X4i Postal Security Device (PSD)

Certificate #4081

Webpage information

Status active
Validation dates 30.11.2021 , 05.01.2023 , 01.09.2023
Sunset date 21-09-2026
Standard FIPS 140-2
Security level 3
Type Hardware
Embodiment Single Chip
Caveat When operated in FIPS Mode. No assurance of the minimum strength of generated keys.
Description The X4i PSD is a single chip cryptographic module using the Maxim MAX32590 hardware that provides security services to support the creation of digital postage evidence in the form of an indicium.
Version (Hardware) MAX32590 Secure Microcontroller Revision B4
Version (Firmware) PB Bootloader Version 00.00.0016, PSD Application Versions 21.07.0013 and 21.07.0018, and Device Abstraction Layer (DAL) Version 01.02.0027 and 01.02.0041
Vendor Pitney Bowes, Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Certificate
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES, AES-256, DES, Triple-DES, TDES, HMAC, HMAC-SHA-256
Asymmetric Algorithms
RSA 2048, ECDH, ECDSA, ECC, DH, Diffie-Hellman, DSA
Hash functions
SHA-1, SHA-256, SHA-224
Schemes
MAC, Key Agreement
Randomness
DRBG
Elliptic Curves
P-256, P-224, P-192, P-160
Block cipher modes
ECB, CBC

Trusted Execution Environments
PSP

Security level
Level 3, Level 1, Level 4

Standards
FIPS 140-2, FIPS 197, FIPS 186-4, FIPS 198-1, FIPS 180-4, FIPS PUB 186-4, FIPS PUB 197, FIPS PUB 198-1, FIPS PUB 180-4, FIPS PUB 140-2, SP 800-56A, SP 800-56C, SP 800-38A, SP 800-90A, SP 800-38F, PKCS 1

File metadata

Author Aryeh
Creation date D:20230728101952-07'00'
Modification date D:20230728101952-07'00'
Pages 26
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

References

Outgoing
  • 2900 - historical - SAP CommonCryptoLib Crypto Kernel

Heuristics

No heuristics are available for this certificate.

References

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4081,
  "dgst": "68d6d6acae8db4b9",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "HMAC#C464",
        "DRBG#C472",
        "KTS#C464",
        "RSA#C477",
        "AES#5954",
        "KTS#5954",
        "ECDSA#C476",
        "SHS#C295"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "01.02.0027",
        "01.02.0041",
        "00.00.0016",
        "21.07.0013",
        "21.07.0018"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "2900"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "2900"
        ]
      }
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": [
        "2900"
      ]
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 6
          },
          "ECDH": {
            "ECDH": 3
          },
          "ECDSA": {
            "ECDSA": 61
          }
        },
        "FF": {
          "DH": {
            "DH": 7,
            "Diffie-Hellman": 2
          },
          "DSA": {
            "DSA": 4
          }
        },
        "RSA": {
          "RSA 2048": 2
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 5
        },
        "ECB": {
          "ECB": 4
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 2
        },
        "MAC": {
          "MAC": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-160": 3,
          "P-192": 9,
          "P-224": 6,
          "P-256": 98
        }
      },
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#2900": 1,
          "#475": 1,
          "#5954": 6
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES (Cert. #5954": 1,
          "AES 256": 10,
          "AES CBC 256": 1,
          "AES CBC 256 (Cert. #5954": 2,
          "AES Cert. #5954": 2,
          "AES-256": 4,
          "Certificate DRBG": 1,
          "DSA Cert. #475": 1,
          "HMAC-SHA-1": 4,
          "HMAC-SHA-256": 30,
          "HMAC-SHA-256 256": 2,
          "HMAC-SHA-2565": 2,
          "PKCS 1": 8,
          "RSA 2048": 2,
          "SHA-1": 16,
          "SHA-224": 1,
          "SHA-256": 15,
          "SHA-2567": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 1,
          "Level 3": 6,
          "Level 4": 1
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 16
          },
          "SHA2": {
            "SHA-224": 1,
            "SHA-256": 15
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 42
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 9,
          "FIPS 180-4": 1,
          "FIPS 186-4": 2,
          "FIPS 197": 1,
          "FIPS 198-1": 1,
          "FIPS PUB 140-2": 11,
          "FIPS PUB 180-4": 1,
          "FIPS PUB 186-4": 1,
          "FIPS PUB 197": 1,
          "FIPS PUB 198-1": 1
        },
        "NIST": {
          "SP 800-38A": 1,
          "SP 800-38F": 2,
          "SP 800-56A": 2,
          "SP 800-56C": 2,
          "SP 800-90A": 2
        },
        "PKCS": {
          "PKCS 1": 4
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 24,
            "AES-256": 4
          }
        },
        "DES": {
          "3DES": {
            "TDES": 1,
            "Triple-DES": 2
          },
          "DES": {
            "DES": 1
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 12,
            "HMAC-SHA-256": 16
          }
        }
      },
      "tee_name": {
        "AMD": {
          "PSP": 4
        }
      },
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Aryeh",
      "/CreationDate": "D:20230728101952-07\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20230728101952-07\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "pdf_file_size_bytes": 702547,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=10836",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=10823",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=10831",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=10347",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=10835",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=10655"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 26
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "ca5c65ffde23b3176a20ec013aeea3be376abe5cbfbf142a9e904b50d5a55a20",
    "policy_txt_hash": "347ce01ba4a95427a57fee63a04af7af4ed02f4ad2eb470ceec3d2a93c9c4ee8"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS Mode. No assurance of the minimum strength of generated keys.",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/November 2021_011221_0923_signed.pdf",
    "date_sunset": "2026-09-21",
    "description": "The X4i PSD is a single chip cryptographic module using the Maxim MAX32590 hardware that provides security services to support the creation of digital postage evidence in the form of an indicium.",
    "embodiment": "Single Chip",
    "exceptions": null,
    "fw_versions": "PB Bootloader Version 00.00.0016, PSD Application Versions 21.07.0013 and 21.07.0018, and Device Abstraction Layer (DAL) Version 01.02.0027 and 01.02.0041",
    "historical_reason": null,
    "hw_versions": "MAX32590 Secure Microcontroller Revision B4",
    "level": 3,
    "mentioned_certs": {},
    "module_name": "X4i Postal Security Device (PSD)",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2021-11-30",
        "lab": "Penumbra Security, Inc.",
        "validation_type": "Initial"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-01-05",
        "lab": "Penumbra Security, Inc.",
        "validation_type": "Update"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-09-01",
        "lab": "Penumbra Security, Inc.",
        "validation_type": "Update"
      }
    ],
    "vendor": "Pitney Bowes, Inc.",
    "vendor_url": "http://www.pb.com"
  }
}