• Ask A Question

    Ask us a question







    Please enter correct format as below:
    If AMERICA: yyy-yyy-yyyy ext123
    If Other: +yy-yyy-yyyyy ext123








    Captcha Code

  • Newsletter

FIPS 140-2

Thales Products validated to FIPS 140-2

FIPS 140-2 is one of many cryptographic standards maintained by the Computer Security division of NIST, the US National Institute for Standards and Technology. (NIST website- Computer Security Division). NIST, in conjunction with the Canadian Communications Security Establishment (CSE) operate the Crypto Module Validation Program (CMVP), through which security products are validated. Click here to find out more about the CMVP.

Thales develops cryptographic products and subsystems which conform to the FIPS 140-2 standard.

The following have been validated under the NIST Crypto Module Validation Program (CVMP) as meeting the FIPS 140-2 version of the standard:

  • Secure Generic Sub-System (SGSS), the cryptographic module used in:
    • Host Security Module (HSM 8000 series), click here for more details
    • WebSentry, click here for more details
    • P3 Product Range (P3CM), click here for more details
    • Datacryptor™ (Layer-3 IP) range, click here for more details
    • Datacryptor™ (Bulk & Link Layer-2) click here for more details
  • Thales Secure Processing Platform (TSPP), the cryptographic module used in payShield™ 9000click here for more details.
  • netHSM, click here for more details
  • nShield Solo family (individual PCI/ PCIe cards are simply known as "nShield"), click here for more details
  • nShield Connect, click here for more details
  • nToken, used with NetHSM

To view the Thales FIPS 140-2 entries on the NIST website for the Secure Generic Sub-System click here, and for the Thales Secure Processing Platform click here.

To view the latest Thales FIPS 140-2 entries on the NIST website for the Datacryptor 2000, Datacryptor AP and Small Form Factor family Link, Frame Relay, E1/T1, E3/T3 and IP models using SGSS V3.4 click here, and for the Datacryptor SONET/SDH V1.0 click here.

In addition, all Datacryptor AP and Datacryptor 2000 cryptographic algorithms have been validated under the NIST Crypto Algorithm Validation Program (CAVP). For links to the NIST website for CAVP entries for Thales Datacryptor, click on the following algorithms: TDES, AES, SHA-1, DSA, HMAC or RNG.

For links to the NIST website for Thales FIPS 140-2 entries for NetHSM, nShield and nToken, click on the number in the table below:

 

Product

Initialized in
normal mode

Initialized in
strict FIPS mode

nShield PCI 500 F2

1202

1202

nShield PCI 2000 F2 & PCI 4000 F2

1201

1201

nShield 500e F2 & 6000e F2

1196

1196

nShield PCI 500 F3

1200

1198

nShield PCI 2000 F3 & PCI 4000 F3

1199

1195

nShield 500e F3 & 6000e F3

1203

1197

netHSM 500

1200

1198

netHSM 2000

1199

1195

nShield Connect 500

1203

1197

nShield Connect 1500

1203

1197

nShield Connect 6000

1203

1197

nToken PCI

967

n/a

nToken PCIe

971

n/a

nShield F3 10

1200

1198

nShield Edge F2

971

971

nShield Edge F3

971

972

 

The following products are undergoing FIPS 140-2 Validation. Click on the link below to view the latest pre-validation list from the NIST Website: