Apricorn FIPS 140-2 Encryption System Gen 2

Certificate #4528

Webpage information ?

Status active
Validation dates 05.06.2023
Sunset date 06-06-2026
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Multi-Chip Embedded
Caveat When configured as specified in Section 11.1 of the Security Policy
Exceptions
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Description The AFESG2 is a FIPS 140-2 Level 2 validated complete encryption system. Its software-free design allows interface to any host that supports USB and mass storage. All CSPs (PINs, encryption keys, etc.) are protected and never leave the module boundary for improved security. The device supports 1 Admin, 4 Users and offers a variety of features including forced enrollment, programmable brute force, recovery PINs, 7-16 digit PINs, auto lock, read-only modes, and is compatible with Apricorn’s Aegis Configurator. The AFESG2 is used in the Aegis Fortress, Padlock DT FIPS and Padlock SSD.
Version (Hardware) P/Ns AFESG2-1 Rev A2, AFESG2-2 Rev A2 and AFESG2-3 Rev A2
Version (Firmware) 2.2
Vendor Apricorn
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, AES-256
Asymmetric Algorithms
ECDH, ECDSA, ECC, DH, Diffie-Hellman
Hash functions
SHA-256
Schemes
Key Agreement
Randomness
DRBG, RNG
Elliptic Curves
P-256
Block cipher modes
ECB, CBC, XEX, XTS

Trusted Execution Environments
SSC

Security level
Level 2, Level 3
Certification process
out of scope, module only supports a FIPS Approved mode of operation, therefore a non-compliant configuration is out of scope for this validation. Apricorn FIPS 140-2 Encryption System Gen 2 Cryptographic Module Security

Standards
FIPS 140-2, FIPS PUB 140-2, FIPS 197, FIPS 180-4, FIPS 186-4, NIST SP 800-90A, NIST SP 800-38E, NIST SP 800-133, SP 800-38A, SP 800-133, SP 800-90A, SP 800-56A

File metadata

Title Date
Keywords Apricorn Security Policy
Author Robert Davidosn
Creation date D:20220928090204-07'00'
Modification date D:20220928090204-07'00'
Pages 17
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

  • 31.07.2023 The certificate data changed.
    Certificate changed

    The web extraction data was updated.

    • The certificate_pdf_url property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/June 2023_050723_0638 (1).pdf.
  • 26.06.2023 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4528,
  "dgst": "dd996502691de578",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "AES#C877",
        "AES#C1597",
        "SHS#C883",
        "KAS#A2243",
        "KDA#A2243",
        "ECDSA#C885",
        "DRBG#C884",
        "KAS-SSC#A2243"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "2.2"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 2
          },
          "ECDH": {
            "ECDH": 10
          },
          "ECDSA": {
            "ECDSA": 1
          }
        },
        "FF": {
          "DH": {
            "DH": 2,
            "Diffie-Hellman": 6
          }
        }
      },
      "certification_process": {
        "OutOfScope": {
          "module only supports a FIPS Approved mode of operation, therefore a non-compliant configuration is out of scope for this validation. Apricorn FIPS 140-2 Encryption System Gen 2 Cryptographic Module Security": 1,
          "out of scope": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 1
        },
        "ECB": {
          "ECB": 1
        },
        "XEX": {
          "XEX": 1
        },
        "XTS": {
          "XTS": 3
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-256": 14
        }
      },
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES-256": 1,
          "SHA-256": 3
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 2": 10,
          "Level 3": 2
        }
      },
      "hash_function": {
        "SHA": {
          "SHA2": {
            "SHA-256": 3
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 10
        },
        "RNG": {
          "RNG": 1
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 34,
          "FIPS 180-4": 2,
          "FIPS 186-4": 1,
          "FIPS 197": 1,
          "FIPS PUB 140-2": 2
        },
        "NIST": {
          "NIST SP 800-133": 1,
          "NIST SP 800-38E": 1,
          "NIST SP 800-90A": 1,
          "SP 800-133": 1,
          "SP 800-38A": 2,
          "SP 800-56A": 5,
          "SP 800-90A": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 13,
            "AES-256": 1
          }
        }
      },
      "tee_name": {
        "IBM": {
          "SSC": 1
        }
      },
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Robert Davidosn",
      "/CreationDate": "D:20220928090204-07\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/Keywords": "Apricorn Security Policy",
      "/ModDate": "D:20220928090204-07\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "/Title": "Date",
      "pdf_file_size_bytes": 335581,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 17
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "e5b24eb8e08787ff5d1cc3367b0681ec7eab3d8ae85c30fea03ee6647d155f40",
    "policy_txt_hash": "8c1ef54aec63a2c5fc815313a491d45d5669d425011d92ca8bf2538491fca1ec"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When configured as specified in Section 11.1 of the Security Policy",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/June 2023_050723_0638 (1).pdf",
    "date_sunset": "2026-06-06",
    "description": "The AFESG2 is a FIPS 140-2 Level 2 validated complete encryption system. Its software-free design allows interface to any host that supports USB and mass storage. All CSPs (PINs, encryption keys, etc.) are protected and never leave the module boundary for improved security. The device supports 1 Admin, 4 Users and offers a variety of features including forced enrollment, programmable brute force, recovery PINs, 7-16 digit PINs, auto lock, read-only modes, and is compatible with Apricorn\u2019s Aegis Configurator. The AFESG2 is used in the Aegis Fortress, Padlock DT FIPS and Padlock SSD.",
    "embodiment": "Multi-Chip Embedded",
    "exceptions": [
      "EMI/EMC: Level 3",
      "Design Assurance: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "2.2",
    "historical_reason": null,
    "hw_versions": "P/Ns AFESG2-1 Rev A2, AFESG2-2 Rev A2 and AFESG2-3 Rev A2",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "Apricorn FIPS 140-2 Encryption System Gen 2",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-06-05",
        "lab": "UL VERIFICATION SERVICES INC",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Apricorn",
    "vendor_url": "http://www.apricorn.com"
  }
}