Certificate 1199 - nShield F3 4000, nShield F3 2000, nShield F3 2000 for NetHSM, nShield F3 500 and nShield F3 500 for NetHSM

intCertNum 1199 strVendorName Thales - nCipher strURL http://www.ncipher.com strAddress1 92 Montvale Ave. strAddress2 Suite 4500 strAddress3 strCity Stoneham strStateProv MA strPostalCode 02180 strCountry USA strContact sales@ncipher.com strEmail sales@ncipher.com strPhone 800-NCIPHER strFax 781-994-4001 strContact2 strEmail2 strFax2 strPhone2 intCertNum 1199 strModuleName nShield F3 4000, nShield F3 2000, nShield F3 2000 for NetHSM, nShield F3 500 and nShield F3 500 for NetHSM strPartNumber Hardware Versions: nC4033P-4K0, nC4033P-2K0, nC4033P-2K0N, nC4133P-500 and nC4133P-500N, Build Standard N; Firmware Versions: 2.38.4-2 and 2.38.7-2 memModuleNotes When operated in FIPS mode and initialized to Overall Level 2 per Security Policy str140Version 140-2 _sp_ Security Policy   [pdf][html][txt] _cert_ Certificate   [pdf][txt] strPURL http://www.ncipher.com/cryptographic_hardware/hardware_security_modules/8/nshield/ strModuleType Hardware strValidationDate 10/06/2009; 02/17/2010 intOverallLevel 2 memIndividualLevelNotes -Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 +EFP/EFT -Cryptographic Key Management: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 strFIPSAlgorithms AES (Cert. #994); AES GCM (Cert. #994, vendor affirmed); Triple-DES (Certs. #775 and #132); Triple-DES MAC (Cert. #775, vendor affirmed); DSA (Cert. #341); ECDSA (Cert. #121); SHS (Cert. #960); HMAC (Cert. #560); RSA (Cert. #478); RNG (Cert. #564) strOtherAlgorithms ARC FOUR; Aria; Camelia; CAST 6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; and HMAC-RIPEMD160; RIPEMD 160; Tiger; El-Gamal; KCDSA; HAS 160; AES (Cert. #994, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Diffie-Hellman (key agreement: key establishment methodology provides between 80 and 256 bits of encryption strength); EC Diffie-Hellman (key agreement: key establishment methodology provides 192 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 256 bits of encryption strength), ECMQV (key agreement: key establishment methodology provides between 80 and 256 bits of encryption strength); NDRNG; DSA (FIPS 186-3; non-compliant); ECDSA (FIPS 186-3; non-compliant) strConfiguration Multi-chip embedded memModuleDescription The nShield modules: nCipher 4000, nShield 2000, nShield 2000 for NetHSM, nShield 500, and nShield 500 for NetHSM family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed. intModuleCount 0 memAdditionalNotes 02/17/10: Added firmware v2.38.7-2 and updated Security Policy. strFirstValidtionDate strLabName DOMUS strValidationYear 2009