This page was not yet optimized for use on mobile
devices.
NITROX XL 1600-NFBE HSM Family
Certificate #2316
Webpage information
Security policy
Symmetric Algorithms
AES, AES-256, AES256, AES-128, RC4, DES, Triple-DES, TDES, HMAC, HMAC-SHA-512, HMAC-SHA-256Asymmetric Algorithms
RSA 1024, ECDSA, ECC, DH, DSAHash functions
SHA-1, SHA1, SHA512, SHA256, SHA384, SHA-256, SHA-2, MD5Schemes
MAC, Key agreementProtocols
SSH, TLS 1.1, TLS 1.2, TLSRandomness
DRBG, RNGElliptic Curves
P-521, P-224, P-256, P-384, P-192, K-233, K-283, K-409, K-571, B-233, B-283, B-409, B-571, K-163, B-163, P-512Block cipher modes
ECB, CBC, CTR, GCMSecurity level
Level 3Certification process
out of scope, Upgrade Allows the CO to upgrade the firmware after the firmware load test. New firmware is out of scope of this validation; as the module’s validation to FIPS 140-2 is no longer valid once any, Downgrade Allows the CO to downgrade the firmware after the firmware load test. New firmware is out of scope of this validation; as the module’s validation to FIPS 140-2 is no longer valid once any, Upgrade Allows the default CO to upgrade the firmware after the firmware load test. New firmware is out of scope of this validation; as the module’s validation to FIPS 140-2 is no longer valid once any, Allows the default CO to downgrade the firmware after the firmware load test. New firmware is out of scope of this validation; as the module’s validation to FIPS 140-2 is no longer valid once anyStandards
FIPS 140-2, FIPS PUB 140-2, SP 800-131A, SP 800-56A, SP 800-56B, PKCS#1File metadata
| Title | A. Scope of Document |
|---|---|
| Author | cgoodman |
| Creation date | D:20180327171805-07'00' |
| Modification date | D:20180327171811-07'00' |
| Pages | 27 |
| Creator | Acrobat PDFMaker 17 for Word |
| Producer | Adobe PDF Library 15.0 |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 2316,
"dgst": "3343427bd8ac1cfc",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"ECDSA#188",
"SHS#1379",
"HMAC#1677",
"KAS#5",
"DSA#474",
"SHS#1166",
"CVL#166",
"ECDSA#150",
"AES#1266",
"RSA#607",
"RSA#742",
"Triple-DES#898",
"AES#1265",
"AES#2899",
"HMAC#736",
"HMAC#443",
"SHS#801",
"DRBG#32",
"KTS#5314"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"2.2",
"3.0",
"2.0"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 25
},
"ECDSA": {
"ECDSA": 20
}
},
"FF": {
"DH": {
"DH": 5
},
"DSA": {
"DSA": 13
}
},
"RSA": {
"RSA 1024": 2
}
},
"certification_process": {
"OutOfScope": {
"Allows the default CO to downgrade the firmware after the firmware load test. New firmware is out of scope of this validation; as the module\u2019s validation to FIPS 140-2 is no longer valid once any": 1,
"Downgrade Allows the CO to downgrade the firmware after the firmware load test. New firmware is out of scope of this validation; as the module\u2019s validation to FIPS 140-2 is no longer valid once any": 1,
"Upgrade Allows the CO to upgrade the firmware after the firmware load test. New firmware is out of scope of this validation; as the module\u2019s validation to FIPS 140-2 is no longer valid once any": 1,
"Upgrade Allows the default CO to upgrade the firmware after the firmware load test. New firmware is out of scope of this validation; as the module\u2019s validation to FIPS 140-2 is no longer valid once any": 1,
"out of scope": 4
}
},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"CTR": {
"CTR": 4
},
"ECB": {
"ECB": 5
},
"GCM": {
"GCM": 4
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"SSH": {
"SSH": 1
},
"TLS": {
"TLS": {
"TLS": 16,
"TLS 1.1": 1,
"TLS 1.2": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key agreement": 2
},
"MAC": {
"MAC": 13
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"B-163": 2,
"B-233": 2,
"B-283": 2,
"B-409": 2,
"B-571": 2,
"K-163": 2,
"K-233": 2,
"K-283": 2,
"K-409": 2,
"K-571": 2,
"P-192": 4,
"P-224": 4,
"P-256": 4,
"P-384": 2,
"P-512": 2,
"P-521": 8
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1166": 1,
"#1265": 1,
"#1266": 1,
"#1379": 1,
"#150": 1,
"#1677": 1,
"#188": 1,
"#2899": 1,
"#443": 1,
"#474": 1,
"#607": 1,
"#736": 1,
"#742": 1,
"#801": 1,
"#898": 1,
"Cert. 32": 1
}
},
"fips_certlike": {
"Certlike": {
"AES 128, 192": 1,
"AES-128, 192": 2,
"AES-256": 5,
"AES256": 1,
"DES 168": 2,
"DRBG 1266": 1,
"HMAC SHA512": 1,
"HMAC-SHA-1": 1,
"HMAC-SHA-1 KAT (Cert. #443": 1,
"HMAC-SHA-256": 2,
"HMAC-SHA-512": 1,
"HMAC-SHA-512 KAT (Cert. #736": 1,
"PKCS#1": 1,
"RSA 1024": 2,
"RSA PKCS#1": 1,
"SHA 160": 1,
"SHA 512": 1,
"SHA-1": 6,
"SHA-2": 1,
"SHA-256": 1,
"SHA1": 1,
"SHA256": 1,
"SHA384": 1,
"SHA512": 2,
"SHS KAT 160": 2,
"SHS KAT 256": 1
}
},
"fips_security_level": {
"Level": {
"Level 3": 6
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 6,
"SHA1": 1
},
"SHA2": {
"SHA-2": 1,
"SHA-256": 1,
"SHA256": 1,
"SHA384": 1,
"SHA512": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 11
},
"RNG": {
"RNG": 3
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 11,
"FIPS PUB 140-2": 2
},
"NIST": {
"SP 800-131A": 3,
"SP 800-56A": 5,
"SP 800-56B": 4
},
"PKCS": {
"PKCS#1": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 21,
"AES-128": 2,
"AES-256": 5,
"AES256": 1
},
"RC": {
"RC4": 2
}
},
"DES": {
"3DES": {
"TDES": 3,
"Triple-DES": 5
},
"DES": {
"DES": 2
}
},
"constructions": {
"MAC": {
"HMAC": 4,
"HMAC-SHA-256": 1,
"HMAC-SHA-512": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "cgoodman",
"/Company": "",
"/CreationDate": "D:20180327171805-07\u002700\u0027",
"/Creator": "Acrobat PDFMaker 17 for Word",
"/Keywords": "",
"/ModDate": "D:20180327171811-07\u002700\u0027",
"/Producer": "Adobe PDF Library 15.0",
"/SourceModified": "D:20180328001758",
"/Subject": "",
"/Title": "A. Scope of Document",
"pdf_file_size_bytes": 527398,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 27
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "b7df0ea37b7943dbbc96bd603e5a0f2a0624eb6d513ab4443c99bededec2d428",
"policy_txt_hash": "7298f310ecc29206cff905586850b9e2e6beba3fb40ddafb4fbd5264d69f3c64"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertList0049.pdf",
"date_sunset": null,
"description": "The NITROX XL 1600-NFBE HSM adapter family delivers the world\u0027s fastest FIPS 140-2 Level 3 Hardware Security Module (HSM) with PCIe Gen 2.0. The NITROX XL family of adapters offers up to 9000 RSA 2k-bit operations per second and 5 Gbps of bulk crypto.",
"embodiment": "Multi-Chip Embedded",
"exceptions": [
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "CN16XX-NFBE-FW-2.2-130013 and CN16XX-NFBE-FW-2.2-130014",
"historical_reason": "186-2 transition",
"hw_versions": "P/Ns CN1610-NFBE1-3.0-FW-2.2-G, CN1620-NFBE1-3.0-FW-2.2-G, CN1620-NFBE3-3.0-FW-2.2-G, CN1610-NFBE1-2.0-FW-2.2-G, CN1620-NFBE1-2.0-FW-2.2-G, CN1620-NFBE3-2.0-FW-2.2-G and FN1620\u2010NFBE2\u2010G",
"level": 3,
"mentioned_certs": {},
"module_name": "NITROX XL 1600-NFBE HSM Family",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2015-01-21",
"lab": "UL Verification Services, Inc.",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2015-07-23",
"lab": "UL Verification Services, Inc.",
"validation_type": "Update"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2015-12-04",
"lab": "UL Verification Services, Inc.",
"validation_type": "Update"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2016-06-10",
"lab": "UL Verification Services, Inc.",
"validation_type": "Update"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2016-06-24",
"lab": "UL Verification Services, Inc.",
"validation_type": "Update"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2018-03-29",
"lab": "UL Verification Services, Inc.",
"validation_type": "Update"
}
],
"vendor": "Cavium Networks",
"vendor_url": "http://www.cavium.com"
}
}