Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules
1995-1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,
All

*** NOTE: Module descriptions were provided by the vendors, and their contents have not been verified for accuracy by NIST or CSE. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-approved mode. The algorithms, protocols, and cryptographic functions listed as "other algorithms" (non-FIPS-approved algorithms) have not been validated or tested through the CMVP. ***

Questions regarding modules on this list should first be directed to the appropriate vendor.

Cert#	Vendor	Cryptographic Module	Module Type	Val. Date	Level / Description
282	Motorola, Inc. 1301 E. Algonquin Road Schaumburg, IL 60196 USA -Kirk Mathews TEL: 847-576-4101 FAX: 847-538-2770	ASTRO Subscriber Universal Crypto Module (HW P/Ns NTN9801B, NTN9738C, NNTN5032D, NNTN5032G, 0104020J49, 0104020J50, 0104020J51, 0104024J43, 0104024J44, 0104024J45, 0104025J11 and 0104025J12; FW R05.00.13, R05.02.00, R05.02.02, R05.03.00, R05.04.01 and R05.05.01) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Certificate	Hardware	12/20/2002; 05/30/2003; 06/11/2003; 11/26/2003; 12/24/2003; 03/30/2004; 07/27/2004; 01/13/2006; 12/19/2006	Overall Level: 1  -Roles, Services, and Authentication: Level 2 -FIPS-approved algorithms: Triple-DES (Cert. #82); AES (Cert. #2) -Other algorithms: DES (Cert. #151); DES MAC; SHA-1; AES MAC (Cert #2, P25 AES OTAR, vendor affirmed) Multi-chip embedded "Encryption modules used in Motorola ASTRO(TM) family of radios provides secure voice and data capabilities as well as APCO Over-the-Air-Rekeying (OTAR) and advanced key management."
281	V-One Corporation 20250 Century Blvd. Suite 300 Germantown, MD 20874 USA -Chris Brook TEL: 301-515-5242 FAX: 301-515-5280	SmartGate® (Version 4.3) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate Vendor Product Link	Software	12/23/2002; 01/09/2003; 06/18/2003	Overall Level: 1  -Roles and Services: Level 2 -Software Security: Level 3 -Operating System Security: Tested as meeting Level 1 with Red Hat Pro Linux 7.2 and Sun Solaris 8 (Single User Mode) -FIPS-approved algorithms: Triple-DES (Cert. #46); SHA-1 (Cert. #10); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #159); DES MAC (Cert. #159); MD5; RC4; Diffie-Hellman (key agreement) Multi-chip standalone "V-ONE Corporations SmartGate is leading client/server Virtual Private Network (VPN) software that provides enterprise-level security to network-based users for private information and private TCP/IP application services. SmartGate provides encryption, strong user authentication, authorization, management, accounting, key distribution, and proxy capabilities. It consists of server (SmartGate) and client (SmartPass) software."
280	Tricipher, Inc. 1900 Alameda de las Pulgas Suite 112 San Mateo, CA 94403 USA -Tim Renshaw TEL: 650-372-1300	Secure Identity Appliance (Hardware: Dell 2550 Server, Software version 2.5.1) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	12/12/2002; 02/22/2005	Overall Level: 2  -Roles and Services: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #101); SHA-1 (Cert. #90); RSA (PKCS #1, vendor affirmed) -Other algorithms: HMAC-SHA-1 (Cert #90, vendor affirmed); MD5; RSA (encryption) Multi-chip standalone "The SingleSignOn.Net Secure Identity Appliance is a Public Key Infrastructure (PKI) and password authentication solution. It allows for the easy deployment of PKI scalable to large numbers of users and provides an ID/Password system that uses the underlying PKI to provide security and robustness. The Secure Identity Appliance is able to perform public key-based cryptography, including digital signatures and encryption."
279	Control Break International Corporation 2640 Golden Gate Parkway Suite 101 Naples, FL 34105 USA -Simon Hunt TEL: 239-298-7014 FAX: 239-430-1916	SafeBoot Client (Software Version 4.1) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	11/26/2002; 08/18/2006; 08/29/2006; 04/30/2007	Overall Level: 1  -Operating System Security: Tested as meeting Level 1 with Microsoft Windows 95 SR2 (single user mode) -FIPS-approved algorithms: AES (Cert. #21); DSA (Cert. #53); SHA-1 (Cert. #71) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone "SafeBoot is a high performance software solution that provides sector- level encryption of a PC's hard drive in a manner that is totally transparent to the user. In addition, the centralized SafeBoot management system provides robust recovery tools, administration, and implementation."
278	Entrust CygnaCom 7925 Jones Branch Drive Suite 5200 McLean, VA 22102 USA -Gary Moore TEL: 703-270-3572 FAX: 703-848-0960	Entrust CygnaCom IPSec Cryptographic Module (Version 1.0) Validated to FIPS 140-1 Security Policy Certificate	Software	11/07/2002; 08/23/2004	Overall Level: 1  -Operating System Security: Tested as meeting Level 1 with SCO CMW+ V3.0.1 Operating System (single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #91); SHA-1 (Cert. #79); HMAC-SHA-1 (Cert. #79, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone "The Entrust CygnaCom IPSec Cryptographic Module is a software cryptographic module intended to provide secure IPSEC communications between client workstations/laptops and servers. The communications are secured by the use of Triple DES (TDES) running in the Triple Cipher Block Chaining (TCBC) mode of operation to encrypt and the data portion of TCP/IP packets using either the IPSEC ESP-tunneled mode or ESP-transport mode. HMAC SHA-1 is used to authenticate IPSEC message headers and protocol data units."
277	M/A-Com, Inc. 221 Jefferson Ridge Parkway Lynchburg, VA 24501 USA -Stefan Backstom TEL: 434-455-6600 FAX: 434-455-6851	Enhanced Digital Access Communications System (EDACS) Orion System/Scan (AEGIS) Mobile Two-Way FM Radios VHF-L range: 136-153 MHz VHF-M range: 150-174 MHz UHF-L range: 403-440 MHz UHF-M range: 440-470 MHz UHF-H range: 470-512 MHz 800 range: 806-870 MHz (Hardware Versions: (VHF-L [D2GHTXE(110W) D2GMTXE(50W)], VHF-M [D2HHTXE(110W) D2HMTXE(50W)], UHF-L [D2PHTXE(100W) D2PMTXE(40W)], UHF-M [D2UHTXE(110W) D2UMTXE(40W)], UHF-H [D2VHTXE(80W) D2VMTXE(35W)] and 800 [D28MTXE(35W) D28LTXE(12W)]), Software Version: R42A) Revoked DES Transition Ended Security Policy Certificate	Hardware	11/07/2002; 01/16/2003; 03/07/2003; 03/13/2003	Overall Level: 1  -FIPS-approved algorithms: -Other algorithms: DES ( 04/22/94) Multi-chip standalone "The EDACS Orion Mobile with FIPS 140-1 security level 1 validation. Aegis digital voice, conventional and trunked; system and scan front mounting."
276	Securit-e-Doc, Inc. 515 North Flagler Drive Suite 203 West Palm Beach, FL 33401 USA -Robert Barron TEL: 561-833-2303	Securit-e-Doc® SITT CryptoSystem (Version 3.0) Validated to FIPS 140-1 Security Policy Certificate	Software	10/31/2002; 06/10/2004	Overall Level: 1  -Operating System Security: Tested as meeting Level 1 with Windows 2000 (single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #114); SHA-1 (Cert. #99); AES (Cert. #7); Skipjack (Cert. #8) -Other algorithms: N/A Multi-chip standalone "Securit-e-Doc(R) provides secure server-based transmission and storage of files and messages using interactive, Web-enabled interfaces. All components of the Securit-e-Doc system derive their security services from the underlying SITT(R) CryptoSystem. SITT(R), implemented within the Securit-e-Doc application software, provides real-time cryptographic services for symmetric encryption and decryption, random number generation and message digesting."
275	RSA Security, Inc. 177 Bovet Road Suite 200 San Mateo, CA 94402-3118 USA -Kathy Kriese TEL: 650-931-9781	RSA BSAFE® Crypto-J Toolkit Module (Version 3.3.3) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate Vendor Product Link	Software	10/31/2002; 10/01/2004; 01/04/2008	Overall Level: 1  -Operating System Security: Tested as meeting Level 1 with Windows NT SP6 (single user mode), JVM v1.3.1, JRE v1.3.1 -FIPS-approved algorithms: Triple-DES (Cert. #112); DSA (Cert. #63); SHA-1 (Cert. #97); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #168); AES; DESX; RC2; RC4; RC5; RC6; MD2; MD5; HMAC-SHA-1; Diffie-Hellman (key agreement); Base64 Multi-chip standalone "The Crypto-J Module is a Java- language software development kit that allows software and hardware developers to incorporate encryption technologies directly into their products. The tested Crypto-J Module is a Java-language API available as a Java Archive, or JAR, file."
274	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable TEL: 919-462-1900 x212 FAX: 919-462-1933	SafeNet ATM Encryptor (Hardware Versions 4.5, ATM Encryptor Models: 450-016-003/004/005/006/007/008/009, Firmware Version 5.0) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	10/24/2002; 04/16/2003; 10/19/2004	Overall Level: 2  -FIPS-approved algorithms: Triple-DES (Cert. #110); DSA/SHA-1 (Cert. #14); RSA (signature verification: PKCS#1, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone "The SafeNet™ SafeEnterprise™ ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The SafeNet™ SafeEnterprise™ ATM Encryptor can be centrally controlled or managed across multiple remote stations using SafeNet™ SafeEnterprise™ Security Management Center, an SNMP-based security management system."
273	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable TEL: 919-462-1900 x212 FAX: 919-462-1933	SafeNet ATM Encryptor (Hardware Versions 4.0, ATM Encryptor Models: 460-006-001/002/003/004/005/006/007/008/009, Firmware Version 5.0) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	10/24/2002; 04/16/2003; 10/19/2004	Overall Level: 2  -FIPS-approved algorithms: Triple-DES (Cert. #15); DSA/SHA-1 (Cert. #14); RSA (signature verification: PKCS#1, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone "The SafeNet™ SafeEnterprise™ ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The SafeNet™ SafeEnterprise™ ATM Encryptor can be centrally controlled or managed across multiple remote stations using SafeNet™ SafeEnterprise™ Security Management Center, an SNMP-based security management system."
272	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable TEL: 919-462-1900 x212 FAX: 919-462-1933	SafeNet ATM Encryptor (Hardware Versions 3.5 and 3.6, ATM Encryptor Models: 450-004-001/002/003/004/005/006/007 and 450-013-003/004/005/006/007/008/009, Firmware Version 5.0) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	10/24/2002; 04/16/2003; 10/19/2004	Overall Level: 2  -FIPS-approved algorithms: Triple-DES (Cert. #110); DSA/SHA-1 (Cert. #14); RSA (signature verification: PKCS#1, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone "The SafeNet™ SafeEnterprise™ ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The SafeNet™ SafeEnterprise™ ATM Encryptor can be centrally controlled or managed across multiple remote stations using SafeNet™ SafeEnterprise™ Security Management Center, an SNMP-based security management system."
271	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable TEL: 919-462-1900 x212 FAX: 919-462-1933	SafeNet ATM Encryptor (Hardware Versions 3.0 and 3.1, ATM Encryptor Models: 450-002-001/002/003/004/005/006/007 and 450-003-001/002/003/004/005/006/007/008/009, Firmware Version 5.0) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	10/24/2002; 04/16/2003; 10/19/2004	Overall Level: 2  -FIPS-approved algorithms: Triple-DES (Cert. #15); DSA/SHA-1 (Cert. #14); RSA (signature verification: PKCS#1, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone "The SafeNet™ SafeEnterprise™ ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The SafeNet™ SafeEnterprise™ ATM Encryptor can be centrally controlled or managed across multiple remote stations using SafeNet™ SafeEnterprise™ Security Management Center, an SNMP-based security management system."
270	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Randy Kun TEL: 613-723-5077 FAX: 613-723-5078	Luna® DSM (Hardware Versions 1 and 2, Firmware Version 3.98) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	10/18/2002; 10/18/2004	Overall Level: 2  -Software Security: Level 3 -Self Tests: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #73); DSA (Cert. #51); SHA-1(Cert. #64); Triple-DES MAC; RSA (FIPS 186-2, vendor affirmed) -Other algorithms: DES (Cert. #134); DES MAC; RC2; RC4; RC5; CAST; CAST 3; CAST 5; CAST MAC; CAST 3 MAC; CAST 5 MAC; HMAC-SHA-1; MD2; MD5; Diffie-Hellman (key agreement); RSA (Encryption and Decryption) Multi-chip standalone "The Chrysalis-ITS™ Luna® DSM Digital Signature Module is a hardware-based, multiple-chip standalone module in the form of a PC card “token” based on the PCMCIA standard. The LUNA DSM token is a hardware crypto engine for digital signing, identification and authentication and is used in applications that require FIPS Level II key generation, protection and storage for limited numbers of digital keys."
269	Cryptek, Inc. 1501 Moran Road Sterling, VA 20166 USA -Timothy Williams TEL: 571-434-2000 FAX: 571-434-2001	DiamondVPN™ (Software 2.1.4A, 2.1.6 and 2.1.6.1, Hardware 2020, P/N DV100-F) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate Vendor Product Link	Hardware	10/18/2002; 02/25/2003; 10/02/2003; 04/08/2005	Overall Level: 2  -FIPS-approved algorithms: Triple-DES (Cert. #71); SHA-1 (Cert. #63) -Other algorithms: DES (Cert. #132); Diffie-Hellman (key agreement); MD5 Multi-chip standalone "DiamondVPN™ is a rack- mounted network security appliance that can be installed at a LAN edge for a work group or department operating on your enterprise network to enforce a single security profile for traffic outbound from the LAN and access to the LAN from the outside. Unlike traditional VPNs, DiamondVPN™ also offers secure pass-through to networks in which DiamondLink™ protects some users."
268	Cryptek, Inc. 1501 Moran Road Sterling, VA 20166 USA -Timothy Williams TEL: 571-434-2000 FAX: 571-434-2001	DiamondPak™ and DiamondVPN-6™ (Software 2.1.4A, 2.1.6 and 2.1.6.1, Hardware 2020, P/N's DP600-F and DV600-F) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate Vendor Product Link	Hardware	10/18/2002; 02/25/2003; 07/31/2003; 10/02/2003; 04/08/2005	Overall Level: 2  -FIPS-approved algorithms: Triple-DES (Cert. #71); SHA-1 (Cert. #63) -Other algorithms: DES (Cert. #132); Diffie-Hellman (key agreement); MD5 Multi-chip standalone "DiamondPak" is a rack- mounted network appliance for protecting multiple servers with each server protected by a dedicated self-protecting DiamondTEK" security computer enforcing a single security profile. DiamondPak"'s advanced access-control system for protecting critical backend systems is available in configurations to protect 2, 4, or 6 systems. DiamondVPN-6 is a network security appliance for protecting a group of servers or users within an organization with each group protected by a dedicated self-protecting DiamondTEK security computer enforcing a single security profile. DiamondVPN s advanced access control system for protecting critical backend groups is available in a configuration to protect 6 individual groups."
267	Cryptek, Inc. 1501 Moran Road Sterling, VA 20166 USA -Timothy Williams TEL: 571-434-2000 FAX: 571-434-2001	DiamondLink™ (Software 2.1.4A, 2.1.6 and 2.1.6.1, Hardware 2000 and 2010 (fiber), P/N's DL 100-F and DL 100F-F) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate Vendor Product Link	Hardware	10/18/2002; 02/25/2003; 10/02/2003; 04/08/2005	Overall Level: 2  -FIPS-approved algorithms: Triple-DES (Cert. #71); SHA-1 (Cert. #63) -Other algorithms: DES (Cert. #132); Diffie-Hellman (key agreement); MD5 Multi-chip standalone "DiamondLink™ is an external, drop- in network appliance for individual users that features a built- in security computer and authentication card reader in a single device. With its plug-and-play flexibility, DiamondLink™ can be easily extended to other network devices such as printers, fax machines, and networked manufacturing devices."
266	F-Secure Corporation Tammasaarenkatu 7 PL 24 Helsinki, 00180 Finland -Alexey Kirichenko TEL: +358 9 2520 5548	F-Secure Pocket PC Cryptographic Library (Compact Version) (Version 1.1.9) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Certificate	Software	10/18/2002	Overall Level: 1  -EMI/EMC: Level 3 -Self Tests: Level 3 -Operating Environment: Tested as meeting Level 1 with Windows CE 3.0 -FIPS-approved algorithms: AES (Cert. #4); SHA-1 (Cert. #122); HMAC-SHA-1 (Cert. #122, vendor affirmed) -Other algorithms: Multi-chip standalone "The F-Secure Pocket PC Cryptographic Library is a software module, implemented as a 32-bit Windows CE compatible DLL for Pocket PC and Pocket PC 2002 platforms. It provides an assortment of cryptographic services to any client process that attaches an instance of the module DLL. The services are accessible for the client through a C-language Application Program Interface. The cryptographic services are also available in the form of a static library and as source code."
265	F-Secure Corporation Tammasaarenkatu 7 PL 24 Helsinki, 00180 Finland -Alexey Kirichenko TEL: +358 9 2520 5548	F-Secure Pocket PC Cryptographic Library (Full Version) (Version 1.1.7) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Certificate Vendor Product Link	Software	10/18/2002; 07/31/2003	Overall Level: 1  -EMI/EMC: Level 3 -Self Tests: Level 3 -Operating Environment: Tested as meeting Level 1 with Windows CE 3.0 -FIPS-approved algorithms: Triple-DES (Cert. #106); AES (Cert. #4); SHA-1 (Cert. #122); HMAC-SHA-1 (Cert. #122, vendor affirmed) -Other algorithms: DES (Cert. #165); Blowfish; MD5; HMAC-MD5 Multi-chip standalone "The F-Secure Pocket PC Cryptographic Library is a software module, implemented as a 32-bit Windows CE compatible DLL for Pocket PC and Pocket PC 2002 platforms. It provides an assortment of cryptographic services to any client process that attaches an instance of the module DLL. The services are accessible for the client through a C-language Application Program Interface. The cryptographic services are also available in the form of a static library and as source code."
264	Lucent Technologies, Inc. 1600 Osgood St. 20-3E-15 North Andover, MA 01845 USA -Lori Heseltine TEL: 978-960-6827	Access Point 600 with 10/100 Ethernet, HSSI, ATM DS3, ATM OC3/STM-1 MMF, ATM OC3/STM-1 SMF-IR, 4-Port T1/E1, ATM OC3/STM-1 SMF-LR, MSSI, Frame-Based DS3, ISDN S/T, and ISDN U (Hardware Version 4.2 with 10/100 Ethernet (AP-PMC-01/AP-SP-PMC-01), HSSI (AP-PMC-02/AP-SP-PMC-02), ATM DS3 (AP-PMC-03/AP-SP-PMC-03), ATM OC3/STM-1 MMF (AP-PMC-04/AP-SP-PMC-04), ATM OC3/STM-1 SMF-IR (AP-PMC-05/AP-SP-PMC-05), 4-Port T1/E1 (AP-PMC-06/AP-SP-PMC-06), ATM OC3/STM-1 SMF-LR (AP-PMC-07/AP-SP-PMC-07), MSSI (AP-PMC-08/AP-SP-PMC-08), Frame-Based DS3 (AP-PMC-0D/AP-SP-PMC-0D), ISDN S/T (AP-PMC-0S/AP-SP-PMC-0S), and ISDN U (AP-PMC-0U/AP-SP-PMC-0U) Firmware Version V2.6.0.R3.IPSVCS) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	10/11/2002; 11/18/2002	Overall Level: 2  -FIPS-approved algorithms: Triple-DES (Cert. #105); SHA-1 (Cert. #94); DSA (Cert. #59); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #164); MD5; HMAC MD-5; HMAC-SHA-1; Diffie-Hellman (key agreement) Multi-chip standalone "The Access Point 600 is a next-generation, high performance IP services router optimized for service providers wishing to quickly introduce man-aged IP services at mid-size branch and regional enterprise customer premises locations. Access Point 600 is purpose-built to deliver IP services with multi-access routing, Quality of Service (QoS) with Class-Based Queuing (CBQ), secure Virtual Private Networks (VPN), firewall security, and policy management. And the service provider has the advantages of easy deployment to multi-size customer premises locations, and the implementation of flexible management facilities that can be both customer and/or service provider managed."
263	Communication Devices, Inc. #1 Forstmann Court Clifton, NJ 07011 USA -Donald Snook TEL: 973-772-6997 FAX: 973-772-0740	UniGuard-V90 (Hardware Version UG-V90, Firmware Version 7.17.01) Validated to FIPS 140-1 Security Policy Certificate	Hardware	10/11/2002	Overall Level: 2  -Physical Security: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #79); Triple-DES MAC -Other algorithms: DES (Cert. #140); DES MAC Multi-chip standalone "Single port Triple DES encryption modem."
262	Communication Devices, Inc. #1 Forstmann Court Clifton, NJ 07011 USA -Donald Snook TEL: 973-772-6997 FAX: 973-772-0740	UniGuard-V34 (Hardware Version UG-V34, Firmware Version 7.17.01) Validated to FIPS 140-1 Security Policy Certificate	Hardware	10/11/2002	Overall Level: 2  -Physical Security: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #79); Triple-DES MAC -Other algorithms: DES (Cert. #140); DES MAC Multi-chip standalone "Single port Triple DES encryption modem."
261	Pitney Bowes, Inc. 35 Waterview Drive Shelton, CT 06484-8000 USA -Douglas Clark TEL: 203-924-3500 FAX: 203-924-3406	Compliant Meter Postal Security Device (Part number 1A00, Revisions AAA, AAB, AAC, AAD, and AAE.) Validated to FIPS 140-1 Security Policy Certificate	Hardware	10/11/2002; 10/21/2002; 02/20/2003; 03/07/2003	Overall Level: 3  -Physical Security: Level 3 +EFP -FIPS-approved algorithms: Triple-DES (Cert. #98); Triple-DES MAC; DSA (Cert. #58); SHA-1 (Cert. #86); Skipjack (Cert. #6) -Other algorithms: DES; HMAC; RSA (PKCS#1, key exchange, vendor affirmed) Multi-chip standalone "The Pitney Bowes Compliant Meter Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP). It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes IBIP Metering products. The PSD has been designed to support international postal markets and their rapidly evolving requirements for digital indicia."
260	Motorola, Inc. 200 N. Center East Suite 400 Alpharetta, GA 30022 USA -Christopher Yasko TEL: 770-521-5150 FAX: 770-521-8067	Encryption Services Module (Version 5.3) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	10/08/2002	Overall Level: 1  -EMI/EMC: Level 3 -Key Mangement: Level 3 -Software Security: Level 3 -Operating System Security: Tested as meeting Level 1 with Microware OS-9, Version 2.2 (single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #104); SHA-1 (Cert. #92) -Other algorithms: DES ECB (Cert. #163); DES MAC (DES CBC Cert. #188); RC4 Multi-chip embedded "The Encryption Services Module is incorporated into the operating platform software of the Accompli 009 -- the first wireless communications device to incorporate tri-band GSM and GPRS protocols, telephone functionality, Internet access, e- mail, Triple-DES encryption, WAP browser and short message service (SMS) with a full QWERTY keyboard and 256-color screen."
259	Motorola, Inc. 200 North Point Center East Suite 400 Alpharetta, GA 30022 USA -Alfred Adler, Ph.D. TEL: 770-521-5128 FAX: 770-521-8066	Encryption DLL Module (Version 3.0) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	10/08/2002	Overall Level: 1  -EMI/EMC: Level 3 -Key Management: Level 3 -Sofware Security: Level 3 -Operating System Security: Tested as meeting Level 1 with Windows NT 4.0, SP 6 (single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #103); SHA-1 (Cert. #93) -Other algorithms: DES ECB (Cert. #162); DES MAC (DES CBC Cert. #189); RC4 Multi-chip standalone "The Encryption DLL Module is incorporated into the Motorola Messaging Server, an enterprise system for managing data between a corporate e- mail or data base system and a wireless device, and the Motorola MyMail Desktop Plus, a personal application to manage e- mail between the desktop and a wireless device."
258	Tumbleweed Communications Corp. 700 Saginaw Drive Redwood City, CA 94063 USA -Ken Beer TEL: 650-216-2083	Tumbleweed Secure Mail™ Security Kernel (Version 5.0) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	10/08/2002	Overall Level: 1  -Operating System Security: Tested as meeting Level 1 with Windows NT 4.0, SP 6 (single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #70); DSA (Cert. #49); SHA-1 (Cert. #59); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #131); MD2; MD5; RC2; RC5; RSA (key exchange) Multi-chip standalone "The Tumbleweed Secure MailTM Application is a software products designed to allow organizations to apply content filtering and secure messaging policies on email. The Secure MailTM Application uses a shared set of cryptographic functionality called the Secure MailTM Security Kernel. The Secure MailTM Security Kernel exposes cryptographic application programming interface (API) calls to the other portions of Secure MailTM."
257	ActivCard 6623 Dumbarton Circle Fremont, CA 94555 USA -Eric Le Saint TEL: 510-574-0100 FAX: 510-574-0101	ActivCard Applet suite on SchlumbergerSema Cyberflex Access 32K (Hardware PN 15006436, Firmware M256EAPLP1_S1_9C_02, Softmask 7, Version 2) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	09/30/2002	Overall Level: 2  -Physical Security: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #65); SHA-1 (Cert. #57); RSA (PKCS#1 for signaure generation, vendor affirmed) -Other algorithms: Single-chip "The ActivCard Applet suite is based on the SchlumbergerSema Cyberflex Access 32K smart card platform, which is Java Card V2.1.1 and Global Platform V2.0.1 compliant. The applet suite relies on the security offered by Global Platform services to allow secure post-issuance operations, such as applet instantiation, key management and security policy configuration. The external interface provided by the applet suite is compliant with the smart card interoperability specification defined by the GSA."
256	Neopost Technologies 113, rue Jean-Marin Naudin Bagneux, 92220 France -Thierry Le Jaoudour TEL: +33 (0) 1 45 36 30 36	N90i Secure Metering Moddule (SMM) (Hardware 3000099C_FIPS, Software SH1 3800157W, SH2 3800159Y) Validated to FIPS 140-1 Security Policy Certificate	Hardware	09/26/2002; 10/25/2002; 10/03/2006	Overall Level: 3  -Physical Security: Level 3 +EFP/EFT -FIPS-approved algorithms: DSA/SHA (Cert. #39) -Other algorithms: Multi-chip embedded "The module provides services to an office and post room based mailing system. The systems features include hand or auto feed mail processing speeds in excess of 5000 envelopes per hour using Ink jet technology, a moistening option, scale interface, internal modem for remote recrediting and memory card for slogan and rate loading, external printer for reports."
255	Altarus Corporation 607 Herndon Pkwy Suite 200 Herndon, VA 20170 USA -Ludge Olivier TEL: 703-689-2223	Altarus Cryptographic Module (Version 1.0) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	09/20/2002	Overall Level: 1  -EMI/EMC: Level 3 -Software Security: Level 3 -Operating System Security: Tested as meeting Level 1 with MS Windows 2000 Version 5.0 with SP2 -FIPS-approved algorithms: Triple-DES (Cert. #99); SHA-1 (Cert. #88); HMAC-SHA-1 (Cert. #88, vendor affirmed) -Other algorithms: RSA Multi-chip standalone "The Altarus offering provides a premier platform and rapid development tools for creating, extending, and deploying secure enterprise applications to the desktop, mobile devices, or handheld devices"
254	ITT ITT A/CD PO Box 3700 Ft. Wayne, IN 46801-3700 USA -Tom Jewel TEL: 260-451-6000	NEXCOM MDR/MDT Interface Security Card (MMISC) (Software Version 14.FIPS, Hardware Version 8196204-1) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	09/20/2002	Overall Level: 1  -FIPS-approved algorithms: RSA (PKCS#1, vendor affirmed); SHA-1 (Cert. #91) -Other algorithms: Multi-chip embedded "Software hosted on a Single Board Computer that acts as a public key, RSA/SHA-1 - based authentication agent within the FAA's NEXCOM Multi-Mode Digital Radio."
253	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Chris Holland TEL: 410-931-7500 FAX: 410-931-7524	HighAssurance™ 2000 Gateway (HA2000) (Firmware Versions 5.00.17 and 5.00.25, Hardware Versions: 01 and 03) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	09/20/2002; 07/03/2003; 10/19/2004	Overall Level: 2  -FIPS-approved algorithms: Triple-DES (Cert. #36); DSA/SHA-1 (Cert. #5); RSA (PKCS #1, vendor affirmed) -Other algorithms: DES (Cert. #104); DES MAC; HMAC-MD5; HMAC-SHA-1; Diffie-Hellman (key agreement) Multi-chip standalone "The HA2000 is a multi-chip standalone hardware-based, Virtual Private Network (VPN) box that provides authenticated, encrypted network communications. Secure, remote management is provided using the IPSec and SNMPv2 protocols. Custom hardware allows for speed and reliability along with high security and low cost."
252	Novell, Inc 1800 South Novell Place Provo, UT 84606 USA -Developer Support TEL: 801-861-7000	Novell International Cryptographic Infrastructure (NICI) (Version 2.2.1) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	09/20/2002; 01/22/2003; 01/31/2006	Overall Level: 2  -Operating System Security: Tested as meeting Level 2 with Microsoft Windows NT 4.0 with SP6a, TCSEC C2-rated on a Compaq Proliant 7000 Server -FIPS-approved algorithms: Triple-DES (Cert. #35); SHA-1 (Cert. #40); DSA/SHA-1 (Cert. #18); RSA (ANSI X9.31 for signature generation and verification, vendor affirmed) -Other algorithms: DES (Cert. #103); RSA (encryption/decryption); MD2; MD4; MD5; RC2; RC4; RC5; CAST-128; HMAC-MD5; HMAC-SHA-1; Diffie-Hellman (key agreement) Multi-chip standalone "Novell International Cryptographic Infrastructure for Windows"
251	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable TEL: 919-462-1900 x212 FAX: 919-462-1933	SafeEnterprise™ Link Encryptor-T1 (SLE-T1) and SafeEnterprise™ Link Encryptor-E1 120ohms (SLE-E1-120) (Firmware version 1.33, Hardware version: 16284-020-04) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	09/19/2002; 07/03/2003; 10/19/2004	Overall Level: 2  -Physical Security: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Certs. #21 and #22) -Other algorithms: DES (Certs. #11 and #26); Diffie-Hellman (key agreement) Multi-chip standalone "SLEs secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 4 Mbps over public and private data networks."
250	Lucent Technologies, Inc. 1600 Osgood St. 20-3E-15 North Andover, MA 01845 USA -Lori Heseltine TEL: 978-960-6827	Access Point 300-ST, 300-M-ST, 300-2M-ST, 300-2T1E1-ST, 300-M-U, and 300-2T1E1-U (Hardware Versions (300-M-U and 300-2T1E1-U; v1.0) (300-ST; v1.1) (300-ST, 300-M-ST, 300-2M-ST, and 300-2T1E1-ST; v3.0) Firmware Version V2.6.2.R3.IPSVCS) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	09/19/2002; 11/05/2002; 03/17/2003	Overall Level: 1  -Roles and Services: Level 2 -FIPS-approved algorithms: Triple-DES (Cert. #105); SHA-1 (Cert. #94); DSA (Cert. #59); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #164); MD5; HMAC MD-5; HMAC-SHA-1; Diffie-Hellman (key agreement) Multi-chip standalone "The Access Point 300 is a next-generation, high performance IP Services router optimized for service providers wishing to quickly introduce high demand managed IP services at small to medium-sized enterprise customer premises locations."
249	Motorola, Inc. 1301 East Algonquin Road Schaumburg, IL 60196 USA -Kirk Mathews TEL: 847-576-4101 FAX: 847-538-2770	ASTRO Subscriber Encryption Module (NTN8967 and 0105956v67, Firmware Version 3.53) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	09/18/2002	Overall Level: 1  -Roles and Services: Level 2 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #82); AES (Cert. #2) -Other algorithms: DES (Cert. #151); DES-XL; DVI-XL; DVI-SPFL; DVP-XL Multi-chip embedded "Encryption modules used in Motorola Astro(TM) family of radios. Provides secure voice and data capabilities as well as APCO Over-the-Air- Rekeying and dvanced key management."
248	Sun Microsystems Inc. USCA 17-201 4170 Network Circle Santa Clara, CA 95054 USA -Stephen Borcich TEL: 408-276-3964 FAX: 408-276-4952	Network Security Services (Software Version: 3.2.2) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	09/04/2002	Overall Level: 2  -Operating System Security: Tested as meeting Level 2 with Solaris v8.0 with AdminSuite 3.0.1 as specified in UK IT SEC CC Report No. P148 EAL4 on a SUN SPARC Ultra-1 -FIPS-approved algorithms: Triple-DES (Cert. #72); SHA-1 (Cert. #70); DSA (Cert. #52); RSA (PKCS#1. Vendor affirmed) -Other algorithms: DES (Cert. #133); MD2; MD5; RC2; RC4; Diffie-Hellman (key agreement) Multi-chip standalone "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled applications. The Sun Microsystems, Inc., Network Security Services (NSS) module is a library that provides a series of cryptographic services to client programs. It provides support for a FIPS 140-1 compatible subset of SSL and TLS."
247	Sun Microsystems Inc. USCA 17-201 4170 Network Circle Santa Clara, CA 95054 USA -Stephen Borcich TEL: 408-276-3964 FAX: 408-276-4952	Network Security Services (Software Version: 3.2.2) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	08/30/2002; 02/04/2003	Overall Level: 1  -Roles and Services: Level 2 -Operating System Security: Tested as meeting Level 1 with Windows 98 (single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #72); SHA-1 (Cert. #70); DSA (Cert. #52); RSA (PKCS#1. Vendor affirmed) -Other algorithms: DES (Cert. #133); MD2; MD5; RC2; RC4; Diffie-Hellman (key agreement) Multi-chip standalone "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled applications. The Sun Microsystems, Inc., Network Security Services (NSS) module is a library that provides a series of cryptographic services to client programs. It provides support for a FIPS 140-1 compatible subset of SSL and TLS."
246	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable TEL: 919-462-1900 x212 FAX: 919-462-1933	SafeEnterprise™ Link Encryptor NRZ-H (SLE NRZ-H) and SafeEnterprise™ Link Encryptor NRZ-L (SLE NRZ-L) (Firmware Version: 1.33, Hardware Version: 16284-020-04) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	08/30/2002; 07/03/2003; 10/19/2004	Overall Level: 2  -Physical Security: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Certs. #21 and #22); DSA/SHA-1 (Cert. #5) -Other algorithms: DES (Certs. #11 and #26); Diffie-Hellman (key agreement) Multi-chip standalone "SLEs secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 4 Mbps over public and private data networks."
245	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable TEL: 919-462-1900 x212 FAX: 919-462-1933	SafeEnterprise™ Link Encryptor RS-232 (SLE RS-232) and SafeEnterprise™ Link Encryptor-E1 75ohms (SLE-E1-75) (Firmware Version: 1.33, Hardware Versions: 16284-010-04 and 16284-020-04) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	08/30/2002; 07/03/2003; 10/19/2004	Overall Level: 2  -Physical Security: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Certs. #21 and #22); DSA/SHA-1 (Cert. #5) -Other algorithms: DES (Certs. #11 and #26); Diffie-Hellman (key agreement) Multi-chip standalone "SLEs secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 4 Mbps over public and private data networks."
244	3S Group Incorporated 125 Church St. NE Vienna, VA 22180 USA -Satpal S Sahni TEL: 703-281-5015 FAX: 703-281-7816	Type 2 Cryptographic Support Server (T2CSS) ([Hardware Version 1.0, Firmware Version 1.0], [Hardwre Version 1.1 and Firmware Version 1.1] and [Hardware Version 1.2, Firmware Version 1.2]) Validated to FIPS 140-1 Security Policy Certificate	Hardware	08/13/2002; 01/17/2003; 05/01/2007	Overall Level: 2  -EMI/EMC: Level 3 -FIPS-approved algorithms: Skipjack (Cert. #5); Triple-DES (Cert. #88); DSA (Cert. #55); SHA-1 (Cert. #77); RSA (PKCS#1 for signatures, vendor affirmed) -Other algorithms: DES (Cert. # 154); KEA (key exchange) Multi-chip embedded "T2CSS is a multiple cryptoprocessor PCI board and cryptographic server. Provides high assurance security services; secure session/virtual token management; scalable server performance (multiple boards); Government and commercial algorithms; FORTEZZA CI, PKCS #11, other APIs; and Windows NT/2000, Solaris and Linux support."
243	Entrust, Inc. 1000 Innovation Drive Ottawa, Ontario K2K 3E7 Canada -Pierre Boucher TEL: 613-270-2599 FAX: 613-270-2504	Entrust GUTS Security Kernel 6.1 (Version 6.1) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	08/15/2002; 05/27/2003	Overall Level: 2  -Roles and Services: Level 2* -EMI/EMC: Level 3 -Key Management: Level 2* -Operating System Security: Tested as meeting Level 2 with Microsoft Windows NT 4.0 with SP6a, TCSEC C2-rated on a Compaq Proliant 7000 Server *When operated in FIPS mode -FIPS-approved algorithms: AES (Cert. #10); Triple-DES (Cert. #6); DSA/SHA-1 (Cert. #10); RSA (FIPS 186-2 and PKCS #1, vendor affirmed); HMAC-SHA-1 (Cert. #10, vendor affirmed) -Other algorithms: DES (Cert. #56); DES MAC; RC2; RC4; IDEA; MD5; MD2; RIPEMD-160; HMAC-MD5; HMAC-RMD160; CAST; CAST3; CAST5; Diffie-Hellman (key agreement); Ephemeral-Static Diffie-Hellman; ECDSA (non-compliant) Multi-chip standalone "The Kernel is a C++ class library of cryptographic functions bound together by a common object-oriented Application Programming Interface (API). Depending on the configuration and runtime environment of the Kernel, the algorithms may be implemented in software, hardware, or a combination of both. The industry standard Cryptoki API, as described in PKCS #11, is used as the internal interface to hardware-based cryptographic tokens. Decisions are made at runtime whether to perform operations via cryptoki or in software, based on a table that records the crypto capabilities of particular hardware devices. This table is built up at runtime by querying the actual token through Cryptoki."
242	Axalto S.A. 36-38 rue de la Princesse BP 45 78431 Louveciennes, France -Francisco Alcalde TEL: +33 1 3008 4685 FAX: +33 1 3008 4527	Cryptoflex e-Gate 32K Smart Card (Hardware ST19XT34, Firmware Hardmask 01 Version 01, Softmask 05 Version 01 and Hardmask 01 Version 03 and Software 05 Version 02) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	08/01/2002; 08/28/2002; 09/21/2004; 05/16/2006	Overall Level: 2  -EMI/EMC: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #97); SHA-1 (Cert. #80); RSA (PKCS #1, vendor affirmed) -Other algorithms: DES (Cert. #158); Single-chip "The Cryptoflex e-Gate card is a credit-card sized computer with a crypto-processor dedicated to security. Cryptoflex e-Gate card implements security industry functions based on public key cryptography directly onto the card, therefore eliminating the risk of sending secret data across a network. Keys and certificates for a variety of applications are stored in a single secure location, isolated from computer disks, which can fail or damaged and are susceptible to security breaches ad theft. The card provides maximum security and flexibility of system integration thanks to administrative functions such as secure key loading, on-card key generation and ciphering of imported/exported data. The Cryptoflex e- gate card incorporates, apart from the conventional ISO 7816-3 interface, also the USB interface normally resident in the smart card reader. Thus, it bridges the gulf between the public terminal infrastructure (ISO 7816-3) and the PC world (USB)."
241	Microsoft Corporation One Microsoft Way Redmond, WA 98052 USA -Dave Friant TEL: 425-704-7984	Kernel Mode Cryptographic Module for Windows XP (Software Version 5.1.2600.0) (For services provided by the FIPS-approved algorithms listed on the reverse) Validated to FIPS 140-1 Security Policy Certificate	Software	08/01/2002; 10/15/2007	Overall Level: 1  -EMI/EMC: Level 3 -Operating System Security: Tested as meeting Level 1 with Microsoft Windows XP (single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #16); DSA/SHA-1 (Cert. #35); HMAC-SHA-1 (Cert. #35, vendor affirmed) -Other algorithms: DES (Cert. #89) Multi-chip standalone "Microsoft Kernel Mode Cryptographic Module (FIPS.SYS) is a FIPS 140-1 Level 1 compliant, general-purpose, software-based, cryptographic module residing at the Kernel Mode level of the Windows Operating System. It runs as a kernel mode export driver (a kernel-mode DLL) and encapsulates several different cryptographic algorithms in an easy-touse cryptographic module accessible by other kernel mode drivers. It can be linked into other kernel mode services to permit the use of FIPS 140-1 Level 1 compliant cryptography."
240	Microsoft Corporation One Microsoft Way Redmond, WA 98052 USA -Dave Friant TEL: 425-704-7984	DSS/Diffie-Hellman Enhanced Cryptographic Provider for Windows XP (Software Versions 5.1.2518.0 and 5.1.2600.2133) (For services provided by the FIPS-approved algorithms listed on the reverse) Validated to FIPS 140-1 Security Policy Certificate	Software	08/01/2002; 02/25/2005; 10/15/2007	Overall Level: 1  -EMI/EMC: Level 3 -Operating System Security: Tested as meeting Level 1 with Microsoft Windows XP and XP Service Pack 2 (single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #16); DSA/SHA-1 (Cert. #29) -Other algorithms: DES (Cert. #66); RC2; RC4; MD5; DES40; Diffie-Hellman (key agreement) Multi-chip standalone
239	Nortel Networks 80 Central Street Boxboro, MA 01719 USA -Jonathan Lewis TEL: 978-264-7045 x277 FAX: 978-264-7600	Contivity Extranet Switch 600 (Firmware version #3.61.02, Hardware version #600) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	07/24/2002	Overall Level: 2  -FIPS-approved algorithms: Triple-DES (Certs. #29 and #53); SHA-1 (Certs. #28, #31 and #51); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #44, #48 and #101); DES MAC; MD5; HMAC (MD5 and SHA-1); 40-bit DES; RC4 (40-bit and 128-bit); Diffie-Hellman (key agreement) Multi-chip standalone "The Contivity 600 Extranet Switch provides up to 30 branch office or end user IPSEC tunnels with a flexible easy to manage and cost effective package. The Switch provides an optional PCI expansion slot and dual 10/100 LAN ports."
238	Microsoft Corporation One Microsoft Way Redmond, WA 98052-6399 USA -Dave Friant TEL: 425-704-7984	Microsoft Enhanced Cryptographic Provider (Versions 5.1.2518.0, 5.1.2600.1029 and 5.1.2600.2161) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	07/11/2002; 11/18/2002; 02/25/2005; 10/15/2007	Overall Level: 1  -Operating System Security: Tested as meeting Level 1 with Microsoft Windows XP, XP Service Pack 1 and XP Service Pack 2 (single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #81); AES (Cert. #33); SHA-1 (Cert. #83); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. #83, vendor affirmed) -Other algorithms: DES (Cert. #156); RC2; RC4; MD5 Multi-chip standalone "The Microsoft Enhanced Cryptographic Provider (RSAENH) is a FIPS 140-1 Level 1 compliant, general-purpose, software-based, cryptographic module. Like other cryptographic providers that ship with Microsoft Windows XP, RSAENH encapsulates several different cryptographic algorithms (including SHA-1, DES, 3DES, AES, RSA, SHA-1-based HMAC) in an easy-to-use cryptographic module accessible via the Microsoft CryptoAPI. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-1 Level 1 compliant cryptography."
237	F-Secure Corporation Tammasaarenkatu 7 PL 24 Helsinki, 00180 Finland -Alexey Kirichenko TEL: +358 9 2520 5548	F-Secure Kernel Mode Cryptographic Driver (Version 1.1.7) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Certificate Vendor Product Link	Software	07/15/2002; 07/31/2003; 02/09/2007	Overall Level: 1  -Self Tests: Level 3 -Operating Environment : Tested as meeting Level 1 with Windows 2000 (SP2), Windows NT 4.0 (SP6) and Windows XP -FIPS-approved algorithms: Triple-DES (Cert. #106); AES (Cert. #3); SHA-1 (Cert. #84); HMAC-SHA-1 (Cert. #84, vendor affirmed) -Other algorithms: DES (Cert. #165); Blowfish; CAST-128; MD5; HMAC-MD5 Multi-chip standalone "The F-Secure Kernel Mode Cryptographic Driver is a FIPS 140-2 Level 1 validated software module, implemented as a 32-bit Windows NT/2000/XP compatible export driver. When loaded into computing system memory, it resides at the kernel mode level of the Windows OS and provides an assortment of cryptographic services that are accessible by other kernel mode drivers through a C-language Application Program Interface. The cryptographic services are also available in the form of a static library and as source code."
236	Motorola, Inc. 8220 East Roosevelt Street Scottsdale, AZ 85257 USA -Randy Morton TEL: 480-441-4472 FAX: 480-441-3580	Digital Interface Unit Crypto Module (Firmware R01.09.00 / 81, Hardware T6721B) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	07/11/2002	Overall Level: 1  -Roles and Services: Level 2 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #82); AES (Cert. #2) -Other algorithms: DES (Cert. #151); DES-XL; DVI-XL; DVP-XL; HCA Multi-chip embedded "The DIU CM provides secure voice and Over-the-Air-Rekeying (OTAR) advanced key management for Motorola’s Digital Interface Unit (DIU). The DIU and DIU CM combine to provide these cryptographic services for Motorola’s APCO-25 compliant Astro ™ family of console and base station radio infrastructure equipment."
235	AEP Networks Focus 31, West Wing Cleveland Road New Hempstead, Herts HP2 7BW United Kingdom -David Miller TEL: +44 1442 458617	Advanced Configurable Crypto Environment (ACCE) (Firmware Versions 2.2 and 2.3, Hardware 2640-G3) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	07/11/2002; 07/22/2002; 10/04/2002; 06/05/2003; 04/21/2005	Overall Level: 4  -FIPS-approved algorithms: Triple-DES (Certs. #24 and #25); Triple-DES MAC: SHA-1 (Cert. #38); DSA (Cert. #36); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES MAC; MD5; Diffie-Hellman (key agreement); RSA (encryption and decryption); RSA (ISO 9796 and X509) Multi-chip embedded "The AEP Networks Advanced Configurable Crypto Environment (ACCE) provides highly-secure cryptographic services and key storage. It is used in a range of AEP Networks and OEM products including the SureWare Keyper family."
234	Check Point Software Technologies Ltd. 12007 Sunrise Valley Dr. Suite 130 Reston, VA 20191 USA -Check Point Federal TEL: 703-234-0100 x218	VPN-1 Gateway NG FP 1 (NG FP1) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	06/19/2002; 06/28/2002; 02/09/2004; 05/19/2004; 11/17/2005; 01/06/2006	Overall Level: 2  -Operating System Security: Tested as meeting Level 2 with Microsoft Windows NT4.0 with SP6a; TCSEC C2-rated on a Compaq ProLiant 7000 Server -FIPS-approved algorithms: Triple-DES (Cert. #80); SHA-1 (Cert. #69); RSA (PKCS #1, vendor affirmed); HMAC-SHA-1 (Cert. #69, vendor affirmed) -Other algorithms: DES (Cert. #142); Diffie-Hellman (key agreement); AES; CAST; MD5; HMAC-MD5; FWZ; FWZ1 Multi-chip standalone "Check Point VPN-1 Gateway Next Generation (NG) is a tightly integrated software solution combining the FireWall-1® security suite with sophisticated VPN technologies. With Check Point’s Secure Virtual Network architecture, VPN-1 Gateway NG meets the demanding requirements of Internet, intranet, and extranet VPNs by providing secure connectivity to corporate networks, remote and mobile users, satellite offices, and key partners."
233	Entrust, Inc. 1000 Innovation Drive Ottawa, Ontario K2K 3E7 Canada -Pierre Boucher TEL: 613-270-2599 FAX: 613-270-2504	Entrust TruePass Applet Cryptographic Module (Version 6.0) (When operated in FIPS mode with FIPS validated browser services operating in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	06/19/2002; 06/28/2002; 07/18/2002	Overall Level: 1  -Operating System Security: Tested as meeting Level 1 with Windows NT4.0 (SP3); Windows 95/98; Windows 2000 (SP2) and Netscape 4.72 (Cert. #47) or Microsoft IE 5.5 (Cert. #103) (operated in single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #69); SHA-1 (Cert. #60); RSA (PKCS #1; vendor affirmed) -Other algorithms: DES (Cert. #130); CAST 128 Multi-chip standalone "The module performs low level cryptographic operations – encryption, decryption and hashes – implemented in software using the high-level Java programming language. Currently, the module is imbedded into an applet as part of the TruePass product suite that allows integration of cryptographic security into web applications."
232	Sigaba Corporation 1875 South Grant Road Suite 500 San Mateo, CA 94402 USA -Sayan Chakraborty TEL: 650-572-6117 FAX: 650-572-6101	Sigaba Gateway (Software version 3.0.20-FIPS) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	06/19/2002; 07/18/2002	Overall Level: 1  -Operating System Security: Tested as meeting Level 1 with Microsoft Windows NT4 SP6 (single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #94); SHA-1 (Cert. #78); DSS (Cert. #56); HMAC-SHA-1 (Cert. #78, vendor affirmed) -Other algorithms: AES; MD5; Diffie-Hellman (key agreement) Multi-chip standalone "Sigaba Gateway ensures the confidentiality, integrity and authenticity of all email sent over the Internet. Sigaba Gateway resides between an organization's email server and firewall. It encrypts outbound messages and decrypts inbound messages based on organization-defined policies. It uses a key server to retrieve a unique key to individually encrypt each outgoing message and decrypt each incoming message. The Sigaba Gateway works with any authentication mechanism."
231	Fortress Technologies, Inc. 4025 Tampa Road Suite 1111 Oldsmar, FL 34677 USA -Dennis Joyce TEL: 813-288-7388	AirFortress Wireless Security Gateway Cryptographic Module (Versions 2.0 and 2.1) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	06/19/2002; 07/26/2002	Overall Level: 1  -Roles and Services: Level 2 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #19); SHA-1 (Cert. #34); HMAC-SHA-1 (Cert. #34, vendor affirmed); AES (Cert. #14) -Other algorithms: DES (Cert. #23); Diffie-Hellman (key agreement); IDEA Multi-chip standalone "The AirFortress™ Wireless Security Gateway is an electronic encryption module that enforces network access rights and encrypts and decrypts communication across a WLAN. Installed by the vendor onto a production-quality hardware platform and deployable on any LAN or WAN, the AF Gateway provides encryption, data integrity checking, authentication, access control, and data compression."
230	Motorola, Inc 1301 E Algonquin Road Schaumburg, IL 60196 USA -Arun Victor TEL: 847-538-5221 FAX: 847-538-2770	KVL 3000 Plus (Hardware Version 8482867Y02 rev. B, Software Version R3.51.06) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	06/19/2002	Overall Level: 1  -FIPS-approved algorithms: Triple-DES (Cert. #82); AES (Cert. #2) -Other algorithms: DES (Cert. #151); DES-XL; DVI-XL; DVP-XL; DVI-SPEL Multi-chip standalone "The KVL 3000 Plus is a portable key distribution device. Encryption keys can be loaded into the KVL manually through its keypad interface or transferred from a Key Management Facility through its serial interface. These keys can then be distributed to various secure communications equipment such as mobile and portable radios, base stations, zone controllers, data controllers, and other fixed network devices. The KVL also includes a PCMCIA interface for software upgrades. This version of the product supports AES in addition to other FIPS approved algorithms."
229	Motorola, Inc 1301 E Algonquin Road Schaumburg, IL 60196 USA -Arun Victor TEL: 847-538-5221 FAX: 847-538-2770	KVL 3000 Plus (Hardware Version 8482867Y02 rev. B, Software Version R3.51.01) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	06/19/2002	Overall Level: 1  -FIPS-approved algorithms: Triple-DES (Cert. #82) -Other algorithms: DES (Cert. #151); DES-XL; DVI-XL; DVP-XL; DVI-SPEL Multi-chip standalone "The KVL 3000 Plus is a portable key distribution device. Encryption keys can be loaded into the KVL manually through its keypad interface or transferred from a Key Management Facility through its serial interface. These keys can then be distributed to various secure communications equipment such as mobile and portable radios, base stations, zone controllers, data controllers, and other fixed network devices. The KVL also includes a PCMCIA interface for software upgrades."
228	nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales TEL: 800-NCIPHER FAX: 781-994-4001	nForce 400 SCSI and nForce 150 SCSI (Firmware version 1.77.100; Hardware versions nC3022W-400 and nC3022W-150, Build standard D) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	06/05/2002; 07/22/2002; 01/23/2004; 03/09/2006; 03/15/2006	Overall Level: 2  -Roles and Services: Level 3* -Key Management: Level 3* -Module Interfaces: Level 3 -Software Security: Level 3 -Self Tests: Level 3 *When operated in FIPS mode -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent Multi-chip standalone "The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging."
227	nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales TEL: 800-NCIPHER FAX: 781-994-4001	nForce 300 PCI and nForce 150 PCI (Firmware version 1.77.100; Hardware versions nC3022P-300 and nC3022P-150, Build standard E) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	06/05/2002; 07/22/2002; 01/23/2004; 03/09/2006; 03/15/2006	Overall Level: 2  -Roles and Services: Level 3* -Physical Security: Level 3 -Key Management: Level 3* -Module Interfaces: Level 3 -Software Security: Level 3 -Self Tests: Level 3 *When operated in FIPS mode -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent Multi-chip standalone "The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging."
226	nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales TEL: 800-NCIPHER FAX: 781-994-4001	nForce 300 SCSI, nForce 150 SCSI and nForce 75 SCSI (Firmware version 1.77.100; Hardware versions nC3021S-300, nC3021S-150 and nC3021S-75, Build standard E) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	06/05/2002; 07/22/2002; 03/09/2006; 03/15/2006	Overall Level: 2  -Roles and Services: Level 3* -Key Management: Level 3* -Module Interfaces: Level 3 -Software Security: Level 3 -Self Tests: Level 3 *When operated in FIPS mode -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent Multi-chip standalone "The nCipher nForce SSL family of secure e-commerce accelerators improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging."
225	nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales TEL: 800-NCIPHER FAX: 781-994-4001	nShield 300 SCSI, nShield 150 SCSI and nShield 75 SCSI (Firmware version 1.77.100; Hardware versions nC3031S-300, nC3031S-150 and nC3031S-75, Build standard E) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	06/05/2002; 07/22/2002; 03/09/2006; 03/15/2006	Overall Level: 3  -Roles and Services: Level 3* -Key Management: Level 3* *When operated in FIPS mode -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent Multi-chip standalone "The nCipher nShield range of tamper resistant Hardware Security Modules improves the security of cryptographic keys and increases server throughput for digital signature and encryption applications. Supporting many commercial public key infrastructure (PKI) products such as certificate authorities and on-line validation servers, the nShield family of HSMs is also used for building custom security applications requiring secure and flexible key management."
224	nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales TEL: 800-NCIPHER FAX: 781-994-4001	nShield F2 PCI and nShield F2 Ultrasign PCI (Firmware version 1.77.100; Hardware versions nC4022P-300 and nC4022P-150, Build standard E) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	06/05/2002; 07/22/2002; 01/23/2004; 03/09/2006; 03/15/2006	Overall Level: 2  -Roles and Services: Level 3* -Physical Security: Level 3 -Key Management: Level 3* -Module Interfaces: Level 3 -Software Security: Level 3 -Self Tests: Level 3 *When operated in FIPS mode -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent Multi-chip standalone "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions."
223	nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales TEL: 800-NCIPHER FAX: 781-994-4001	nShield F2 SCSI and nShield F2 Ultrasign SCSI (Firmware version 1.77.100; Hardware versions nC4022W-400 and nC4022W-150, Build standard D) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	06/05/2002; 07/22/2002; 01/23/2004; 03/09/2006; 03/15/2006	Overall Level: 2  -Roles and Services: Level 3* -Key Management: Level 3* -Module Interfaces: Level 3 -Software Security: Level 3 -Self Tests: Level 3 *When operated in FIPS mode -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent Multi-chip standalone "The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions."
222	nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales TEL: 800-NCIPHER FAX: 781-994-4001	nShield F3 PCI and nShield F3 Ultrasign PCI (Firmware version 1.77.100; Hardware versions nC4032P-300 and nC4032P-150, Build standard E) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	06/05/2002; 07/22/2002; 01/23/2004; 03/09/2006; 03/15/2006	Overall Level: 3  -Roles and Services: Level 3* -Key Management: Level 3* *When operated in FIPS mode -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent Multi-chip standalone "The nCipher nShield "SEE Ready" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions."
221	nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -Sales TEL: 800-NCIPHER FAX: 781-994-4001	nShield F3 SCSI, nShield F3 Ultrasign SCSI and payShield (Firmware version 1.77.100; Hardware versions nC4032W-400 and nC4032W-150, Build standard D) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	06/05/2002; 07/22/2002; 10/04/2002; 01/23/2004; 03/09/2006; 03/15/2006	Overall Level: 3  -Roles and Services: Level 3* -Key Management: Level 3* *When operated in FIPS mode -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC; DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC; AES; ARC FOUR; CAST5; CAST6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD160); MD2; MD5; SHA-256; SHA-384; SHA-512; RIPEMD 160; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent Multi-chip standalone "The nCipher nShield "SEE Ready" range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions. payShield meets the stringent security requirements of the online payments industry and speeds up cryptographic processing through its secure, tamper resistant hardware and dedicated cryptographic processors. In addition to generic cryptographic functions, payShield supports a number of payments specific protocols and functions which provide support for 3-D Secure, EMV and PIN processing."
220	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Randy Kun TEL: 613-723-5077 FAX: 613-723-5078	Luna® XPplus (Hardware Versions: 1 and 2, Firmware Version 3.97) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	05/28/2002; 10/18/2004	Overall Level: 3  -FIPS-approved algorithms: Triple-DES (Cert. #73); DSA (Cert. #51); SHA-1 (Cert. #64); Triple-DES MAC; RSA (ANSI X9.31, vendor affirmed) -Other algorithms: DES (Cert. #134); DES MAC; RC2; RC4; RC5; CAST; CAST3; CAST5; CAST MAC; CAST 3 MAC; CAST 5 MAC; MD2; MD5; Diffie-Hellman (key agreement); RSA (Encryption/Decryption); Multi-chip standalone "Luna XPplus, Luna XL/XLR and XL/XLR Premium are cryptographic modules based on a board that is equivalent to two Luna CA3 tokens with hardware cryptographic acceleration support. The XL/XLR is configured as a Level 2 stand-alone module. The XPplus and XL/XLR Premium operate as subordinate devices in conjunction with a Luna CA3 token. Each module can support all cryptographic algorithms listed in Appendix A of the Luna XPplus, XL/XLR and XL/XLR Premium Security Policy."
219	Oberthur Card Systems 4250 Pleasant Valley Road Chantilly, VA 20151 USA -Antoine Kelman TEL: 703-263-0100 FAX: 703-263-7134	CosmopollC V4 Smart Card with ActivCard Applets (Hardware Version: CosmpollC V4, Software Configurations CAC01-D904 and CAC02-D906) (Certificate 219a supersedes and replaces Certificate 219) Validated to FIPS 140-1 Security Policy Certificate	Hardware	05/28/2002; 12/12/2002; 12/20/2002; 02/27/2004; 03/30/2004; 09/23/2005	Overall Level: 2  -Software Security: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #87); SHA-1 (Cert. #75); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #148); Single-chip "The Oberthur Card Systems CosmopolIC product is a highly secure and powerful multi-application Java Card platform for smart card. With a better management of memory (ROM and EEPROM), it offers more space for the development of e-commerce, m-commerce, payment (Debit/ Credit), network access, pay-TV, loyalty and many other applications including WAP."
218	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Randy Kun TEL: 613-723-5077 FAX: 613-723-5078	Luna® XLR Premium (Hardware Versions: LXL-002-101 and LXL-003-001, Firmware Version 3.96) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	04/30/2002; 10/18/2004	Overall Level: 3  -FIPS-approved algorithms: Triple-DES (Cert. #73); DSA (Cert. #51); SHA-1 (Cert. #64); Triple-DES MAC; RSA (FIPS 186-2, vendor affirmed) -Other algorithms: DES (Cert. #134); DES MAC; RC2; RC4; RC5; CAST; CAST3; CAST5; CAST MAC; CAST 3 MAC; CAST 5 MAC; MD2; MD5; Diffie-Hellman (key agreement); RSA (Encryption/Decryption); Multi-chip standalone "Luna® XLR Premium provides high-performance hardware-based key management and cryptographic acceleration for secure web servers, e-commerce servers and Internet-based financial systems in a 1U Rack-mount form factor. Combining the Luna® XLR with the proven Luna® CA3 cryptographic token, the Luna® XLR Premium offers the ultimate security solution for SSL transaction processing, based on the key management strength of the Luna® cryptographic engine and, at the same time, offers easily scalable improvement in system performance."
217	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Randy Kun TEL: 613-723-5077 FAX: 613-723-5078	Luna® XLR (Hardware Versions: LXL-002-101 and LXL-003-001, Firmware Version 3.96) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	04/30/2002; 10/18/2004	Overall Level: 2  -Physical Security: Level 3 -EMI/EMC: Level 3 -Software Security: Level 3 -Self Tests: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #73); DSA (Cert. #51); SHA-1 (Cert. #64); Triple-DES MAC; RSA (FIPS 186-2, vendor affirmed) -Other algorithms: DES (Cert. #134); DES MAC; RC2; RC4; RC5; CAST; CAST3; CAST5; CAST MAC; CAST 3 MAC; CAST 5 MAC; MD2; MD5; Diffie-Hellman (key agreement); RSA (Encryption/Decryption); Multi-chip standalone "Luna® XLR provides high-performance hardware-based key management and cryptographic acceleration for secure web servers, e-commerce servers and Internet-based financial systems in a 1U Rack-mount form factor. Luna® XLR offers a highly secure solution for SSL transaction processing, based on the key management strength of the Luna® cryptographic engine and, at the same time, offers easily scalable improvement in system performance."
216	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Randy Kun TEL: 613-723-5077 FAX: 613-723-5078	Luna® XL Premium (Hardware Version: LXP-002-101, Firmware Version 3.96) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	04/30/2002; 10/18/2004	Overall Level: 3  -FIPS-approved algorithms: Triple-DES (Cert. #73); DSA (Cert. #51); SHA-1 (Cert. #64); Triple-DES MAC; RSA (FIPS 186-2, vendor affirmed) -Other algorithms: DES (Cert. #134); DES MAC; RC2; RC4; RC5; CAST; CAST3; CAST5; CAST MAC; CAST 3 MAC; CAST 5 MAC; MD2; MD5; Diffie-Hellman (key agreement); RSA (Encryption/Decryption); Multi-chip standalone "Luna® XL Premium provides high-performance hardware-based key management and cryptographic acceleration for secure web servers, e-commerce servers and Internet-based financial systems in a desktop form factor. Combining the Luna® XL with the proven Luna® CA3 cryptographic token, the Luna® XL Premium offers the ultimate security solution for SSL transaction processing, based on the key management strength of the Luna® cryptographic engine and, at the same time, offers easily scalable improvement in system performance."
215	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Randy Kun TEL: 613-723-5077 FAX: 613-723-5078	Luna® XL (Hardware Version: LXP-002-101, Firmware Version 3.96) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	04/30/2002; 10/18/2004	Overall Level: 2  -Physical Security: Level 3 -EMI/EMC: Level 3 -Software Security: Level 3 -Self Tests: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #73); DSA (Cert. #51); SHA-1 (Cert. #64); Triple-DES MAC; RSA (FIPS 186-2, vendor affirmed) -Other algorithms: DES (Cert. #134); DES MAC; RC2; RC4; RC5; CAST; CAST3; CAST5; CAST MAC; CAST 3 MAC; CAST 5 MAC; MD2; MD5; Diffie-Hellman (key agreement); RSA (Encryption/Decryption); Multi-chip standalone "Luna® XL provides high-performance hardware-based key management and cryptographic acceleration for secure web servers, e-commerce servers and Internet-based financial systems. Luna® XL offers a highly secure solution for SSL transaction processing, based on the key management strength of the Luna® cryptographic engine and, at the same time, improves system performance."
214	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Randy Kun TEL: 613-723-5077 FAX: 613-723-5078	Luna® CA³ (Hardware Versions: 1 and 2, Firmware Versions 3.97 and 3.102) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	04/30/2002; 04/05/2004; 10/18/2004	Overall Level: 3  -FIPS-approved algorithms: Triple-DES (Cert. #73); DSA (Cert. #13); SHA-1 (Cert. #64); Triple-DES MAC; RSA (ANSI X9.31, vendor affirmed) -Other algorithms: DES (Cert. #32); DES MAC; RC2; RC4; RC5; CAST; CAST3; CAST5; CAST MAC; CAST 3 MAC; CAST 5 MAC; MD2; MD5; Diffie-Hellman (key agreement); RSA (Encryption/Decryption); Multi-chip standalone "The Luna® CA³ token securely stores data and keying material inside its cryptographic boundary. It also performs cryptographic operations on data provided by external applications using the keying material stored in the token. These abilities are defined as key management, object management, and cryptographic capability."
213	Cryptek, Inc. 1501 Moran Road Sterling, VA 20166 USA -Timothy Williams TEL: 571-434-2000 FAX: 572-434-2001	DiamondPak (Part Number DP600, Hardware Version 2020, Software Versions 2.1.3, 2.1.4, 2.1.4A, 2.1.6 and 2.1.6.1) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	04/16/2002; 04/16/2002; 08/08/2002; 02/25/2003; 04/08/2005	Overall Level: 1  -Roles and Services: Level 2 -FIPS-approved algorithms: Triple-DES (Cert. #71); SHA-1 (Cert. #63) -Other algorithms: DES (Cert. #132); Diffie-Hellman (key agreement); MD5 Multi-chip standalone "DiamondPak™ is a rack-mounted network appliance for protecting multiple servers with each server protected by a dedicated self-protecting DiamondTEK™ security computer enforcing a single security profile."
212	Gemplus Corp. and ActivCard Inc. Avenue du Pic de Bretagne BP 100 Gémenos Cedex, 13881 France -Lus Astier TEL: +33 (0) 4 42 36 5000 -Eric Le Saint TEL: 510-745-0100 x6211	Gemplus GemXpresso Pro E64 PK - FIPS ICC with ActivCard Applet Suite (Hardware Version GP92, Software Versions GXP3-FIPS, GXP3-FIPS EI15, GXP3-FIPS EI15 with single ATR, and GXP3-FIPS EI19 with new ATR and fast ATR) Validated to FIPS 140-1 Security Policy Certificate Vendor Product Link	Hardware	04/10/2002; 07/26/2002; 07/15/2003; 10/30/2003; 01/19/2005	Overall Level: 2  -Physical Security: Level 3 -EMI/EMC: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #95); SHA-1 (Cert. #82); RSA (PKCS#1; vendor affirmed) -Other algorithms: DES (Cert. #155); Single-chip "The “GemXpresso Pro E64 PK – FIPS ICC with ActivCard Applet Suite” is based on a Gemplus Open OS Smart Card with 64K of EEPROM, and on platform-independent cryptographic applets developed by ActivCard. The card and applets provide authentication and digital signature cryptographic services to end-users."
211	Cisco Systems, Inc. 7025-6 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Chris Romeo TEL: 919-392-0512	VPN 3002-8E and VPN 3002 Hardware Client (Hardware Models 3002-8E and 3002; Firmware version: 3.1 FIPS) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	03/26/2002; 04/05/2002; 06/10/2002; 01/10/2003; 05/24/2005	Overall Level: 2  -EMI/EMC: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. 86); DSA (Cert. #54); SHA-1 (Cert. #73); HMAC/SHA-1 (Cert. #73; vendor affirmed); RSA (PKCS#1; vendor affirmed) -Other algorithms: DES (Cert. #147); MD5; HMAC/MD5; RC4; Diffie-Hellman (key agreement) Multi-chip standalone "The Cisco VPN 3002-8E Hardware Client is a small hardware appliance that operates as a client in Virtual Private Networking (VPN) environments. It combines the best features of a software client, including scalability and easy deployment, with the stability and independence of a hardware platform."
210	Cisco Systems, Inc. 7025-6 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Chris Romeo TEL: 919-392-0512	VPN 3000 Concentrator Series (Hardware models: 3005, 3015, 3030, 3060, 3080, Firmware version: 3.1 FIPS) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	03/26/2002; 01/10/2003; 05/24/2005	Overall Level: 2  -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Certs. #32 and #86); DSA/SHA-1 (Cert. #38); DSA (Cert. #54); SHA-1 (Cert. #73); RSA (PKCS#1; vendor affirmed); HMAC SHA-1 (Cert. #73; vendor affirmed) -Other algorithms: DES (Certs. #100 and #147); MD5; HMAC/MD5; RC4; Diffie-Hellman (key agreement) Multi-chip standalone "The Cisco VPN 3000 Concentrator Series is a family of purpose-built, remote access Virtual Private Network (VPN) platforms and client software that incorporates high availability, high performance and scalability with the most advanced encryption and authentication techniques available today."
209	WinMagic Incorporated 200 Matheson Blvd W. Suite 201 Mississauga, Ontario L5R 3L7 Canada -Thi Nguyen-Huu TEL: 905-502-7000	SecureDoc® Cryptographic Engine (Version 3.2) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	03/26/2002; 04/04/2002; 05/08/2002; 07/02/2007	Overall Level: 2  -Roles and Services: Level 3 -Operating System Security: Tested as meeting Level 2 with Microsoft Windows NT 4.0 with SP6a, TCSEC C2-rated on a Compaq Professional Workstation 5100 -FIPS-approved algorithms: Triple-DES (Cert. #7); SHA-1 (Cert. #76); AES (Cert. #1); Triple-DES MAC -Other algorithms: DES (Cert. #87); DES MAC; RIPEMD 160; AES MAC Multi-chip standalone "SecureDoc® Cryptographic kernel used in all of WinMagic’s SecureDoc® cryptographic products including the Disk Encryption application and the Central Database administration facility."
208	Pointsec Mobile Technologies 1333 N. California Blvd. Suite 445 Walnut Creek, CA 94596 USA -Mikel Draghici TEL: 732-416-1313 FAX: 732-416-1370	Pointsec 4.1 (Software version 4.1) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Software	03/21/2002; 03/28/2002; 06/18/2003	Overall Level: 1  -Operating System Security: Tested as meeting Level 1 with Microsoft Windows 2000, Windows 95 and NT Server/Workstation 4.0 (SP6a) -FIPS-approved algorithms: Triple-DES (Cert. #85) -Other algorithms: DES (Cert. #146); BLOWFISH; AES; CAST Multi-chip standalone "Pointsec version 4.1 employs hard disk encryption to guarantee that no users can access or manipulate information on an encrypted device, either from available files, erased files, or temporary files. Pointsec version 4.1 safeguards the operating system and the important system files (which often contain clues to passwords for Windows), shared devices, and the network."
207	Motorola, Inc. 8220 E. Roosevelt St. Scottsdale, AZ 85257 USA -Randy Morton TEL: 480-441-4472 FAX: 480-441-3580	Key Management Facility Crypto Card (KMF CC) (Hardware Issue O, Software Version R01.06) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	03/01/2002	Overall Level: 1  -EMI/EMC: Level 3 -Software Security: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #82) -Other algorithms: DES (Cert. #151); DES-XL; DVI-XL; DVP-XL; HCA Multi-chip embedded "The KMF CC provides encryption and decryption services for secure key management and Over-the-Air-Rekeying (OTAR) for Motorola’s Key Management Facility (KMF). The KMF and KMF CC combine to provide these cryptographic services for Motorola’s APCO-25 compliant Astro ™ radio systems."
206	Axalto S.A. 36-38 rue de la Princesse BP 45 78431 Louveciennes, France -Francisco Alcalde TEL: +33 1 3008 4685 FAX: +33 1 3008 4527	Cryptoflex 8K Smart Card (Hardware ST19CF68 revision B, Firmware v2) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	02/27/2002; 09/21/2004	Overall Level: 2  -FIPS-approved algorithms: Triple-DES (Cert. #67); SHA-1 (Cert. #61) -Other algorithms: RSA (non-compliant) Single-chip "Cryptoflex is a credit-card sized computer with a crypto-processor dedicated to security. Cryptoflex implements security industry functions based on public key cryptography directly onto the card, therefore eliminating the risk of sending secret data across a network. Keys and certificates for a variety of applications are stored in a single secure location, isolated from computer disks, which can fail or damaged and are susceptible to security breaches ad theft."
205	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable TEL: 919-462-1900 x212 FAX: 919-462-1933	Cylink ATM Encryptor (Hardware Versions 3.0 and 3.1, Cylink ATM Encryptor Models: 450-002-001, 450-002-002, 450-002-003, 450-002-004, 450-002-005, 450-002-006, 450-002-007, 450-003-001, 450-003-002, 450-003-003, 450-003-004, 450-003-005, 450-003-006, 450-003-007, 450-003-008 and 450-003-009, Firmware Versions 4.0 and 4.1) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	01/31/2002; 02/01/2002; 06/17/2002; 12/04/2003; 10/18/2004	Overall Level: 2  -FIPS-approved algorithms: Triple-DES (Cert. #15); DSA/SHA-1 (Cert. #14) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone "The Cylink ATM Encryptor provides data privacy and access control for connections between vulnerable public and private ATM networks. It employs FIPS approved DES or Triple-DES algorithms and, with the flexibility to choose the desired interface module, can be deployed in T1, E1, T3, E3, OC3c and OC12c networks. The Cylink ATM Encryptor can be centrally controlled or managed across multiple remote stations using Cylink's PrivaCy Manager®, an SNMP-based security management system."
204	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable TEL: 919-462-1900 x212 FAX: 919-462-1933	SafeEnterprise™ Frame Encryptor II (SFE II) (Firmware Version 4.08, Hardware Version 16326-06(6B) and Firmware Version 4.09, Hardware Version 16826-06(2C)) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	01/31/2002; 04/11/2002; 07/18/2002; 12/17/2002; 12/27/2002; 07/03/2003; 10/19/2004	Overall Level: 3  -FIPS-approved algorithms: Triple-DES (Certs. #5 and #22); DSS (Cert. #57); SHA-1 (Cert. #81) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone "The SFE protects information flowing between nodes or sites of a frame relay network. It can be con-figured to either allow or disallow information flow between two frame relay nodes. Furthermore, the information flow can be either protected through encryption or passed without encryption. The SFE II supports Full-Duplex throughput of up to 4 Mbps and 1022 active secure connections."
203	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Glenn Constable TEL: 919-462-1900 x212 FAX: 919-462-1933	SafeEnterprise™ Frame Encryptor-L (SFE-L) and SafeEnterprise™ Frame Encryptor-H (SFE-H) (Firmware Version 4.08, Hardware Version 4B & 5B) (When operated in FIPS mode) Validated to FIPS 140-1 Security Policy Certificate	Hardware	01/31/2002; 04/11/2002; 07/18/2002; 07/03/2003; 10/19/2004	Overall Level: 3  -FIPS-approved algorithms: Triple-DES (Certs. #21 and #22); DSS (Cert. #57); SHA-1 (Cert. #81) -Other algorithms: DES (Certs. #11 and #20); Diffie-Hellman (key agreement) Multi-chip standalone "The SFE protects information flowing between nodes or sites of a frame relay network. It can be configured to either allow or disallow information flow between two frame relay nodes. Furthermore, the information flow can be either protected through encryption or passed without encryption. The SFE-L supports Full-Duplex throughput of 256 Kbps traffic and 32 active secure connections.The SFE-H supports Full-Duplex throughput of 8 Mbps and 1022 active secure connections."
202	PrivyLink Pte Ltd 77 Science Park Drive #02-05/07 CINTECH III Singapore Science Park 1, 118254 Singapore -Daphne Tng TEL: (65) 882-0700 FAX: (65) 872-5490	TrustField™ Cryptographic Key Server, CKS Model 2000-J (Version T2000, Hardware Version 2A, Firmware Version 2.0) Validated to FIPS 140-1 Security Policy Certificate	Hardware	01/25/2002	Overall Level: 3  -Self Tests: Level 4 -FIPS-approved algorithms: Triple-DES (Cert. #62); ShA-1 (Cert. #53); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #123); Multi-chip standalone "TrustField™ Cryptographic Key Server (CKS) is a hardware security solution that offers a tamper-resistant environment for highly sensitive e-commerce transaction processing. It adds hardware-based security functionality to Internet, Intranet, Extranet, and enterprise applications such as Banking, e-Banking, Public Key Management for e-Commerce, and Secure e-Transaction."
201	Neopost Online, Inc. 3400 Bridge Parkway Suite 201 Redwood City, CA 94065 USA -Chandra Shah TEL: 650-620-3600	PROmail II (Simply Postage III) (Hardware Version: FAB 7480079; Software Version: 85) Validated to FIPS 140-1 Security Policy Certificate	Hardware	01/25/2002	Overall Level: 3  -Physical Secuirty: Level 3 +EFT -FIPS-approved algorithms: DSA/SHA-1 (Cert. #39) -Other algorithms: Multi-chip embedded "The Promail II is an electronic device developed by Neopost Online that stores revenue and dispenses it to a host computer, such as a PC compatible, under control and direction of a Neopost Online customer. The Promail II attaches to and communicates with the host computer via either a serial or USB interface. The revenue is dispensed from the Promail II in the form of a digitally signed indicium, a unique bit pattern that can be determined to have originated from a particular device at a particular point in time."

Need Assistance?