This page was not yet optimized for use on mobile devices.
Marvell LS2 HSM Family
Certificate #4703
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-256, CAST, DES, Triple-DES, TDES, TDEA, HMAC, HMAC-SHA-256, HMAC-SHA-512, CMACAsymmetric Algorithms
RSA 2048, RSA 1024, ECDH, ECDSA, ECC, Diffie-Hellman, DHHash functions
SHA-1, SHA-256, SHA-512, SHA-224, SHA-384, SHA256, SHA512, SHA2, SHA-2, SHA3-224, SHA3, SHA3-256, SHA3-384, SHA3-512, PBKDFSchemes
MAC, Key agreement, Key AgreementProtocols
SSL, TLS 1.2, TLS, TLS v1.2, TLSv1.2Randomness
DRBG, RBGLibraries
OpenSSLElliptic Curves
P-224, P-256, P-384, P-521, B-283, B-409, B-571, K-283, K-409, K-571, K-163, B-163, brainpoolP224r1, brainpoolP256r1, brainpoolP320r1, brainpoolP384r1, brainpoolP512r1, brainpoolP160r1, FRP256v1, Curve25519Block cipher modes
ECB, CBC, CTR, GCMTLS cipher suites
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384Trusted Execution Environments
SSCSecurity level
Level 3, Level 1Side-channel analysis
physical tamperingStandards
FIPS 140-3, FIPS186-4, FIPS 180-4, FIPS 198-1, FIPS 186-4, FIPS 202, FIPS18, FIPS PUB 186-4, FIPS PUB 140-3, SP 800-38A, SP 800-38D, SP 800-38F, SP 800-132, SP 800-90B, SP 800-90A, SP 800-38B, SP 800-38C, SP 800-56A, PKCS #1, RFC 5288, ISO/IEC 24759File metadata
| Title | LS2 HSM Family Non-Proprietary Security Policy |
|---|---|
| Author | Marvell |
| Creation date | D:20240605013823+05'30' |
| Modification date | D:20240605013823+05'30' |
| Pages | 83 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
08.07.2024 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The certificate_pdf_url property was set to
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/June 2024_010724_1153.pdf.
- The certificate_pdf_url property was set to
-
04.07.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4703,
"dgst": "d95c59c87f64adc6",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"TDES-ECBA1948",
"HMAC-SHA2-512A1948",
"ECDSA KeyGen (FIPS186-4)A2393",
"ECDSA KeyVer (FIPS186-4)A1948",
"AES-GCMA1948",
"SHA3-384A1947",
"SHA-1A1948",
"ECDSA SigVer (FIPS186-4)A1948",
"RSA SigVer (FIPS186-4)A1948",
"RSA Signature PrimitiveA1947",
"AES-CTRA1947",
"KDF TLSA1947",
"SHA2-384A1948",
"AES-ECBA1947",
"Hash DRBGA1947",
"AES-KWPA1948",
"Counter DRBGA1948",
"KDF SP800-108A1948",
"ECDSA SigGen (FIPS186-4)A1948",
"KDA HKDF Sp800-56Cr1A1948",
"SHAKE-256A1947",
"AES-CMACA1948",
"RSA KeyGen (FIPS186-4)A2393",
"AES-GMACA1947",
"SHA3-256A1947",
"SHA3-224A1947",
"AES-KWA1948",
"RSA SigGen (FIPS186-4)A1948",
"SHA2-512A1948",
"KDA OneStep Sp800-56Cr1A1948",
"KAS-ECC Sp800-56Ar3A1948",
"AES-CCMA1947",
"RSA Decryption PrimitiveA1948",
"HMAC-SHA2-256A1948",
"SHA2-256A1948",
"SHA3-512A1947",
"KAS-IFC-SSCA1948",
"KAS-ECC-SSC Sp800-56Ar3A1948",
"HMAC-SHA-1A1948",
"KDF ANS 9.63A1948",
"TDES-CBCA1947",
"KTS-IFCA2393",
"HMAC-SHA2-384A1948",
"TDES-KWA1948",
"PBKDFA1948",
"SHAKE-128A1947",
"KDA TwoStep Sp800-56Cr1A1948",
"AES-CBCA1948"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"10.01",
"10.02"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 26
},
"ECDH": {
"ECDH": 20
},
"ECDSA": {
"ECDSA": 90
}
},
"FF": {
"DH": {
"DH": 6,
"Diffie-Hellman": 3
}
},
"RSA": {
"RSA 1024": 3,
"RSA 2048": 5
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"CTR": {
"CTR": 1
},
"ECB": {
"ECB": 3
},
"GCM": {
"GCM": 9
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 1
}
},
"crypto_protocol": {
"TLS": {
"SSL": {
"SSL": 2
},
"TLS": {
"TLS": 36,
"TLS 1.2": 5,
"TLS v1.2": 1,
"TLSv1.2": 2
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 1,
"Key agreement": 7
},
"MAC": {
"MAC": 26
}
},
"device_model": {},
"ecc_curve": {
"ANSSI": {
"FRP256v1": 2
},
"Brainpool": {
"brainpoolP160r1": 1,
"brainpoolP224r1": 2,
"brainpoolP256r1": 2,
"brainpoolP320r1": 2,
"brainpoolP384r1": 2,
"brainpoolP512r1": 2
},
"Curve": {
"Curve25519": 1
},
"NIST": {
"B-163": 1,
"B-283": 1,
"B-409": 1,
"B-571": 1,
"K-163": 1,
"K-283": 1,
"K-409": 1,
"K-571": 1,
"P-224": 27,
"P-256": 44,
"P-384": 22,
"P-521": 24
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 2,
"#2": 2
}
},
"fips_certlike": {
"Certlike": {
"AES 128, 192": 1,
"AES 256": 2,
"AES Encrypt/Decrypt, 128": 1,
"AES-256": 2,
"DES3": 1,
"HMAC SHA256": 1,
"HMAC-SHA-1": 20,
"HMAC-SHA-256": 12,
"HMAC-SHA-512": 4,
"PKCS #1": 4,
"RSA 1024": 3,
"RSA 2048": 5,
"SHA- 1": 1,
"SHA-1": 20,
"SHA-2 224": 1,
"SHA-2 256": 3,
"SHA-224": 3,
"SHA-256": 12,
"SHA-384": 4,
"SHA-512": 5,
"SHA2": 7,
"SHA2- 256": 1,
"SHA2- 384": 1,
"SHA2- 512": 2,
"SHA2-224": 3,
"SHA2-256": 26,
"SHA2-384": 22,
"SHA2-512": 24,
"SHA256": 1,
"SHA3": 5,
"SHA3-224": 2,
"SHA3-256": 2,
"SHA3-384": 2,
"SHA3-512": 2,
"SHA512": 2
}
},
"fips_security_level": {
"Level": {
"Level 1": 1,
"Level 3": 6
}
},
"hash_function": {
"PBKDF": {
"PBKDF": 15
},
"SHA": {
"SHA1": {
"SHA-1": 20
},
"SHA2": {
"SHA-2": 4,
"SHA-224": 3,
"SHA-256": 12,
"SHA-384": 4,
"SHA-512": 5,
"SHA2": 7,
"SHA256": 1,
"SHA512": 2
},
"SHA3": {
"SHA3": 5,
"SHA3-224": 2,
"SHA3-256": 2,
"SHA3-384": 2,
"SHA3-512": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 126
},
"RNG": {
"RBG": 7
}
},
"side_channel_analysis": {
"FI": {
"physical tampering": 1
}
},
"standard_id": {
"FIPS": {
"FIPS 140-3": 8,
"FIPS 180-4": 50,
"FIPS 186-4": 24,
"FIPS 198-1": 25,
"FIPS 202": 12,
"FIPS PUB 140-3": 2,
"FIPS PUB 186-4": 1,
"FIPS18": 1,
"FIPS186-4": 130
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"SP 800-132": 10,
"SP 800-38A": 44,
"SP 800-38B": 19,
"SP 800-38C": 5,
"SP 800-38D": 27,
"SP 800-38F": 62,
"SP 800-56A": 1,
"SP 800-90A": 2,
"SP 800-90B": 5
},
"PKCS": {
"PKCS #1": 2
},
"RFC": {
"RFC 5288": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 77,
"AES-256": 2
},
"CAST": {
"CAST": 2
}
},
"DES": {
"3DES": {
"TDEA": 1,
"TDES": 6,
"Triple-DES": 41
},
"DES": {
"DES": 13
}
},
"constructions": {
"MAC": {
"CMAC": 4,
"HMAC": 24,
"HMAC-SHA-256": 6,
"HMAC-SHA-512": 2
}
}
},
"tee_name": {
"IBM": {
"SSC": 6
}
},
"tls_cipher_suite": {
"TLS": {
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": 2,
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": 2
}
},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Marvell",
"/CreationDate": "D:20240605013823+05\u002730\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_ActionId": "4efc9241-017d-4d60-b41d-1f00899e05a0",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_ContentBits": "0",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Enabled": "true",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Method": "Privileged",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Name": "Unrestricted",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_SetDate": "2022-12-22T00:50:16Z",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_SiteId": "b64da4ac-e800-4cfc-8931-e607f720a1b8",
"/ModDate": "D:20240605013823+05\u002730\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"/Title": "LS2 HSM Family Non-Proprietary Security Policy",
"pdf_file_size_bytes": 1525774,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.marvell.com/support/downloads.html",
"http://www.marvell.com/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 83
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "0ffc03804fe6fde40b91c0ca7909026d6cd8c93f9ebcd3a996fcc818628ddd16",
"policy_txt_hash": "bd1781fdc3411935ace2a613952b4990a5cff95ad34633d00ae2d4c4f7194a81"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in approved mode. When installed, initialized and configured as specified in Section 11of the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/June 2024_010724_1153.pdf",
"date_sunset": "2029-06-05",
"description": "The LS2 HSM module is a multi-chip PCIe adapter with firmware. It consists of multiple firmware components, including an operating system, applications exposing services and interfaces related to secure key management, crypto operations, and policy management of the module",
"embodiment": "Multi-Chip Embedded",
"exceptions": [
"Operational environment: N/A",
"Non-invasive security: N/A",
"Mitigation of other attacks: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": "MARVELL-LS2-FW-10.02-1102, MARVELL-LS2-UBOOT-10.01-10; MARVELL-LS2-FW-10.02-1102, MARVELL-LS2-UBOOT-10.02-1200",
"historical_reason": null,
"hw_versions": "LS2-G-A100-B0; LS2-G-A200-B0; LS2-G-A300-B0; LS2-G-A400-B0",
"level": 3,
"mentioned_certs": {},
"module_name": "Marvell LS2 HSM Family",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-06-06",
"lab": "LEIDOS CSTL",
"validation_type": "Initial"
}
],
"vendor": "Marvell Semiconductor, Inc.",
"vendor_url": "http://www.marvell.com"
}
}