Certificate 2428 - Luna PCI-E Cryptographic Module and Luna PCI-E Cryptographic Module for Luna SA
intCertNum 2428
strVendorName SafeNet, Inc.
strURL http://www.safenet-inc.com
strAddress1 20 Colonnade Road, Suite 200
strAddress2
strAddress3
strCity Ottawa
strStateProv ON
strPostalCode K2E 7M6
strCountry K2E 7M6
strContact Security and Certifications Team
strEmail SecurityCertifications@safenet-inc.com
strPhone
strFax
strContact2
strEmail2
strFax2
strPhone2
intCertNum 2428
strModuleName Luna PCI-E Cryptographic Module and Luna PCI-E Cryptographic Module for Luna SA
strPartNumber Hardware Versions: VBD-05, Version Code 0100, VBD-05, Version Code 0101, VBD-05, Version Code 0102, VBD-05, Version Code 0103;
Firmware Versions: 6.10.4, 6.10.7 and 6.10.9
memModuleNotes When operated in FIPS mode and initialized to Overall Level 3 per Security Policy
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf]
strPURL
strModuleType Hardware
strValidationDate 08/11/2015;09/18/2015;10/26/2015;12/15/2015
intOverallLevel 3
memIndividualLevelNotes
strFIPSAlgorithms AES (Certs. #1756, #2664 and #2667);
Triple-DES (Certs. #1137, #1598 and #1599);
Triple-DES MAC (Triple-DES Certs. #1137, #1598 and #1599, vendor affirmed);
DSA (Certs. #804, #806 and #807);
SHS (Certs. #2237 and #2240);
RSA (Certs. #1369 and #1371);
HMAC (Certs. #1655 and #1658);
DRBG (Cert. #428);
ECDSA (Certs. #461, #462 and #463);
KAS (Cert. #43);
KBKDF (Cert. #14)
strOtherAlgorithms DES;
RC2;
RC4;
RC5;
CAST5;
SEED;
ARIA;
MD2;
MD5;
HAS-160;
DES-MAC;
RC2-MAC;
RC5-MAC;
CAST5-MAC;
SSL3-MD5-MAC;
SSL3-SHA1-MAC;
KCDSA;
Diffie-Hellman (key agreement: key establishment methodology provides 112 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
HRNG;
AES MAC (AES Cert. #2667;
non-compliant);
AES (Certs. #2664 and #2667, key wrapping;
key establishment methodology provides between 128 and 256 bits of encryption strength);
Triple-DES (Certs. #1598 and #1599, key wrapping;
key establishment methodology provides 112 bits of encryption strength);
GENERIC-SECRET generation (non-compliant);
SSL PRE-MASTER generation (non-compliant);
RSA (non-compliant);
RSA (key wrapping;
key establishment methodology provides between 112 and 152 bits of encryption strength;
non-compliant less than 112 bits of encryption strength)
strConfiguration Multi-chip embedded
memModuleDescription The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card.
intModuleCount 1
memAdditionalNotes 09/18/15: Rename module, added FW 6.10.7 and 6.10.9 and updated the security policy.
Added HW VBD-05-0102 and updated the SP
strFirstValidtionDate 08/11/15 00:00:00
strLabName EWA
strValidationYear 2015