Certificate 1739 - MiniHSM [1], MiniHSM for nShield Edge [2] and MiniHSM for Time Stamp Master Clock [3]
intCertNum 1739
strVendorName Thales e-Security Inc.
strURL http://www.thales-esecurity.com
strAddress1 900 South Pine Island Road
strAddress2 Suite 710
strAddress3
strCity Plantation
strStateProv FL
strPostalCode 33324
strCountry 33324
strContact sales@thalesesec.com
strEmail sales@thalesesec.com
strPhone 888-744-4976
strFax
strContact2
strEmail2
strFax2
strPhone2
intCertNum 1739
strModuleName MiniHSM [1], MiniHSM for nShield Edge [2] and MiniHSM for Time Stamp Master Clock [3]
strPartNumber Hardware Versions: nC4031Z-10 [1], nC4031U-10 [2] and TSMC200 [3], Build Standard N;
Firmware Versions: 2.50.17-3, 2.51.10-3, 2.50.35-3 and 2.55.1-3
memModuleNotes When operated in FIPS mode and initialized to Overall Level 3 per Security Policy
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf]
strPURL
strModuleType Hardware
strValidationDate 06/25/2012;08/16/2013;10/25/2013;10/28/2015
intOverallLevel 3
memIndividualLevelNotes
strFIPSAlgorithms AES (Cert. #1770);
Triple-DES (Cert. #1146);
HMAC (Cert. #1039);
Triple-DES MAC (Triple-DES Cert. #1146, vendor affirmed);
SHS (Cert. #1554);
DSA (Cert. #553);
ECDSA (Cert. #238);
RSA (Cert. #886);
DRBG (Cert. #120);
CVL (Cert. #6)
strOtherAlgorithms ARC4;
Aria;
Camellia;
CAST-6;
DES;
MD5;
SEED;
HMAC-MD5;
HMAC-Tiger;
HMAC-RIPEMD160;
RIPEMD-160;
Tiger;
El-Gamal;
KCDSA;
HAS-160;
AES (Cert. #1579, key wrapping;
key establishment methodology provides between 128 and 256 bits of encryption strength);
Triple-DES (Cert. #1035, key wrapping;
key establishment methodology provides 112 bits of encryption strengh;
non-compliant less than 112 bits of encryption strength);
RSA (key wrapping;
key establishment methodology provides between 112 and 256 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
Diffie-Hellman (CVL Cert. #1, key agreement: key establishment methodology provides between 112 and 256 bits of encryption strengh;
non-compliant less than 112 bits of encryption strength);
EC Diffie-Hellman (CVL Cert. #1, key agreement: key establishment methodology provides between 112 and 256 bits of encryption strengh;
non-compliant less than 112 bits of encryption strength);
ECMQV (key agreement: key establishment methodology provides between 112 and 256 bits of encryption strengh;
non-compliant less than 112 bits of encryption strength)
strConfiguration Multi-chip embedded
memModuleDescription The MiniHSM, MiniHSM for nShield Edge and MiniHSM for Time Stamp Master Clock are fully featured HSMs supplied in a single chip package. The MiniHSM Modules offer all the security and key management features of other nShield modules - but with reduced processing speed. The MiniHSM modules are OEM parts and will be included within other appliances or products, for example switches or routers. The MiniHSM modules have a real time clock which also makes them suitable for use as a time-stamping engine.
intModuleCount 1
memAdditionalNotes 08/16/13: Updated vendor address and updated security policy.
10/25/13: added FW 2.51.10-3 and updated security policy.
Added FW 2.50.35-3 and 2.55.1-3 and updated the SP
strFirstValidtionDate 06/25/12 00:00:00
strLabName CSC
strValidationYear 2012