X5 Postal Security Device (PSD)

Certificate #4933

Webpage information ?

Status active
Validation dates 24.12.2024
Sunset date 23-12-2026
Standard FIPS 140-3
Security level 3
Type Hardware
Embodiment Single Chip
Caveat Interim Validation; When operated in approved mode; No assurance of the minimum strength of generated SSPs (e.g., keys).
Exceptions
  • Operational environment: N/A
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Description The X5 Postal Security Device (PSD) is a single-chip cryptographic module designed by Pitney Bowes, Inc. (PB) to conform with FIPS 140-3 Security Level 3 requirements. The device includes the Maxim Integrated MAX32590 DeepCover Secure Microcontroller hardware component. The PSD Application and DAL are compiled into a single firmware. The X5 Postal Security Device (PSD) provides cryptographic services to a host device (i.e., Digital Postage Meter), to support postage evidence in the form of an indicium. A PSD provides protection that includes ensuring the secrecy of sensitive security parameters (SSPs) such as cryptographic keys and providing data integrity protection for funds relevant data items (FRDIs) such as accounting data. SSPs and FRDIs reside inside the strong physical protections of the X5 Postal Security Device (PSD).
Version (Hardware) Maxim Integrated MAX32590 DeepCover Secure Microcontroller - Revision B4
Version (Firmware) PSD Application: 22.01.000D & 22.01.000F Device Abstraction Layer (DAL): 02.01.000F & 02.01.00013
Vendor Pitney Bowes, Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, AES-, CAST, DES, Triple-DES, HMAC, HMAC-SHA-256
Asymmetric Algorithms
RSA 2048, ECDH, ECDSA, ECC, DH, DSA
Hash functions
SHA-256
Schemes
MAC
Randomness
DRBG, RBG
Elliptic Curves
P-224, P-256

Trusted Execution Environments
PSP, SSC

Security level
Level 3, Level 1

Standards
FIPS 140-3, FIPS 197, FIPS 186-4, FIPS 198-1, FIPS 180-4, FIPS186-4, FIPS 186-5, NIST SP 800-38F, NIST SP 800-90A, NIST SP 800-56A, NIST SP 800-56C, PKCS1, ISO/IEC 19790

File metadata

Author Hawes, David J. (Fed)
Creation date D:20241217074233-08'00'
Modification date D:20241217074233-08'00'
Pages 36
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

  • 30.12.2024 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4933,
  "dgst": "26da1548ae1645e0",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "ECDSA KeyGen (FIPS186-4)A2437",
        "AES-KWA2435",
        "AES-ECBA2435",
        "KAS-ECC-SSC Sp800-56Ar3A2439",
        "RSA SigVer (FIPS186-4)A2440",
        "HMAC-SHA2-256A2438",
        "KDA OneStep Sp800-56Cr1A2439",
        "ECDSA SigGen (FIPS186-4)A2437",
        "SHA2-256A2441",
        "ECDSA SigVer (FIPS186-4)A2437",
        "Hash DRBGA2436",
        "AES-CBCA2435",
        "SHA2-224A2441"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "02.01.000",
        "02.01.00013",
        "22.01.000"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 4
          },
          "ECDH": {
            "ECDH": 3
          },
          "ECDSA": {
            "ECDSA": 69
          }
        },
        "FF": {
          "DH": {
            "DH": 5
          },
          "DSA": {
            "DSA": 2
          }
        },
        "RSA": {
          "RSA 2048": 4
        }
      },
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {
        "MAC": {
          "MAC": 3
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-224": 12,
          "P-256": 88
        }
      },
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#2": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES 256": 7,
          "AES- 256": 3,
          "DRBG 1024": 1,
          "DRBG 512": 1,
          "HMAC- SHA-256": 1,
          "HMAC-SHA- 256": 2,
          "HMAC-SHA-256": 16,
          "PKCS1": 1,
          "RSA 2048": 4,
          "RSA PKCS1": 1,
          "SHA-256": 1,
          "SHA2- 256": 1,
          "SHA2-224": 5,
          "SHA2-256": 6
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 1,
          "Level 3": 5
        }
      },
      "hash_function": {
        "SHA": {
          "SHA2": {
            "SHA-256": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 56
        },
        "RNG": {
          "RBG": 2
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-3": 9,
          "FIPS 180-4": 2,
          "FIPS 186-4": 9,
          "FIPS 186-5": 1,
          "FIPS 197": 3,
          "FIPS 198-1": 2,
          "FIPS186-4": 4
        },
        "ISO": {
          "ISO/IEC 19790": 2
        },
        "NIST": {
          "NIST SP 800-38F": 6,
          "NIST SP 800-56A": 4,
          "NIST SP 800-56C": 2,
          "NIST SP 800-90A": 3
        },
        "PKCS": {
          "PKCS1": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 12,
            "AES-": 3
          },
          "CAST": {
            "CAST": 16
          }
        },
        "DES": {
          "3DES": {
            "Triple-DES": 2
          },
          "DES": {
            "DES": 2
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 7,
            "HMAC-SHA-256": 8
          }
        }
      },
      "tee_name": {
        "AMD": {
          "PSP": 9
        },
        "IBM": {
          "SSC": 1
        }
      },
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Hawes, David J. (Fed)",
      "/CreationDate": "D:20241217074233-08\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20241217074233-08\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "pdf_file_size_bytes": 789518,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 36
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "3d3c5d28a36155b32e4475cdc05d3ecc96c83bea2798a5f60ff967514a225c35",
    "policy_txt_hash": "fbf7254fb99f5d1fe6436b7b9e4939ae7418da8c9eac94ac96a67e20a8d7475e"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "Interim Validation; When operated in approved mode; No assurance of the minimum strength of generated SSPs (e.g., keys).",
    "certificate_pdf_url": null,
    "date_sunset": "2026-12-23",
    "description": "The X5 Postal Security Device (PSD) is a single-chip cryptographic module designed by Pitney Bowes, Inc. (PB) to conform with FIPS 140-3 Security Level 3 requirements. The device includes the Maxim Integrated MAX32590 DeepCover Secure Microcontroller hardware component. The PSD Application and DAL are compiled into a single firmware. The X5 Postal Security Device (PSD) provides cryptographic services to a host device (i.e., Digital Postage Meter), to support postage evidence in the form of an indicium. A PSD provides protection that includes ensuring the secrecy of sensitive security parameters (SSPs) such as cryptographic keys and providing data integrity protection for funds relevant data items (FRDIs) such as accounting data. SSPs and FRDIs reside inside the strong physical protections of the X5 Postal Security Device (PSD).",
    "embodiment": "Single Chip",
    "exceptions": [
      "Operational environment: N/A",
      "Non-invasive security: N/A",
      "Mitigation of other attacks: N/A",
      "Documentation requirements: N/A",
      "Cryptographic module security policy: N/A"
    ],
    "fw_versions": "PSD Application: 22.01.000D \u0026 22.01.000F Device Abstraction Layer (DAL): 02.01.000F \u0026 02.01.00013",
    "historical_reason": null,
    "hw_versions": "Maxim Integrated MAX32590 DeepCover Secure Microcontroller - Revision B4",
    "level": 3,
    "mentioned_certs": {},
    "module_name": "X5 Postal Security Device (PSD)",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-3",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2024-12-24",
        "lab": "PENUMBRA SECURITY",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Pitney Bowes, Inc.",
    "vendor_url": "http://www.pitneybowes.com"
  }
}