Certificate 2149 - nShield F3 10+ [1], nShield F3 500+ [2], nShield F3 6000+ [3], nShield F3 500+ for nShield Connect+ [4], nShield F3 1500+ for nShield Connect+ [5] and nShield F3 6000+ for nShield Connect+ [6]
intCertNum 2149
strVendorName Thales e-Security Inc.
strURL http://www.thales-esecurity.com
strAddress1 900 South Pine Island Road
strAddress2 Suite 710
strAddress3
strCity Plantation
strStateProv FL
strPostalCode 33324
strCountry 33324
strContact sales@thalesesec.com
strEmail sales@thalesesec.com
strPhone 888-744-4976
strFax
strContact2
strEmail2
strFax2
strPhone2
intCertNum 2149
strModuleName nShield F3 10+ [1], nShield F3 500+ [2], nShield F3 6000+ [3], nShield F3 500+ for nShield Connect+ [4], nShield F3 1500+ for nShield Connect+ [5] and nShield F3 6000+ for nShield Connect+ [6]
strPartNumber Hardware Versions: nC4033E-010 [1], nC4433E-500 [2], nC4433E-6K0 [3], nC4433E-500N [4], nC4433E-1K5N [5] and nC4433E-6K0N [6], Build Standard N;
Firmware Versions: 2.51.10-2 and 2.55.1-2
memModuleNotes When operated in FIPS mode and initialized to Overall Level 2 per Security Policy
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf]
strPURL http://www.thales-esecurity.com/Products/Hardware Security Modules/nShield Connect.aspx
strModuleType Hardware
strValidationDate 05/13/2014;11/24/2015
intOverallLevel 2
memIndividualLevelNotes -Roles, Services, and Authentication: Level 3;-Physical Security: Level 3;-EMI/EMC: Level 3;-Design Assurance: Level 3;-Mitigation of Other Attacks: N/A
strFIPSAlgorithms AES (Cert. #2122);
Triple-DES (Cert. #1349);
HMAC (Cert. #1292);
Triple-DES MAC (Triple-DES Cert. #1349, vendor affirmed);
SHS (Cert. #1844);
DSA (Certs. #664 and #777);
ECDSA (Certs. #181 and #318);
RSA (Certs. #1092 and #1299);
DRBG (Cert. #232);
CVL (Certs. #27 and #90)
strOtherAlgorithms ARC4;
Aria;
Camellia;
CAST-6;
DES;
MD5;
SEED;
HMAC-MD5;
HMAC-Tiger;
HMAC-RIPEMD160;
RIPEMD-160;
Tiger;
El-Gamal;
KCDSA;
HAS-160;
AES (Cert. #2122, key wrapping;
key establishment methodology provides between 128 and 256 bits of encryption strength);
Triple-DES (Cert. #1349, key wrapping;
key establishment methodology provides 112 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
RSA (key wrapping;
key establishment methodology provides between 112 and 256 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
Diffie-Hellman (CVL Certs. #27 and #90, key agreement: key establishment methodology provides between 112 and 256 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
EC Diffie-Hellman (CVL Certs. #27 and #90, key agreement: key establishment methodology provides between 112 and 256 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
ECMQV (key agreement: key establishment methodology provides between 112 and 256 bits of encryption strength;
non-compliant less than 112 bits of encryption strength)
strConfiguration Multi-chip embedded
memModuleDescription The nShield modules: nShield F3 10+, nShield F3 500+, nShield F3 6000+, nShield F3 500+ for nShield Connect+, nShield F3 1500+ for nShield Connect+ and nShield F3 6000+ for nShield Connect+ family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed.
intModuleCount 1
memAdditionalNotes Added FW 2.55.1-2 and updated the SP for cert# 2121 and 2149
strFirstValidtionDate 05/13/14 00:00:00
strLabName CSC
strValidationYear 2014