nShield F3 10+ 500+ 6000+ & nShield F3 500+ 1500+ 6000+ for nShield Connect+, Connect CLX and HSMi

Certificate #4337

Webpage information

Status active
Validation dates 16.10.2022
Sunset date 21-09-2026
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Multi-Chip Embedded
Caveat When operated in FIPS mode and initialized to Overall Level 2 per Security Policy
Exceptions
  • Roles, Services, and Authentication: Level 3
  • Physical Security: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Description The nShield modules: nShield F3 10+ 500+ 6000+ & nShield F3 500+ 1500+ 6000+ for nShield Connect+, Connect CLX and HSMi are tamper evident and tamper responsive Hardware Security Modules which provide support for the widest range of cryptographic algorithms, application programming interfaces (APIs) and host operating systems, enabling the devices to be used with virtually any business application. The units are identical in operation and only vary in the processing speed.
Version (Hardware) nC4033E-010, nC4433E-500, nC4433E-6K0, nC4433E-500N, nC4433E-1K5N and nC4433E-6K0N, Build Standard N
Version (Firmware) 12.72.0
Vendor Entrust
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Certificate
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES, CAST, RC4, DES, TDES, Triple-DES, Camellia, SEED, HMAC, CMAC
Asymmetric Algorithms
ECDH, ECDSA, ECIES, DH, Diffie-Hellman, DSA
Hash functions
SHA-1, SHA1, SHA-256, SHA256, SHA-224, SHA-512, SHA224, SHA384, SHA512, MD5, RIPEMD-160
Schemes
MAC, KA, Key Agreement
Randomness
DRBG
Elliptic Curves
P-224, P-384, P-521, P-192, K-233, K-409, K-571, B-233, B-409, B-571, NIST P-521, K-163, B-163, Ed25519
Block cipher modes
ECB, CBC, CTR, GCM

JavaCard API constants
X25519
Trusted Execution Environments
Secure Execution
Vendor
Microsoft, Microsoft Corporation

Security level
Level 2, level 3, Level 3, level 2

Standards
FIPS 140-2, FIPS 197, FIPS 186-4, SP 800-108, NIST SP 800-90B, SP 800-90A, PKCS#1, PKCS#8, RFC 5639, RFC2612, RFC6979

File metadata

Title nShield Word Template
Author Dieguez, Ignacio
Creation date D:20221013172011+02'00'
Modification date D:20221013172011+02'00'
Pages 39
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

Heuristics

No heuristics are available for this certificate.

References

No references are available for this certificate.

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4337,
  "dgst": "2657482116a56061",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "AES#A1931",
        "RSA#A1931",
        "HMAC#A1931",
        "KTS-RSA#A1931",
        "DRBG#A1931",
        "KTS#A1931",
        "DSA#A1931",
        "ECDSA#A1931",
        "KAS#A1931",
        "KBKDF#A1931",
        "SHS#A1931",
        "Triple-DES#A1931"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "12.72.0"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECDH": {
            "ECDH": 7
          },
          "ECDSA": {
            "ECDSA": 10
          },
          "ECIES": {
            "ECIES": 1
          }
        },
        "FF": {
          "DH": {
            "DH": 8,
            "Diffie-Hellman": 3
          },
          "DSA": {
            "DSA": 29
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 5
        },
        "CTR": {
          "CTR": 2
        },
        "ECB": {
          "ECB": 3
        },
        "GCM": {
          "GCM": 3
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {
        "KA": {
          "KA": 22,
          "Key Agreement": 4
        },
        "MAC": {
          "MAC": 12
        }
      },
      "device_model": {},
      "ecc_curve": {
        "Edwards": {
          "Ed25519": 1
        },
        "NIST": {
          "B-163": 3,
          "B-233": 3,
          "B-409": 1,
          "B-571": 4,
          "K-163": 3,
          "K-233": 1,
          "K-409": 1,
          "K-571": 4,
          "NIST P-521": 1,
          "P-192": 6,
          "P-224": 4,
          "P-384": 4,
          "P-521": 11
        }
      },
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES 128, 192": 1,
          "HMAC SHA-256": 1,
          "HMAC- SHA256": 1,
          "HMAC-SHA1": 2,
          "HMAC-SHA256": 6,
          "PKCS#1": 2,
          "PKCS#8": 2,
          "SHA- 256": 1,
          "SHA- 384": 1,
          "SHA-1": 4,
          "SHA-224": 1,
          "SHA-256": 5,
          "SHA-512": 1,
          "SHA1": 2,
          "SHA224": 1,
          "SHA256": 2,
          "SHA384": 1,
          "SHA512": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 2": 38,
          "Level 3": 1,
          "level 2": 1,
          "level 3": 1
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 2
          }
        },
        "RIPEMD": {
          "RIPEMD-160": 2
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 4,
            "SHA1": 2
          },
          "SHA2": {
            "SHA-224": 1,
            "SHA-256": 5,
            "SHA-512": 1,
            "SHA224": 1,
            "SHA256": 2,
            "SHA384": 1,
            "SHA512": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {
        "curves": {
          "X25519": 1
        }
      },
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 22
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 44,
          "FIPS 186-4": 1,
          "FIPS 197": 1
        },
        "NIST": {
          "NIST SP 800-90B": 1,
          "SP 800-108": 2,
          "SP 800-90A": 1
        },
        "PKCS": {
          "PKCS#1": 1,
          "PKCS#8": 1
        },
        "RFC": {
          "RFC 5639": 3,
          "RFC2612": 1,
          "RFC6979": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 29
          },
          "CAST": {
            "CAST": 1
          },
          "RC": {
            "RC4": 1
          }
        },
        "DES": {
          "3DES": {
            "TDES": 3,
            "Triple-DES": 1
          },
          "DES": {
            "DES": 2
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 5,
            "HMAC": 11
          }
        },
        "miscellaneous": {
          "Camellia": {
            "Camellia": 1
          },
          "SEED": {
            "SEED": 1
          }
        }
      },
      "tee_name": {
        "IBM": {
          "Secure Execution": 1
        }
      },
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 1,
          "Microsoft Corporation": 1
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Dieguez, Ignacio",
      "/CreationDate": "D:20221013172011+02\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20221013172011+02\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "/Title": "nShield Word Template",
      "pdf_file_size_bytes": 927341,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31150",
          "https://nshieldsupport.entrust.com/",
          "mailto:[email protected]",
          "https://www.entrust.com/",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14434"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 39
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "70902157005a4d7a5584df1e0dbdda717630464114cb475978912c06cd9aa1fb",
    "policy_txt_hash": "c50857799d6897cdae92ffa521bcded1751dfc1eae34ff0bc6b82b8d97f90780"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode and initialized to Overall Level 2 per Security Policy",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/October 2022_021122_1233_signed.pdf",
    "date_sunset": "2026-09-21",
    "description": "The nShield modules: nShield F3 10+ 500+ 6000+ \u0026 nShield F3 500+ 1500+ 6000+ for nShield Connect+, Connect CLX and HSMi are tamper evident and tamper responsive Hardware Security Modules which provide support for the widest range of cryptographic algorithms, application programming interfaces (APIs) and host operating systems, enabling the devices to be used with virtually any business application. The units are identical in operation and only vary in the processing speed.",
    "embodiment": "Multi-Chip Embedded",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Physical Security: Level 3",
      "EMI/EMC: Level 3",
      "Design Assurance: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "12.72.0",
    "historical_reason": null,
    "hw_versions": "nC4033E-010, nC4433E-500, nC4433E-6K0, nC4433E-500N, nC4433E-1K5N and nC4433E-6K0N, Build Standard N",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "nShield F3 10+ 500+ 6000+ \u0026 nShield F3 500+ 1500+ 6000+ for nShield Connect+, Connect CLX and HSMi",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2022-10-16",
        "lab": "Lightship Security, Inc.",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Entrust",
    "vendor_url": "http://www.entrust.com"
  }
}