Certificate 2642 - MiniHSM, MiniHSM for nShield Edge F2, and MiniHSM for Time Stamp Master Clock
intCertNum 2642
strVendorName Thales e-Security Inc.
strURL http://www.thales-esecurity.com
strAddress1 900 South Pine Island Road
strAddress2 Suite 710
strAddress3
strCity Plantation
strStateProv FL
strPostalCode 33324
strCountry 33324
strContact sales@thalesesec.com
strEmail sales@thalesesec.com
strPhone 888-744-4976
strFax
strContact2
strEmail2
strFax2
strPhone2
intCertNum 2642
strModuleName MiniHSM, MiniHSM for nShield Edge F2, and MiniHSM for Time Stamp Master Clock
strPartNumber Hardware Versions: nC4031Z-10, nC3021U-10, and TSMC200, Build Standard N;
Firmware Version: 2.61.1-2
memModuleNotes When operated in FIPS mode and initialized to Overall Level 2 per Security Policy. The protocol TLS shall not be used when operated in FIPS mode
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf]
strPURL
strModuleType Hardware
strValidationDate 05/13/2016
intOverallLevel 2
memIndividualLevelNotes -Roles, Services, and Authentication: Level 3;-Physical Security: Level 3;-EMI/EMC: Level 3;-Design Assurance: Level 3;-Mitigation of Other Attacks: N/A;-Operational Environment: N/A
strFIPSAlgorithms AES (Cert. #3419);
CVL (Cert. #515);
DRBG (Cert. #824);
DSA (Cert. #963);
ECDSA (Cert. #686);
HMAC (Cert. #2177);
KBKDF (Cert. #57);
KTS (AES Cert. #3419;
key establishment methodology provides between 128 and 256 bits of encryption strength);
RSA (Cert. #1751);
SHS (Cert. #2825);
Triple-DES (Cert. #1930);
Triple-DES MAC (Triple-DES Cert. #1930, vendor affirmed)
strOtherAlgorithms ARC4;
Aria;
Camellia;
CAST-256;
DES;
Diffie-Hellman (CVL Cert. #515, key agreement: key establishment methodology provides between 112 and 256 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
EC Diffie-Hellman (CVL Cert. #515, key agreement: key establishment methodology provides between 112 and 256 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
ECMQV (key agreement: key establishment methodology provides between 112 and 256 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
El-Gamal;
HAS-160;
HMAC-MD5;
HMAC-RIPEMD160;
HMAC-Tiger;
KCDSA;
MD5;
NDRNG;
RIPEMD-160;
RSA (encrypt/decrypt);
RSA (key wrapping;
key establishment methodology provides between 112 and 256 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
SEED;
Tiger;
TLS KDF (non-compliant);
Triple-DES (Cert. #1930, key wrapping;
key establishment methodology provides 112 bits of encryption strength;
non-compliant less than 112 bits of encryption strength)
strConfiguration Multi-Chip Embedded
memModuleDescription The MiniHSM, MiniHSM for nShield Edge F2 and MiniHSM for Time Stamp Master Clock are fully featured HSMs supplied in a single chip package. The MiniHSM Modules offer all the security and key management features of other nShield modules - but with reduced processing speed. The MiniHSM modules are OEM parts and will be included within other appliances or products, for example switches or routers. The MiniHSM modules have a real time clock which also makes them suitable for use as a time-stamping engine.
intModuleCount 3
memAdditionalNotes
strFirstValidtionDate 05/13/16 00:00:00
strLabName Computer Sciences
strValidationYear 2016