CMVP Main Page
*** NOTE: Module descriptions were provided by the vendors, and their contents have not been verified for accuracy by NIST or CSE. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-approved mode. The algorithms, protocols, and cryptographic functions listed as "other algorithms" (non-FIPS-approved algorithms) have not been validated or tested through the CMVP. ***
Questions regarding modules on this list should first be directed to the appropriate vendor.
| Cert# | Vendor | Cryptographic Module | Val. Date |
Level / Description | |
|---|---|---|---|---|---|
| 494 | F-Secure Corporation Tammasaarenkatu 7 PL 24, Helsinki 00180 Finland -Alexey Kirichenko
|
(Software Versions: 2.2.5, 2.2.7 and 2.2.12 (Windows) and 1.1.8, 1.1.9 and 1.1.15 (Solaris)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 12/22/2004; 02/03/2005; 12/20/2006 |
Overall Level: 2
-Operational Environment: Tested as meeting Level 2 with Windows 2000 Professional with Service Pack 3 and Q326886 Hotfix EAL 4 on Dell Optiplex GX 400 Personal Computer System, Trusted Solaris 8 7/03 EAL 4 on SunBlade 100
-FIPS-approved algorithms: Triple-DES (Certs. #255 and #257); AES (Certs. #145 and #148); SHS (Certs. #234 and #237); HMAC-SHA-1 and HMAC-SHA-256 (Certs. #234 and #237, vendor affirmed); DSA (Certs. #107 and #109); RSA (Certs. #190 and #192); RNG (Certs. #2 and #4) -Other algorithms: DES (Certs. #257 and #259); DES (CTR); Blowfish; CAST-128; MD5; HMAC-MD5; Diffie-Hellman (key agreement)); RC2 Multi-chip standalone"The F-Secure(R) Cryptographic Library(TM) is a family of software modules for a number of Windows and Unix platforms. The modules provide an assortment of cryptographic services accessible for clients through a C/C++ Application Programming Interface. The Windows and Solaris versions are designed and implemented to meet the Level 2 requirements of FIPS publication 140-2 when running on an appropriate hardware under Windows 2000, Solaris 8 and Trusted Solaris 8 operating systems." |
| 493 | F-Secure Corporation Tammasaarenkatu 7 PL 24, Helsinki 00180 Finland -Alexey Kirichenko
|
(Software Versions: 2.2.5, 2.2.7, 2.2.8 and 2.2.12 (Windows) and 1.1.8, 1.1.9, 1.1.10, 1.1.12 and 1.1.15 (Solaris/Linux/AIX/HP-UX)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 12/22/2004; 02/03/2005; 12/22/2005; 07/10/2006; 12/19/2006 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows 98, Windows XP Professional, Windows ME, Windows 2000, HP-UX B.11.11, AIX 5, Trusted Solaris 8 7/03 and Linux RHEL 3 (all in single user mode)
-FIPS-approved algorithms: Triple-DES (Certs. #255 and #257); AES (Certs. #145 and #148); SHS (Certs. #234 and #237); HMAC-SHA-1 and HMAC-SHA-256 (Certs. #234 and #237, vendor affirmed); DSA (Certs. #107 and #109); RSA (Certs. #190 and #192); RNG (Certs. #2 and #4) -Other algorithms: DES (Certs. #257 and #259); DES (CTR); Blowfish; CAST-128; MD5; HMAC-MD5; Diffie-Hellman (key agreement); RC2; RIPEMD-160 (v1.1.10 and 1.1.12 only); RSA (specified in RFC 2409) Multi-chip standalone"The F-Secure(R) Cryptographic Library(TM) is a family of software modules for a number of Windows and Unix platforms. The modules provide an assortment of cryptographic services accessible for clients through a C/C++ Application Programming Interface. The modules are designed and implemented to meet the Level 1 requirements of FIPS publication 140-2 when running on a GPC under various popular versions of Windows and Unix operating systems." |
| 492 | ITServ Inc. Six Montgomery Village Avenue Suite 405 Gaithersburg, MD 20879 USA TEL: 301-948-1111 FAX: 301-948-7582 |
(Hardware Version: FGC; Firmware Version: 5.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Hardware | 12/22/2004; 01/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #247); SHS (Cert. #186); HMAC-SHA-1 (Cert. #186, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement); RC4; MD5; CRYPT(3) Multi-chip standalone"RideWay Station FGC integrates powerful firewall protection and VPN capabilities to safeguard computer networks from the threat of Internet attacks and intrusions. Each computer or server on the LAN must follow a strict authorization procedure in order to gain access to the network. In addition, the module uses Triple-DES encryption in its IPSec VPN to allow multiple offices to securely communicate over the Internet or to allow a remote client to securely connect to its office network. The highperforming hardware efficiently conducts encryption and decryption tasks without sacrificing throughput." |
| 491 | Aruba Wireless Networks Inc. 1322 Crossman Avenue Sunnyvale, CA 94089 USA -Kenneth Jensen
-Keerti Melkote
|
(Hardware Versions: Configuration A, Configuration B, Configuration C, Configuration D; Firmware Version: A5000_2.1.0.0_7862) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 12/22/2004; 01/07/2005; 12/22/2005 |
Overall Level: 2
-FIPS-approved algorithms: AES (Certs. #158 and #159); Triple-DES (Certs. #260 and #261); SHA-1 (Certs. #243 and #244); HMAC-SHA-1 (Certs. #243 and #244, vendor affirmed); RNG (Cert. #8); RSA (Cert. #9) -Other algorithms: DES (Cert. #262); MD5; RC4; Diffie-Hellman (key agreement) Multi-chip standalone"Aruba Wireless Networks’ FIPS validated WLAN switching platform is a purpose-built Wireless LAN voice and data switching solution designed to specifically address the needs and reduce the cost of large scale WiFi network deployments for Government and large enterprise. Aruba’s WLAN switching platform is a highly scalable and redundant solution that provides centralized intelligence to secure and manage the corporate RF environment, enforce identity based user security and policies, enable service creation and provide secure mobility management to hundreds of simultaneously connected users." |
| 490 | C4 Technology, Inc. Meguro Tokyu Bldg. 5th Floor 2-13-17 Kamiosaki Shinagawa-ku, Tokyo 141-0021 Japan -Hirohisa Ogawa
|
(Software Versions: 1.0.0 and 1.1.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 12/22/2004; 02/25/2005 |
Overall Level: 1
-EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Microsoft Windows 2000 Service Pack 3 with Hotfix 326886 and Microsoft Windows XP Service Pack 1 -FIPS-approved algorithms: SHS (Cert. #222); HMAC-SHA-1 (Cert. #222, vendor affirmed); AES (Cert. #133); RNG (Cert. #1); RSA (Cert. #1); ECDSA (vendor affirmed) -Other algorithms: C4Custom; RSAES_PKCS_v1_5; RSAES_OAEP; Diffie-Hellman (key agreement); SSS Multi-chip standalone"C4CS is a software cryptographic module providing symmetric/asymmetric ciphers, hash functions, and secret sharing schemes in FIPS mode." |
| 489 | Bluesocket, Inc. 7 New England Executive Park Burlington, MA 01803 USA -Mike Puglia
|
(Hardware Versions: 870-212FF-002, 870-212FT-002, 870-212TF-002, 870-212TT-002, Software Version: 3.1.1.8) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 12/10/2004; 08/30/2005 |
Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: AES (Cert. #76); Triple-DES (Certs. #187 and #250); RSA (Cert. #14); RNG (Cert. #16); SHS (Certs. #228 and #229); HMAC-SHA-1 (Certs. #228 and #229, vendor affirmed) -Other algorithms: DES (Cert. #223); Diffie-Hellman (key agreement); MD5; HMAC MD5 Multi-chip standalone"The Bluesocket WG-2100 Wireless Gateway provides a scalable solution with security, quality of service (QoS), Mobility, Role/Policy Enforcement and Management for today's highly-secure 802.11 Government wireless networks." |
| 488 | E.F. Johnson Co. 123 N. State St. Waseca, MN 56093 USA -John Oblak
|
(Software Version: 1.0.0.5) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 12/10/2004; 05/05/2005 |
Overall Level: 1
-Roles, Services, and Authentication: Level 2 -Operational Environment: Tested as meeting Level 2 with Windows 2000 Professional with Service Pack 3 and Q326886 Hotfix on Dell OptiPlex GX400 -FIPS-approved algorithms: AES (Cert. #26); DSA (Cert. #72); SHS (Cert. #121); Triple-DES (Cert. #135); RNG (Cert. #14) -Other algorithms: DES (Cert. #186); AES-MAC (Cert #26, non-compliant) Multi-chip standalone"The EFJohnson Encryption Module is a software cryptographic module that serves both as a key store and a cryptographic service provider. The module is accessible through an API, and provides an easy-to-use yet secure means of storing sensitive cryptographic keys. The Encryption Module meets level 1 FIPS 140-2 requirements and achieves level 2 in the "Roles, Services, and Authentication" and "Operation Environment" sections of FIPS 140-2." |
| 487 | Kasten Chase Applied Research, Ltd. Orbitor Place 5100 Orbitor Drive Mississauga, Ontario L4W 4Z4 Canada -Steve Demmery
|
(Software Version: 2.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 12/10/2004 | Overall Level: 1
-Roles, Services, and Authentication: Level 3 -Design Assurance: Level 2 -Operational Environment: Tested as meeting Level 1 with Windows 2000 Server, Red Hat 7.3 with Linux kernel 2.4; AIX 5L for POWER V5.2; Sun Trusted Solaris™ Version 8 4/01; Sun Solaris™ 9 (all in user and kernel modes and single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #265); AES (Cert. #163); SHS (Cert. #246); HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512 (Cert. #246, vendor affirmed); RSA (Cert. #12); ECDSA (vendor affirmed); RNG (Cert. #10) -Other algorithms: MD5; HMAC-MD5; KEA; ECDH (key establishment) Multi-chip standalone"KCCE is an independent, executable cryptographic module that exists variously as a dynamic linked library (dll), a shared library and a driver. KCCE provides software designers with a comprehensive API that ensures secure cryptographic application development, for a wide range of operating systems, without undue complexity." |
| 486 | Kasten Chase Applied Research, Ltd. Orbitor Place 5100 Orbitor Drive Mississauga, Ontario L4W 4Z4 Canada -Steve Demmery
|
(Software Version: 2.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 12/10/2004 | Overall Level: 2
-Roles, Services, and Authentication: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows 2000 Server with SP3 and Hotfix Q326886 on a 650 MHz Pentium III platform; AIX 5L for POWER V5.2 on a IBM p630-6C4 with a POWER4 CPU; Sun Trusted Solaris™ Version 8 4/01 on a SunBlade 100 with a 500 MHz UltraSPARC Iie -FIPS-approved algorithms: Triple-DES (Cert. #265); AES (Cert. #163); SHS (Cert. #246); HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384; HMAC- SHA-512 (Cert. #246, vendor affirmed); RSA (Cert. #12); ECDSA (vendor affirmed); RNG (Cert #10) -Other algorithms: MD5; HMAC-MD5; KEA, ECDH (key establishment) Multi-chip standalone"KCCE is an independent, executable cryptographic module that exists variously as a dynamic linked library (dll), a shared library and a driver. KCCE provides software designers with a comprehensive API that ensures secure cryptographic application development, for a wide range of operating systems, without undue complexity." |
| 485 | Giesecke & Devrient 45925 Horseshoe Drive Dulles, VA 20166 USA -Won J. Jun
|
(Hardware Version: HD65246C1A05NB, Firmware Versions: CH463JC_INABFOP003901_V101 and CH463JC_INABFOP003901_V102) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 12/10/2004 | Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #239); AES (Cert. #132); SHS (Cert. #216); DSA (Cert. #102); RSA (Cert. #7); Triple-DES MAC (Cert. #239, vendor affirmed) -Other algorithms: DES (Cert. #249); DES MAC (Cert. # 249, vendor affirmed) Single-chip"Giesecke & Devrient (G&D) Smart Card Chip Operating System Sm@rtCafé Expert FIPS 64 is a Java Card 2.2 and Open Platform v2.0.1' compliant smart card module. It supports, at a minimum, Triple-DES, AES, DSA, and RSA algorithms with on-card key generation. The Sm@rtCafé Expert FIPS 64 is suitable for government and corporate identification, payment and banking, health care, and Web applications." |
| 484 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Hazem Hassan
|
(Hardware Version: 1.0, Firmware Version: 2.0, EXFs: GSC-IS and Biometric authentication application executable (G3 EXF) Version 21) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 12/10/2004; 02/22/2005 |
Overall Level: 2
-Physical Security: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: DSA/SHA-1 (Cert. #35); RSA (PKCS #1, vendor affirmed); Triple-DES (Cert. #236); RNG (vendor affirmed) -Other algorithms: DES (Cert. #88); Diffie-Hellman (key agreement) Single-chip"The 330G3 is a biometrically-enabled ISO 7816 and GSC-IS compliant cryptographic smart card designed for identification and access control applications. The card provides a secure, mobile platform for strong user authentication and single sign on when integrated with SAFENET Axis software. The card supports creating, storing and using keys, certificates, passwords and other digital credentials. Security services include: Multiapplication secure storage and retrieval of data and digital credentials; Strong authentication of the cardholder using fingerprint biometrics; Cryptographic services including SHA-1, DES, 3DES, RSA Sign/Verify, RSA Encrypt/Decrypt and DSA Sign/Verify with on board key generation including RSA 2048-bit key generation." |
| 483 | Symantec Corporation 1 Symantec Way Suite 200 Newport News, VA 23602 USA -William L. Stewart
|
(Software Version: 1.0) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 12/10/2004; 07/27/2007 |
Overall Level: 1
-EMI/EMC: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows XP Professional, Windows 2000 -FIPS-approved algorithms: AES (Cert. #164); Triple-DES (Cert. #266); SHS (Cert. #248); HMAC (Cert. #5); RNG (Cert. #12) -Other algorithms: N/A Multi-chip standalone"The Symantec Cryptographic Module is a software library that contains FIPS-approved cryptographic algorithms. This module provides encryption functionality for selected Symantec products." |
| 482 | Pitney Bowes 35 Waterview Drive Shelton, CT 06484-8000 USA -Douglas Clark
|
(Hardware Versions: P/N 1L00, Versions AAA, AAC and AAD (US); P/N 1LEC, Versions AAA, AAC and AAD (Canada)) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 12/10/2004; 02/03/2005; 03/14/2005 |
Overall Level: 3
-FIPS-approved algorithms: DSA (Cert. #105); SHS (Cert. #232); Triple-DES (Cert. #252); Triple-DES MAC (Cert. #252, vendor affirmed); HMAC-SHA-1 (Cert. #232, vendor affirmed); ECDSA (vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone"The Pitney Bowes Cygnus X-1 Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP) and with the Canada Post Corporation's Digital Meter Indicia Specification 3457. It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes IBIP Metering products." |
| 481 | Realia Technologies S.L. Orense, 68 11th floor Madrid, 28020 Spain -Sebastián Muńoz
-Luis Jesús Hernández
|
(Hardware Version: Model 1.0, Firmware Version: 01.04.0010) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 12/10/2004 | Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #262); RSA (Cert. #10); SHS (Cert. #242); RNG (Cert. #11) -Other algorithms: DES (Cert. #263); CRC-32; MD5; RIPEMD-128; RIPEMD-160 Multi-chip embedded"The Cryptosec 2048 is a high-end PCI cryprographic accelerator card that provides cryptographic services and secure storage of cryptographic keys. The module is built to perform general cryptographic processing (RSA, DES, SHA-1, MD5,...) and features a tamper-protective case to physically protect sensitive information contained within the card." |
| 480 | Motorola, Inc. 1301 E. Algonquin Rd. Schaumburg, IL 60196-1078 USA -Kirk Mathews
|
(Hardware Version: P/N CLN7493D, Version 8, Firmware Version: U239AC, X795AH, Versions R3.52.17, R3.52.22 and R3.52.31.) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 12/10/2004; 02/25/2005 |
Overall Level: 1
-Roles, Services, and Authentication: Level 2
-FIPS-approved algorithms: AES (Cert. #2); Triple-DES (Cert. #82) -Other algorithms: DES (Cert. #151); DES MAC (Cert. #151, vendor affirmed); DES-XL; DVI-XL; DVP-XL; HCA; DVI-SPFL; SHA-1 (non-compliant); AES MAC (Cert #2, P25 AES OTAR, vendor affirmed) Multi-chip standalone"The KVL 3000 Plus is a portable key distribution device. Encryption keys can be loaded into the KVL manually through its keypad interface or transferred from a Key Management Facility through its serial interface. These keys can then be distributed to various secure communications equipment such as mobile and portable radios, base stations, zone controllers, data controllers, and other fixed network devices. The KVL also includes a PCMCIA interface for software upgrades." |
| 479 | Entrust, Inc. 1000 Innovation Drive Ottawa, Ontario K2K 3E7 Canada -Alan Myrvold
|
(Software Version: 7.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 11/16/2004 | Overall Level: 1
-EMI/EMC: Level 3 -Operational Environment: Tested as meeting Level 1 with Intel Pentium 4 running Windows XP SP1 in single user mode running Sun JRE 1.4.2 and UltraSPARC-11i 300 MHz processor running Solaris 9 in single user mode running Sun JRE 1.4.2 -FIPS-approved algorithms: AES (Cert. #193); Triple-DES (Cert. #289); Triple-DES MAC (Cert. #289, vendor affirmed); DSA (Cert. #122); ECDSA, (vendor affirmed); SHS (Cert. #273); HMAC (Cert. #8); RNG (Cert. #40); RSA (Cert. #30) -Other algorithms: DES (Cert. #279); DES MAC (Cert. #279, vendor affirmed); CAST 128; IDEA; RC2; RC4; Diffie-Hellman (key agreement); SPEKE; Rijndael 256; CAST128 MAC; MD2; MD5; HMAC- MD5; IDEA MAC Multi-chip standalone"Authority Toolkits provide customers and partners with the ability to apply best-in-class security to almost any business application. These Toolkits provide a common set of services to permit developers to rapidly deploy applications that solve business problems without having to spend valuable development cycles developing these common services. Entrust Authority's standards-based, application programming interfaces (APIs) make it possible to implement a single enhanced Internet security architecture across multiple applications and platforms. By minimizing the need for separate administration modules with every deployed application, these Toolkits provide a reduction in administrative duplication and help to reduce the cost to deploy across multiple platforms." |
| 478 | Carrier Access Corporation and TeamF1 5395 Pearl Parkway Boulder, CO 80301 USA -Thomas Gormley
-Mukesh Lulla
|
(Software Versions: 4.0.0, 4.1.0 and 4.1.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 11/08/2004; 12/01/2004; 02/24/2005; 12/22/2005 |
Overall Level: 1
-Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -Cryptographic Key Management: Level 3 -Operational Environment: Tested as meeting Level 1 with WindRiver pSOS operating system version 2.2.7 and ATM configuration -FIPS-approved algorithms: DSA (Cert. #100); Triple-DES (Cert. #238); AES (Cert. #129); SHA-1 (Cert. #214); HMAC-SHA-1 (Cert. #214, vendor affirmed); RSA (PKCS #1, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip embedded"The Broadmore family of products offer a unique economical means of provisioning, grooming, and routing TDM DS3, DS1, E3, E1 services and mixed-speed serial data to logical ATM connections. The Broadmore/SSHield Management Module controls the Broadmore configuration parameters using SSHield, an implementation of the IETF SECSH protocol, which provides an authenticated, encrypted data communications channel for secure management. More information can also be found on www.teamf1.com and www.carrieraccess.com." |
| 477 | Secure Systems Limited 80 Hasler Road Osborne Part, Western Australia 6017 Australia -Michael J Wynne
-Christine Rainwater
|
(Hardware Versions: SDV201B Rev B and SDV18A Rev A, Firmware Version: SDV2_Ver_1.3.4, Embedded_AA_1.07) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 11/04/2004 | Overall Level: 1
-Roles, Services, and Authentication: Level 2 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Cert. #136); SHS (Cert. #219) -Other algorithms: CRC-32 Multi-chip embedded"The Silicon Data Vault® (SDV®) is a cryptographic hardware security device which asserts absolute control over the hard disk drive (HDD) at the earliest stage of boot up, ensuring the user is authenticated before any data can be accessed. The SDV® is operating system independent, works with any standard ATA HDD, and resides in the IDE channel, blocking and controlling all access to the HDD." |
| 476 | Prism Payment Technologies (Pty) Ltd PO Box 901 Witkoppen, Gauteng 2068 South Africa -Wayne Donnelly
|
(Hardware Version: P/N 5520-00091, Version 2, Firmware Version: 1.1.1.0) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 11/04/2004 | Overall Level: 3
-Physical Security: Level 4
-FIPS-approved algorithms: Triple-DES (Cert. #259); SHA-1 (Cert. #241); Triple-DES MAC (Cert. #259, vendor affirmed); RSA (ANSI X9.31, vendor affirmed) -Other algorithms: DES (Cert. #261); Enhanced Security DES MAC (Cert. #261, vendor affirmed); DES MAC (Cert. #261, vendor affirmed); Multi-chip embedded"The Incognito TSM410 is a multi-chip embedded Tamper Responsive Security Module. Fitted on a PCI carrier card, the device offers highperformace, high-security services targeted at EFT switches and mCommerce applications." |
| 475 | Trust Digital, Inc. 1600 International Drive Suite 100 McLean, VA 22102 USA -Norm Laudermilch
|
(Software Versions: 3.0, 3.0.01) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 11/02/2004; 03/02/2005; 07/29/2005; 09/21/2005; 10/26/2006; 11/06/2006 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows NT SP6, 2000, XP Pro; Palm OS 4.1, 5.2.1, 5.2.1H, 5.4.5; Pocket PC 3.0, 4.20; Symbian 7.0; Smartphone 2002; Windows Mobile v5.0 and v5.0 Smartphone edition.
-FIPS-approved algorithms: AES (Certs. #69 and #456); Triple-DES (Certs. #177 and #473); SHS (Certs. #164 and #520); HMAC-SHA-1 (Certs. #164 and #520, vendor affirmed) -Other algorithms: Blowfish; TwoFish; RC4; TEA; Fast XOR; MD5 Multi-chip standalone"Trust Digital’s Cryptographic Module is a 32-bit Windows library compatible with Palm, Pocket PC, RIM, Symbian and other related operating systems. This module provides cryptographic services accessible from software programs written in C/C++ through Application Program Interfaces (APIs). The DLL (dynamically linked library) format of this module allows it to be embedded in existing applications targeted for Palm, Pocket PC, RIM and Symbian operating systems." |
| 474 | L-3 Communications Government Services, Inc. 3750 Centerview Drive Chantilly, VA 20151 USA -Suma Shastry
|
(Hardware Version: Rev B, Part No: 1500, Firmware Version: 5.7) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/22/2004 | Overall Level: 1
-FIPS-approved algorithms: Triple-DES (Cert. #181); Triple-DES MAC (Cert. #181, vendor affirmed) -Other algorithms: N/A Multi-chip standalone"The Hand Held Monitor Module (HHM) device is a component of the Tactical Automated Security System (TASS). The HHM is used to detect, monitor, and access intrusions in secured areas. The HHM works in conjunction with the Communications Module (CM), which receives, and forwards intrusion alerts to the HHM." |
| 473 | L-3 Communications Government Services, Inc. 3750 Centerview Drive Chantilly, VA 20151 USA -Suma Shastry
|
(Hardware Version: Rev B, Part No: 1550, Firmware Version: 5.7) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/22/2004 | Overall Level: 1
-FIPS-approved algorithms: Triple-DES (Cert. #181); Triple-DES MAC (Cert. #181, vendor affirmed) -Other algorithms: N/A Multi-chip standalone"The Communications Module (CM) device is a component of the Tactical Automated Security System (TASS). The Communications Module (CM) works in conjunction with the HHM to receive and forward intrusion alerts." |
| 472 | Pitney Bowes, Inc. 35 Waterview Drive Shelton, CT 06484 USA -Douglas Clark
|
(Hardware Version: DS1955B PB1 - 1.50) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/22/2004 | Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #185); SHA-1 (Cert. #167); DSA (Cert. #90); Triple-DES MAC (Cert. #185, vendor affirmed) -Other algorithms: DES (Cert. #222); Multi-chip standalone"The Pitney Bowes iButton Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP). It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds and the production of postage meter indicia in a variety of Pitney Bowes Metering products. The PSD has been designed to support international postal markets and their evolving requirements for digital indicia." |
| 471 | SafeNet, Inc. 4690 Millennium Drive Suite 400 Belcamp, MD 21017 USA -George L. Heron
|
(Hardware Version: C, Firmware Versions: 2.2 and 4.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/22/2004; 05/04/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #258); AES (Cert. #156); SHA-1 (Cert. #117); HMAC-SHA-1 (Cert. #117, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #260); Diffie-Hellman (key agreement); MD5; HMAC-MD5 Multi-chip standalone"The SafeNet HighAssurance 4000 Gateway is a high performance, integrated security appliance that offers Gigabit Ethernet IPSEC encryption. Housed in a tamper evident chassis, the Security Gateway has two Gigabit Ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it. With the implementation of firmware version 2.2, the SafeNet HA 4000 can now be set-up and configured with the Safe Enterprise Security Management Center (SMC)." |
| 470 | CipherOptics Inc. 701 Corporate Center Drive Raleigh, NC 27607 USA -Dennis Toothman
|
(Hardware Version: A, Firmware Version: 3.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/22/2004 | Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: Triple-DES (Cert. #258); AES (Cert. #156); SHA-1 (Cert. #117); HMAC-SHA-1 (Cert. #117, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #260); Diffie-Hellman (key agreement); MD5; HMAC-MD5 Multi-chip standalone"The CipherOptics SG100 and SG1002 are high performance, integrated security appliances that offer Gigabit and 10/100 Ethernet IPSec encryption respectively. Housed in a tamper evident chassis, have two ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it." |
| 469 | CipherOptics Inc. 701 Corporate Center Drive Raleigh, NC 27607 USA -Dennis Toothman
|
(Hardware Version: C, Firmware Version: 2.2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/22/2004 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #258); AES (Cert. #156); SHA-1 (Cert. #117); HMAC-SHA-1 (Cert #117, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #260); Diffie-Hellman (key agreement); MD5; HMAC-MD5 Multi-chip standalone"The CipherOptics Security Gateway is a high performance, integrated security appliance that offers Gigabit Ethernet IPSec encryption. Housed in a tamper evident chassis, the Security Gateway has two Gigabit Ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it." |
| 468 | Fortinet, Inc. 920 Stewart Drive Sunnyvale, CA 94085 USA -Alan Kaye
|
(Hardware Versions: FortiGate-300 (build x20), FortiGate-400 (build x20), FortiGate-500 (build x20) and FortiGate-800 (build x20), Firmware Version: 2.50, build 219,040616) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/18/2004 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #237); AES (Cert. #128); SHS (Cert. #213); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. #213, vendor affirmed) -Other algorithms: DES; DDiffie-Hellman (key agreement); MD5; HMAC-MD5 Multi-chip standalone"FortiGate Antivirus Firewalls are dedicated, hardware-based units that deliver complete, real-time network protection services at the network edge." |
| 467 | Fortinet, Inc. 920 Stewart Drive Sunnyvale, CA 94085 USA -Alan Kaye
|
(Hardware Versions: FortiGate-3000 (build xx20) and FortiGate-3600 (build xx20), Firmware Version: 2.50, build 219,040616) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/18/2004 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #237); AES (Cert. #128); SHS (Cert. #213); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. #213, vendor affirmed) -Other algorithms: DES; Diffie-Hellman (key agreement); MD5; HMAC-MD5 Multi-chip standalone"FortiGate Antivirus Firewalls are dedicated, hardware-based units that deliver complete, real-time network protection services at the network edge." |
| 466 | Francotyp-Postalia AG & Co. KG Triftweg 21-26 D-16547 Birkenwerder, Germany -Volker Baum
|
(Hardware Version: 58.0036.0001.00/05, Firmware Version: 90.0036.0007.00/00) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/18/2004 | Overall Level: 3
-Physical Security: Level 3 +EFP
-FIPS-approved algorithms: Triple-DES (Cert. #39); RSA (PKCS #1, vendor affirmed); SHA-1 (Cert. #43); HMAC-SHA-1 (Cert. #43, vendor affirmed) -Other algorithms: DES (Cert. #108); DES MAC (Cert. #108, vendor affirmed); Diffie-Hellman (key agreement) Multi-chip embedded"The Francotyp-Postalia FrankIT Postal Revenector employs strong encryption, decryption, and digital signature techniques for the protection of customer revenues in Francotyp-Postalia's mail handlers. The FrankIT Postal Revenector has been designed in compliance with the Deutsche Post AG (DPAG), FrankIT Specification." |
| 465 | D'Crypt Pte Ltd. 20 Ayer Rajah Crescent #08-08 Technopreneur Centre, Singapore 139964 Singapore -Quek Gim Chye
|
(Hardware Versions: P/N DC/QE-L.8.1024 Versions 3.0L and 3.1L and P/N DC/QE-S.4.512 versions 3.0S and 3.1S, Firmware Version: 2.0) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/18/2004; 06/06/2005 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #159); SHA-1 (Cert. #139); RSA (FIPS 186-2 and PKCS#1, vendor affirmed); AES (Cert. #49); HMAC-SHA-1 (Cert. #139, vendor affirmed) -Other algorithms: DES (Cert. #205) Multi-chip embedded"The d'Cryptor QE is a programmable cryptographic coprocessor designed for high security assurance applications and features in the d'Cryptor line of products such as d'Cryptor XE, d'Cryptor HSM and TelePort. It contains a secure high-performance cryptographic core that comprises a CPU, Flash ROMs, NVRAM, UTC clock, firmware and a host of useful and cryptographic APIs. The QE provides strong physical security through an opaque, hard epoxy potting and a tamper response mesh that zeroizes all keys in event of tamper. Application loading is authenticated using an approved digital signature scheme." |
| 464 | Nortel Networks 600 Technology Park Billerica, MA 01821 USA -Jonathan Lewis
|
(Hardware Versions: 1700, 2700 and 5000, Firmware Version: V04_85.121) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/18/2004; 01/06/2006 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #29 and #183); AES (Cert. #50); SHA-1 (Certs. #31 and #51); HMAC-SHA-1 (Certs. #31 and #51, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #48 and #101); DES MAC (Certs. #48 and #101, vendor affirmed); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD5; HMAC-MD5 Multi-chip standalone"The FIPS 140-2 Level 2 compliant Contivity 1700, 2700 and 5000 Secure IP Services Gateways are the ideal solution for enterprises requiring secure, low-cost connectivity across the Internet or managed IP networks. The Contivity 1700, 2700 and 5000 provide, IP routing, Virtual Private Networking (VPN), stateful firewall, encryption, authentication, directory and policy services, Quality of Service (QoS), and bandwidth management services in a single integrated platform. These devices provide a solution for small, medium, and large sites requiring Internet connectivity for both secure VPN communications and for basic IP/Internet access." |
| 463 | VIACK Corporation 16701 NE 80th St. Suite 100 Redmond, WA 98052 USA -Peter Eng
|
(Software Version: 3.5) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 09/20/2004 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows 2000 Server SP4
-FIPS-approved algorithms: RNG (Cert. #3); AES (Cert. #147); RSA (Cert. #5); SHA-1 (Cert. #236); HMAC-SHA-1 (Cert. #236, vendor affirmed) -Other algorithms: RSA (PKCS #1); RC2 Multi-chip standalone"The VIA3 VkCrypt Cryptographic Module is a software cryptographic module that implements symmetric and public key encryption, digital signatures, and hashing for VIA3 E-meeting products. VIA3 is a secure and confidential E-meeting solution integrating live audio and video, instant messaging, and real-time information sharing." |
| 462 | 3e Technologies International, Inc. 700 King Farm Blvd. Suite 600 Rockville, MD 20850 USA -Ryon Coleman
|
(Hardware Versions: 3e-521NP, 3e-522FIPS, 3e-530NP and 3e-531AP, Firmware Version: 2.6) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 09/20/2004 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #136 and #161); AES (Cert. #27); SHA-1 (Cert. #140); HMAC-SHA-1 (Cert. #140, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement); RSA (PKCS#1); MD5; RC4; DES Multi-chip standalone"The 3e family of Secure Wireless Gateways implements a cryptographic suite including AES, 3DES, SHA-1, HMAC SHA-1, Diffie-Hellman, and HTTPS/TLS. These algorithms are used in combination to protect the main Gateway services of bridging from wired uplink LAN to the wireless LAN, NAT routing from the wired uplink LAN to the wireless LAN, and DHCP service to the local LAN allowing a wired local LAN to exist over the local wireless LAN interface. The cryptographic suite is implemented in an innovative manner so that critical performance is not sacrificed in providing a rugged FIPS 140-2 Level 2 secure wireless solution." |
| 461 | Lucent Technologies, Inc. 600 Mountain Ave Murray Hill, NJ 07974 USA -Kim Tourigny
-Dan Buczala
|
(Hardware Versions: Brick® 350, Brick® 1000 and Brick® 1100, and Encryption Accelerator Card v2: Version 1.0, Board Version 1, Firmware Versions: Lucent LVF v7.2.292 and EAC v2: 7.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 09/08/2004; 02/03/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #75 and #245); SHA-1 (Certs. #65 and #225); HMAC-SHA-1 (Certs. #65 and #225, vendor affirmed); DSA (Cert. #62) -Other algorithms: DES (Certs. #135 and #250); MD5; ARC4; Diffie-Hellman (key agreement); HMAC- MD5 Multi-chip standalone"The VPN Firewall Brick is a high-speed packet-processing appliance, oriented towards providing security functions. The Brick is a carrier-grade integrated firewall and virtual private network (VPN) gateway appliance specifically designed for web/application data center security, large-scale managed security services, and remote access VPN services. Called the Brick because of its rugged, reliable design, this is an ideal platform for service providers seeking wide scalability, ready manageability, and industry-leading performance." |
| 460 | Lucent Technologies, Inc. 600 Mountain Ave Murray Hill, NJ 07974 USA -Kim Tourigny
-Dan Buczala
|
(Hardware Versions: Brick® 350 and Brick® 1000, Firmware Version: Lucent LVF v7.2.292) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 09/08/2004; 02/03/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #245); SHA-1 (Cert. #225); HMAC-SHA-1 (Cert. #225, vendor affirmed); DSA (Cert. #62) -Other algorithms: DES (Cert. #250); MD5; ARC4; Diffie-Hellman (key agreement); HMAC-MD5 Multi-chip standalone"The VPN Firewall Brick is a high-speed packet-processing appliance, oriented towards providing security functions. The Brick is a carrier-grade integrated firewall and virtual private network (VPN) gateway appliance specifically designed for web/application data center security, large-scale managed security services, and remote access VPN services. Called the Brick because of its rugged, reliable design, this is an ideal platform for service providers seeking wide scalability, ready manageability, and industry-leading performance." |
| 459 | Backbone Security.com, Inc. 701 Main Street Suite 300 Stroudsburg, PA 18360 USA -Glenn Watt
|
(Hardware Version: 3.0, Software Version: 2.2 FIPS) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 09/08/2004 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #208); AES (Cert. #94); SHA-1 (Cert. #184); HMAC-SHA-1 (Cert. #184, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement); HMAC-SHA-256; HMAC-SHA-512; HMAC-MD5 Multi-chip standalone"Ribcage is a secure IPSec Virtual Private Network that provides secure connectivity deployed on a shared infrastructure with the same privacy and performance as a leased network. Ribcage is a solution that is flexible as both a secure virtual private network and as a remote access, with straightforward administration tools that allow rapid set-up and administration remotely or locally." |
| 458 | SonicWALL, Inc. 1143 Borregas Ave. Sunnyvale, CA 94089-1306 USA -Usha Sanagala
|
(Hardware Version: P/N 101-5000072-00 rev A, Firmware Versions: SonicOS Enhanced Versions 2.0, v2.5 and v3.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 09/08/2004; 02/24/2005; 05/17/2006; 04/25/2007 |
Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: AES (Certs. #121 and #140); Triple-DES (Certs. #231 and #248); SHA-1 (Cert. # 208); HMAC-SHA-1 (Cert. #208, vendor affirmed); DSA (Cert. #98); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #245 and #251); RC4; MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The SonicWALL TZ 170 is an internet security appliance with a WAN interface, a flexible Optional interface, and a LAN interface incorporating a 5-port Fast-Ethernet switch. The SonicWALL TZ 170 provides stateful packet inspection firewall services, accelerated IPSec VPN, bandwidth management, and can be upgraded to offer ISP failover and traffic loadbalancing. The SonicWALL TZ 170 also serves as a platform for extensible security services such as Content Filtering Services (CFS), Network Anti - Virus, and E-mail filtering." |
| 457 | Sun Microsystems 4150 Network Circle Santa Clara, CA 95054 USA -Javier Lorenzo
-Irfan Khan
|
(Hardware Versions: Fiber: 501-6040-02 and 501-6040-03, UTP/Copper: 501-6039-05 and 501-6039-06, Firmware Version: 1.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 08/12/2004 | Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert.# 190); AES (Cert. #79); SHA-1 (Certs. #171 and #172); HMAC-SHA-1 (Certs. #171 and #172, vendor affirmed); DSA (Cert. #92); RSA (PKCS #1, vendor affirmed) -Other algorithms: DES (Cert. #225); MD5; HMAC-MD5; RC2 Multi-chip embedded"The Sun Cryptographic Accelerator 4000 (SCA 4000) is a highperformance secure networking solution for Sun servers. It is a PCI card consisting of a Gigabit Ethernet adapter with on-board cryptographic acceleration hardware and a secure cryptographic key store. The card enhances server network performance by off-loading compute intensive cryptographic calculations (asymmetric and symmetric) from the server's CPU, accelerating both IPsec and SSL processing. The SCA 4000 also provides a secure remote administration capability. It is tightly integrated with Sun's server hardware and software. The SCA 4000 meets or exceeds all FIPS 140-2 Level 3 requirements." |
| 456 | Giesecke & Devrient 45925 Horseshoe Drive Dulles, VA 20166 USA -Won J. Jun
|
(Hardware Version: HD65246C1A05NB, Firmware Versions: CH463JC_INABFOP003901_V101 and CH463JC_INABFOP003901_V102, Applet Versions: AC Applet Versions 2.3.0.2 and 2.3.0.5; ASC Library 2.3.0.2 and 2.3.0.3; and PKI/GC Applet Versions 2.3.0.2 and 2.3.1.2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 08/11/2004; 09/07/2005 |
Overall Level: 2
-Physical Security: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #239); AES (Cert. #132); SHA-1 (Cert. #216); DSA (Cert. #102); RSA (Cert. #7, PKCS#1); Triple-DES MAC (Cert. #239, vendor affirmed) -Other algorithms: DES (Cert. #249); DES MAC (Cert. #249, vendor affirmed) Single-chip"Giesecke & Devrient (G&D) Smart Card Chip Operating System Sm@rtCafé Expert FIPS 64 is a Java Card 2.2 and Open Platform v2.0.1' compliant smart card module. It supports, at a minimum, Triple-DES, AES, DSA, and RSA algorithms with on-card key generation. The Sm@rtCafé Expert FIPS 64 is suitable for government and corporate identification, payment and banking, health care, and Web applications." |
| 455 | SonicWALL, Inc. 1143 Borregas Ave. Sunnyvale, CA 94089-1306 USA -Usha Sanagala
|
(Hardware Versions: 3060 101-500078-00 rev. A and 4060 101-500067-00 rev. A, Firmware Versions: SonicOS Enhanced Versions v2.0, v2.5 and v3.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 08/11/2004; 02/24/2005; 05/17/2006; 05/31/2006; 04/25/2007 |
Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: AES (Certs. #105 and #121); Triple-DES (Certs. #217 and #231); SHA-1 (Cert. #208); HMAC-SHA-1 (Cert. #208, vendor affirmed); DSA (Cert. #98); RSA (vendor affirmed) -Other algorithms: DES (Cert. #245); RC4; MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The PRO 4060 and PRO 3060 are internet security appliances offering stateful packet inspection firewall services, accelerated IPSec VPN, bandwidth management, and dual-WAN port support with ISP failover and load-balancing capabilities, all via six configurable 10/100 Ethernet interfaces." |
| 454 | iDirect Technologies 10803 Parkridge Boulevard Reston, VA 20191 USA -Sasmith Reddi
|
(Hardware Version: 5.0, Firmware Version: 5.0.1) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 08/02/2004 | Overall Level: 1
-FIPS-approved algorithms: Triple-DES (Cert. #243); SHA-1 (Cert. #220); HMAC-SHA-1 (Cert. #220, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: Multi-chip standalone"iDirect Technologies provides solutions that allow enterprises of any size, in virtually any location, to access broadband TCP/IP communications via satellite. Our technology provides the flexibility, capability, and reliability that enterprise and government customers need to support critical business applications. The Protocol Processor is the central component of iDirect’s TDMA star network product and is responsible for network wide functions such as: TCP acceleration, QoS, 3DES encryption, TDMA management and dynamic time slot allocation." |
| 453 | iDirect Technologies 10803 Parkridge Boulevard Reston, VA 20191 USA -Sasmith Reddi
|
(Hardware Version: 5.0, Firmware Version: 5.0.1) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 07/28/2004 | Overall Level: 1
-EMI/EMC: Level 3
-FIPS-approved algorithms: Triple-DES (Cert. #242); SHA-1 (Cert. #220); HMAC-SHA-1 (Cert. #220, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: Multi-chip standalone"iDirect Technologies provides solutions that allow enterprises of any size, in virtually any location, to access broadband TCP/IP communications via satellite. Our technology provides the flexibility, capability, and reliability that enterprise and government customers need to support critical business applications. The iDirect NetModem II Plus broadband router is a compact, set-top terminal that routes IP traffic over satellite networks." |
| 452 | Credant Technologies Corporation 15305 Dallas Parkway Suite 1010 Addison, TX 75001 USA -Chris Burchett
|
(Versions 1.3 and 1.4) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 07/28/2004; 09/21/2004; 09/24/2004 |
Overall Level: 1
-EMI/EMC: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows 2000 Professional SP 1 and Windows CE 3.0 (single user mode) -FIPS-approved algorithms: AES (Certs. #117 and #168); Triple-DES (Certs. #229 and #272); SHA-1 (Certs. #206 and #253); HMAC-SHA-1 (Certs. #206 and #253, vendor affirmed); RNG (Cert. #19) -Other algorithms: Multi-chip standalone"Credant Cryptographic Kernel is a FIPS 140-2 compliant, software-based cryptography library that implements Triple-DES, AES, SHA-1, and HMAC-SHA-1 algorithms for the Credant Mobile Guardian product. Credant Mobile Guardian enables enterprise-wide control of security for mobile and wireless users of laptops, tablet PCs, PDAs and smart phones." |
| 451 | Good Technology, Inc. 4250 Burton Drive Santa Clara, CA 95054 USA -Daphne Won
|
(Software Versions: Pocket PC 20040220 and Symbian 4.9.1) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 07/28/2004; 01/11/2007 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Symbian 9.1 and Windows CE 4.2
-FIPS-approved algorithms: AES (Certs. #134 and #477); Triple-DES (Certs. #240 and #491); SHA-1 (Certs. #217 and #545); HMAC-SHA-1 (Certs. #217, vendor affirmed and #234) -Other algorithms: Multi-chip standalone"The Good FIPSCrypto is a FIPS 140-2 validated software-based cryptographic module that implements the Triple-DES; AES; SHA-1; HMAC-SHA-1 algorithms." |
| 450 | Nokia Enterprise Solutions 313 Fairchild Drive Mt View, CA 94043 USA -Robert Kusters
|
(Hardware Versions: IP350, IP355, IP380 and IP385, Software Versions: (IPSO v3.7.99 and Check Point NG with Application Intelligence R54) and (IPSO v3.9 and Check Point NG with Application Intelligence R60)) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 07/28/2004; 07/28/2005; 09/21/2006; 11/06/2006 |
Overall Level: 2
-FIPS-approved algorithms: AES (Certs. #88 and #407); Triple-DES (Certs. #41, #80, #132, #234, #235, #333 and #440); SHA-1 (Certs. #42, #69, #210, #211, #212, #325 and #474); HMAC-SHA-1 (SHA-1 Certs. #42, #56, #69, #210, #211, #212, vendor affirmed and HMAC-SHA-1 #179 and #180); DSA (Cert. #99); RSA (PKCS #1 vendor affirmed and #63, #146 and #149); RNG (#30, #196 and #201) -Other algorithms: DES (Certs. #110, #142, #183, #247, #311 and #314); CAST; DES (40 bits); HMAC-MD5; MD5; Arcfour; Blowfish Multi-chip standalone"The Nokia IP350, IP355, IP380 and IP385 are full-featured enterprise systems designed for small to medium enterprises, with Service Provider flexibility and rapid serviceability option in a single rack space. When combined with Check Point VPN-1/FW-1, these platforms provide reliable, easy to manage distributed security and access." |
| 449 | Oberthur Card Systems 4250 Pleasant Valley Road Chantilly, VA 20151 USA -Christophe Goyet
|
(Hardware Version: P/N: 77, Firmware Version: E302) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 07/28/2004; 02/25/2005; 03/01/2005; 06/29/2005; 09/23/2005 |
Overall Level: 3
-FIPS-approved algorithms: AES (Cert. #123); Triple-DES (Cert. #232); Triple-DES MAC (Cert. #232, vendor affirmed); SHA-1 (Cert. #209); RSA (FIPS 186-2, PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #246); DES MAC (Cert. #246, vendor affirmed); Single-chip"The ID-One Cosmo 64 v5 is a JavaCard cryptographic module with dual interface (ISO 7816 & ISO 14443) specifically designed for identity and government needs. It offers a full 64K Byte of EEPROM space available for customer discretionary use, together with on card cryptographic services such as TDES, AES, and 2048-bit RSA algorithms with on-card key generation. It is compliant to Java Card v2.2 and Open Platform v2.1.1A. To protect against skimming, a built-in firewall allows application developers to disable contactless access for sensitive operations. Additional features include On-Card fingerprint matching and Logical Channels. The ID-One Cosmo 64 v5 is available in contact only, dual interface, or contactless only formats." |
| 448 | Chunghwa Telecom Co., Ltd. Telecommunication Labs 12, Lane 551, Min-Tsu Road SEC.5 Yang-Mei Taoyuan, Taiwan 326 Republic of China -Yu-Ling Cheng
|
(Hardware Version: HSM-HW-0312.02, Firmware Version: HSM-SW-ARM-FRTO.01) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/30/2004 | Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #224); AES (Cert. #111); SHA-1 (Cert. #201); RSA (FIPS 186-2, vendor affirmed) -Other algorithms: RC6 Multi-chip standalone"SafGuard200 is a multi-chip standalone cryptographic module that is used to provide highly-secure cryptographic services and key storage for PKI applications. (e.g., secure private key storage, high-speed math accelerator for 1024-4096 bit public key signatures, and hashing). The SafGuard 200 HSM provides secure identity-based challenge-response authentication using smart cards and data encryption using FIPS approved 3DES and AES encryption." |
| 447 | Oracle Corporation 500 Oracle Parkway Redwood Shores California, CA 94065 USA -Shaun Lee
|
(Software Version 10g (9.0.4)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 06/30/2004; 08/06/2004 |
Overall Level: 2
-Operational Environment: Tested as meeting Level 2 with Sun Solaris Version 8 running on a Sun Ultra 60 UltraSparc workstation
-FIPS-approved algorithms: Triple-DES (Cert. #170); SHA-1 (Cert. #154); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. #154, vendor affirmed) -Other algorithms: DES (Cert. #215); RSA-MD5 (PKCS#1); RC4; HMAC-MD5; Diffie-Hellman (key agreement); RSA (PKCS#5) Multi-chip standalone"The Oracle Cryptographic Libraries for SSL 10g (9.0.4) is a generic module used by Oracle Corporation in a variety of its application suites. The module is used to provide support to cryptography, authentication, PKCS and certificate management for applications like the Oracle Database Server, Oracle Applications Server, Oracle Internet Directory, Web Cache and Oracle HTTP Server. It provides a rich set of functionality and uses PKCS wallet structures for managing identities and trustpoints." |
| 446 | 3Com Corporation 5500 Great America Parkway Santa Clara, CA 95052 USA -Rahul Jain
-Annette Davis
|
(Hardware Versions: 03-0229-100 and 03-0347-000, Firmware Versions: Runtime: 03.001.008, Diagnostic: 03.001.008, Sleep: 03.001.007) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/30/2004 | Overall Level: 1
-EMI/EMC: Level 3
-FIPS-approved algorithms: Triple-DES (Cert. #212); SHA-1 (Certs. #188 and #189); HMAC-SHA-1 (Certs. #188 and #189, vendor affirmed) -Other algorithms: DES (Cert. #234); MD5; HMAC-MD5 Multi-chip embedded"3Com® 10/100 Secure NICs offers IPSec and TCP/IP offloading, upgradability to the embedded firewall technology while also offering advanced intrusion resistance to protect your LAN, without sacrificing throughput performance. In addition, the NICs incorporate advanced server features and remote management capabilities to accelerate application response and lower IT administration time." |
| 445 | Research In Motion® 295 Phillip Street Waterloo, Ontario N2L 3W8 Canada -Government Certifications Team
|
(Software Version: 1.0.0.2) (When operated in FIPS mode with FIPS validated Microsoft® Base Cryptographic Providers Certificates #76 or #103 operating in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 06/30/2004; 08/24/2005 |
Overall Level: 1
-EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows NT Server 4.0 SP6a -FIPS-approved algorithms: Triple-DES (Cert. #216); AES (Cert. #104); SHA-1 (Cert. #195); HMAC-SHA-1 (Cert. #195, vendor affirmed) -Other algorithms: Rijndael Multi-chip standalone"BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete endtoend solution. The BlackBerry® Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry®" |
| 444 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Hazem Hassan
|
(Hardware Version: 1.0, Firmware Version: 2.0, EXFs: GSC-IS application executable (G2 EXF) Version 22) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/30/2004; 02/22/2005 |
Overall Level: 2
-Physical Security: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #236); DSA/SHA-1 (Cert. #35);RSA (PKCS #1, vendor affirmed) -Other algorithms: DES (Cert. #88); Diffie-Hellman (key agreement) Single-chip"The 330G2 is an ISO 7816 and GSC-IS compliant cryptographic smart card designed for identification and access control applications. The card provides a secure, mobile platform for creating, storing and using keys, certificates, passwords and other digital credentials. Security services include: Multiapplication secure storage and retrieval of data and digital credentials. Authentication of the cardholder and the security officer. Cryptographic services including SHA-1, DES, 3DES, RSA Sign/Verify, RSA Encrypt/Decrypt and DSA Sign/Verify with on board key generation including RSA 2048-bit key generation." |
| 443 | ActivCard, Inc. 6623 Dumbarton Circle Fremont, CA 94555 USA -Eric Le Saint
|
(Hardware Version: Cyberflex Access 64k v2, OS Hard Mask no01 v01 Firmware Version: OS Soft Mask no02 v03, ID Applet v1.0.0.23, PKI Applet v1.0.0.29, GC Applet v1.0.0.27, SKI Applet v1.0.0.16) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/23/2004; 05/26/2006 |
Overall Level: 2
-Physical Security: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #193); Triple-DES MAC (Cert. #193, vendor affirmed); SHA-1 (Cert. #173); RSA (PKCS#1, vendor affirmed); AES (Cert. #81) -Other algorithms: DES (Cert. #227); DES MAC (Cert. #227, vendor affirmed) Single-chip"ActivCard Digital Identity Applet Suite v1.1.5 on Cyberflex Access 64k v2 provides the following services: - Card Holder verification using PIN - Secure storage of data and private information - RSA based Digital Signature (1024 and 2048 bits) - DES/TDES based One Time Password (OTP) generation" |
| 442 | Vormetric, Inc. 3131 Jay Street Santa Clara, CA 95054 USA -Suhel Khan
-Paulus Weemaes
|
(Hardware Version: P/N 30 Release 1.0 Version 3.0, Firmware Versions: VN.3.0SP1- Build0060 and VN.3.0SP1-Build0064) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/16/2004; 07/27/2004; 01/27/2006 |
Overall Level: 2
-Cryptographic Module Ports and Interfaces: Level 3 -Roles, Services, and Authentication: Level 3 -Cryptographic Key Management: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #241); AES (Cert. #135); SHA-1 (Cert. #218); HMAC-SHA-1 (Cert. #218, vendor affirmed); RSA (PKCS #1, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement); MD5 Multi-chip standalone"Vormetric CoreGuard Security Server is a comprehensive security solution that combines protection of data at rest, application integrity and host protection. CoreGuard integrates a software module loaded on a server, and a FIPS compliant appliance with user-defined security policies allowing fine-grain data access control and selective encryption of data at rest (AES 128/256 and 3DES), application digital signatures, enforced user authentication, host protection and central management. CoreGuard installs transparently and does not require changes to applications, databases or storage architectures allowing the security to extend to any data across the enterprise." |
| 441 | F-Secure Corporation Tammasaarenkatu 7 PL 24 Helsinki, 00181 Finland -Alexey Kirichenko
|
(Software Version: 1.1.11) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 06/16/2004 | Overall Level: 1
-EMI/EMC: Level 3 -Self-Tests: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows CE 4.20.1081 -FIPS-approved algorithms: AES (Cert. #4); SHA-1 (Cert. #224); HMAC-SHA-1 (Cert. #224, vendor affirmed) -Other algorithms: Passphrase-based key derivation (PBKDF2 as specified in PKCS#5); AES (IWEC) Multi-chip standalone"The F-Secure Pocket PC Cryptographic Library is a software module, implemented as a 32-bit Windows CE compatible DLL for Windows Mobile 2003 and Pocket PC 2002 platforms. It provides an assortment of cryptographic services to any client process that attaches an instance of the module DLL. The services are accessible for the client through a Clanguage Application Program Interface. The cryptographic services are also available in the form of a static library and as source code." |
| 440 | Sigaba Corporation 1875 South Grant Road Suite 500 San Mateo, CA 94402 USA -Greg Desmarais
|
(Software Version 1.2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 06/16/2004 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows XP Professional SP1, Java Runtime Environment 1.4.2-b28
-FIPS-approved algorithms: Triple-DES (Cert. #94); AES (Cert. #22); SHA-1 (Cert. #78); HMAC-SHA-1 (Cert. #78, vendor affirmed); DSA (Cert. #56); RSA (FIPS 186-2, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement); Secure Remote Password (SRP); Extended Secure Remote Password (ESRP); Triple-DES (ECB mode); DSA (Signing and Key Generation) Multi-chip standalone"The module is a JAVA language cryptographic component to be used by the various SigabaĆs security products. The module is designed to meet Level 1 requirements of FIPS 140-2 standard. The module is a cryptographic library that provides variety of cryptographic services (both approved as well as non-approved). The module can be executed on any general-purpose PC and operating system capable of running JRE 1.4 or later." |
| 439 | Decru a NetApp Company 275 Shoreline Drive Fourth Floor Redwood City, CA 94065 USA -Michele Borovac
|
(Hardware PN/Rev 60-000109/A, Firmware PN NAS 29.4 and SAN 29.4, Software PN 23.3) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/16/2004; 06/21/2007 |
Overall Level: 3
-FIPS-approved algorithms: SHA-1 (Certs. #190, #191 and #192); AES (Certs. #97, #98 and #99); ECDSA (vendor affirmed); HMAC-SHA-1 (Cert. #192, vendor affirmed); SHA-256 (Cert. #223); HMAC-SHA-256 (Cert. #223, vendor affirmed) -Other algorithms: Multi-chip embedded"Decru's Storage Encryption Processor (SEP) is the primary cryptographic and key management engine for Decru DataFort products. Decru DataFort is a wire-speed storage security appliance. DataFort uses hardware-based encryption, authentication, secure access controls, and secure logging to protect networked storage in NAS, SAN, DAS and Tape environments. DataFort can be deployed transparently, with no changes to desktops, servers, applications, or user workflow." |
| 438 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(Hardware Versions: 2621XM and 2651XM with AIM-VPN/EP Version 1.0 and Board Version B0, Firmware Version: IOS 12.3(3d)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/16/2004; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #32 and #156); Triple-DES MAC (Cert. #156, vendor affirmed); AES (Cert. #46); SHA-1 (Cert. #26 and DSA Cert. #38); HMAC-SHA-1 (Cert. #26, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #100 and #202); DES MAC (Cert. #202, vendor affirmed); MD4; MD5; HMAC-MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Modular Access Routers are routers that provides data protection on a network providing packet encryption. The modules perform all of the functions typical of a router. In addition to the normal routing functions, the modules also provide packet encryption. The modules are capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 437 | F-Secure Corporation Tammasaarenkatu 7 PL 24 Helsinki, 00180 Finland -Alexey Kirichenko
|
(Software Version 2.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 06/16/2004 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows 98, Windows XP and Windows ME (single user mode)
-FIPS-approved algorithms: Triple-DES (Cert. #202); AES (Cert. #89); SHA-1 (Cert. #178); HMAC-SHA-1 (Cert. #178, vendor affirmed); DSA (Cert. #94); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #231); DES (CTR); Blowfish; CAST 128; MD5; SHA-256; HMAC- MD5, HMAC-SHA-256, Diffie-Hellman (key agreement); Passphrase-based key derivation (PBKDF2 as specified in PKCS#5) Multi-chip standalone"The F-Secure Cryptographic Library for Windows (the Module) is a software module, implemented as a 32-bit Windows 'NT/2000/XP/98/ME' compatible DLL (FSCLM.DLL). The Module provides an assortment of cryptographic services to any client process that attaches an instance of the Module DLL. The Module is designed and implemented to meet the level 1 requirements of FIPS publication 140-2 when running on appropriate hardware under Windows 98, ME or XP operating system." |
| 436 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Randy Kun
|
(Hardware Versions: 2.0, 3.0 and 4.0, Firmware Version 4.1.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/10/2004; 10/18/2004; 12/22/2005 |
Overall Level: 2
-Physical Security: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -Cryptographic Key Management: Level 3 -Self-Tests: Level 3 -Mitigation of Other Attacks: Level 3 -FIPS-approved algorithms: AES (Cert. #41); Triple-DES (Cert. #73); DSA (Cert. #51); SHA-1 (Cert. #64); RSA (FIPS 186-2 and PKCS #1, vendor affirmed); Triple-DES MAC (Cert. #73, vendor affirmed); HMAC-SHA-1 (Cert. #64, vendor affirmed) -Other algorithms: DES (Cert. #32); DES MAC (Cert. #32, vendor affirmed); RC2; RC4; RC5; CAST; CAST3; CAST5; SEED; MD2; MD5; Diffie-Hellman 1024; CAST MAC; CAST3 MAC; CAST5 MAC; SSL3-MD5 MAC; SSL3-SHA-1 MAC; HMAC-MD5; KCDSA; PBE-MD2-DES; PBE-MD5-DES; PBE-MD5-CAST; PBE-MD5-CAST3; PBE-SHA-1-CAST5; AES MAC; RC2 MAC; RC5 MAC Multi-chip embedded"The K3 Chrysalis-ITS Cryptographic Engine is a hardware cryptographic module in the form of a PCI card that resides within a secured generalpurpose computing appliance. It is contained in its own secure enclosure that provides physical resistance to tampering and zeroization in the event the enclosure is opened. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI card." |
| 435 | SafeNet, Inc. 951 Aviation Pkwy Suite 300 Morrisville, NC 27560 USA -Glenn Constable
|
(Hardware Versions: SE-SLE-HNxAC[1], SE-SLE-LNxAC[2], SE-SLE-1ExAB[3], SE-SLE-27xAB[4], SE-SLE-2ExAB[5], SE-SLE- LRxAB[6], SE-SLE-37xAB[7] and SE-SLE-VVxAB[8], Firmware Version: 4.01) (When operated in FIPS mode) (Note: Refer to the cryptographic module’s security policy for the details on the letter x designation) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/28/2004; 06/10/2004 |
Overall Level: 2
-Physical Security: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: Triple-DES (Certs. #22 and #139); AES (Cert. #32); DSA/SHA-1 (Cert. #5) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone"The SafeNet™ SafeEnterprise™ Link Encryptor's (SLE's) secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 8 Mbps, and employs FIPS approved AES or Triple-DES algorithms. The SLE can be locally controlled or managed using the SafeNet™ SafeEnterprise™ Security Management Center (SMC), an SNMP-based security management system." |
| 434 | Entrust, Inc. One Hanover Park 16633 Dallas Parkway Suite 800 Addison, TX 75001 USA -Entrust Sales
|
(Software Version: 7.0) (When operated in FIPS mode with FIPS validated browser services operating in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 05/27/2004 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows 2000 SP3 running Microsoft VM for Java 5.0.0.3810 or Sun plug-in version 1.4.1, and Netscape Navigator 7.0 (Certs. #7, #45 and #47) or Microsoft Internet Explorer 6.0 SP1 (Certs. #103 and #106) (single user mode)
-FIPS-approved algorithms: Triple-DES (Cert. #69); SHA-1 (Cert. #60); RSA (PKCS#1, vendor affirmed) -Other algorithms: CAST 128 Multi-chip standalone"The module performs low level cryptographic operations - encryption, decryption and hashes - implemented in software using the high-level Java programming language. Currently, the module is imbedded into an applet as part of the TruePass product suite that allows integration of cryptographic security into web applications." |
| 433 | Enterasys Networks 50 MinuteMan Rd. Andover, MA 01810 USA -Damon Hopley
|
(Hoftware Version: REL 6.3, Firmware Version: REL 6.3, Hardware Version: REV 0A-G) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/26/2004 | Overall Level: 2
-FIPS-approved algorithms: AES (Certs. #48, 106 and #107); Triple-DES (Certs. #158, #218, #219 and #220); SHA-1 (Certs. #143, #197, #198 and #199); HMAC-SHA-1 (Certs. #143, #197, #198 and #199, vendor affirmed); DSA (Cert. #97); RSA (PKCS #1, vendor affirmed) -Other algorithms: DES (Certs. #204, #238, #239 and #240); HMAC-MD5; MD5; MD4; 40-bit and 128-bit RC4; CAST; Blowfish; Twofish; ARCfour; Diffie-Hellman (key agreement) Multi-chip standalone"Enterasys Networks X-Pedition Security Routers (XSR), the XSR-1805, XSR-1850, and XSR-3250 modules are networking devices that combine a broad range of IP routing features, a broad range of WAN interfaces and a rich suite of network security functions, including site-to-site and remote access VPN connectivity and policy managed, stateful-inspection firewall functionality." |
| 432 | Cisco Systems, Inc. 7025-6 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Chris Romeo
|
(Hardware Version 3.2, Firmware Version 12.2(11r) YQ4) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/26/2004; 10/01/2004; 05/24/2005 |
Overall Level: 1
-Cryptographic Module Specification: Level 2 -Roles, Services, and Authentication: Level -EMI/EMC: Level 2 -Design Assurance: Level 2 -Cryptographic Module Ports and Interfaces: Level 2 -Finite State Model: Level 2 -Cryptographic Key Management: Level 2 Self-Tests: Level 2 -FIPS-approved algorithms: Triple-DES (Cert. #156); Triple-DES MAC (Cert. #156, vendor affirmed); AES (Cert. #46); SHA-1 (Cert. #26); HMAC-SHA-1 (Cert. #26, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #202); DES MAC (Cert. #202, vendor affirmed); MD4; MD5; Diffie-Hellman (key agreement); HMAC-MD5 Multi-chip embedded"The module is a high-performance router card, which offers secure data, voice and video communications, seamless mobility and interoperability across multiple wireless networks. The unique functionality of this router card is that always on IP connectivity for networks in motion. This allows IP hosts on a mobile network to connect transparently to the parent network while the router is in motion." |
| 431 | Gemplus Corp. Avenue du Pic de Bretagne BP 100, GTmenos Cedex 13881 France -Luc Astier
|
(GP92, Firmware Versions: GXP3 - FIPS EI19 and GXP3 - FIPS EI19 with new ATR and fast ATR) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/26/2004; 07/27/2004; 08/05/2004 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #95); SHA-1 (Cert. #82); RSA (PKCS#1, vendor affirmed); Triple-DES MAC (Cert. #95, vendor affirmed) -Other algorithms: DES (Cert. #155); DES MAC (Cert. #155, vendor affirmed) Single-chip"GemXpresso Pro R3 E64 PK - FIPS is based on a Gemplus Open OS Smart Card with 64K of EEPROM.. The SmartCard platform has on board Triple DES and RSA algorithms and can provide on board key generation. The module conforms to Java Card V2.1.1 and Global Platform V2.0.1 standards" |
| 430 | SafeNet, Inc. 951 Aviation Parkway Suite 300 Morrisville, NC 27560 USA -Glenn Constable
|
(SE-SFE-LixAC[1], SE-SFE-HixAC[1], and SE-SFE-VVxAC[2], Firmware Version: 5.00) (When operated in FIPS mode) (Note: Refer to the cryptographic module’s security policy for the details on the letter (i and x) designations) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/26/2004; 06/10/2004 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Certs. #22 and #139); AES (Cert. #32); DSA/SHA-1 (Cert. #5) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone"The SFE protects information flowing between nodes or sites of a frame relay network. It can be configured to either allow or disallow information flow between two frame relay nodes. Furthermore, the information flow can be either protected through AES/TDES encryption or passed without encryption. The SFE II supports Full-Duplex throughput of up to 8m Mbps and 922 active secure connections." |
| 429 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(Hardware Versions: 6509, 7606 and 7609, Backplane Chassis Version 3.0 (6509), 1.0 (7606) and 1.0 (7609), Supervisor Blade Version 3.2, VPN Accelerator Blade Version 1.2, Firmware Version: 12.2(14)SY3) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/06/2004; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #132, #155 and #156); Triple-DES MAC (Cert. #156, vendor affirmed); SHA-1 (Certs. #26 and #117); HMAC-SHA-1 (Certs. #26 and #117, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #183, #201 and #202); DES MAC (Cert. #202, vendor affirmed); AES (Cert #46); MD4; MD5; Diffie-Hellman (key agreement); HMAC-MD5 Multi-chip standalone"The Cisco Catalyst 6509 Switch, 7606 and 7609 Routers offer versatility, integration, and security to branch offices. With numerous Network Modules (NMs) available, the modular architecture of the Cisco router easily allows interfaces to be upgraded to accommodate network expansion. The Cisco 6509, 7606 and 7609 provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements." |
| 428 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(Hardware Versions: 7206 VXR NPE-G1 Version 1.1, Fab Version 05 and VAM2 Version 2.0, Board Version A0, and Firmware Version: IOS 12.3(3d)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/06/2004; 11/29/2004; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #156 and #158); Triple-DES MAC (Cert. #156, vendor affirmed); AES (Certs. #46 and #48); SHA-1 (Certs. #26 and #143); HMAC-SHA-1 (Certs. #26 and #143, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #202 and #204); DES MAC (Cert. #202, vendor affirmed); MD4; MD5; HMAC-MD5; Diffie-Hellman (key agreement) Multi-chip standalone"Cisco Modular Access Routers are routers that provide data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 427 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(Hardware Versions: 2691, 3725 and 3745 with AIM-VPN/EPII Version 1.0, Board Version A0 and AIM-VPN/HPII Version 1.0, Board Version A0, and Firmware Version: IOS 12.3(3d)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/06/2004; 05/25/2004; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #156 and #160); Triple-DES MAC (Cert. #156, vendor affirmed); AES (Certs. #46 and #51); SHA-1 (Certs. #26 and #144); HMAC-SHA-1 (Cert. #26, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #202 and #206); DES MAC (Cert. #202, vendor affirmed); MD4; MD5; HMAC-MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Modular Access Routers are routers that provides data protection on a network providing packet encryption. The modules perform all of the functions typical of a router. In addition to the normal routing functions, the modules also provide packet encryption. The modules are capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 426 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(Hardware Versions: 1721 and 1760 with MOD1700-VPN Version 2.1, Board Version A0 and Firmware Version: IOS 12.3(3d)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/06/2004; 05/25/2004; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #32 and #156); Triple-DES MAC (Cert. #156, vendor affirmed); AES (Cert. #46); DSA/SHA-1 (Cert. #38); HMAC-SHA-1 (SHA-1 Cert. #26 and DSA/SHA-1 Cert. #38, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #100 and #202); DES MAC (Cert. #202, vendor affirmed); MD4; MD5; HMAC-MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Modular Access Routers are routers that provides data protection on a network providing packet encryption. The modules perform all of the functions typical of a router. In addition to the normal routing functions, the modules also provide packet encryption. The modules are capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 425 | Pitney Bowes, Inc. 35 Waterview Drive Shelton, CT 06484 USA -Douglas Clark
|
(Hardware version: DS1955B PBO-1.00c) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/06/2004 | Overall Level: 3
-Physical Security: Level 3 +EFP
-FIPS-approved algorithms: Triple-DES (Cert. #185); SHA-1 (Cert. #167); DSA (Cert. #90); Triple-DES MAC (Cert. #185, vendor affirmed) -Other algorithms: DES (Cert. #222); Multi-chip standalone"The Pitney Bowes iButton Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information- Based Indicia Program (IBIP). It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds and the production of postage meter indicia in a variety of Pitney Bowes Metering products. The PSD has been designed to support international postal markets and their evolving requirements for digital indicia." |
| 424 | Fortress Technologies, Inc. 4025 Tampa Road Suite 1111 Oldsmar, FL 34677 USA -Dennis Joyce
|
(Software Version: 2.4) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 05/06/2004; 02/07/2006; 12/20/2006 |
Overall Level: 1
-Roles, Services, and Authentication: Level 2 -EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows XP Pro SP1, Windows 2000 SP2, Windows NT 4.0 SP2, Windows 98 2nd ed., Windows CE 3.0, PalmOS 4.1, MS DOS 6.20 and Windows CE v4.0 (single user mode) -FIPS-approved algorithms: Triple-DES (Certs. #19 and #457); SHS (Certs. #34 and #498); AES (Certs. #14 and #427); HMAC-SHA-1 (Cert. #34, vendor affirmed) -Other algorithms: DES (Cert. #23); Diffie-Hellman (key agreement) Multi-chip standalone"The AirFortress(tm) Client is a software module designed to deliver security on wireless devices such as bar scanners, handhelds, and laptops using various operating systems. A plug-and-play solution, the Client encrypts and decrypts communication across the WLAN and protects the device against attacks without user intervention." |
| 423 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(Hardware Version: 7206-VXR with VAM Version 1.0 and Board Version A0, Firmware Version: IOS 12.3(3d)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/06/2004; 11/29/2004; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #29 and #156); Triple-DES MAC (Cert. #156, vendor affirmed); AES (Cert. #46); SHA-1 (Certs. #26 and #51); HMAC-SHA-1 (Certs. #26 and #51, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #101 and #202); DES MAC (Cert. #202, vendor affirmed); MD4; MD5; HMAC-MD5; Diffie-Hellman (key agreement) Multi-chip standalone"Cisco Modular Access Routers are routers that provide data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 422 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(HW Versions: 1721, 1760, 2621XM, 2651XM, 2691, 3725, 3745 and 7206-VXR, Firmware Version: IOS 12.3(3d)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/06/2004; 05/25/2004; 11/29/2004; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #156); Triple-DES- MAC (Cert. #156, vendor affirmed); AES (Cert. #46); SHA-1 (Cert. #26); HMAC-SHA-1 (Cert. #26, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #202); DES MAC (Cert. #202, vendor affirmed); MD4; MD5; HMAC-MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Modular Access Routers are routers that provides data protection on a network providing packet encryption. The modules perform all of the functions typical of a router. In addition to the normal routing functions, the modules also provide packet encryption. The modules are capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 421 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Chris Romeo
|
(Hardware Version: 3005, 3015, 3030, 3060 and 3080, Firmware Version: FIPS 3.6.7.F) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/06/2004; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #32 and #168); Triple-DES MAC (Certs. #32 and #168, vendor affirmed); AES (Cert. #56); SHA-1 (Cert. #152); HMAC-SHA-1 (DSA/SHA-1 Cert. #38 and SHA-1 Cert. #152, vendor affirmed); DSA/SHA-1 (Certs. #38 and #85); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #100 and #210); DES MAC (Certs. #100 and #210, vendor affirmed); RC4; MD5; HMAC-MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco VPN 3000 Series Concentrators are hardware appliances that operate as concentrators in Virtual Private Networking (VPN) environments. They combine the best features of a software concentrator, including scalability and easy deployment, with the stability and independence of a hardware platform." |
| 420 | Check Point Software Technologies Ltd. 12007 Sunrise Valley Dr. Suite 130 Reston, VA 20191 USA -Check Point Federal
|
(Version NG with Application Intelligence) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Firmware | 05/06/2004; 05/19/2004; 10/12/2005; 11/17/2005; 01/06/2006 |
Overall Level: 1
-Roles, Services, and Authentication: Level 2 -EMI/EMC: Level 3 -Design Assurance: Level 2 -Tested: Secure Platform Operating System version NG with Application Intelligence -FIPS-approved algorithms: AES (Cert. #88); Triple-DES (Certs. #41 and #80); SHA-1 (Certs. #42 and #69); HMAC-SHA-1 (Certs. #42 and #69, vendor affirmed); RSA (PKCS #1, vendor affirmed) -Other algorithms: DES (Certs. #110 and #142); CAST 40; CAST 128; MD5; HMAC-MD5; Diffie-Hellman (key agreement) Multi-chip standalone"Check Point’s VPN-1 version NG with Application Intelligence is a tightly integrated software solution combining the FireWall-1 (FW-1) security suite with sophisticated Virtual Private Network (VPN) technologies and a hardened Secure Platform operating system (OS). The cornerstone of Check Point’s Secure Virtual Network (SVN) architecture, VPN-1 meets the demanding requirements of Internet, intranet, and extranet VPNs by providing secure connectivity to corporate networks, remote and mobile users, branch offices, and business partners." |
| 419 | Blue Ridge Networks 14120 Parke Long Court Chantilly, VA 20151 USA -Tom Gilbert
|
(BorderGuard 4000 & 3140, Firmware Version: BG4000 DPF1 6.2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/06/2004 | Overall Level: 2
-FIPS-approved algorithms: AES (Cert. #116); Triple-DES (Certs. #227 and #228); SHS (Certs. #49 and #203); HMAC-SHS (Cert. #49, vendor affirmed) -Other algorithms: DES (Certs. #119 and #243); DES MAC (Cert. #119, vendor affirmed); Diffie-Hellman (key agreement); IDEA; MD5; HMAC-MD5; RSA (non-compliant) Multi-chip standalone"The BG4000 and BG3140 are network security appliances for the construction of secure Virtual Private Networks between Internet sites, and between Internet sites and individual remote users." |
| 418 | ActivCard, Inc. 6623 Dumbarton Circle Fremont, CA 94555 USA -Eric Le Saint
|
(Firmware Versions: OS Hard Mask no5 v01 and OS Soft Mask no 4 v01 and 4v2, Applet Versions: ACA Applet v2.3.0.1, v2.3.0.4, and v2.3.0.5, ASC Library v2.3.0.1 and v2.3.0.3 and PKI/GC Applet v2.3.0.1, v2.3.1.1, and v2.3.1.2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 04/19/2004; 01/13/2005; 06/06/2005; 08/22/2005; 05/26/2006 |
Overall Level: 2
-Physical Security: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #125); Triple-DES MAC (Cert. #125, vendor affirmed); SHA-1 (Cert. #108); RSA (PKCS#1, vendor affirmed); -Other algorithms: DES (Cert. #179, not available for use); DES MAC (Cert. #179, vendor affirmed, not available for use) Single-chip"ActivCard Applet v2 provides significant enhancement over the ActivCard v1 Applet in service, security, and flexibility. The v2 framework is backward compatible with earlier versions of ActivCard Applets and offers a more open, stable, and flexible platform for developers to build and deploy smart card applications. ActivCard Applet v2 also complies with GSC-IS 2.1 standard." |
| 417 | Encotone Ltd. Bldg. 5, Har Hotzvim Scientific Park P.O.B. 45094, Jerusalem 91450 Israel -Marc Houri
-Dr. Isaac Labaton
|
(Hardware P/N 567-2.6.6 Version 6.2, Firmware HardMask Version 6.2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 04/09/2004 | Overall Level: 2
-Roles, Services, and Authentication: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: SHA-1 (Cert. #141); ECDSA (vendor affirmed) -Other algorithms: Multi-chip standalone"The Tele-ID is a portable, phone and PC compatible signature tool able to digitally sign messages, either locally entered on the module or whose Hash value has been transmitted to the module. The digital signature is encoded to sound and, hence, can be sent through any phone, cellular or fixed, or any PC microphone. The Tele-ID has capabilities to create an ECDSA K-163 key pair and enroll the public key with most of the PKI vendors RA-CA. The Tele-ID includes an autarkic GMT Time Stamp in each digital signature to enable CRL/OCSP on-line checking, after signature execution time-stamp corroboration, and with it, to strongly enhance the legal defense of the relying party." |
| 416 | Real Time Logic, Inc. 8591 Prairie Trail Drive Suite 500 Englewood, CO 80112 USA -Bela Szabo
|
(Hardware P/N RTL-P200006 Rev A Version 1.0, Firmware Version 1.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 04/09/2004 | Overall Level: 2
-Design Assurance: Level 3
-FIPS-approved algorithms: Triple-DES (Cert. #222) -Other algorithms: Multi-chip embedded"The RTL-TDEA Crypto Module is a PCI card developed to encrypt and decrypt serial user data using Triple Data Encryption (TDEA) algorithms certified to FIPS-140-2 Level 2 security requirements. The certified TDEA algorithms include TECB, TCBC Encrypt and TCFB-64, TOFB-64, Encrypt and Decrypt. The crypto module is a multi-chip embedded short form PCI card (ISA standard) with all of the control functions and encryption algorithms implemented in firmware and hosted in an FPGA. All control of the module is via an RS-232, 9600 Baud DTE UART interface while the data is passed through dedicated RS-422 input and output ports at a rate of up to 10 Mbps." |
| 415 | Gemplus Corp. and ActivCard, Inc. Avenue du Pic de Bretagne BP 100, GTmenos Cedex 13881 France -Luc Astier
-Eric Le Saint
|
(Hardware Version: GP92, Firmware Versions: GXP3 - FIPS EI19 and GXP3 - FIPS EI19 with new ATR and fast ATR, Applet Versions: AC Applet Versions 2.3.0.1, 2.3.0.4 and 2.3.0.5, ASC Libraries 2.3.0.1 and 2.3.0.3, and PKI/GC Applet Versions 2.3.0.1, 2.3.1.1 and 2.3.1.2) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 04/09/2004; 07/27/2004; 08/05/2004; 02/24/2005; 07/28/2005 |
Overall Level: 2
-Physical Security: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #95); SHA-1 (Cert. #82); RSA (PKCS#1, vendor affirmed); Triple-DES MAC (Cert. #95, vendor affirmed) -Other algorithms: DES (Cert. #155); DES MAC (Cert. #155, vendor affirmed) Single-chip"GemXpresso Pro R3 E64 PK - FIPS with ActivCard Applet v2 is based on a Gemplus Open OS Smart Card with 64K of EEPROM, and on latformindependent cryptographic applets suite developed by ActivCard. The SmartCard platform has on board Triple DES and RSA algorithms and can provide on board key generation. The Applet incoporates some services for PKI (Public Key Infrastructure), for secure credentials management and authentication mechanisms. In addition, the Applet suite allows the registration and management of post-issuance applets that can be handled under the framework. The module conforms to Java Card V2.1.1, Global Platform V2.0.1, and GSC/IS 2.1 standards." |
| 414 | Neopost Technologies 113, rue Jean-Marin Naudin Bagneux, 92220 France -Thierry Le Jaoudour
|
(Hardware P/N 3000186T Version A, Firmware Versions 3800157W E24 (Main) and 3800159Y E (Coprocessor)) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 04/05/2004; 10/03/2006 |
Overall Level: 3
-Self-Tests: Level 4
-FIPS-approved algorithms: DSA/SHA-1 (Cert. #39) -Other algorithms: Multi-chip embedded"The module provides services to an office and post room based mailing system. The system's features include hand or auto feed mail processing speeds in excess of 5000 envelopes per hour using Ink jet technology, a moistening option, scale interface, internal modem for remote recrediting and memory card for slogan and rate loading, external printer for reports." |
| 413 | Good Technology 1032 Morse Ave Sunnyvale, CA 94089 USA -Phil Peterson
|
(Software Version 20031028) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 04/05/2004 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Palm OS Version 5
-FIPS-approved algorithms: AES (Cert. #108); Triple-DES (Cert. #221); SHA-1 (Cert. #200); HMAC-SHA-1 (Cert. #200, vendor affirmed) -Other algorithms: N/A Multi-chip standalone"The FIPSCrypto on Palm is a FIPS 140-2 compliant software-based cryptographic module that implements the TDES, AES, SHA-1 and HMAC-SHA-1 algorithms." |
| 412 | Good Technology 1032 Morse Ave Sunnyvale, CA 94089 USA -Phil Peterson
|
(Version 1.9.3.7) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 04/05/2004 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with eCos Version 1.3.1 Operating System
-FIPS-approved algorithms: AES (Cert. #95); Triple-DES (Cert. #209); SHA-1 (Cert. #185); HMAC-SHA-1 (Cert. #185, vendor affirmed) -Other algorithms: N/A Multi-chip standalone"The FIPSCrypto on G100 is a FIPS 140-2 compliant software-based cryptographic module that implements the TDES, AES, SHA-1 and HMAC-SHA-1 algorithms." |
| 411 | ECI Systems & Engineering 3100 Knight Street Suite 7 Shreveport, LA 71105 USA -Mac McGregor
|
(Software Versions 1.6-FIPS-1, 1.8, 1.9 and 2.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 04/05/2004; 11/08/2004; 04/27/2005; 09/07/2005 |
Overall Level: 2
-Operational Environment: Tested as meeting Level 2 with Trusted Solaris 8 4/01 running on an Intel Pentium III
-FIPS-approved algorithms: Triple-DES (Cert. #186); SHA-1 (Cert. #168); HMAC-SHA-1 (Cert. #168, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement); MD5; HMAC MD5; CAST; RSA (PKCS#1, non-compliant); DSA (non-compliant) Multi-chip standalone"A software IPSec implementation for Sun Trusted Solaris. This module supports Triple DES encryption/decryption, SHA-1, and HMAC-SHA-1." |
| 410 | Airespace, Inc. 110 Nortech Pkwy San Jose, CA 95134 USA -Scott Kelly
|
(Hardware P/Ns AS-4101- X0S00, AS-4012- (00S00, 0PS00, X0S00, XPS00, T0S00 and TPS00), AS-4024- (00S00, 0PS00, X0S00, XPS00, T0S00 and TPS00), Hardware Versions 1.0 and 2.0, Firmware Version 1.2.77.4) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 04/05/2004; 06/16/2004 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #196 and #197); AES (Certs. #85 and #86); SHA-1 (Certs. #174 and #175); HMAC-SHA-1 (Certs. #174 and #175, vendor affirmed); RSA (PKCS #1, vendor affirmed) -Other algorithms: RC4; MD5; Diffie-Hellman (key agreement) Multi-chip standalone"Airespace Cryptographic Manager (ACM) provides cryptographic services for the Airespace Wireless Enterprise Platform. Airespace offers a unique hierarchical architecture that centralizes network intelligence for cost effective deployment, dynamic RF operations, secure mobility management, service creation, and policy enforcement throughout an entire wireless network." |
| 409 | IBM® Corporation 11400 Burnet Road Austin, TX 78758 USA -Tom Benjamin
|
(Software Version 1.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 04/05/2004 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows 2000 Professional SP3 (JVM 1.3.1_03 and JVM 1.4.1_04), Windows 2000 Advanced Server SP4 (JVM 1.4.1), Sun Solaris 5.8 (JVM 1.3.1 and 1.4.1), AIX 5.2 (JVM 1.3.1 and 1.4.1), SuSE Linux Enterprise Server 8 (JVM 1.4.1_05), Red Hat Linux Advanced Server 2.1(JVM 1.4.1_05), IBM OS/400 V5R2M0 (JVM 1.4.1), z/OSV1R4 (JVM 1.4.1)
-FIPS-approved algorithms: SHA-1 (Cert. #148); Triple-DES (Cert. #163); AES (Cert. #53); DSA (Cert. #83); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. #148, vendor affirmed) -Other algorithms: DES (Cert. #208); MD2; MD5; RC2; RC4; SHA-256; Diffie-Hellman (key agreement) Multi-chip standalone"The IBM+ Java+ JSSE (Java Secure Sockets Extension) FIPS provider (IBMJSSEFIPS) for Multi-platforms is a scalable, multi-purpose Secure Sockets provider that supports only FIPS approved TLS cipher suites via the Java2 Application Programming Interfaces (APIs)." |
| 408 | Research In Motion® 295 Phillip Street Waterloo, Ontario N2L 3W8 Canada -Government Certifications Team
|
(Hardware Version: 1.0, Software Version: 3.6.0.49, S/MIME Support Package Version 1.5) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 04/05/2004; 08/24/2005 |
Overall Level: 2
-Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -Self-Tests: Level 4 -FIPS-approved algorithms: Triple-DES (Cert. #200); AES (Cert. #83); DSA (Cert. #93); SHA-1 (Cert. #147); HMAC-SHA-1 (Cert. #147); ECDSA (vendor affirmed); Triple-DES MAC (Cert. #200, vendor affirmed); RSA (PKCS#1 and FIPS 186-2, vendor affirmed) -Other algorithms: DES (Cert. #228); DES MAC (Cert. #228, vendor affirmed); RC2; RC5; Skipjack; CAST5-128; Rijndael; ARC FOUR; KEA; Diffie-Hellman (key agreement); ECDH (key agreement); ECMQV (key agreement); ECNR; ElGamal; SHA-256; SHA-384; SHA-512; HMAC (SHA-256, SHA-384, SHA-512, MD2, MD4, MD5, RIPEMD-128, RIPEMD-160); MAC (AES, CAST5-128, RC2, RC5, Skipjack); MD2; MD4; MD5; RIPEMD-128; RIPEMD-160 Multi-chip standalone"BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete end-toend solution. The BlackBerry® Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry®." |
| 407 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Chris Romeo
|
(Software Version 3.6.5) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 03/29/2004; 04/07/2004; 05/24/2005; 04/09/2007 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows 2000, Windows XP (single user mode)
-FIPS-approved algorithms: Triple-DES (Cert. #169); AES (Cert. #58); SHA-1 (Cert. #153); HMAC-SHA-1 (Cert. #153, vendor affirmed); RSA (PKCS#1, vendor affirmed); Triple-DES MAC (Cert. #169, vendor affirmed) -Other algorithms: DES (Cert. #212); DES MAC (Cert. #212, vendor affirmed); Diffie-Hellman (key agreement); MD5; HMAC-MD5 Multi-chip standalone"The Cisco Software VPN client for Window OS is an award winning IPsec VPN client which is available free of charge for use across all termination products. It is the most advanced VPN client available and enables secure Remote Access connectivity to employees and partners. The Cisco Software VPN Client is also a key part of the industries best load balancing, fail-over and recovery strategy." |
| 406 | IBM® Corporation Seaumerstrasse 4 Rueschlikon, CH 8803 Switzerland -Michael Osborne
|
(Software Version 3.15.3232 and 3.16 (FIPS140/Prod)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 03/18/2004; 02/24/2005 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows 2000 SP 3 (JRE 1.3.1_03), Red Hat Linux 8.0 (JRE 1.3.1_07)
-FIPS-approved algorithms: SHA-1 (Cert. #148); Triple-DES (Cert. #163); AES (Cert. #53); DSA (Cert. #83); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. #148, vendor affirmed) -Other algorithms: DES (Cert. #208); MD2; MD5; RC2; RC4; SHA-256; Diffie-Hellman (key agreement) Multi-chip standalone"SSLite is a SSL (Secure Socket Layer) V2.0, V3.0 and TLS (Transport Layer Security) V1.0 protocol implementation including PKI (Public Key Infrastructure) functionality, in Java." |
| 405 | Microsoft Corporation One Microsoft Way Redmond, WA 98052 USA -Dave Friant
|
(Software Versions 5.2.3790.0 and 5.2.3790.1830 [SP1]) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 03/18/2004; 10/07/2005; 10/25/2005; 10/15/2007 |
Overall Level: 1
-EMI/EMC: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows Server 2003 (x86) [1] and Windows Server 2003 Service Pack 1 (x86, x64, and IA64) [2] (single user mode) -FIPS-approved algorithms: Triple-DES (Certs. #201[1] and #370[1]); SHS (Certs. #177[1] and #371[2]) -Other algorithms: DES (Cert. #230[1]); HMAC-MD5; HMAC-SHA-1 (non-compliant) Multi-chip standalone"Microsoft Corporation’s Windows Server 2003 Kernel Mode Cryptographic Module (FIPS.SYS) is a FIPS 140-2 Level 1 compliant, general-purpose, software-based, cryptographic module residing at the Kernel Mode level of the Windows Operating System. It runs as a kernel mode export driver (a kernel-mode DLL) and encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible by other kernel mode drivers. It can be linked into other kernel mode services to permit the use of FIPS 140-2 Level 1 compliant cryptography." |
| 404 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -sales@ncipher.com
|
(Hardware Versions: nC4032P-150[1], nC4032P-300[2], nC4032P-300N[3], nC4132P-300[4], nC4233P-150[5], nC4232P-300[6], nC4232P-300N[7] and nC4032P-30[8], Build Standard ER, Firmware Version: 2.12.9-2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 03/18/2004; 03/09/2006; 03/15/2006 |
Overall Level: 2
-Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -Self-Tests: Level 4 -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC (Cert. #34, vendor affirmed); AES (Cert. #15); DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC (Cert. #24, vendor affirmed); ARC FOUR; CAST5; CAST 6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; KCDSA; HSA 160 Multi-chip embedded"The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." |
| 403 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -sales@ncipher.com
|
(Hardware Versions: nC4032W-150[1], nC4032W-400[2], nC4132W-400[3], nC4232W-150[4] and nC4232W-400[5], Build Standard DR, Firmware Version: 2.12.9-2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 03/18/2004; 03/09/2006; 03/15/2006 |
Overall Level: 2
-Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -Self-Tests: Level 4 -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC (Cert. #34, vendor affirmed); AES (Cert. #15); DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC (Cert. #24, vendor affirmed); ARC FOUR; CAST5; CAST 6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; KCDSA; HSA 160 Multi-chip standalone"The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." |
| 402 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -sales@ncipher.com
|
(Hardware Versions: nC3033P-800[1], nC3033P-1K6[2], nC3033P-1K6N[3], nC3033P-800[4] and nC3033P-1K6[5], Build Standard C, Firmware Version: 2.12.9-2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 03/18/2004; 03/09/2006; 03/15/2006 |
Overall Level: 2
-Self Tests: Level 4
-FIPS-approved algorithms: Triple-DES (Cert. #109); Triple-DES MAC (Cert. #109, vendor affirmed); AES (Cert. #15); DSA (Cert. #60); SHA-1 (Cert. #95); HMAC-SHA-1 (Cert. #95, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #173); DES MAC (Cert. #173, vendor affirmed); ARC FOUR; CAST5; CAST 6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; El-Gamal; Diffie-Hellman (key agreement)); Blowfish; Twofish; Serpent; KCDSA; HSA 160 Multi-chip embedded"The nCipher modules: nCipher 800 PCI, nCipher 1600 PCI, nCipher 1600 PCI for NetHSM, nForce 800 PCI and nForce 1600 PCI family of secure ecommerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." |
| 401 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -sales@ncipher.com
|
(Hardware Versions: nC3033P-800[1], nC3033P-1K6[2], nC3033P-1K6N[3], nC3033P-800[4] and nC3033P-1K6[5], Build Standard C, Firmware Version: 2.12.9-3) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 03/18/2004; 03/09/2006; 03/15/2006 |
Overall Level: 3
-Self Tests: Level 4
-FIPS-approved algorithms: Triple-DES (Cert. #109); Triple-DES MAC (Cert. #109, vendor affirmed); AES (Cert. #15); DSA (Cert. #60); SHA-1 (Cert. #95); HMAC-SHA-1 (Cert. #95, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #173); DES MAC (Cert. #173, vendor affirmed); ARC FOUR; CAST5; CAST 6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; El-Gamal; Diffie-Hellman (key agreement)); Blowfish; Twofish; Serpent; KCDSA; HSA 160 Multi-chip embedded"The nCipher modules: nCipher 800 PCI, nCipher 1600 PCI, nCipher 1600 PCI for NetHSM, nForce 800 PCI and nForce 1600 PCI family of secure ecommerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." |
| 400 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -sales@ncipher.com
|
(Hardware Versions: nC3022P-150[1] and nC3022P-300[2], Build Standard E, Firmware Version: 2.12.9-2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 03/18/2004; 03/09/2006; 03/15/2006 |
Overall Level: 2
-Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -Design Assurance: Level 3 -Cryptographic Module Ports and Interfaces: Level 3 -Cryptographic Key Management: Level 3 -Self-Tests: Level 4 -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC (Cert. #34, vendor affirmed); AES (Cert. #15); DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC (Cert. #24, vendor affirmed); ARC FOUR; CAST5; CAST 6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; KCDSA; HSA 160 Multi-chip embedded"The nCipher nForce family of secure e-commerce HSM's improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging." |
| 399 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -sales@ncipher.com
|
(Hardware Versions: nC3022W-150[1] and nC3022W-400[2], Build Standard D, Firmware Version: 2.12.9-2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 03/18/2004; 03/09/2006; 03/15/2006 |
Overall Level: 2
-Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -Cryptographic Module Ports and Interfaces: Level 3 -Cryptographic Key Management: Level 3 -Self-Tests: Level 4 -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC (Cert. #34, vendor affirmed); AES (Cert. #15); DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC (Cert. #24, vendor affirmed); ARC FOUR; CAST5; CAST 6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; KCDSA; HSA 160 Multi-chip standalone"The nCipher nForce family of secure e-commerce HSM's improves data security and increases server throughput in applications using the Secure Sockets Layer protocol such as: secure web servers, e-commerce sites, Internet financial transactions, authenticated access to intranets and extranets and digital signatures and secure messaging" |
| 398 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -sales@ncipher.com
|
(Hardware Versions: nC4022P-150[1] and nC4022P-300[2], Build Standard ER, Firmware Version: 2.12.9-2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 03/18/2004; 03/09/2006; 03/15/2006 |
Overall Level: 2
-Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -Cryptographic Module Ports and Interfaces: Level 3 -Cryptographic Key Management: Level 3 -Self-Tests: Level 4 -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC (Cert. #34, vendor affirmed); AES (Cert. #15); DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC (Cert. #24, vendor affirmed); ARC FOUR; CAST5; CAST 6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; KCDSA; HSA 160 Multi-chip embedded"The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." |
| 397 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -sales@ncipher.com
|
(Hardware Versions: nC4022W-150[1] and nC4022W-400[2], Build Standard DR, Firmware Version: 2.12.9-2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 03/18/2004; 03/09/2006; 03/15/2006 |
Overall Level: 2
-Roles, Services, and Authentication: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -Cryptographic Module Ports and Interfaces: Level 3 -Cryptographic Key Management: Level 3 -Self-Tests: Level 4 -FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC (Cert. #34, vendor affirmed); AES (Cert. #15); DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC (Cert. #24, vendor affirmed); ARC FOUR; CAST5; CAST 6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD- 160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; KCDSA; HSA 160 Multi-chip standalone"The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." |
| 396 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -sales@ncipher.com
|
(Hardware Versions: nC4032P-150[1], nC4032P-300[2], nC4032P-300N[3], nC4132P-300[4], nC4233P-150[5], nC4232P-300[6], nC4232P-300N[7] and nC4032P-30[8], Build Standard ER, Firmware Version: 2.12.9-3) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 03/18/2004; 03/09/2006; 03/15/2006 |
Overall Level: 3
-Self Tests: Level 4
-FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC (Cert. #34, vendor affirmed); AES (Cert. #15); DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC (Cert. #24, vendor affirmed); ARC FOUR; CAST5; CAST 6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; KCDSA; HSA 160 Multi-chip embedded"The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." |
| 395 | nCipher Corporation Ltd. 500 Unicorn Park Drive Woburn, MA 01801-3371 USA -sales@ncipher.com
|
(Hardware Versions: nC4032W-150[1], nC4032w-400[2], nC4132W-400[3], nC4232W-150[4] and nC4232W-400[5], Build Standard DP, Firmware Version: 2.12.9-3) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 03/18/2004; 03/09/2006; 03/15/2006 |
Overall Level: 3
-Self Tests: Level 4
-FIPS-approved algorithms: Triple-DES (Cert. #34); Triple-DES MAC (Cert #34, vendor affirmed); AES (Cert. #15); DSA/SHA-1 (Cert. #11); HMAC-SHA-1 (Cert. #11, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #24); DES MAC (Cert #24, vendor affirmed); ARC FOUR; CAST5; CAST 6; HMAC (MD2, MD5, SHA-256, SHA-384, SHA-512 and RIPEMD-160); SHA-256; SHA-384; SHA-512; RIPEMD-160; MD2; MD5; SEED; El-Gamal; Diffie-Hellman (key agreement); Blowfish; Twofish; Serpent; KCDSA; HSA 160 Multi-chip standalone"The nCipher nShield range of Hardware Security Modules improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." |
| 394 | PGP Corporation 3460 West Bayshore Palo Alto, CA 94303 USA -Stephan Somogyi
|
(Software Version 3.0.3) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 03/18/2004; 05/08/2007 |
Overall Level: 1
-Cryptographic Module Specification: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows XP SP1 -FIPS-approved algorithms: Triple-DES (Cert. #207); AES (Cert. #93); DSA (Cert. #96); SHA-1 (Cert. #183); HMAC-SHA-1 (Cert. #183, vendor affirmed); RSA (PKCS #1, vendor affirmed) -Other algorithms: CAST-5; IDEA; Twofish; SHA-256; SHA-384; SHA-512; MD5; HMAC-MD5; RIPEMD-60; ElGamal; Shamir Treshold Secret Sharing Multi-chip standalone"The PGP SDK includes a wide range of field-tested and standards-based encryption, digital signature, and encoding algorithms as well as a variety of secure network protocol implementations. The PGP SDK offers developers the same core crypto that is at the heart of PGP products." |
| 393 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Chris Holland
|
(Software Versions 3.18, 3.18.1 and 3.18.2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 03/10/2004; 10/19/2004; 09/14/2006; 10/03/2006 |
Overall Level: 2
-EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 2 with Dell Optiplex GX400 running Windows 2000 Professional, Server and Advanced Server with SP3 and Q326886 Hotfix (EAL 4 augmented configuration) -FIPS-approved algorithms: Triple-DES (Cert. #11); AES (Cert. #75); DSA (Cert. #30); SHA-1 (Cert. #30); HMAC-SHA-1 (Cert. #30, vendor affirmed) -Other algorithms: DES (Cert. #72); RC5; RSA; Diffie-Hellman (key agreement); MD2; MD5; RIPEMD-128; RIPEMD-160 Multi-chip standalone"Based on SafeNet's 20 years of security expertise and the most widely deployed VPN software in the industry, the CGX Cryptographic Library provides a high-level software interface to SafeNet SafeXcel(tm) VPN acceleration chips, cards, and EmbeddedIP(tm) intellectual property. The CGX library can be used as an API to hardware accelerators or for compiling software implementations of the latest industry standard algorithms. Containing over forty cryptographic commands, the CGX library can provide a total security solution in either software or hardware." |
| 392 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Chris Holland
|
(Software Version 3.18) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 03/10/2004; 10/19/2004 |
Overall Level: 1
-EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with MS Windows 9x, 2000 NT 4.0, XP (single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #11); AES (Cert. #75); DSA (Cert. #30); SHA-1 (Cert. #30); HMAC-SHA-1 (Cert. #30, vendor affirmed) -Other algorithms: DES (Cert. #72); RC5; RSA; Diffie-Hellman (key agreement); MD2; MD5; RIPMD-128; RIPMD-160 Multi-chip standalone"Based on SafeNet's 20 years of security expertise and the most widely deployed VPN software in the industry, the CGX Cryptographic Library provides a high-level software interface to SafeNet SafeXcel(tm) VPN acceleration chips, cards, and EmbeddedIP(tm) intellectual property. The CGX library can be used as an API to hardware accelerators or for compiling software implementations of the latest industry standard algorithms. Containing over forty cryptographic commands, the CGX library can provide a total security solution in either software or hardware." |
| 391 | F-Secure Corporation Tammasaarenkatu 7 PL 24, Helsinki 00181 Finland -Alexey Kirichenko
|
(Software Version 2.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 03/10/2004 | Overall Level: 2
-Operational Environment: Tested as meeting Level 2 with Windows 2000 with Service Pack 3 and Q326886 Hotfix EAL 4 certified on Dell Optiplex GX 400 Personal Computer System
-FIPS-approved algorithms: Triple-DES (Cert. #202); AES (Cert. #89); SHA-1 (Cert. #178); HMAC-SHA-1 (Cert. #178, vendor affirmed); DSA (Cert. #94); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #231); DES (CTR); Blowfish; CAST-128; MD5; SHA-256; HMAC-MD5; HMAC-SHA-256; Diffie-Hellman (key agreement); Passphrase-Based Key Derivation (PBKDF2 as specified in PKCS#5) Multi-chip standalone"The F-Secure Cryptographic Library for Windows (the Module) is a software module, implemented as a 32-bit Windows 'NT/2000/XP/98/ME' compatible DLL (FSCLM.DLL). The Module provides an assortment of cryptographic services to any client process that attaches an instance of the Module DLL. The Module is designed and implemented to meet the level 2 requirements of FIPS publication 140-2 when running on appropriate hardware under Windows 2000 with service pack 3 and Q326886 Hotfix operating system." |
| 390 | General Dynamics Decision Systems 8201 East McDowell Road Scottsdale, AZ 85252 USA -Dick Moat
|
(ACM: HW P/N 01- P35200T004 Version E001, FW Revisions C and D, FCM: HW P/N 01-P35390T003 Version 001, FW Revisions C and D) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 03/08/2004; 11/03/2004 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #184) -Other algorithms: Multi-chip standalone"The ACM and FCM are multi-chip standalone cryptographic modules designed to meet the Level 2 security requirements as defined in FIPS PUB 140-2. ACM and FCM perform the Triple-DES algorithm." |
| 389 | Network Security Technology (NST) Co. 11 F, No 190, Jung-Jeng Rd. Shindian City, Taipei County, Taiwan 231 Republic of China -Ming-Chih Tsai
|
(Hardware Version 1.0, Firmware Version 1.0) (When operated in FIPS mode) Validated to FIPS 140-1 Security PolicyCertificate |
Hardware | 03/05/2004; 04/09/2004; 10/01/2004 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #52); SHA-1 (Cert. #48); RSA (FIPS 186-2, vendor affirmed); Triple-DES DAC (Cert. #52, vendor affirmed) -Other algorithms: DES (Cert. #117); DES DAC (Cert. #117, vendor affirmed); Diffie-Hellman (key agreement) Multi-chip embedded"NST CC2200, a security cryptographic card with PCI bus interface, is a “multi-chip embedded cryptographic module” that provides hardware cryptographic services to users, groups or processes. The NST Security CryptoCard provides hardware cryptographic services such as acceleration for bulk data encryption / decryption, digital signature generation / verification, secure key storage and key management functions to its users." |
| 388 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Chris Romeo
|
(Hardware Versions: 3002 and 3002-8E, Firmware Version: FIPS 3.6.7.F) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 02/23/2004; 02/27/2004; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #168); Triple-DES MAC (Cert. #168, vendor affirmed); AES (Cert. #56); SHA-1 (Cert. #152); HMAC-SHA-1 (Cert. #152, vendor affirmed); DSA (Cert. #85); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #210); DES MAC (Cert. #210, vendor affirmed); RC4; MD5; HMAC-MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco VPN 3002 Hardware Client is a small hardware appliance that operates as a client in Virtual Private Networking (VPN) environments. It combines the best features of a software client, including scalability and easy deployment, with the stability and independence of a hardware platform." |
| 387 | Sun Microsystems, Inc. 4150 Network Circle Santa Clara, CA 95054 USA -Javier Lorenzo
-Irfan Khan
|
(Hardware Versions: 501-6040-02 and 501-6040-03 (Fiber) and 501-6039-05 and 501-6039-06 (UTP/Copper), Firmware Version: 1.0.3) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 02/23/2004; 04/05/2004; 04/27/2004 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #190); AES (Cert. #79); SHA-1 (Certs. #171 and #172); HMAC-SHA-1 (Certs. #171 and #172, vendor affirmed); DSA (Cert. #92) and RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #225); MD5; HMAC-MD5 Multi-chip embedded"The Sun Cryptographic Accelerator 4000 (SCA 4000) is a highperformance secure networking solution for Sun servers. It is a PCI card consisting of a Gigabit Ethernet adapter with on-board cryptographic acceleration hardware and a secure cryptographic key store. The card enhances server network performance by off-loading compute intensive cryptographic calculations (asymmetric and symmetric) from the server's CPU, accelerating both IPsec and SSL processing. The SCA 4000 also provides a secure remote administration capability. It is tightly integrated with Sun's server hardware and software. The SCA 4000 meets or exceeds all FIPS 140-2 Level 3 requirements." |
| 386 | Fortress Technologies, Inc 4025 Tampa Road Suite 1111 Oldsmar, FL 34677 USA -Dennis Joyce
|
(Firmware version 2.4) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Firmware | 02/19/2004; 04/29/2004 |
Overall Level: 1
-Roles, Services, and Authentication: Level 2 -EMI/EMC: Level 3 -Design Assurance: Level 3 -Tested: Fortress interface and Shell (FISH) Version 2.4 -FIPS-approved algorithms: AES (Cert. #14); Triple-DES (Cert. #19); SHA-1 (Cert. #34); HMAC-SHA-1 (Cert. #34, vendor affirmed) -Other algorithms: DES (Cert. #23); Diffie-Hellman (key agreement) Multi-chip standalone"The AirFortress™ Wireless Security Gateway is an electronic encryption module that enforces network access rights and encrypts and decrypts communication across a WLAN. Installed by the vendor onto a production-quality hardware platform and deployable on any LAN or WAN, the AF Gateway provides encryption, data integrity checking, authentication, access control, and data compression." |
| 385 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Chris Holland
|
(Firmware Versions 5.01 and 7.0.1, Hardware Versions SE-HA500-01 and SE-HA1000-01) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 02/19/2004; 10/19/2004; 06/06/2005 |
Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: AES (Cert. #96); Triple-DES (Cert. #210); SHA-1 (Cert. #187); HMAC-SHA-1 (Cert. #187, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #233); HMAC-MD5, Diffie-Hellman (key agreement); DSA (non-compliant) Multi-chip standalone"The SafeNet HA500/1000 Gateway is a high-performance, standards-based hardware Virtual Private Network (VPN) and firewall. Providing a high speed, low cost solution, it features the strongest cryptography available and complete manageability. SafeNet custom designed a state-of-the-art Application Specific Integrated Circuits (ASIC) for the HA500/1000 that allows encryption using either AES, DES, or triple-DES as nIeeded by client applications." |
| 384 | IBM® Corporation IBM/Tivoli PO Box 3499 Australia Fair Southport, Queensland 4215 Australia -Mike Thomas
-Peter Waltenberg
|
(Software Versions: 1.1, 1.2, 1.2.1 and 1.2.2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 02/17/2004; 04/27/2004; 12/02/2004 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Sun Solaris 5.8, AIX 5.2, Windows 2000 Professional and Advanced Server, SUSE Linux Enterprise Server 8 (x86 and PowerPC), RedHat Linux Advanced Server 2.1 (x86), z/Linux 2.4, and HPUX 11i (all in single user mode)
-FIPS-approved algorithms: Triple-DES (Cert. #174); AES (Cert. #65); SHA-1 (Cert. #159); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #216); HMAC-SHA-1 (Cert #159, vendor affirmed, non-compliant); RC2; RC2-40; RC2-60; RC4; Blowfish; CAST; MD2; MD4; MD5; RIPEMD; HMAC-MD5; DSA (non-compliant); Diffie-Hellman (key agreement) Multi-chip standalone"The ICC is a C language implementation of cryptographic functions which uses the cryptographic library provided by the OpenSSL project. This enables IBM products to use an open source solution for cryptography and a FIPS 140-2 certified cryptographic provider." |
| 383 | Axalto Inc. 8311 North FM 620 Road Austin, TX 78726 USA -David Teo
|
(Hardware P/N M512LACC2, Firmware Versions: a: HardMask 1v1 and SoftMask 2v1, b: HardMask 1v1 and SoftMask 2v3, c: HardMask 1v2 and SoftMask 1v1) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 02/17/2004; 07/27/2004; 09/21/2004; 05/25/2006 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #193); Triple-DES MAC (Cert. #193, vendor affirmed); AES (Cert. #81); SHA-1 (Cert. #173); RSA (PKCS #1, vendor affirmed) -Other algorithms: DES (Cert. #227); DES MAC (Cert. #227, vendor affirmed); Single-chip"The Cyberflex Access 64K v2 Cryptographic Module serves as a highly portable PKI and digital signature secure token for enhancing the security of network access and ensuring secure electronic communications. It supports on-card Triple DES, AES and 2048-bit RSA algorithms with on-card key generation. It is compliant to Java Card v2.1.1 and Open Platform v2.0.1’. The Cyberflex Access 64K v2 Cryptographic Module is part of a range of Schlumberger highly secure, Java-based cryptographic modules for physical and logical access, e-transactions and other applications." |
| 382 | Microsoft Corporation One Microsoft Way Redmond, WA 98052-6399 USA -Dave Friant
|
(Software Versions 5.2.3790.0 and 5.2.3790.1830 [Service Pack 1]) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 02/17/2004; 10/07/2005; 10/25/2005; 10/15/2007 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows Server 2003[1] and Windows Server 2003 Service Pack 1[2] (single-user mode)
-FIPS-approved algorithms: Triple-DES (Cert. #192[1] and #365[2]); AES (Cert. #80[1] and #290[2]); SHS(Cert. #176[1] and #364[2]); HMAC (Cert. #176, vendor affirmed[1] and #99[2]); RSA (PKCS#1, vendor affirmed[1] and #81[2]) -Other algorithms: DES (Cert. #226[1]); SHA-256[1]; SHA-384[1]; SHA-512[1]; RC2; RC4; MD2; MD4; MD5 Multi-chip standalone"The Microsoft Enhanced Cryptographic Provider is a FIPS 140-2 compliant, software-based, cryptographic module. RSAENH encapsulates several different cryptographic algorithms (including SHA-1, DES, 3DES, AES, RSA, SHA-1-based HMAC) in a cryptographic module accessible via the Microsoft CryptoAPI." |
| 381 | Microsoft Corporation One Microsoft Way Redmond, WA 98052-6399 USA -Dave Friant
|
(Software Versions 5.2.3790.0 and 5.2.3790.1830 [Service Pack 1]) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 02/17/2004; 10/25/2005; 10/15/2007 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows Server 2003 (x86) [1] and Windows Server 2003 Service Pack 1 (x86, x64 and IA64) [2] (single-user mode)
-FIPS-approved algorithms: Triple-DES (Certs. #199[1] and #381[2]); SHA-1 (Certs. #181[1] and #385[2]); DSA (Certs. #95[1] and #146[2]); RSA (Cert. #81) -Other algorithms: DES (Cert. #229[1]); Diffie-Hellman (key agreement); RC2; RC4; MD5; DES 40 Multi-chip standalone"The Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) is a FIPS 140-2 compliant, softwarebased, cryptographic module. DSSENH encapsulates several different cryptographic algorithms (including SHA-1, DES, 3DES, DSA and Diffie- Hellman) in a cryptographic module accessible via the Microsoft CryptoAPI (CAPI)." |
| 380 | ActivCard, Inc., Atmel, Inc. and MartSoft, Inc. 6623 Dumbarton Circle Fremont, CA 94555 USA -Eric Le Saint
-Paul Chen
|
(Hardware AT90SC6464C-Pro, Firmware OS v09FA, ID applet v1.0.0.14, PKI applet v1.0.0.14, GC applet v1.0.0.20) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 02/17/2004; 05/26/2006 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #182); Triple-DES MAC (Cert. #182, vendor affirmed); SHA-1 (Cert. #166); RSA (PKCS#1, vendor affirmed) -Other algorithms: N/A Single-chip"Eagle 64K Flash Module v1 is based on Atmel Secure IC, MartSoft Global Platform Java Card OS and ActivCard Applet Suite. When the module is placed in a plastic smart card housing, it is ideal for secure identification, digital signature, storing and updating account information, personal data, and even monetary value, with increased security, portability and convenience to computer applications. The external interface provided by the applet suite is compliant with the smart card interoperability specification GSC-IS defined by GSA." |
| 379 | Nortel Networks 600 Technology Park Billerica, MA 01821 USA -Simon McCormack
|
(Firmware Version V04_75.183, Hardware Version 600, 1700 and 2700) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 02/17/2004; 09/21/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #183 and #29); AES (Cert. #50); SHA-1 (Certs. #31 and #51); HMAC-SHA-1 (Certs. #31 and #51, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #48 and #101); DES MAC (Certs. #48 and #101, vendor affirmed); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD5; HMAC MD5 Multi-chip standalone"The FIPS 140-2 Level 2 compliant Contivity 600, 1700 and 2700 Secure IP Services Gateways are the ideal solution for enterprises requiring secure, low-cost connectivity across the Internet or managed IP networks. The Contivity 600, 1700 and 2700 provide, IP routing, Virtual Private Networking (VPN), stateful firewall, encryption, authentication, directory and policy services, Quality of Service (QoS), and bandwidth management services in a single integrated platform. These devices provide a solution for small, medium, and large sites requiring Internet connectivity for both secure VPN communications and for basic IP/Internet access." |
| 378 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Adam Bell
|
(Firmware Versions 6.00, 6.10, 6.20 and 6.21, Hardware SE-HA2000) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 02/12/2004; 02/20/2004; 03/17/2004; 10/19/2004; 06/06/2005 |
Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: Triple-DES (Cert. #36); DSA/SHA-1 (Cert. #5); HMAC-SHA-1 (Cert. #5, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #104); DES-MAC; HMAC-MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The SafeNet HA2000 is a high-performance, standards-based hardware Virtual Private Network (VPN). Providing a high speed, low cost solution, it features strong security and complete manageability. SafeNet custom designed a state-of-the-art Application Specific Integrated Circuits (ASIC) for the HA2000 that allow high speed encryption with Data Encryption Standard (DES) and triple-DES. DES is included for legacy systems." |
| 377 | ReefEdge, Inc. 2 Executive Dr. Fort Lee, NJ 07024 USA -Silvia Ercolani
|
(Software Version 3.1.3a, Hardware Version 2.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 01/30/2004 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #171, #172 and #173); SHA-1 (Certs. #155, #156 and #157); HMAC-SHA- 1 (Certs. #155, #156 and #157, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: RC4; MD5; HMAC-MD5 Multi-chip standalone"The ReefEdge family of Edge Controllers provides perimeter security and high-speed subnet roaming to the ReefEdge Connect System, connecting an enterprise's access points to its wired LAN. Edge Controllers enforce access control rules, implement bandwidth management, and perform encryption, enabling users to roam freely - among offices, between floors, across campuses - without losing their secure connection." |
| 376 | IBM® Corporation 11400 Burnet Road Austin, TX 78758 USA -Tom Benjamin
|
(Software Version 1.1) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 01/30/2004; 04/05/2004 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows 2000 Professional SP3 (JVM 1.3.1_03 and JVM 1.4.1_04), Windows 2000 Advanced Server SP4 (JVM 1.4.1), Sun Solaris 5.8 (JVM 1.3.1 and 1.4.1), AIX 5.2 (JVM 1.3.1 and 1.4.1), SuSE Linux Enterprise Server 8 (JVM 1.4.1_05), RedHat Linux Advanced Server 2.1 (JVM 1.4.1_05), IBM OS/400 V5R2M0 (JVM 1.4.1), z/OS V1R4 (JVM 1.4.1) (all in single user mode)
-FIPS-approved algorithms: AES (Cert. #78); Triple-DES (Cert. #189); DSA (Cert. #91); SHA-1 (Cert. #170); HMAC-SHA-1 (Cert. #170, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #224); Diffie-Hellman (key agreement) Multi-chip standalone"The IBM« Java« JCE (Java Cryptographic Extension) FIPS provider (IBMJCEFIPS) for Multi-platforms is a scalable, multi-purpose cryptographic module that supports only FIPS approved cryptographic operations via the Java2 Application Programming Interfaces (APIs)." |
| 375 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Randy Kun
|
(Hardware Versions: 2.0, 3.0 and 4.0, Firmware Version 4.1.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 01/30/2004; 10/18/2004; 12/22/2005 |
Overall Level: 3
-FIPS-approved algorithms: AES (Cert. #41); Triple-DES (Cert. #73); DSA (Cert. #51); SHA- 1 (Cert. #64); RSA (FIPS 186-2, vendor affirmed); Triple-DES MAC (Cert. #73, vendor affirmed); HMAC-SHA-1 (Cert. #64, vendor affirmed) -Other algorithms: DES (Cert. #32); DES MAC (Cert. #32, vendor affirmed); RC2; RC4; RC5; CAST; CAST3; CAST5; MD2; MD5; Diffie-Hellman 1024; CAST MAC; CAST3 MAC; CAST5 MAC; SEED; SSL3-MD5 MAC; SSL3-SHA-1 MAC; HMAC-MD5; KCDSA; PBE-MD2-DES; PBE-MD5-DES; PBE-MD5-CAST; PBE-MD5-CAST3; PBE-SHA-1-CAST5; AES MAC; RC2 MAC; RC5-MAC Multi-chip embedded"The K3 Chrysalis-ITS Cryptgraphic Engine is a hardware cryptographic module in the form of a PCI card that resides within a secured generalpurpose computing appliance. It is contained in its own secure enclosure that provides physical resistance to tampering and zeroization in the event the enclosure is opened. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI card." |
| 374 | E.F. Johnson Co. 123 N. State St. Waseca, MN 56093 USA -John Oblak
|
(Hardware P/N-Versions 023-5000-980 and 023-5000-982, Firmware Version 2.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 01/23/2004; 05/05/2005 |
Overall Level: 1
-FIPS-approved algorithms: AES (Cert. #73); DSA (Cert. #89); SHA-1 (Cert. #165); HMAC-SHA-1 (Cert. #165, vendor affirmed) -Other algorithms: DES (Cert. #221); SecureNet DES 1 bit with differential encoding and decoding Multi-chip embedded"The E.F. Johnson Co. Subscriber Encryption Module (SEM) is a cryptographic module meeting FIPS 140-2, Level 1 requirement. The SEM provides Subscriber Equipment, such as the E.F. Johnson Co. 5100 series radio with secure and encrypted voice communication. The SEM supports AES, DES, DSA, and SHA-1 FIPS Approved algorithms for voice communication and protection of its firmware. The SEM can be implemented into any Subscriber Equipment requiring FIPS 140-2, Level 1 security." |
| 373 | CipherOptics Inc. 701 Corporate Center Drive Raleigh, NC 27607 USA -Dennis Toothman - CipherOptics Inc.
-George L. Heron - SafeNet, Inc.
|
SafeNet HighAssurance 4000 Gateway (Hardware Version: SG1000, Firmware Versions: 1.2.1 and 1.3 and Hardware Version: SG1001, Firmware Version: 1.3) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 01/15/2004; 02/27/2004 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #155); SHA-1 (Cert. #117); HMAC-SHA-1 (Cert. #117, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #201); Diffie-Hellman (key agreement); MD5; HMAC-MD5 Multi-chip standalone"The CipherOptics Security Gateway and the SafeNet High Assurance 4000 Gateway (aka the SafeNet HA 4000), which is the OEM version of the CipherOptics Security Gateway; is a high performance, integrated security appliance that offers Gigabit Ethernet IPSec encryption. Housed in a tamper evident chassis, the Security Gateway has two Gigabit Ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it." |