Documentos de Académico
Documentos de Profesional
Documentos de Cultura
ValidatedFIPS1401andFIPS1402CryptographicModules
CMVPMainPage
ValidatedFIPS1401andFIPS1402CryptographicModules
Historical,19951997,1998,1999,2000,2001,2002,2003,2004,2005,2006,2007,2008,2009,2010,2011,2012,2013,2014,2015,
2016
All
LastUpdated:6/30/2016
Itisimportanttonotethattheitemsonthislistarecryptographicmodules.Amodulemayeitherbeanembeddedcomponentofaproductor
application,oracompleteproductinandofitself.Ifthecryptographicmoduleisacomponentofalargerproductorapplication,oneshould
contacttheproductorapplicationvendorinordertodeterminehowtheproductutilizestheembeddedvalidatedcryptographicmodule.There
maybealargernumberofsecurityproductsorapplicationsavailablewhichuseanembeddedvalidatedcryptographicmodule,thanthe
numberofmoduleswhicharefoundinthislist.Inaddition,othervendors,whoarenotfoundinthislist,mayincorporateavalidated
cryptographicmodulefromthislistembeddedintotheirownproducts.
Whenselectingamodulefromavendor,verifythatthemoduleiseithertheproductorapplicationitself(e.g.VPN,SmartCard,USBmemory
token,etc.)orthemoduleisembeddedinalargerproductorapplication(e.g.toolkit,etc.).Ifthemoduleisembeddedinaproductor
application,asktheproductorapplicationvendortoprovideasignedletterorstatementaffirmingthattheunmodifiedvalidated
cryptographicmoduleisintegratedinthesolutionthemoduleprovidesallthecryptographicservicesinthesolutionandprovidereferenceto
themodulesvalidationcertificatenumberfromthislisting.
NOTE1:ModuledescriptionsareprovidedbythemodulevendorsandhavenotbeenverifiedforaccuracybytheCMVP.Thedescriptions
donotimplyendorsementbytheU.S.orCanadianGovernmentsorNIST.Additionally,thedescriptionsmaynotnecessarilyreflectthe
capabilitiesofthemoduleswhenoperatedintheFIPSApprovedmode.Thealgorithms,protocols,andcryptographicfunctionslistedas
"otheralgorithms"(e.g.allowedornonFIPSApprovedalgorithms)havenotbeentestedthroughtheCMVP.
NOTE2:Theoperatorofacryptographicmoduleisresponsibleforensuringthatthealgorithmsandkeylengthsareincompliancewiththe
requirementsofNISTSP800131A.
NOTE3:Allquestionsregardingtheimplementationand/oruseofanymodulelocatedontheCMVPmodulevalidationlistsshouldfirstbe
directedtotheappropriatevendorpointofcontact(listedforeachentry).
PleasecontacttheCMVPifanyerrorsarediscoveredorcommentswithsuggestionsforimprovementofthevalidationlistings.
Cert#
Vendor/CSTLab
CryptographicModule
Module
Type
Val.
Date
Level/Description
2669 IntegritySecurity
INTEGRITYSecurityServices Software 06/30/2016 OverallLevel:1
Services/GreenHills
HighAssuranceEmbedded
Software
CryptographicToolkit
PhysicalSecurity:N/A
7585IrvineCenter
(SoftwareVersion:3.0.0)
MitigationofOtherAttacks:N/A
Drive
(WhenoperatedinFIPSmode.
OperationalEnvironment:FreeRTOS7.6
Suite250
Noassuranceoftheminimum
runningonPU4usinganARMCortexM4(ST
Irvine,CA92618
strengthofgeneratedkeys.The
MicroSTM32F4xxx)
USA
modulegeneratescryptographic
keyswhosestrengthsare
FIPSApprovedalgorithms:AES(Certs.#3773,
DavidSequino
modifiedbyavailableentropy.)
#3774,#3775,#3776and#3777)DRBG(Cert.#
TEL:2063106795
1043)ECDSA(Cert.#812)CVL(Cert.#720)
FAX:9783830560
ValidatedtoFIPS1402
HMAC(Cert.#2473)RSA(Cert.#1943)SHS
ConsolidatedValidation
(Cert.#3143)PBKDF(vendoraffirmed)
DouglasKovach
Certificate
TEL:7277814909
Otheralgorithms:AES(Cert.#3773,key
FAX:7277812915
SecurityPolicy
wrappingkeyestablishmentmethodology
providesbetween128and256bitsofencryption
CSTLab:NVLAP
strength)RSA(keywrappingkeyestablishment
1004320
methodologyprovides112bitsofencryption
strength)DiffieHellman(sharedsecret
computationprovides192bitsofencryption
strength)ECDiffieHellman(sharedsecret
computationprovidesbetween112and256bits
ofencryptionstrength)TripleDES(non
compliant)MD5HMACMD5
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
1/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
MultiChipStandAlone
"GreenHillsSoftware/INTERGRITYSecurity
Services(ISS)ECTisastandardsbasedcrypto
toolkitprovidingaflexibleframeworkto
integrateencryption,digitalsignaturesandother
securitymechanismsintoawiderangeof
applications.ISSECTisdesignedtosupport
multiplecryptographicproviderswithasingle
commonAPI,easilytargetedtoavarietyof
OperatingSystems."
2668 MotorolaSolutions,
Inc.
CzerwoneMaki82
Krakow30392
Poland
DariuszWolny
CSTLab:NVLAP
1004320
MotorolaNetworkRouter
Hardware 06/30/2016 OverallLevel:1
(MNR)S6000
(HardwareVersion:BaseUnit
EMI/EMC:Level3
P/NCLN1780LRevFwith
DesignAssurance:Level3
EncryptionModuleP/N
MitigationofOtherAttacks:N/A
CLN8261DRevNAFirmware
OperationalEnvironment:N/A
Version:GS16.8.1.06)
(WhenoperatedinFIPSmode)
FIPSApprovedalgorithms:AES(Certs.#173
and#3547)DRBG(Cert.#903)HMAC(Certs.
ValidatedtoFIPS1402
#39,#2265and#2266)RSA(Cert.#1827)SHS
ConsolidatedValidation
(Certs.#258and#2926)TripleDES(Certs.
Certificate
#275and#1986)CVL(Certs.#603,#604and
#605)
SecurityPolicy
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)NDRNGDESMD5HMACMD5
HMACSHA96(noncompliant)DSA(non
compliant)RNG
MultiChipStandAlone
"MNRS6000routersareversatile,secure
capabledevicesthatcanensuretimelydeliveryof
delaysensitivetraffic.Supportingsecure
integratedvoiceanddataapplicationsaswellas
highspeedsitetositeWANconnections,S6000
routersperformsimultaneousfunctions
includingcompressionanddataprioritization
withoutcompromisingtheirabilitytoaccomplish
additionalpackethandlingfunctionsasneeded.
Inadditiontothenormalroutingfunctions,the
MNRS6000supportsdataencryptionand
authenticationoverEthernetandFrameRelay
linksusingtheIPSecandFRF.17protocols."
2667 MicronTechnology,
MicronS650DCSASTCG
LLC
EnterpriseSSCSelf
MicronTechnology
EncryptingDrive
8000S.FederalWay
(HardwareVersions:
Boise,ID837169632
MTFDJAK400MBS
USA
BAN16FCYYES/
MTFDJAK400MBS
PaulBarna
2AN16FCYY,
TEL:2084921062
MTFDJAK800MBS
BAN16FCYYES/
MichaelSelzler
MTFDJAK800MBS
TEL:7204945217
2AN16FCYY,
MTFDJAL1T6MBS
CSTLab:NVLAP
BAN16FCYYES/
2004270
MTFDJAL1T6MBS
2AN16FCYY,
MTFDJAL3T2MBS
BAN16FCYYES/
MTFDJAL3T2MBS
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
2AN16FCYYFirmware
Version:MB13)
(Wheninstalled,initializedand
configuredasspecifiedin
Section7oftheSecurityPolicy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
2666 CambiumNetworks,
Ltd.
UnitB2,Linhay
BusinessPark,
EasternRoad
AshburtonTQ137UP
UK
MarkThomas
TEL:+441364
655586
FAX:+441364
655500
CSTLab:NVLAP
1004320
PTP700PointtoPoint
WirelessEthernetBridge
(HardwareVersions:P/Ns
C045070B001A,
C045070B002A,
C045070B003A,
C045070B004A,
C045070B005A,
C045070B006A,
C045070B007A,
C045070B008A,
C045070B009A,
C045070B010A,
C045070B011A,
C045070B012A,
C045070B013A,
C045070B014A,
C045070B015A,
C045070B016A,
C045070B017A,
C045070B018A,
C045070B019A,
C045070B020A,
C045070B021A,
C045070B022A,
C045070B023A,
C045070B024A,
C045070B025A,
C045070B026A,
C045070B027A,
C045070B028A,
C045070B029Aand
C045070B030AFirmware
Version:7000100FIPS)
(WhenoperatedinFIPSmode.
Noassuranceoftheminimum
strengthofgeneratedkeys)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
embodiedinMicronS650DCSASSEDmodel
solidstatedrive.Theseproductsmeetthe
performancerequirementsofthemostdemanding
Enterpriseapplications.Thecryptographic
module(CM)providesawiderangeof
cryptographicservicesusingFIPSapproved
algorithms.Servicesincludehardwarebaseddata
encryption(AESXTS),instantaneoususerdata
disposalwithcryptographicerase,independently
controlledandprotecteduserdataLBAbands
andauthenticatedFWdownload."
Hardware 06/29/2016 OverallLevel:2
Roles,Services,andAuthentication:Level3
DesignAssurance:Level3
MitigationofOtherAttacks:N/A
OperationalEnvironment:N/A
FIPSApprovedalgorithms:AES(Certs.#2594
and#2754)DRBG(Cert.#465)DSA(Cert.
#842)HMAC(Cert.#1728)SHS(Cert.#2323)
CVL(Certs.#202and#203)KTS(AESCert.
#2754andHMACCert.#1728key
establishmentmethodologyprovides128or256
bitsofencryptionstrength)
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovides112bitsof
encryptionstrength)MD5PRNG
MultiChipStandAlone
"ThePTP700isdeployedinpairstocreatea
wirelessbridgebetweentwoEthernetnetworks.
TheModuleoperatesinlicensed,lightly
licensed,andunlicensedfrequencybands
between4400MHzand5875MHz,inchannel
bandwidthsupto45MHz,providingaggregate
dataratesupto450Mbit/s.TheModule
transmitsandreceivesEthernetframesas
plaintext,andtransmitsandreceivesencrypted
wirelesssignals.TheModuleisavailablein24
differentvariants,consistingofcombinationsof
physicalformat,regionalvariants,capacity
variantsandATEX/HAZLOCunits."
2665 ARX(Algorithmic
Research)
10NevatimStreet
KiryatMatalon,
PetachTikva49561
USA
CoSign
Hardware 06/21/2016 OverallLevel:3
(HardwareVersions:7.0and8.0
FirmwareVersion:8.0)
MitigationofOtherAttacks:N/A
(WhenoperatedinFIPSmode.
OperationalEnvironment:N/A
Thismodulecontainsthe
embeddedmoduleeToken5105
FIPSApprovedalgorithms:CVL(Certs.#786
validatedtoFIPS1402under
and#787)DRBG(Certs.#98,#1137and
EzerFarhi
Cert.#1883operatinginFIPS
#1138)HMAC(Certs.#2551,#2552,#2563and
TEL:97239279529
mode.Noassuranceofthe
#2564)KTS(TripleDESCert.#2160and
minimumstrengthofgenerated
HMACCert.#2563keyestablishment
CSTLab:NVLAP
keys)
methodologyprovides112bitsofencryption
2000020
strength)KTS(TripleDESCert.#2161and
ValidatedtoFIPS1402
HMACCert.#2564keyestablishment
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
3/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
ConsolidatedValidation
Certificate
SecurityPolicy
methodologyprovides112bitsofencryption
strength)PBKDF(vendoraffirmed)RSA
(Certs.#2005and#2006)SHS(Certs.#3237,
#3238,#3248and#3249)TripleDES(Certs.
#2155,#2156#2160and#2161)TripleDES
MAC(TripleDESCerts.#2155and#2156,
vendoraffirmed)
Otheralgorithms:HMAC(noncompliant)
MD5NDRNGRSA(keywrappingkey
establishmentmethodologyprovides112bitsof
encryptionstrength)RSARESTfulTLS(key
wrappingnoncompliant)SHS(noncompliant)
TripleDES(noncompliant)
MultiChipStandAlone
"CoSignisadigitalsignatureappliancethatis
connectedtotheorganizationalnetworkand
managesallsignaturekeysandcertificatesof
organization'sendusers.Enduserswillconnect
securelytoCoSignfromtheirPCforthepurpose
ofsigningdocumentsanddata."
2664 AdvancedCard
SystemsLtd.
Units20102013,
20/FChevalier
CommercialCentre
8WangHoiRoad
KowloonBay
HongKong
ACOS564
Hardware 06/20/2016 OverallLevel:3
(HardwareVersion:ACOS564
FirmwareVersion:3.00)
MitigationofOtherAttacks:N/A
(Wheninstalled,initializedand
OperationalEnvironment:N/A
configuredasspecifiedinthe
SecurityPolicySectionSecure
FIPSApprovedalgorithms:AES(Cert.#3539)
Initialization.Noassuranceof
CVL(Cert.#591)DRBG(Cert.#893)RSA
theminimumstrengthof
(Cert.#1816)SHS(Cert.#2917)TripleDES
generatedkeys)
(Cert.#1982)TripleDESMAC(TripleDES
AndrewChan
Cert.#1982,vendoraffirmed)
TEL:+85227967873
ValidatedtoFIPS1402
FAX:+85227961286
ConsolidatedValidation
Otheralgorithms:NDRNGTripleDES(Cert.
Certificate
#1982,keywrappingkeyestablishment
CSTLab:NVLAP
methodologyprovides112bitsofencryption
2004270
SecurityPolicy
strength)
SingleChip
"ACOS564isahardwarecryptographicmodule
validatedagainstFIPS1402atSecurityLevel3.
Itisatwofactorauthenticationsmartcard
module.Itprovidesdigitalsignature
creation/verificationforonlineauthenticationand
dataencryption/decryptionforonline
transactions."
2663 PaloAltoNetworks
PA200,PA500,PA2000
Hardware 06/20/2016 OverallLevel:2
4401GreatAmerica
Series,PA3000Series,PA
06/23/2016
Parkway
4000Series,PA5000Series
CryptographicModuleSpecification:Level3
SantaClara,CA
andPA7050Firewalls
Roles,Services,andAuthentication:Level3
95054
(HardwareVersions:PA200P/N
DesignAssurance:Level3
USA
91000001500ERev.E[1],PA
MitigationofOtherAttacks:N/A
500P/N91000000600ORev.
OperationalEnvironment:N/A
JakeBajic
O[2],PA5002GBP/N910
TEL:4087534000
00009400ORev.O[2],PA
FIPSApprovedalgorithms:AES(Certs.#3931
2020P/N91000000400ZRev.
and#3932)RSA(Certs.#2008and#2009)
AmirShahhosseini
Z[3],PA2050P/N910000003
HMAC(Certs.#2554and#2555)DRBG(Certs.
TEL:4087534000
00ZRev.Z[3],PA3020P/N
#1140and1141)SHS(Certs.#3241and#3242)
91000001700JRev.J[4],PA
CVL(Certs.#782and783)
CSTLab:NVLAP
3050P/N91000001600JRev.J
1004320
[4],PA4020P/N910000002
Otheralgorithms:DiffieHellman(key
00ABRev.AB[5],PA4050P/N
agreementkeyestablishmentmethodology
91000000100ABRev.AB[5],
provides112bitsofencryptionstrength)RSA
PA4060P/N91000000500S
(keywrappingkeyestablishmentmethodology
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
4/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
Rev.S[5],PA5020P/N910
00001000FRev.F[6],PA5050
P/N91000000900FRev.F[6],
PA5060P/N91000000800F
Rev.F[6]andPA7050P/N910
00010200Bwith910000028
00BRev.B[7]FIPSKitP/Ns:
92000008400ARev.A[1],
92000000500ARev.A[2],
92000000400ARev.A[3],
92000008100ARev.A[4],
92000000300ARev.A[5],
92000003700ARev.A[6]and
92000011200ARev.A[7]
FirmwareVersion:6.0.13)
(WhenoperatedinFIPSmode
andwiththetamperevidentseals
andopacityshieldsinstalledas
indicatedintheSecurityPolicy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
provides112bitsofencryptionstrength)
NDRNGMD5RC4CamelliaRC2SEED
DES
MultiChipStandAlone
"ThePaloAltoNetworksPA200,PA500,PA
2000Series,PA3000Series,PA4000Series,
PA5000SeriesandPA7050firewallsaremulti
chipstandalonemodulesthatprovidenetwork
securitybyenablingenterprisestoseeand
controlapplications,users,andcontentusing
threeuniqueidentificationtechnologies:AppID,
UserID,andContentID.Theseidentification
technologiesenableenterprisestocreate
businessrelevantsecuritypolicessafely
enablingorganizationstoadoptnew
applications."
2081
ValidatedtoFIPS1402
Otheralgorithms:DiffieHellman(key
ConsolidatedValidation
agreementkeyestablishmentmethodology
CSTLab:NVLAP
Certificate
providesbetween112and192bitsofencryption
1004320
strengthnoncompliantlessthan112bitsof
SecurityPolicy
encryptionstrength)ECDiffieHellman(key
agreementkeyestablishmentmethodology
providesbetween112and256bitsofencryption
strengthnoncompliantlessthan112bitsof
encryptionstrength)RSA(keywrappingkey
establishmentmethodologyprovides112or128
bitsofencryptionstrength)PRNGECDSA
(noncompliant)TLSKDF(noncompliant)
MultiChipStandAlone
"TheLGFrameworkCryptographicModuleisa
softwarelibrarythatprovidescryptographic
functionality."
2661 HewlettPackard,
Enterprise
153TaylorStreet
Littleton,MA01460
USA
BobPittman
TEL:9782645211
FAX:9782645522
CSTLab:NVLAP
ValidatedtoFIPS1402
FIPSApprovedalgorithms:AES(Certs.#2943
ConsolidatedValidation
and#2990)CVL(Cert.#341)DRBG(Cert.
Certificate
#546)DSA(Cert.#875)HMAC(Certs.#1866
and#1896)RSA(Cert.#1546)SHS(Certs.
SecurityPolicy
#2479and#2511)
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
5/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
2004270
Otheralgorithms:DESDiffieHellman(key
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)HMACMD5MD5NDRNGRC4
RSA(keywrappingkeyestablishment
methodologyprovides112bitsofencryption
strengthnoncompliantlessthan112bitsof
encryptionstrength)
MultiChipEmbedded
"TheHPENetworkingdeviceissuitablefora
rangeofuses:attheedgeofanetwork,
connectingserverclustersinadatacenter,inan
enterpriseLANcore,andinlargescaleindustrial
networksandcampusnetworks.Thedevice
includesfixedportL2/L3managedEthernet
switchappliances.Thisdeviceisbasedonthe
Comware7.1platform."
2660 SamsungElectronics
SamsungSAS12GTCG
Hardware 06/16/2016 OverallLevel:2
Co.,Ltd.
EnterpriseSSCSEDsPM163x
27518,Samsung1ro
Series
EMI/EMC:Level3
Hwaseongsi,
(HardwareVersions:
MitigationofOtherAttacks:N/A
Gyeonggido445330 MZILS3T8HCJM000D8[1],
OperationalEnvironment:N/A
Korea
MZILS3T8HCJM000G6[2]
FirmwareVersions:CXP2[1],
FIPSApprovedalgorithms:AES(Cert.#3213)
JisooKim
NA00[2])
ECDSA(Cert.#595)SHS(Cert.#2660)DRBG
TEL:82313096
(Cert.#121)
2832
ValidatedtoFIPS1402
FAX:82318000
ConsolidatedValidation
Otheralgorithms:NDRNG
8000(+62832)
Certificate
MultiChipStandAlone
CSTLab:NVLAP
SecurityPolicy
2008020
"SamsungSAS12GTCGEnterpriseSSCSEDs
PM163xSeries,isaFIPS1402Level2SSD
(SolidStateDrive),supportingTCGEnterprise
SSCbasedSED(SelfEncryptingDrive)features,
designedtoprotectunauthorizedaccesstothe
userdatastoredinitsNANDFlashmemories.
ThebuiltinAESHWenginesinthe
cryptographicmodulescontrollerprovideon
theflyencryptionanddecryptionoftheuserdata
withoutperformanceloss.TheSEDsnaturealso
providesinstantaneoussanitizationoftheuser
dataviacryptographicerase."
2659 L3
eSRVIVR(r)CockpitVoiceand Firmware 06/16/2016 OverallLevel:2
Communications,
FlightDataRecorder
AviationRecorders (CVFDR)EncryptionModule
MitigationofOtherAttacks:N/A
100CattlemenRoad
(FirmwareVersion:1.0)
OperationalEnvironment:eSRVIVRCockpit
Sarasota,Florida
VoiceandFlightDataRecorder(Hardware
34232
ValidatedtoFIPS1402
version:14932003000)withNucleusPLUS
USA
ConsolidatedValidation
1.15.6
Certificate
TomFields
FIPSApprovedalgorithms:AES(Cert.#3754)
TEL:9413775540
SecurityPolicy
FAX:9413775591
Otheralgorithms:N/A
RobertS.Morich
TEL:9413710811,
x5774
FAX:9413775591
CSTLab:NVLAP
2000020
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
MultiChipEmbedded
"AsoftwarebasedAESimplementationina
CockpitVoiceandFlightDataRecorder
(CVFDR)thatsupports128,192,and256bitkey
lengths.Variousdatatypescanbeselectedfor
encryptionpriortobeingrecordedinacrash
protectedmodule."
6/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
2658 RubrikInc.
RubrikCryptographicLibrary Software 06/15/2016 OverallLevel:1
299SouthCalifornia
(SoftwareVersion:1.0)
Avenue
(WhenoperatedinFIPSmode.
PhysicalSecurity:N/A
Suite250
Themodulegenerates
MitigationofOtherAttacks:N/A
PaloAlto,CA94046
cryptographickeyswhose
OperationalEnvironment:Testedasmeeting
USA
strengthsaremodifiedby
Level1withSUSELinuxEnterprise11SP2ona
availableentropy.This
DellOptiPlex755
RubrikSupport
validationentryisanonsecurity
CentOS6.3onaDellOptiPlex755
relevantmodificationtoCert.
CentOS6.3onaGigaVUETA1
CSTLab:NVLAP
#2038.)
RedHatEnterpriseLinux6.3onaDellOptiPlex
2010290
755(singleusermode)
ValidatedtoFIPS1402
ConsolidatedValidation
FIPSApprovedalgorithms:AES(Cert.#2273)
Certificate
HMAC(Cert.#1391)DSA(Cert.#709)
ECDSA(Cert.#368)RSA(Cert.#1166)SHS
SecurityPolicy
(Cert.#1954)TripleDES(Cert.#1420)DRBG
(Cert.#281)CVL(Cert.#44)
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ECDiffieHellman(keyagreement
keyestablishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)RNGDualECDRBG
MultiChipStandAlone
"TheRubrikCryptographicLibraryprovides
FIPS1402validatedcryptographicfunctions
(includingSuiteBalgorithms)forRubriks
HybridAppliances."
2657 RedHat,Inc.
100EastDavieStreet
Raleigh,NC27601
USA
SteveGrubb
TEL:9783921000
FAX:9783921001
JaroslavReznk
TEL:+420532294
645
RedHatEnterpriseLinux
libgcryptCryptographic
Modulev4.0
(SoftwareVersion:4.0)
(WhenoperatedinFIPSmode)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
CSTLab:NVLAP
2006580
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
encryptionstrength)SEEDSerpentTiger
TwofishWhirlpool
MultiChipStandAlone
"ThelibgcryptFIPSRuntimeModuleisageneral
purposecryptographiclibrarydesignedto
provideFIPS1402validatedcryptographic
functionalityforusewiththehighlevelAPIof
thelibgcryptlibrarydeliveredwithRHEL7.1."
2656 MotorolaSolutions,
Inc.
CzerwoneMaki82
Krakow,IL30392
Poland
DariuszWolny
CSTLab:NVLAP
1004320
#1986)
ValidatedtoFIPS1402
ConsolidatedValidation
Otheralgorithms:DiffieHellman(key
Certificate
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
SecurityPolicy
compliantlessthan112bitsofencryption
strength)NDRNGDESMD5HMACMD5
HMACSHA196(noncompliant)DSA(non
compliant)RNG
MultiChipStandAlone
"GGM8000devicesareversatile,securecapable
devicesthatcanensuretimelydeliveryofdelay
sensitivetraffic.Supportingsecureintegrated
voiceanddataapplicationsaswellashighspeed
sitetositeWANconnections,GGM8000
performsimultaneousfunctionsincluding
compressionanddataprioritizationwithout
compromisingtheirabilitytoaccomplish
additionalpackethandlingfunctionsasneeded.
Inadditiontothenormalpacketforwarding
functions,theGGM8000supportsdata
encryptionandauthenticationoverEthernetand
FrameRelaylinksusingtheIPSecandFRF.17
protocols."
2655 NuvotonTechnology
Corporation
4,CreationRoadIII
HsinchuSciencePark
Taiwan
YossiTalmi
TEL:+9729
9702364
CSTLab:NVLAP
2005560
NPCT6XXTPM1.2
Hardware 06/09/2016 OverallLevel:1
(HardwareVersions:FB5C85D
andFB5C85EINTSSOP28
MitigationofOtherAttacks:N/A
PACKAGEandFB5C85Dand
OperationalEnvironment:N/A
FB5C85EINQFN32
PACKAGEFirmwareVersions:
FIPSApprovedalgorithms:AES(Certs.#3093
5.81.0.0,5.81.1.0)
and#3468)RSA(Certs.#1582and#1779)
(WhenoperatedinFIPSmode
HMAC(Certs.#1938and#2213)SHS(Certs.
andinstalled,initialized,and
#2554and#2863)CVL(Certs.#373and#535)
configuredasspecifiedinthe
SecurityPolicySection8)
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovides112bitsof
ValidatedtoFIPS1402
encryptionstrength)NDRNGAES(Certs.
ConsolidatedValidation
#3093and#3468,keywrapping)RNG
Certificate
SingleChip
SecurityPolicy
"NuvotonNPCT6XXTPM1.2isahardware
cryptographicmodulethatimplementsadvanced
cryptographicalgorithms,includingsymmetric
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
8/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
andasymmetriccryptographyaswellaskey
generationandrandomnumbergeneration."
2654 BroadcomLtd.
3151ZankerRoad
SanJose,CA95134
USA
GaryGoodman
TEL:4089221092
FAX:4089221023
AlfonsoIp
TEL:4089221023
FAX:4089228050
BCM58100B0Series:
BCM58101B0,BCM58102B0,
BCM58103B0
(HardwareVersions:P/Ns
BCM58101B0,BCM58102B0
andBCM58103B0)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
CSTLab:NVLAP
1004320
2653 CiscoSystems,Inc.
170WestTasman
Drive
SanJose,CA95134
USA
GlobalCertification
Team
CSTLab:NVLAP
2009970
CiscoAdaptiveSecurity
Appliance(ASA)Virtual
(SoftwareVersion:9.4)
(WhenoperatedinFIPSmode)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
2652 Vormetric,Inc.
2860JunctionAve
SanJose,CA95134
USA
PeterTsai
TEL:(669)7706927
VormetricDataSecurity
ManagerModule
(HardwareVersion:3.0
FirmwareVersion:5.3.0)
(WhenOperatedinFIPSmode.
TheprotocolSSHshallnotbe
usedwhenoperatedinFIPS
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
FAX:(408)8448638
SteveHe
TEL:(669)7706852
FAX:(408)8448638
CSTLab:NVLAP
2000020
mode.)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
FIPSApprovedalgorithms:AES(Certs.#3499
and#3536)SHS(Certs.#2887,#2914and
#2915)HMAC(Certs.#2234,#2259and
#2260)RSA(Cert.#1796)ECDSA(Cert.
#712)DRBG(Cert.#869)CVL(Certs.#589
and#590)KTS(AESCert.#3499andHMAC
Cert.#2234)
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovides112bitsof
encryptionstrength)ECDiffieHellman(key
agreementkeyestablishmentmethodology
provides128or192bitsofencryptionstrength)
TripleDES(noncompliant)MD5AriaSSH
KDF(noncompliant)NDRNG
MultiChipStandAlone
"TheVormetricDataSecurityServerisamulti
chipstandalonecryptographicmodule.The
VormetricDataSecurityServeristhecentral
pointofmanagementfortheVormetricData
Securityproduct.Itmanageskeysandpolicies,
andcontrolsVormetricTransparentEncryption
Agents.TheseagentscontaintheVormetric
EncryptionExpertCryptographicModule,which
hasbeenvalidatedseparatelyfromthismodule."
2651 Huawei
TechnologiesCo.,
Ltd.
HuaweiIndustrial
Base,Bantian
Longgang
Shenzhen,
Guangdong518129
China
blue.li@huawei.com
TEL:00860755
28976679
FAX:00860755
28976679
HuaweiFIPSCryptographic
Library(HFCL)
(SoftwareVersion:
V300R003C22SPC805)
(Wheninstalled,initializedand
configuredasspecifiedinthe
SecurityPolicySection6.1.No
assuranceoftheminimum
strengthofgeneratedkeys.)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
CSTLab:NVLAP
2008560
2650 CiscoSystems,Inc.
170WestTasman
Drive
SanJose,CA95134
USA
GlobalCertification
Team
CiscoASAServiceModule
Hardware 06/02/2016 OverallLevel:1
(SM)
(HardwareVersion:WSSVC
Roles,Services,andAuthentication:Level3
ASASM1K9Firmware
DesignAssurance:Level2
Version:9.4)
MitigationofOtherAttacks:N/A
(WhenoperatedinFIPSmode)
OperationalEnvironment:N/A
ValidatedtoFIPS1402
FIPSApprovedalgorithms:AES(Certs.#2050,
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
10/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
CSTLab:NVLAP
2009970
ConsolidatedValidation
Certificate
SecurityPolicy
#2444and#3439)CVL(Cert.#525)DRBG
(Certs.#332and#838)ECDSA(Cert.#693)
HMAC(Certs.#1247and#2188)RSA(Cert.
#1760)SHS(Certs.#1794and#2839)Triple
DES(Certs.#1321and#1937)
Otheralgorithms:DESDiffieHellman(key
agreementkeyestablishmentmethodology
providesbetween112and150bitsofencryption
strengthnoncompliantlessthan112bitsof
encryptionstrength)HMACMD5MD5
NDRNGRC4RSA(keywrappingkey
establishmentmethodologyprovides112bitsof
encryptionstrengthnoncompliantlessthan112
bitsofencryptionstrength)
MultiChipEmbedded
"ThemarketleadingCiscoASASecurity
ApplianceSeriesdeliverrobustuserand
applicationpolicyenforcement,multivector
attackprotection,andsecureconnectivity
servicesincosteffective,easytodeploy
solutions.TheCiscoASAServiceModule(SM)
providescomprehensivesecurity,performance,
andreliabilityfornetworkenvironmentsofall
sizes."
2649 Brocade
Communications
Systems,Inc.
130HolgerWay
SanJose,CA95134
USA
ChrisMarks
TEL:4083330480
FAX:4083338101
CSTLab:NVLAP
2008020
BrocadeICX6610and
Hardware 05/27/2016 OverallLevel:2
ICX7450Series
(HardwareVersions:{ICX6610
DesignAssurance:Level3
24FI(80100535004),
MitigationofOtherAttacks:N/A
ICX661024FE(801005345
OperationalEnvironment:N/A
04),ICX661024I(801005348
05),ICX661024E(80
FIPSApprovedalgorithms:AES(Certs.#1197,
100534305),ICX661024PI
#1269,#1276,#2697,#2981,#2984,#3008,
(80100534906),ICX661024P
#3139,#3142and#3438)KTS(AESCerts.
E(80100534406),ICX6610
#2984and#3438keyestablishment
48I(80100535105),ICX6610
methodologyprovides128bitsofencryption
48E(80100534605),
strength)SHS(Certs.#2265and#2505)HMAC
ICX661048PI(801005352
(Certs.#1679and#1890)DRBG(Certs.#442
06),ICX661048PE(80
and#569)RSA(Certs.#1396and#1565)CVL
100534706),ICX745024(80
(Certs.#161,#362,#386,#388,#390and#400)
100806001),ICX745024P(80
KBKDF(Certs.#36and#58)TripleDES(Certs.
100806101),ICX745048(80
#1617and#1764)DSA(Certs.#819and#887)
100806201),ICX745048P(80
100806301),ICX745048F(80
Otheralgorithms:RSA(keywrappingkey
100806401),withComponents
establishmentmethodologyprovides112bitsof
(80100526104801005259
encryptionstrength)DiffieHellman(key
0480100526203801005260
agreementkeyestablishmentmethodology
0380100716503801007166
provides112bitsofencryptionstrength)MD5
0380100833401801008333
NDRNGHMACMD5DESDSA(non
0180100833201801008331
compliant)TripleDES(noncompliant)
0180100830801801008309
01123400000829AR01
MultiChipStandAlone
123400000830AR01
123400000833AR01)}with
"TheICX6610seriesisanaccesslayerGigabit
FIPSKitXBR000195(80
Ethernetswitchdesignedfromthegroundupfor
100200602)FirmwareVersion:
theenterprisedatacenterenvironment.The
IronWareR08.0.30b)
Brocade7450Switchdeliverstheperformance
(WhenoperatedinFIPSmode
andscalabilityrequiredforenterpriseGigabit
withtamperevidentlabels
Ethernet(GbE)accessdeployments."
installedandwithconfigurations
asdefinedinTable5ofthe
SecurityPolicy.)
ValidatedtoFIPS1402
ConsolidatedValidation
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
11/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
Certificate
SecurityPolicy
2648 NetApp,Inc.
NetAppCryptographic
495E.JavaDrive
SecurityModule
Sunnyvale,CA94089
(SoftwareVersion:1.0)
USA
(WhenoperatedinFIPSmode.
Noassuranceoftheminimum
CSTLab:NVLAP
strengthofgeneratedkeys.)
2010290
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
2647 SPYRUS,Inc.
1860HartogDrive
SanJose,CA95131
USA
WilliamSandberg
Maitland
TEL:6132983416
FAX:4083920319
CSTLab:NVLAP
2008020
SPYCOS3.0QFN
Hardware 05/25/2016 OverallLevel:3
(HardwareVersion:
742100004FFirmwareVersion:
MitigationofOtherAttacks:N/A
3.0.2)
OperationalEnvironment:N/A
ValidatedtoFIPS1402
FIPSApprovedalgorithms:TripleDES(Cert.
ConsolidatedValidation
#1772)AES(Certs.#3028and#3115)KTS
Certificate
(AESCert.#3115keyestablishment
methodologyprovidesbetween128and256bits
SecurityPolicy
ofencryptionstrength)ECDSA(Cert.#578)
RSA(Cert.#1611)HMAC(Cert.#1913)SHS
(Cert.#2529)CVL(Cert.#419)KAS(Cert.
#52)DRBG(Cert.#658)
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
12/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovides112bitsof
encryptionstrength)NDRNG
SingleChip
"SPYCOS3.0isahardwareencryptionengine
inQFNformfactorsupportingSuiteB
functionalitythatisidealforembeddedand
secureflashstorageapplications."
2646 SamsungElectronics
Co.,Ltd.
R5416,Maetan3
dongYeongtongu
Suwonsi,Gyeonggi
443742
Korea
BumhanKim
TEL:+82109397
1589
SamsungFlashMemory
ProtectorV1.1
(HardwareVersion:3.0.1
SoftwareVersion:1.2)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
BrianWood
TEL:+1973440
9125
MultiChipStandAlone
"ThedriverfortheontheflyHardware
encryptionmoduletoflashmemoryforDisk/File
Encryptionsolution.TheHarwaremodule
supportsAESwithCBCmodeandXTSAES
cryptographicservices."
CSTLab:NVLAP
2006580
2645 HarrisCorporation
RF7800WBroadband
Hardware 05/13/2016 OverallLevel:2
RFCommunications
EthernetRadio
Division
(HardwareVersions:RF7800W
EMI/EMC:Level3
1680University
OU50x,OU47xandOU49x
MitigationofOtherAttacks:N/A
Avenue
FirmwareVersion:4.10)
OperationalEnvironment:N/A
Rochester,NY14610 (Wheninstalled,initializedand
USA
configuredasspecifiedin
FIPSApprovedalgorithms:AES(Certs.#3530
Section3.1oftheSecurityPolicy
and#3581)TripleDES(Cert.#1993)DRBG
StevenRuggieri
andthetamperevidentseals
(Cert.#920)SHS(Cert.#2943)HMAC(Cert.
TEL:5852397806
installedasindicatedinSection
#2281)RSA(Cert.#1842)DSA(Cert.#994)
FAX:5852418159
2.4oftheSecurityPolicy)
KAS(Cert.#69)CVL(Cert.#609)
CSTLab:NVLAP
ValidatedtoFIPS1402
Otheralgorithms:DiffieHellman(key
2009280
ConsolidatedValidation
agreementkeyestablishmentmethodology
Certificate
provides112bitsofencryptionstrength)RSA
(keywrappingkeyestablishmentmethodology
SecurityPolicy
provides112bitsofencryptionstrength)MD5
NDRNG
MultiChipStandAlone
"TheRF7800W(OU47x,OU49x,OU50x)
BroadbandEthernetRadio(BER)isdesignedfor
HighCapacityLineofSight(HCLOS)networks
withbroadbandEthernetrequirements.Theradio
canbemountedonamastforquickdeployment
oronatowersystemandisdesignedforlong
haulbackbonesystems.TheBERoperatesinthe
4.45.8GHzfrequencyband.TheBERisan
idealwirelessnetworkingsolutionforpublic
safety,firstresponders,trainingandsimulation
networksandlonghaul/shorthaulbattlefield
communications.TheRF7800Woperatesin
PointtoPointandPointtoMultipointinthe
sameplatform."
2644 ThaleseSecurity
Inc.
nShieldF310+,nShieldF3
500+,nShieldF36000+,
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
900SouthPineIsland
Road
Suite710
Plantation,FL33324
USA
nShieldF3500+fornShield
Connect+,nShieldF31500+
fornShieldConnect+and
nShieldF36000+fornShield
Connect+
(HardwareVersions:nC4033E
sales@thalesesec.com 010,nC4433E500,nC4433E
TEL:8887444976 6K0,nC4433E500N,nC4433E
1K5NandnC4433E6K0N,
CSTLab:NVLAP
BuildStandardNFirmware
2009960
Version:2.61.23)
(WhenoperatedinFIPSmode
andinitializedtoOverallLevel3
perSecurityPolicy.Theprotocol
TLSshallnotbeusedwhen
operatedinFIPSmode)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
MitigationofOtherAttacks:N/A
OperationalEnvironment:N/A
FIPSApprovedalgorithms:AES(Certs.#3420
and#3446)CVL(Certs.#516and#532)DRBG
(Cert.#825)DSA(Cert.#964)ECDSA(Cert.
#695)HMAC(Cert.#2178)KBKDF(Cert.
#56)KTS(AESCert.#3446keyestablishment
methodologyprovidesbetween128and256bits
ofencryptionstrength)RSA(Cert.#1752)SHS
(Cert.#2826)TripleDES(Cert.#1931)Triple
DESMAC(TripleDESCert.#1931,vendor
affirmed)
Otheralgorithms:ARC4AriaCamellia
CAST256DESDiffieHellman(CVLCert.
#516,keyagreementkeyestablishment
methodologyprovidesbetween112and256bits
ofencryptionstrengthnoncompliantlessthan
112bitsofencryptionstrength)ECDiffie
Hellman(CVLCert.#532,keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ECMQV(keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ElGamalHAS160HMACMD5
HMACRIPEMD160HMACTigerKCDSA
MD5NDRNGRIPEMD160RSA
(encrypt/decrypt)RSA(keywrappingkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)SEEDTigerTLSKDF(non
compliant)TripleDES(Cert.#1931,key
wrappingkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)
MultiChipEmbedded
"ThenShieldmodules:nShieldF310+,nShield
F3500+,nShieldF36000+,nShieldF3500+for
nShieldConnect+,nShieldF31500+fornShield
Connect+,nShieldF36000+fornShield
Connect+aretamperevidentandtamper
responsiveHardwareSecurityModuleswhich
providesupportforthewidestrangeof
cryptographicalgorithms,application
programminginterfaces(APIs)andhost
operatingsystems,enablingthedevicestobe
usedwithvirtuallyanybusinessapplication.The
unitsareidenticalinoperationandonlyvaryin
theprocessingspeed."
2643 ThaleseSecurity
Inc.
900SouthPineIsland
Road
Suite710
Plantation,FL33324
USA
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
14/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
CSTLab:NVLAP
2009960
operatedinFIPSmode)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
and#3446)CVL(Certs.#516and#532)DRBG
(Cert.#825)DSA(Cert.#964)ECDSA(Cert.
#695)HMAC(Cert.#2178)KBKDF(Cert.
#56)KTS(AESCert.#3446keyestablishment
methodologyprovidesbetween128and256bits
ofencryptionstrength)RSA(Cert.#1752)SHS
(Cert.#2826)TripleDES(Cert.#1931)Triple
DESMAC(TripleDESCert.#1931,vendor
affirmed)
Otheralgorithms:ARC4AriaCamellia
CAST256DESDiffieHellman(CVLCert.
#516,keyagreementkeyestablishment
methodologyprovidesbetween112and256bits
ofencryptionstrengthnoncompliantlessthan
112bitsofencryptionstrength)ECDiffie
Hellman(CVLCert.#532,keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ECMQV(keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ElGamalHAS160HMACMD5
HMACRIPEMD160HMACTigerKCDSA
MD5NDRNGRIPEMD160RSA
(encrypt/decrypt)RSA(keywrappingkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)SEEDTigerTLSKDF(non
compliant)TripleDES(Cert.#1931,key
wrappingkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)
MultiChipEmbedded
"ThenShieldmodules:nShieldF2500+,nShield
F21500+,nShieldF26000+aretamperevident
andtamperresponsiveHardwareSecurity
Moduleswhichprovidesupportforthewidest
rangeofcryptographicalgorithms,application
programminginterfaces(APIs)andhost
operatingsystems,enablingthedevicestobe
usedwithvirtuallyanybusinessapplication.The
unitsareidenticalinoperationandonlyvaryin
theprocessingspeed."
2642 ThaleseSecurity
MiniHSM,MiniHSMfor
Hardware 05/13/2016 OverallLevel:2
Inc.
nShieldEdgeF2,and
900SouthPineIsland
MiniHSMforTimeStamp
Roles,Services,andAuthentication:Level3
Road
MasterClock
PhysicalSecurity:Level3
Suite710
(HardwareVersions:nC4031Z
EMI/EMC:Level3
Plantation,FL33324 10,nC3021U10,andTSMC200,
DesignAssurance:Level3
USA
BuildStandardNFirmware
MitigationofOtherAttacks:N/A
Version:2.61.12)
OperationalEnvironment:N/A
sales@thalesesec.com (WhenoperatedinFIPSmode
TEL:8887444976 andinitializedtoOverallLevel2
FIPSApprovedalgorithms:AES(Cert.#3419)
perSecurityPolicy.Theprotocol
CVL(Cert.#515)DRBG(Cert.#824)DSA
CSTLab:NVLAP
TLSshallnotbeusedwhen
(Cert.#963)ECDSA(Cert.#686)HMAC(Cert.
2009960
operatedinFIPSmode)
#2177)KBKDF(Cert.#57)KTS(AESCert.
#3419keyestablishmentmethodologyprovides
ValidatedtoFIPS1402
between128and256bitsofencryptionstrength)
ConsolidatedValidation
RSA(Cert.#1751)SHS(Cert.#2825)Triple
Certificate
DES(Cert.#1930)TripleDESMAC(Triple
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
15/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
SecurityPolicy
DESCert.#1930,vendoraffirmed)
Otheralgorithms:ARC4AriaCamellia
CAST256DESDiffieHellman(CVLCert.
#515,keyagreementkeyestablishment
methodologyprovidesbetween112and256bits
ofencryptionstrengthnoncompliantlessthan
112bitsofencryptionstrength)ECDiffie
Hellman(CVLCert.#515,keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ECMQV(keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ElGamalHAS160HMACMD5
HMACRIPEMD160HMACTigerKCDSA
MD5NDRNGRIPEMD160RSA
(encrypt/decrypt)RSA(keywrappingkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)SEEDTigerTLSKDF(non
compliant)TripleDES(Cert.#1930,key
wrappingkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)
MultiChipEmbedded
"TheMiniHSM,MiniHSMfornShieldEdgeF2
andMiniHSMforTimeStampMasterClockare
fullyfeaturedHSMssuppliedinasinglechip
package.TheMiniHSMModulesofferallthe
securityandkeymanagementfeaturesofother
nShieldmodulesbutwithreducedprocessing
speed.TheMiniHSMmodulesareOEMparts
andwillbeincludedwithinotherappliancesor
products,forexampleswitchesorrouters.The
MiniHSMmoduleshavearealtimeclockwhich
alsomakesthemsuitableforuseasatime
stampingengine."
2641 ThaleseSecurity
Inc.
900SouthPineIsland
Road
Suite710
Plantation,FL33324
USA
#56)KTS(AESCert.#3446keyestablishment
ValidatedtoFIPS1402
methodologyprovidesbetween128and256bits
ConsolidatedValidation
ofencryptionstrength)RSA(Cert.#1752)SHS
Certificate
(Cert.#2826)TripleDES(Cert.#1931)Triple
DESMAC(TripleDESCert.#1931,vendor
SecurityPolicy
affirmed)
Otheralgorithms:ARC4AriaCamellia
CAST256DESDiffieHellman(CVLCert.
#516,keyagreementkeyestablishment
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
16/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
methodologyprovidesbetween112and256bits
ofencryptionstrengthnoncompliantlessthan
112bitsofencryptionstrength)ECDiffie
Hellman(CVLCert.#532,keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ECMQV(keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ElGamalHAS160HMACMD5
HMACRIPEMD160HMACTigerKCDSA
MD5NDRNGRIPEMD160RSA
(encrypt/decrypt)RSA(keywrappingkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)SEEDTigerTLSKDF(non
compliant)TripleDES(Cert.#1931,key
wrappingkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)
MultiChipEmbedded
"ThenShieldmodules:nShieldF210e,nShield
F2500e,nShieldF21500e,nShieldF26000eare
tamperevidentandtamperresponsiveHardware
SecurityModuleswhichprovidesupportforthe
widestrangeofcryptographicalgorithms,
applicationprogramminginterfaces(APIs)and
hostoperatingsystems,enablingthedevicestobe
usedwithvirtuallyanybusinessapplication.The
unitsareidenticalinoperationandonlyvaryin
theprocessingspeed."
2640 ThaleseSecurity
Inc.
900SouthPineIsland
Road
Suite710
Plantation,FL33324
USA
#515,keyagreementkeyestablishment
ValidatedtoFIPS1402
methodologyprovidesbetween112and256bits
ConsolidatedValidation
ofencryptionstrengthnoncompliantlessthan
Certificate
112bitsofencryptionstrength)ECDiffie
Hellman(CVLCert.#515,keyagreementkey
SecurityPolicy
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ECMQV(keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
strength)ElGamalHAS160HMACMD5 17/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
strength)ElGamalHAS160HMACMD5
HMACRIPEMD160HMACTigerKCDSA
MD5NDRNGRIPEMD160RSA
(encrypt/decrypt)RSA(keywrappingkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)SEEDTigerTLSKDF(non
compliant)TripleDES(Cert.#1930,key
wrappingkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)
MultiChipEmbedded
"ThenShieldmodules:nShieldF310e,nShield
F3500e,nShieldF31500e,nShieldF36000e,
nShieldF3500efornShieldConnect,nShieldF3
1500efornShieldConnect,nShieldF36000efor
nShieldConnectaretamperevidentandtamper
responsiveHardwareSecurityModuleswhich
providesupportforthewidestrangeof
cryptographicalgorithms,application
programminginterfaces(APIs)andhost
operatingsystems,enablingthedevicestobe
usedwithvirtuallyanybusinessapplication.The
unitsareidenticalinoperationandonlyvaryin
theprocessingspeed."
2639 ThaleseSecurity
MiniHSM,MiniHSMfor
Hardware 05/13/2016 OverallLevel:3
Inc.
nShieldEdgeF3,and
900SouthPineIsland
MiniHSMforTimeStamp
MitigationofOtherAttacks:N/A
Road
MasterClock
OperationalEnvironment:N/A
Suite710
(HardwareVersions:nC4031Z
Plantation,FL33324 10,nC4031U10andTSMC200,
FIPSApprovedalgorithms:AES(Cert.#3419)
USA
BuildStandardNFirmware
CVL(Cert.#515)DRBG(Cert.#824)DSA
Version:2.61.13)
(Cert.#963)ECDSA(Cert.#686)HMAC(Cert.
sales@thalesesec.com (WhenoperatedinFIPSmode
#2177)KBKDF(Cert.#57)KTS(AESCert.
TEL:8887444976 andinitializedtoOverallLevel3
#3419keyestablishmentmethodologyprovides
perSecurityPolicy.Theprotocol
between128and256bitsofencryptionstrength)
CSTLab:NVLAP
TLSshallnotbeusedwhen
RSA(Cert.#1751)SHS(Cert.#2825)Triple
2009960
operatedinFIPSmode)
DES(Cert.#1930)TripleDESMAC(Triple
DESCert.#1930,vendoraffirmed)
ValidatedtoFIPS1402
ConsolidatedValidation
Otheralgorithms:ARC4AriaCamellia
Certificate
CAST256DESDiffieHellman(CVLCert.
#515,keyagreementkeyestablishment
SecurityPolicy
methodologyprovidesbetween112and256bits
ofencryptionstrengthnoncompliantlessthan
112bitsofencryptionstrength)ECDiffie
Hellman(CVLCert.#515,keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ECMQV(keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ElGamalHAS160HMACMD5
HMACRIPEMD160HMACTigerKCDSA
MD5NDRNGRIPEMD160RSA
(encrypt/decrypt)RSA(keywrappingkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)SEEDTigerTLSKDF(non
compliant)TripleDES(Cert.#1930,key
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
18/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
wrappingkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)
MultiChipEmbedded
"TheMiniHSM,MiniHSMfornShieldEdgeF3
andMiniHSMforTimeStampMasterClockare
fullyfeaturedHSMssuppliedinasinglechip
package.TheMiniHSMModulesofferallthe
securityandkeymanagementfeaturesofother
nShieldmodulesbutwithreducedprocessing
speed.TheMiniHSMmodulesareOEMparts
andwillbeincludedwithinotherappliancesor
products,forexampleswitchesorrouters.The
MiniHSMmoduleshavearealtimeclockwhich
alsomakesthemsuitableforuseasatime
stampingengine."
2638 ThaleseSecurity
Inc.
900SouthPineIsland
Road
Suite710
Plantation,FL33324
USA
nShieldF310+,nShieldF3
Hardware 05/13/2016 OverallLevel:2
500+,nShieldF36000+,
nShieldF3500+fornShield
Roles,Services,andAuthentication:Level3
Connect+,nShieldF31500+
PhysicalSecurity:Level3
fornShieldConnect+and
EMI/EMC:Level3
nShieldF36000+fornShield
DesignAssurance:Level3
Connect+
MitigationofOtherAttacks:N/A
(HardwareVersions:nC4033E
OperationalEnvironment:N/A
sales@thalesesec.com 010,nC4433E500,nC4433E
TEL:8887444976 6K0,nC4433E500N,nC4433E
FIPSApprovedalgorithms:AES(Certs.#3420
1K5NandnC4433E6K0N,
and#3446)CVL(Certs.#516and#532)DRBG
CSTLab:NVLAP
BuildStandardNFirmware
(Cert.#825)DSA(Cert.#964)ECDSA(Cert.
2009960
Version:2.61.22)
#695)HMAC(Cert.#2178)KBKDF(Cert.
(WhenoperatedinFIPSmode
#56)KTS(AESCert.#3446keyestablishment
andinitializedtoOverallLevel2
methodologyprovidesbetween128and256bits
perSecurityPolicy.Theprotocol
ofencryptionstrength)RSA(Cert.#1752)SHS
TLSshallnotbeusedwhen
(Cert.#2826)TripleDES(Cert.#1931)Triple
operatedinFIPSmode)
DESMAC(TripleDESCert.#1931,vendor
affirmed)
ValidatedtoFIPS1402
ConsolidatedValidation
Otheralgorithms:ARC4AriaCamellia
Certificate
CAST256DESDiffieHellman(CVLCert.
#516,keyagreementkeyestablishment
SecurityPolicy
methodologyprovidesbetween112and256bits
ofencryptionstrengthnoncompliantlessthan
112bitsofencryptionstrength)ECDiffie
Hellman(CVLCert.#532,keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ECMQV(keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ElGamalHAS160HMACMD5
HMACRIPEMD160HMACTigerKCDSA
MD5NDRNGRIPEMD160RSA
(encrypt/decrypt)RSA(keywrappingkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)SEEDTigerTLSKDF(non
compliant)TripleDES(Cert.#1931,key
wrappingkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
19/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
MultiChipEmbedded
"ThenShieldmodules:nShieldF310+,nShield
F3500+,nShieldF36000+,nShieldF3500+for
nShieldConnect+,nShieldF31500+fornShield
Connect+,nShieldF36000+fornShield
Connect+aretamperevidentandtamper
responsiveHardwareSecurityModuleswhich
providesupportforthewidestrangeof
cryptographicalgorithms,application
programminginterfaces(APIs)andhost
operatingsystems,enablingthedevicestobe
usedwithvirtuallyanybusinessapplication.The
unitsareidenticalinoperationandonlyvaryin
theprocessingspeed."
2637 PaloAltoNetworks
PA200,PA500,PA2000
Hardware 05/13/2016 OverallLevel:2
4401GreatAmerica
Series,PA3000Series,PA
Parkway
4000Series,PA5000Series
Roles,Services,andAuthentication:Level3
SantaClara,CA
andPA7050Firewalls
DesignAssurance:Level3
95054
(HardwareVersions:PA200P/N
MitigationofOtherAttacks:N/A
USA
91000001500ERev.E[1],PA
OperationalEnvironment:N/A
500P/N91000000600ORev.
RichardBishop
O[2],PA5002GBP/N910
FIPSApprovedalgorithms:AES(Cert.#3475)
TEL:4087534000
00009400ORev.O[2],PA
ECDSA(Cert.#713)RSA(Cert.#1782)
2020P/N91000000400ZRev.
HMAC(Cert.#2220)SHS(Cert.#2870)DRBG
JakeBajic
Z[3],PA2050P/N910000003
(Cert.#870)CVL(Certs.#564,#565,#566and
TEL:4087534000
00ZRev.Z[3],PA3020P/N
#567)
91000001700JRev.J[4],PA
CSTLab:NVLAP
3050P/N91000001600JRev.J
Otheralgorithms:ECDiffieHellman(CVL
1004320
[4],PA4020P/N910000002
Cert.#567,keyagreementkeyestablishment
00ABRev.AB[5],PA4050P/N
methodologyprovides128bitsor192bitsof
91000000100ABRev.AB[5],
encryptionstrengthnoncompliantlessthan112
PA4060P/N91000000500S
bitsofencryptionstrength)DiffieHellman(key
Rev.S[5],PA5020P/N910
agreementkeyestablishmentmethodology
00001000FRev.F[6],PA5050
provides112bitsofencryptionstrengthnon
P/N91000000900FRev.F[6],
compliantlessthan112bitsofencryption
PA5060P/N91000000800F
strength)AES(Cert.#3475,keywrappingkey
Rev.F[6]andPA7050P/N910
establishmentmethodologyprovides128or256
00010200BRev.Bwith910
bitsofencryptionstrength)RSA(keywrapping
00002800Bor91000011700A
keyestablishmentmethodologyprovides112bits
Rev.B[7]FIPSKitP/Ns:920
or128bitsofencryptionstrengthnoncompliant
00008400ARev.A[1],920
lessthan112bitsofencryptionstrength)
00000500ARev.A[2],920
NDRNGMD5RIPEMDCamelliaSEED
00000400ARev.A[3],920
TripleDES(noncompliant)BlowfishCAST
00008100ARev.A[4],920
RC4UMACHMACMD5HMACRIPEMD
00000300ARev.A[5],920
DSA(noncompliant)
00003700ARev.A[6],and
92000011200ARev.A[7]
MultiChipStandAlone
FirmwareVersions:7.0.1h4and
7.0.3)
"ThePaloAltoNetworksPA200,PA500,PA
(WhenoperatedinFIPSmode
2000Series,PA3000Series,PA4000Series,
andwiththetamperevidentseals
PA5000SeriesandPA7050firewallsaremulti
andopacityshieldsinstalledas
chipstandalonemodulesthatprovidenetwork
indicatedintheSecurityPolicy)
securitybyenablingenterprisestoseeand
controlapplications,users,andcontentusing
ValidatedtoFIPS1402
threeuniqueidentificationtechnologies:AppID,
ConsolidatedValidation
UserID,andContentID.Theseidentification
Certificate
technologiesenableenterprisestocreate
businessrelevantsecuritypolicessafely
SecurityPolicy
enablingorganizationstoadoptnew
applications."
2636 Redline
Communications
302TownCentre
Blvd.
4thFoor
Markham,ONL3R
RDL3000andeLTEMT
Hardware 05/13/2016 OverallLevel:2
(HardwareVersions:RDL3000,
eLTEMTFirmwareVersion:
EMI/EMC:Level3
3.1)
MitigationofOtherAttacks:N/A
(Wheninstalled,initializedand
OperationalEnvironment:N/A
configuredasspecifiedin
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
20/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
0E8
Canada
AndrewSpurgeon
TEL:9054798344
FAX:9054795331
CSTLab:NVLAP
2009280
Section3.1oftheSecurityPolicy
andthetamperevidentseals
installedasindicatedinthe
SecurityPolicy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
FIPSApprovedalgorithms:AES(Certs.#3469
and#3472)DRBG(Cert.#854)SHS(Certs.
#2866and#2867)HMAC(Certs.#2216and
#2217)RSA(Cert.#1780)DSA(Cert.#981)
KAS(Cert.#63)ECDSA(Cert.#703)CVL
(Cert.#541)
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrength)RSA
(keywrappingkeyestablishmentmethodology
provides112bitsofencryptionstrength)
NDRNG
MultiChipStandAlone
"TheRDL3000,ElteMTBroadbandWireless
SystemsbyRedlineCommunicationsleverage
provenorthogonalfrequencydivision
multiplexing(OFDM)technologytodeliver
highspeedEthernetthroughputoverwireless
links."
2635 CienaCorporation
7035RidgeRoad
Hanover,MD21076
USA
PatrickScully
TEL:6136703207
CSTLab:NVLAP
2009280
Ciena6500PacketOptical
Platform4x10G
(HardwareVersion:2.0
FirmwareVersion:2.00)
(Wheninstalled,initializedand
configuredasspecifiedin
Section3.1oftheSecurity
Policy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
2634 SeagateTechnology
SeagateSecureTCG
Hardware 05/13/2016 OverallLevel:2
LLC
EnterpriseSSC1200.2SSD
1280DiscDrive
SelfEncryptingDrive
EMI/EMC:Level3
Shakopee,MN55379
(HardwareVersions:
MitigationofOtherAttacks:N/A
USA
ST400FM0293,ST800FM0213,
OperationalEnvironment:N/A
ST1600FM0023and
DavidRKaiser,PMP
ST3200FM0043Firmware
FIPSApprovedalgorithms:AES(Certs.#1343,
TEL:9524022356
Version:3504)
#2841,#2947and#3441)DRBG(Cert.#62)
FAX:9524021273
(Wheninstalled,initializedand
HMAC(Certs.#1597and#2190)KTS(AES
configuredasspecifiedin
Cert.#2947)PBKDF(vendoraffirmed)RSA
CSTLab:NVLAP
Section7oftheSecurityPolicy)
(Certs.#1021and#1762)SHS(Certs.#1225and
2004270
#2841)
ValidatedtoFIPS1402
ConsolidatedValidation
Otheralgorithms:NDRNG
Certificate
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
21/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
SecurityPolicy
MultiChipEmbedded
"TheSeagateSecureTCGEnterpriseSSCSelf
EncryptingDriveFIPS1402Moduleis
embodiedinSeagate1200.2SSDSEDmodel
diskdrives.Theseproductsmeettheperformance
requirementsofthemostdemandingEnterprise
applications.Thecryptographicmodule(CM)
providesawiderangeofcryptographicservices
usingFIPSapprovedalgorithms.Servicesinclude
hardwarebaseddataencryption,instantaneous
userdatadisposalwithcryptographicerase,
independentlycontrolledandprotecteduserdata
LBAbandsandauthenticatedFWdownload."
2633 RedHat,Inc.
100EastDavieStreet
Raleigh,NC27601
USA
SteveGrubb
TEL:9783921000
FAX:9783921001
JaroslavReznk
TEL:+420532294
645
CSTLab:NVLAP
2006580
RedHatEnterpriseLinux
OpenSSHClient
CryptographicModule
(SoftwareVersion:4.0)
(WhenoperatedinFIPSmode
withmoduleRedHatEnterprise
Linux7.1OpenSSLModule
validatedtoFIPS1402under
Cert.#2441operatinginFIPS
mode.Themodulegenerates
cryptographickeyswhose
strengthsaremodifiedby
availableentropy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
2632 DellSoftware,Inc.
5450GreatAmerica
Pkwy
SantaClara,CA
95054
USA
LawrenceWagner
TEL:4087527886
UshaSanagala
DellSonicWALLSM9800
Hardware 05/12/2016 OverallLevel:2
(HardwareVersions:P/N101
50038071,Rev.AFirmware
CryptographicModuleSpecification:Level3
Version:SonicOSv6.2.1)
DesignAssurance:Level3
(WhenoperatedinFIPSmode)
MitigationofOtherAttacks:N/A
OperationalEnvironment:N/A
ValidatedtoFIPS1402
ConsolidatedValidation
FIPSApprovedalgorithms:AES(Cert.#3403)
Certificate
TripleDES(Cert.#1925)SHS(Cert.#2816)
DSA(Cert.#960)RSA(Cert.#1742)HMAC
SecurityPolicy
(Cert.#2171)DRBG(Cert.#815)CVL(Cert.
#503)
CSTLab:NVLAP
1004320
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)RNGNDRNGMD5RC4RSA
(noncompliant)
MultiChipStandAlone
"TheDellSonicWALLSuperMassiveSeries
isDell'sNextGenerationFirewall(NGFW)
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
22/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
platformdesignedforlargenetworkstodeliver
scalability,reliabilityanddeepsecurityatmulti
gigabitspeedswithnearzerolatency."
2631 IntelCorporation
IntelOpenSSLFIPSObject
Software 05/03/2016 OverallLevel:1
2200MissionCollege
Module
Blvd.
(SoftwareVersions:2.0.5and
Roles,Services,andAuthentication:Level2
SantaClara,CA
2.0.8)
PhysicalSecurity:N/A
950541549
(Whenbuilt,installed,protected
DesignAssurance:Level3
USA
andinitializedasassumedbythe
MitigationofOtherAttacks:N/A
CryptoOfficerroleandas
OperationalEnvironment:Linux3.10on
MarkHanson
specifiedintheprovidedSecurity
VMwareESXi6.00runningonIntelXeonwith
TEL:6516281633
Policy.AppendixAofthe
PAA(gccCompilerVersion4.8.3)
providedSecurityPolicy
Linux3.10onVmwareESXi6.00runningon
CSTLab:NVLAP
specifiestheactualdistribution
IntelXeonwithoutPAA(gccCompilerVersion
2009280
tarfilecontainingthesource
4.8.3)
codeofthismodule.Thereshall
Linux3.10runningonIntelXeonwithPAA(gcc
benoadditions,deletionsor
CompilerVersion4.8.3)
alterationstothetarfilecontents
Linux3.10runningonIntelXeonwithoutPAA
asusedduringmodulebuild.The
(gccCompilerVersion4.8.3)
distributiontarfileshallbe
verifiedasspecifiedinAppendix
FIPSApprovedalgorithms:AES(Certs.#3848
AoftheprovidedSecurityPolicy.
and#3849)DRBG(Certs.#1092and#1093)
Installationandprotectionshall
DSA(Certs.#1051and#1052)HMAC(Certs.
becompletedasspecifiedin
#2496and#2497)RSA(Certs.#1965and
AppendixAoftheprovided
#1966)SHS(Certs.#3170and#3171)Triple
SecurityPolicy.Initialization
DES(Certs.#2119and#2120)ECDSA(Certs.
shallbeinvokedasperSection4
#831and#832)CVL(Certs.#735and#736)
oftheprovidedSecurityPolicy.
Anydeviationfromspecified
Otheralgorithms:ECDiffieHellmanRSA
verification,protection,
(encrypt/decrypt)RNG(noncompliant)Dual
installationandinitialization
ECDRBG
procedureswillresultinanon
FIPS1402compliantmodule.)
MultiChipStandAlone
ValidatedtoFIPS1402
"TheIntelOpenSSLFIPSObjectModule
ConsolidatedValidation
providescryptographicservicesforIntelSecurity
Certificate
products."
SecurityPolicy
2630 RedHat,Inc.
100EastDavieStreet
Raleigh,NC27601
USA
SteveGrubb
TEL:9783921000
FAX:9783921001
JaroslavReznk
TEL:+420532294
645
CSTLab:NVLAP
2006580
RedHatEnterpriseLinux
OpenSSHServer
CryptographicModule
(SoftwareVersion:4.0)
(WhenoperatedinFIPSmode
withmoduleRedHatEnterprise
Linux7.1OpenSSLModule
validatedtoFIPS1402under
Cert.#2441operatinginFIPS
mode.Themodulegenerates
cryptographickeyswhose
strengthsaremodifiedby
availableentropy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
23/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
cryptographicmechanismsusetheOpenSSL
libraryinFIPS1402mode."
2629 ZebraTechnologies,
ZBR88W8787WLAN
Firmware 05/01/2016 OverallLevel:1
Corp.
(HardwareVersions:P/N:
Hybrid
475HalfDayRoad 88W8787,Version1.0Firmware
MitigationofOtherAttacks:N/A
Suite500
Version:MarvellFirmware
OperationalEnvironment:ZebraQLn320Printer
Lincolnshire,IL
Version14.66.35.p51Zebra
withQNX6.5.0
60069
DriverFirmwareVersion1.2)
USA
(WhenoperatedinFIPSmode)
FIPSApprovedalgorithms:AES(Cert.#3003)
HMAC(Cert.#2248)SHS(Cert.#2902)
BrianStormont
ValidatedtoFIPS1402
TEL:4012765751
ConsolidatedValidation
Otheralgorithms:SAFER+
FAX:4012765889
Certificate
MultiChipStandAlone
GerryCorriveau
SecurityPolicy
TEL:4012765667
"TheZBR88W8787WLANModule
FAX:4012765889
implementscryptographicsupportforZebra
wirelessdevices."
CSTLab:NVLAP
1004320
2628 Giesecke&Devrient StarSignCryptoUSBTokenS Hardware 04/28/2016 OverallLevel:3
GmbH
poweredbySm@rtCaf
Prinzregentenstrasse
Expert7.0SecureElement
OperationalEnvironment:N/A
159
(HardwareVersion:
Munich,BavariaD
SLE78CUFX5000PH(M7893
FIPSApprovedalgorithms:DRBG(Cert.#455)
81677
B11)FirmwareVersions:
TripleDES(Cert.#1637)TripleDESMAC
Germany
Sm@rtCafExpert7.0,
(TripleDESCert.#1637,vendoraffirmed)AES
DemonstrationAppletV1.0)
(Certs.#2720and#2721)SHS(Certs.#2288,
AlexanderSummerer
#2289and#2290)RSA(Certs.#1506and
TEL:+4989/4119
ValidatedtoFIPS1402
#1507)DSA(Cert.#837)ECDSA(Cert.#476)
2418
ConsolidatedValidation
KBKDF(Cert.#18)CVL(Cert.#177)
FAX:+4989/4119
Certificate
2819
Otheralgorithms:AES(Cert.#2721,key
SecurityPolicy
wrappingkeywrappingestablishment
RodrigueGil
methodologyprovidesbetween128and256bits
TEL:+4989/4119
ofencryptionstrength)NDRNG
3492
FAX:+4989/4119
SingleChip
783492
"StarSignCryptoUSBTokenSpoweredby
CSTLab:NVLAP
Sm@rtCafExpert7.0SecureElementisa
1004320
highlysecuredandintegratedsmartcardbased
platformfromGiesecke&Devrientcomplying
withJavaCardClassic3.0.4andGlobalPlatform
2.2.1standards.TheSm@rtCafExpert7.0OS
platformisdeployedinnationalID,ePassport,
authenticationanddigitalsignatureprograms
withmatchoncardbiometric
verification.StarSignCryptoUSBTokenSisthe
idealplatforminaUSBTokenformfactorfor
securelogicalaccess,onlinetaxdeclaration,web
basedonlineauthenticationapplicationsusing
FIDOandcertificate"
2627 NuvotonTechnology
Corporation
4,CreationRoadIII
HsinchuSciencePark
Taiwan
YossiTalmi
TEL:+9729
9702364
CSTLab:NVLAP
2005560
NPCT6XXTPM2.0
(HardwareVersions:FB5C85D
andFB5C85EINTSSOP28
PACKAGEandFB5C85Dand
FB5C85EINQFN32
PACKAGEFirmwareVersion:
1.3.0.1)
(Wheninstalled,initialized,and
configuredasspecifiedinthe
SecurityPolicySection8and
operatedinFIPSmode)
ValidatedtoFIPS1402
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
ConsolidatedValidation
Certificate
SecurityPolicy
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovides112bitsof
encryptionstrength)NDRNGAES(Certs.
#3541and#3542,keywrapping,key
establishmentmethodologyprovides128bitsof
encryptionstrength)
SingleChip
"NuvotonNPCT6XXTPM2.0isahardware
cryptographicmodulethatimplementsadvanced
cryptographicalgorithms,includingsymmetric
andasymmetriccryptographyaswellaskey
generationandrandomnumbergeneration."
2626 CenturyLongmai
TechnologyCo.Ltd
3rdFloor,Gongkong
Building
No.1Wangzhuang
Rd
HaidianDistrict
Beijing,VendorState
100083
China
LemonYang
TEL:+86
13810314817
FAX:+8610
62313636
mTokenCryptoID
Hardware 04/14/2016 OverallLevel:3
(HardwareVersion:SCCX
FirmwareVersion:3.11)
MitigationofOtherAttacks:N/A
(WhenoperatedinFIPSmode)
OperationalEnvironment:N/A
ValidatedtoFIPS1402
FIPSApprovedalgorithms:TripleDES(Cert.
ConsolidatedValidation
#1994)AES(Cert.#3582)SHS(Cert.#2944)
Certificate
DRBG(Cert.#921)ECDSA(Cert.#728)RSA
(Cert.#1843)HMAC(Cert.#2282)KAS(Cert.
SecurityPolicy
#70)CVL(Cert.#610)KAS(SP80056Arev2
withCVLCert.#610,vendoraffirmed)KTS
(TripleDESCert.#1994)KTS(AESCert.
#3582)
Otheralgorithms:SHS(noncompliant)RSA
(keywrappingnoncompliantlessthan112bits
ofencryptionstrength)HMAC(noncompliant)
NDRNG
CSTLab:NVLAP
2006580
MultiChipStandAlone
"mTokenCryptoIDisdesignedbasedonasecure
smartcardchipthatutilizestheinbuiltmCOSto
communicatewithcomputerdeviceviaUSB
interfaceina"plugandplay"manner.Itcan
realizevariousPublicKeyInfrastructure(PKI)
applicationsincludingdigitalsignature,online
authentications,onlinetransactions,software
security,etc."
2625 ECITelecomLtd.
30,HasivimStreet
PetachTikvah49517
Israel
MilindBarve
TEL:+91
9987537250
FAX:+9723928
7100
ECITR10_4ENEncryption
Module
(HardwareVersions:Board
Type=0x856B,Revision#D3
FirmwareVersion:R6.3)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
CSTLab:NVLAP
2005560
2624 SiemensPLM
SoftwareInc.
5800Granite
Parkway
Suite600
Plano,TX75024
USA
TeamcenterCryptographic
Module
(SoftwareVersion:3.0)
(WhenoperatedinFIPSmode.
Whenentropyisexternally
loaded,noassuranceofthe
minimumstrengthofgenerated
keys)
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
VikasSingh
TEL:6518556176
CSTLab:NVLAP
2004270
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
32bit)runningonanHPCompaqPro6305
Windows7SP1(x64)runningonanHPCompaq
Pro6305
SUSELinux11.2(x64)runningonanHP
CompaqPro6305
MacOSX10.11(x64)runningonaMacMini
(singleusermode)
FIPSApprovedalgorithms:AES(Cert.#3680)
CVL(Cert.#676)DRBG(Cert.#988)DSA
(Cert.#1037)ECDSA(Cert.#774)HMAC
(Cert.#2426)RSA(Cert.#1901)SHS(Cert.
#3094)TripleDES(Cert.#2058)
Otheralgorithms:DESDiffieHellman(non
compliant)ECDiffieHellman(CVLCert.#676,
keyagreementkeyestablishmentmethodology
providesbetween112and256bitsofencryption
strength)MD5NDRNGRNGRSA(key
wrappingkeyestablishmentmethodology
providesbetween112and150bitsofencryption
strengthnoncompliantlessthan112bitsof
encryptionstrength)
MultiChipStandAlone
"Teamcenterpowersinnovationandproductivity
byconnectingpeopleandprocesseswith
knowledge.Teamcenteristhedefactostandard
forPLMdeployment,providingsolutionsto
drivebusinessperformancegoals.Thisincludes
theneedtoincreasetheyieldofinnovation,
compresstimetomarket,meetbusinessand
regulatoryrequirements,optimizeoperational
resourcesandmaximizeglobalization
advantages.WiththisFCAPFIPScertification
status,Teamcenternowoffersthebestinclass
andhighestlevelsofencryptiontooursecurity
consciouscustomers."
CentOS6.3onaDellOptiPlex755
RaviMahendrakar
ValidatedtoFIPS1402
RedHatEnterpriseLinux6.3onaDellOptiPlex
ConsolidatedValidation
755(singleusermode)
CSTLab:NVLAP
Certificate
2010290
FIPSApprovedalgorithms:AES(Cert.#2273)
SecurityPolicy
HMAC(Cert.#1391)DSA(Cert.#709)
ECDSA(Cert.#368)RSA(Cert.#1166)SHS
(Cert.#1954)TripleDES(Cert.#1420)DRBG
(Cert.#281)CVL(Cert.#44)
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ECDiffieHellman(keyagreement
keyestablishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)RNGDualECDRBG
MultiChipStandAlone
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
26/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
"TheVeritasCryptographicModulefromVeritas
providescryptographicserviceswhichareusedto
encryptthedataatrestandinthesecure
communicationwithatrustedthirdparty."
2622 SUSE,LLC
SUSELinuxEnterpriseServer
10CanalPark,Suite
12NSSModule
200
(SoftwareVersion:1.0)
Cambridge,
(WhenoperatedinFIPSmode.
Massachusetts02141
Themodulegenerates
USA
cryptographickeyswhose
strengthsaremodifiedby
ThomasBiege
availableentropy)
TEL:+4991174053
500
ValidatedtoFIPS1402
ConsolidatedValidation
MichaelHager
Certificate
TEL:+4991174053
80
SecurityPolicy
CSTLab:NVLAP
2006580
2621 Forcepoint
10900AStonelake
Blvd.
QuarryOaks1
Ste.350
Austin,TX78759
USA
MattSturm
TEL:8583209444
CSTLab:NVLAP
2010290
WebsenseCCryptographic
Module
(SoftwareVersion:2.1)
(WhenoperatedinFIPSmode.
Themodulegenerates
cryptographickeyswhose
strengthsaremodifiedby
availableentropy.)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
27/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
MultiChipStandAlone
"Websenseproducesafamilyofweb,emailand
datasecuritysolutionsthatcanbedeployedon
preconfigured,securityhardenedhardwareoras
customerinstallablesoftware.TheWebsenseC
CryptoModuleprovidessupportfor
cryptographicandsecurecommunications
servicesforthesesolutions."
2620 PaloAltoNetworks
4301GreatAmerica
Parkway
SantaClara,CA
95054
USA
RichardBishop
TEL:4087534000
JakeBajic
TEL:4087534000
DesignAssurance:Level3
ValidatedtoFIPS1402
MitigationofOtherAttacks:N/A
ConsolidatedValidation
OperationalEnvironment:VMwareESXi5.5
Certificate
runningonPAVMESX7.0.1.ovaorPAVM
NSX7.0.1.ova
SecurityPolicy
CentOS6.5KVMrunningonPAVMKVM
7.0.1.qcow2
CitrixXenServer6.1.0runningonPAVMSDX
7.0.1.xva(singleusermode)
CSTLab:NVLAP
1004320
FIPSApprovedalgorithms:AES(Cert.#3501)
ECDSA(Cert.#714)RSA(Cert.#1797)
HMAC(Cert.#2235)SHS(Cert.#2888)DRBG
(Cert.#871)CVL(Certs.#568,#569,#570and
#571)
Otheralgorithms:ECDiffieHellman(CVL
Cert.#569,keyagreementkeyestablishment
methodologyprovides128or192bitsof
encryptionstrengthnoncompliantlessthan112
bitsofencryptionstrength)AES(Cert.#3501,
keywrappingkeyestablishmentmethodology
provides128or256bitsofencryptionstrength)
RSA(keywrappingkeyestablishment
methodologyprovides112or128bitsof
encryptionstrengthnoncompliantlessthan112
bitsofencryptionstrength)DiffieHellman(key
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)NDRNGMD5RIPEMDCamellia
SEEDTripleDES(noncompliant)Blowfish
CASTRC4UMACHMACMD5HMAC
RIPEMDDSA(noncompliant)
MultiChipStandAlone
"TheVMSeriesallowsyoutoprotectyour
applicationsanddatafromcyberthreatswithour
nextgenerationfirewallsecurityandadvanced
threatpreventionfeatures."
2619 Vocera
Communications,
Inc.
525RaceStreet
SanJose,CA95126
USA
CVL(Cert.#586)
2009960
ValidatedtoFIPS1402
ConsolidatedValidation
Otheralgorithms:NDRNGRSA(key
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
28/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
Certificate
SecurityPolicy
wrappingkeyestablishmentmethodology
provides112ofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)MD5HMACMD5
MultiChipStandAlone
"VoceraB3000nBadgeisawearablehandsfree
voicecontrolleddevicethatprovideseasytouse
andinstantaneouscommunicationonawireless
LANnetwork.TheVoceraCryptographic
Module,embeddedintheB3000nBadge,ensures
protectedcommunicationsusingindustry
standardsecurewirelesscommunication
protocols."
2618 CiscoSystems,Inc.
170WestTasman
Drive
SanJose,CA95134
USA
GlobalCertification
Team
CSTLab:NVLAP
2009970
2617 PaloAltoNetworks
4301GreatAmerica
Parkway
SantaClara,CA
95054
USA
JakeBajic
TEL:4087534000
AmirShahhosseini
TEL:4087534000
CSTLab:NVLAP
1004320
CiscoASA5506X,ASA
Hardware 04/19/2016 OverallLevel:2
5506HX,ASA5506WX,ASA
5508X,ASA5512X,ASA
Roles,Services,andAuthentication:Level3
5515X,ASA5516X,ASA
MitigationofOtherAttacks:N/A
5525X,ASA5545X,ASA
5555X,ASA5585XSSP10,
FIPSApprovedalgorithms:AES(Certs.#2050,
5585XSSP20,5585XSSP40
#2444,#2472,#3301and#3439)CVL(Cert.
and5585XSSP60Adaptive
#525)DRBG(Certs.#332,#336,#819and
SecurityAppliances
#838)ECDSA(Cert.#693)HMAC(Certs.
(HardwareVersions:ASA5506
#1247,#1514,#2095and#2188)RSA(Cert.
X[1],ASA5506HX[1],ASA
#1760)SHS(Certs.#1794,#2091,#2737and
5506WX[1],ASA5508X[2]
#2839)TripleDES(Certs.#1321,#1513,#1881
[3],ASA5512X[2],ASA5515
and#1937)
X[5],ASA5516X[2][4],ASA
5525X[5],ASA5545X[5],
Otheralgorithms:DESDiffieHellman(key
ASA5555X[5],ASA5585X
agreementkeyestablishmentmethodology
SSP10[6],5585XSSP20[6],
providesbetween112and150bitsofencryption
5585XSSP40[6],and5585X
strengthnoncompliantlessthan112bitsof
SSP60[6]with[ASA5506
encryptionstrength)HMACMD5MD5
FIPSKIT=][1],[ASA5500X
NDRNGRC4RSA(keywrappingkey
FIPSKIT=][2],[ASA5508
establishmentmethodologyprovides112bitsof
FIPSKIT=][3],[ASA5516
encryptionstrengthnoncompliantlessthan112
FIPSKIT=][4],[CISCOFIPS
bitsofencryptionstrength)
KIT=][5]or[ASA5585XFIPS
KIT][6]FirmwareVersion:9.4)
MultiChipStandAlone
(WhenoperatedinFIPSmode
andwiththetamperevidentseals
"ThemarketleadingCiscoASASecurity
andsecuritydevicesinstalledas
ApplianceSeriesdeliverrobustuserand
indicatedintheSecurityPolicy)
applicationpolicyenforcement,multivector
attackprotection,andsecureconnectivity
ValidatedtoFIPS1402
servicesincosteffective,easytodeploy
ConsolidatedValidation
solutions.TheASA5500SeriesAdaptive
Certificate
SecurityAppliancesprovidecomprehensive
security,performance,andreliabilityfornetwork
SecurityPolicy
environmentsofallsizes."
WildFireWF500
Hardware 04/18/2016 OverallLevel:2
(HardwareVersion:P/N:910
00009700GRevGFIPSKit
CryptographicModuleSpecification:Level3
P/N:920000145VersionRev
Roles,Services,andAuthentication:Level3
00AFirmwareVersion:7.0.3)
DesignAssurance:Level3
(WhenoperatedinFIPSmode
MitigationofOtherAttacks:N/A
andwiththetamperevidentseals
OperationalEnvironment:N/A
andopacityshieldsinstalledas
indicatedintheSecurityPolicy)
FIPSApprovedalgorithms:AES(Cert.#3475)
RSA(Cert.#1782)ECDSA(Cert.#713)
ValidatedtoFIPS1402
HMAC(Cert.#2220)SHS(Cert.#2870)DRBG
ConsolidatedValidation
(Cert.#870)CVL(Certs.#564,#565,#566and
Certificate
#567)
SecurityPolicy
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
29/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
compliantlessthan112bitsofencryption
strength)ECDiffieHellman(CVLCert.#567,
keyagreementkeyestablishmentmethodology
provides128or192bitsofencryptionstrength
noncompliantlessthan112bitsofencryption
strength)RSA(keywrappingkeyestablishment
methodologyprovides112bitsofencryption
strength)NDRNGMD5TripleDES(non
compliant)CASTARCFOURBlowfish
CamelliaSEEDRC2RC4HMACMD5
UMACHMACRIPEMD
MultiChipStandAlone
"WildFireWF500identifiesunknownmalware,
zerodayexploits,andAdvancedPersistent
Threats(APTs)throughdynamicanalysis,and
automaticallydisseminatesprotectioninnear
realtimetohelpsecurityteamsmeetthe
challengeofadvancedcyberattacks"
2616 PaloAltoNetworks
PA3060andPA7080
Hardware 04/18/2016 OverallLevel:2
4301GreatAmerica
Firewalls
Parkway
(HardwareVersions:PA3060
Roles,Services,andAuthentication:Level3
SantaClara,CA
P/N91000010400CRev.Cand
DesignAssurance:Level3
95054
PA7080P/N91000012200A
MitigationofOtherAttacks:N/A
USA
with91000002800Bor910
OperationalEnvironment:N/A
00011700AFIPSKitP/Ns:
RichardBishop
92000013800ARev.Aand
FIPSApprovedalgorithms:AES(Cert.#3475)
TEL:4087534000
92000011900ARev.A
ECDSA(Cert.#713)RSA(Cert.#1782)
FirmwareVersions:7.0.1h4and
HMAC(Cert.#2220)SHS(Cert.#2870)DRBG
JakeBajic
7.0.3)
(Cert.#870)CVL(Certs.#564,#565,#566and
TEL:4087534000
(WhenoperatedinFIPSmode
#567)
andwiththetamperevidentseals
CSTLab:NVLAP
andopacityshieldsinstalledas
Otheralgorithms:ECDiffieHellman(CVL
1004320
indicatedintheSecurityPolicy)
Cert.#567,keyagreementkeyestablishment
methodologyprovides128bitsor192bitsof
ValidatedtoFIPS1402
encryptionstrength)DiffieHellman(key
ConsolidatedValidation
agreementkeyestablishmentmethodology
Certificate
provides112bitsofencryptionstrength)AES
(Cert.#3475,keywrappingkeyestablishment
SecurityPolicy
methodologyprovides128or256bitsof
encryptionstrength)RSA(keywrappingkey
establishmentmethodologyprovides112bitsor
128bitsofencryptionstrength)NDRNGMD5
RIPEMDCamelliaSEEDTripleDES(non
compliant)BlowfishCASTRC4UMAC
HMACMD5HMACRIPEMD
MultiChipStandAlone
"ThePaloAltoNetworksPA3060andPA7080
firewallsprovidenetworksecuritybyenabling
enterprisestoseeandcontrolapplications,users,
andcontentusingthreeuniqueidentification
technologies:AppID,UserID,andContentID.
Theseidentificationtechnologies,foundinPalo
AltoNetworks'enterprisefirewalls,enable
enterprisestocreatebusinessrelevantsecurity
policiessafelyenablingorganizationstoadopt
newapplications,insteadofthetraditional"all
ornothing"approachofferedbytraditionalport
blockingfirewallsusedinmanysecurity
infrastructures."
2615 MojoNetworks,Inc.
339N.Bernardo
AirTightWirelessSensor
(HardwareVersions:C75and
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
Avenue
Suite200
MountainView,CA
94043
USA
HemantChaskar
TEL:6509611111
FAX:6509611169
CSTLab:NVLAP
2000020
C75EwithTamperEvident
SealKit:CTPLAFirmware
Version:7.2.FIPS.04)
(WhenoperatedinFIPSmode
andwithtamperevidentseals
installedasindicatedinthe
SecurityPolicy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
04/15/2016 MitigationofOtherAttacks:N/A
04/19/2016 OperationalEnvironment:N/A
FIPSApprovedalgorithms:AES(Cert.#3766)
CVL(Cert.#710)DRBG(Cert.#1036)HMAC
(Cert.#2465)KBKDF(Cert.#77)KTS(AES
Cert.#3766andHMACCert.#2465key
establishmentmethodologyprovides128or256
bitsofencryptionstrength)RSA(Cert.#1937)
SHS(Cert.#3135)
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrength)MD5
NDRNG
MultiChipStandAlone
"Themoduleperformswirelessintrusion
detectionandprevention.Itmonitorsradio
channelstoensureconformanceofwireless
activitytosecuritypolicy.Itmitigatesvarious
typesofwirelesssecurityviolationssuchas
roguewirelessnetworks,unauthorizedwireless
connections,networkmisconfigurationsand
denialofserviceattacks."
2614 Qualcomm
QTICryptoEngineCore
Hardware 04/11/2016 OverallLevel:2
Technologies,Inc.
(HardwareVersion:5.3.1)
5775MorehouseDr (WhenoperatedinFIPSmode)
MitigationofOtherAttacks:N/A
SanDiego,CA92121
OperationalEnvironment:N/A
USA
ValidatedtoFIPS1402
ConsolidatedValidation
FIPSApprovedalgorithms:TripleDES(Cert.
LuXiao
Certificate
#1980)AES(Cert.#3526)SHS(Cert.#2909)
TEL:8586515477
HMAC(Cert.#2254)
FAX:8588451523
SecurityPolicy
Otheralgorithms:DESAEAD
YinLingLiong
TEL:8586517034
SingleChip
FAX:8588451523
"QTICryptoEngineCoreisageneralpurpose
CSTLab:NVLAP
cryptographichardwareenginecapableof
2006580
securelyprocessingvariousconfidentialityand
integrityalgorithmsacrossmultipleexecution
environments."
2613 NokiaCorporation SROSCryptographicModule Firmware 04/11/2016 OverallLevel:1
600MarchRoad
(FirmwareVersion:13.0R4)
Ottawa,ONK2K2E6 (WhenoperatedinFIPSmode.
MitigationofOtherAttacks:N/A
Canada
Wheninstalled,initializedand
OperationalEnvironment:SROS13.0R4on
configuredasspecifiedinthe
CPM7950XRS20CPM
CarlRajsic
SecurityPolicySection9.1)
SROS13.0R4onCPM7950XRS16CPM
SROS13.0R4onCPM7750SRCPM5
CSTLab:NVLAP
ValidatedtoFIPS1402
SROS13.0R4onCFP7750SRc12CFMXPB
2005560
ConsolidatedValidation
SROS13.0R4onCPM7750SRa
Certificate
FIPSApprovedalgorithms:AES(Cert.#3484)
SecurityPolicy
TripleDES(Cert.#1965)RSA(Cert.#1789)
HMAC(Cert.#2226)SHS(Cert.#2878)DRBG
(Cert.#861)DSA(Cert.#985)CVL(Cert.
#560)
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
providesbetween112and150bitsofencryption
strengthnoncompliantlessthan112bitsof
encryptionstrength)NDRNG
MultiChipStandAlone
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
31/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
"TheSROSCryptographicModule(SRCM)
providesthecryptographicalgorithmfunctions
neededtoallowSROStoimplement
cryptographyforthoseservicesandprotocolsthat
requireit."
2612 Qualcomm
QTIPseudoRandomNumber
Technologies,Inc.
Generator
5775MorehouseDr
(HardwareVersion:2.0)
SanDiego,CA92121
USA
ValidatedtoFIPS1402
ConsolidatedValidation
LuXiao
Certificate
TEL:8586515477
FAX:8588451523
SecurityPolicy
YinLingLiong
TEL:8586517034
FAX:8588451523
CSTLab:NVLAP
2006580
2611 SilentCircle
JavaCryptoModule
174WaterfrontStreet
(SoftwareVersion:1.0)
Suite500
(WhenoperatedinFIPSmode.
NationalHarbor,MD
Themodulegenerates
20745
cryptographickeyswhose
USA
strengthsaremodifiedby
availableentropy.Noassurance
IanKanski
oftheminimumstrengthof
generatedkeys.)
AllenStone
ValidatedtoFIPS1402
CSTLab:NVLAP
ConsolidatedValidation
2010290
Certificate
SecurityPolicy
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
32/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
functionsforSilentOSfromSilentCircle."
2610 AppleInc.
1InfiniteLoop
Cupertino,CA95041
USA
ShawnGeddis
TEL:(669)2273579
FAX:(866)3151954
CSTLab:NVLAP
2006580
AppleOSXCoreCrypto
Module,v6.0
(SoftwareVersion:6.0)
(WhenoperatedinFIPSmode.
Themodulegenerates
cryptographickeyswhose
strengthsaremodifiedby
availableentropy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
33/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
Hellman(keyagreementkeyestablishment
methodologyprovidesbetween112and150bits
ofencryptionstrengthnoncompliantlessthan
112bitsofencryptionstrength)ECDiffie
Hellman(keyagreementkeyestablishment
methodologyprovides128or160bitsof
encryptionstrength)ECDSA(noncompliant)
Ed25519Hash_DRBG(noncompliant)
HMAC_DRBG(noncompliant)Integrated
EncryptionSchemeonellipticcurvesKBKDF
(noncompliant)MD2MD4MD5OMAC
(OneKeyCBCMAC)RC2RC4RFC6637
KDFRIPEMDRSA(keywrappingkey
establishmentmethodologyprovidesbetween
112and150bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)RSA(noncompliant)TripleDES
(noncompliant)
MultiChipStandAlone
"TheAppleOSXCoreCryptoModuleisa
softwarecryptographicmodulerunningona
multichipstandalonemobiledeviceandprovides
servicesintendedtoprotectdataintransitandat
rest."
2609 AppleInc.
AppleiOSCoreCryptoKernel
1InfiniteLoop
Modulev6.0
Cupertino,CA95041
(SoftwareVersion:6.0)
USA
(WhenoperatedinFIPSmode.
Themodulegenerates
ShawnGeddis
cryptographickeyswhose
TEL:(669)2273579
strengthsaremodifiedby
FAX:(866)3151954
availableentropy)
CSTLab:NVLAP
ValidatedtoFIPS1402
2006580
ConsolidatedValidation
Certificate
SecurityPolicy
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
34/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
#3741,#3742,#3743,#3744,#3745,#3746and
#3747keyestablishmentmethodologyprovides
between128and160bitsofencryptionstrength)
PBKDF(vendoraffirmed)
Otheralgorithms:AES(noncompliant)ANSI
X9.63KDFBlowfishCAST5DESECDSA
(noncompliant)Ed25519HASH_DRBG(non
compliant)HMAC_DRBG(noncompliant)
IntegratedEncryptionSchemeonellipticcurves
KBKDF(noncompliant)MD2MD4MD5
OMACRIPEMDRC2RC4RFC6637KDF
RSA(keywrappingkeyestablishment
methodologyprovidesbetween128and150bits
ofencryptionstrengthnoncompliantlessthan
112bitsofencryptionstrength)SP80056C
KDFTripleDES(noncompliant)
MultiChipStandAlone
"TheAppleiOSCoreCryptoKernelModuleisa
softwarecryptographicmodulerunningona
multichipstandalonemobiledeviceandprovides
servicesintendedtoprotectdataintransitandat
rest."
2608 SonusNetworks,
Inc.
4TechnologyPark
Drive
Westford,MA01886
USA
AdamElshama
TEL:9786148327
CSTLab:NVLAP
2005560
SBC5110and5210Session
Hardware 04/05/2016 OverallLevel:1
BorderControllers
(HardwareVersions:SBC5110
Roles,Services,andAuthentication:Level2
andSBC5210Firmware
DesignAssurance:Level2
Version:5.0)
MitigationofOtherAttacks:N/A
(Wheninstalled,initializedand
OperationalEnvironment:N/A
configuredasspecifiedinthe
SecurityPolicySection3and
FIPSApprovedalgorithms:AES(Certs.#3480
operatedinFIPSmode.The
and#3481)CVL(Certs.#554,#555and#556)
modulegeneratescryptographic
DRBG(Cert.#859)ECDSA(Cert.#708)
keyswhosestrengthsare
HMAC(Certs.#2222and#2223)RSA(Cert.
modifiedbyavailableentropy)
#1787)SHS(Certs.#2874and#2875)Triple
DES(Certs.#1961and#1962)
ValidatedtoFIPS1402
ConsolidatedValidation
Otheralgorithms:RSA(keywrappingkey
Certificate
establishmentmethodologyprovides112bitsof
encryptionstrength)DiffieHellman(key
SecurityPolicy
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrength)EC
DiffieHellman(keyagreementkey
establishmentmethodologyprovidesbetween
112and256ofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)NDRNGMD5
MultiChipStandAlone
"TheSBC5110and5210SessionBorder
Controllersarehighperformanceaircooled,2U,
IPencryptionappliancesthatprovidesecureSIP
basedcommunicationswithrobustsecurity,
reducedlatency,realtimeencryption(VOIP
signalingandmediatraffic),mediatranscoding,
flexibleSIPsessionrouting&policy
management."
2607 Microsoft
Corporation
OneMicrosoftWay
Redmond,WA
980526399
USA
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
35/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
TimMyers
TEL:8006427676
CSTLab:NVLAP
2004270
(ci.dll)inMicrosoftWindows10,
Windows10Pro,Windows10
Enterprise,Windows10
EnterpriseLTSBunderCert.
#2604operatinginFIPSmode)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
Windows10Enterprise(x64)runningona
MicrosoftSurfacePro2withPAA
Windows10Enterprise(x64)runningona
MicrosoftSurfacePro3withPAA
Windows10Enterprise(x64)runningona
MicrosoftSurface3withPAA
Windows10Enterprise(x86)runningonaDell
Inspiron660swithoutPAA
Windows10Enterprise(x64)runningonaHP
CompaqPro6305withPAA
Windows10EnterpriseLTSB(x86)runningona
DellInspironwithoutPAA
Windows10EnterpriseLTSB(x64)runningona
HPCompaqPro6305withPAA
Windows10EnterpriseLTSB(x64)runningona
DellXPS8700withPAA(singleusermode)
FIPSApprovedalgorithms:RSA(Cert.#1784)
SHS(Cert.#2871)
Otheralgorithms:MD5
MultiChipStandAlone
"SecureKernelCodeIntegrity(SKCI)runningin
theVirtualSecureMode(VSM)oftheHyperV
hypervisorwillonlygrantexecuteaccessto
physicalpagesinthekernelthathavebeen
successfullyverified.Executablepageswillnot
havewritepermissionoutsideofHyperV.
Therefore,onlyverifiedcodecanbeexecuted."
2606 Microsoft
Corporation
OneMicrosoftWay
Redmond,WA
980526399
USA
TimMyers
TEL:8006427676
CSTLab:NVLAP
2004270
CryptographicPrimitives
Library(bcryptprimitives.dll
andncryptsslp.dll)in
MicrosoftWindows10,
Windows10Pro,Windows10
Enterprise,Windows10
EnterpriseLTSB
(SoftwareVersion:10.0.10240)
(WhenoperatedinFIPSmode
withmodulesKernelMode
CryptographicPrimitives
Library(cng.sys)inMicrosoft
Windows10,Windows10Pro,
Windows10Enterprise,
Windows10EnterpriseLTSB
validatedtoFIPS1402under
Cert.#2605operatinginFIPS
mode,andCodeIntegrity(ci.dll)
inMicrosoftWindows10,
Windows10Pro,Windows10
Enterprise,Windows10
EnterpriseLTSBvalidatedto
FIPS1402underCert.#2604
operatinginFIPSmode.)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
HPCompaqPro6305withPAA
Windows10EnterpriseLTSB(x64)runningona
DellXPS8700withPAA(singleusermode)
FIPSApprovedalgorithms:AES(Cert.#3497)
CVL(Certs.#575and#576)DRBG(Cert.
#868)DSA(Cert.#983)ECDSA(Cert.#706)
HMAC(Cert.#2233)KAS(Cert.#64key
agreementkeyestablishmentmethodology
providesbetween112and256bitsofencryption
strength)KBKDF(Cert.#66)KTS(AESCert.
#3507keywrappingkeyestablishment
methodologyprovidesbetween128and256bits
ofencryptionstrength)PBKDF(vendor
affirmed)RSA(Certs.#1783,#1798,and
#1802)SHS(Cert.#2886)TripleDES(Cert.
#1969)
Otheralgorithms:DESHMACMD5Legacy
CAPIKDFMD2MD4MD5RC2RC4RSA
(encrypt/decrypt)
MultiChipStandAlone
"TheCryptographicPrimitivesLibrary
(bcryptprimitives.dllandncryptsslp.dll)provides
cryptographicservicestoWindowscomponents
andapplications.Itincludescryptographic
algorithmsinaneasytousecryptographic
moduleviatheCryptographyNextGeneration
(CNG)API.Itcanbedynamicallylinkedinto
applicationsfortheuseofgeneralpurposeFIPS
1402validatedcryptography."
2605 Microsoft
Corporation
OneMicrosoftWay
Redmond,WA
980526399
USA
TimMyers
TEL:8006427676
CSTLab:NVLAP
2004270
Windows10(x86)runningonaDellInspiron
ValidatedtoFIPS1402
660swithoutPAA
ConsolidatedValidation
Windows10Enterprise(x64)runningonaHP
Certificate
CompaqPro6305withPAA
Windows10Pro(x64)runningonaHPCompaq
SecurityPolicy
Pro6305withPAA
Windows10(x64)runningonaHPCompaqPro
6305withPAA
Windows10(x64)runningonaDellXPS8700
withPAA
Windows10EnterpriseLTSB(x86)runningona
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
37/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
DellInspironwithoutPAA
Windows10EnterpriseLTSB(x64)runningona
HPCompaqPro6305withPAA
Windows10EnterpriseLTSB(x64)runningona
DellXPS8700withPAA(singleusermode)
FIPSApprovedalgorithms:AES(Cert.#3497)
CVL(Cert.#576)DRBG(Cert.#868)DSA
(Cert.#983)ECDSA(Cert.#706)HMAC(Cert.
#2233)KAS(Cert.#64keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrength)KBKDF
(Cert.#66)KTS(AESCert.#3507key
wrappingkeyestablishmentmethodology
providesbetween128and256bitsofencryption
strength)PBKDF(vendoraffirmed)RSA
(Certs.#1783,#1798and#1802)SHS(Cert.
#2886)TripleDES(Cert.#1969)
Otheralgorithms:DESHMACMD5Legacy
CAPIKDFMD2MD4MD5NDRNGRC2
RC4RSA(encrypt/decrypt)
MultiChipStandAlone
"KernelModeCryptographicPrimitivesLibrary
(cng.sys)runsasakernelmodeexportdriver,and
providescryptographicservices,throughtheir
documentedinterfaces,toWindowskernel
components.Itsupportsseveralcryptographic
algorithmsaccessibleviaaFIPSfunctiontable
requestIRP(I/Orequestpacket)."
2604 Microsoft
Corporation
OneMicrosoftWay
Redmond,WA
980526399
USA
TimMyers
TEL:8006427676
CSTLab:NVLAP
2004270
CodeIntegrity(ci.dll)in
Software 06/02/2016 OverallLevel:1
MicrosoftWindows10,
Windows10Pro,Windows10
PhysicalSecurity:N/A
Enterprise,Windows10
DesignAssurance:Level2
EnterpriseLTSB
OperationalEnvironment:Windows10
(SoftwareVersion:10.0.10240)
Enterprise(x64)runningonaMicrosoftSurface
(WhenoperatedinFIPSmode
ProwithPAA
withmodulesBitLocker(R)
Windows10Enterprise(x64)runningona
WindowsOSLoader(winload)in
MicrosoftSurfacePro2withPAA
MicrosoftWindows10,Windows
Windows10Enterprise(x64)runningona
10Pro,Windows10Enterprise,
MicrosoftSurfacePro3withPAA
Windows10EnterpriseLTSB
Windows10Pro(x64)runningonaMicrosoft
validatedtoFIPS1402under
SurfaceProwithPAA
Cert.#2601operatinginFIPS
Windows10Pro(x64)runningonaMicrosoft
modeorBitLocker(R)Windows
SurfacePro2withPAA
Resume(winresume)in
Windows10Pro(x64)runningonaMicrosoft
MicrosoftWindows10,Windows
SurfacePro3withPAA
10Pro,Windows10Enterprise,
Windows10Enterprise(x64)runningona
Windows10EnterpriseLTSB
MicrosoftSurface3withPAA
validatedtoFIPS1402under
Windows10Enterprise(x86)runningonaDell
Cert.#2602operatinginFIPS
Inspiron660swithoutPAA
mode)
Windows10Pro(x86)runningonaDellInspiron
660swithoutPAA
ValidatedtoFIPS1402
Windows10(x86)runningonaDellInspiron
ConsolidatedValidation
660swithoutPAA
Certificate
Windows10Enterprise(x64)runningonaHP
CompaqPro6305withPAA
SecurityPolicy
Windows10Pro(x64)runningonaHPCompaq
Pro6305withPAA
Windows10(x64)runningonaHPCompaqPro
6305withPAA
Windows10(x64)runningonaDellXPS8700
withPAA
Windows10EnterpriseLTSB(x86)runningona
DellInspironwithoutPAA
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
38/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
Windows10EnterpriseLTSB(x64)runningona
HPCompaqPro6305withPAA
Windows10EnterpriseLTSB(x64)runningona
DellXPS8700withPAA(singleusermode)
FIPSApprovedalgorithms:RSA(Cert.#1784)
SHS(Cert.#2871)
Otheralgorithms:AES(noncompliant)MD5
MultiChipStandAlone
"CodeIntegrity(ci.dll)verifiestheintegrityof
executablefiles,includingkernelmodedrivers,
criticalsystemcomponents,andusermode
cryptographicmodulesastheyareloadedinto
memoryfromthedisk."
2603 Microsoft
Corporation
OneMicrosoftWay
Redmond,WA
980526399
USA
TimMyers
TEL:8006427676
CSTLab:NVLAP
2004270
BitLockerDumpFilter
Software 06/02/2016 OverallLevel:1
(dumpfve.sys)inMicrosoft
Windows10Pro,Windows10
PhysicalSecurity:N/A
Enterprise,Windows10
DesignAssurance:Level2
EnterpriseLTSB
OperationalEnvironment:Windows10
(SoftwareVersion:10.0.10240)
Enterprise(x64)runningonaMicrosoftSurface
(WhenoperatedinFIPSmode
ProwithPAA
withthemoduleCodeIntegrity
Windows10Enterprise(x64)runningona
(ci.dll)inMicrosoftWindows10,
MicrosoftSurfacePro2withPAA
Windows10Pro,Windows10
Windows10Enterprise(x64)runningona
Enterprise,Windows10
MicrosoftSurfacePro3withPAA
EnterpriseLTSBunderCert.
Windows10Pro(x64)runningonaMicrosoft
#2604operatinginFIPSmode)
SurfaceProwithPAA
Windows10Pro(x64)runningonaMicrosoft
ValidatedtoFIPS1402
SurfacePro2withPAA
ConsolidatedValidation
Windows10Pro(x64)runningonaMicrosoft
Certificate
SurfacePro3withPAA
Windows10Enterprise(x64)runningona
SecurityPolicy
MicrosoftSurface3withPAA
Windows10Enterprise(x86)runningonaDell
Inspiron660swithoutPAA
Windows10Pro(x86)runningonaDellInspiron
660swithoutPAA
Windows10Enterprise(x64)runningonaHP
CompaqPro6305withPAA
Windows10Pro(x64)runningonaHPCompaq
Pro6305withPAA
Windows10EnterpriseLTSB(x86)runningona
DellInspironwithoutPAA
Windows10EnterpriseLTSB(x64)runningona
HPCompaqPro6305withPAA
Windows10EnterpriseLTSB(x64)runningona
DellXPS8700withPAA(singleusermode)
FIPSApprovedalgorithms:AES(Certs.#3497
and#3498)
Otheralgorithms:N/A
MultiChipStandAlone
"TheBitLockerDumpFilter(dumpfve.sys)is
thefullvolumeencryptionfilterthatresidesin
thesystemdumpstack.Wheneverthedumpstack
iscalled(intheeventofasystemcrashorfor
hibernation),thisfilterensuresthatalldatais
encryptedbeforeitgetswrittentothediskasa
dumpfileorhibernationfile."
2602 Microsoft
BitLockerWindowsResume
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
Corporation
OneMicrosoftWay
Redmond,WA
980526399
USA
TimMyers
TEL:8006427676
CSTLab:NVLAP
2004270
(winresume)inMicrosoft
Windows10,Windows10Pro,
Windows10Enterprise,
Windows10EnterpriseLTSB
(SoftwareVersion:10.0.10240)
(WhenoperatedinFIPSmode
withmoduleBootManagerin
MicrosoftWindows10,Windows
10Pro,Windows10Enterprise,
Windows10EnterpriseLTSB
validatedtoFIPS1402under
Cert.#2600operatinginFIPS
mode)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
PhysicalSecurity:N/A
DesignAssurance:Level2
OperationalEnvironment:Windows10
Enterprise(x64)runningonaMicrosoftSurface
ProwithPAA
Windows10Enterprise(x64)runningona
MicrosoftSurfacePro2withPAA
Windows10Enterprise(x64)runningona
MicrosoftSurfacePro3withPAA
Windows10Pro(x64)runningonaMicrosoft
SurfaceProwithPAA
Windows10Pro(x64)runningonaMicrosoft
SurfacePro2withPAA
Windows10Pro(x64)runningonaMicrosoft
SurfacePro3withPAA
Windows10Enterprise(x64)runningona
MicrosoftSurface3withPAA
Windows10Enterprise(x86)runningonaDell
Inspiron660swithoutPAA
Windows10Pro(x86)runningonaDellInspiron
660swithoutPAA
Windows10(x86)runningonaDellInspiron
660swithoutPAA
Windows10Enterprise(x64)runningonaHP
CompaqPro6305withPAA
Windows10Pro(x64)runningonaHPCompaq
Pro6305withPAA
Windows10(x64)runningonaHPCompaqPro
6305withPAA
Windows10(x64)runningonaDellXPS8700
withPAA
Windows10EnterpriseLTSB(x86)runningona
DellInspironwithoutPAA
Windows10EnterpriseLTSB(x64)runningona
HPCompaqPro6305withPAA
Windows10EnterpriseLTSB(x64)runningona
DellXPS8700withPAA(singleusermode)
FIPSApprovedalgorithms:AES(Certs.#3497
and#3498)RSA(Cert.#1784)SHS(Cert.
#2871)
Otheralgorithms:MD5
MultiChipStandAlone
"BitLockerWindowsResumeisanoperating
systemloaderwhichloadstheWindowsOS
kernel(ntoskrnl.exe)andotherbootstagebinary
imagefiles,aswellaspreviousoperatingsystem
stateinformation,whenWindowshasbeen
previouslyputintoasleeporhibernatepower
state."
2601 Microsoft
Corporation
OneMicrosoftWay
Redmond,WA
980526399
USA
TimMyers
TEL:8006427676
CSTLab:NVLAP
2004270
BitLockerWindowsOS
Software 06/02/2016 OverallLevel:1
Loader(winload)inMicrosoft
Windows10,Windows10Pro,
PhysicalSecurity:N/A
Windows10Enterprise,
DesignAssurance:Level2
Windows10EnterpriseLTSB
OperationalEnvironment:Windows10
(SoftwareVersion:10.0.10240)
Enterprise(x64)runningonaMicrosoftSurface
(WhenoperatedinFIPSmode
ProwithPAA
withmoduleBootManagerin
Windows10Enterprise(x64)runningona
MicrosoftWindows10,Windows
MicrosoftSurfacePro2withPAA
10Pro,Windows10Enterprise,
Windows10Enterprise(x64)runningona
Windows10EnterpriseLTSB
MicrosoftSurfacePro3withPAA
validatedtoFIPS1402under
Windows10Pro(x64)runningonaMicrosoft
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
40/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
Cert.#2600operatinginFIPS
mode)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
SurfaceProwithPAA
Windows10Pro(x64)runningonaMicrosoft
SurfacePro2withPAA
Windows10Pro(x64)runningonaMicrosoft
SurfacePro3withPAA
Windows10Enterprise(x64)runningona
MicrosoftSurface3withPAA
Windows10Enterprise(x86)runningonaDell
Inspiron660swithoutPAA
Windows10Pro(x86)runningonaDellInspiron
660swithoutPAA
Windows10(x86)runningonaDellInspiron
660swithoutPAA
Windows10Enterprise(x64)runningonaHP
CompaqPro6305withPAA
Windows10Pro(x64)runningonaHPCompaq
Pro6305withPAA
Windows10(x64)runningonaHPCompaqPro
6305withPAA
Windows10(x64)runningonaDellXPS8700
withPAA
Windows10EnterpriseLTSB(x86)runningona
DellInspironwithoutPAA
Windows10EnterpriseLTSB(x64)runningona
HPCompaqPro6305withPAA
Windows10EnterpriseLTSB(x64)runningona
DellXPS8700withPAA(singleusermode)
FIPSApprovedalgorithms:AES(Certs.#3497
and#3498)RSA(Cert.#1784)SHS(Cert.
#2871)
Otheralgorithms:MD5NDRNG
MultiChipStandAlone
"TheBitLockerWindowsOSLoaderloadsthe
bootcriticaldriverandOSkernelimagefiles."
2600 Microsoft
Corporation
OneMicrosoftWay
Redmond,WA
980526399
USA
TimMyers
TEL:8006427676
CSTLab:NVLAP
2004270
BootManagerinMicrosoft
Software 06/02/2016 OverallLevel:1
Windows10,Windows10Pro,
Windows10Enterprise,
PhysicalSecurity:N/A
Windows10EnterpriseLTSB
DesignAssurance:Level2
(SoftwareVersion:10.0.10240)
OperationalEnvironment:Windows10
(WhenoperatedinFIPSmode)
Enterprise(x64)runningonaMicrosoftSurface
ProwithPAA
ValidatedtoFIPS1402
Windows10Enterprise(x64)runningona
ConsolidatedValidation
MicrosoftSurfacePro2withPAA
Certificate
Windows10Enterprise(x64)runningona
MicrosoftSurfacePro3withPAA
SecurityPolicy
Windows10Pro(x64)runningonaMicrosoft
SurfaceProwithPAA
Windows10Pro(x64)runningonaMicrosoft
SurfacePro2withPAA
Windows10Pro(x64)runningonaMicrosoft
SurfacePro3withPAA
Windows10Enterprise(x64)runningona
MicrosoftSurface3withPAA
Windows10Enterprise(x86)runningonaDell
Inspiron660swithoutPAA
Windows10Pro(x86)runningonaDellInspiron
660swithoutPAA
Windows10(x86)runningonaDellInspiron
660swithoutPAA
Windows10Enterprise(x64)runningonaHP
CompaqPro6305withPAA
Windows10Pro(x64)runningonaHPCompaq
Pro6305withPAA
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
41/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
Windows10(x64)runningonaHPCompaqPro
6305withPAA
Windows10(x64)runningonaDellXPS8700
withPAA
Windows10EnterpriseLTSB(x86)runningona
DellInspironwithoutPAA
Windows10EnterpriseLTSB(x64)runningona
HPCompaqPro6305withPAA
Windows10EnterpriseLTSB(x64)runningona
DellXPS8700withPAA(singleusermode)
FIPSApprovedalgorithms:AES(Cert.#3497)
HMAC(Cert.#2233)KTS(AESCert.#3498)
PBKDF(vendoraffirmed)RSA(Cert.#1784)
SHS(Certs.#2871and#2886)
Otheralgorithms:MD5KDF(noncompliant)
PBKDF(noncompliant)
MultiChipStandAlone
"TheWindowssystembootmanageriscalledby
thebootstrappingcodethatresidesintheboot
sector.Itchecksitsownintegrity,checksthe
integrityoftheWindowsOSLoader,andthen
launchesit."
2599 Cleversafe,anIBM
Company
222SouthRiverside
Plaza
Suite1700
Chicago,Illinois
60606
US
MarkSeaborn
TEL:(312)4236640
CleversafeFIPS
CryptographicModule
(SoftwareVersion:1.1)
(WhenoperatedinFIPSmode)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
JasonResch
TEL:(312)4236640
CSTLab:NVLAP
2000020
Otheralgorithms:ECDiffieHellmanRSA
(encrypt/decrypt)RNG
MultiChipStandAlone
"TheCleversafeFIPSObjectModuleisafull
featuredgeneralpurposecryptographiclibrary
thatisdistributedasacomponentofCleversafe's
ClevOSFIPSEdition,theunderlying
technologyfordsNetAppliances."
2598 HewlettPackard,
Enterprise.
10810FarnamDrive
OMA01
Omaha,NE68154
USA
HarjitDhillon
TEL:9165011426
SteveWierenga
and#3428)CVL(Certs.#517,#518,#519,#520,
ValidatedtoFIPS1402
#521and#522)DRBG(Certs.#826,#827,#828
ConsolidatedValidation
and#829)HMAC(Certs.#2179and#2180)
Certificate
RSA(Certs.#1753and#1754)SHS(Certs.
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
42/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
TEL:6502653660
SecurityPolicy
CSTLab:NVLAP
1004320
#2827and#2828)TripleDES(Certs.#1932and
#1933)
Otheralgorithms:NDRNGRSA(key
wrappingkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)DiffieHellman(keyagreementkey
establishmentmethodologyprovides112bitsof
encryptionstrength)DESMD5RC4RSA
(noncompliant)TripleDES(noncompliant)
HMAC(noncompliant)SHS(noncompliant)
SNMPv3KDF(noncompliant)AES(non
compliant)
MultiChipStandAlone
"HPEnterpriseSecureKeyManager(ESKM)
provideskeygeneration,retrieval,and
managementforencryptiondevicesand
solutions.ESKMisahardenedsecurityappliance
withsecureaccesscontrol,administration,and
logging.ESKMsupportshighavailabilitywith
automaticmultisiteclustering,replication,and
failover."
2597 AppleInc.
1InfiniteLoop
Cupertino,CA95041
USA
ShawnGeddis
TEL:(669)2273579
FAX:(866)3151954
CSTLab:NVLAP
2006580
AppleOSXCoreCrypto
KernelModulev6.0
(SoftwareVersion:6.0)
(WhenoperatedinFIPSmode.
Themodulegenerates
cryptographickeyswhose
strengthsaremodifiedby
availableentropy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
43/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
#3149,#3150and#3151)TripleDES(Certs.
#2102,#2103,#2104and#2105)PBKDF
(vendoraffirmed)
Otheralgorithms:AES(noncompliant)AES
CMAC(noncompliant)ANSIX9.63KDF
BlowfishCAST5DESECDSA(non
compliant)Ed25519Hash_DRBG(non
compliant)HMAC_DRBG(noncompliant)
IntegratedEncryptionSchemeonellipticcurves
KBKDF(noncompliant)MD2MD4MD5
OMACRC2RC4RFC6637KDFRIPEMD
RSA(keywrappingkeyestablishment
methodologyprovidesbetween128and150bits
ofencryptionstrengthnoncompliantlessthan
112bitsofencryptionstrength)SP80056C
KDFTripleDES(noncompliant)
MultiChipStandAlone
"TheAppleOSXCoreCryptoKernelModuleis
asoftwarecryptographicmodulerunningona
multichipstandalonemobiledeviceandprovides
servicesintendedtoprotectdataintransitandat
rest."
2596 McAfee,Inc.
NetworkSecurityPlatform
Hardware 03/29/2016 OverallLevel:2
2821MissionCollege
SensorNS9300P
05/03/2016
DesignAssurance:Level3
Blvd.
(FirmwareVersion:8.1.17.16)
MitigationofOtherAttacks:N/A
SantaClara,CA
(Whenoperatedwiththetamper
OperationalEnvironment:N/A
95054
evidentsealsinstalledas
USA
indicatedintheSecurityPolicy)
FIPSApprovedalgorithms:AES(Cert.#3156)
CVL(Certs.#409and#599)DRBG(Cert.
JamesReardon
ValidatedtoFIPS1402
#649)HMAC(Cert.#1989)RSA(Certs.#1600
TEL:6516285346
ConsolidatedValidation
and#1825)SHS(Certs.#2612and#2923)
FAX:n/a
Certificate
Otheralgorithms:NDRNGRSA(key
CSTLab:NVLAP
SecurityPolicy
wrappingkeyestablishmentmethodology
1004320
provides112bitsofencryptionstrength)Diffie
Hellman(keyagreementkeyestablishment
methodologyprovides112bitsofencryption
strength)MD5RC4DESAES(non
compliant)HMAC(noncompliant)RSA(non
compliant)SHS(noncompliant)TripleDES
(noncompliant)SNMPKDF(noncompliant)
MultiChipStandAlone
"NetworkSecurityPlatformproducts(formerly
knownasIntruShield)areIntrusionPrevention
Systems(IPS)thatprotectnetwork
infrastructuresandendpointsfromintrusions
suchaszeroday,DoS,spyware,VoIP,botnet,
malware,phishing,andencryptedattackswith
highlyaccurate,enterpriseclassriskaware
intrusionprevention.TheNetworkSecurity
Managementsystemmanagesthesensor
deploymentsandpermitsthecustomertoreceive
realtimenetworkstatusupdatesandalerts,
implementcustomizedsecuritypoliciesand
incidentresponseplans,andperformforensic
analysisofattacks."
2595 ChunghwaTelecom
Co.,Ltd.
No.99,DianyanRoad
YangMei
HiCOSPKINativeSmart
CardCryptographicModule
(HardwareVersion:RS45C
FirmwareVersions:HardMask:
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
Taoyuan,Taiwan326
RepublicofChina
YeouFuhKuan
TEL:+8863424
4333
FAX:+8863424
4129
2.2andSoftMask:1.2)
(Noassuranceoftheminimum
strengthofgeneratedkeys)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
CharShinMiou
TEL:+8863424
4381
FAX:+8863424
4129
CSTLab:NVLAP
2009280
Roles,Services,andAuthentication:Level3
PhysicalSecurity:Level3
EMI/EMC:Level3
DesignAssurance:Level3
OperationalEnvironment:N/A
FIPSApprovedalgorithms:CVL(Cert.#614)
DRBG(Cert.#927)ECDSA(Cert.#731)RSA
(Cert.#1846)SHS(Cert.#2953)TripleDES
(Cert.#1999)
Otheralgorithms:NDRNGRSA(key
wrappingkeyestablishmentmethodology
provides112bitsofencryptionstrength)Triple
DES(Certs.#1999,keywrappingkey
establishmentmethodologyprovides112bitsof
encryptionstrength)
SingleChip
"TheHiCOSPKInativesmartcardmoduleisa
singlechipimplementationofacryptographic
module.TheHiCOSPKInativesmartcard
moduleismountedinanID1classsmartcard
bodythatadherestoISO/IECspecificationsfor
IntegratedCircuitChip(ICC)basedidentification
cards.Themoduleconsistsofthechip(ICC),the
contactfaceplate,andtheelectronicconnectors
betweenthechipandcontactpad,allcontained
withinanepoxysubstrate."
2594 AppleInc.
AppleiOSCoreCryptoModule Software 03/29/2016 OverallLevel:1
1InfiniteLoop
v6.0
Cupertino,CA95041
(SoftwareVersion:6.0)
PhysicalSecurity:N/A
USA
(WhenoperatedinFIPSmode.
OperationalEnvironment:iOS9.0runningon
Themodulegenerates
iPhone4SwithAppleA5CPUwithAES
ShawnGeddis
cryptographickeyswhose
hardwareacceleration
TEL:(669)2273579
strengthsaremodifiedby
iOS9.0runningoniPhone4SwithAppleA5
FAX:(866)3151954
availableentropy)
CPUwithoutAEShardwareacceleration
iOS9.0runningoniPhone5withAppleA6CPU
CSTLab:NVLAP
ValidatedtoFIPS1402
withAEShardwareacceleration
2006580
ConsolidatedValidation
iOS9.0runningoniPhone5withAppleA6CPU
Certificate
withoutAEShardwareacceleration
iOS9.0runningoniPhone5SwithAppleA7
SecurityPolicy
CPU
iOS9.0runningoniPhone6(iPhone6and
iPhone6Plus)withAppleA8CPU
iOS9.0runningoniPhone6S(iPhone6Sand
iPhone6SPlus)withAppleA9CPU
iOS9.0runningoniPad(3rdgeneration)with
AppleA5XCPUwithAEShardware
acceleration
iOS9.0runningoniPad(3rdgeneration)with
AppleA5XCPUwithoutAEShardware
acceleration
iOS9.0runningoniPad(4thgeneration)with
AppleA6XCPUwithAEShardware
acceleration
iOS9.0runningoniPad(4thgeneration)with
AppleA6XCPUwithoutAEShardware
acceleration
iOS9.0runningoniPadAir2withAppleA8X
CPU
iOS9.1runningoniPadProwithAppleA9X
CPU(singleusermode)
FIPSApprovedalgorithms:AES(Certs.#3682,
#3683,#3684,#3685,#3686,#3687,#3688,
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
45/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
#3689,#3690,#3691,#3692,#3693,#3694,
#3695,#3698,#3699,#3700,#3701,#3702,
#3703,#3704,#3705,#3706,#3707,#3708,
#3709,#3710,#3712,#3713,#3714,#3715,
#3716,#3717,#3718,#3719,#3720,#3721,
#3722,#3723,#3724,#3725,#3726,#3727,
#3728,#3740and#3750)CVL(Certs.#683,
#684,#685,#686,#687,#688,#689,#690,#691,
#692,#693,#694,#695and#698)DRBG
(Certs.#989,#990,#991,#992,#993,#994,
#995,#996,#997,#999,#1000,#1001,#1002,
#1004,#1005,#1006,#1007,#1008,#1009,
#1010,#1011,#1012,#1013,#1014,#1015and
#1016)ECDSA(Certs.#777,#778,#779,#780,
#781,#782,#783,#784,#785,#786,#787,#788,
#789and#793)HMAC(Certs.#2302,#2304,
#2306,#2307,#2309,#2310,#2311,#2312,
#2313,#2314,#2315,#2316,#2317,#2428,
#2429,#2430,#2431,#2432,#2433,#2434,
#2435,#2436,#2437,#2438,#2439,#2440and
#2444)KTS(AESCerts.#3682,#3683,#3684,
#3685,#3686,#3687,#3688,#3689,#3690,
#3691,#3692,#3693,#3694,#3695,#3698,
#3699,#3700,#3701,#3702,#3703,#3704,
#3705,#3706,#3707,#3708,#3709,#3710,
#3712,#3713,#3714,#3715,#3716,#3717,
#3718,#3719,#3720,#3721,#3722,#3723,
#3724,#3725,#3726,#3727,#3728,#3740and
#3750keyestablishmentmethodologyprovides
between128and160bitsofencryptionstrength)
RSA(Certs.#1904,#1905,#1906,#1907,#1908,
#1909,#1910,#1911,#1912,#1914,#1915,
#1916,#1919and#1920)SHS(Certs.#2968,
#2970,#2972,#2973,#2974,#2975,#2976,
#2977,#2978,#2979,#2980,#2981,#2982,
#2983,#3096,#3097,#3098,#3099,#3100,
#3101,#3102,#3103,#3104,#3105,#3106,
#3107,#3108and#3113)TripleDES(Certs.
#2060,#2061,#2062,#2063,#2064,#2065,
#2066,#2067,#2068,#2069,#2070,#2071,
#2072and#2078)PBKDF(vendoraffirmed)
Otheralgorithms:AES(noncompliant)ANSI
X9.63KDFBlowfishCAST5DESDiffie
Hellman(keyagreementkeyestablishment
methodologyprovidesbetween112and150bits
ofencryptionstrengthnoncompliantlessthan
112bitsofencryptionstrength)ECDiffie
Hellman(keyagreementkeyestablishment
methodologyprovides128or160bitsof
encryptionstrength)ECDSA(noncompliant)
Ed25519Hash_DRBG(noncompliant)
HMAC_DRBG(noncompliant)Integrated
EncryptionSchemeonellipticcurvesKBKDF
(noncompliant)MD2MD4MD5OMAC
(OneKeyCBCMAC)RFC6637KDF
RIPEMDRC2RC4RSA(keywrappingkey
establishmentmethodologyprovidesbetween
112and150bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)RSA(noncompliant)TripleDES
(noncompliant)
MultiChipStandAlone
"TheAppleiOSCoreCryptoModuleisa
softwarecryptographicmodulerunningona
multichipstandalonemobiledeviceandprovides
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
46/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
servicesintendedtoprotectdataintransitandat
rest."
2593 McAfee,Inc.
NetworkSecurityPlatform
Hardware 03/29/2016 OverallLevel:2
2821MissionCollege
SensorNS9300S
05/03/2016
Blvd.
(FirmwareVersion:8.1.17.16)
DesignAssurance:Level3
SantaClara,CA
(Whenoperatedwiththetamper
MitigationofOtherAttacks:N/A
95054
evidentsealsinstalledas
OperationalEnvironment:N/A
USA
indicatedintheSecurityPolicy)
FIPSApprovedalgorithms:AES(Cert.#3156)
JamesReardon
ValidatedtoFIPS1402
CVL(Certs.#409and#599)DRBG(Cert.
TEL:6516285346
ConsolidatedValidation
#649)HMAC(Cert.#1989)RSA(Certs.#1600
FAX:n/a
Certificate
and#1825)SHS(Certs.#2612and#2923)
CSTLab:NVLAP
SecurityPolicy
Otheralgorithms:NDRNGDiffieHellman
1004320
(keyagreementkeyestablishmentmethodology
provides112bitsofencryptionstrength)MD5
RC4DESAES(noncompliant)HMAC(non
compliant)RSA(noncompliant)SHS(non
compliant)TripleDES(noncompliant)
MultiChipStandAlone
"NetworkSecurityPlatformproducts(formerly
knownasIntruShield)areIntrusionPrevention
Systems(IPS)thatprotectnetwork
infrastructuresandendpointsfromintrusions
suchaszeroday,DoS,spyware,VoIP,botnet,
malware,phishing,andencryptedattackswith
highlyaccurate,enterpriseclassriskaware
intrusionprevention.TheNetworkSecurity
Managementsystemmanagesthesensor
deploymentsandpermitsthecustomertoreceive
realtimenetworkstatusupdatesandalerts,
implementcustomizedsecuritypoliciesand
incidentresponseplans,andperformforensic
analysisofattacks."
2592 ZebraTechnologies
Corporation
OneZebraPlaza
Holtsville,NY11742
USA
RobertPang
TEL:6317385419
FAX:n/a
MariyaWright
TEL:9145748189
FAX:6317384656
CSTLab:NVLAP
1004320
ZebraDCSCryptographic
Firmware 03/25/2016 OverallLevel:1
Library
(FirmwareVersions:
OperationalEnvironment:N/A
DAACVS00001R00,
MitigationofOtherAttacks:N/A
DAACWS00001R00or
OperationalEnvironment:LI3678withuC/OSII
DAACUS00001R00)
v2.85
(Thisvalidationentryisanon
DS3678withTreadXv6.5
securityrelevantmodificationto
STB3678withuC/OSIIv2.85
Cert.#1467)
FLB3678withuC/OSIIv2.85
ValidatedtoFIPS1402
FIPSApprovedalgorithms:AES(Certs.#3856,
ConsolidatedValidation
#3857and#3858)HMAC(Certs.#2504,#2505
Certificate
and#2506)SHS(Certs.#3178,#3179and
#3180)
SecurityPolicy
Otheralgorithms:N/A
MultiChipStandAlone
"TheZebraDCSCryptographicLibraryprovides
FIPS1402Level1certifiedencryptionand
securitypracticestoprotectdatasensitive
transmissionbetweentheEmbeddeddevices
whichincludecordlessscanners,cradlesand
terminals."
2591 McAfee,Inc.
NetworkSecurityPlatform
Hardware 03/24/2016 OverallLevel:2
2821MissionCollege SensorNS9100andNS9200
05/03/2016
Blvd.
(FirmwareVersion:8.1.17.16)
DesignAssurance:Level3
SantaClara,CA
(Whenoperatedwiththetamper
MitigationofOtherAttacks:N/A
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
47/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
95054
USA
JamesReardon
TEL:6516285346
FAX:n/a
CSTLab:NVLAP
1004320
evidentsealsinstalledas
indicatedintheSecurityPolicy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
OperationalEnvironment:N/A
FIPSApprovedalgorithms:AES(Cert.#3156)
CVL(Certs.#409and#599)DRBG(Cert.
#649)HMAC(Cert.#1989)RSA(Certs.#1600
and#1825)SHS(Certs.#2612and#2923)
Otheralgorithms:NDRNGRSA(key
wrappingkeyestablishmentmethodology
provides112bitsofencryptionstrength)Diffie
Hellman(keyagreementkeyestablishment
methodologyprovides112bitsofencryption
strength)MD5RC4DESAES(non
compliant)HMAC(noncompliant)RSA(non
compliant)SHS(noncompliant)TripleDES
(noncompliant)SNMPKDF(noncompliant)
MultiChipStandAlone
"NetworkSecurityPlatformproducts(formerly
knownasIntruShield)areIntrusionPrevention
Systems(IPS)thatprotectnetwork
infrastructuresandendpointsfromintrusions
suchaszeroday,DoS,spyware,VoIP,botnet,
malware,phishing,andencryptedattackswith
highlyaccurate,enterpriseclassriskaware
intrusionprevention.TheNetworkSecurity
Managementsystemmanagesthesensor
deploymentsandpermitsthecustomertoreceive
realtimenetworkstatusupdatesandalerts,
implementcustomizedsecuritypoliciesand
incidentresponseplans,andperformforensic
analysisofattacks."
2590 ARX(Algorithmic
Research)
10NevatimStreet
KiryatMatalon,
PetachTikva49561
USA
EzerFarhi
TEL:97239279529
CSTLab:NVLAP
2000020
CoSign
(HardwareVersion:7.0
FirmwareVersion:7.7)
(WhenoperatedinFIPSMode.
Thismodulecontainsthe
embeddedmoduleeToken5105
validatedtoFIPS1402under
Cert.#1883operatinginFIPS
mode.Noassuranceofthe
minimumstrengthofgenerated
keys.)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
2589 SonusNetworks,
Inc.
4TechnologyPark
SBC7000SessionBorder
Controller
(HardwareVersion:SBC7000
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
Drive
Westford,MA01886
USA
AdamElshama
TEL:9786148327
CSTLab:NVLAP
2005560
FirmwareVersion:5.0)
(Wheninstalled,initializedand
configuredasspecifiedinthe
SecurityPolicySection3and
operatedinFIPSmode.The
modulegeneratescryptographic
keyswhosestrengthsare
modifiedbyavailableentropy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
DesignAssurance:Level2
MitigationofOtherAttacks:N/A
OperationalEnvironment:N/A
FIPSApprovedalgorithms:AES(Certs.#3482
and#3483)CVL(Certs.#557,#558and#559)
DRBG(Cert.#860)ECDSA(Cert.#709)
HMAC(Certs.#2224and#2225)RSA(Cert.
#1788)SHS(Certs.#2876and#2877)Triple
DES(Certs.#1963and#1964)
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovides112bitsof
encryptionstrength)DiffieHellman(key
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrength)EC
DiffieHellman(keyagreementkey
establishmentmethodologyprovidesbetween
112and256ofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)NDRNGMD5
MultiChipStandAlone
"TheSBC7000SessionBorderControllerisa
highperformanceaircooled,5U,IPencryption
appliancesthatprovidesecureSIPbased
communicationswithrobustsecurity,reduced
latency,realtimeencryption(VOIPsignalingand
mediatraffic),mediatranscoding,flexibleSIP
sessionrouting&policymanagement."
2588 Qualcomm
Technologies,Inc.
5775MorehouseDr
SanDiego,CA92121
USA
LuXiao
TEL:8586515477
FAX:8588451523
QTIInlineCryptoEngine
(SDCC)
(HardwareVersion:2.1.0)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
YinLingLiong
TEL:8586517034
FAX:8588451523
RameshNarayanan
TEL:+9180338
65384
MitigationofOtherAttacks:N/A
OperationalEnvironment:N/A
FIPSApprovedalgorithms:AES(Certs.#3556
and#3558)
Otheralgorithms:N/A
SingleChip
"QTIInlineCryptoEngine(SDCC)high
throughputstoragedataencryptionand
decryption."
CSTLab:NVLAP
2006580
2587 HewlettPackard
Enterprise
DevelopmentLP
11445Compaq
CenterDr.W
Houston,TX77070
USA
HPBladeSystemOnboard
AdministratorFirmware
(FirmwareVersion:4.40)
(Wheninstalled,initializedand
configuredasindicatedinthe
SecurityPolicyinSection3)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
RituparnaMitra
TEL:+9180251
65735
CSTLab:NVLAP
2009280
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
RSA(keywrappingkeyestablishment
methodologyprovides112bitsofencryption
strength)
MultiChipStandAlone
"Themoduleprovidesadministrativecontrolof
HPBladeSystemcClassenclosures.The
cryptographicfunctionsofthemoduleprovide
securityforadministrativeaccessviaHTTPSand
SSH,andtoadministrativecommandsforthe
BladeSystemenclosure."
2586 IntegralMemory
PLC.
Unit6IronBridge
Close
IronBridgeBusiness
Park
OffGreatCentral
Way
London,Middlesex
NW100UF
UnitedKingdom
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
50/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
INIM280512GCR140(R)
INIM2801TCR140(R)
INIM2802TCR140(R)
INSSD64GMSA6MCR140(R)
INSSD128GMSA6MCR140(R)
INSSD256GMSA6MCR140(R)
INSSD512GMSA6MCR140(R)
INSSD1TMSA6MCR140(R)
INIMSA64GCR140(R)
INIMSA128GCR140(R)
INIMSA256GCR140(R)
INIMSA512GCR140(R)
INIMSA1TCR140(R)
INIMSA2TCR140(R)
INIM24264GCR140(R)
INIM242128GCR140(R)
INIM242256GCR140(R)
INIM242512GCR140(R)
INIM2421TCR140(R)
INIM2422TCR140(R)
FirmwareVersion:S5FDM018)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
2585 EMCCorporation
176SouthStreet
Hopkinton,MA
01748
USA
GregLazar
TEL:5082497822
TomDibb
TEL:5082497660
CSTLab:NVLAP
2005560
2584 AdvantechB+B
Smartworx
WestlinkCommercial
Park
Oranmore
Co.Galway
Ireland
PaulConway
TEL:+35391792444
FAX:+35391
792445
ValidatedtoFIPS1402
MultiChipEmbedded
ConsolidatedValidation
Certificate
"TheVNX6Gb/sSASI/OModulewith
Encryptionisanoptimizedsolutionfornative
SecurityPolicy
SAS/SATAHBAapplications.Itistheheartof
anyVNXstoragesystem,providingtheinterface
tothephysicalstoragemedia.Itsbenefitsinclude
costanduniversaldrivesupportforSASand
SATAdisks.TheVNX6Gb/sSASI/OModule
withEncryptionisahighdensitySAScontroller
solutionthatsignificantlyincreasestotalsystem
performance,diagnostics,scalabilityand
manageability.Itprovidesthehighestdensity,
lowestpower/portSAScontrollersolution
available."
AdvantechB+BSmartWorx
CryptographicModule
(SoftwareVersion:1.0)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
CSTLab:NVLAP
2005560
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrength)Triple
DES(Cert.#1974,keywrappingkey
establishmentmethodologyprovides112bitsof
encryptionstrength)
MultiChipStandAlone
"TheAdvantechB+BSmartWorxCryptographic
Moduleisasoftwaremodulethatprovides
cryptographicservicestoAdvantechB+B
SmartWorxproducts.Themoduleprovidesa
numberofFIPS140validatedcryptographic
algorithmsforservicessuchasIPsec.The
moduleprovidesapplicationswithalibrary
interfacethatenablesthemtoaccessthevarious
cryptographicalgorithmfunctionssuppliedby
themodule."
2583 Box,Inc.
900JeffersonAve
RedwoodCity,CA
94063
USA
CrispenMaung
TEL:8777294269
CSTLab:NVLAP
2009680
BoxJCACryptographic
Module
(SoftwareVersion:1.0)
(WhenoperatedinFIPSmode)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
2582 RedHat,Inc.
100EastDavieStreet
Raleigh,NC27601
USA
SteveGrubb
TEL:9783921000
FAX:9783921001
JaroslavReznik
TEL:+420532294
111
FAX:+420541426
177
CSTLab:NVLAP
2006580
RedHatEnterpriseLinux6.6
KernelCryptoAPI
CryptographicModule
(SoftwareVersion:3.1)
(WhenoperatedinFIPSmode
withNetworkSecurityServices
(NSS)ModulevalidatedtoFIPS
1402underCert.#2564
operatinginFIPSmode.The
modulegeneratescryptographic
keyswhosestrengthsare
modifiedbyavailableentropy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
#640,#641,#642,#643,#644,#645and#646)
DSA(Certs.#892,#893,#894,#895,#909and
#910)HMAC(Certs.#1933,#1934,#1935,
#1936,#1985and#1986)SHS(Certs.#2607
and#2608)TripleDES(Certs.#1797and
#1798)
Otheralgorithms:DESSHA256/SHA512
(SSSE3/AVX/AVX2implementationnon
compliant)HMACSHA256/SHA512
(SSSE3/AVX/AVX2implementationnon
compliant)
MultiChipStandAlone
"TheLinuxkernelCryptoAPIimplementedin
RedHatEnterpriseLinux6.6providesservices
operatinginsidetheLinuxkernelwithvarious
ciphers,messagedigestsandanapprovedrandom
numbergenerator."
2581 FireEye,Inc.
FireEyeHXSeries:HX4400, Hardware 03/14/2016 OverallLevel:1
1440McCarthyAve. HX4400D,HX4402,HX9402
Milipitas,CA95035
(HardwareVersions:HX4400,
Roles,Services,andAuthentication:Level3
USA
HX4400D,HX4402,HX9402
DesignAssurance:Level3
FirmwareVersion:3.1.0)
MitigationofOtherAttacks:N/A
PeterKim
(WhenoperatedinFIPSmode.
OperationalEnvironment:N/A
TEL:4083216300
Wheninstalled,initializedand
configuredasspecifiedin
FIPSApprovedalgorithms:AES(Cert.#3447)
CSTLab:NVLAP
Section3oftheSecurityPolicy)
CVL(Cert.#533)DRBG(Cert.#843)ECDSA
2010290
(Cert.#696)HMAC(Cert.#2195)RSA(Certs.
ValidatedtoFIPS1402
#1758and#1759)SHS(Certs.#2836and
ConsolidatedValidation
#2837)TripleDES(Cert.#1941)
Certificate
Otheralgorithms:DiffieHellman(CVLCert.
SecurityPolicy
#533,keyagreementkeyestablishment
methodologyprovides112or128bitsof
encryptionstrengthnoncompliantlessthan112
bitsofencryptionstrength)ECDH(key
agreementkeyestablishmentmethodology
providesbetween128and256bitsofencryption
strength)RSA(keywrappingkeyestablishment
methodologyprovides112or128bitsof
encryptionstrengthnoncompliantlessthan112
bitsofencryptionstrength)MD5DESRC4
HMACMD5NDRNG
MultiChipStandAlone
"TheFireEyeHXseriesappliancesenable
securityoperationsteamstocorrelatenetwork
andendpointactivity.Organizationscan
automaticallyinvestigatealertsgeneratedby
FireEyeThreatPreventionPlatforms,log
management,andnetworksecurityproducts,
applyintelligencefromFireEyetocontinuously
validateIndicatorsofCompromisesonthe
endpointsandidentifyifacompromisehas
occurredandassessthepotentialrisk."
2580 FireEye,Inc.
1440McCarthyAve.
Milipitas,CA95035
USA
PeterKim
TEL:4083216300
FireEyeMXSeries:MX900,
MX8400
(HardwareVersions:MX900,
MX8400FirmwareVersion:
2.0.3)
(WhenoperatedinFIPSmode.
Wheninstalled,initializedand
configuredasspecifiedin
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
CSTLab:NVLAP
2010290
Section3oftheSecurityPolicy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
CVL(Cert.#533)DRBG(Cert.#843)ECDSA
(Cert.#696)HMAC(Cert.#2195)RSA(Certs.
#1758and#1759)SHS(Certs.#2836and
#2837)TripleDES(Cert.#1941)
Otheralgorithms:DiffieHellman(CVLCert.
#533,keyagreementkeyestablishment
methodologyprovides112or128bitsof
encryptionstrengthnoncompliantlessthan112
bitsofencryptionstrength)ECDH(key
agreementkeyestablishmentmethodology
providesbetween128and256bitsofencryption
strength)RSA(keywrappingkeyestablishment
methodologyprovides112or128bitsof
encryptionstrengthnoncompliantlessthan112
bitsofencryptionstrength)MD5DESRC4
HMACMD5NDRNG
MultiChipStandAlone
"TheFireEyeMXseriesappliancesaremobile
managementplatformsthatworkinconjunction
withtheFireEyeMTPApptoassimilateand
dispersethreatinformationtomobileendpoints,
andofferintegrationwithMDMsolutionsfora
truedetecttofixsolution."
2579 Qualcomm
Technologies,Inc.
5775MorehouseDr
SanDiego,CA92121
USA
LuXiao
TEL:8586515477
FAX:8588451523
QTIInlineCryptoEngine
(UFS)
(HardwareVersion:2.1.0)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
YinLingLiong
TEL:8586517034
FAX:8588451523
FerrellMoultrie
TEL:4043489293
FAX:N/A
CSTLab:NVLAP
2004160
MitigationofOtherAttacks:N/A
OperationalEnvironment:N/A
FIPSApprovedalgorithms:AES(Certs.#3555
and#3557)
Otheralgorithms:N/A
SingleChip
"QTIInlineCryptoEngine(UFS)provideshigh
throughputstoragedataencryptionand
decryption."
CSTLab:NVLAP
2006580
2578 IBMSecurity
6303BarfieldRoad
Atlanta,GA30328
USA
IBMSecurityNetwork
Hardware 03/07/2016 OverallLevel:2
IntrusionPreventionSystem
Version4.6.2
MitigationofOtherAttacks:N/A
(HardwareVersions:GX4004,
OperationalEnvironment:N/A
GX5008C,GX5008SFP,
GX5208C,GX5208SFP,
FIPSApprovedalgorithms:AES(Certs.#3204
GX7412andGX7800with
and#3210)DRBG(Certs.#679and#682)
TamperEvidentLabelKit:
ECDSA(Certs.#588and#591)HMAC(Certs.
00VM255FirmwareVersion:
#2018and#2023)RSA(Certs.#1633and
4.6.2)
#1635)SHS(Certs.#2651and#2657)Triple
(Wheninstalled,initializedand
DES(Certs.#1825and#1827)
configuredasspecifiedinthe
SecurityPolicySection3.The
Otheralgorithms:RSA(keywrappingkey
modulegeneratescryptographic
establishmentmethodologyprovides112or128
keyswhosestrengthsare
bitsofencryptionstrength)NDRNG
modifiedbyavailableentropy)
MultiChipStandAlone
ValidatedtoFIPS1402
ConsolidatedValidation
"TheNetworkIntrusionPreventionSystem
Certificate
(NIPS)automaticallyblocksmaliciousattacks
whilepreservingnetworkbandwidthand
SecurityPolicy
availability.Theappliancesarepurposebuilt,
Layer2networksecurityappliancesthatyoucan
deployeitheratthegatewayorthenetworkto
blockintrusionattempts,denialofservice(DoS)
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
54/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
attacks,maliciouscode,backdoors,spyware,
peertopeerapplications,andagrowinglistof
threatswithoutrequiringextensivenetwork
reconfiguration."
2577 Aruba,aHewlett
ArubaLinuxCryptographic
PackardEnterprise
Module
company
(SoftwareVersion:1.0)
1344CrossmanAve. (WhenoperatedinFIPSmode.
Sunnyvale,CA94089
Themodulegenerates
USA
cryptographickeyswhose
strengthsaremodifiedby
SteveWeingart
availableentropy.)
TEL:5123192480
FAX:n/a
ValidatedtoFIPS1402
ConsolidatedValidation
CSTLab:NVLAP
Certificate
2010290
SecurityPolicy
2576 Cotap,Inc.
55NewMontgomery
Street,Ste.888
SanFrancisco,CA
94105
USA
EvanOwen
TEL:8775865682
CSTLab:NVLAP
2010290
Nexus
ValidatedtoFIPS1402
iOS5.1runningonaiPad3
ConsolidatedValidation
iOS6runningonaiPad3
Certificate
iOS7runningonaiPad3
SecurityPolicy
FIPSApprovedalgorithms:AES(Certs.#2125
and#2126)CVL(Certs.#28and#29)DRBG
(Certs.#233and#234)DSA(Certs.#666and
#667)ECDSA(Certs.#319and#320)HMAC
(Certs.#1296and#1297)RSA(Certs.#1094
and#1095)SHS(Certs.#1849and#1850)
TripleDES(Certs.#1351and#1352)
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ECDiffieHellman(keyagreement
keyestablishmentmethodologyprovidesbetween
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
55/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)RNGDualECDRBG
MultiChipStandAlone
"TheCotapCryptographicModuleprovides
cryptographicfunctionsforCotap,Inc.smobile
applications."
2575 Cellcrypt
6121LincolniaRd
Suite100
Alexandria,VA
22312
USA
RichardChen
TEL:5712439445
CSTLab:NVLAP
1004320
2430LwithoutPAA(gccCompilerVersion
ValidatedtoFIPS1402
4.8.0)Linux3.4underVmwareESXi5.1running
ConsolidatedValidation
onIntelXeonE52430LwithPAA(gccCompiler
Certificate
Version4.8.0)Linux3.4underMicrosoft
Windows2012HyperVrunningonIntelXeon
SecurityPolicy
E52430LwithoutPAA(gccCompilerVersion
4.8.0)Linux3.4underMicrosoftWindows2012
HyperVrunningonIntelXeonE52430Lwith
PAA(gccCompilerVersion4.8.0)FreeBSD10.0
runningonXeonE52430L(x86)withoutPAA
(clangCompilerVersion3.3)FreeBSD10.0
runningonXeonE52430L(x86)withPAA
(clangCompilerVersion3.3)AppleiOS7.164
bitrunningonAppleA7(ARMv8)without
NEON(clangCompilerVersion5.1)AppleiOS
7.164bitrunningonAppleA7(ARMv8)with
NEON(clangCompilerVersion5.1)iOS8.164
bitrunningonAppleA7(ARMv8)without
NEONandCryptoExtensions(clangCompiler
Version600.0.56)iOS8.164bitrunningon
AppleA7(ARMv8)withNEONandCrypto
Extensions(clangCompilerVersion
600.0.56)iOS8.132bitrunningonAppleA7
(ARMv8)withoutNEON(clangCompiler
Version600.0.56)iOS8.132bitrunningon
AppleA7(ARMv8)withNEON(clangCompiler
Version600.0.56)Android5.032bitrunningon
QualcommAPQ8084(ARMv7)withoutNEON
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
56/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
(gccCompilerVersion4.9)Android5.032bit
runningonQualcommAPQ8084(ARMv7)with
NEON(gccCompilerVersion4.9)Android5.0
64bitrunningonSAMSUNGExynos7420
(ARMv8)withoutNEONandCryptoExtensions
(gccCompilerVersion4.9)
Android5.064bitrunningonSAMSUNG
Exynos7420(ARMv8)withNEONandCrypto
Extensions(gccCompilerVersion4.9)(single
usermode)
FIPSApprovedalgorithms:AES(Certs.#1884,
#2116,#2234,#2342,#2394,#2484,#2824,
#2929,#3090and#3264)CVL(Certs.#10,#12,
#24,#36,#49,#53,#71,#85,#260,#331,#372
and#472)DRBG(Certs.#157,#229,#264,
#292,#316,#342,#485,#540,#607and#723)
DSA(Certs.#589,#661,#693,#734,#748,#764,
#853,#870,#896and#933)ECDSA(Certs.
#264,#270,#315,#347,#378,#383,#394,#413,
#496,#528,#558and#620)HMAC(Certs.
#1126,#1288,#1363,#1451,#1485,#1526,
#1768,#1856,#1937and#2063)RSA(Certs.
#1086,#1145,#1205,#1273,#1477,#1535,
#1581and#1664)SHS(Certs.#1655,#1840,
#1923,#2019,#2056,#2102,#2368,#2465,
#2553and#2702)TripleDES(Certs.#1223,
#1346,#1398,#1465,#1492,#1522,#1695,
#1742,#1780and#1853)
Otheralgorithms:ECDiffieHellmanRSA
(encrypt/decrypt)RNG
MultiChipStandAlone
"CellcryptSecureCore3FIPS1402Module
Version2.0.10isacryptographicsoftwarelibrary
providingprivacy,authenticationandintegrity
services.Therearethreemajorprotocolgroups
supported:Offlineorstoreandforwardbased
protocolsFilestorageandmessageattachments
Onlineorsessionbasedprotocols"
2574 HewlettPackard
Enterprise
DevelopmentLP
11445Compaq
CenterDr.W
Houston,TX77070
USA
Otheralgorithms:DiffieHellman(key
ValidatedtoFIPS1402
agreementkeyestablishmentmethodology
ConsolidatedValidation
providesbetween112and150bitsofencryption
Certificate
strength)ECDiffieHellman(keyagreement
keyestablishmentmethodologyprovidesbetween
SecurityPolicy
128and192bitsofencryptionstrength)RSA
(keywrappingkeyestablishmentmethodology
providesbetween112and256bitsofencryption
strength)NDRNGMD5
MultiChipEmbedded
"TheHPIntegratedLightsOut4(HPiLO4)
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
57/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
builtintoHPProLiantGen8andGen9serversis
anautonomoussecuremanagementcomponent
embeddeddirectlyontheservermotherboard.
iLOhelpssimplifyinitialserversetup,powerand
thermaloptimization,remoteserver
administration,andprovidesserverhealth
monitoringwiththeHPActiveHealthSystem
(AHS)."
2573 Aruba,aHewlett
ArubaCommon
PackardEnterprise
CryptographicModule
company
(SoftwareVersion:1.0)
1344CrossmanAve. (WhenoperatedinFIPSmode.
Sunnyvale,CA94089
Themodulegenerates
USA
cryptographickeyswhose
strengthsaremodifiedby
SteveWeingart
availableentropy.Noassurance
TEL:5123192480
oftheminimumstrengthof
FAX:n/a
generatedkeys)
CSTLab:NVLAP
ValidatedtoFIPS1402
1004320
ConsolidatedValidation
Certificate
SecurityPolicy
2572 McAfee,Inc.
NetworkSecurityPlatform
Hardware 02/25/2016 OverallLevel:2
2821MissionCollege
SensorM8000S
05/03/2016
Blvd.
(FirmwareVersion:8.1.15.14)
DesignAssurance:Level3
SantaClara,CA
(Whenoperatedwiththetamper
MitigationofOtherAttacks:N/A
95054
evidentsealsinstalledas
OperationalEnvironment:N/A
USA
indicatedintheSecurityPolicy)
FIPSApprovedalgorithms:AES(Cert.#3155)
JamesReardon
ValidatedtoFIPS1402
CVL(Certs.#407and#598)DRBG(Cert.
TEL:6516285346
ConsolidatedValidation
#648)HMAC(Cert.#1988)RSA(Certs.#1598
FAX:n/a
Certificate
and#1824)SHS(Certs.#2610and#2922)
CSTLab:NVLAP
SecurityPolicy
Otheralgorithms:NDRNGDiffieHellman
(keyagreementkeyestablishmentmethodology
1004320
provides112bitsofencryptionstrength)MD5
RC4DESHMAC(noncompliant)RSA(non
compliant)SHS(noncompliant)TripleDES
(noncompliant)
MultiChipStandAlone
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
"NetworkSecurityPlatformproducts(formerly58/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
"NetworkSecurityPlatformproducts(formerly
knownasIntruShield)areIntrusionPrevention
Systems(IPS)thatprotectnetwork
infrastructuresandendpointsfromintrusions
suchaszeroday,DoS,spyware,VoIP,botnet,
malware,phishing,andencryptedattackswith
highlyaccurate,enterpriseclassriskaware
intrusionprevention.TheNetworkSecurity
Managementsystemmanagesthesensor
deploymentsandpermitsthecustomertoreceive
realtimenetworkstatusupdatesandalerts,
implementcustomizedsecuritypoliciesand
incidentresponseplans,andperformforensic
analysisofattacks."
2571 CanonU.S.A.,Inc.
OneCanonPark
Melville,NY11747
USA
JiuyuanGe
TEL:6313305774
CSTLab:NVLAP
2004270
runningonaCanonimageRUNNERwithMEAP
ValidatedtoFIPS1402
SDK4.60SP4andCDC1.1FoundationProfile
ConsolidatedValidation
1.1withoptionalJCEproviderpackage(single
Certificate
usermode)
SecurityPolicy
FIPSApprovedalgorithms:AES(Cert.#3442)
CVL(Cert.#528)DRBG(Cert.#840)DSA
(Cert.#969)ECDSA(Cert.#694)HMAC(Cert.
#2191)KBKDF(Cert.#60)KTS(AESCert.
#3442)RSA(Cert.#1763)SHS(Cert.#2842)
TripleDES(Cert.#1939)
Otheralgorithms:DESDiffieHellman(non
compliant)ECDiffieHellman(noncompliant)
ECIESHMACMD5MD4MD5NDRNG
PBERC2RC4RNGRSA(keywrappingkey
establishmentmethodologyprovides112or128
bitsofencryptionstrengthnoncompliantless
than112bitsofencryptionstrength)RSA
OAEPTripleDES(Cert.#1939,keywrapping
keyestablishmentmethodologyprovides112bits
ofencryptionstrength)
MultiChipStandAlone
"CanonimageRUNNERCryptoModulefor
MEAPsecuritysoftwareisdesignedtohelp
protectsensitivedataasitisstoredusingstrong
encryptiontechniquestoprovideapersistent
levelofprotection.Itsupportsawiderangeof
industrystandardencryptionalgorithmsoffering
Javadeveloperstheflexibilitytochoosethe
optionmostappropriatetomeettheir
requirements"
2570 CerticomCorp.
4701TahoeBlvd.,
BuildingA
Mississauga,Ontario
L4W0B5
Canada
CerticomSupport
TEL:9055074220
FAX:n/a
CerticomSales
TEL:9055074220
FAX:n/a
SecurityBuilderLinux
Software 02/23/2016 OverallLevel:1
KernelCryptographicModule
(SoftwareVersion:1.0)
PhysicalSecurity:N/A
(WhenoperatedinFIPSmode
MitigationofOtherAttacks:N/A
andinstalled,initializedand
OperationalEnvironment:CentOS764bit
configuredasspecifiedinthe
runningonaKontronNSN2UIPNetworkServer
SecurityPolicyAppendixA)
withPAA
CentOS764bitrunningonaKontronNSN2U
ValidatedtoFIPS1402
IPNetworkServerwithoutPAA
ConsolidatedValidation
Android5.164bitrunningonaQualcomm
Certificate
SnapdragonMSM8992developmentdevice
(singleusermode)
SecurityPolicy
FIPSApprovedalgorithms:AES(Cert.#3464)
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
59/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
DRBG(Cert.#850)HMAC(Cert.#2209)SHS
(Cert.#2859)TripleDES(Cert.#1953)
CSTLab:NVLAP
2009280
Otheralgorithms:AESGCM(Cert.#3464non
compliant)AESLRWDESRNG
MultiChipStandAlone
"CerticomSecurityBuilderLinuxKernel
CryptographicModuleisasoftwareonly
externalLinuxKernelmodulethatprovides
generalpurposecryptographicservicestothe
remainderofthekernel."
2569 HiddnSecurityAS
NedreSlottgate25
Oslo0157
Norway
AtleHaga
TEL:+4792452750
FAX:+4738104499
TerjeLeira
TEL:+4791112899
FAX:+4738104499
CM1+
Hardware 02/22/2016 OverallLevel:3
(HardwareVersions:PCBAP/N
HGD59400200withPCBP/N
MitigationofOtherAttacks:N/A
HGD59300039,RevC
OperationalEnvironment:N/A
FirmwareVersions:CM1+HW
v1.8.7.4,CM1+FWv1.8.7.5)
FIPSApprovedalgorithms:AES(Cert.#3362)
ValidatedtoFIPS1402
Otheralgorithms:AES(Cert.#3362,key
ConsolidatedValidation
wrappingkeyestablishmentmethodology
Certificate
provides192bitsofencryptionstrength)
SecurityPolicy
MultiChipEmbedded
CSTLab:NVLAP
1004320
2568 SecurityFirstCorp.
29811Santa
MargaritaParkway
Suite600
RanchoSanta
Margarita,CA92688
USA
RickOrsini
TEL:9498587525
FAX:9498587092
"TheCM1+isa256bitAEShardware
encryptionengineforprotectionofdataatrest.
TheunitoperatesontheSATAprotocol
independentofthestoragedevice,whichallows
encryptionofdiskdrivesofvariousstorage
capacities."
SecureParser
(SoftwareVersion:4.7.1)
(WhenoperatedinFIPSmode)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
CSTLab:NVLAP
1004320
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
"TheSecureParserisasecurityandhighdata
availabilityarchitecturedeliveredintheformofa
60/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
availabilityarchitecturedeliveredintheformofa
softwaretoolkitthatprovidescryptographicdata
splitting(dataencryption,randomor
deterministicdistributiontomultipleshares
includingadditionalfaulttolerantbits,key
splitting,authentication,integrity,share
reassembly,keyrestorationanddecryption)of
arbitrarydata.Duringthesplitprocess,additional
redundantdatamaybeoptionallywrittentoeach
shareenablingthecapabilityofrestoringthe
originaldatawhenallsharesarenotavailable."
2567 IBMSecurity
6303BarfieldRoad
Atlanta,GA30328
USA
#1677,#1679,#1680,#1681,#1691,#1692,
ValidatedtoFIPS1402
#1693and#1694)SHS(Certs.#2718,#2720,
ConsolidatedValidation
#2721,#2722,#2740,#2741,#2742and#2743)
Certificate
TripleDES(Certs.#1867,#1869,#1870,#1871,
#1883,#1884,#1885and#1886)
SecurityPolicy
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovides112or128
bitsofencryptionstrength)DiffieHellman(key
agreementkeyestablishmentmethodology
provides112or128bitsofencryptionstrength)
ECDiffieHellman(keyagreementkey
establishmentmethodologyprovidesbetween
128and256bitsofencryptionstrength)
NDRNG
MultiChipStandAlone
"TheNetworkIntrusionPreventionSystem(IPS)
automaticallyblocksmaliciousattackswhile
preservingnetworkbandwidthandavailability.
Theappliancesarepurposebuilt,Layer2
networksecurityappliancesthatyoucandeploy
eitheratthegatewayorthenetworktoblock
intrusionattempts,denialofservice(DoS)
attacks,maliciouscode,backdoors,spyware,
peertopeerapplications,andagrowinglistof
threatswithoutrequiringextensivenetwork
reconfiguration.TheXGS3100,XGS4100,XGS
5100,andXGS7100canbesecurelymanaged
viaSiteProtector,whichisacentralmanagement
console"
2566 SkyhighNetworks
900E.HamiltonAve.
Suite400
Campbell,CA95008
USA
SkyhighNetworks
JavaCryptoModule
(HardwareVersion:N/A
FirmwareVersion:N/A
SoftwareVersion:1.0)
(WhenoperatedinFIPSmode.
Themodulegenerates
cryptographickeyswhose
strengthsaremodifiedby
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
CSTLab:NVLAP
2010290
availableentropy.Noassurance
oftheminimumstrengthof
generatedkeys.)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
FIPSApprovedalgorithms:AES(Cert.#3192)
DRBG(Cert.#668)DSA(Cert.#914)ECDSA
(Cert.#583)HMAC(Cert.#2011)RSA(Cert.
#1622)SHS(Cert.#2637)TripleDES(Cert.
#1818)
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
providesbetween112and219bitsofencryption
strengthnoncompliantlessthan112bitsof
encryptionstrength)ECDiffieHellman(key
agreementkeyestablishmentmethodology
providesbetween112and256bitsofencryption
strengthnoncompliantlessthan112bitsof
encryptionstrength)AES(noncompliant)RNG
(noncompliant)BlowfishCamelliaCAST5
CAST6ChaChaDESTripleDES(non
compliant)ElGamalGOST28147GOST3411
Grain128Grainv1HC128HC256IDEAIES
ISAACMD2MD4MD5NaccacheStern
NoekeonPasswordBasedEncryption(PBE)
RC2RC2KeyWrappingRC4RC532RC564
RC6RFC3211WrappingRFC3394Wrapping
RijndaelRipeMD128RipeMD160Ripe
MD256RipeMD320RSAEncryptionSalsa
20SEEDSEEDWrappingSerpentShacal2
SHA3(noncompliant)SHA512/t(non
compliant)Skein256*Skein512*Skein
1024*SkipjackDRBG(noncompliant)TEA
ThreefishTigerTLSv1.0KDF(non
compliant)TwofishVMPCWhirlpool
XSalsa20XTEAEngine
MultiChipStandAlone
"TheJavaCryptoModuleprovidescryptographic
functionsforSkyhighNetworkscloudvisibility
andenablementproducts."
2565 HiddnSecurityAS
NedreSlottgate25
Oslo0157
Norway
AtleHaga
TEL:+4792452750
FAX:+4738104499
TerjeLeira
TEL:+4791112899
FAX:+4738104499
CSTLab:NVLAP
1004320
2564 RedHat,Inc.
100EastDavieStreet
Raleigh,NC27601
USA
SteveGrubb
TEL:9783921000
FAX:9783921001
coCryptCM1+
Hardware 02/18/2016 OverallLevel:3
(HardwareVersions:PCBAP/N
HGD59401600withPCBP/N
MitigationofOtherAttacks:N/A
HGD59300063,RevG
OperationalEnvironment:N/A
FirmwareVersions:coCrypt
CM1+HWv1.8.8.4,CM1+FW
FIPSApprovedalgorithms:AES(Cert.#3362)
v1.8.7.5,HostControllerFW
v1.0.5.8)
Otheralgorithms:AES(Cert.#3362,key
wrappingkeyestablishmentmethodology
ValidatedtoFIPS1402
provides192bitsofencryptionstrength)
ConsolidatedValidation
Certificate
MultiChipEmbedded
SecurityPolicy
"ThecoCryptCM1+isa256bitAEShardware
encryptionenginewhichencryptsdataeithertoa
replacablemicroSDstoragecardoranUSBflash
drive.Theunitallowstheusertoexpandthe
storagecapacitywheneverneeded."
RedHatEnterpriseLinux6.6
NSSModule
(SoftwareVersion:3.14.322)
(WhenoperatedinFIPSmode.
Themodulegenerates
cryptographickeyswhose
strengthsaremodifiedby
availableentropy)
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
JaroslavReznik
TEL:+420532294
111
FAX:+420541426
177
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
CSTLab:NVLAP
2006580
x3500M4withPAA
RedHatEnterpriseLinux6.6runningonSystem
x3500M4withoutPAA
FIPSApprovedalgorithms:AES(Certs.#3076,
#3077,#3078,#3079,#3080,#3081,#3082,
#3083,#3084,#3085,#3086and#3087)CVL
(Certs.#368,#369,#370and#371)DRBG
(Certs.#603,#604,#605and#606)DSA(Certs.
#892,#893,#894and#895)ECDSA(Certs.
#554,#555,#556and#557)HMAC(Certs.
#1933,#1934,#1935and#1936)RSA(Certs.
#1577,#1578,#1579and#1580)SHS(Certs.
#2549,#2550,#2551and#2552)TripleDES
(Certs.#1776,#1777,#1778and#1779)
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)DiffieHellman(keyagreementkey
establishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)ECDiffieHellman(keyagreement
keyestablishmentmethodologyprovidesbetween
128and256bitsofencryptionstrength)MD5
MD2RC2CamelliaJPAKEDESSEED
TripleDES(Certs.#1776,#1777,#1778and
#1779,keywrappingkeyestablishment
methodologyprovides112bitsofencryption
strength)AES(Certs.#3076,#3077,#3078,
#3079,#3080,#3081,#3082,#3083,#3084,
#3085,#3086and#3087,keywrappingkey
establishmentmethodologyprovidesbetween
128and256bitsofencryptionstrength)CTS
blockchainingmode
MultiChipStandAlone
"NetworkSecurityServices(NSS)isasetof
opensourceClibrariesdesignedtosupportcross
platformdevelopmentofsecurityenabled
applications.NSSimplementsmajorInternet
securitystandards.NSSisavailablefreeof
chargeunderavarietyofopensourcecompatible
licenses.See
http://www.mozilla.org/projects/security/pki/nss/"
2563 IBMSecurity
6303BarfieldRoad
Atlanta,GA30328
USA
IBMSecuritySiteProtector
Software 02/17/2016 OverallLevel:1
SystemCryptographicModule
(SoftwareVersion:3.1.1)
Roles,Services,andAuthentication:Level2
(Wheninstalled,initializedand
PhysicalSecurity:N/A
configuredasspecifiedinthe
DesignAssurance:Level2
FerrellMoultrie
SecurityPolicySection3.The
MitigationofOtherAttacks:N/A
TEL:(404)3489293 modulegeneratescryptographic
OperationalEnvironment:MicrosoftWindows
FAX:N/A
keyswhosestrengthsare
Server2012R2StandardrunningonIBM
modifiedbyavailableentropy)
SecuritySP4001withIntelCorei72600@
CSTLab:NVLAP
3.4GHz(1CPU/4core)processor(singleuser
ValidatedtoFIPS1402
mode)
2004160
ConsolidatedValidation
Certificate
FIPSApprovedalgorithms:AES(Cert.#3279)
CVL(Cert.#462)DRBG(Cert.#737)ECDSA
SecurityPolicy
(Cert.#632)HMAC(Cert.#2076)RSA(Cert.
#1676)SHS(Cert.#2717)TripleDES(Cert.
#1866)
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovides112or12863/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
establishmentmethodologyprovides112or128
bitsofencryptionstrength)DiffieHellman(key
agreementkeyestablishmentmethodology
provides112or128bitsofencryptionstrength)
ECDiffieHellman(CVLCert.#462,key
agreementkeyestablishmentmethodology
providesbetween128and256bitsofencryption
strength)
MultiChipStandAlone
"SiteProtectorisacentralizedmanagement
systemthatunifiesmanagementandanalysisfor
network,server,anddesktopprotectionagents
andsmallnetworksorappliances.The
SiteProtectorisusedasthecentralcontrolling
pointforIBMISSappliancesdeployedonthe
network."
2562 SenetasCorporation
Ltd.andSafeNet
Inc.
312KingsWay
SouthMelbourne,
Victoria3205
Australia
JohnWeston
TEL:+6139868
4555
FAX:+6139821
4899
LaurieMack
TEL:6132215065
FAX:6137235079
CSTLab:NVLAP
2009960
2561 MedtronicCare
Management
Services,LLC
7980CenturyBlvd
Chanhassen,MN
55317
USA
BrianGolden
TEL:8882438881
CN6000SeriesEncryptors
Hardware 02/17/2016 OverallLevel:3
(HardwareVersions:Senetas
Corp.Ltd.CN6040Series:
OperationalEnvironment:N/A
A6040B(AC),A6041B(DC)
andA6042B(AC/DC)Senetas
FIPSApprovedalgorithms:AES(Certs.#3337,
Corp.Ltd.CN6100Series:
#3346,#3347and#3348)CVL(Cert.#491)
A6100B(AC),A6101B(DC)
DRBG(Cert.#779)ECDSA(Cert.#661)
andA6102B(AC/DC)Senetas
HMAC(Cert.#2128)KAS(Cert.#58)RSA
Corp.Ltd.&SafeNetInc.
(Cert.#1727)SHS(Cert.#2772)TripleDES
CN6040Series:A6040B(AC),
(Cert.#1907)
A6041B(DC)andA6042B
(AC/DC)SenetasCorp.Ltd.&
Otheralgorithms:DiffieHellman(key
SafeNetInc.CN6100Series:
agreementkeyestablishmentmethodology
A6100B(AC),A6101B(DC)
provides112bitsofencryptionstrength)EC
andA6102B(AC/DC)
DiffieHellman(keyagreementkey
FirmwareVersion:2.6.1)
establishmentmethodologyprovidesbetween
(WhenoperatedinFIPSmode)
128and256bitsofencryptionstrength)RSA
(keywrappingkeyestablishmentmethodology
ValidatedtoFIPS1402
provides112bitsofencryptionstrength)
ConsolidatedValidation
NDRNG
Certificate
MultiChipStandAlone
SecurityPolicy
"TheCN6000Seriesisahighspeedhardware
encryptionplatformthatsecuresdataoveroptical
andtwistedpairEthernetandFibreChannel
networks.ModelsvalidatedaretheCN610010G
Ethernetoperatingatalinerateof10Gb/sandthe
CN6040,EthernetandFCselectablemodel
operatingatdataratesupto4Gb/s.Dataprivacy
isprovidedbyFIPSapprovedAESCFBand
CTRalgorithms.GCMisavailableonthe
CN6040forapplicationsthatalsodemand
authentication.AdditionallyTRANSEC(also
knownasTrafficFlowSecurityorTFS)
transmissionsecuritycapabilitycanbeusedto
removepatternsfrom"
CCFMTLS/SRTP
(SoftwareVersion:1.0.2)
(WhenoperatedinFIPSmode.
Themodulegenerates
cryptographickeyswhose
strengthsaremodifiedby
availableentropy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
BenLange
TEL:8882438881
SecurityPolicy
CSTLab:NVLAP
1004320
CVL(Certs.#494and#495)DRBG(Certs.#794
and#795)HMAC(Cert.#2132)RSA(Cert.
#1716)SHS(Cert.#2776)
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrength)SRTP
KDF(noncompliant)NDRNG
MultiChipStandAlone
"CCFMTLS/SRTPfacilitatessecure
communicationfortheTLSandSRTP
protocols."
2560 UnisysCorporation
801LakeviewDrive
Suite100
BlueBell,PA19422
USA
RalphFarina
TEL:6106483460
TimothyMcCaffrey
TEL:6106484477
UnisysLinuxKernel
CryptographicAPIModule
(SoftwareVersion:1.0)
(Wheninstalled,initializedand
configuredasspecifiedinthe
SecurityPolicySection11)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
CSTLab:NVLAP
2009280
2559 VMware,Inc.
3401HillviewAve
PaloAlto,CA94304
USA
VMwareHorizonJCE(Java
CryptographicExtension)
Module
(SoftwareVersion:1.0)
(Wheninstalled,initializedand
GarySturdivant
configuredasspecifiedinthe
TEL:16504274429 SecurityPolicySection3and
operatedinFIPSmode.The
EricBetts
modulegeneratescryptographic
TEL:16504271902
keyswhosestrengthsare
modifiedbyavailableentropy.
CSTLab:NVLAP
Noassuranceoftheminimum
2009280
strengthofgeneratedkeys)
ValidatedtoFIPS1402
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
ConsolidatedValidation
Certificate
SecurityPolicy
DRBG(Cert.#905)DSA(Cert.#992)HMAC
(Cert.#2268)RSA(Cert.#1830)SHS(Cert.
#2929)TripleDES(Cert.#1987)
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovidesbetween
112and128bitsofencryptionstrengthnon
compliantlessthen112bitsofencryption
strength)AES(Cert.#3554,keywrappingkey
establishmentmethodologyprovidesbetween
128and256bitsofencryptionstrength)Triple
DES(Cert.#1987,keywrappingkey
establishmentmethodologyprovides112bitsof
encryptionstrength)TripleDES(non
compliant)RC2RC4TWOFISHIESECIES
DESMD2MD5RIPEMDTIGERISO9797
Alg3MAC
MultiChipStandAlone
"TheVMwareHorizonJCE(JavaCryptographic
Extension)Moduleisaversatilesoftwarelibrary
thatimplementsFIPS1402approved
cryptographicservicesforVMwareproductsand
platforms."
2558 McAfee,Inc.
NetworkSecurityPlatform
Hardware 02/11/2016 OverallLevel:2
2821MissionCollege
SensorM8000P
05/03/2016
Blvd.
(FirmwareVersion:8.1.15.14)
DesignAssurance:Level3
SantaClara,CA
(Whenoperatedwiththetamper
MitigationofOtherAttacks:N/A
95054
evidentsealsinstalledas
OperationalEnvironment:N/A
USA
indicatedintheSecurityPolicy)
FIPSApprovedalgorithms:AES(Cert.#3155)
JamesReardon
ValidatedtoFIPS1402
CVL(Certs.#407and#598)DRBG(Cert.
TEL:6516285346
ConsolidatedValidation
#648)HMAC(Cert.#1988)RSA(Certs.#1598
FAX:n/a
Certificate
and#1824)SHS(Certs.#2610and#2922)
CSTLab:NVLAP
SecurityPolicy
Otheralgorithms:NDRNGRSA(key
1004320
wrappingkeyestablishmentmethodology
provides112bitsofencryptionstrength)Diffie
Hellman(keyagreementkeyestablishment
methodologyprovides112bitsofencryption
strength)MD5RC4DESAES(non
compliant)HMAC(noncompliant)RSA(non
compliant)SHS(noncompliant)TripleDES
(noncompliant)SNMPKDF(noncompliant)
MultiChipStandAlone
"NetworkSecurityPlatformproducts(formerly
knownasIntruShield)areIntrusionPrevention
Systems(IPS)thatprotectnetwork
infrastructuresandendpointsfromintrusions
suchaszeroday,DoS,spyware,VoIP,botnet,
malware,phishing,andencryptedattackswith
highlyaccurate,enterpriseclassriskaware
intrusionprevention.TheNetworkSecurity
Managementsystemmanagesthesensor
deploymentsandpermitsthecustomertoreceive
realtimenetworkstatusupdatesandalerts,
implementcustomizedsecuritypoliciesand
incidentresponseplans,andperformforensic
analysisofattacks."
2557 SenetasCorporation CNSeriesEthernetEncryptors Hardware 02/11/2016 OverallLevel:3
Ltd.andSafeNet
(FirmwareVersions:2.6.1and
04/11/2016
Inc.
2.6.2)
OperationalEnvironment:N/A
312KingsWay
(WhenoperatedinFIPSmode)
SouthMelbourne,
FIPSApprovedalgorithms:AES(Certs.#3335,
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
66/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
Victoria3205
Australia
JohnWeston
TEL:+6139868
4555
FAX:+6139821
4899
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
#3342and#3343)CVL(Cert.#489)DRBG
(Cert.#777)ECDSA(Cert.#659)HMAC(Cert.
#2126)KAS(Cert.#56)RSA(Cert.#1725)
SHS(Cert.#2770)TripleDES(Cert.#1905)
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrength)EC
DiffieHellman(keyagreementkey
establishmentmethodologyprovidesbetween
128and256bitsofencryptionstrength)RSA
(keywrappingkeyestablishmentmethodology
provides112bitsofencryptionstrength)
NDRNG
LaurieMack
TEL:6132215065
FAX:6137235079
CSTLab:NVLAP
2009960
MultiChipStandAlone
"TheCN4010andCN6010arehighspeed
hardwareencryptionmodulesthatsecuredata
overtwistedpairEthernetandopticalnetworks.
Themodulessupportdataratesto1Gb/sand
100Mb/sand10Mb/smodes.TheCN6010is
additionallyequippedwithpluggableSFPsto
supportavarietyofopticalnetworkinterfaces.
DataprivacyisprovidedbyFIPSapprovedAES
CFBandCTRalgorithmsaswellasGCMfor
applicationsthatdemandauthentication.
Additionaltransmissionsecurityisprovidedvia
TRANSECcapabilitywhichcanbeusedto
removepatternsinnetworktrafficandprevent
trafficanalysis."
2556 Infineon
TechnologiesAG
AmCampeon112
Neubiberg,Bavaria
85579
Germany
RolandEbrecht
TEL:+49821
2585168
FAX:+49821
2585130
ThomasHoffmann
TEL:+49821
2585124
FAX:+49821
2585130
KBKDF(Certs.#70and#71)CVL(Certs.#579,
ValidatedtoFIPS1402
#580,#581,#582,#583and#584)KTS(AES
ConsolidatedValidation
Certs.#3523and#3524andHMACCerts.#2251
Certificate
and#2252keyestablishmentmethodology
provides128bitsofencryptionstrength)RSAEP
SecurityPolicy
(SP80056B,vendoraffirmed)
Otheralgorithms:NDRNGRSA(CVLCerts.
#580and#583,keywrappingprovides112bits
ofencryptionstrength)
CSTLab:NVLAP
1004320
SingleChip
"TheTPMisasinglechipmodulethatprovides
computermanufacturerswiththecore
componentsofasubsystemusedtoassure
authenticity,integrityandconfidentialityine
commerceandinternetcommunicationswithina
TrustedComputingPlatform.TheTPMisa
completesolutionimplementingtheTCG
specificationsVersion1.2,Revision116,1March
2011.Seewww.trustedcomputinggroup.orgfor
furtherinformationonTCGandTPM."
2555 McAfee,Inc.
2821MissionCollege
Blvd.
SantaClara,CA
NetworkSecurityPlatform
SensorM1250,M1450,M
2750,M2850,M2950,M
3050,M4050andM6050
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
95054
USA
JamesReardon
TEL:6516285346
FAX:n/a
CSTLab:NVLAP
1004320
(FirmwareVersion:8.1.15.14)
(Whenoperatedwiththetamper
evidentsealsinstalledas
indicatedintheSecurityPolicy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
OperationalEnvironment:N/A
FIPSApprovedalgorithms:AES(Cert.#3155)
CVL(Certs.#407and#598)DRBG(Cert.
#648)HMAC(Cert.#1988)RSA(Certs.#1598
and#1824)SHS(Certs.#2610and#2922)
Otheralgorithms:NDRNGRSA(key
wrappingkeyestablishmentmethodology
provides112bitsofencryptionstrength)Diffie
Hellman(keyagreementkeyestablishment
methodologyprovides112bitsofencryption
strength)MD5RC4DESAES(non
compliant)HMAC(noncompliant)RSA(non
compliant)SHS(noncompliant)TripleDES
(noncompliant)SNMPKDF(noncompliant)
MultiChipStandAlone
"NetworkSecurityPlatformproducts(formerly
knownasIntruShield)areIntrusionPrevention
Systems(IPS)thatprotectnetwork
infrastructuresandendpointsfromintrusions
suchaszeroday,DoS,spyware,VoIP,botnet,
malware,phishing,andencryptedattackswith
highlyaccurate,enterpriseclassriskaware
intrusionprevention.TheNetworkSecurity
Managementsystemmanagesthesensor
deploymentsandpermitsthecustomertoreceive
realtimenetworkstatusupdatesandalerts,
implementcustomizedsecuritypoliciesand
incidentresponseplans,andperformforensic
analysisofattacks."
X3650M4BD(singleusermode)
TEL:5122865624
ValidatedtoFIPS1402
ConsolidatedValidation
FIPSApprovedalgorithms:AES(Cert.#3131)
MarieFraser
Certificate
CVL(Cert.#397)DRBG(Cert.#753)HMAC
TEL:+35321
(Cert.#1981)RSA(Cert.#1686)SHS(Cert.
7306043
SecurityPolicy
#2600)TripleDES(Cert.#1794)
CSTLab:NVLAP
2004160
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
providesbetween112and202bitsofencryption
strength)MD5HMACMD5RSA(key
wrappingkeyestablishmentmethodology
providesbetween112and256bitsofencryption
strength)
MultiChipStandAlone
"TheIBM(R)SecurityQRadar(R)Cryptographic
SecurityKernelismultialgorithmlibrary
providinggeneralpurposecryptographic
services.Thepurposeofthemoduleistoprovide
asingleAPIforcryptographicfunctionalitythat
canprovidecentralizedcontroloverFIPS
Approvedmodestatus,provideavailabilityof
onlyFIPSApprovedalgorithmsorvendor
affirmedimplementationsofnonFIPSApproved
algorithms,andprovideforcentralizedlogging
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
68/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
andreportingofthecryptographicengine."
2553 ZOLLMedical
Corporation
269MillRoad
Chelmsford,MA
018244105
USA
BryanNewman
TEL:9784219843
FAX:n/a
NavidShaidani
TEL:9784219843
FAX:n/a
CSTLab:NVLAP
1004320
RSeriesDataCommII
Hardware 02/02/2016 OverallLevel:1
(HardwareVersion:921400207
RevAFirmwareVersion:
MitigationofOtherAttacks:N/A
03.02.007.1322)
OperationalEnvironment:N/A
(WhenoperatedinFIPSmode.
Thismodulecontainsthe
FIPSApprovedalgorithms:AES(Cert.#3276)
embeddedmoduleOpenSSL
CVL(Cert.#458)DRBG(Cert.#734)DSA
FIPSObjectModulevalidatedto
(Cert.#935)ECDSA(Cert.#631)HMAC(Cert.
FIPS1402underCert.#1747
#2074)RSA(Cert.#1688)SHS(Certs.#2714
operatinginFIPSmode.No
and#2715)TripleDES(Cert.#1864)KTS
assuranceoftheminimum
(AESCert.#3276andHMACCert.#2074key
strengthofgeneratedkeys)
establishmentmethodologyprovides256bitsof
encryptionstrength)
ValidatedtoFIPS1402
ConsolidatedValidation
Otheralgorithms:DiffieHellman(key
Certificate
agreementkeyestablishmentmethodology
provides112or128bitsofencryptionstrength
SecurityPolicy
noncompliantlessthan112bitsofencryption
strength)ECDiffieHellman(keyagreement
keyestablishmentmethodologyprovidesbetween
112and256bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)RSA(keywrappingkeyestablishment
methodologyprovidesbetween112and256bits
ofencryptionstrengthnoncompliantlessthan
112bitsofencryptionstrength)MD5RC4AES
CCM(noncompliant)
MultiChipStandAlone
"TheZOLLRSeriesDataCommIImodule
allowsdatatobewirelesslytransmitted."
2552 MotorolaSolutions,
Inc.
1301EastAlgonquin
Road
Schaumburg,IL
60196
USA
TomNguyen
TEL:8475762352
FAX:n/a
CSTLab:NVLAP
1004320
MotorolaSolutionsAstro
Hardware 02/02/2016 OverallLevel:3
SubscriberuMACELevel3
(HardwareVersion:AT8358Z04
MitigationofOtherAttacks:N/A
FirmwareVersions:R01.06.57
OperationalEnvironment:N/A
and[R01.00.02or(R01.00.02
andR01.00.03)])
FIPSApprovedalgorithms:AES(Certs.#3414
(WhenoperatedinFIPSmode
and#3415)DRBG(Cert.#820)ECDSA(Cert.
andconfiguredtoOverallLevel
#684)HMAC(Cert.#2174)RSA(Cert.#1747)
3perSecurityPolicy)
SHS(Certs.#2821and#2822)
ValidatedtoFIPS1402
Otheralgorithms:AESMAC(AESCert.#3415,
ConsolidatedValidation
vendoraffirmedP25AESOTAR)LFSR
Certificate
NDRNG
SecurityPolicy
SingleChip
"TheuMACEcryptographicprocessorisusedin
securitymodulesembeddedinMotorola'sAstro
familyofradiosystemsproducts.Itprovides
securevoiceanddatacapabilitiesaswellas
APCOOverTheAirRekeyingandadvanced
keymanagement."
2551
CSTLab:NVLAP
1004320
2550 IntelCorporation
2200MissionCollege
Blvd.
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
McAfeeLinuxCryptographic
Module
(SoftwareVersion:1.0.1)
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
MultiChipEmbedded
PhysicalSecurity:N/A
69/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
SantaClara,CA
950541549
USA
MarkHanson
TEL:6516281633
FAX:6516282701
CSTLab:NVLAP
2005560
(Wheninstalled,initializedand
configuredasindicatedinthe
SecurityPolicyinSectionSecure
Operation.Themodule
generatescryptographickeys
whosestrengthsaremodifiedby
availableentropy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
MitigationofOtherAttacks:N/A
OperationalEnvironment:McAfeeLinux2.2.3
runningonanIntelSR1530SH
McAfeeLinux2.2.3runningonanIntel
SR2625URLX
McAfeeLinux2.2.3onVMwareESXi5.0
runningonanIntelSR2625URLX(singleuser
mode)
FIPSApprovedalgorithms:AES(Certs.#3116
and#3117)CVL(Certs.#378and#379)DRBG
(Certs.#627and#628)DSA(Certs.#900and
#901)HMAC(Certs.#1953and#1954)RSA
(Certs.#1587and#1588)SHS(Certs.#2572and
#2573)TripleDES(Certs.#1787and#1788)
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
provides112or128bitsofencryptionstrength)
RSA(keywrappingkeyestablishment
methodologyprovides112or128bitsof
encryptionstrength)NDRNG
MultiChipStandAlone
"TheMcAfeeLinuxCryptographicModule
providescryptographicservicesforMcAfee
Linuxandsecurityapplianceproductsbuiltupon
thisplatform.McAfeeLinuxisanoperating
systembuiltwithafocusontheneedsofsecurity
appliances."
2549 SUSE,LLC
SUSELinuxEnterpriseServer Software 01/29/2016 OverallLevel:1
10CanalPark,Suite
12KernelCryptoAPI
200
CryptographicModule
PhysicalSecurity:N/A
Cambridge,
(SoftwareVersion:1.0)
MitigationofOtherAttacks:N/A
Massachusetts02141 (WhenoperatedinFIPSmode
OperationalEnvironment:SUSELinux
USA
withmoduleSUSELinux
EnterpriseServer12operatingonHPProLiant
EnterpriseServer12OpenSSL
DL320eGeneration8withPAA
ThomasBiege
Modulev2.0validatedtoFIPS
SUSELinuxEnterpriseServer12operatingon
TEL:+4991174053
1402underCert.#2435
HPProLiantDL320eGeneration8withoutPAA
500
operatinginFIPSmodeandwith
(singleusermode)
moduleSUSELinuxEnterprise
MichaelHager
Server12StrongSwan
FIPSApprovedalgorithms:AES(Certs.#3286,
TEL:+4991174053
CryptographicModuleversion
#3287,#3288,#3297and#3298)DRBG(Certs.
80
1.0validatedtoFIPS1402
#744,#745,#746and#747)HMAC(Certs.
underCert.#2484operatingin
#2083,#2084,#2085and#2086)RSA(Cert.
CSTLab:NVLAP
FIPSmode)
#1687)SHS(Certs.#2724,#2725,#2726and
2006580
#2727)TripleDES(Cert.#1873)
ValidatedtoFIPS1402
ConsolidatedValidation
Otheralgorithms:AnubisARC4Blowfish
Certificate
CamelliaCAST5CAST6DESFcrypt
KhazadSalsa20SEEDSerpentTEAXTEA
SecurityPolicy
XETATwofishTwokeyTripleDES(non
compliant)LRWmodeFcryptPCBCMD4
MD5MichaelMicRIPEMDTigerWhirlpool
MultiChipStandAlone
"SUSEKernelCryptoAPImoduleprovides
cryptographicservicestotheLinuxoperating
systemkernel."
2548 RedpineSignals,
Inc.
2107N.FirstStreet
#680
SanJose,CA95131
RS9113
Hardware 01/28/2016 OverallLevel:1
(HardwareVersion:6.0
FirmwareVersion:
MitigationofOtherAttacks:N/A
RS9113.N00.WC.FIPS.OSI.1.2.6
OperationalEnvironment:N/A
withBootloaderversion1.7)
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
70/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
2019
USA
MallikReddy
TEL:4087483385
Ext.202
FAX:4087052019
CSTLab:NVLAP
2008020
(WhenoperatedinFIPSmode.
Wheninitializedandconfigured
asspecifiedinSection5.2ofthe
SecurityPolicy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
FIPSApprovedalgorithms:AES(Certs.#3299
and#3300)KTS(AESCert.#3299key
establishmentmethodologyprovides112bitsof
encryptionstrength)SHS(Cert.#2628)HMAC
(Cert.#2003)RSA(Cert.#1689)DRBG(Cert.
#907)KBKDF(Cert.#50)CVL(Cert.#474)
Otheralgorithms:NDRNGDiffieHellman
(keyagreementkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)RSA(keywrappingkeyestablishment
methodologyprovides112bitsofencryption
strengthnoncompliantlessthan112bitsof
encryptionstrength)MD5HMACMD5RC4
DESHMACMD4
MultiChipEmbedded
"TheRS9113modules'familyisbasedon
RedpineSignals'RS9113ultralowpower
ConvergenceSoC.Thesemodulesofferdual
band1x1802.11n,dualmodeBluetooth4.0and
Zigbee802.15.4inasingledevice.Theyarehigh
performance,longrangeandultralowpower
modules.Themodulesprovideguaranteed
availabilityofconnectivityatalllocationswithin
thedefinedzones,availabilityatalltimes,
devices'mobility,securityofdatacollectionand
transmissiontobackenddatabase,lowpowerfor
batteryoperateddevicesandbandwidthneeds."
2547 MotorolaSolutions,
Inc.
1301EastAlgonquin
Road
Schaumburg,IL
60196
USA
TomNguyen
TEL:8475762352
FAX:n/a
CSTLab:NVLAP
1004320
MotorolaSolutionsAstro
Hardware 01/28/2016 OverallLevel:2
SubscriberuMACELevel2
(HardwareVersion:AT8358Z04
Roles,Services,andAuthentication:Level3
FirmwareVersions:R01.06.57
PhysicalSecurity:Level3
and[R01.00.02or(R01.00.02
OperationalEnvironment:Level3
andR01.00.03)])
EMI/EMC:Level3
(WhenoperatedinFIPSmode
DesignAssurance:Level3
andconfiguredtoOverallLevel
MitigationofOtherAttacks:N/A
2perSecurityPolicy)
OperationalEnvironment:N/A
ValidatedtoFIPS1402
FIPSApprovedalgorithms:AES(Certs.#3414
ConsolidatedValidation
and#3415)DRBG(Cert.#820)ECDSA(Cert.
Certificate
#684)HMAC(Cert.#2174)RSA(Cert.#1747)
SHS(Certs.#2821and#2822)
SecurityPolicy
Otheralgorithms:AESMAC(AESCert.#3415,
vendoraffirmedP25AESOTAR)LFSR
NDRNG
SingleChip
"TheuMACEcryptographicprocessorisusedin
securitymodulesembeddedinMotorola'sAstro
familyofradiosystemsproducts.Itprovides
securevoiceanddatacapabilitiesaswellas
APCOOverTheAirRekeyingandadvanced
keymanagement."
2546 SenetasCorporation
Ltd.andSafeNet
Inc.
312KingsWay
SouthMelbourne,
Victoria3205
Australia
CN1000/CN3000Series
Encryptors
(HardwareVersions:Senetas
Corp.Ltd.CN1000Series:
A5141B(AC)CN3000Series:
A5203B(AC)andA5204B
(DC)SenetasCorp.Ltd.&
SafeNetInc.CN1000Series:
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
JohnWeston
TEL:+6139868
4555
FAX:+6139821
4899
LaurieMack
TEL:6132215065
FAX:6137235079
A5141B(AC)CN3000Series:
A5203B(AC)andA5204B
(DC)FirmwareVersion:4.6.1)
(WhenoperatedinFIPSmode)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
CSTLab:NVLAP
2009960
#2127)KAS(Cert.#57)RSA(Cert.#1726)
SHS(Cert.#2771)TripleDES(Cert.#1906)
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrength)EC
DiffieHellman(keyagreementkey
establishmentmethodologyprovidesbetween
128and256bitsofencryptionstrength)RSA
(keywrappingkeyestablishmentmethodology
provides112bitsofencryptionstrength)
NDRNG
MultiChipStandAlone
"TheCN1000/CN3000Seriesisahighspeed
hardwareencryptionplatformdesignedtosecure
datatransmittedoverEthernetnetworks.The
CN1000Seriessupportslineratesof10/100/1000
MbpswhiletheCN3000extendstheCNSeries
lineratecapabilityto10Gbps.SafeNet,Inc.
makesSenetasproductsavailablegloballyunder
amasterdistributionagreementandareco
brandedassuch."
2545 HIDGlobaland
Oberthur
Technologies
611CenterRidge
Drive
Austin,TX78753
USA
JeanLucAzou
TEL:5105741738
FAX:5105740101
ChristopheGoyet
TEL:7033228951
CSTLab:NVLAP
1004320
HIDGlobalActivIDApplet
Hardware 01/26/2016 OverallLevel:2
Suitev2.7.3onOberthur
TechnologiesCosmoV8
Roles,Services,andAuthentication:Level3
(HardwareVersion:Oberthur
PhysicalSecurity:Level4
Technologies'0F'Firmware
EMI/EMC:Level3
Versions:OberthurTechnologies
DesignAssurance:Level3
'5601'andHIDGlobalActivID
OperationalEnvironment:N/A
AppletSuite2.7.3)
(WhenoperatedwithmoduleID
FIPSApprovedalgorithms:AES(Certs.#2910
OnePIVConCosmoV8
and#2911)CVL(Cert.#336)DRBG(Cert.
validatedtoFIPS1402under
#537)ECDSA(Cert.#526)KAS(Cert.#48)
Cert.#2303operatinginFIPS
KBKDF(Cert.#33)RSA(Cert.#1532)SHS
mode)
(Cert.#2449)TripleDES(Cert.#1727)
ValidatedtoFIPS1402
Otheralgorithms:NDRNGECDiffieHellman
ConsolidatedValidation
(keyagreementkeyestablishmentmethodology
Certificate
provides128bitsofencryptionstrength)
SecurityPolicy
SingleChip
"HIDGlobalActivIDAppletv2.7.3isaJava
CardappletsuitethatusestheOberthur
TechnologiesCosmov8operatingsystem.The
productcanbeusedovercontactandcontactless
interfaceandcanbeconfiguredforsupportof
GSCISv2.1andPIVstandards(NISTSP800
734andSP800784)inaPIVcommercial
(CIV)configuration."
2544 HIDGlobaland
HIDGlobalActivIDApplet
Hardware 01/26/2016 OverallLevel:2
Giesecke&Devrient Suitev2.7.3onGiesecke&
611CenterRidge
DevrientSm@rtCafExpert
Roles,Services,andAuthentication:Level3
Drive
7.0
PhysicalSecurity:Level3
Austin,TX78753
(HardwareVersion:
OperationalEnvironment:Level3
USA
SLE78CLFX4000P(M)M7892
EMI/EMC:Level3
FirmwareVersions:Sm@rtCaf
DesignAssurance:Level3
JeanLucAzou
Expert7.0andHIDGlobal
OperationalEnvironment:N/A
TEL:5105741738
ActivIDAppletSuite2.7.3)
FAX:5105740101
(Whenoperatedwithmodule
FIPSApprovedalgorithms:AES(Certs.#2720
Sm@rtCafExpert7.0validated
and#2721)CVL(Cert.#177)DRBG(Cert.
JatinDeshpande
toFIPS1402underCert.#2327
#455)ECDSA(Cert.#476)KBKDF(Cert.
TEL:6503364066
operatinginFIPSmode)
#18)RSA(Cert.#1507)SHS(Certs.#2289and
FAX:7034802124
#2290)TripleDES(Cert.#1637)
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
72/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
CSTLab:NVLAP
1004320
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
Otheralgorithms:NDRNGAES(Cert.#2721,
keywrappingkeyestablishmentmethodology
provides128bitsofencryptionstrength)EC
DiffieHellman(noncompliant)
SingleChip
"HIDGlobalActivIDAppletv2.7.3isaJava
CardappletsuitethatusestheSm@rtCafExpert
7.0operatingsystem.Theproductcanbeused
overcontactandcontactlessinterfaceandcanbe
configuredforsupportofGSCISv2.1andPIV
standards(NISTSP800734andSP800784)
inaPIVcommercial(CIV)configuration."
2543 Fortinet,Inc.
326MoodieDrive
Ottawa,ONK2H
8G3
Canada
AlanKaye
TEL:6132259381
FAX:6132252951
CSTLab:NVLAP
2009960
FortiClient5.0VPNClient
(SoftwareVersions:FortiClient
5.0,build0367,151201)
(WhenoperatedinFIPSmode
andconfiguredaccordingtothe
EntropyTokenSectionofthe
SecurityPolicy.Themodule
generatescryptographickeys
whosestrengthsaremodifiedby
availableentropy.Thereisno
assuranceoftheminimum
strengthofgeneratedkeys)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
2542 Fortinet,Inc.
326MoodieDrive
Ottawa,ONK2H
8G3
Canada
AlanKaye
TEL:6132259381
FAX:6132252951
CSTLab:NVLAP
2009960
FortiClient5.0VPNClient
(SoftwareVersions:FortiClient
5.0,build0367,151201)
(WhenoperatedinFIPSmode
andconfiguredaccordingtothe
EntropyTokenSectionofthe
SecurityPolicy.Themodule
generatescryptographickeys
whosestrengthsaremodifiedby
availableentropy.Thereisno
assuranceoftheminimum
strengthofgeneratedkeys)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
establishmentmethodologyprovides112or144
bitsofencryptionstrengthnoncompliantless
than112bitsofencryptionstrength)NDRNG
MultiChipStandAlone
"TheFortiClientVPNclientprovidesaFIPS
1402validated,IPSecandSSLVPNclientfor
Windowsplatforms."
2541 Relocation
Management
Worldwide
6077Primacy
Parkway
Suite223
Memphis,TN38119
USA
VERN(TM)RMWCrypto
Library
(SoftwareVersion:1.2)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
RobGerwing
TEL:3037165939
FAX:(303)9741108
CSTLab:NVLAP
2004160
MultiChipStandAlone
"TheVERNRMWCryptoLibraryversion1.2is
asoftwarecryptographiclibrarythatprovides
cryptographicservicestotheoverallVERNWeb
application.Thesoftwarecontains
implementationsofapprovedcryptographic
algorithms."
2540 Fortinet,Inc.
326MoodieDrive
Ottawa,ONK2H
8G3
Canada
AlanKaye
TEL:6132259381
FAX:6132252951
CSTLab:NVLAP
2009960
FortiMail1000Dand
Hardware 01/25/2016 OverallLevel:2
FortiMail3000D
(HardwareVersions:Fortimail
CryptographicModulePortsandInterfaces:
1000D:C1AA85withDisk
Level3
TraysP/N:SPD2000andPower
Roles,Services,andAuthentication:Level3
SuppliesP/N:SPFXX1000D
DesignAssurance:Level3
PS,FortiMail3000D:C1AA63
MitigationofOtherAttacks:N/A
withDiskTraysP/N:SPD2TC
OperationalEnvironment:N/A
andPowerSuppliesP/N:
D750ES1,TamperEvidentSeal
FIPSApprovedalgorithms:AES(Cert.#3500)
Kit:FIPSSEALREDFirmware
CVL(Cert.#574)DRBG(Cert.#873)HMAC
Versions:FortiMailOS5.2,
(Cert.#2239)RSA(Cert.#1801)SHS(Cert.
build0460,150922)
#2892)TripleDES(Cert.#1971)
(WhenoperatedinFIPSmode
withthetamperevidentseals
Otheralgorithms:DiffieHellman(key
installedasindicatedinthe
agreementkeyestablishmentmethodology
SecurityPolicyandconfigured
provides112bitsofencryptionstrengthnon
accordingtotheEntropyToken
compliantlessthan112bitsofencryption
SectionoftheSecurityPolicy.
strength)RSA(keywrappingkeyestablishment
Themodulegenerates
methodologyprovides112or128bitsof
cryptographickeyswhose
encryptionstrengthnoncompliantlessthan112
strengthsaremodifiedby
bitsofencryptionstrength)DESMD5HMAC
availableentropy.Thereisno
MD5
assuranceoftheminimum
strengthofgeneratedkeys)
MultiChipStandAlone
ValidatedtoFIPS1402
"TheFortiMailfamilyofemailsecurity
ConsolidatedValidation
appliancesprovideaneffectivebarrieragainstthe
Certificate
everrisingvolumeofsophisticatedspamand
malwareandincludesfeaturesdesignedto
SecurityPolicy
facilitateregulatorycompliance.FortiMail5.2
offersbothinboundandoutboundscanning,
advancedantispamandantivirusfiltering
capabilities,malwareemulationbothlocallyand
viaintegrationwithFortiSandbox,dataleak
prevention,identitybasedencryptionand
extensivequarantineandarchivingcapabilities."
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
74/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
2539 Fortinet,Inc.
326MoodieDrive
Ottawa,ONK2H
8G3
Canada
AlanKaye
TEL:6132259381
FAX:6132252951
CSTLab:NVLAP
2009960
FortiMail5.2
(FirmwareVersions:
FortiMailOS5.2,
build0460,150922)
(WhenoperatedinFIPSmode
withthetamperevidentseals
installedasindicatedinthe
SecurityPolicyandconfigured
accordingtotheEntropyToken
SectionoftheSecurityPolicy.
Themodulegenerates
cryptographickeyswhose
strengthsaremodifiedby
availableentropy.Thereisno
assuranceoftheminimum
strengthofgeneratedkeys)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
2538 Brocade
Communications
Systems,Inc.
130HolgerWay
SanJose,CA95134
USA
ChristopherMarks
TEL:4083330480
FAX:4083338101
CSTLab:NVLAP
2008020
Brocade(R)7840Extension
Hardware 01/19/2016 OverallLevel:2
Switch
(HardwareVersion:{7840
MitigationofOtherAttacks:N/A
ExtensionSwitch(P/N80
OperationalEnvironment:N/A
100800001)}withFIPSKitP/N
BrocadeXBR000195Firmware
FIPSApprovedalgorithms:AES(Certs.#2876,
Version:FabricOSv7.4.0(P/N
#2892,#2893,#3130and#3132)CVL(Certs.
51100167201))
#311,#312,#318,#319,#320,#321and#396)
(WhenoperatedinFIPSmode
DRBG(Certs.#635,#670,#671and#672)
andwhentamperevidentlabels
ECDSA(Certs.#518,#522and#523)HMAC
areinstalledasindicatedinthe
(Certs.#1814,#1828,#1829and#1952)RSA
SecurityPolicy)
(Certs.#1514,#1522and#1523)SHS(Certs.
#2417,#2435,#2436and#2571)TripleDES
ValidatedtoFIPS1402
(Certs.#1719,#1723and#1724)
ConsolidatedValidation
Certificate
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovides112bitsof
SecurityPolicy
encryptionstrengthnoncompliantlessthan112
bitsofencryptionstrength)DiffieHellman(key
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)SNMPv3KDF(noncompliant)
HMACRIPEMD160HMACSHA196(non
compliant)HMACMD5HMACMD596
DESDES3DESXRC2RC4NDRNGMD2
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
75/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
MD4MD5ARCFOURBFCAST
RIPEMD160UMAC64ECDiffieHellman
(CVLCerts.#311,#318and#320,key
agreementkeyestablishmentmethodology
providesbetween112and256bitsofencryption
strength)AES(noncompliant)IKEv2KDF
(noncompliant)SHA1(noncompliant)SHA
256(noncompliant)HMACSHA512(non
compliant)
MultiChipStandAlone
"TheBrocade7840ExtensionSwitchprovides
fast,reliableWN/MANconnectivityforremote
datareplication,backup,andmigrationwith
FibreChannelandadvancedFibreChannelover
IP(FCIP)technology."
2537
CSTLab:NVLAP
2008020
2536
CSTLab:NVLAP
2008020
2535
CSTLab:NVLAP
2008020
2534 KodiakNetworks,
Inc.
150110thStreet
Suite130
Plano,TX75074
USA
TerryBoland
TEL:9726653381
FAX:9726650198
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
PushToTalkClientCrypto
Module
(SoftwareVersion:3.6.0)
(WhenoperatedinFIPSmode)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
SanjayKulkarni
TEL:9726653222
FAX:9726650198
CSTLab:NVLAP
1004320
MultiChipStandAlone
MultiChipStandAlone
MultiChipStandAlone
PhysicalSecurity:N/A
MitigationofOtherAttacks:N/A
OperationalEnvironment:iOS8.1runningon
iPhone6andAndroid4.4runningonSamsung
GalaxyS5(singleusermode)
FIPSApprovedalgorithms:AES(Certs.#3330
and#3417)DRBG(Certs.#775and#821)
HMAC(Certs.#2121and#2175)RSA(Certs.
#1710and#1749)SHS(Certs.#2763and
#2823)TripleDES(Certs.#1901and#1928)
Otheralgorithms:RSA(noncompliant)Diffie
HellmanECDiffieHellmanMD5AESGCM
(noncompliant)DESRC4RIPEMD160
HMACMD5
MultiChipEmbedded
"KodiakPushtoTalkisacarrierintegrated
BroadbandPushtoTalkserviceplatform.Itsets
anewstandardforinstantcommunicationsby
providingPTTserviceover4GLTE,4GHSPA+,
WiFi,and3G."
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
76/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
2533 Brocade
Communications
Systems,Inc.
130HolgerWay
SanJose,CA95134
USA
ChrisMarks
TEL:4083330840
FAX:4083338101
CSTLab:NVLAP
2008020
2532
CSTLab:NVLAP
1004320
Brocade(R)MLXe(R)
Hardware 01/12/2016 OverallLevel:2
NetIron(R)EthernetRouters
(HardwareVersions:{[BR
DesignAssurance:Level3
MLXE4MR2MAC(80
MitigationofOtherAttacks:N/A
100687001),BRMLXE4
OperationalEnvironment:N/A
MR2MDC(80100687201),
BRMLXE8MR2MAC(80
FIPSApprovedalgorithms:AES(Certs.#1648,
100722501),BRMLXE8
#2154,#2717,#2946,#3030and#3144)KTS
MR2MDC(80100722601),
(AESCert.#2946,keywrappingkey
BRMLXE16MR2MAC(80
establishmentmethodologyprovides112bitsof
100682702),BRMLXE16
encryptionstrength)KTS(AESCert.#2717and
MR2MDC(80100682802),
HMACCert.#1696keyestablishment
BRMLXE4MR2XAC(80
methodologyprovides112bitsofencryption
100687403),BRMLXE4
strength)SHS(Certs.#934and#2282)RSA
MR2XDC(80100687503),
(Cert.#1413)HMAC(Certs.#538and#1696)
BRMLXE8MR2XAC(80
DRBG(Certs.#454and#684)CVL(Certs.
100722703),BRMLXE8
#175,#393,#404,#436and#437)KBKDF
MR2XDC(80100722803),
(Cert.#35)ECDSA(Certs.#546and#593)
BRMLXE16MR2XAC(80
100682904),BRMLXE16
Otheralgorithms:RSA(keywrappingkey
MR2XDC(80100683404)]
establishmentmethodologyprovides112bitsof
withComponentP/Ns80
encryptionstrength)DiffieHellman(key
100564301,80100389102,80
agreementkeyestablishmentmethodology
100298301,80100397101,80
provides112bitsofencryptionstrength)
100397201,80100381102,80
NDRNGHMACSHA196HMACMD5
100275603,80100411401,80
MD5DESTripleDES(noncompliant)EC
100411301,80100411201,80
DiffieHellman(CVLCerts.#436and#437,key
100476002,80100651102,80
agreementkeyestablishmentmethodology
100475702,80100300901,80
providesbetween128or192bitsofencryption
100305201,80100305301,80
strength)
100564403,80100787802,80
100791102,80100787902}
MultiChipStandAlone
withFIPSKitXBR000195
FirmwareVersion:MultiService
"BrocadeMLXeSeriesroutersfeatureindustry
IronWareR05.8.00a)
leading100GigabitEthernet(GbE),10GbE,and
(WhenoperatedinFIPSmode
1GbEwirespeeddensityrichIPv4,IPv6,
withthetamperevidentlabels
MultiVRF,MPLS,andCarrierEthernet
installedasspecifiedinAnnexA
capabilitieswithoutcompromisingperformance
andconfiguredasspecifiedin
andadvancedLayer2switching.Thisrelease
Tables8,12and16ofthe
introducesanewinterfacecardBRMLX
SecurityPolicy)
10GX4IPSECM,whichhasbuiltincapability
tonegotiateIKEv2sessionsandestablishIPSec
ValidatedtoFIPS1402
tunnelstoallowVirtualPrivateNetworkstobe
ConsolidatedValidation
createdwithinthenetwork.Inaddition,BR
Certificate
MLX10GX4IPSECMhasPHYlevelsupport
forMACSecprotocol."
SecurityPolicy
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
2531 IntelCorporation
McAfeeWebGateway
Hardware 01/11/2016 OverallLevel:2
2200MissionCollege
WG5000andWG5500
Blvd.
Appliances
DesignAssurance:Level3
SantaClara,CA
(HardwareVersions:5000with
MitigationofOtherAttacks:N/A
950541549
EWG5000FIPSKITand5500
OperationalEnvironment:N/A
USA
withEWG5500FIPSKIT
FirmwareVersion:7.3.2.3.4)
FIPSApprovedalgorithms:AES(Cert.#3116)
MarkHanson
(Wheninstalled,initializedand
CVL(Cert.#378)DRBG(Cert.#627)DSA
TEL:6516281633
configuredasspecifiedinthe
(Cert.#900)HMAC(Cert.#1953)RSA(Cert.
FAX:6516282701
SecurityPolicySectionSecure
#1587)SHS(Cert.#2572)TripleDES(Cert.
Operation.Themodule
#1787)
CSTLab:NVLAP
generatescryptographickeys
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
77/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
2005560
whosestrengthsaremodifiedby
availableentropy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrength)RSA
(keywrappingkeyestablishmentmethodology
provides112or128bitsofencryptionstrength)
NDRNG
MultiChipStandAlone
"TheMcAfeeWebGatewayisahigh
performance,enterprisestrengthproxysecurity
appliancefamilythatprovidesthecaching,
authentication,administration,authorization
controlsanddeeplevelcontentsecurityfiltering
requiredbytoday'smostdemandingenterprises.
McAfeeWebGatewayWG5000andWG5500
Appliancesdeliverscalabledeployment
flexibilityandperformance.McAfeeWeb
GatewayWG5000andWG5500Appliances
delivercomprehensivesecurityforallaspectsof
Web2.0traffic."
2530 Brocade
Communications
Systems,Inc.
130HolgerWay
SanJose,CA95134
USA
ChrisMarks
TEL:4083330480
FAX:4083338101
CSTLab:NVLAP
2008020
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
78/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
123400000833AR0180
1008334018010083330180
1008332018010083310180
1005261048010052590480
1005262038010052600380
1007165038010071660380
10083080180100830901)],
[FISX800S(80100305003
80100714303),FISX1600AC
(80100276402801007137
02),FISX1600DC(80
10030050280100713802),
withComponents(801002957
0380100648602801007350
0280100660701801007349
0180100388302801003886
021145600511457006
18072004)]}withFIPSKit
XBR000195(80100200602)
FirmwareVersion:IronWare
R08.0.20a)
(WhenoperatedinFIPSmode
withtamperevidentlabels
installedandwiththe
configurationsinTables4,7,12
and13asdefinedintheSecurity
Policy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
2529 Fortinet,Inc.
326MoodieDrive
Ottawa,ONK2H
8G3
Canada
AlanKaye
TEL:6132259381
FAX:6132252951
CSTLab:NVLAP
2009280
andscalabilityrequiredforenterpriseGigabit
Ethernet("
FortiAnalyzer200D
Hardware 01/11/2016 OverallLevel:2
(HardwareVersion:C4FA20
01AA0000withTamper
CryptographicModulePortsandInterfaces:
EvidentSealKits:FIPSSEAL
Level3
REDFirmwareVersion:v5.2.4
Roles,Services,andAuthentication:Level3
build0738150923(GA))
DesignAssurance:Level3
(WhenoperatedinFIPSmode
MitigationofOtherAttacks:N/A
withthetamperevidentseals
OperationalEnvironment:N/A
installedasindicatedinthe
SecurityPolicyandconfigured
FIPSApprovedalgorithms:AES(Cert.#3595)
accordingtotheEntropyToken
CVL(Cert.#617)DRBG(Cert.#930)HMAC
SectionoftheSecurityPolicy.
(Cert.#2292)RSA(Cert.#1849)SHS(Cert.
Themodulegenerates
#2957)TripleDES(Cert.#2002)
cryptographickeyswhose
strengthsaremodifiedby
Otheralgorithms:DiffieHellman(key
availableentropy.Thereisno
agreementkeyestablishmentmethodology
assuranceoftheminimum
providesbetween112and201bitsofencryption
strengthofgeneratedkeys)
strengthnoncompliantlessthan112bitsof
encryptionstrength)RSA(keywrappingkey
ValidatedtoFIPS1402
establishmentmethodologyprovides112or128
ConsolidatedValidation
bitsofencryptionstrengthnoncompliantless
Certificate
than112bitsofencryptionstrength)DESMD5
HMACMD5
SecurityPolicy
MultiChipStandAlone
"TheFortiAnalyzerfamilyoflogging,analyzing,
andreportingappliancessecurelyaggregatelog
datafromFortinetdevicesandothersyslog
compatibledevices.Usingacomprehensivesuite
ofcustomizablereports,userscanfilterand
reviewrecords,includingtraffic,event,virus,
attack,Webcontent,andemaildata."
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
79/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
2528 Fortinet,Inc.
326MoodieDrive
Ottawa,ONK2H
8G3
Canada
AlanKaye
TEL:6132259381
FAX:6132252951
CSTLab:NVLAP
2009280
FortiAnalyzer3000D
Hardware 01/10/2016 OverallLevel:2
(HardwareVersion:C1AA61
03AA0000withTamper
CryptographicModulePortsandInterfaces:
EvidentSealKits:FIPSSEAL
Level3
REDFirmwareVersion:v5.2.4
Roles,Services,andAuthentication:Level3
build0738150923(GA))
DesignAssurance:Level3
(WhenoperatedinFIPSmode
MitigationofOtherAttacks:N/A
withthetamperevidentseals
OperationalEnvironment:N/A
installedasindicatedinthe
SecurityPolicyandconfigured
FIPSApprovedalgorithms:AES(Cert.#3595)
accordingtotheEntropyToken
CVL(Cert.#617)DRBG(Cert.#930)HMAC
SectionoftheSecurityPolicy.
(Cert.#2292)RSA(Cert.#1849)SHS(Cert.
Themodulegenerates
#2957)TripleDES(Cert.#2002)
cryptographickeyswhose
strengthsaremodifiedby
Otheralgorithms:DiffieHellman(key
availableentropy.Thereisno
agreementkeyestablishmentmethodology
assuranceoftheminimum
providesbetween112and201bitsofencryption
strengthofgeneratedkeys)
strengthnoncompliantlessthan112bitsof
encryptionstrength)RSA(keywrappingkey
ValidatedtoFIPS1402
establishmentmethodologyprovides112or128
ConsolidatedValidation
bitsofencryptionstrengthnoncompliantless
Certificate
than112bitsofencryptionstrength)DESMD5
HMACMD5
SecurityPolicy
MultiChipStandAlone
"TheFortiAnalyzerfamilyoflogging,analyzing,
andreportingappliancessecurelyaggregatelog
datafromFortinetdevicesandothersyslog
compatibledevices.Usingacomprehensivesuite
ofcustomizablereports,userscanfilterand
reviewrecords,includingtraffic,event,virus,
attack,Webcontent,andemaildata."
2527 FrancotypPostalia
GmbH
Prenzlauer
Promenade28
Berlin13089
Germany
DirkRosenau
TEL:+4930220660
616
FAX:+4930220
660494
HasbiKabacaoglu
TEL:+4930220660
616
FAX:+4930220
660494
PostalmRevenectorUS2014
(HardwareVersion:Hardware
P/N:580036020300/01
FirmwareVersion:Bootloader:
90.0036.0201.00/2011485001
Softwareloader:
90.0036.0206.00/2011485001
USApplication:
90.0036.0216.00/2014472001)
(Themodulegenerates
cryptographickeyswhose
strengthsaremodifiedby
availableentropy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
FortiAnalyzer5.2
(FirmwareVersion:v5.2.4
build0738150923(GA))
(WhenoperatedinFIPSmode
andconfiguredaccordingtothe
EntropyTokenSectionofthe
SecurityPolicy.Themodule
CSTLab:NVLAP
2009830
2526 Fortinet,Inc.
326MoodieDrive
Ottawa,ONK2H
8G3
Canada
AlanKaye
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
OperationalEnvironment:N/A
FIPSApprovedalgorithms:AES(Cert.#1493)
DRBG(Cert.#61)ECDSA(Cert.#559)HMAC
(Cert.#878)KAS(Cert.#16)RSA(Certs.#732
and#785)SHS(Cert.#1346)TripleDES(Cert.
#1122)
Otheralgorithms:NDRNG
MultiChipEmbedded
"FrancotypPostalia(FP)isoneoftheleading
globalsuppliersofmailcentersolutions.Amajor
componentofthebusinessofFPisthe
development,manufactureandsupportofpostal
frankingmachines(postagemeters).Thesepostal
frankingmachinesincorporateapostalsecurity
device(PSD)thatperformsallpostagemeter
cryptographicandpostalsecurityfunctionsand
whichprotectsbothCriticalSecurityParameters
(CSPs)andPostalRelevantDataItems(PRDIs)
fromunauthorizedaccess.ThePostal
mRevenectorUS2014isFPslatestgenerationof
PSD.Thecryptographicmoduleneitherrelie"
CryptographicModulePortsandInterfaces:
Level3
Roles,Services,andAuthentication:Level3
DesignAssurance:Level3
MitigationofOtherAttacks:N/A
80/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
TEL:6132259381
FAX:6132252951
CSTLab:NVLAP
2009280
generatescryptographickeys
whosestrengthsaremodifiedby
availableentropy.Thereisno
assuranceoftheminimum
strengthofgeneratedkeys)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
OperationalEnvironment:FortiAnalyzer200D
withtheFortinetentropytoken(partnumber
FTRENT1)
FIPSApprovedalgorithms:AES(Cert.#3595)
CVL(Cert.#617)DRBG(Cert.#930)HMAC
(Cert.#2292)RSA(Cert.#1849)SHS(Cert.
#2957)TripleDES(Cert.#2002)
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
providesbetween112and201bitsofencryption
strengthnoncompliantlessthan112bitsof
encryptionstrength)RSA(keywrappingkey
establishmentmethodologyprovides112or128
bitsofencryptionstrengthnoncompliantless
than112bitsofencryptionstrength)DESMD5
HMACMD5
MultiChipStandAlone
"TheFortiAnalyzerfamilyoflogging,analyzing,
andreportingappliancessecurelyaggregatelog
datafromFortinetdevicesandothersyslog
compatibledevices.Usingacomprehensivesuite
ofcustomizablereports,userscanfilterand
reviewrecords,includingtraffic,event,virus,
attack,Webcontent,andemaildata."
2525 CounterTack,Inc.
100FifthAve.,
FirstFloor
Waltham,MA02451
1208
USA
AaronRuby
TEL:8558935428
FAX:7032243049
CounterTackSentinel
EndpointModule
(SoftwareVersion:3.6.6)
(WhenoperatedinFIPSmode)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
StanEramia
TEL:8558935428
FAX:7032243049
CSTLab:NVLAP
1004320
2524 HyTrust,Inc.
1975WElCamino
Real,Suite203
MountainView,CA
94040
USA
HyTrustKeyControl(TM)
CryptographicModule
(SoftwareVersion:1.0)
(Themodulegenerates
cryptographickeyswhose
strengthsaremodifiedby
availableentropy)
BillHackenberger
TEL:6506818120
ValidatedtoFIPS1402
FAX:6506818101
ConsolidatedValidation
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
FAX:6506818101
CSTLab:NVLAP
2008020
ConsolidatedValidation
Certificate
SecurityPolicy
FIPSApprovedalgorithms:AES(Certs.#3397,
#3431and#3432)DRBG(Cert.#813)HMAC
(Cert.#2168)SHS(Cert.#2813)
Otheralgorithms:RSA(keywrappingkey
establishmentmethodologyprovides112bitsof
encryptionstrength)NDRNG
MultiChipStandAlone
"HyTrustKeyControlisakeymanagement
systemthatisavailableinthreedifferentformats
(ISO,OVAandAMI)andcanberunonphysical
x86basedhardwareasavirtualmachineandon
oneofanumberofdifferenthypervisorplatforms
orasacombinationofbothwhenrunningin
clusteredmode."
2523 IntelCorporation
2200MissionCollege
Blvd.
SantaClara,CA
950541549
USA
MarkHanson
TEL:6516281633
FAX:6516282701
CSTLab:NVLAP
2005560
McAfeeWebGatewayWBG
5000CandWBG5500C
Appliances
(HardwareVersions:WBG
5000CandWBG5500C
FirmwareVersion:7.3.2.3.4)
(Wheninstalled,initializedand
configuredasspecifiedinthe
SecurityPolicySectionSecure
Operation.Themodule
generatescryptographickeys
whosestrengthsaremodifiedby
availableentropy)
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
2522 IntelCorporation
McAfeeWebGatewayVirtual
2200MissionCollege
Appliance
Blvd.
(SoftwareVersion:7.3.2.3.4)
SantaClara,CA
(Wheninstalled,initializedand
950541549
configuredasspecifiedinthe
USA
SecurityPolicySectionSecure
Operation.Themodule
MarkHanson
generatescryptographickeys
TEL:6516281633
whosestrengthsaremodifiedby
FAX:6516282701
availableentropy)
CSTLab:NVLAP
ValidatedtoFIPS1402
2005560
ConsolidatedValidation
Certificate
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
SecurityPolicy
Otheralgorithms:DiffieHellman(key
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)RSA(keywrappingkeyestablishment
methodologyprovides112bitsofencryption
strengthnoncompliantlessthan112bitsof
encryptionstrength)NDRNG
MultiChipStandAlone
"TheMcAfeeWebGatewayisahigh
performance,enterprisestrengthproxysecurity
appliancefamilythatprovidesthecaching,
authentication,administration,authorization
controlsanddeeplevelcontentsecurityfiltering
requiredbytoday'smostdemandingenterprises.
TheMcAfeeWebGatewayVirtualAppliance
deliversscalabledeploymentflexibilityand
performance.TheMcAfeeWebGatewayVirtual
Appliancedeliverscomprehensivesecurityforall
aspectsofWeb2.0traffic."
#2879)
TEL:+8145890
ValidatedtoFIPS1402
2856
ConsolidatedValidation
Otheralgorithms:NDRNG
FAX:+8145890
Certificate
2593
MultiChipEmbedded
SecurityPolicy
CSTLab:NVLAP
"TheToshibaTCGEnterpriseSSCSelf
2008220
EncryptingSolidStateDriveisusedforsolid
statedrivedatasecurity.ThisCryptographic
Module(CM)providesvariouscryptographic
servicesusingFIPSapprovedalgorithms.
Servicesincludehardwarebaseddataencryption,
cryptographicerase,independentlyprotecteduser
dataLBAbands,andFWdownload."
2520 ToshibaCorporation ToshibaTCGEnterpriseSSC
11,Shibaura1
SelfEncryptingSolidState
chome
Drive(PX04Smodel)TypeB
Minatoku
(HardwareVersions:A0with
Tokyo,Tokyo105
PX04SVQ080B[1],A0with
8001
PX04SVQ160B[1],A0with
Japan
PX04SVQ048B[2],A0with
PX04SVQ096B[2],A0with
AkihiroKimura
PX04SVQ192B[2],A2with
TEL:+8145890
PX04SVQ040B[3],A2with
2856
PX04SVQ080B[3],A2with
FAX:+8145890
PX04SVQ160B[3],A2with
2593
PX04SRQ192B[3]Firmware
Versions:ZW00[1],0501[1][2],
CSTLab:NVLAP
MS00[1],MD04[3])
2008220
ValidatedtoFIPS1402
ConsolidatedValidation
Certificate
SecurityPolicy
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
2519 HewlettPackard,
Enterprise.
10810FarnamDrive
OMA01
Omaha,NE68154
USA
BobPittman
TEL:9782645211
FAX:9782645522
CSTLab:NVLAP
2004270
HPFlexFabric5900CPand
Hardware 01/05/2016 OverallLevel:2
12910SwitchSeries
01/08/2016
(HardwareVersions:HP12910
MitigationofOtherAttacks:N/A
and[HP5900CPwithJG719A]
OperationalEnvironment:N/A
withFIPSKit:JG585Aor
JG586AFirmwareVersion:
FIPSApprovedalgorithms:AES(Certs.#2945,
7.1.045)
#2985,#2988and#2989)CVL(Certs.#343and
(WhenoperatedinFIPSmode
#364)DRBG(Certs.#548and#571)DSA
withopacityshieldandtamper
(Certs.#877and#888)HMAC(Certs.#1868,
evidentlabelsinstalledas
#1891,#1894and#1895)RSA(Certs.#1548
indicatedintheSecurityPolicy)
and#1566)SHS(Certs.#2481,#2506,#2509
and#2510)
ValidatedtoFIPS1402
ConsolidatedValidation
Otheralgorithms:DESDiffieHellman(key
Certificate
agreementkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
SecurityPolicy
compliantlessthan112bitsofencryption
strength)HMACMD5MD5RC4RSA(key
wrappingkeyestablishmentmethodology
provides112bitsofencryptionstrengthnon
compliantlessthan112bitsofencryption
strength)
MultiChipStandAlone
"TheHPFlexFabric5900CPSwitchSeries
providesaconverged,topofrack,datacenter
switcharchitecturethatofferswireoncefor
FCoEconvergedenvironments.With48
convergedportsthatsupport1/10GbEand4/8
FC,theFlexFabric5900CPdeliversversatile
convergenceforconnectingFC,iSCSIandFC
SANs.TheHPFlexFabric12910Switchisa
nextgenerationmodulardatacentercoreswitch
designedtosupportvirtualizeddatacentersand
theevolvingneedsofprivateandpubliccloud
deployments.TheFlexFabric12910switch
deliversunprecedentedlevelsofperformance,
buffering,scale,andav"
2518 Fortinet,Inc.
326MoodieDrive
Ottawa,ONK2H
8G3
Canada
AlanKaye
TEL:6132259381
x7416
FAX:6132252951
CSTLab:NVLAP
2009280
FortiManager4000D
Hardware 01/05/2016 OverallLevel:2
(HardwareVersion:C1AA62
01AA0000withTamper
CryptographicModulePortsandInterfaces:
EvidentSealKits:FIPSSEAL
Level3
REDFirmwareVersion:v5.2.4
Roles,Services,andAuthentication:Level3
build0738150923(GA))
DesignAssurance:Level3
(WhenoperatedinFIPSmode
MitigationofOtherAttacks:N/A
withthetamperevidentseals
OperationalEnvironment:N/A
installedasindicatedinthe
SecurityPolicyandconfigured
FIPSApprovedalgorithms:AES(Cert.#3594)
accordingtotheEntropyToken
CVL(Cert.#616)DRBG(Cert.#929)HMAC
SectionoftheSecurityPolicy.
(Cert.#2291)RSA(Cert.#1848)SHS(Cert.
Themodulegenerates
#2956)TripleDES(Cert.#2001)
cryptographickeyswhose
strengthsaremodifiedby
Otheralgorithms:DiffieHellman(key
availableentropy.Thereisno
agreementkeyestablishmentmethodology
assuranceoftheminimum
providesbetween112and201bitsofencryption
strengthofgeneratedkeys)
strengthnoncompliantlessthan112bitsof
encryptionstrength)RSA(keywrappingkey
ValidatedtoFIPS1402
establishmentmethodologyprovides112or128
ConsolidatedValidation
bitsofencryptionstrengthnoncompliantless
Certificate
than112bitsofencryptionstrength)DESMD5
HMACMD5
SecurityPolicy
MultiChipStandAlone
"TheFortiManagerOSisafirmwareoperating
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
84/85
7/4/2016
ValidatedFIPS1401andFIPS1402CryptographicModules
systemthatrunsexclusivelyonFortinet's
FortiManagerproductfamily.FortiManagerunits
arePCbased,purposebuiltappliances."
2517 Fortinet,Inc.
326MoodieDrive
Ottawa,ONK2H
8G3
Canada
AlanKaye
TEL:6132259381
x7416
FAX:6132252951
CSTLab:NVLAP
2009280
FortiManager1000D
Hardware 01/05/2016 OverallLevel:2
(HardwareVersion:C1AA82
01AA0000withTamper
CryptographicModulePortsandInterfaces:
EvidentSealKits:FIPSSEAL
Level3
REDFirmwareVersion:v5.2.4
Roles,Services,andAuthentication:Level3
build0738150923(GA))
DesignAssurance:Level3
(WhenoperatedinFIPSmode
MitigationofOtherAttacks:N/A
withthetamperevidentseals
OperationalEnvironment:N/A
installedasindicatedinthe
SecurityPolicyandconfigured
FIPSApprovedalgorithms:AES(Cert.#3594)
accordingtotheEntropyToken
CVL(Cert.#616)DRBG(Cert.#929)HMAC
SectionoftheSecurityPolicy.
(Cert.#2291)RSA(Cert.#1848)SHS(Cert.
Themodulegenerates
#2956)TripleDES(Cert.#2001)
cryptographickeyswhose
strengthsaremodifiedby
Otheralgorithms:DiffieHellman(key
availableentropy.Thereisno
agreementkeyestablishmentmethodology
assuranceoftheminimum
providesbetween112and201bitsofencryption
strengthofgeneratedkeys)
strengthnoncompliantlessthan112bitsof
encryptionstrength)RSA(keywrappingkey
ValidatedtoFIPS1402
establishmentmethodologyprovides112or128
ConsolidatedValidation
bitsofencryptionstrengthnoncompliantless
Certificate
than112bitsofencryptionstrength)DESMD5
HMACMD5
SecurityPolicy
MultiChipStandAlone
"FortiManagerNetworkSecurityManagement
Appliancesweredesignedtoprovidesecurity
managementforlargeenterpriseorganizations
andserviceproviders.Theyenableyouto
centrallymanageanynumberofFortinetdevices,
includingFortiManager,FortiWiFi,and
FortiCarrier.FortiManagerprovidesthehigh
performanceandscalabilityyouneedto
efficientlyapplypoliciesanddistributecontent
security/firmwareupdates,regardlessofthesize
ofyournetwork."
http://csrc.nist.gov/groups/STM/cmvp/documents/1401/1401val2016.htm
85/85