research Ltd. 10 Nevatim Street Kiryat Matalon Petach Tikva, 49561 Israel -Peleg Atar
|
(Version 3) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Software | 04/16/2001 | Overall Level: 1
-Operating System Security: Tested as meeting Level 1 with Microsoft Windows NT 4.0 Server SP 5.0.
-FIPS-approved algorithms: Triple-DES (Cert. #38); DSA/SHA-1 (Cert. #38) -Other algorithms: DES (Cert.#111); RC4; El-Gamal; MD-5; RSA (ISO9796); Diffie-Hellman (key agreement) Multi-chip standalone"PrivateWire is a software product that enables secure communication between organizations and private users." |
| 142 | Algorithmic Research Ltd. 10 Nevatim Street Kiryat Matalon Petach Tikva, 49561 Israel -Peleg Atar
|
(Version 3) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate Vendor Product Link |
Software | 04/16/2001; 07/15/2003 |
Overall Level: 1
-Operating System Security: Tested as meeting Level 1 with Microsoft Windows NT 4.0 Server SP 5.0.
-FIPS-approved algorithms: Triple-DES (Cert. #38); DSA/SHA-1 (Cert. #33) -Other algorithms: DES (Cert.#111); RC4; El-Gamal; MD-5; RSA (ISO9796); Diffie-Hellman (key agreement) Multi-chip standalone"PrivateWire is a software product that enables secure communication between organizations and private users." |
| 141 | V-ONE Corporation, Inc. 20250 Century Blvd. Suite 300 Germantown, MD 20874 USA -Sales
-Citrix Systems, Inc.
|
(Versions 4.0 and 4.1) Citrix Extranet Client Validated to FIPS 140-1 Security PolicyCertificate Vendor Product Link |
Software | 04/02/2001; 09/14/2001; 10/09/2001; 06/18/2003 |
Overall Level: 1
-Roles and Services: Level 2
-EMI / EMC: Level 3 -Software Security: Level 3 -Operating System Security: Tested as meeting Level 1 with Microsoft Windows98. -FIPS-approved algorithms: SHA-1 (Cert. #10); Triple-DES (Cert. #46) -Other algorithms: DES; MD5 Multi-chip standalone"V-ONE’s SmartPass (client) contains the same software-based cryptographic algorithms (3DES) utilized in all V-ONE products including its SmartGate and SmartGuard family of servers."
"Citrix Systems, Inc. makes SmartPass available under a private label licensing agreement as their Citrix Extranet Client" |
| 140 | Ensuredmail, Inc. 1708 Lovering Avenue Suite 202 Wilmington, DE 19806 USA -Andrew Edelsohn
|
(Software version: 1.0) (The KEK is limited to keys derived from a hash of a six-character password.) Validated to FIPS 140-1 Security PolicyVendor Product Link |
Software | 03/29/2001; 05/20/2003 |
Overall Level: 1
-Operating System Security: Tested as meeting Level 1 with Microsoft Windows 95/98 and Windows 2000 (single-user mode).
-FIPS-approved algorithms: Triple-DES (Cert.#42); SHA-1 (Cert. #44) -Other algorithms: Multi-chip embedded"Turnkey, enterprise software that enables two-way secure e-mail communication, even with attachments, without requiring the recipients to install any software." |
| 139 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable
|
(Firmware v4.05 and v4.06; Hardware Revision 6) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy |
Hardware | 03/14/2001; 05/09/2001; 07/18/2002; 12/04/2003; 10/18/2004 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Certs. #5 and #22); DSA/SHA-1 (Cert. #5) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone"Cylink Frame Encryptors secure sensitive data transmitted over high-speed, Frame Relay communication links." |
| 138 | Novell, Inc. 1800 South Novell Place Provo, UT 84606 USA -Developer Support
|
Controlled Cryptographic Service (CCS) Client, v2.0 (Software version: 2.0) (For services provided by the listed FIPS-approved algorithms) Validated to FIPS 140-1 Security Policy |
Software | 03/14/2001; 01/31/2006 |
Overall Level: 1
-EMI/EMC: Level 3
-Operating System Security: Tested as meeting Level 1 with Microsoft Windows95 and Windows98 (single-user mode).
-FIPS-approved algorithms: Triple-DES (Cert. #35); SHA-1 (Cert. #40); RSA (vendor affirmed) -Other algorithms: DES (Cert. #103); MD2; MD4; MD5; RC2; RC4; RC5; HMAC (MD5, SHA-1); RSA (encryption/decryption); Diffie-Hellman (key agreement) Multi-chip standalone"NICI is Novell's software-based cryptographic infrastructure for Novell products." |
| 137 | Research In Motion Ltd. 295 Phillip Street Waterloo, Ontario N2L 3W8 Canada -Government Certifications Team
|
and BlackBerry 950/957 Cryptographic Kernel (Version 2.1) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy |
Firmware | 03/01/2001; 06/03/2002; 08/24/2005 |
Overall Level: 1
-FIPS-approved algorithms: Triple-DES (Cert. #45); SHA-1 (Cert. #45) -Other algorithms: Multi-chip standalone"The BlackBerry crypto firmware v2.1, common to both the BlackBerry 850/857 and the BlackBerry 950/957, securely compresses and encrypts messages with Triple-DES. Following this procedure, the ciphertext is transmitted over the Internet to the recipient mail server. Upon receiving the message, the mail server decrypts and decompresses the ciphertext back to the original plaintext. The BlackBerry crypto firmware is messaging-system independent." |
| 136 | Fortress Technologies, Inc. 4025 Tampa Road Suite 1111 Oldsmar, FL 34677 USA -Mr. Dennis Joyce
|
(Version 4.0 firmware) (When factory configured in FIPS mode) Validated to FIPS 140-1 Security Policy |
Hardware | 01/18/2001 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert.#19); SHA-1 (Cert.#34) -Other algorithms: DES (Cert.#23); Diffie-Hellman (key agreement); IDEA Multi-chip standalone"The NetFortress® 10 / MAIP is a tamper-resistant network communications security solution that establishes private communications between corporate divisions, branch offices, and mobile users. It integrates seamlessly and economically into any LAN and WAN environment for optimum flexibility and scalability. NetFortress 10’s security feature set includes encryption, data integrity checking, authentication, access control, data compression and firewall capabilities. It is compliant with IPSec." |
| 135 | Neopost Technologies 113, rue Jean-Marin Naudin Bagneux, 92220 France -Thierry Le Jaoudour
|
(Version D) Validated to FIPS 140-1 Security Policy |
Hardware | 01/18/2001; 10/03/2006 |
Overall Level: 3
-FIPS-approved algorithms: DSA/SHA-1 (Cert. #39) -Other algorithms: Multi-chip embedded"The module provides services to a tabletop mailing system designed primarily for the small office/home office environment. Features include manually inserted/removed mail; indicium printed at maximum of 1200 envelopes per hour; internal modem for remote re-crediting; scale interface; Memory Card interface to load slogans, scale rates and class indication; capacity for 10 slogans or advert images; ink jet technology." |
| 134 | PSI Systems, Inc. 247 High Street Palo Alto, CA 94301-1041 USA -Dr. Harry T. Whitehouse
|
(Version 1.01) Validated to FIPS 140-1 Security Policy |
Hardware | 01/18/2001 | Overall Level: 3
-Physical Security: Level 4
-Self Tests: Level 4
-FIPS-approved algorithms: DSA/SHA-1 (Cert. #23); Triple-DES (Cert. #33) -Other algorithms: DES (Cert. #58); RSA Multi-chip embedded"This module provides the services to support high-speed, secure micro-transactions, including the production and verification of United States Postal Service Information-Based Indicia." |
| 133 | Neopost Technologies 113, rue Jean-Marin Naudin Bagneux, 92220 France -Thierry Le Jaoudour
|
(Hardware v. 4101508D; Software v. 6.1) Validated to FIPS 140-1 Security Policy |
Hardware | 01/16/2001; 10/03/2006 |
Overall Level: 2
-Physical Security: Level 3 +EFP/EFT
-FIPS-approved algorithms: SHA-1 (Cert. #41); DSA/SHA-1 (Cert. #42) -Other algorithms: DES (Certs. #106 and #107); Multi-chip embedded"The N18D module is a postage meter supporting accounting and cryptographic functions for secure electronic transactions. Associated to a document transport system and an inkjet print-head, the module is capable of producing up to 180 envelopes per minute." |
| 132 | Neopost Online, Inc. 3400 Bridge Parkway Suite 201 Redwood City, CA 94065 USA -Chandra Shah
|
(Version: 2002, Hardware version A) Validated to FIPS 140-1 Security Policy |
Hardware | 01/16/2001 | Overall Level: 2
-Physical Security: Level 3 +EFP/EFT
-EMI / EMC: Level 3
-FIPS-approved algorithms: DSA/SHA-1 (Cert. #40) -Other algorithms: Multi-chip standalone"The Secure Metering Device / Series 2 (SMD-II) is an electronic device developed by Neopost Online that securely loads, stores, and dispenses revenue. The SMD-II is designed to meet the applicable USPS IBIP specifications for postage meters. The SMD-II attaches to and communicates with the host computer via a serial interface. The revenue is dispensed from the SMD-II to the host computer in the form of a digitally signed indicium, a unique bit pattern that can be determined to have originated from a particular SMD-II at a particular point in time." |
| 131 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable
|
(Firmware versions 1.25, 1.26, 1.31 and 1.33; Hardware Rev. B) Validated to FIPS 140-1 Security Policy |
Hardware | 01/10/2001; 09/14/2001; 05/15/2002; 07/18/2002; 12/04/2003; 10/18/2004 |
Overall Level: 2
-Physical Security: Level 3
-Software Security: Level 3
-FIPS-approved algorithms: Triple-DES (Certs. #21 and #22); DSA/SHA-1 (Cert. #5) -Other algorithms: DES (Certs. #11, #26); Diffie-Hellman (key agreement) Multi-chip standalone"Cylink Link Encryptors secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 2 Mbps over public and private data networks." |