CR-4056
Document is Uncontrolled When Printed.
Page 15 of 22
Please note that the FW Upgrade Cert is never zeroized because it is a public key. The Default
Administrator Token SO PIN is neve
r zeroized because it's a pre-initialization value. The RNG
Seed is zeroized when a tamper event is detected or overwritten when the module is restarted.
All other CSPs/Keys identified in Table 2-5 are zeroized by a call to C_DestroyObject() API by the
respective role or through a tamper event.
2.6.3 Security Functions
The PSI-E2 supports a wide variety of security functions. FIPS 140-2 requires that only FIPS
Approved algorithms be used whenever there is an applicable FIPS standard.
Table 2-7 lists the PSI-E2 FIPS Approved security functions. In the FIPS mode of operation these
Approved security functions are available.
FIPS Approved Security Function
Firmware
SafeXcel-3120
SafeXcel-1746
AES
Cert. #3118
Cert. #2664
Cert. #1756
DSA
Cert. #902
n/a
n/a
ECDSA
Only NIST Recommended Curves
Cert. #563
n/a
n/a
RSA
Cert. #1589
n/a
n/a
KAS (FFC)
Cert. #51
n/a
n/a
SHA-1 (SIGVER, HASH)
Cert. #2576
n/a
n/a
SHA-224, SHA-256, SHA-384, SHA-512
Cert. #2576
n/a
n/a
HMAC: SHA-224, SHA-256, SHA-384, SHA-512
Cert. #1957
n/a
n/a
Triple-DES
Cert. #1789
n/a
Cert. #1137
Triple-DES MAC (Vendor Affirmed)
n/a
n/a
n/a
DRBG
n/a
Cert. #428
n/a
Table 2-7 FIPS Approved Security Functions
Table 2-8 lists the PSI-E2 Non-Approved but FIPS allowed security functions. In the FIPS mode of operation
these Non-Approved security functions are available.