This page was not yet optimized for use on mobile devices.
CN Series Encryptors
Certificate #4869
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-128, AES-256, AES256, AES128, AES-, DES, TDEA, Triple-DES, HMAC, HMAC-SHA-256, HMAC-SHA-512, HMAC-SHA-384Asymmetric Algorithms
RSA 2048, RSA2048, RSA4096, RSA-OAEP, ECDH, ECDHE, ECDSA, ECC, DH, Diffie-HellmanHash functions
SHA-1, SHA-256, SHA-384, SHA-512, SHA256, SHA-3, SHA3-256Schemes
MAC, KEM, Key Exchange, Key AgreementProtocols
SSH, SSL, TLS, TLS v1.2, TLSv1.2, TLS 1.2Randomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-256, P-384, P-521, NIST P-256, NIST P-521Block cipher modes
CBC, CTR, CFB, GCMTrusted Execution Environments
PSPVendor
Thales SA, ThalesSecurity level
Level 3, Level 1Side-channel analysis
physical probingCertification process
out of scope, 5.5.0 only – the loading of any other firmware version on the specified CN Series Encryptors is out of scope of this FIPS 140-3 validation. This Security Policy contains only non-proprietary information. AnyStandards
FIPS 140-3, FIPS PUB 197, FIPS186-4, FIPS 180-4, FIPS 198-1, FIPS 202, FIPS140-3, FIPS 186-4, SP 800-38A, SP 800-90B, SP 800-38D, SP 800-140F, SP 800-108, NIST SP 800-88, PKCS12, RFC 2459, RFC5246, RFC7627, RFC 5246, ISO/IEC 24759, ISO/IEC 19790:2012, ISO/IEC 24759:2017, X.509File metadata
| Title | CN Series Encryptors |
|---|---|
| Subject | FIPS 140-3 Level 3 |
| Keywords | CN Series FIPS140 Security Policy |
| Author | Senetas Corporation Ltd |
| Creation date | D:20241017151055-04'00' |
| Modification date | D:20241017151055-04'00' |
| Pages | 71 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
12.11.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4869,
"dgst": "5b10564b32ea564d",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"HMAC-SHA2-512A3451",
"ECDSA KeyVer (FIPS186-4)A3451",
"SHA2-256A3451",
"HMAC-SHA-1A3451",
"AES-CFB128A3549",
"KAS-ECC Sp800-56Ar3A3451",
"KDF SNMPA3451",
"KAS-FFC Sp800-56Ar3A3451",
"KDF TLSA3451",
"ECDSA KeyGen (FIPS186-4)A3451",
"RSA KeyGen (FIPS186-4)A3451",
"ECDSA SigGen (FIPS186-4)A3451",
"SHA3-256A3449",
"AES-CBCA3451",
"HMAC-SHA2-384A3451",
"KTS-IFCA3451",
"SHA-1A3451",
"RSA SigGen (FIPS186-4)A3451",
"AES-CTRA3549",
"AES-ECBA3549",
"SHA2-512A3451",
"AES-GCMA3549",
"RSA SigVer (FIPS186-4)A3451",
"KDF SSHA3451",
"TLS v1.2 KDF RFC7627A3451",
"HMAC-SHA2-256A3451",
"KDF SP800-108A3451",
"Hash DRBGA3451",
"ECDSA SigVer (FIPS186-4)A3451",
"SHA2-384A3451",
"TDES-CFB8A3451"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"5.5.0"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 9
},
"ECDH": {
"ECDH": 38,
"ECDHE": 3
},
"ECDSA": {
"ECDSA": 44
}
},
"FF": {
"DH": {
"DH": 7,
"Diffie-Hellman": 6
}
},
"RSA": {
"RSA 2048": 1,
"RSA-OAEP": 1,
"RSA2048": 3,
"RSA4096": 3
}
},
"certification_process": {
"OutOfScope": {
"5.5.0 only \u2013 the loading of any other firmware version on the specified CN Series Encryptors is out of scope of this FIPS 140-3 validation. This Security Policy contains only non-proprietary information. Any": 1,
"out of scope": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 4
},
"CFB": {
"CFB": 16
},
"CTR": {
"CTR": 45
},
"GCM": {
"GCM": 49
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 2
}
},
"crypto_protocol": {
"SSH": {
"SSH": 60
},
"TLS": {
"SSL": {
"SSL": 1
},
"TLS": {
"TLS": 74,
"TLS 1.2": 2,
"TLS v1.2": 10,
"TLSv1.2": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 8
},
"KEM": {
"KEM": 1
},
"KEX": {
"Key Exchange": 19
},
"MAC": {
"MAC": 6
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"NIST P-256": 10,
"NIST P-521": 1,
"P-256": 42,
"P-384": 22,
"P-521": 55
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES-128": 1,
"AES-256": 15,
"AES-2567": 1,
"AES128": 2,
"AES256": 3,
"Certificate RSA": 1,
"HMAC SHA-1": 1,
"HMAC SHA-256": 1,
"HMAC- SHA-256": 2,
"HMAC- SHA256": 2,
"HMAC-SHA- 256": 4,
"HMAC-SHA-1": 2,
"HMAC-SHA-15": 2,
"HMAC-SHA-256": 14,
"HMAC-SHA-384": 4,
"HMAC-SHA-512": 2,
"HMAC-SHA1": 2,
"HMAC-SHA256": 4,
"HMAC2": 4,
"PKCS12": 8,
"RSA 2048": 1,
"RSA2": 1,
"RSA2048": 3,
"RSA4096": 3,
"RSA5": 4,
"SHA-1": 4,
"SHA-14": 1,
"SHA-256": 27,
"SHA-3": 1,
"SHA-384": 11,
"SHA-512": 8,
"SHA256": 9,
"SHA3-256": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 1,
"Level 3": 3
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 4
},
"SHA2": {
"SHA-256": 29,
"SHA-384": 11,
"SHA-512": 7,
"SHA256": 9
},
"SHA3": {
"SHA-3": 1,
"SHA3-256": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 46
},
"RNG": {
"RNG": 3
}
},
"side_channel_analysis": {
"SCA": {
"physical probing": 1
}
},
"standard_id": {
"FIPS": {
"FIPS 140-3": 17,
"FIPS 180-4": 2,
"FIPS 186-4": 2,
"FIPS 198-1": 2,
"FIPS 202": 1,
"FIPS PUB 197": 20,
"FIPS140-3": 1,
"FIPS186-4": 2
},
"ISO": {
"ISO/IEC 19790:2012": 1,
"ISO/IEC 24759": 2,
"ISO/IEC 24759:2017": 1
},
"NIST": {
"NIST SP 800-88": 1,
"SP 800-108": 2,
"SP 800-140F": 1,
"SP 800-38A": 20,
"SP 800-38D": 3,
"SP 800-90B": 5
},
"PKCS": {
"PKCS12": 4
},
"RFC": {
"RFC 2459": 1,
"RFC 5246": 1,
"RFC5246": 4,
"RFC7627": 4
},
"X509": {
"X.509": 10
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 92,
"AES-": 1,
"AES-128": 1,
"AES-256": 15,
"AES128": 2,
"AES256": 3
}
},
"DES": {
"3DES": {
"TDEA": 1,
"Triple-DES": 9
},
"DES": {
"DES": 3
}
},
"constructions": {
"MAC": {
"HMAC": 19,
"HMAC-SHA-256": 8,
"HMAC-SHA-384": 1,
"HMAC-SHA-512": 2
}
}
},
"tee_name": {
"AMD": {
"PSP": 10
}
},
"tls_cipher_suite": {},
"vendor": {
"Thales": {
"Thales": 6,
"Thales SA": 3
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Senetas Corporation Ltd",
"/CreationDate": "D:20241017151055-04\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/Keywords": "CN Series FIPS140 Security Policy",
"/ModDate": "D:20241017151055-04\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"/Subject": "FIPS 140-3 Level 3",
"/Title": "CN Series Encryptors",
"pdf_file_size_bytes": 2688433,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/projects/cryptographic-module-validation-program/entropy-validations/certificate/49",
"https://csrc.nist.gov/projects/cryptographic-module-validation-program/entropy-validations/certificate/51",
"http://www.senetas.com/",
"https://www.senetas.com/",
"http://www.nist.gov/cmvp"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 71
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "c4be52cbbdfbd7337c128fccd8ffd82ad61f2a0af2795914b92a0efc176ed655",
"policy_txt_hash": "28e1c7d640eb5feee5d28ddbfeb23333e7e008e31e09691bf994c69f8ea15238"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim Validation. When operated in approved mode and initialized as per Section 2.3.1 of the Security Policy",
"certificate_pdf_url": null,
"date_sunset": "2026-11-05",
"description": "The CN4010, CN4020, CN6010, CN6100, CN6110, CN6140, CN9100 and CN9120 are high-speed hardware encryption platforms that secure data over twisted-pair and optical Ethernet networks. The modules support line rates from 10Mb/s to 100Gb/s. All models except CN4010 are equipped with pluggable transceivers to support a variety of optical network interfaces. Data privacy is provided by FIPS approved AES algorithms in CFB, CTR and GCM modes. Additional transmission security is provided via TRANSEC (Traffic Flow Security) which can be used to remove patterns in network traffic and prevent traffic analysis attacks.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Operational environment: N/A",
"Non-invasive security: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": "5.5.0",
"historical_reason": null,
"hw_versions": "Senetas Corp. Ltd. CN4000 Series: A4010B (DC) and A4020B (DC); Senetas Corp. Ltd. CN6000 Series: A6010B (AC), A6011B (DC), A6012B (AC/DC), A6100B (AC), A6101B (DC), A6102B (AC/DC), A6110B (AC), A6111B (DC), A6112B (AC/DC), A6140B (AC), A6141B (DC), A6142B (AC/DC); Senetas Corp. Ltd. CN9000 Series: A9100B (AC), A9101B (DC), A9102B (AC/DC), A9120B (AC), A9121B (DC) and A9122B (AC/DC); Senetas Corp. Ltd. \u0026 SafeNet Inc. CN4000 Series: A4010B (DC) and A4020B (DC); Senetas Corp. Ltd. \u0026 SafeNet Inc. CN6000 Series: A6010B (AC), A6011B (DC), A6012B (AC/DC), A6100B (AC), A6101B (DC), A6102B (AC/DC), A6110B (AC), A6111B (DC), A6112B (AC/DC), A6140B (AC), A6141B (DC), A6142B (AC/DC); Senetas Corp. Ltd. \u0026 SafeNet Inc. CN9000 Series: A9100B (AC), A9101B (DC), A9102B (AC/DC), A9120B (AC), A9121B (DC) and A9122B (AC/DC); Senetas Corp. Ltd. \u0026 Thales CN4000 Series: A4010B (DC) and A4020B (DC); Senetas Corp. Ltd. \u0026 Thales CN6000 Series: A6010B (AC), A6011B (DC), A6012B (AC/DC), A6100B (AC), A6101B (DC), A6102B (AC/DC), A6110B (AC), A6111B (DC), A6112B (AC/DC), A6140B (AC), A6141B (DC), A6142B (AC/DC); Senetas Corp. Ltd. \u0026 Thales CN9000 Series: A9100B (AC), A9101B (DC), A9102B (AC/DC), A9120B (AC), A9121B (DC) and A9122B (AC/DC)",
"level": 3,
"mentioned_certs": {},
"module_name": "CN Series Encryptors",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-11-06",
"lab": "Lightship Security, Inc.",
"validation_type": "Initial"
}
],
"vendor": "Senetas Corporation Ltd, distributed by Thales SA (SafeNet)",
"vendor_url": "https://www.senetas.com"
}
}