Certificate 1201 - nShield F2 4000, nShield F2 2000 and nShield F2 500

intCertNum 1201 strVendorName Thales - nCipher strURL http://www.ncipher.com strAddress1 92 Montvale Ave. strAddress2 Suite 4500 strAddress3 strCity Stoneham strStateProv MA strPostalCode 02180 strCountry 02180 strContact sales@ncipher.com strEmail sales@ncipher.com strPhone 800-NCIPHER strFax 781-994-4001 strContact2 strEmail2 strFax2 strPhone2 intCertNum 1201 strModuleName nShield F2 4000, nShield F2 2000 and nShield F2 500 strPartNumber Hardware Versions: nC3023P-4K0, nC3023P-2K0, and nC3123P-500, Build Standard N; Firmware Versions: 2.38.4-2 and 2.38.7-2 memModuleNotes When operated in FIPS mode and initialized to Overall Level 2 per Security Policy str140Version 140-2 _sp_ Security Policy   [pdf][html][txt] _cert_ Certificate   [pdf][txt] strPURL http://www.ncipher.com/cryptographic_hardware/hardware_security_modules/8/nshield/ strModuleType Hardware strValidationDate 10/06/2009;02/17/2010 intOverallLevel 2 memIndividualLevelNotes -Roles, Services, and Authentication: Level 3;-Physical Security: Level 3;-Design Assurance: Level 3 strFIPSAlgorithms AES (Cert. #994); AES GCM (Cert. #994, vendor affirmed); Triple-DES (Certs. #775 and #132); Triple-DES MAC (Cert. #775, vendor affirmed); DSA (Cert. #341); ECDSA (Cert. #121); SHS (Cert. #960); HMAC (Cert. #560); RSA (Cert. #478); RNG (Cert. #564) strOtherAlgorithms ARC FOUR; Aria; Camellia; CAST 6; DES; MD5; SEED; HMAC-MD5, HMAC-Tiger, HMAC-RIPEMD160; RIPEMD 160; Tiger; El-Gamal; KCDSA; HAS 160; AES (Cert. #994, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Diffie-Hellman (key agreement: key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement: key establishment methodology provides 192 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement: key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); NDRNG; DSA (FIPS 186-3; non-compliant); ECDSA (FIPS 186-3; non-compliant) strConfiguration Multi-chip embedded memModuleDescription The nShield modules: nShield F2 4000, nShield F2 2000, and nShield F2 500 family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed. intModuleCount 1 memAdditionalNotes 02/17/10: Added firmware v2.38.7-2 and updated Security Policy. strFirstValidtionDate 10/06/09 00:00:00 strLabName DOMUS strValidationYear 2009