Certificate 1746 - nShield F3 4000 [1], nShield F3 2000 [2], nShield F3 2000 for NetHSM [3], nShield F3 500 [4] and nShield F3 500 for NetHSM [5]

intCertNum 1746 strVendorName Thales e-Security Inc. strURL http://www.thales-esecurity.com strAddress1 900 South Pine Island Road strAddress2 Suite 710 strAddress3 strCity Plantation strStateProv FL strPostalCode 33324 strCountry 33324 strContact sales@thalesesec.com strEmail sales@thalesesec.com strPhone 888-744-4976 strFax strContact2 strEmail2 strFax2 strPhone2 intCertNum 1746 strModuleName nShield F3 4000 [1], nShield F3 2000 [2], nShield F3 2000 for NetHSM [3], nShield F3 500 [4] and nShield F3 500 for NetHSM [5] strPartNumber Hardware Versions: nC4033P-4K0 [1], nC4033P-2K0 [2], nC4033P-2K0N [3], nC4033P-500 [4] and nC4033P-500N [5], Build Standard N; Firmware Versions: 2.50.16-2, 2.51.10-2, 2.50.35-2 and 2.55.1-2 memModuleNotes When operated in FIPS mode and initialized to Overall Level 2 per Security Policy str140Version 140-2 _sp_ Security Policy   [pdf][html][txt] _cert_ Certificate   [pdf] strPURL http://www.thales-esecurity.com/Products/Hardware Security Modules/nShield Solo.aspx strModuleType Hardware strValidationDate 06/25/2012;03/08/2013;08/16/2013;11/16/2015 intOverallLevel 2 memIndividualLevelNotes -Roles, Services, and Authentication: Level 3;-Physical Security: Level 3 +EFP;-EMI/EMC: Level 3;-Design Assurance: Level 3 strFIPSAlgorithms AES (Cert. #1579); Triple-DES (Certs. #132 and #1035); HMAC (Cert. #925); Triple-DES MAC (Triple-DES Cert. #1035, vendor affirmed); SHS (Cert. #1398); DSA (Cert. #487); ECDSA (Cert. #192); RSA (Cert. #770 and #1092); DRBG (Cert. #72); CVL (Cert. #1) strOtherAlgorithms ARC4; Aria; Camellia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 112 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement: key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement: key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement: key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength) strConfiguration Multi-chip embedded memModuleDescription The nShield modules: nShield F3 4000, nShield F3 2000, nShield F3 2000 for netHSM, nShield F3 500, and nShield F3 500 for netHSM family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed. intModuleCount 1 memAdditionalNotes 03/08/13: added FW 2.51.10-2, fixed HW version error from nC4133P-500 to nC4033P-500 and nC4133P-500N to nC4033P-500N, updated vendor address and updated security policy. 08/16/13: added RSA cert #1092 and updated security policy. Firmware Versions changed from: 2.50.16-2 and 2.51.10-2 TO 2.50.16-2, 2.51.10-2, 2.50.35-2 and 2.55.1-2 strFirstValidtionDate 06/25/12 00:00:00 strLabName CSC strValidationYear 2012