This page was not yet optimized for use on mobile
devices.
Thales Luna Backup Hardware Security Module
Certificate #3209
Webpage information
Security policy
Symmetric Algorithms
AES, AES-256, CAST5, RC2, RC5, DES, Triple-DES, ARIA, SEED, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, HMAC-SHA-224, CMACAsymmetric Algorithms
RSA 2048, RSA-2048, RSA-4096, RSA-1024, RSA 4096, ECDH, ECDSA, ECIES, ECC, DH, Diffie-Hellman, DSAHash functions
SHA-1, SHA-256, SHA-384, SHA-512, SHA-224, MD5Schemes
MAC, Key AgreementProtocols
SSL, TLSRandomness
PRNG, DRBG, RNG, RBGElliptic Curves
P-384Block cipher modes
ECB, CBC, CTR, OFBVendor
ThalesSecurity level
Level 3, level 3, Level 2Side-channel analysis
physical probing, Timing attacksStandards
FIPS 140-2, FIPS PUB 140-2, FIPS PUB 186-4, FIPS PUB 197, FIPS PUB 186-2, FIPS PUB 180-4, FIPS PUB 198-1, FIPS PUB 113, FIPS 186-4, NIST SP 800-90A, SP 800-67, SP 800-57, NIST SP 800-108, NIST SP 800-56A, NIST SP 800-38B, PKCS #11, PKCS #1, X.509File metadata
| Author | Wolfe, Susan |
|---|---|
| Creation date | D:20210125114205-05'00' |
| Modification date | D:20210125114205-05'00' |
| Pages | 55 |
| Creator | Microsoft® Word 2013 |
| Producer | Microsoft® Word 2013 |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3209,
"dgst": "53e38ea20dcd0179",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"Triple-DES MAC#2552",
"SHS#4075",
"Triple-DES#2552",
"KBKDF#164",
"CVL#1562",
"HMAC#3330",
"AES#5012",
"HMAC#3306",
"Triple-DES#2585",
"DSA#1315",
"DSA#1298",
"AES#4849",
"ECDSA#1242",
"ECDSA#1278",
"KTS#5012",
"KAS#154",
"SHS#3988",
"RSA#2691",
"Triple-DES MAC#2585",
"DRBG#1704",
"RSA#2704"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"6.24.7",
"6.24.6"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 26
},
"ECDH": {
"ECDH": 3
},
"ECDSA": {
"ECDSA": 7
},
"ECIES": {
"ECIES": 4
}
},
"FF": {
"DH": {
"DH": 2,
"Diffie-Hellman": 8
},
"DSA": {
"DSA": 9
}
},
"RSA": {
"RSA 2048": 3,
"RSA 4096": 1,
"RSA-1024": 1,
"RSA-2048": 2,
"RSA-4096": 2
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 4
},
"CTR": {
"CTR": 5
},
"ECB": {
"ECB": 4
},
"OFB": {
"OFB": 2
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"SSL": {
"SSL": 1
},
"TLS": {
"TLS": 6
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 3
},
"MAC": {
"MAC": 5
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-384": 14
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 4,
"#11": 5,
"#1242": 2,
"#1278": 2,
"#1298": 2,
"#1315": 2,
"#154": 1,
"#1562": 1,
"#164": 1,
"#1704": 1,
"#2552": 2,
"#2585": 3,
"#2691": 2,
"#2704": 2,
"#3306": 2,
"#3330": 2,
"#3988": 1,
"#4075": 1,
"#4849": 1,
"#5012": 4
}
},
"fips_certlike": {
"Certlike": {
"#2585 AES": 1,
"AES 128, 192": 2,
"AES 128, 192 and 256": 1,
"AES 256": 4,
"AES Cert. #5012": 1,
"AES-256": 10,
"AES-256 #1704": 1,
"DSA 2048": 1,
"Diffie-Hellman (2048": 1,
"HMAC SHA-1": 1,
"HMAC SHA-224": 1,
"HMAC SHA-256": 1,
"HMAC SHA-384": 1,
"HMAC SHA-512": 1,
"HMAC-SHA-1": 6,
"HMAC-SHA-17": 2,
"HMAC-SHA-18": 2,
"HMAC-SHA-224": 2,
"HMAC-SHA-256": 4,
"HMAC-SHA-384": 4,
"HMAC-SHA-512 #3306": 2,
"HMAC-SHA-512 #3330": 2,
"PKCS #1": 8,
"PKCS #11": 10,
"RSA 2048": 3,
"RSA 4096": 1,
"SHA- 224": 2,
"SHA- 384": 2,
"SHA- 512": 1,
"SHA-1": 15,
"SHA-15": 1,
"SHA-224": 15,
"SHA-256": 18,
"SHA-384": 15,
"SHA-512": 16
}
},
"fips_security_level": {
"Level": {
"Level 2": 1,
"Level 3": 15,
"level 3": 1
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 15
},
"SHA2": {
"SHA-224": 15,
"SHA-256": 18,
"SHA-384": 15,
"SHA-512": 16
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 38,
"PRNG": 1
},
"RNG": {
"RBG": 1,
"RNG": 1
}
},
"side_channel_analysis": {
"SCA": {
"Timing attacks": 1,
"physical probing": 1
}
},
"standard_id": {
"FIPS": {
"FIPS 140-2": 9,
"FIPS 186-4": 3,
"FIPS PUB 113": 1,
"FIPS PUB 140-2": 5,
"FIPS PUB 180-4": 1,
"FIPS PUB 186-2": 1,
"FIPS PUB 186-4": 5,
"FIPS PUB 197": 2,
"FIPS PUB 198-1": 1
},
"NIST": {
"NIST SP 800-108": 2,
"NIST SP 800-38B": 1,
"NIST SP 800-56A": 1,
"NIST SP 800-90A": 7,
"SP 800-57": 2,
"SP 800-67": 2
},
"PKCS": {
"PKCS #1": 4,
"PKCS #11": 5
},
"X509": {
"X.509": 4
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 26,
"AES-256": 11
},
"CAST": {
"CAST5": 2
},
"RC": {
"RC2": 2,
"RC5": 2
}
},
"DES": {
"3DES": {
"Triple-DES": 14
},
"DES": {
"DES": 2
}
},
"constructions": {
"MAC": {
"CMAC": 3,
"HMAC": 9,
"HMAC-SHA-224": 1,
"HMAC-SHA-256": 2,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 2
}
},
"miscellaneous": {
"ARIA": {
"ARIA": 2
},
"SEED": {
"SEED": 2
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Thales": {
"Thales": 163
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Wolfe, Susan",
"/CreationDate": "D:20210125114205-05\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2013",
"/ModDate": "D:20210125114205-05\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2013",
"pdf_file_size_bytes": 1236171,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://supportportal.thalesgroup.com/csm"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 55
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "4e00e3324f0ca5310826ece3585ee58d4de2667bbf7462444c4b6996bc37c6bb",
"policy_txt_hash": "b2ae2587b75560a63ca66b498545e420ee0da6aa55c0a936dd21c5182268ebdc"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/JuneCertFinal.pdf",
"date_sunset": null,
"description": "The Thales Luna Backup Hardware Security Module provides the same level of security as the SafeNet Network HSM and SafeNet PCI-E HSMs in a convenient, small, low-cost form factor. The Thales Luna Backup Hardware Security Module ensures that sensitive cryptographic material remains strongly protected in hardware even when not being used. One can easily back up and duplicate keys securely to the Thales Luna Backup HSM for safekeeping in case of emergency, failure or disaster.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": null,
"fw_versions": "6.24.6 [1] and 6.24.7 [2]",
"historical_reason": "SP 800-56Arev3 transition",
"hw_versions": "LTK-03, Version Code 0102 [1, 2] and LTK-03, Version Code 0103 [1, 2]",
"level": 3,
"mentioned_certs": {},
"module_name": "Thales Luna Backup Hardware Security Module",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2018-06-27",
"lab": "EWA - Canada",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2021-08-31",
"lab": "EWA - Canada",
"validation_type": "Update"
}
],
"vendor": "Thales",
"vendor_url": "http://www.gemalto.com"
}
}