This page was not yet optimized for use on mobile devices.

Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.

	nShield 5s Hardware Security Module	nShield 5s Hardware Security Module
cert_id	4765	4745
dgst	04db176799f4676f	3baf3ab2c95ce1d8
heuristics/algorithms	KAS-FFC Sp800-56Ar3A3707, AES-CMACA3707, HMAC-SHA3-224A3707, HMAC-SHA3-256A3707, AES-ECBA3707, AES-GCMA3707, KTS-IFCA3707, Hash DRBGA3707, RSA KeyGen (FIPS186-4)A3707, HMAC-SHA2-256A3707, SHA2-256A3707, SHA3-512A3707, KMAC-128A3707, SHA2-224A3707, AES-CTRA3706, SHA-1A3707, DSA SigVer (FIPS186-4)A3707, AES-KWA3707, DSA KeyGen (FIPS186-4)A3707, RSA SigGen (FIPS186-4)A3707, ECDSA KeyVer (FIPS186-4)A3707, DSA PQGVer (FIPS186-4)A3707, KAS-ECC-SSC Sp800-56Ar3A3706, HMAC-SHA2-384A3707, AES-KWPA3707, SHA3-384A3707, SHA3-224A3707, KMAC-256A3707, KAS-ECC Sp800-56Ar3A3707, ECDSA SigGen (FIPS186-4)A3707, KDF SSHA3706, Safe Primes Key GenerationA3707, HMAC-SHA-1A3707, KDF SP800-108A3707, SHA2-512A3707, DSA PQGGen (FIPS186-4)A3707, DSA SigGen (FIPS186-4)A3707, HMAC-SHA3-512A3707, SHA2-384A3707, HMAC-SHA2-224A3707, RSA SigVer (FIPS186-4)A3707, Safe Primes Key VerificationA3707, SHA3-256A3707, AES-CBCA3707, ECDSA KeyGen (FIPS186-4)A3707, HMAC-SHA2-512A3707, ECDSA SigVer (FIPS186-4)A3707, HMAC-SHA3-384A3707	Safe Primes Key VerificationA2513, KDF SSHA2512, AES-CTRA2512, KAS-ECC Sp800-56Ar3A2513, SHA2-256A2513, HMAC-SHA2-256A2513, SHA2-384A2513, SHA2-224A2513, DSA SigGen (FIPS186-4)A2513, HMAC-SHA-1A2513, AES-CBCA2513, DSA SigVer (FIPS186-4)A2513, ECDSA SigVer (FIPS186-4)A2513, HMAC-SHA2-224A2513, DSA PQGVer (FIPS186-4)A2513, AES-KWA2513, DSA KeyGen (FIPS186-4)A2513, AES-GCMA2513, AES-CMACA2513, AES-KWPA2513, KDF SP800-108A2513, SHA3-512A2513, AES-ECBA2513, SHA3-224A2513, HMAC-SHA2-384A2513, SHA2-512A2513, KAS-FFC Sp800-56Ar3A2513, SHA3-384A2513, KTS-IFCA2513, KAS-ECC-SSC Sp800-56Ar3A2512, RSA SigGen (FIPS186-4)A2513, ECDSA KeyVer (FIPS186-4)A2513, ECDSA SigGen (FIPS186-4)A2513, SHA-1A2513, DSA PQGGen (FIPS186-4)A2513, ECDSA KeyGen (FIPS186-4)A2513, RSA KeyGen (FIPS186-4)A2513, Hash DRBGA2513, HMAC-SHA2-512A2513, RSA SigVer (FIPS186-4)A2513, Safe Primes Key GenerationA2513, SHA3-256A2513
heuristics/cpe_matches	{}	{}
heuristics/direct_transitive_cves	{}	{}
heuristics/extracted_versions	13.4.5, 1.1.0, 13.2.4	1.1.0, 13.2.4
heuristics/indirect_transitive_cves	{}	{}
heuristics/module_processed_references/directly_referenced_by	{}	{}
heuristics/module_processed_references/directly_referencing	{}	{}
heuristics/module_processed_references/indirectly_referenced_by	{}	{}
heuristics/module_processed_references/indirectly_referencing	{}	{}
heuristics/module_prunned_references	{}	{}
heuristics/policy_processed_references/directly_referenced_by	{}	{}
heuristics/policy_processed_references/directly_referencing	{}	{}
heuristics/policy_processed_references/indirectly_referenced_by	{}	{}
heuristics/policy_processed_references/indirectly_referencing	{}	{}
heuristics/policy_prunned_references	{}	{}
heuristics/related_cves	{}	{}
heuristics/verified_cpe_matches	{}	{}
pdf_data/keywords/fips_cert_id	Cert: #3: 1	Cert: #3: 1
pdf_data/keywords/fips_security_level	Level: Level 1: 1 Level 3: 1 level 3: 3	Level: Level 1: 1 Level 3: 1 level 3: 3
pdf_data/keywords/fips_certlike	Certlike: AES 256: 6 AES-256: 2 DSA 3072: 2 HMAC SHA-3: 1 HMAC- SHA256: 3 HMAC-SHA1: 2 HMAC-SHA256: 10 RSA 3072: 1 RSA 4096: 2 SHA-1: 8 SHA-3: 3 SHA2-224: 2 SHA2-256: 10 SHA2-384: 2 SHA2-512: 7 SHA256: 3 SHA3-224: 2 SHA3-256: 2 SHA3-384: 3 SHA3-512: 1 SHA3-512 2048: 1	Certlike: AES 256: 6 AES-256: 2 DSA 3072: 2 HMAC SHA-3: 1 HMAC- SHA256: 2 HMAC-SHA1: 2 HMAC-SHA256: 12 RSA 3072: 1 RSA 4096: 2 SHA-1: 11 SHA-3: 2 SHA2- 224: 2 SHA2- 384: 2 SHA2-224: 9 SHA2-256: 22 SHA2-384: 8 SHA2-512: 14 SHA256: 2 SHA3-224: 3 SHA3-256: 3 SHA3-384: 3 SHA3-512: 3
pdf_data/keywords/vendor	Microsoft: Microsoft: 1 Microsoft Corporation: 1	Microsoft: Microsoft: 1 Microsoft Corporation: 1
pdf_data/keywords/eval_facility
pdf_data/keywords/symmetric_crypto	AES_competition: AES: AES: 61 AES-256: 2 constructions: MAC: CMAC: 6 HMAC: 36 KMAC: 4	AES_competition: AES: AES: 51 AES-256: 2 constructions: MAC: CMAC: 6 HMAC: 26 KMAC: 3
pdf_data/keywords/asymmetric_crypto	ECC: ECC: ECC: 1 ECDH: ECDH: 9 ECDSA: ECDSA: 31 FF: DH: DH: 4 DSA: DSA: 13 RSA: RSA 3072: 1 RSA 4096: 2	ECC: ECC: ECC: 1 ECDH: ECDH: 10 ECDSA: ECDSA: 31 FF: DH: DH: 5 DSA: DSA: 17 RSA: RSA 3072: 1 RSA 4096: 2 RSA-OAEP: 1
pdf_data/keywords/pq_crypto
pdf_data/keywords/hash_function	SHA: SHA1: SHA-1: 8 SHA2: SHA256: 3 SHA3: SHA-3: 3 SHA3-224: 2 SHA3-256: 2 SHA3-384: 3 SHA3-512: 2	SHA: SHA1: SHA-1: 11 SHA2: SHA256: 2 SHA3: SHA-3: 2 SHA3-224: 3 SHA3-256: 3 SHA3-384: 3 SHA3-512: 3
pdf_data/keywords/crypto_scheme	KA: KA: 21 Key agreement: 8 MAC: MAC: 43	KA: KA: 22 Key agreement: 10 MAC: MAC: 33
pdf_data/keywords/crypto_protocol	SSH: SSH: 55	SSH: SSH: 46
pdf_data/keywords/randomness	PRNG: DRBG: 40	PRNG: DRBG: 39
pdf_data/keywords/cipher_mode	CBC: CBC: 12 CTR: CTR: 20 ECB: ECB: 8 GCM: GCM: 29	CBC: CBC: 13 CTR: CTR: 13 ECB: ECB: 7 GCM: GCM: 23
pdf_data/keywords/ecc_curve	NIST: B-233: 4 B-283: 2 B-409: 2 B-571: 2 K-233: 2 K-283: 2 K-409: 2 K-571: 2 NIST P-224: 2 NIST P-256: 3 P-224: 4 P-256: 26 P-384: 6 P-521: 24 curve P-256: 1 curve P-521: 2	NIST: B-233: 7 B-283: 5 B-409: 5 B-571: 5 K-233: 5 K-283: 5 K-409: 5 K-571: 5 P-192: 2 P-224: 12 P-256: 37 P-384: 10 P-521: 20 curve P-256: 1 curve P-521: 2
pdf_data/keywords/crypto_engine
pdf_data/keywords/tls_cipher_suite
pdf_data/keywords/crypto_library
pdf_data/keywords/vulnerability
pdf_data/keywords/side_channel_analysis
pdf_data/keywords/device_model
pdf_data/keywords/tee_name	AMD: PSP: 6	AMD: PSP: 4
pdf_data/keywords/os_name
pdf_data/keywords/cplc_data
pdf_data/keywords/ic_data_group
pdf_data/keywords/standard_id	FIPS: FIPS 140-3: 10 FIPS 180-4: 3 FIPS 186-4: 6 FIPS 197: 2 FIPS 198: 2 FIPS 202: 1 ISO: ISO/IEC 19790: 2 ISO/IEC 24759: 2 NIST: SP 800-185: 1 SP 800-38A: 1 SP 800-38B: 1 SP 800-38D: 3 SP 800-38F: 1 SP 800-90B: 4	FIPS: FIPS 140-3: 10 FIPS 180-4: 3 FIPS 186-4: 16 FIPS 197: 2 FIPS 198: 2 FIPS 202: 1 ISO: ISO/IEC 19790: 2 ISO/IEC 24759: 2 NIST: SP 800-38A: 2 SP 800-38B: 1 SP 800-38D: 3 SP 800-38F: 1 SP 800-90B: 4
pdf_data/keywords/javacard_version
pdf_data/keywords/javacard_api_const
pdf_data/keywords/javacard_packages
pdf_data/keywords/certification_process
pdf_data/policy_metadata	/CreationDate: D:20240807180242+02'00' /Creator: Microsoft® Word for Microsoft 365 /ModDate: D:20240807180242+02'00' /Producer: Microsoft® Word for Microsoft 365 /Title: nShield Word Template pdf_file_size_bytes: 1341833 pdf_hyperlinks: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16234, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14887, https://www.entrust.com/, https://csrc.nist.gov/projects/cryptographic-module-validation-program/entropy-validations/certificate/38, https://en.wikipedia.org/wiki/Zero-configuration_networking, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=36317, https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/entropy/E38_PublicUse.pdf, https://nshieldsupport.entrust.com/, mailto:[email protected] pdf_is_encrypted: False pdf_number_of_pages: 44	/Author: Dieguez, Ignacio /CreationDate: D:20240729161621+02'00' /Creator: Microsoft® Word for Microsoft 365 /ModDate: D:20240729161621+02'00' /Producer: Microsoft® Word for Microsoft 365 /Title: nShield 5s HSM FIPS 140-3 Level 3 Security Policy pdf_file_size_bytes: 1591755 pdf_hyperlinks: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14887, https://www.entrust.com/, https://csrc.nist.gov/projects/cryptographic-module-validation-program/entropy-validations/certificate/38, https://en.wikipedia.org/wiki/Zero-configuration_networking, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=35123, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=35124, https://nshieldsupport.entrust.com/, mailto:[email protected] pdf_is_encrypted: False pdf_number_of_pages: 47
state/module_download_ok	True	True
state/module_extract_ok	True	True
state/policy_convert_garbage	False	False
state/policy_convert_ok	True	True
state/policy_download_ok	True	True
state/policy_extract_ok	True	True
state/policy_pdf_hash	Different	Different
state/policy_txt_hash	Different	Different
web_data/caveat	Interim validation. When installed, initialized and configured as specified in Section 11.3 of the Security Policy	When installed, initialized and configured as specified in Section 11.3 of the Security Policy
web_data/certificate_pdf_url	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2024_010924_0336.pdf	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/July 2024_010824_1146.pdf
web_data/date_sunset	18.08.2026	30.07.2029
web_data/description	The nShield 5s Hardware Security Module is a multi-chip embedded hardware Cryptographic Module as defined in FIPS 140-3, which comes in a PCI express board form factor protected by a tamper resistant enclosure, and performs encryption, digital signing, and key management on behalf of an extensive range of commercial and custom-built applications including public key infrastructures (PKIs), identity management systems, application-level encryption and tokenization, SSL/TLS, and code signing.	The nShield 5s PCIe Hardware Security Module (HSM) is a multi-chip embedded hardware Cryptographic Module as defined in FIPS 140-3, which comes in a PCI express board form factor protected by a tamper resistant enclosure, and performs encryption, digital signing, and key management on behalf of an extensive range of commercial and custom-built applications including public key infrastructures (PKIs), identity management systems, application-level encryption and tokenization, SSL/TLS, and code signing.
web_data/embodiment	Multi-Chip Embedded	Multi-Chip Embedded
web_data/exceptions	Operational environment: N/A, Non-invasive security: N/A, Mitigation of other attacks: N/A, Documentation requirements: N/A, Cryptographic module security policy: N/A	Operational environment: N/A, Non-invasive security: N/A, Mitigation of other attacks: N/A, Documentation requirements: N/A, Cryptographic module security policy: N/A
web_data/fw_versions	p, r, i, m, a, r, y, -, v, e, r, s, i, o, n, , 1, 3, ., 4, ., 5, ;, , r, e, c, o, v, e, r, y, -, v, e, r, s, i, o, n, , 1, 3, ., 2, ., 4, ;, , u, b, o, o, t, -, v, e, r, s, i, o, n, , 1, ., 1, ., 0	p, r, i, m, a, r, y, -, v, e, r, s, i, o, n, , 1, 3, ., 2, ., 4, ;, , r, e, c, o, v, e, r, y, -, v, e, r, s, i, o, n, , 1, 3, ., 2, ., 4, ;, , u, b, o, o, t, -, v, e, r, s, i, o, n, , 1, ., 1, ., 0
web_data/historical_reason	None	None
web_data/hw_versions	P, C, A, 1, 0, 0, 0, 5, -, 0, 1, , r, e, v, i, s, i, o, n, , 0, 3, , a, n, d, , 0, 4	P, C, A, 1, 0, 0, 0, 5, -, 0, 1, , r, e, v, i, s, i, o, n, , 0, 3, , a, n, d, , 0, 4
web_data/level	3	3
web_data/mentioned_certs
web_data/module_name	nShield 5s Hardware Security Module	nShield 5s Hardware Security Module
web_data/module_type	Hardware	Hardware
web_data/revoked_link	None	None
web_data/revoked_reason	None	None
web_data/standard	FIPS 140-3	FIPS 140-3
web_data/status	active	active
web_data/sw_versions	None	None
web_data/tested_conf	n/a	n/a
web_data/validation_history	date: 19.08.2024 lab: Lightship Security, Inc. validation_type: Initial	date: 31.07.2024 lab: Lightship Security, Inc. validation_type: Initial
web_data/vendor	Entrust	Entrust
web_data/vendor_url	http://www.entrust.com	http://www.entrust.com