CMVP Main Page
*** NOTE: Module descriptions were provided by the vendors, and their contents have not been verified for accuracy by NIST or CSE. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-approved mode. The algorithms, protocols, and cryptographic functions listed as "other algorithms" (non-FIPS-approved algorithms) have not been validated or tested through the CMVP. ***
Questions regarding modules on this list should first be directed to the appropriate vendor.
| Cert# | Vendor | Cryptographic Module | Val. Date |
Level / Description | |
|---|---|---|---|---|---|
| 494 | F-Secure Corporation Tammasaarenkatu 7 PL 24, Helsinki 00180 Finland -Alexey Kirichenko
|
(Software Versions: 2.2.5, 2.2.7 and 2.2.12 (Windows) and 1.1.8, 1.1.9 and 1.1.15 (Solaris)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 12/22/2004; 02/03/2005; 12/20/2006 |
Overall Level: 2
-Operational Environment: Tested as meeting Level 2 with Windows 2000 Professional with Service Pack 3 and Q326886 Hotfix EAL 4 on Dell Optiplex GX 400 Personal Computer System, Trusted Solaris 8 7/03 EAL 4 on SunBlade 100
-FIPS-approved algorithms: Triple-DES (Certs. #255 and #257); AES (Certs. #145 and #148); SHS (Certs. #234 and #237); HMAC-SHA-1 and HMAC-SHA-256 (Certs. #234 and #237, vendor affirmed); DSA (Certs. #107 and #109); RSA (Certs. #190 and #192); RNG (Certs. #2 and #4) -Other algorithms: DES (Certs. #257 and #259); DES (CTR); Blowfish; CAST-128; MD5; HMAC-MD5; Diffie-Hellman (key agreement)); RC2 Multi-chip standalone"The F-Secure(R) Cryptographic Library(TM) is a family of software modules for a number of Windows and Unix platforms. The modules provide an assortment of cryptographic services accessible for clients through a C/C++ Application Programming Interface. The Windows and Solaris versions are designed and implemented to meet the Level 2 requirements of FIPS publication 140-2 when running on an appropriate hardware under Windows 2000, Solaris 8 and Trusted Solaris 8 operating systems." |
| 493 | F-Secure Corporation Tammasaarenkatu 7 PL 24, Helsinki 00180 Finland -Alexey Kirichenko
|
(Software Versions: 2.2.5, 2.2.7, 2.2.8 and 2.2.12 (Windows) and 1.1.8, 1.1.9, 1.1.10, 1.1.12 and 1.1.15 (Solaris/Linux/AIX/HP-UX)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 12/22/2004; 02/03/2005; 12/22/2005; 07/10/2006; 12/19/2006 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows 98, Windows XP Professional, Windows ME, Windows 2000, HP-UX B.11.11, AIX 5, Trusted Solaris 8 7/03 and Linux RHEL 3 (all in single user mode)
-FIPS-approved algorithms: Triple-DES (Certs. #255 and #257); AES (Certs. #145 and #148); SHS (Certs. #234 and #237); HMAC-SHA-1 and HMAC-SHA-256 (Certs. #234 and #237, vendor affirmed); DSA (Certs. #107 and #109); RSA (Certs. #190 and #192); RNG (Certs. #2 and #4) -Other algorithms: DES (Certs. #257 and #259); DES (CTR); Blowfish; CAST-128; MD5; HMAC-MD5; Diffie-Hellman (key agreement); RC2; RIPEMD-160 (v1.1.10 and 1.1.12 only); RSA (specified in RFC 2409) Multi-chip standalone"The F-Secure(R) Cryptographic Library(TM) is a family of software modules for a number of Windows and Unix platforms. The modules provide an assortment of cryptographic services accessible for clients through a C/C++ Application Programming Interface. The modules are designed and implemented to meet the Level 1 requirements of FIPS publication 140-2 when running on a GPC under various popular versions of Windows and Unix operating systems." |
| 492 | ITServ Inc. Six Montgomery Village Avenue Suite 405 Gaithersburg, MD 20879 USA TEL: 301-948-1111 FAX: 301-948-7582 |
(Hardware Version: FGC; Firmware Version: 5.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate Vendor Product Link |
Hardware | 12/22/2004; 01/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #247); SHS (Cert. #186); HMAC-SHA-1 (Cert. #186, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement); RC4; MD5; CRYPT(3) Multi-chip standalone"RideWay Station FGC integrates powerful firewall protection and VPN capabilities to safeguard computer networks from the threat of Internet attacks and intrusions. Each computer or server on the LAN must follow a strict authorization procedure in order to gain access to the network. In addition, the module uses Triple-DES encryption in its IPSec VPN to allow multiple offices to securely communicate over the Internet or to allow a remote client to securely connect to its office network. The highperforming hardware efficiently conducts encryption and decryption tasks without sacrificing throughput." |
| 491 | Aruba Wireless Networks Inc. 1322 Crossman Avenue Sunnyvale, CA 94089 USA -Kenneth Jensen
-Keerti Melkote
|
(Hardware Versions: Configuration A, Configuration B, Configuration C, Configuration D; Firmware Version: A5000_2.1.0.0_7862) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 12/22/2004; 01/07/2005; 12/22/2005 |
Overall Level: 2
-FIPS-approved algorithms: AES (Certs. #158 and #159); Triple-DES (Certs. #260 and #261); SHA-1 (Certs. #243 and #244); HMAC-SHA-1 (Certs. #243 and #244, vendor affirmed); RNG (Cert. #8); RSA (Cert. #9) -Other algorithms: DES (Cert. #262); MD5; RC4; Diffie-Hellman (key agreement) Multi-chip standalone"Aruba Wireless Networks’ FIPS validated WLAN switching platform is a purpose-built Wireless LAN voice and data switching solution designed to specifically address the needs and reduce the cost of large scale WiFi network deployments for Government and large enterprise. Aruba’s WLAN switching platform is a highly scalable and redundant solution that provides centralized intelligence to secure and manage the corporate RF environment, enforce identity based user security and policies, enable service creation and provide secure mobility management to hundreds of simultaneously connected users." |
| 490 | SBI Net Systems Co., Ltd Meguro Tokyu Bldg. 5th Floor 2-13-17 Kamiosaki Shinagawa-ku, Tokyo 141-0021 Japan -Hidemitsu Noguchi
|
(Software Versions: 1.0.0 and 1.1.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 12/22/2004; 02/25/2005; 08/21/2008 |
Overall Level: 1
-EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Microsoft Windows 2000 Service Pack 3 with Hotfix 326886 and Microsoft Windows XP Service Pack 1 -FIPS-approved algorithms: SHS (Cert. #222); HMAC-SHA-1 (Cert. #222, vendor affirmed); AES (Cert. #133); RNG (Cert. #1); RSA (Cert. #1); ECDSA (vendor affirmed) -Other algorithms: C4Custom; RSAES_PKCS_v1_5; RSAES_OAEP; Diffie-Hellman (key agreement); SSS Multi-chip standalone"C4CS is a software cryptographic module providing symmetric/asymmetric ciphers, hash functions, and secret sharing schemes in FIPS mode." |
| 489 | Bluesocket, Inc. 7 New England Executive Park Burlington, MA 01803 USA -Mike Puglia
|
(Hardware Versions: 870-212FF-002, 870-212FT-002, 870-212TF-002, 870-212TT-002, Software Version: 3.1.1.8) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 12/10/2004; 08/30/2005 |
Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: AES (Cert. #76); Triple-DES (Certs. #187 and #250); RSA (Cert. #14); RNG (Cert. #16); SHS (Certs. #228 and #229); HMAC-SHA-1 (Certs. #228 and #229, vendor affirmed) -Other algorithms: DES (Cert. #223); Diffie-Hellman (key agreement); MD5; HMAC MD5 Multi-chip standalone"The Bluesocket WG-2100 Wireless Gateway provides a scalable solution with security, quality of service (QoS), Mobility, Role/Policy Enforcement and Management for today's highly-secure 802.11 Government wireless networks." |
| 488 | E.F. Johnson Co. 123 N. State St. Waseca, MN 56093 USA -John Oblak
|
(Software Version: 1.0.0.5) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 12/10/2004; 05/05/2005 |
Overall Level: 1
-Roles, Services, and Authentication: Level 2 -Operational Environment: Tested as meeting Level 2 with Windows 2000 Professional with Service Pack 3 and Q326886 Hotfix on Dell OptiPlex GX400 -FIPS-approved algorithms: AES (Cert. #26); DSA (Cert. #72); SHS (Cert. #121); Triple-DES (Cert. #135); RNG (Cert. #14) -Other algorithms: DES (Cert. #186); AES-MAC (Cert #26, non-compliant) Multi-chip standalone"The EFJohnson Encryption Module is a software cryptographic module that serves both as a key store and a cryptographic service provider. The module is accessible through an API, and provides an easy-to-use yet secure means of storing sensitive cryptographic keys. The Encryption Module meets level 1 FIPS 140-2 requirements and achieves level 2 in the "Roles, Services, and Authentication" and "Operation Environment" sections of FIPS 140-2." |
| 487 | Kasten Chase Applied Research, Ltd. Orbitor Place 5100 Orbitor Drive Mississauga, Ontario L4W 4Z4 Canada -Steve Demmery
|
(Software Version: 2.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 12/10/2004 | Overall Level: 1
-Roles, Services, and Authentication: Level 3 -Design Assurance: Level 2 -Operational Environment: Tested as meeting Level 1 with Windows 2000 Server, Red Hat 7.3 with Linux kernel 2.4; AIX 5L for POWER V5.2; Sun Trusted Solaris™ Version 8 4/01; Sun Solaris™ 9 (all in user and kernel modes and single user mode) -FIPS-approved algorithms: Triple-DES (Cert. #265); AES (Cert. #163); SHS (Cert. #246); HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512 (Cert. #246, vendor affirmed); RSA (Cert. #12); ECDSA (vendor affirmed); RNG (Cert. #10) -Other algorithms: MD5; HMAC-MD5; KEA; ECDH (key establishment) Multi-chip standalone"KCCE is an independent, executable cryptographic module that exists variously as a dynamic linked library (dll), a shared library and a driver. KCCE provides software designers with a comprehensive API that ensures secure cryptographic application development, for a wide range of operating systems, without undue complexity." |
| 486 | Kasten Chase Applied Research, Ltd. Orbitor Place 5100 Orbitor Drive Mississauga, Ontario L4W 4Z4 Canada -Steve Demmery
|
(Software Version: 2.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 12/10/2004 | Overall Level: 2
-Roles, Services, and Authentication: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows 2000 Server with SP3 and Hotfix Q326886 on a 650 MHz Pentium III platform; AIX 5L for POWER V5.2 on a IBM p630-6C4 with a POWER4 CPU; Sun Trusted Solaris™ Version 8 4/01 on a SunBlade 100 with a 500 MHz UltraSPARC Iie -FIPS-approved algorithms: Triple-DES (Cert. #265); AES (Cert. #163); SHS (Cert. #246); HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384; HMAC- SHA-512 (Cert. #246, vendor affirmed); RSA (Cert. #12); ECDSA (vendor affirmed); RNG (Cert #10) -Other algorithms: MD5; HMAC-MD5; KEA, ECDH (key establishment) Multi-chip standalone"KCCE is an independent, executable cryptographic module that exists variously as a dynamic linked library (dll), a shared library and a driver. KCCE provides software designers with a comprehensive API that ensures secure cryptographic application development, for a wide range of operating systems, without undue complexity." |
| 485 | Giesecke & Devrient 45925 Horseshoe Drive Dulles, VA 20166 USA -Michael Poitner
-Jatin Deshpande
|
(Hardware Version: HD65246C1A05NB, Firmware Versions: CH463JC_INABFOP003901_V101 and CH463JC_INABFOP003901_V102) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 12/10/2004; 04/04/2008 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #239); AES (Cert. #132); SHS (Cert. #216); DSA (Cert. #102); RSA (Cert. #7); Triple-DES MAC (Cert. #239, vendor affirmed) -Other algorithms: DES (Cert. #249); DES MAC (Cert. # 249, vendor affirmed) Single-chip"Giesecke & Devrient (G&D) Smart Card Chip Operating System Sm@rtCafé Expert FIPS 64 is a Java Card 2.2 and Open Platform v2.0.1' compliant smart card module. It supports, at a minimum, Triple-DES, AES, DSA, and RSA algorithms with on-card key generation. The Sm@rtCafé Expert FIPS 64 is suitable for government and corporate identification, payment and banking, health care, and Web applications." |
| 484 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Hazem Hassan
|
(Hardware Version: 1.0, Firmware Version: 2.0, EXFs: GSC-IS and Biometric authentication application executable (G3 EXF) Version 21) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 12/10/2004; 02/22/2005 |
Overall Level: 2
-Physical Security: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: DSA/SHA-1 (Cert. #35); RSA (PKCS #1, vendor affirmed); Triple-DES (Cert. #236); RNG (vendor affirmed) -Other algorithms: DES (Cert. #88); Diffie-Hellman (key agreement) Single-chip"The 330G3 is a biometrically-enabled ISO 7816 and GSC-IS compliant cryptographic smart card designed for identification and access control applications. The card provides a secure, mobile platform for strong user authentication and single sign on when integrated with SAFENET Axis software. The card supports creating, storing and using keys, certificates, passwords and other digital credentials. Security services include: Multiapplication secure storage and retrieval of data and digital credentials; Strong authentication of the cardholder using fingerprint biometrics; Cryptographic services including SHA-1, DES, 3DES, RSA Sign/Verify, RSA Encrypt/Decrypt and DSA Sign/Verify with on board key generation including RSA 2048-bit key generation." |
| 483 | Symantec Corporation 1 Symantec Way Suite 200 Newport News, VA 23602 USA -William L. Stewart
|
(Software Version: 1.0) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 12/10/2004; 07/27/2007 |
Overall Level: 1
-EMI/EMC: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows XP Professional, Windows 2000 -FIPS-approved algorithms: AES (Cert. #164); Triple-DES (Cert. #266); SHS (Cert. #248); HMAC (Cert. #5); RNG (Cert. #12) -Other algorithms: N/A Multi-chip standalone"The Symantec Cryptographic Module is a software library that contains FIPS-approved cryptographic algorithms. This module provides encryption functionality for selected Symantec products." |
| 482 | Pitney Bowes 35 Waterview Drive Shelton, CT 06484-8000 USA -Douglas Clark
|
(Hardware Versions: P/N 1L00, Versions AAA, AAC and AAD (US); P/N 1LEC, Versions AAA, AAC and AAD (Canada)) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 12/10/2004; 02/03/2005; 03/14/2005 |
Overall Level: 3
-FIPS-approved algorithms: DSA (Cert. #105); SHS (Cert. #232); Triple-DES (Cert. #252); Triple-DES MAC (Cert. #252, vendor affirmed); HMAC-SHA-1 (Cert. #232, vendor affirmed); ECDSA (vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone"The Pitney Bowes Cygnus X-1 Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP) and with the Canada Post Corporation's Digital Meter Indicia Specification 3457. It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes IBIP Metering products." |
| 481 | Realia Technologies S.L. Orense, 68 11th floor Madrid, 28020 Spain -Sebastián Muñoz
-Luis Jesús Hernández
|
(Hardware Version: Model 1.0, Firmware Version: 01.04.0010) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 12/10/2004 | Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #262); RSA (Cert. #10); SHS (Cert. #242); RNG (Cert. #11) -Other algorithms: DES (Cert. #263); CRC-32; MD5; RIPEMD-128; RIPEMD-160 Multi-chip embedded"The Cryptosec 2048 is a high-end PCI cryprographic accelerator card that provides cryptographic services and secure storage of cryptographic keys. The module is built to perform general cryptographic processing (RSA, DES, SHA-1, MD5,...) and features a tamper-protective case to physically protect sensitive information contained within the card." |
| 480 | Motorola, Inc. 1301 E. Algonquin Rd. Schaumburg, IL 60196-1078 USA -Kirk Mathews
|
(Hardware Version: P/N CLN7493D, Version 8, Firmware Version: U239AC, X795AH, Versions R3.52.17, R3.52.22 and R3.52.31.) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 12/10/2004; 02/25/2005 |
Overall Level: 1
-Roles, Services, and Authentication: Level 2
-FIPS-approved algorithms: AES (Cert. #2); Triple-DES (Cert. #82) -Other algorithms: DES (Cert. #151); DES MAC (Cert. #151, vendor affirmed); DES-XL; DVI-XL; DVP-XL; HCA; DVI-SPFL; SHA-1 (non-compliant); AES MAC (Cert #2, P25 AES OTAR, vendor affirmed) Multi-chip standalone"The KVL 3000 Plus is a portable key distribution device. Encryption keys can be loaded into the KVL manually through its keypad interface or transferred from a Key Management Facility through its serial interface. These keys can then be distributed to various secure communications equipment such as mobile and portable radios, base stations, zone controllers, data controllers, and other fixed network devices. The KVL also includes a PCMCIA interface for software upgrades." |
| 479 | Entrust, Inc. 1000 Innovation Drive Ottawa, Ontario K2K 3E7 Canada -Alan Myrvold
|
(Software Version: 7.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 11/16/2004 | Overall Level: 1
-EMI/EMC: Level 3 -Operational Environment: Tested as meeting Level 1 with Intel Pentium 4 running Windows XP SP1 in single user mode running Sun JRE 1.4.2 and UltraSPARC-11i 300 MHz processor running Solaris 9 in single user mode running Sun JRE 1.4.2 -FIPS-approved algorithms: AES (Cert. #193); Triple-DES (Cert. #289); Triple-DES MAC (Cert. #289, vendor affirmed); DSA (Cert. #122); ECDSA, (vendor affirmed); SHS (Cert. #273); HMAC (Cert. #8); RNG (Cert. #40); RSA (Cert. #30) -Other algorithms: DES (Cert. #279); DES MAC (Cert. #279, vendor affirmed); CAST 128; IDEA; RC2; RC4; Diffie-Hellman (key agreement); SPEKE; Rijndael 256; CAST128 MAC; MD2; MD5; HMAC- MD5; IDEA MAC Multi-chip standalone"Authority Toolkits provide customers and partners with the ability to apply best-in-class security to almost any business application. These Toolkits provide a common set of services to permit developers to rapidly deploy applications that solve business problems without having to spend valuable development cycles developing these common services. Entrust Authority's standards-based, application programming interfaces (APIs) make it possible to implement a single enhanced Internet security architecture across multiple applications and platforms. By minimizing the need for separate administration modules with every deployed application, these Toolkits provide a reduction in administrative duplication and help to reduce the cost to deploy across multiple platforms." |
| 478 | Carrier Access Corp. (a wholly owned subsidiary of Turin Networks, Inc.) and Team F1 5395 Pearl Parkway Boulder, CO 80301 USA -Thomas Gormley
-Mukesh Lulla
|
(Software Versions: 4.0.0, 4.1.0, 4.1.1 and 4.6.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 11/08/2004; 12/01/2004; 02/24/2005; 12/22/2005; 03/07/2008; 03/19/2008 |
Overall Level: 1
-Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -Cryptographic Key Management: Level 3 -Operational Environment: Tested as meeting Level 1 with WindRiver pSOS operating system version 2.2.7 and ATM configuration -FIPS-approved algorithms: DSA (Cert. #100); Triple-DES (Cert. #238); AES (Cert. #129); SHA-1 (Cert. #214); HMAC-SHA-1 (Cert. #214, vendor affirmed); RSA (PKCS #1, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip embedded"The Broadmore family of products offer a unique economical means of provisioning, grooming, and routing TDM DS3, DS1, E3, E1 services and mixed-speed serial data to logical ATM connections. The Broadmore/SSHield Management Module controls the Broadmore configuration parameters using SSHield, an implementation of the IETF SECSH protocol, which provides an authenticated, encrypted data communications channel for secure management. More information can also be found on www.teamf1.com and www.carrieraccess.com." |
| 477 | Secure Systems Limited 80 Hasler Road Osborne Part, Western Australia 6017 Australia -Michael J Wynne
-Christine Rainwater
|
(Hardware Versions: SDV201B Rev B and SDV18A Rev A, Firmware Version: SDV2_Ver_1.3.4, Embedded_AA_1.07) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 11/04/2004 | Overall Level: 1
-Roles, Services, and Authentication: Level 2 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Cert. #136); SHS (Cert. #219) -Other algorithms: CRC-32 Multi-chip embedded"The Silicon Data Vault® (SDV®) is a cryptographic hardware security device which asserts absolute control over the hard disk drive (HDD) at the earliest stage of boot up, ensuring the user is authenticated before any data can be accessed. The SDV® is operating system independent, works with any standard ATA HDD, and resides in the IDE channel, blocking and controlling all access to the HDD." |
| 476 | Prism Payment Technologies (Pty) Ltd PO Box 901 Witkoppen, Gauteng 2068 South Africa -Wayne Donnelly
|
(Hardware Version: P/N 5520-00091, Version 2, Firmware Version: 1.1.1.0) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 11/04/2004 | Overall Level: 3
-Physical Security: Level 4
-FIPS-approved algorithms: Triple-DES (Cert. #259); SHA-1 (Cert. #241); Triple-DES MAC (Cert. #259, vendor affirmed); RSA (ANSI X9.31, vendor affirmed) -Other algorithms: DES (Cert. #261); Enhanced Security DES MAC (Cert. #261, vendor affirmed); DES MAC (Cert. #261, vendor affirmed); Multi-chip embedded"The Incognito TSM410 is a multi-chip embedded Tamper Responsive Security Module. Fitted on a PCI carrier card, the device offers highperformace, high-security services targeted at EFT switches and mCommerce applications." |
| 475 | Trust Digital, Inc. 1600 International Drive Suite 100 McLean, VA 22102 USA -Norm Laudermilch
|
(Software Versions: 3.0, 3.0.01) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 11/02/2004; 03/02/2005; 07/29/2005; 09/21/2005; 10/26/2006; 11/06/2006; 02/21/2008 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows NT SP6, 2000; XP Pro; Palm OS 4.1, 5.2.1, 5.2.1H, 5.4.5; Pocket PC 3.0, 4.20; Symbian 7.0; Smartphone 2002; Windows Mobile v5.0 and v6.0; and v5.0 Smartphone edition.
-FIPS-approved algorithms: AES (Certs. #69 and #456); Triple-DES (Certs. #177 and #473); SHS (Certs. #164 and #520); HMAC-SHA-1 (Certs. #164 and #520, vendor affirmed) -Other algorithms: Blowfish; TwoFish; RC4; TEA; Fast XOR; MD5 Multi-chip standalone"Trust Digital’s Cryptographic Module is a 32-bit Windows library compatible with Palm, Pocket PC, RIM, Symbian and other related operating systems. This module provides cryptographic services accessible from software programs written in C/C++ through Application Program Interfaces (APIs). The DLL (dynamically linked library) format of this module allows it to be embedded in existing applications targeted for Palm, Pocket PC, RIM and Symbian operating systems." |
| 474 | L-3 Communications Government Services, Inc. 3750 Centerview Drive Chantilly, VA 20151 USA -Suma Shastry
|
(Hardware Version: Rev B, Part No: 1500, Firmware Version: 5.7) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/22/2004 | Overall Level: 1
-FIPS-approved algorithms: Triple-DES (Cert. #181); Triple-DES MAC (Cert. #181, vendor affirmed) -Other algorithms: N/A Multi-chip standalone"The Hand Held Monitor Module (HHM) device is a component of the Tactical Automated Security System (TASS). The HHM is used to detect, monitor, and access intrusions in secured areas. The HHM works in conjunction with the Communications Module (CM), which receives, and forwards intrusion alerts to the HHM." |
| 473 | L-3 Communications Government Services, Inc. 3750 Centerview Drive Chantilly, VA 20151 USA -Suma Shastry
|
(Hardware Version: Rev B, Part No: 1550, Firmware Version: 5.7) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/22/2004 | Overall Level: 1
-FIPS-approved algorithms: Triple-DES (Cert. #181); Triple-DES MAC (Cert. #181, vendor affirmed) -Other algorithms: N/A Multi-chip standalone"The Communications Module (CM) device is a component of the Tactical Automated Security System (TASS). The Communications Module (CM) works in conjunction with the HHM to receive and forward intrusion alerts." |
| 472 | Pitney Bowes, Inc. 35 Waterview Drive Shelton, CT 06484 USA -Douglas Clark
|
(Hardware Version: DS1955B PB1 - 1.50) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/22/2004 | Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #185); SHA-1 (Cert. #167); DSA (Cert. #90); Triple-DES MAC (Cert. #185, vendor affirmed) -Other algorithms: DES (Cert. #222); Multi-chip standalone"The Pitney Bowes iButton Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information-Based Indicia Program (IBIP). It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds and the production of postage meter indicia in a variety of Pitney Bowes Metering products. The PSD has been designed to support international postal markets and their evolving requirements for digital indicia." |
| 471 | SafeNet, Inc. 4690 Millennium Drive Suite 400 Belcamp, MD 21017 USA -George L. Heron
|
(Hardware Version: C, Firmware Versions: 2.2 and 4.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/22/2004; 05/04/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #258); AES (Cert. #156); SHA-1 (Cert. #117); HMAC-SHA-1 (Cert. #117, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #260); Diffie-Hellman (key agreement); MD5; HMAC-MD5 Multi-chip standalone"The SafeNet HighAssurance 4000 Gateway is a high performance, integrated security appliance that offers Gigabit Ethernet IPSEC encryption. Housed in a tamper evident chassis, the Security Gateway has two Gigabit Ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it. With the implementation of firmware version 2.2, the SafeNet HA 4000 can now be set-up and configured with the Safe Enterprise Security Management Center (SMC)." |
| 470 | CipherOptics Inc. 701 Corporate Center Drive Raleigh, NC 27607 USA -Dennis Toothman
|
(Hardware Version: A, Firmware Version: 3.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/22/2004 | Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: Triple-DES (Cert. #258); AES (Cert. #156); SHA-1 (Cert. #117); HMAC-SHA-1 (Cert. #117, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #260); Diffie-Hellman (key agreement); MD5; HMAC-MD5 Multi-chip standalone"The CipherOptics SG100 and SG1002 are high performance, integrated security appliances that offer Gigabit and 10/100 Ethernet IPSec encryption respectively. Housed in a tamper evident chassis, have two ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it." |
| 469 | CipherOptics Inc. 701 Corporate Center Drive Raleigh, NC 27607 USA -Dennis Toothman
|
(Hardware Version: C, Firmware Version: 2.2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/22/2004 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #258); AES (Cert. #156); SHA-1 (Cert. #117); HMAC-SHA-1 (Cert #117, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #260); Diffie-Hellman (key agreement); MD5; HMAC-MD5 Multi-chip standalone"The CipherOptics Security Gateway is a high performance, integrated security appliance that offers Gigabit Ethernet IPSec encryption. Housed in a tamper evident chassis, the Security Gateway has two Gigabit Ethernet ports. Traffic on the local port is received in the clear, while traffic on the remote port has security processing applied to it." |
| 468 | Fortinet, Inc. 920 Stewart Drive Sunnyvale, CA 94085 USA -Alan Kaye
|
(Hardware Versions: FortiGate-300 (build x20), FortiGate-400 (build x20), FortiGate-500 (build x20) and FortiGate-800 (build x20), Firmware Version: 2.50, build 219,040616) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/18/2004 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #237); AES (Cert. #128); SHS (Cert. #213); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. #213, vendor affirmed) -Other algorithms: DES; DDiffie-Hellman (key agreement); MD5; HMAC-MD5 Multi-chip standalone"FortiGate Antivirus Firewalls are dedicated, hardware-based units that deliver complete, real-time network protection services at the network edge." |
| 467 | Fortinet, Inc. 920 Stewart Drive Sunnyvale, CA 94085 USA -Alan Kaye
|
(Hardware Versions: FortiGate-3000 (build xx20) and FortiGate-3600 (build xx20), Firmware Version: 2.50, build 219,040616) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/18/2004 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #237); AES (Cert. #128); SHS (Cert. #213); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. #213, vendor affirmed) -Other algorithms: DES; Diffie-Hellman (key agreement); MD5; HMAC-MD5 Multi-chip standalone"FortiGate Antivirus Firewalls are dedicated, hardware-based units that deliver complete, real-time network protection services at the network edge." |
| 466 | Francotyp-Postalia AG & Co. KG Triftweg 21-26 D-16547 Birkenwerder, Germany -Volker Baum
|
(Hardware Version: 58.0036.0001.00/05, Firmware Version: 90.0036.0007.00/00) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/18/2004 | Overall Level: 3
-Physical Security: Level 3 +EFP
-FIPS-approved algorithms: Triple-DES (Cert. #39); RSA (PKCS #1, vendor affirmed); SHA-1 (Cert. #43); HMAC-SHA-1 (Cert. #43, vendor affirmed) -Other algorithms: DES (Cert. #108); DES MAC (Cert. #108, vendor affirmed); Diffie-Hellman (key agreement) Multi-chip embedded"The Francotyp-Postalia FrankIT Postal Revenector employs strong encryption, decryption, and digital signature techniques for the protection of customer revenues in Francotyp-Postalia's mail handlers. The FrankIT Postal Revenector has been designed in compliance with the Deutsche Post AG (DPAG), FrankIT Specification." |
| 465 | D'Crypt Pte Ltd. 20 Ayer Rajah Crescent #08-08 Technopreneur Centre, Singapore 139964 Singapore -Quek Gim Chye
|
(Hardware Versions: P/N DC/QE-L.8.1024 Versions 3.0L and 3.1L and P/N DC/QE-S.4.512 versions 3.0S and 3.1S, Firmware Version: 2.0) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/18/2004; 06/06/2005 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #159); SHA-1 (Cert. #139); RSA (FIPS 186-2 and PKCS#1, vendor affirmed); AES (Cert. #49); HMAC-SHA-1 (Cert. #139, vendor affirmed) -Other algorithms: DES (Cert. #205) Multi-chip embedded"The d'Cryptor QE is a programmable cryptographic coprocessor designed for high security assurance applications and features in the d'Cryptor line of products such as d'Cryptor XE, d'Cryptor HSM and TelePort. It contains a secure high-performance cryptographic core that comprises a CPU, Flash ROMs, NVRAM, UTC clock, firmware and a host of useful and cryptographic APIs. The QE provides strong physical security through an opaque, hard epoxy potting and a tamper response mesh that zeroizes all keys in event of tamper. Application loading is authenticated using an approved digital signature scheme." |
| 464 | Nortel Networks 600 Technology Park Billerica, MA 01821 USA -Jonathan Lewis
|
(Hardware Versions: 1700, 2700 and 5000, Firmware Version: V04_85.121) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 10/18/2004; 01/06/2006 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #29 and #183); AES (Cert. #50); SHA-1 (Certs. #31 and #51); HMAC-SHA-1 (Certs. #31 and #51, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #48 and #101); DES MAC (Certs. #48 and #101, vendor affirmed); Diffie-Hellman (key agreement); RC2; RC4; MD2; MD5; HMAC-MD5 Multi-chip standalone"The FIPS 140-2 Level 2 compliant Contivity 1700, 2700 and 5000 Secure IP Services Gateways are the ideal solution for enterprises requiring secure, low-cost connectivity across the Internet or managed IP networks. The Contivity 1700, 2700 and 5000 provide, IP routing, Virtual Private Networking (VPN), stateful firewall, encryption, authentication, directory and policy services, Quality of Service (QoS), and bandwidth management services in a single integrated platform. These devices provide a solution for small, medium, and large sites requiring Internet connectivity for both secure VPN communications and for basic IP/Internet access." |
| 463 | VIACK Corporation 16701 NE 80th St. Suite 100 Redmond, WA 98052 USA -Peter Eng
|
(Software Version: 3.5) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 09/20/2004 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows 2000 Server SP4
-FIPS-approved algorithms: RNG (Cert. #3); AES (Cert. #147); RSA (Cert. #5); SHA-1 (Cert. #236); HMAC-SHA-1 (Cert. #236, vendor affirmed) -Other algorithms: RSA (PKCS #1); RC2 Multi-chip standalone"The VIA3 VkCrypt Cryptographic Module is a software cryptographic module that implements symmetric and public key encryption, digital signatures, and hashing for VIA3 E-meeting products. VIA3 is a secure and confidential E-meeting solution integrating live audio and video, instant messaging, and real-time information sharing." |
| 462 | 3e Technologies International, Inc. 700 King Farm Blvd. Suite 600 Rockville, MD 20850 USA -Ryon Coleman
|
(Hardware Versions: 3e-521NP, 3e-522FIPS, 3e-530NP and 3e-531AP, Firmware Version: 2.6) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 09/20/2004 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #136 and #161); AES (Cert. #27); SHA-1 (Cert. #140); HMAC-SHA-1 (Cert. #140, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement); RSA (PKCS#1); MD5; RC4; DES Multi-chip standalone"The 3e family of Secure Wireless Gateways implements a cryptographic suite including AES, 3DES, SHA-1, HMAC SHA-1, Diffie-Hellman, and HTTPS/TLS. These algorithms are used in combination to protect the main Gateway services of bridging from wired uplink LAN to the wireless LAN, NAT routing from the wired uplink LAN to the wireless LAN, and DHCP service to the local LAN allowing a wired local LAN to exist over the local wireless LAN interface. The cryptographic suite is implemented in an innovative manner so that critical performance is not sacrificed in providing a rugged FIPS 140-2 Level 2 secure wireless solution." |
| 461 | Lucent Technologies, Inc. 600 Mountain Ave Murray Hill, NJ 07974 USA -Kim Tourigny
-Dan Buczala
|
(Hardware Versions: Brick® 350, Brick® 1000 and Brick® 1100, and Encryption Accelerator Card v2: Version 1.0, Board Version 1, Firmware Versions: Lucent LVF v7.2.292 and EAC v2: 7.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 09/08/2004; 02/03/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #75 and #245); SHA-1 (Certs. #65 and #225); HMAC-SHA-1 (Certs. #65 and #225, vendor affirmed); DSA (Cert. #62) -Other algorithms: DES (Certs. #135 and #250); MD5; ARC4; Diffie-Hellman (key agreement); HMAC- MD5 Multi-chip standalone"The VPN Firewall Brick is a high-speed packet-processing appliance, oriented towards providing security functions. The Brick is a carrier-grade integrated firewall and virtual private network (VPN) gateway appliance specifically designed for web/application data center security, large-scale managed security services, and remote access VPN services. Called the Brick because of its rugged, reliable design, this is an ideal platform for service providers seeking wide scalability, ready manageability, and industry-leading performance." |
| 460 | Lucent Technologies, Inc. 600 Mountain Ave Murray Hill, NJ 07974 USA -Kim Tourigny
-Dan Buczala
|
(Hardware Versions: Brick® 350 and Brick® 1000, Firmware Version: Lucent LVF v7.2.292) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 09/08/2004; 02/03/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #245); SHA-1 (Cert. #225); HMAC-SHA-1 (Cert. #225, vendor affirmed); DSA (Cert. #62) -Other algorithms: DES (Cert. #250); MD5; ARC4; Diffie-Hellman (key agreement); HMAC-MD5 Multi-chip standalone"The VPN Firewall Brick is a high-speed packet-processing appliance, oriented towards providing security functions. The Brick is a carrier-grade integrated firewall and virtual private network (VPN) gateway appliance specifically designed for web/application data center security, large-scale managed security services, and remote access VPN services. Called the Brick because of its rugged, reliable design, this is an ideal platform for service providers seeking wide scalability, ready manageability, and industry-leading performance." |
| 459 | Backbone Security.com, Inc. 701 Main Street Suite 300 Stroudsburg, PA 18360 USA -Glenn Watt
|
(Hardware Version: 3.0, Software Version: 2.2 FIPS) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 09/08/2004 | Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Cert. #208); AES (Cert. #94); SHA-1 (Cert. #184); HMAC-SHA-1 (Cert. #184, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement); HMAC-SHA-256; HMAC-SHA-512; HMAC-MD5 Multi-chip standalone"Ribcage is a secure IPSec Virtual Private Network that provides secure connectivity deployed on a shared infrastructure with the same privacy and performance as a leased network. Ribcage is a solution that is flexible as both a secure virtual private network and as a remote access, with straightforward administration tools that allow rapid set-up and administration remotely or locally." |
| 458 | SonicWALL, Inc. 1143 Borregas Ave. Sunnyvale, CA 94089-1306 USA -Usha Sanagala
|
(Hardware Version: P/N 101-5000072-00 rev A, Firmware Versions: SonicOS Enhanced Versions 2.0, v2.5 and v3.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 09/08/2004; 02/24/2005; 05/17/2006; 04/25/2007 |
Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: AES (Certs. #121 and #140); Triple-DES (Certs. #231 and #248); SHA-1 (Cert. # 208); HMAC-SHA-1 (Cert. #208, vendor affirmed); DSA (Cert. #98); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #245 and #251); RC4; MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The SonicWALL TZ 170 is an internet security appliance with a WAN interface, a flexible Optional interface, and a LAN interface incorporating a 5-port Fast-Ethernet switch. The SonicWALL TZ 170 provides stateful packet inspection firewall services, accelerated IPSec VPN, bandwidth management, and can be upgraded to offer ISP failover and traffic loadbalancing. The SonicWALL TZ 170 also serves as a platform for extensible security services such as Content Filtering Services (CFS), Network Anti - Virus, and E-mail filtering." |
| 457 | Sun Microsystems 4150 Network Circle Santa Clara, CA 95054 USA -Javier Lorenzo
-Irfan Khan
|
(Hardware Versions: Fiber: 501-6040-02 and 501-6040-03, UTP/Copper: 501-6039-05 and 501-6039-06, Firmware Version: 1.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 08/12/2004 | Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert.# 190); AES (Cert. #79); SHA-1 (Certs. #171 and #172); HMAC-SHA-1 (Certs. #171 and #172, vendor affirmed); DSA (Cert. #92); RSA (PKCS #1, vendor affirmed) -Other algorithms: DES (Cert. #225); MD5; HMAC-MD5; RC2 Multi-chip embedded"The Sun Cryptographic Accelerator 4000 (SCA 4000) is a highperformance secure networking solution for Sun servers. It is a PCI card consisting of a Gigabit Ethernet adapter with on-board cryptographic acceleration hardware and a secure cryptographic key store. The card enhances server network performance by off-loading compute intensive cryptographic calculations (asymmetric and symmetric) from the server's CPU, accelerating both IPsec and SSL processing. The SCA 4000 also provides a secure remote administration capability. It is tightly integrated with Sun's server hardware and software. The SCA 4000 meets or exceeds all FIPS 140-2 Level 3 requirements." |
| 456 | Giesecke & Devrient 45925 Horseshoe Drive Dulles, VA 20166 USA -Michael Poitner
-Jatin Deshpande
|
(Hardware Version: HD65246C1A05NB, Firmware Versions: CH463JC_INABFOP003901_V101 and CH463JC_INABFOP003901_V102, Applet Versions: AC Applet Versions 2.3.0.2 and 2.3.0.5; ASC Library 2.3.0.2 and 2.3.0.3; and PKI/GC Applet Versions 2.3.0.2 and 2.3.1.2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 08/11/2004; 09/07/2005; 04/04/2008 |
Overall Level: 2
-Physical Security: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #239); AES (Cert. #132); SHA-1 (Cert. #216); DSA (Cert. #102); RSA (Cert. #7, PKCS#1); Triple-DES MAC (Cert. #239, vendor affirmed) -Other algorithms: DES (Cert. #249); DES MAC (Cert. #249, vendor affirmed) Single-chip"Giesecke & Devrient (G&D) Smart Card Chip Operating System Sm@rtCafé Expert FIPS 64 is a Java Card 2.2 and Open Platform v2.0.1' compliant smart card module. It supports, at a minimum, Triple-DES, AES, DSA, and RSA algorithms with on-card key generation. The Sm@rtCafé Expert FIPS 64 is suitable for government and corporate identification, payment and banking, health care, and Web applications." |
| 455 | SonicWALL, Inc. 1143 Borregas Ave. Sunnyvale, CA 94089-1306 USA -Usha Sanagala
|
(Hardware Versions: 3060 101-500078-00 rev. A and 4060 101-500067-00 rev. A, Firmware Versions: SonicOS Enhanced Versions v2.0, v2.5 and v3.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 08/11/2004; 02/24/2005; 05/17/2006; 05/31/2006; 04/25/2007 |
Overall Level: 2
-EMI/EMC: Level 3
-FIPS-approved algorithms: AES (Certs. #105 and #121); Triple-DES (Certs. #217 and #231); SHA-1 (Cert. #208); HMAC-SHA-1 (Cert. #208, vendor affirmed); DSA (Cert. #98); RSA (vendor affirmed) -Other algorithms: DES (Cert. #245); RC4; MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The PRO 4060 and PRO 3060 are internet security appliances offering stateful packet inspection firewall services, accelerated IPSec VPN, bandwidth management, and dual-WAN port support with ISP failover and load-balancing capabilities, all via six configurable 10/100 Ethernet interfaces." |
| 454 | iDirect Technologies 10803 Parkridge Boulevard Reston, VA 20191 USA -Sasmith Reddi
|
(Hardware Version: 5.0, Firmware Version: 5.0.1) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 08/02/2004 | Overall Level: 1
-FIPS-approved algorithms: Triple-DES (Cert. #243); SHA-1 (Cert. #220); HMAC-SHA-1 (Cert. #220, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: Multi-chip standalone"iDirect Technologies provides solutions that allow enterprises of any size, in virtually any location, to access broadband TCP/IP communications via satellite. Our technology provides the flexibility, capability, and reliability that enterprise and government customers need to support critical business applications. The Protocol Processor is the central component of iDirect’s TDMA star network product and is responsible for network wide functions such as: TCP acceleration, QoS, 3DES encryption, TDMA management and dynamic time slot allocation." |
| 453 | iDirect Technologies 10803 Parkridge Boulevard Reston, VA 20191 USA -Sasmith Reddi
|
(Hardware Version: 5.0, Firmware Version: 5.0.1) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 07/28/2004 | Overall Level: 1
-EMI/EMC: Level 3
-FIPS-approved algorithms: Triple-DES (Cert. #242); SHA-1 (Cert. #220); HMAC-SHA-1 (Cert. #220, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: Multi-chip standalone"iDirect Technologies provides solutions that allow enterprises of any size, in virtually any location, to access broadband TCP/IP communications via satellite. Our technology provides the flexibility, capability, and reliability that enterprise and government customers need to support critical business applications. The iDirect NetModem II Plus broadband router is a compact, set-top terminal that routes IP traffic over satellite networks." |
| 452 | Credant Technologies Corporation 15305 Dallas Parkway Suite 1010 Addison, TX 75001 USA -Chris Burchett
|
(Versions 1.3 and 1.4) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 07/28/2004; 09/21/2004; 09/24/2004 |
Overall Level: 1
-EMI/EMC: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows 2000 Professional SP 1 and Windows CE 3.0 (single user mode) -FIPS-approved algorithms: AES (Certs. #117 and #168); Triple-DES (Certs. #229 and #272); SHA-1 (Certs. #206 and #253); HMAC-SHA-1 (Certs. #206 and #253, vendor affirmed); RNG (Cert. #19) -Other algorithms: Multi-chip standalone"Credant Cryptographic Kernel is a FIPS 140-2 compliant, software-based cryptography library that implements Triple-DES, AES, SHA-1, and HMAC-SHA-1 algorithms for the Credant Mobile Guardian product. Credant Mobile Guardian enables enterprise-wide control of security for mobile and wireless users of laptops, tablet PCs, PDAs and smart phones." |
| 451 | Good Technology, Inc. 4250 Burton Drive Santa Clara, CA 95054 USA -Daphne Won
|
(Software Versions: Pocket PC 20040220 and Symbian 4.9.1) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 07/28/2004; 01/11/2007 |
Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Symbian 9.1 and Windows CE 4.2
-FIPS-approved algorithms: AES (Certs. #134 and #477); Triple-DES (Certs. #240 and #491); SHA-1 (Certs. #217 and #545); HMAC-SHA-1 (Certs. #217, vendor affirmed and #234) -Other algorithms: Multi-chip standalone"The Good FIPSCrypto is a FIPS 140-2 validated software-based cryptographic module that implements the Triple-DES; AES; SHA-1; HMAC-SHA-1 algorithms." |
| 450 | Nokia Enterprise Solutions 313 Fairchild Drive Mt View, CA 94043 USA -Robert Kusters
|
(Hardware Versions: IP350, IP355, IP380 and IP385, Software Versions: (IPSO v3.7.99 and Check Point NG with Application Intelligence R54) and (IPSO v3.9 and Check Point NG with Application Intelligence R60)) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 07/28/2004; 07/28/2005; 09/21/2006; 11/06/2006 |
Overall Level: 2
-FIPS-approved algorithms: AES (Certs. #88 and #407); Triple-DES (Certs. #41, #80, #132, #234, #235, #333 and #440); SHA-1 (Certs. #42, #69, #210, #211, #212, #325 and #474); HMAC-SHA-1 (SHA-1 Certs. #42, #56, #69, #210, #211, #212, vendor affirmed and HMAC-SHA-1 #179 and #180); DSA (Cert. #99); RSA (PKCS #1 vendor affirmed and #63, #146 and #149); RNG (#30, #196 and #201) -Other algorithms: DES (Certs. #110, #142, #183, #247, #311 and #314); CAST; DES (40 bits); HMAC-MD5; MD5; Arcfour; Blowfish Multi-chip standalone"The Nokia IP350, IP355, IP380 and IP385 are full-featured enterprise systems designed for small to medium enterprises, with Service Provider flexibility and rapid serviceability option in a single rack space. When combined with Check Point VPN-1/FW-1, these platforms provide reliable, easy to manage distributed security and access." |
| 449 | Oberthur Card Systems 4250 Pleasant Valley Road Chantilly, VA 20151 USA -Christophe Goyet
|
(Hardware Version: P/N: 77, Firmware Version: E302) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 07/28/2004; 02/25/2005; 03/01/2005; 06/29/2005; 09/23/2005 |
Overall Level: 3
-FIPS-approved algorithms: AES (Cert. #123); Triple-DES (Cert. #232); Triple-DES MAC (Cert. #232, vendor affirmed); SHA-1 (Cert. #209); RSA (FIPS 186-2, PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #246); DES MAC (Cert. #246, vendor affirmed); Single-chip"The ID-One Cosmo 64 v5 is a JavaCard cryptographic module with dual interface (ISO 7816 & ISO 14443) specifically designed for identity and government needs. It offers a full 64K Byte of EEPROM space available for customer discretionary use, together with on card cryptographic services such as TDES, AES, and 2048-bit RSA algorithms with on-card key generation. It is compliant to Java Card v2.2 and Open Platform v2.1.1A. To protect against skimming, a built-in firewall allows application developers to disable contactless access for sensitive operations. Additional features include On-Card fingerprint matching and Logical Channels. The ID-One Cosmo 64 v5 is available in contact only, dual interface, or contactless only formats." |
| 448 | Chunghwa Telecom Co. Ltd. Telecommunication Lab 12, Lane 551, Min-Tsu Road SEC.5 Yang-Mei Taoyuan, Taiwan 326 Republic of China -Yu-Ling Cheng
|
(Hardware Version: HSM-HW-0312.02, Firmware Version: HSM-SW-ARM-FRTO.01) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/30/2004 | Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #224); AES (Cert. #111); SHA-1 (Cert. #201); RSA (FIPS 186-2, vendor affirmed) -Other algorithms: RC6 Multi-chip standalone"SafGuard200 is a multi-chip standalone cryptographic module that is used to provide highly-secure cryptographic services and key storage for PKI applications. (e.g., secure private key storage, high-speed math accelerator for 1024-4096 bit public key signatures, and hashing). The SafGuard 200 HSM provides secure identity-based challenge-response authentication using smart cards and data encryption using FIPS approved 3DES and AES encryption." |
| 447 | Oracle Corporation 500 Oracle Parkway Redwood Shores California, CA 94065 USA -Shaun Lee
|
(Software Version 10g (9.0.4)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 06/30/2004; 08/06/2004 |
Overall Level: 2
-Operational Environment: Tested as meeting Level 2 with Sun Solaris Version 8 running on a Sun Ultra 60 UltraSparc workstation
-FIPS-approved algorithms: Triple-DES (Cert. #170); SHA-1 (Cert. #154); RSA (PKCS#1, vendor affirmed); HMAC-SHA-1 (Cert. #154, vendor affirmed) -Other algorithms: DES (Cert. #215); RSA-MD5 (PKCS#1); RC4; HMAC-MD5; Diffie-Hellman (key agreement); RSA (PKCS#5) Multi-chip standalone"The Oracle Cryptographic Libraries for SSL 10g (9.0.4) is a generic module used by Oracle Corporation in a variety of its application suites. The module is used to provide support to cryptography, authentication, PKCS and certificate management for applications like the Oracle Database Server, Oracle Applications Server, Oracle Internet Directory, Web Cache and Oracle HTTP Server. It provides a rich set of functionality and uses PKCS wallet structures for managing identities and trustpoints." |
| 446 | 3Com Corporation 5500 Great America Parkway Santa Clara, CA 95052 USA -Rahul Jain
-Annette Davis
|
(Hardware Versions: 03-0229-100 and 03-0347-000, Firmware Versions: Runtime: 03.001.008, Diagnostic: 03.001.008, Sleep: 03.001.007) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/30/2004 | Overall Level: 1
-EMI/EMC: Level 3
-FIPS-approved algorithms: Triple-DES (Cert. #212); SHA-1 (Certs. #188 and #189); HMAC-SHA-1 (Certs. #188 and #189, vendor affirmed) -Other algorithms: DES (Cert. #234); MD5; HMAC-MD5 Multi-chip embedded"3Com® 10/100 Secure NICs offers IPSec and TCP/IP offloading, upgradability to the embedded firewall technology while also offering advanced intrusion resistance to protect your LAN, without sacrificing throughput performance. In addition, the NICs incorporate advanced server features and remote management capabilities to accelerate application response and lower IT administration time." |
| 445 | Research In Motion® 295 Phillip Street Waterloo, Ontario N2L 3W8 Canada -Government Certifications Team
|
(Software Version: 1.0.0.2) (When operated in FIPS mode with FIPS validated Microsoft® Base Cryptographic Providers Certificates #76 or #103 operating in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 06/30/2004; 08/24/2005 |
Overall Level: 1
-EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows NT Server 4.0 SP6a -FIPS-approved algorithms: Triple-DES (Cert. #216); AES (Cert. #104); SHA-1 (Cert. #195); HMAC-SHA-1 (Cert. #195, vendor affirmed) -Other algorithms: Rijndael Multi-chip standalone"BlackBerry® is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry® is a totally integrated package that includes hardware, software and service, providing a complete endtoend solution. The BlackBerry® Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry®" |
| 444 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Hazem Hassan
|
(Hardware Version: 1.0, Firmware Version: 2.0, EXFs: GSC-IS application executable (G2 EXF) Version 22) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/30/2004; 02/22/2005 |
Overall Level: 2
-Physical Security: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #236); DSA/SHA-1 (Cert. #35);RSA (PKCS #1, vendor affirmed) -Other algorithms: DES (Cert. #88); Diffie-Hellman (key agreement) Single-chip"The 330G2 is an ISO 7816 and GSC-IS compliant cryptographic smart card designed for identification and access control applications. The card provides a secure, mobile platform for creating, storing and using keys, certificates, passwords and other digital credentials. Security services include: Multiapplication secure storage and retrieval of data and digital credentials. Authentication of the cardholder and the security officer. Cryptographic services including SHA-1, DES, 3DES, RSA Sign/Verify, RSA Encrypt/Decrypt and DSA Sign/Verify with on board key generation including RSA 2048-bit key generation." |
| 443 | ActivCard, Inc. 6623 Dumbarton Circle Fremont, CA 94555 USA -Eric Le Saint
|
(Hardware Version: Cyberflex Access 64k v2, OS Hard Mask no01 v01 Firmware Version: OS Soft Mask no02 v03, ID Applet v1.0.0.23, PKI Applet v1.0.0.29, GC Applet v1.0.0.27, SKI Applet v1.0.0.16) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/23/2004; 05/26/2006 |
Overall Level: 2
-Physical Security: Level 3 -EMI/EMC: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #193); Triple-DES MAC (Cert. #193, vendor affirmed); SHA-1 (Cert. #173); RSA (PKCS#1, vendor affirmed); AES (Cert. #81) -Other algorithms: DES (Cert. #227); DES MAC (Cert. #227, vendor affirmed) Single-chip"ActivCard Digital Identity Applet Suite v1.1.5 on Cyberflex Access 64k v2 provides the following services: - Card Holder verification using PIN - Secure storage of data and private information - RSA based Digital Signature (1024 and 2048 bits) - DES/TDES based One Time Password (OTP) generation" |
| 442 | Vormetric, Inc. 3131 Jay Street Santa Clara, CA 95054 USA -Suhel Khan
-Paulus Weemaes
|
(Hardware Version: P/N 30 Release 1.0 Version 3.0, Firmware Versions: VN.3.0SP1- Build0060 and VN.3.0SP1-Build0064) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/16/2004; 07/27/2004; 01/27/2006 |
Overall Level: 2
-Cryptographic Module Ports and Interfaces: Level 3 -Roles, Services, and Authentication: Level 3 -Cryptographic Key Management: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #241); AES (Cert. #135); SHA-1 (Cert. #218); HMAC-SHA-1 (Cert. #218, vendor affirmed); RSA (PKCS #1, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement); MD5 Multi-chip standalone"Vormetric CoreGuard Security Server is a comprehensive security solution that combines protection of data at rest, application integrity and host protection. CoreGuard integrates a software module loaded on a server, and a FIPS compliant appliance with user-defined security policies allowing fine-grain data access control and selective encryption of data at rest (AES 128/256 and 3DES), application digital signatures, enforced user authentication, host protection and central management. CoreGuard installs transparently and does not require changes to applications, databases or storage architectures allowing the security to extend to any data across the enterprise." |
| 441 | F-Secure Corporation Tammasaarenkatu 7 PL 24 Helsinki, 00181 Finland -Alexey Kirichenko
|
(Software Version: 1.1.11) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 06/16/2004; 05/20/2008 |
Overall Level: 1
-EMI/EMC: Level 3 -Self-Tests: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows CE 4.20.1081 -FIPS-approved algorithms: AES (Cert. #4); SHA-1 (Cert. #224); HMAC-SHA-1 (Cert. #224, vendor affirmed) -Other algorithms: Passphrase-based key derivation (PBKDF2 as specified in PKCS#5); AES (IWEC) Multi-chip standalone"The F-Secure Pocket PC Cryptographic Library is a software module, implemented as a 32-bit Windows CE compatible DLL for Windows Mobile 2003 and Pocket PC 2002 platforms. It provides an assortment of cryptographic services to any client process that attaches an instance of the module DLL. The services are accessible for the client through a Clanguage Application Program Interface. The cryptographic services are also available in the form of a static library and as source code." |
| 440 | Sigaba Corporation 1875 South Grant Road Suite 500 San Mateo, CA 94402 USA -Greg Desmarais
|
(Software Version 1.2) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 06/16/2004 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows XP Professional SP1, Java Runtime Environment 1.4.2-b28
-FIPS-approved algorithms: Triple-DES (Cert. #94); AES (Cert. #22); SHA-1 (Cert. #78); HMAC-SHA-1 (Cert. #78, vendor affirmed); DSA (Cert. #56); RSA (FIPS 186-2, vendor affirmed) -Other algorithms: Diffie-Hellman (key agreement); Secure Remote Password (SRP); Extended Secure Remote Password (ESRP); Triple-DES (ECB mode); DSA (Signing and Key Generation) Multi-chip standalone"The module is a JAVA language cryptographic component to be used by the various SigabaÆs security products. The module is designed to meet Level 1 requirements of FIPS 140-2 standard. The module is a cryptographic library that provides variety of cryptographic services (both approved as well as non-approved). The module can be executed on any general-purpose PC and operating system capable of running JRE 1.4 or later." |
| 439 | Decru a NetApp Company 275 Shoreline Drive Fourth Floor Redwood City, CA 94065 USA -Michele Borovac
|
(Hardware PN/Rev 60-000109/A, Firmware PN NAS 29.4 and SAN 29.4, Software PN 23.3) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/16/2004; 06/21/2007 |
Overall Level: 3
-FIPS-approved algorithms: SHA-1 (Certs. #190, #191 and #192); AES (Certs. #97, #98 and #99); ECDSA (vendor affirmed); HMAC-SHA-1 (Cert. #192, vendor affirmed); SHA-256 (Cert. #223); HMAC-SHA-256 (Cert. #223, vendor affirmed) -Other algorithms: Multi-chip embedded"Decru's Storage Encryption Processor (SEP) is the primary cryptographic and key management engine for Decru DataFort products. Decru DataFort is a wire-speed storage security appliance. DataFort uses hardware-based encryption, authentication, secure access controls, and secure logging to protect networked storage in NAS, SAN, DAS and Tape environments. DataFort can be deployed transparently, with no changes to desktops, servers, applications, or user workflow." |
| 438 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(Hardware Versions: 2621XM and 2651XM with AIM-VPN/EP Version 1.0 and Board Version B0, Firmware Version: IOS 12.3(3d)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/16/2004; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #32 and #156); Triple-DES MAC (Cert. #156, vendor affirmed); AES (Cert. #46); SHA-1 (Cert. #26 and DSA Cert. #38); HMAC-SHA-1 (Cert. #26, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #100 and #202); DES MAC (Cert. #202, vendor affirmed); MD4; MD5; HMAC-MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Modular Access Routers are routers that provides data protection on a network providing packet encryption. The modules perform all of the functions typical of a router. In addition to the normal routing functions, the modules also provide packet encryption. The modules are capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 437 | F-Secure Corporation Tammasaarenkatu 7 PL 24 Helsinki, 00180 Finland -Alexey Kirichenko
|
(Software Version 2.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 06/16/2004 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows 98, Windows XP and Windows ME (single user mode)
-FIPS-approved algorithms: Triple-DES (Cert. #202); AES (Cert. #89); SHA-1 (Cert. #178); HMAC-SHA-1 (Cert. #178, vendor affirmed); DSA (Cert. #94); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #231); DES (CTR); Blowfish; CAST 128; MD5; SHA-256; HMAC- MD5, HMAC-SHA-256, Diffie-Hellman (key agreement); Passphrase-based key derivation (PBKDF2 as specified in PKCS#5) Multi-chip standalone"The F-Secure Cryptographic Library for Windows (the Module) is a software module, implemented as a 32-bit Windows 'NT/2000/XP/98/ME' compatible DLL (FSCLM.DLL). The Module provides an assortment of cryptographic services to any client process that attaches an instance of the Module DLL. The Module is designed and implemented to meet the level 1 requirements of FIPS publication 140-2 when running on appropriate hardware under Windows 98, ME or XP operating system." |
| 436 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Randy Kun
|
(Hardware Versions: 2.0, 3.0 and 4.0, Firmware Version 4.1.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 06/10/2004; 10/18/2004; 12/22/2005 |
Overall Level: 2
-Physical Security: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -Cryptographic Key Management: Level 3 -Self-Tests: Level 3 -Mitigation of Other Attacks: Level 3 -FIPS-approved algorithms: AES (Cert. #41); Triple-DES (Cert. #73); DSA (Cert. #51); SHA-1 (Cert. #64); RSA (FIPS 186-2 and PKCS #1, vendor affirmed); Triple-DES MAC (Cert. #73, vendor affirmed); HMAC-SHA-1 (Cert. #64, vendor affirmed) -Other algorithms: DES (Cert. #32); DES MAC (Cert. #32, vendor affirmed); RC2; RC4; RC5; CAST; CAST3; CAST5; SEED; MD2; MD5; Diffie-Hellman 1024; CAST MAC; CAST3 MAC; CAST5 MAC; SSL3-MD5 MAC; SSL3-SHA-1 MAC; HMAC-MD5; KCDSA; PBE-MD2-DES; PBE-MD5-DES; PBE-MD5-CAST; PBE-MD5-CAST3; PBE-SHA-1-CAST5; AES MAC; RC2 MAC; RC5 MAC Multi-chip embedded"The K3 Chrysalis-ITS Cryptographic Engine is a hardware cryptographic module in the form of a PCI card that resides within a secured generalpurpose computing appliance. It is contained in its own secure enclosure that provides physical resistance to tampering and zeroization in the event the enclosure is opened. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI card." |
| 435 | SafeNet, Inc. 951 Aviation Pkwy Suite 300 Morrisville, NC 27560 USA -Glenn Constable
|
(Hardware Versions: SE-SLE-HNxAC[1], SE-SLE-LNxAC[2], SE-SLE-1ExAB[3], SE-SLE-27xAB[4], SE-SLE-2ExAB[5], SE-SLE- LRxAB[6], SE-SLE-37xAB[7] and SE-SLE-VVxAB[8], Firmware Version: 4.01) (When operated in FIPS mode) (Note: Refer to the cryptographic module’s security policy for the details on the letter x designation) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/28/2004; 06/10/2004 |
Overall Level: 2
-Physical Security: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: Triple-DES (Certs. #22 and #139); AES (Cert. #32); DSA/SHA-1 (Cert. #5) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone"The SafeNet™ SafeEnterprise™ Link Encryptor's (SLE's) secure sensitive data transmitted over high-speed, point-to-point communication links. The system supports synchronous, full-duplex data rates up to 8 Mbps, and employs FIPS approved AES or Triple-DES algorithms. The SLE can be locally controlled or managed using the SafeNet™ SafeEnterprise™ Security Management Center (SMC), an SNMP-based security management system." |
| 434 | Entrust, Inc. One Hanover Park 16633 Dallas Parkway Suite 800 Addison, TX 75001 USA -Entrust Sales
|
(Software Version: 7.0) (When operated in FIPS mode with FIPS validated browser services operating in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 05/27/2004 | Overall Level: 1
-Operational Environment: Tested as meeting Level 1 with Windows 2000 SP3 running Microsoft VM for Java 5.0.0.3810 or Sun plug-in version 1.4.1, and Netscape Navigator 7.0 (Certs. #7, #45 and #47) or Microsoft Internet Explorer 6.0 SP1 (Certs. #103 and #106) (single user mode)
-FIPS-approved algorithms: Triple-DES (Cert. #69); SHA-1 (Cert. #60); RSA (PKCS#1, vendor affirmed) -Other algorithms: CAST 128 Multi-chip standalone"The module performs low level cryptographic operations - encryption, decryption and hashes - implemented in software using the high-level Java programming language. Currently, the module is imbedded into an applet as part of the TruePass product suite that allows integration of cryptographic security into web applications." |
| 433 | Enterasys Networks 50 MinuteMan Rd. Andover, MA 01810 USA -Damon Hopley
|
(Hoftware Version: REL 6.3, Firmware Version: REL 6.3, Hardware Version: REV 0A-G) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/26/2004 | Overall Level: 2
-FIPS-approved algorithms: AES (Certs. #48, 106 and #107); Triple-DES (Certs. #158, #218, #219 and #220); SHA-1 (Certs. #143, #197, #198 and #199); HMAC-SHA-1 (Certs. #143, #197, #198 and #199, vendor affirmed); DSA (Cert. #97); RSA (PKCS #1, vendor affirmed) -Other algorithms: DES (Certs. #204, #238, #239 and #240); HMAC-MD5; MD5; MD4; 40-bit and 128-bit RC4; CAST; Blowfish; Twofish; ARCfour; Diffie-Hellman (key agreement) Multi-chip standalone"Enterasys Networks X-Pedition Security Routers (XSR), the XSR-1805, XSR-1850, and XSR-3250 modules are networking devices that combine a broad range of IP routing features, a broad range of WAN interfaces and a rich suite of network security functions, including site-to-site and remote access VPN connectivity and policy managed, stateful-inspection firewall functionality." |
| 432 | Cisco Systems, Inc. 7025-6 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Chris Romeo
|
(Hardware Version 3.2, Firmware Version 12.2(11r) YQ4) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/26/2004; 10/01/2004; 05/24/2005 |
Overall Level: 1
-Cryptographic Module Specification: Level 2 -Roles, Services, and Authentication: Level -EMI/EMC: Level 2 -Design Assurance: Level 2 -Cryptographic Module Ports and Interfaces: Level 2 -Finite State Model: Level 2 -Cryptographic Key Management: Level 2 Self-Tests: Level 2 -FIPS-approved algorithms: Triple-DES (Cert. #156); Triple-DES MAC (Cert. #156, vendor affirmed); AES (Cert. #46); SHA-1 (Cert. #26); HMAC-SHA-1 (Cert. #26, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Cert. #202); DES MAC (Cert. #202, vendor affirmed); MD4; MD5; Diffie-Hellman (key agreement); HMAC-MD5 Multi-chip embedded"The module is a high-performance router card, which offers secure data, voice and video communications, seamless mobility and interoperability across multiple wireless networks. The unique functionality of this router card is that always on IP connectivity for networks in motion. This allows IP hosts on a mobile network to connect transparently to the parent network while the router is in motion." |
| 431 | Gemplus Corp. Avenue du Pic de Bretagne BP 100, GTmenos Cedex 13881 France -Luc Astier
|
(GP92, Firmware Versions: GXP3 - FIPS EI19 and GXP3 - FIPS EI19 with new ATR and fast ATR) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/26/2004; 07/27/2004; 08/05/2004 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Cert. #95); SHA-1 (Cert. #82); RSA (PKCS#1, vendor affirmed); Triple-DES MAC (Cert. #95, vendor affirmed) -Other algorithms: DES (Cert. #155); DES MAC (Cert. #155, vendor affirmed) Single-chip"GemXpresso Pro R3 E64 PK - FIPS is based on a Gemplus Open OS Smart Card with 64K of EEPROM.. The SmartCard platform has on board Triple DES and RSA algorithms and can provide on board key generation. The module conforms to Java Card V2.1.1 and Global Platform V2.0.1 standards" |
| 430 | SafeNet, Inc. 951 Aviation Parkway Suite 300 Morrisville, NC 27560 USA -Glenn Constable
|
(SE-SFE-LixAC[1], SE-SFE-HixAC[1], and SE-SFE-VVxAC[2], Firmware Version: 5.00) (When operated in FIPS mode) (Note: Refer to the cryptographic module’s security policy for the details on the letter (i and x) designations) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/26/2004; 06/10/2004 |
Overall Level: 3
-FIPS-approved algorithms: Triple-DES (Certs. #22 and #139); AES (Cert. #32); DSA/SHA-1 (Cert. #5) -Other algorithms: Diffie-Hellman (key agreement) Multi-chip standalone"The SFE protects information flowing between nodes or sites of a frame relay network. It can be configured to either allow or disallow information flow between two frame relay nodes. Furthermore, the information flow can be either protected through AES/TDES encryption or passed without encryption. The SFE II supports Full-Duplex throughput of up to 8m Mbps and 922 active secure connections." |
| 429 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(Hardware Versions: 6509, 7606 and 7609, Backplane Chassis Version 3.0 (6509), 1.0 (7606) and 1.0 (7609), Supervisor Blade Version 3.2, VPN Accelerator Blade Version 1.2, Firmware Version: 12.2(14)SY3) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/06/2004; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #132, #155 and #156); Triple-DES MAC (Cert. #156, vendor affirmed); SHA-1 (Certs. #26 and #117); HMAC-SHA-1 (Certs. #26 and #117, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #183, #201 and #202); DES MAC (Cert. #202, vendor affirmed); AES (Cert #46); MD4; MD5; Diffie-Hellman (key agreement); HMAC-MD5 Multi-chip standalone"The Cisco Catalyst 6509 Switch, 7606 and 7609 Routers offer versatility, integration, and security to branch offices. With numerous Network Modules (NMs) available, the modular architecture of the Cisco router easily allows interfaces to be upgraded to accommodate network expansion. The Cisco 6509, 7606 and 7609 provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements." |
| 428 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(Hardware Versions: 7206 VXR NPE-G1 Version 1.1, Fab Version 05 and VAM2 Version 2.0, Board Version A0, and Firmware Version: IOS 12.3(3d)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/06/2004; 11/29/2004; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #156 and #158); Triple-DES MAC (Cert. #156, vendor affirmed); AES (Certs. #46 and #48); SHA-1 (Certs. #26 and #143); HMAC-SHA-1 (Certs. #26 and #143, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #202 and #204); DES MAC (Cert. #202, vendor affirmed); MD4; MD5; HMAC-MD5; Diffie-Hellman (key agreement) Multi-chip standalone"Cisco Modular Access Routers are routers that provide data protection on a network providing packet encryption. The module performs all of the functions typical of a router. In addition to the normal routing functions, the module also provides packet encryption. The module is capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 427 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(Hardware Versions: 2691, 3725 and 3745 with AIM-VPN/EPII Version 1.0, Board Version A0 and AIM-VPN/HPII Version 1.0, Board Version A0, and Firmware Version: IOS 12.3(3d)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/06/2004; 05/25/2004; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #156 and #160); Triple-DES MAC (Cert. #156, vendor affirmed); AES (Certs. #46 and #51); SHA-1 (Certs. #26 and #144); HMAC-SHA-1 (Cert. #26, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #202 and #206); DES MAC (Cert. #202, vendor affirmed); MD4; MD5; HMAC-MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Modular Access Routers are routers that provides data protection on a network providing packet encryption. The modules perform all of the functions typical of a router. In addition to the normal routing functions, the modules also provide packet encryption. The modules are capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 426 | Cisco Systems, Inc. 7025 Kit Creek Road PO Box 14987 Research Triangle Park, NC 27709-4987 USA -Michael Soto
|
(Hardware Versions: 1721 and 1760 with MOD1700-VPN Version 2.1, Board Version A0 and Firmware Version: IOS 12.3(3d)) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/06/2004; 05/25/2004; 05/24/2005 |
Overall Level: 2
-FIPS-approved algorithms: Triple-DES (Certs. #32 and #156); Triple-DES MAC (Cert. #156, vendor affirmed); AES (Cert. #46); DSA/SHA-1 (Cert. #38); HMAC-SHA-1 (SHA-1 Cert. #26 and DSA/SHA-1 Cert. #38, vendor affirmed); RSA (PKCS#1, vendor affirmed) -Other algorithms: DES (Certs. #100 and #202); DES MAC (Cert. #202, vendor affirmed); MD4; MD5; HMAC-MD5; Diffie-Hellman (key agreement) Multi-chip standalone"The Cisco Modular Access Routers are routers that provides data protection on a network providing packet encryption. The modules perform all of the functions typical of a router. In addition to the normal routing functions, the modules also provide packet encryption. The modules are capable of encrypting traffic between one or more modules: providing a secure connection at the packet level." |
| 425 | Pitney Bowes, Inc. 35 Waterview Drive Shelton, CT 06484 USA -Douglas Clark
|
(Hardware version: DS1955B PBO-1.00c) Validated to FIPS 140-2 Security PolicyCertificate |
Hardware | 05/06/2004 | Overall Level: 3
-Physical Security: Level 3 +EFP
-FIPS-approved algorithms: Triple-DES (Cert. #185); SHA-1 (Cert. #167); DSA (Cert. #90); Triple-DES MAC (Cert. #185, vendor affirmed) -Other algorithms: DES (Cert. #222); Multi-chip standalone"The Pitney Bowes iButton Postal Security Device (PSD) has been designed in compliance with the United States Postal Service (USPS), Information- Based Indicia Program (IBIP). It employs strong encryption, decryption, and digital signature techniques for the protection of customer funds and the production of postage meter indicia in a variety of Pitney Bowes Metering products. The PSD has been designed to support international postal markets and their evolving requirements for digital indicia." |
| 424 | Fortress Technologies, Inc. 4025 Tampa Road Suite 1111 Oldsmar, FL 34677 USA -Dennis Joyce
|
(Software Version: 2.4) (When operated in FIPS mode) Validated to FIPS 140-2 Security PolicyCertificate |
Software | 05/06/2004; 02/07/2006; 12/20/2006 |
Overall Level: 1
-Roles, Services, and Authentication: Level 2 -EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows XP Pro SP1, Windows 2000 SP2, Windows NT 4.0 SP2, Windows 98 2nd ed., Windows CE 3.0, PalmOS 4.1, MS DOS 6.20 and Windows CE v4.0 (single user mode) -FIPS-approved algorithms: Triple-DES (Certs. #19 and #457); SHS (Certs. #34 and #498); AES (Certs. #14 and #427); HMAC-SHA-1 (Cert. #34, vendor affirmed) -Other algorithms: DES (Cert. #23); Diffie-Hellman (key agreement) Multi-chip standalone"The AirFortress(tm) Client is a software module designed to deliver security on wireless devices such as bar scanners, handhelds, and laptops using various operatin |