IDPrime 3930 FIDO

Certificate #4517

Webpage information ?

Status active
Validation dates 09.05.2023
Sunset date 21-09-2026
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Single Chip
Caveat No assurance of the minimum strength of generated keys
Exceptions
  • Roles, Services, and Authentication: Level 3
  • Physical Security: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
Description IDPrime 3930 FIDO is a dual interface smartcard combining Minidriver enabled PKI application, offering all the necessary services (with either RSA up to 4096 key length or Elliptic curves algorithms) to secure an IT Security and ID access infrastructure, with FIDO2 application (CTAP2) offering passwordless access for cloud apps, network domains and all Azure AD-connected apps and services
Version (Hardware) SLE78CLFX400VPH (A1714221) and SLE78CLFX400VPH (A1633310)
Version (Firmware) IDCore3130 - Build 12G, IDPrime 3930 Applet V4.5.0F, MSPNP Applet V1.2, FIDO V2.0.4B Applet
Vendor Thales
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, AES-128, AES-192, AES-256, AES256, DES, Triple-DES, TDEA, HMAC, CMAC
Asymmetric Algorithms
RSA-1024, RSA 2048, ECDH, ECDSA, ECC
Hash functions
SHA-1, SHA-256, SHA-224, SHA-384, SHA-512, SHA256, SHA-2
Schemes
MAC, Key Agreement
Randomness
DRBG, RNG
Elliptic Curves
P-224, P-256, P-384, P-521
Block cipher modes
ECB, CBC, CTR

JavaCard versions
Java Card 3.0.5, JavaCard 3.0.5, JavaCard 2.2.2, Global Platform 2.2.1
Trusted Execution Environments
SSC, SE
Vendor
Infineon, Gemalto, Thales, Microsoft

Security level
Level 2, Level 1, Level 3
Side-channel analysis
Side channel

Standards
FIPS 140-2, FIPS140-2, FIPS113, FIPS 197, FIPS 186-4, FIPS 180-4, FIPS PUB 140-2, FIPS198-1, SP 800-133, SP 800-38B, SP 800-90A, SP 800-67, SP 800-56A, SP 800-56B, SP 800-38F, SP 800-108, SP 800-56C, PKCS#1, PKCS #1, PKCS1, SCP03

File metadata

Title Microsoft Word - R1R29508_IDPRIME3930-FIDO_001_SP_L2.docx
Author tsengjk
Creation date D:20230504065714-04'00'
Modification date D:20230504065722-04'00'
Pages 41
Creator Nuance PDF Create
Producer Nuance PDF Create

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

  • 26.06.2023 The certificate data changed.
    Certificate changed

    The web extraction data was updated.

    • The certificate_pdf_url property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2023_010623_0642.pdf.
  • 18.05.2023 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4517,
  "dgst": "5f5e771dcb7bd8b6",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "RSA#A1930",
        "CVL#A1930",
        "KTS#A1930",
        "KAS-SSC#A1930",
        "KAS#A1930",
        "ECDSA#A1930",
        "KDA#A1930",
        "SHS#A1930",
        "KTS-RSA#A1930",
        "HMAC#A1930",
        "KBKDF#A1930",
        "Triple-DES#A1930",
        "AES#A1930",
        "DRBG#A1930"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "4.5.0",
        "1.2",
        "2.0.4"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 16
          },
          "ECDH": {
            "ECDH": 9
          },
          "ECDSA": {
            "ECDSA": 27
          }
        },
        "RSA": {
          "RSA 2048": 1,
          "RSA-1024": 2
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 4
        },
        "CTR": {
          "CTR": 1
        },
        "ECB": {
          "ECB": 4
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 3
        },
        "MAC": {
          "MAC": 10
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-224": 34,
          "P-256": 48,
          "P-384": 32,
          "P-521": 36
        }
      },
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#1": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES 128": 1,
          "AES 128/192/256": 2,
          "AES 256": 2,
          "AES-128": 5,
          "AES-128/192/256": 5,
          "AES-192": 1,
          "AES-256": 2,
          "AES256": 1,
          "Cert # AES": 1,
          "HMAC SHA-256": 1,
          "HMAC- SHA256": 1,
          "HMAC-SHA256": 2,
          "PKCS #1": 2,
          "PKCS#1": 9,
          "PKCS1": 2,
          "RSA 2048": 1,
          "RSA PKCS#1": 3,
          "SHA-1": 6,
          "SHA-1 (160": 1,
          "SHA-2": 5,
          "SHA-224": 1,
          "SHA-256": 7,
          "SHA-384": 1,
          "SHA-512": 2,
          "SHA256": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 1,
          "Level 2": 43,
          "Level 3": 1
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 7
          },
          "SHA2": {
            "SHA-2": 6,
            "SHA-224": 1,
            "SHA-256": 7,
            "SHA-384": 1,
            "SHA-512": 2,
            "SHA256": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {
        "GlobalPlatform": {
          "Global Platform 2.2.1": 2
        },
        "JavaCard": {
          "Java Card 3.0.5": 3,
          "JavaCard 2.2.2": 1,
          "JavaCard 3.0.5": 3
        }
      },
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 10
        },
        "RNG": {
          "RNG": 3
        }
      },
      "side_channel_analysis": {
        "SCA": {
          "Side channel": 1
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 48,
          "FIPS 180-4": 2,
          "FIPS 186-4": 4,
          "FIPS 197": 3,
          "FIPS PUB 140-2": 1,
          "FIPS113": 1,
          "FIPS140-2": 1,
          "FIPS198-1": 1
        },
        "NIST": {
          "SP 800-108": 1,
          "SP 800-133": 2,
          "SP 800-38B": 3,
          "SP 800-38F": 1,
          "SP 800-56A": 3,
          "SP 800-56B": 3,
          "SP 800-56C": 2,
          "SP 800-67": 2,
          "SP 800-90A": 4
        },
        "PKCS": {
          "PKCS #1": 1,
          "PKCS#1": 6,
          "PKCS1": 1
        },
        "SCP": {
          "SCP03": 7
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 41,
            "AES-128": 5,
            "AES-192": 1,
            "AES-256": 2,
            "AES256": 1
          }
        },
        "DES": {
          "3DES": {
            "TDEA": 1,
            "Triple-DES": 10
          },
          "DES": {
            "DES": 4
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 5,
            "HMAC": 6
          }
        }
      },
      "tee_name": {
        "IBM": {
          "SE": 4,
          "SSC": 7
        }
      },
      "tls_cipher_suite": {},
      "vendor": {
        "Gemalto": {
          "Gemalto": 2
        },
        "Infineon": {
          "Infineon": 2
        },
        "Microsoft": {
          "Microsoft": 4
        },
        "Thales": {
          "Thales": 48
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "tsengjk",
      "/CreationDate": "D:20230504065714-04\u002700\u0027",
      "/Creator": "Nuance PDF Create",
      "/ModDate": "D:20230504065722-04\u002700\u0027",
      "/Producer": "Nuance PDF Create",
      "/Title": "Microsoft Word - R1R29508_IDPRIME3930-FIDO_001_SP_L2.docx",
      "pdf_file_size_bytes": 529788,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 41
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "438dd9d19661060d95dff7b0b8aa5ebebc886629664d74f8641c76290c717fc8",
    "policy_txt_hash": "a90c93b5defa100de1561c2da01eeb067cbe641d56f1ebb9ff6c2125b1da1b06"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "No assurance of the minimum strength of generated keys",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2023_010623_0642.pdf",
    "date_sunset": "2026-09-21",
    "description": "IDPrime 3930 FIDO is a dual interface smartcard combining Minidriver enabled PKI application, offering all the necessary services (with either RSA up to 4096 key length or Elliptic curves algorithms) to secure an IT Security and ID access infrastructure, with FIDO2 application (CTAP2) offering passwordless access for cloud apps, network domains and all Azure AD-connected apps and services",
    "embodiment": "Single Chip",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Physical Security: Level 3",
      "EMI/EMC: Level 3",
      "Design Assurance: Level 3"
    ],
    "fw_versions": "IDCore3130 - Build 12G, IDPrime 3930 Applet V4.5.0F, MSPNP Applet V1.2, FIDO V2.0.4B Applet",
    "historical_reason": null,
    "hw_versions": "SLE78CLFX400VPH (A1714221) and SLE78CLFX400VPH (A1633310)",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "IDPrime 3930 FIDO",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-05-09",
        "lab": "LEIDOS CSTL",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Thales",
    "vendor_url": "http://www.thalesgroup.com"
  }
}