This page was not yet optimized for use on mobile
devices.
Luna® PCI-E Cryptographic Module and Luna® PCI-E Cryptographic Module for Luna® SA
Certificate #2489
Webpage information
Security policy
Symmetric Algorithms
AES, AES-256, CAST5, RC2, RC5, DES, Triple-DES, ARIA, SEED, HMAC, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, CMACAsymmetric Algorithms
RSA-2048, RSA-4096, RSA-1024, RSA 2048, RSA 4096, ECDH, ECDSA, ECC, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA224, SHA384, SHA256, SHA512, MD5Schemes
MAC, Key AgreementProtocols
SSL, TLSRandomness
PRNG, DRBG, RNG, RBGElliptic Curves
P-224, P-256, P-384, P-192, P-521, K-233, K-409, B-163, B-283, B-571, B-233, B-409Block cipher modes
ECB, CBC, CTR, OFB, GCMSecurity level
Level 3, level 3, Level 2Side-channel analysis
physical probing, Timing attacksStandards
FIPS 140-2, FIPS PUB 140-2, FIPS PUB 186-2, FIPS PUB 186-4, FIPS PUB 197, FIPS PUB 180-4, FIPS PUB 198-1, FIPS PUB 113, NIST SP 800-90A, SP 800-67, SP 800-57, NIST SP 800-108, NIST SP 800-56A, SP 800-131A, NIST SP 800-38B, PKCS #11, PKCS#11, PKCS #1, X.509File metadata
| Title | Level 3 Security Policy for K4 |
|---|---|
| Author | Shawn Campbell |
| Creation date | D:20180323144403-04'00' |
| Modification date | D:20180323144403-04'00' |
| Pages | 61 |
| Creator | Microsoft® Word 2016 |
| Producer | Microsoft® Word 2016 |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 2489,
"dgst": "9a1cfcffdce419d6",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"Triple-DES MAC#1599",
"AES#2664",
"RSA#1369",
"Triple-DES#1598",
"ECDSA#462",
"KBKDF#14",
"RSA#1371",
"DRBG#428",
"SHS#2240",
"AES#2667",
"HMAC#1658",
"ECDSA#463",
"Triple-DES MAC#1137",
"ECDSA#461",
"SHS#2237",
"Triple-DES MAC#1598",
"DSA#806",
"HMAC#1655",
"AES#1756",
"Triple-DES#1137",
"DSA#807",
"KAS#43",
"Triple-DES#1599",
"DSA#804"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"6.10.9",
"6.10.7",
"6.11.2"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDH": {
"ECDH": 3
},
"ECDSA": {
"ECDSA": 7
}
},
"FF": {
"DH": {
"DH": 1,
"Diffie-Hellman": 6
},
"DSA": {
"DSA": 10
}
},
"RSA": {
"RSA 2048": 1,
"RSA 4096": 1,
"RSA-1024": 1,
"RSA-2048": 2,
"RSA-4096": 2
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 7
},
"CTR": {
"CTR": 3
},
"ECB": {
"ECB": 7
},
"GCM": {
"GCM": 2
},
"OFB": {
"OFB": 2
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"SSL": {
"SSL": 1
},
"TLS": {
"TLS": 6
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 3
},
"MAC": {
"MAC": 6
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"B-163": 2,
"B-233": 7,
"B-283": 2,
"B-409": 3,
"B-571": 2,
"K-233": 5,
"K-409": 5,
"P-192": 4,
"P-224": 12,
"P-256": 10,
"P-384": 10,
"P-521": 8
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 3,
"#11": 5,
"#1369": 1,
"#1371": 1,
"#1655": 1,
"#1658": 1,
"#461": 1,
"#462": 1,
"#463": 1,
"#804": 1,
"#806": 1,
"#807": 1
}
},
"fips_certlike": {
"Certlike": {
"AES 128, 192": 2,
"AES 256": 5,
"AES-256": 11,
"AES-256 428": 1,
"DSA (Cert #804": 1,
"DSA 1024": 1,
"DSA 2048": 1,
"Diffie-Hellman (2048": 1,
"HMAC (Cert #1658": 1,
"HMAC SHA-1": 1,
"HMAC SHA-224": 1,
"HMAC SHA-256": 1,
"HMAC SHA-384": 1,
"HMAC SHA-512": 1,
"HMAC-SHA-1": 6,
"HMAC-SHA-123": 2,
"HMAC-SHA-126": 2,
"HMAC-SHA-224": 4,
"HMAC-SHA-256": 4,
"HMAC-SHA-384": 4,
"HMAC-SHA-512 1655": 2,
"HMAC-SHA-512 1658": 2,
"PKCS #1": 6,
"PKCS #11": 10,
"PKCS#11": 2,
"RSA 2048": 1,
"RSA 4096": 1,
"SHA( 1": 3,
"SHA( 224": 7,
"SHA( 256": 14,
"SHA(1": 11,
"SHA(224": 8,
"SHA- 1, 224": 2,
"SHA- 256": 2,
"SHA- 384": 2,
"SHA- 512": 1,
"SHA-1": 14,
"SHA-1, 224": 31,
"SHA-121": 1,
"SHA-224": 45,
"SHA-256": 17,
"SHA-384": 14,
"SHA-512": 15,
"SHA224": 2,
"SHA256": 2,
"SHA384": 4,
"SHA512": 2
}
},
"fips_security_level": {
"Level": {
"Level 2": 2,
"Level 3": 12,
"level 3": 1
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 45
},
"SHA2": {
"SHA-224": 45,
"SHA-256": 17,
"SHA-384": 14,
"SHA-512": 15,
"SHA224": 2,
"SHA256": 2,
"SHA384": 4,
"SHA512": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 34,
"PRNG": 1
},
"RNG": {
"RBG": 1,
"RNG": 1
}
},
"side_channel_analysis": {
"SCA": {
"Timing attacks": 1,
"physical probing": 1
}
},
"standard_id": {
"FIPS": {
"FIPS 140-2": 10,
"FIPS PUB 113": 1,
"FIPS PUB 140-2": 4,
"FIPS PUB 180-4": 1,
"FIPS PUB 186-2": 5,
"FIPS PUB 186-4": 5,
"FIPS PUB 197": 2,
"FIPS PUB 198-1": 1
},
"NIST": {
"NIST SP 800-108": 2,
"NIST SP 800-38B": 1,
"NIST SP 800-56A": 1,
"NIST SP 800-90A": 6,
"SP 800-131A": 5,
"SP 800-57": 2,
"SP 800-67": 2
},
"PKCS": {
"PKCS #1": 3,
"PKCS #11": 5,
"PKCS#11": 1
},
"X509": {
"X.509": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 21,
"AES-256": 12
},
"CAST": {
"CAST5": 2
},
"RC": {
"RC2": 2,
"RC5": 2
}
},
"DES": {
"3DES": {
"Triple-DES": 23
},
"DES": {
"DES": 2
}
},
"constructions": {
"MAC": {
"CMAC": 2,
"HMAC": 11,
"HMAC-SHA-224": 2,
"HMAC-SHA-256": 2,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 2
}
},
"miscellaneous": {
"ARIA": {
"ARIA": 3
},
"SEED": {
"SEED": 3
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Shawn Campbell",
"/CreationDate": "D:20180323144403-04\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2016",
"/ModDate": "D:20180323144403-04\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2016",
"/Title": "Level 3 Security Policy for K4",
"pdf_file_size_bytes": 1358763,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.safenet-inc.com/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 61
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "35c863f67be58cff1044d32769c61fbbbe3ec9a5025918fb3dbef7bcf06d399b",
"policy_txt_hash": "3416a851fd6cf8ce3dc3a6dc30b7d7ada7a16735c2da2504c22c587b0276bdba"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and initialized to Overall Level 3 per Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertDec2015.pdf",
"date_sunset": null,
"description": "\"The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card.\"",
"embodiment": "Multi-Chip Embedded",
"exceptions": null,
"fw_versions": "6.10.7, 6.10.9 and 6.11.2",
"historical_reason": "186-2 transition",
"hw_versions": "VBD-05, Version Code 0100, VBD-05, Version Code 0101, VBD-05, Version Code 0103",
"level": 3,
"mentioned_certs": {},
"module_name": "Luna\u00ae PCI-E Cryptographic Module and Luna\u00ae PCI-E Cryptographic Module for Luna\u00ae SA",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2015-12-15",
"lab": "EWA - Canada",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2017-11-20",
"lab": "EWA - Canada",
"validation_type": "Update"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2018-03-27",
"lab": "EWA - Canada",
"validation_type": "Update"
}
],
"vendor": "[email\u00a0protected]",
"vendor_url": "/cdn-cgi/l/email-protection"
}
}