Certificate 2403 - Luna G5 Cryptographic Module
intCertNum 2403
strVendorName SafeNet, Inc.
strURL http://www.safenet-inc.com
strAddress1 20 Colonnade Road, Suite 200
strAddress2
strAddress3
strCity Ottawa
strStateProv ON
strPostalCode K2E 7M6
strCountry K2E 7M6
strContact Security and Certifications Team
strEmail SecurityCertifications@safenet-inc.com
strPhone
strFax
strContact2
strEmail2
strFax2
strPhone2
intCertNum 2403
strModuleName Luna G5 Cryptographic Module
strPartNumber Hardware Versions: LTK-03, Version Code 0102;
LTK-03, Version Code 0103;
Firmware Versions: 6.10.4, 6.10.7 and 6.10.9
memModuleNotes When operated in FIPS mode and initialized to Overall Level 2 per Security Policy
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf]
strPURL
strModuleType Hardware
strValidationDate 08/11/2015;09/04/2015;10/26/2015;01/14/2016;01/22/2016;05/12/2016
intOverallLevel 2
memIndividualLevelNotes -Physical Security: Level 3;-EMI/EMC: Level 3;-Design Assurance: Level 3
strFIPSAlgorithms AES (Certs. #2664 and #2668);
Triple-DES (Certs. #1598 and #1600);
Triple-DES MAC (Triple-DES Certs. #1598 and #1600, vendor affirmed);
DSA (Certs. #804 and #808);
SHS (Certs. #2237 and #2241);
RSA (Certs. #1369 and #1372);
HMAC (Certs. #1655 and #1659);
DRBG (Cert. #428);
ECDSA (Certs. #461 and #464);
KAS (Cert. #44);
KBKDF (Cert. #15)
strOtherAlgorithms DES;
RC2;
RC4;
RC5;
CAST5;
SEED;
ARIA;
MD2;
MD5;
HAS-160;
DES-MAC;
RC2-MAC;
RC5-MAC;
CAST5-MAC;
SSL3-MD5-MAC;
SSL3-SHA1-MAC;
KCDSA;
Diffie-Hellman (key agreement: key establishment methodology provides 112 or 128 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
EC Diffie-Hellman (key agreement: key establishment methodology provides 112 or 128 bits of encryption strength);
HRNG;
AES MAC (AES Cert. #2668;
non-compliant);
AES (Certs. #2664 and #2668, key wrapping;
key establishment methodology provides between 128 and 256 bits of encryption strength);
Triple-DES (Certs. #1598 and #1600, key wrapping;
key establishment methodology provides 112 bits of encryption strength);
GENERIC-SECRET generation (non-compliant);
SSL PRE-MASTER generation (non-compliant);
RSA (non-compliant);
RSA (key wrapping;
key establishment methodology provides between 112 and 152 bits of encryption strength;
non-compliant less than 112 bits of encryption strength)
strConfiguration Multi-chip standalone
memModuleDescription Luna G5 delivers key management in a portable appliance. All key materials are maintained exclusively within the confines of the hardware. The small form-factor and on-board key storage sets the product apart, making it especially attractive to customers who need to physically remove and store the small appliance holding PKI root keys. The appliance directly connects the HSM to the application server via a USB interface.
intModuleCount 1
memAdditionalNotes 09/04/15: Added FW 6.10.7, 6.10.9 and updated the security policy.
updated SP
Added two TELs.
Updated and tested new HW.
strFirstValidtionDate 08/11/15 00:00:00
strLabName EWA
strValidationYear 2015