``
2 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 3 of 38
4 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
Variant name Marketing model number Firmware version
MiniHSM nC4031Z-10 12.72.0
12.72.2
MiniHSM inside nShield Edge F2 nC3021U-10
Security requirements section Level
Cryptographic Module Specification 2
Module Ports and Interfaces 2
Roles, Services and Authentication 3
Finite State Model 2
Physical Security 3
Operational Environment N/A
Cryptographic Key Management 2
EMI/EMC 3
Self-Tests 2
Design Assurance 3
Mitigation of Other Attacks N/A
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 5 of 38
•
•
•
•
•
6 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 7 of 38
•
•
•
•
``
CSP Type Description Generation Input Output Storage Zeroization
KRE - Recovery
Confidentiality
Key
RSA 3072-bit Key used to protect recovery keys (KR).
KTS cert #A1931
DRBG Load Blob -
encrypted
with LT
Make Blob -
encrypted
with LT
Ephemeral,
stored in
volatile RAM.
Initialize Unit
KR - Recovery
Key
AES 256-bit Key used to derive (using SP 800-108 KDF in
counter mode) the keys Ke (AES 256-bit)
and Km (HMAC-SHA256) that protect an
archive copy of an application key.
• AES cert #A1931
DRBG Load Blob -
encrypted
with KRE
Make Blob -
encrypted
with KRE
Ephemeral,
stored in
volatile RAM.
Initialize Unit,
Clear Unit,
power cycle or
reboot.
Impath session
keys
AES 256-bit in CBC
mode.
Integrity with
HMAC SHA-256.
Used for secure channel between two
modules. It consists of a set of four session
keys used in an Impath session for
encryption, decryption, MAC generation
and MAC validation.
• AES cert #A1931
• HMAC cert #A1931
3072-bit DH
key
exchange
No No Ephemeral,
stored in
volatile RAM.
Clear Unit, new
session, power
cycle or reboot.
KJSO - JSO key DSA 3072-bit nShield Junior Security Officer key used with
its associated certificate to perform the
operations allowed by the NSO.
• DSA cert #A1931
DRBG Load Blob -
encrypted
with LT
Make Blob -
encrypted
with LT
Ephemeral,
stored in
volatile RAM.
Destroy,
Initialize Unit,
Clear Unit,
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 9 of 38
CSP Type Description Generation Input Output Storage Zeroization
power cycle or
reboot.
KA - Application
key
AES 128, 192, 256
bits
TDES 168 bits
HMAC with key
sizes >= 112 bits
RSA with key sizes
>= 2048 bits
DSA, DH with key
sizes >= 2048 bits
ECDSA, ECDH, EC
MQV with curves:
• P-224, P-
256, P-384,
P-521
• K-233, K-
283, K-409,
K-571
• B-233, B-
283, B-409,
B-571
• Brainpool
Keys associated with a user to perform
cryptographic operations, that can be used
with one of the following validated
algorithms:
• AES and KTS cert #A1931
• HMAC cert #A1931
• RSA cert #A1931
• DSA cert #A1931
• ECDSA cert #A1931
• Key Agreement (KAS) cert #A1931
• KBKDF cert #A1931
• KTS cert #A1931
DRBG Load Blob -
encrypted
with LT or
KR
Make Blob -
encrypted
with LT or
KR
Ephemeral,
stored in
volatile RAM.
Destroy,
Initialize Unit,
Clear Unit,
power cycle or
reboot
10 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
CSP Type Description Generation Input Output Storage Zeroization
KM - Module
Key
AES 256-bit Key used to protect logical tokens and
associated module Key Blobs.
• AES cert #A1931
DRBG Load Blob -
encrypted
with LT
Make Blob -
encrypted
with LT
Non-volatile
memory
Initialize Unit
KML - Module
Signing Key
DSA 3072-bit Module Signing Key used by the module to
sign key generation and module state
certificates.
When the nShield module is initialized, it
automatically generates this key that it uses
to sign certificates using DSA with SHA-256.
This key is only ever used to verify that a
certificate was generated by a specific
module.
• DSA cert #A1931
DRBG No No Non-volatile
memory
Initialize Unit
KNSO - NSO key DSA 3072-bit nShield Security Officer key used for NSO
authorisation and Security World integrity.
Used to sign Delegation Certificates and to
directly authorize commands during
recovery operations
• DSA cert #A1931
DRBG Load Blob -
encrypted
with LT
Make Blob -
encrypted
with LT
Ephemeral,
stored in
volatile RAM.
Destroy,
Initialize Unit,
Clear Unit,
power cycle or
reboot.
LT - Logical
Token
AES 256-bit Key used to derive the keys that are used to
protect token protected key blobs. Logical
Tokens are split in shares (encrypted with
Share Key) between one or more
DRBG Read
Share -
encrypted
Write Share
- encrypted
with Share
Key
Ephemeral,
stored in
volatile RAM.
Destroy,
Initialize Unit,
power cycle or
reboot
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 11 of 38
CSP Type Description Generation Input Output Storage Zeroization
smartcards or a softcard, using the Shamir
Secret Sharing scheme.
• AES cert #A1931
• KBKDF cert #A1931
• HMAC cert #A1931
with Share
Key
Share Key AES 256-bit Protects a share when written to a
smartcard or softcard. This key is used to
derive (using SP 800-108 AES CTR KDF) the
keys Ke (AES 256-bit) and Km (HMAC-
SHA256) that wrap the share.
• AES cert #A1931
• KBKDF cert #A1931
• HMAC cert #A1931
DRBG No No Ephemeral,
stored in
volatile RAM.
N/A
Remote
Administration
session keys
AES 256-bit in CBC
mode
Integrity with
CMAC
Used for secure channel between the
module and a smartcard. This is a set of four
AES 256-bit session keys, namely Km-e (for
encrypting data send to the smartcard), Kc-e
(for decrypting data from the smartcard),
Km-a (for CMAC generation) and Kc-a (for
CMAC verification).
• AES cert #A1931
ECDH P-521
key
agreement
No No Ephemeral,
stored in
volatile RAM.
Clear Unit, new
session, power
cycle or reboot.
KAL - Key Audit
Logging
DSA 3072-bit Used for signing the log trail.
• DSA cert #A1931
DRBG No No Non-volatile
memory
Initialize Unit
12 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
CSP Type Description Generation Input Output Storage Zeroization
DRBG internal
state
Hash_DRBG The module uses the Hash_DRBG with SHA-
256 compliant with SP800-90A.
• Hash DRBG cert #A1931
Entropy
source
No No Ephemeral,
stored in
volatile RAM.
Clear Unit,
power cycle or
reboot.
DRBG entropy
input
520 bits Entropy input string used to initialize and
re-seed the DRBG.
Entropy
source
No No Ephemeral,
stored in
volatile RAM.
Clear Unit,
power cycle or
reboot.
Public Key Type Description Generation Input Output Storage
Firmware Integrity
key (KFI)
DSA 3072-
bit
Public key used to ensure the integrity
of firmware updates. The module
validates the signature before new
firmware is written to non-volatile
storage.
• DSA cert #A1931
At Entrust Firmware update No In firmware
KJWAR ECDSA P-
521
Entrust root warranting public key
for Remote Administrator Cards and
Remote Operator Cards
• ECDSA cert #A1931
At Entrust Firmware update None Persistent storage
in plaintext inside
the module
(EEPROM)
Application keys
public key
See
description
Public keys associated with private
Application keys:
At creation of
the
Load Blob - encrypted with LT Key export Stored in the key
blob of the
application key
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 13 of 38
Public Key Type Description Generation Input Output Storage
• RSA cert #A1931
• DSA cert #A1931
• ECDSA cert #A1931
• Key Agreement (KAS) cert
#A1931
• KTS cert #A1931
application
key
KJSO public key DSA 3072-
bit
Public key associated to KJSO
• DSA cert #A1931
At creation of
the KJSO
Load Blob - encrypted with LT Key export Public key hash
stored in the
module persistent
storage
KNSO public key DSA 3072-
bit
Public key associated to KNSO
• DSA cert #A1931
At creation of
the KNSO
Load Blob - encrypted with LT Key export Public key hash
stored in the
module persistent
storage
KML public key DSA 3072-
bit
Public key associated to KML
• DSA cert #A1931
At creation of
KML
No Key export Public key hash
stored in the
module persistent
storage
KAL public key DSA 3072-
bit
Public key associated to KAL
• DSA cert #A1931
At creation of
KAL
No Included in
the audit
trail
Public key hash
stored in the
module persistent
storage
14 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
Public Key Type Description Generation Input Output Storage
KRE public key RSA 3072-
bit
Public key associated to KRE
• KTS cert #A1931
At creation of
the KNSO
Load Blob - encrypted with LT Key export Stored in a key
blob
FET public key DSA 1024-
bit
Feature Enable Tool (FET) public key
used to verify FET certificates
• DSA cert #TBD
At Entrust Firmware update No Persistent storage
in plaintext inside
the module
(EEPROM)
Impath DH public
key
DH 3072-
bit
Public key from peer used in the
Impath DH key agreement
• KAS cert #A1931
No Loaded with Cmd_ImpathKXFinish No Ephemeral, stored
in volatile RAM.
Remote
Administration
ECDH public key
NIST P-521 Public key from peer used in the
Remote Administration ECDH key
agreement
• KAS cert #A1931
No Loaded with
Cmd_DynamicSlotExchangeAPDUs
No Ephemeral, stored
in volatile RAM.
``
Cert # Algorithm and mode Standard Key sizes Use
A1931 Advanced Encryption Standard
(AES)
• ECB
• CBC
• CTR
• GCM
FIPS 197
SP800-
38A
SP800-
38D
128 bits
192 bits
256 bits
Data
encryption/decryption
A1931 Triple-DES
Note: The user is responsible to
comply with the maximum use of
the same key for encryption
encryption operations, limited to
2^20 or 2^16, as defined in
Implementation Guidance A.13 SP
800-67rev1 Transition.
SP800-67 168 bits Data
encryption/decryption
A1931 KTS
• AES Key Wrapping (AES
KW)
• AES Key Wrapping with
Padding (AES KWP)
• AES GCM
SP800-
38F
SP800-
38D
128 bits
192 bits
256 bits
Key
wrapping/unwrapping
A1931 KTS
• RSA OAEP
SP 800-
56Brev2
2048 bits
3072 bits
4096 bits
Caveat: Cert.
#A1931 key
establishment
methodology
provides between
112 and 152 bits of
encryption
strength.
Key transport
(encapsulation, un-
encapsulation)
16 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
Cert # Algorithm and mode Standard Key sizes Use
A1931 RSA
• PKCS#1 v1.5
• PSS
FIPS 186-
4
1024 bits
(verification only)
2048 bits
3072 bits
4096 bits
Key generation
Signature generation
and verification
A1931 Elliptic Curve Digital Signature
Algorithm (ECDSA)
FIPS 186-
4
• NIST P-
224, P-
256, P-
384, P-521
• NIST K-
233, K-
283, K-
409, K-571
• NIST B-
233, B-
283, B-
409, B-571
Signature generation
and verification
A1931 Digital Signature Algorithm (DSA) FIPS 186-
4
L = 1024 bits, N =
160 bits
(verification only)
L = 2048 bits, N =
224 bits
L = 2048 bits, N =
256 bits
L = 3072 bits, N =
256 bits
Signature generation
and verification
A1931 HMAC-SHA1
HMAC-SHA2
FIPS 198-
1
>= 112 bits MAC generation and
verification
A1931 Advanced Encryption Standard
(AES)
• CMAC
SP800-
38B
128 bits
192 bits
256 bits
MAC generation and
verification
A1931 KAS-FFC
• Diffie-Hellman (DH)
SP 800-
56Arev3
MODP-2048
MODP-3072
MODP-4096
MODP-6144
MODP-8192
Key establishment
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 17 of 38
Cert # Algorithm and mode Standard Key sizes Use
FB
FC
A1931 KAS-ECC
• Elliptic Curve Diffie-
Hellman (ECDH)
SP 800-
56Arev3
• NIST P-
224, P-
256, P-
384, P-521
• NIST K-
233, K-
283, K-
409, K-571
• NIST B-
233, B-
283, B-
409, B-571
Key establishment
A1931 KAS-ECC
• Elliptic Curve Menezes–
Qu–Vanstone (ECMQV)
SP 800-
56Arev3
• NIST P-
224, P-
256, P-
384, P-521
• NIST K-
233, K-
283, K-
409, K-571
• NIST B-
233, B-
283, B-
409, B-571
Key establishment
A1931 Key Based KDF (KBKDF):
• counter mode
SP 800-
108
n/a Key derivation
A1931 SHA-1, SHA-224, SHA-256, SHA-
384, SHA-512
FIPS 180-
4
n/a Message digest
A1931 Hash-based DRBG SP 800-
90A
n/a Random bit generation
ENT (P) Hardware based entropy source
This cryptographic module has
been validated for compliance with
NIST SP 800-90B. Based on noise
source testing and analysis, the
estimated minimum amount of
entropy per the source output bit is
SP800-
90B
n/a Random bit generation
18 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
Cert # Algorithm and mode Standard Key sizes Use
about 0.356 bits. The overall
amount of generated entropy
meets the required security
strength of 256 bits based on the
entropy per bit and amount of
entropy requested by the module.
Vendor
affirmed
CKG SP800-
133
Symmetric keys
are generated
using the
unmodified output
of the approved
DRBG.
Key generation
Cert # Algorithm and mode Standard Key sizes Use
A1931 Elliptic Curve Digital
Signature Algorithm
(ECDSA) using non-NIST
elliptic curves
FIPS 186-4
RFC 5639
• brainpoolP224r1/P224t1
(112 bits of strength)
• brainpoolP256r1/P256t1
(128 bits of strength)
• brainpoolP320r1/P320t1
(160 bits of strength)
• brainpoolP384r1/P384t1
(192 bits of strength)
• brainpoolP512r1/P512t1
(256 bits of strength)
Signature
generation and
verification
A1931 EC Diffie-Hellman using
non-NIST elliptic curves
SP 800-
56Arev3
RFC 5639
• brainpoolP224r1/P224t1
(112 bits of strength)
• brainpoolP256r1/P256t1
(128 bits of strength)
• brainpoolP320r1/P320t1
(160 bits of strength)
• brainpoolP384r1/P384t1
(192 bits of strength)
• brainpoolP512r1/P512t1
(256 bits of strength)
Key establishment
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 19 of 38
Cert # Algorithm and mode Standard Key sizes Use
A1931 EC MQV using non-NIST
elliptic curves
SP 800-
56Arev3
RFC 5639
• brainpoolP224r1/P224t1
(112 bits of strength)
• brainpoolP256r1/P256t1
(128 bits of strength)
• brainpoolP320r1/P320t1
(160 bits of strength)
• brainpoolP384r1/P384t1
(192 bits of strength)
• brainpoolP512r1/P512t1
(256 bits of strength)
Key establishment
Algorithm
Symmetric encryption and decryption
DES
Two-key Triple DES encryption, MAC generation
AES GCM with externally generated IV
AES CBC MAC
Aria
Camellia
Arc Four (compatible with RC4)
CAST 256 (RFC2612)
SEED (Korean Data Encryption Standard)
Asymmetric
KTS-OAEP-basic with SHA-256 with key size less than 2048 bits
ElGamal (encryption using Diffie-Hellman keys)
KCDSA (Korean Certificate-based Digital Signature Algorithm)
RSA digital signature generation with SHA-1 or key size less than 2048 bits
DSA digital signature generation with SHA-1 or key size less than 2048 bits
20 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
Algorithm
ECDSA digital signature generation with SHA-1 or curves P-192, K-163 , B-163
DH with key size p < 2048 bits or q < 224 bits, or non-compliant with SP800-56Arev3
ECDH with curves P-192, K-163, B-163 or non-compliant with SP800-56Arev3
EC MQV with curves P-192, K-163 or B-163, or non-compliant with SP800-56Arev3
Deterministic DSA compliant with RFC6979
Ed25519 public-key signature
X25519 key exchange
ECIES encryption/wrapping and decryption/unwrapping
ECKA-EG key agreement
Hash
HAS-160
MD5
RIPEMD-160
Tiger
Message Authentication Codes
HMAC with MD5, RIPEMD-160 and Tiger
HMAC with key size less than 112 bits
Other
PKCS#8 padding
EMV support:
Cryptogram (ARQC) generation and verification (includes EMV2000, M/Chip 4 and Visa Cryptogram
Version 14, EMV 2004, M/Chip 2.1, Visa Cryptogram Version 10)
Watchword generation and verification
Hyperledger client side KDF
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 21 of 38
•
•
•
Authentication
mechanism
Type of
authentication
Strength of Mechanism
Smartcard Identity based
22 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
Authentication
mechanism
Type of
authentication
Strength of Mechanism
Softcard Identity based A logical token share stored in a Smartcard or Softcard is
encrypted and MAC'ed. An attacker would need to guess the
encrypted share value and the associated MAC in order to be
able to load a valid Logical token share into the module. This
requires, as a minimum, guessing a 256-bit HMAC-SHA256 value,
which gives a probability of 2^-256. This probability is less than
10^-6.
The module can process around 2^16 commands per minute.
This gives a probability of success in a one minute period of 2^-
240, which is less than 10^-5.
Service Description Authorized roles Access CSPs
Big number operation
Cmd_BignumOp
Performs an
operation on a large
integer.
Unauthenticated - None
Make Blob
Cmd_MakeBlob
Creates a Key blob
containing the key.
Note that the key ACL
needs to authorize
the operation.
User / JSO / NSO W KA, KRE, KR,
KJSO, KM,
KNSO, LT
Buffer operations
Cmd_CreateBuffer
Cmd_LoadBuffer
Mechanism for
loading of data into
the module volatile
memory. The data
can be loaded in
encrypted form
which can be
decrypted inside the
module with a key
that has been
previously loaded.
Unauthenticated R KA
Bulk channel Provides a bulk
processing channel
User R KA
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 23 of 38
Service Description Authorized roles Access CSPs
Cmd_ChannelOpen
Cmd_ChannelUpdate
for encryption /
decryption, MAC
generation /
verification and
signature generation
/ verification.
Check User Action
Cmd_CheckUserAction
Determines whether
the ACL associated
with a key allows a
specific operator
defined action.
User / JSO / NSO R KNSO, KJSO;
KA
Clear Unit
Cmd_ClearUnit
Zeroises all keys,
tokens and shares
that are loaded into
the module. Will
cause the module to
reboot and perform
self-tests.
Unauthenticated Z KA, KR, Impath
keys, KJSO,
remote
administration
session keys
Set Module Key
Cmd_SetKM
Allows a key to be
stored internally as a
Module key (KM)
value. The ACL needs
to authorize this
operation.
NSO W KM
Remove Module Key
Cmd_RemoveKM
Deletes a given KM
from non-volatile
memory.
NSO Z KM
Duplicate key handle
Cmd_Duplicate
Creates a second
instance of a Key
with the same ACL
and returns a handle
to the new instance.
Note that the source
key ACL needs to
authorize this
operation.
User / JSO / NSO R KA
Enable feature
Cmd_StaticFeatureEnable
Enables the service.
This service requires
a certificate signed by
the Master Feature
Enable key.
Unauthenticated - None
24 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
Service Description Authorized roles Access CSPs
Encryption / decryption
Cmd_Encrypt
Cmd_Decrypt
Encryption and
decryption using the
provided key handle.
User R KA
Erase from smartcard /softcard
Cmd_EraseFile
Cmd_EraseShare
Removes a file or a
share from a
smartcard or softcard
NSO / JSO / User - None
Format Token
Cmd_FormatToken
Formats a smartcard
or a softcard.
Unauthenticated - None
File operations
Cmd_FileCopy
Cmd_FileCreate
Cmd_FileErase
Cmd_FileOp
Performs file
operations in the
module.
NSO / JSO - None
Firmware Authenticate
Cmd_FirmwareAuthenticate
Reports firmware
version, using a zero
knowledge challenge
response protocol
based on HMAC.
The protocol
generates a random
value to use as the
HMAC key.
Unauthenticated - None
Force module to fail
Cmd_Fail
Causes the module to
enter a failure state.
Unauthenticated - None
Foreign Token open
Cmd_ForeignTokenOpen
Opens a channel for
direct data access to
a Smartcard
Requires Feature
Enabled.
NSO / JSO - None
Foreign Token command
Cmd_ForeignTokenCommand
Sends an ISO-7816
command to a
smartcard over the
channel opened by
ForeignTokenOpen.
Unauthenticated - None
Firmware Update Perform a firmware
update. Restricted
Unauthenticated R KFI
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 25 of 38
Service Description Authorized roles Access CSPs
Cmd_Maintenance
Cmd_ProgrammingBegin
Cmd_ProgrammingBeginChunk
Cmd_ProgrammingLoadBlock
Cmd_ProgrammingEndChunk
Cmd_ProgrammingEnd
Cmd_ProgrammingGetKeyList
service to Entrust
signed Firmware.
Generate prime number
Cmd_GeneratePrime
Generates a random
prime number.
Unauthenticated R, W DRBG internal
state
Generate random number
Cmd_GenerateRandom
Generates a random
number from the
Approved DRBG.
Unauthenticated R, W DRBG internal
state
Get ACL
Cmd_GetACL
Get the ACL of a
given key.
User R KA
Get key application data
Cmd_GetAppData
Get the application
data field from a key.
User R KA
Get challenge
Cmd_GetChallenge
Get a random
challenge that can be
used in fresh
certificates.
Unauthenticated R, W DRBG internal
state
Get KLF2
Cmd_GetKLF2
Get a handle to the
Module Long Term
(KLF2) public key.
Unauthenticated - None
Get Key Information
Cmd_GetKeyInfo
Cmd_GetKeyInfoEx
Get the type, length
and hash of a key.
NSO / JSO / User R KA
Get module signing key
Cmd_GetKML
Get a handle to the
KML public key.
Unauthenticated R KML
Get list of slot in the module
Cmd_GetSlotList
Get the list of slots
that are available
from the module.
Unauthenticated - None
Get Logical Token Info
Cmd_GetLogicalTokenInfo
Get information
about a Logical
Token: hash, state
NSO / JSO / User R LT
26 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
Service Description Authorized roles Access CSPs
Cmd_GetLogicalTokenInfoEx and number of
shares.
Get list of module keys
Cmd_GetKMList
Get the list of the
hashes of all module
keys and the KNSO.
Unauthenticated R KM, KNSO
Get module state
Cmd_GetModuleState
Returns unsigned
data about the
current state of the
module.
Unauthenticated - None
Get real time clock
Cmd_GetRTC
Get the current time
from the module Real
Time Clock.
Unauthenticated - None
Get share access control list
Cmd_GetShareACL
Get the Share's ACL. NSO / JSO / User R Share Key
Get Slot Information
Cmd_GetSlotInfo
Get information
about shares and files
on a Smartcard that
has been inserted in
a module slot.
Unauthenticated - None
Get Ticket
Cmd_GetTicket
Get a ticket (an
invariant identifier)
for a key. This can be
passed to another
client or to a SEE
World which can
redeem it using
Redeem Ticket to
obtain a new handle
to the object.
NSO / JSO / User - None
Initialize Unit
Cmd_InitializeUnit
Cmd_InitializeUnitEx
Causes a module in
the pre-initialization
state to enter the
initialization
state. When the
module enters the
initialization state, it
erases all Module
keys (KM), the
module's signing key
(KML), and the hash
of the Security
Unauthenticated Z KA, KRE, KR,
KJSO, KM, KAL,
KML, KNSO, LT
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 27 of 38
Service Description Authorized roles Access CSPs
Officer's keys,
HKNSO. It then
generates a new KML
and KM.
Insert a Softcard
Cmd_InsertSoftToken
Allocates memory on
the module that is
used to store the
logical token share
and other data
objects.
Unauthenticated R Share Key
Remove a Softcard
Cmd_RemoveSoftToken
Removes a Softcard
from the module. It
returns the updated
shares and deletes
them from the
module’s memory.
Unauthenticated Z Share Key
Impath secure channel
Cmd_ImpathGetInfo
Cmd_ImpathKXBegin
Cmd_ImpathKXFinish
Cmd_ImpathReceive
Cmd_ImpathSend
Support for Impath
secure channel.
Requires Feature
Enabled.
NSO / JSO / User R, W KML, Impath
keys
Key generation
Cmd_GenerateKey
Cmd_GenerateKeyPair
Generates a
cryptographic key of
a given type with a
specified ACL. It
returns a handle to
the key. Optionally,
it returns a KML
signed certificate
with the hash of the
key and its ACL
information.
Unauthenticated R, W KML, DRBG
internal state,
KA, KJSO,
Key import
Cmd_Import
Loads a plain text key
into the module.
Unauthenticated R KA, KJSO
Derive Key
Cmd_DeriveKey
Performs key
wrapping,
unwrapping,
transport and
derivation. The ACL
NSO / JSO / User R, W KA, KJSO
28 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
Service Description Authorized roles Access CSPs
needs to authorize
this operation.
Load Blob
Cmd_LoadBlob
Load a Key blob into
the module. It
returns a handle to
the key suitable for
use with module
services.
NSO / JSO / User W KA, KRE, KR,
KJSO, KM,
KNSO
Load Logical Token
Cmd_LoadLogicalToken
Initiates loading a
Logical Token from
Shares, which can be
loaded with the Read
Share command.
Unauthenticated - None
Generate Logical Token
Cmd_GenerateLogicalToken
Creates a new Logical
Token with given
properties and secret
sharing parameters.
Unauthenticated W KM, LT, KJSO
Message digest
Cmd_Hash
Computes the
cryptographic hash of
a given message.
Unauthenticated - None
Modular Exponentiation
Cmd_ModExp
Cmd_ModExpCrt
Cmd_RSAImmedVerifyEncrypt
Cmd_RSAImmedSignDecrypt
Performs a modular
exponentiation
(standard or CRT) on
values supplied with
the command.
Unauthenticated - None
Module hardware information
Cmd_ModuleInfo
Reports detailed
hardware
information.
Unauthenticated - None
No Operation
Cmd_NoOp
No operation. Unauthenticated - None
Change Share Passphrase
Cmd_ChangeSharePIN
Cmd_ChangeShareGroupPIN
Updates the
passphrase of a
Share.
NSO / JSO / User R, W Share Keys
NVRAM Allocate
Cmd_NVMemAllocate
Allocation in NVRAM. NSO / JSO - None
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 29 of 38
Service Description Authorized roles Access CSPs
NVRAM Free
Cmd_NVMemFree
Deallocation from
NVRAM.
NSO / JSO - None
Operation on NVM list
Cmd_NVMemList
Returns a list of files
in NVRAM.
Unauthenticated - None
Operation on NVM files
Cmd_NVMemOp
Operation on an
NVRAM file.
Unauthenticated None
Key export
Cmd_Export
Exports a key in plain
text.
NSO / JSO / User R KA
Pause for notifications
Cmd_PauseForNotifications
Wait for a response
from the module.
Unauthenticated None
Read file
Cmd_ReadFile
Reads data from a file
on a Smartcard or
Softcard. The ACL
needs to authorize
this operation.
NSO / JSO - None
Read share
Cmd_ReadShare
Reads a share from a
Smartcard or
Softcard. Once a
quorum of shares
have been loaded,
the module re-
assembles the Logical
Token.
NSO / JSO / User R Share Keys, LT
Send share to remote slot
Cmd_SendShare
Reads a Share and
encrypts it with the
Impath session keys
for transmission to
the peer module.
NSO / JSO / User R Impath Keys,
Share Keys
Receive share from remote slot
Cmd_ReceiveShare
Receives a Share
encrypted with the
Impath session keys
by a remote module.
NSO / JSO / User R Impath Keys,
Share Keys
Redeem Ticket
Cmd_RedeemTicket
Gets a handle in the
current name space
for the object
referred to by a ticket
NSO / JSO / User - None
30 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
Service Description Authorized roles Access CSPs
created by Get
Ticket.
Remote Administration
Cmd_DynamicSlotCreateAssociation
Cmd_DynamicSlotExchangeAPDUs
Cmd_DynamicSlotsConfigure
Cmd_DynamicSlotsConfigureQuery
Cmd_VerifyCertificate
Provides remote
presentation of
Smartcards using a
secure channel
between the module
and the Smartcard.
NSO / JSO / User R, W Remote
administration
session keys
Destroy
Cmd_Destroy
Remove handle to an
object in RAM. If the
current handle is the
only one remaining,
the object is deleted
from RAM.
Unauthenticated Z KA, KJSO,
KNSO, LT
Report statistics
Cmd StatGetValues
Cmd_StatEnumTree
Reports the values of
the statistics tree.
Unauthenticated - None
Show Status
Cmd_NewEnquiry
Report status
information.
Unauthenticated - None
Secure Execution Engine
Cmd_CreateSEEWorld
Cmd_GetWorldSigners
Cmd_SEEJob
Cmd_SetSEEMachine
Cmd_TraceSEEWorld
Creation and
interaction with SEE
machines.
NSO / JSO - None
Set ACL
Cmd_SetACL
Replaces the ACL of a
given key with a new
ACL. The ACL needs
to authorize this
operation.
NSO / JSO / User W KA
Set key application data
Cmd_SetAppData
Writes the
application
information field of a
key.
User W KA
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 31 of 38
Service Description Authorized roles Access CSPs
Set NSO Permissions
Cmd_SetNSOPerms
Sets the NSO key
hash and which
permissions require a
Delegation
Certificate.
NSO - None
Set real time clock
Cmd_SetRTC
Sets the Real-Time
Clock value.
NSO / JSO - None
Signature generation
Cmd_Sign
Generate a digital
signature or MAC
value.
NSO / JSO / User R KA, KNSO,
KJSO
Sign Module State
Cmd_SignModuleState
Returns a signed
certificate that
contains data about
the current
configuration of the
module.
Unauthenticated R KML
Signature verification
Cmd_Verify
Verifies a digital
signature or MAC
value.
NSO / JSO / User R KA
Write file
Cmd_WriteFile
Writes a file to a
Smartcard or
Softcard.
NSO / JSO - None
Write share
Cmd_WriteShare
Writes a Share to a
Smartcard or
Softcard.
Unauthenticated - None
32 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 33 of 38
new-world
enquiry
active modes UseFIPSApprovedInternalMechanisms AlwaysUseStrongPrimes
active modes UseFIPSApprovedInternalMechanisms
34 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 35 of 38
•
•
•
Algorithm Description
AES Known Answer Test: ECB encryption and decryption with
128, 192 and 256-bit keys
AES CMAC Known Answer Test: 128-bit key
TDES Known Answer Test: ECB encryption and decryption with
168-bit keys
TDES CBC MAC Known Answer Test: 168-bit key
SHA1 SHA1 KAT test, other size are tested along with KAT HMAC
HMAC with SHA1, SHA224, SHA256,
SHA384, SHA512
Known Answer Test
RSA Known Answer Test: sign/verify, encrypt/decrypt with 2048-
bit key
Pair-Wise consistency test: sign/verify
DSA Known Answer Test: sign/verify with 2048-bit key
Pair-Wise consistency test: sign/verify
ECDSA Pair-Wise consistency test: sign/verify with curves P-224 and
B-233
Key Agreement Shared Secret Computation Known Answer Test for DH
Key Agreement Shared Secret Computation Known Answer Test for
ECDH with curves P-384 and B-233
36 of 38 MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2
Algorithm Description
One-step KDF Known Answer Test with SHA-256 auxiliary function
Two-step KDF Known Answer Test with HMAC-SHA256 auxiliary function
KBKDF Known Answer Test
DRBG Health Tests according to SP 800-90A
Entropy source SP800-90B section 4.4 health tests: adaptive proportion test
and repetition count test
•
•
•
MiniHSM & MiniHSM for nShield Edge F2 Non-proprietary Security Policy for FIPS 140-2 Level 2 37 of 38