| Standard | FIPS 140-3 |
|---|---|
| Overall level | 3 |
| Module type | Hardware |
| Embodiment | Multi-Chip Embedded |
| Status | Active |
| Sunset date | 7/30/2029 |
| Caveat | When installed, initialized and configured as specified in Section 11.3 of the Security Policy |
| Vendor | Entrust |
| Hardware versions | PCA10005-01 revision 03 and 04 |
| Requirement area | Level |
|---|---|
| Cryptographic Module Specification | 3 |
| Cryptographic Module Interfaces | 3 |
| Operational Environment | N/A |
| Physical Security | 3 |
| Sensitive Security Parameter Management | 3 |
| Self-Tests | 3 |
| Mitigation of Other Attacks | N/A |
flowchart LR
%% Deterministic review-risk graph for nShield 5s Hardware Security Module
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C1["[high] Firmware / bootloader<br/>versions disclosed<br/>(identity, not provenance)<br/><i>uboot-version 1.1.0 and uboot-version 1.4.1</i>"]
C2["[high] Firmware update / recovery<br/>/ rollback services<br/><i>updater receive<br/>updater load<br/>receive</i>"]
C3["[high] Unauthenticated /<br/>self-test / status service<br/>surface<br/><i>nCoreAPI Show Status<br/>getlog<br/>python- zeroconf</i>"]
C4["[high] Physical/logical<br/>interfaces (some 'blocked<br/>in firmware')<br/><i>PCIe bus<br/>Smartcard reader serial port</i>"]
C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>SSH<br/>HTTPS</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>linux<br/>uboot<br/>bootloader</i>"]
end
subgraph Inference["Derived inference"]
I1["Component identity is<br/>disclosed, but provenance<br/>and patch lineage are not."]
I2["Trusted code is reachable<br/>through update and<br/>recovery paths."]
I3["Some services may process<br/>input before, or without,<br/>operator authentication."]
I4["Interface reachability may<br/>vary by boot stage and<br/>lifecycle state."]
I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R1["Do the vendor version<br/>strings obscure the<br/>upstream baseline, fork<br/>lineage, or known-CVE<br/>exposure?"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R4["Are interfaces blocked<br/>before the bootloader<br/>runs, or only after<br/>approved mode starts?"]
R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E1["SBOM / component baselines<br/>· patch and backport<br/>manifest · CVE disposition"]
E2["update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E4["lifecycle reachability<br/>matrix · boot-stage<br/>interface timing ·<br/>factory/recovery/error-state<br/>access controls"]
E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C1 --> I1 --> R1 --> E1
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C4 --> I4 --> R4 --> E4
C5 --> I5 --> R5 --> E5
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C1,C2,C3,C4,C5,C6 clue;
class I1,I2,I3,I4,I5,I6 infer;
class R1,R2,R3,R4,R5,R6 risk;
class E1,E2,E3,E4,E5,E6 evidence;flowchart LR
%% Deterministic clue tier for nShield 5s Hardware Security Module
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C1["[high] Firmware / bootloader versions disclosed (identity, not provenance)<br/><i>uboot-version 1.1.0 and uboot-version 1.4.1</i><br/>src: certificate.firmwareVersions"]
C2["[high] Firmware update / recovery / rollback services<br/><i>updater receive<br/>updater load<br/>receive</i><br/>src: securityPolicy.services"]
C3["[high] Unauthenticated / self-test / status service surface<br/><i>nCoreAPI Show Status<br/>getlog<br/>python- zeroconf</i><br/>src: securityPolicy.services"]
C4["[high] Physical/logical interfaces (some 'blocked in firmware')<br/><i>PCIe bus<br/>Smartcard reader serial port</i><br/>src: securityPolicy.portsAndInterfaces"]
C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>SSH<br/>HTTPS</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>linux<br/>uboot<br/>bootloader</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C1,C2,C3,C4 clueHigh;
class C5,C6 clueLow;nShield 5s Hardware Security Module ``
Version: 1.0.5 Date: 08/01/2025 not been removed or altered. Words and logos marked with ® or ™ are trademarks of nCipher Security Limited or its affiliates in the EU and other countries. Mac and OS X are trademarks of Apple Inc., registered in the U.S. and other countries. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries. Information in this document is subject to change without notice. nCipher Security Limited makes no warranty of any kind with regard to this information, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. nCipher Security Limited shall not be liable for errors contained herein or for incidental or consequential damages concerned with the furnishing, performance or use of this material. Where translations have been made in this document English is the canonical language. nCipher Security Limited Registered Office: One Station Square, Cambridge, CB1 2GA, United Kingdom Registered in England No. 11673268 nCipher is an Entrust company. Entrust, Datacard, and the Hexagon Logo are trademarks, registered trademarks, and/or service marks of Entrust Corporation in the U.S. and/or other countries. All other brand or product names are the property of their respective owners. Because we are continuously improving our products and services, Entrust Corporation reserves the right to change specifications without prior notice. Entrust is an equal opportunity employer.
nShield 5s Hardware Security Module
Contents nShield 5s Hardware Security Module
| Name | ISO Section | Requirement | Level |
|---|---|---|---|
| 1 | 1 | General | 3 |
| 2 | 2 | Cryptographic Module Specification | 3 |
| 3 | 3 | Cryptographic Module Interfaces | 3 |
| 4 | 4 | Roles, Services and Authentication | 3 |
| 5 | 5 | Software/Firmware security | 3 |
| 6 | 6 | Operational Environment | N/A |
| 7 | 7 | Physical Security | 3 |
| 8 | 8 | Non-invasive Security | N/A |
| 9 | 9 | Sensitive Security Parameter Management | 3 |
| 10 | 10 | Self-Tests | 3 |
| 11 | 11 | Life-cycle Assurance | 3 |
| 12 | 12 | Mitigation of Other Attacks | N/A |
Security Module, i.e. the Cryptographic Module, to meet with the security requirements in FIPS 1403 and ISO/IEC 19790. The Cryptographic Module meets overall FIPS 140-3 Security Level 3. The following table specifies the security level in detail. N/A N/A N/A [Number Below] Table 1 Security levels
nShield 5s Hardware Security Module
| Name | Model | Hardware Version | Firmware Version | Features |
|---|---|---|---|---|
| nShield 5s F3 model number nC5536E | nShield 5s F3 model number nC5536E | PCB Assembly Part Number: PCA10005- 01 PCB Assembly Revision: 03, 04 | primary: 13.2.4 recovery: 13.2.4 uboot: 1.1.0, 1.4.1 | PCIe form factor |
| nShield 5s for nShield 5c and for nShield HSMi model number nC5536N | nShield 5s for nShield 5c and for nShield HSMi model number nC5536N | PCIe form factor identical to the nShield 5s F3 (nC5536E), embedded inside the nShield 5c or the nShield HSMi network appliances. |
The following product hardware variants and firmware version(s) are in scope of this Security Policy. PCA10005HSMi Table 2 Cryptographic Module Tested Configuration
The nShield 5s Hardware Security Module (HSM) is a multi-chip embedded hardware Cryptographic Module as defined in FIPS 140-3, which comes in a PCI express board form factor protected by a tamper resistant enclosure, and performs encryption, digital signing, and key management on behalf of an extensive range of commercial and custom-built applications including public key infrastructures (PKIs), identity management systems, application-level encryption and tokenization, SSL/TLS, and code signing. The nShield 5s HSM is also embedded inside the nShield 5c or the nShield HSMi, which are networkattached appliances delivering cryptographic services as a shared network resource for distributed applications and virtual machines, giving organizations a highly secure solution for establishing physical and logical controls for server-based systems. The table below shows the nShield 5s HSM (left, representative of the two hardware variants nC5536E,
| Name | CAVP Cert | Mode Method | Key Size | Use Function |
|---|---|---|---|---|
| AES [FIPS 197] [SP 800-38A] [SP 800-38D] | A2513 | ECB CBC GCM | Key sizes: 128, 192, 256 bits. | Data encryption/decryption |
| KTS (AES) [SP 800-38F] [SP 800-38D] | A2513 | KW KWP GCM | Key sizes: 128, 192, 256 bits. (Key establishment methodology provides between 128, 192, 256 bits of encryption strength.) | Key wrapping/unwrapping |
| KTS-IFC [SP 800-56Brev2] | A2513 | KTS-IFC (KTS-OAEP-basic) with SHA2- 224, SHA2-256, SHA2-384, SHA2-512, SHA3-224, SHA3-256, SHA3-384, SHA3-512 | Modulus length: 2048, 3072, 4096 bits. (Key establishment methodology provides between 112 and 150 bits of encryption strength.) | Key transport (encapsulation, un- encapsulation) |
| CKG [SP 800-133rev2] | Vendor affirmed | Section 6.1 "Direct Generation" of symmetric keys | n/a | Symmetric key generation |
| RSA keyGen [FIPS 186-4] | A2513 | RSASSA-PKCS-v1_5, RSASSA-PSS | Modulus length: 2048, 3072, 4096 bits. (Provides 112, 128, 150 bits of strength.) | Key generation |
| RSA SigGen [FIPS 186-4] | A2513 | RSASSA-PKCS-v1_5, RSASSA-PSS with SHA2-224, SHA2-256, SHA2-384, SHA2-512 | Modulus length: 2048, 3072, 4096 bits. (Provides 112, 128, 150 bits of strength.) | Signature generation |
| RSA SigVer [FIPS 186-4] | A2513 | RSASSA-PKCS-v1_5, RSASSA-PSS with SHA-1 (legacy use only), SHA2-224, SHA2-256, SHA2-384, SHA2-512 | Modulus length: 1024 (legacy use only), 2048, 3072, 4096 bits. | Signature verification |
| ECDSA KeyGen [FIPS 186-4] | A2513 | n/a | Curves: P-224, P-256, P-384, P- 521, K-233, K-283, K-409, K-571, B-233, B-283, B-409, B-571 (Provides between 112 and 256 bits of encryption strength.) | Key generation |
| ECDSA KeyVer [FIPS 186-4] | A2513 | n/a | Curves: P-224, P-256, P-384, P- 521, K-233, K-283, K-409, K-571, B-233, B-283, B-409, B-571 (Provides between 112 and 256 bits of encryption strength.) | Key verification |
| ECDSA SigGen [FIPS 186-4] | A2513 | n/a | Curves: P-224, P-256, P-384, P- 521, K-233, K-283, K-409, K-571, B-233, B-283, B-409, B-571 (Provides between 112 and 256 bits of encryption strength.) | Signature generation |
| ECDSA SigVer [FIPS 186-4] | A2513 | n/a | Curves: P-224, P-256, P-384, P- 521, K-233, K-283, K-409, K-571, B-233, B-283, B-409, B-571 | Signature verification |
| DSA KeyGen [FIPS 186-4] | A2513 | n/a | L = 2048 bits, N = 224 bits L = 2048 bits, N = 256 bits L = 3072 bits, N = 256 bits (Provides between 112 and 128 bits of strength.) | Key generation |
| DSA SigGen [FIPS 186-4] | A2513 | Uses SHA2-224, SHA2-256, SHA2-384, SHA2-512 | L = 2048 bits, N = 224 bits L = 2048 bits, N = 256 bits L = 3072 bits, N = 256 bits (Provides between 112 and 128 bits of strength.) | Signature generation |
| DSA SigVer [FIPS 186-4] | A2513 | Uses SHA-1 (legacy use only), SHA2- 224, SHA2-256, SHA2-384, SHA2-512 | L = 1024 bits, N = 160 bits (legacy use only) L = 2048 bits, N = 224 bits L = 2048 bits, N = 256 bits L = 3072 bits, N = 256 bits | Signature verification |
| DSA PQGGen | A2513 | n/a | L = 2048 bits, N = 224 bits | Domain parameter generation |
| [FIPS 186-4] | L = 2048 bits, N = 256 bits L = 3072 bits, N = 256 bits (Provides between 112 and 128 bits of strength.) | |||
| DSA PQGVer [FIPS 186-4] | A2513 | n/a | L = 1024 bits, N = 160 bits (legacy use only) L = 2048 bits, N = 224 bits L = 2048 bits, N = 256 bits L = 3072 bits, N = 256 bits | Domain parameter verification |
| HMAC [FIPS 198] | A2513 | HMAC-SHA1, HMAC-SHA2-224, HMAC-SHA2-256, HMAC-SHA2-384, HMAC-SHA2-512 | Key sizes: 128 bits =< key size =< 2048 bits. Output length: 10 to 64 bytes. (Provides between 128 and 256 bits of strength.) | MAC generation and verification |
| AES [SP 800-38B] | A2513 | CMAC | Key sizes: 128, 192, 256 bits. | MAC generation and verification |
| KAS-FFC [SP 800-56Arev3] | A2513 | DH | Domain params: MODP-2048, MODP-3072, MODP-4096, MODP-6144, MODP-8192, FB, FC KDF: oneStep with auxiliary functions SHA2-224, SHA2-256, SHA2-384, SHA2-512 (Key establishment methodology provides between 112 and 200 bits of encryption strength.) | Key agreement, compliant with IG D.F. Scenario 2, path 2. |
| KAS-FFC [SP 800-56Arev3] | A2513 | DH | Domain params: MODP-3072 KDF: oneStep with auxiliary function SHA2-256 (Key establishment methodology provides 128 bits of encryption strength.) | Key agreement used in Impath channel, compliant with IG D.F. Scenario 2, path 2. |
| Safe Primes Key Generation [SP 800-56Arev3] | A2513 | KeyGen for KAS-FFC | Safe prime groups: MODP-2048, MODP-3072, MODP-4096, MODP-6144, MODP-8192 (Provides between 112 and 200 bits of encryption strength.) | KAS-FFC key generation |
| Safe Primes Key Verification [SP 800-56Arev3] | A2513 | KeyVer for KAS-FFC | Safe prime groups: MODP-2048, MODP-3072, MODP-4096, MODP-6144, MODP-8192 | KAS-FFC key verification |
| KAS-ECC [SP 800-56Arev3] | A2513 | ECDH ECMQV | Curves: P-224, P-256, P-384, P- 521, K-233, K-283, K-409, K-571, B-233, B-283, B-409, B-571 | Key agreement, compliant with IG D.F. Scenario 2, path 2. |
| KAS-ECC [SP 800-56Arev3] | A2513 | ECDH | Curves: P-521 KDF: twoStep with auxiliary HMAC-SHA2-256 (Key establishment methodology provides 256 bits of encryption strength.) | Key agreement for smartcard channel, compliant with IG D.F. Scenario 2, path 2. |
| KBKDF [SP 800-108rev1] | A2513 | counter mode CMAC-AES256 | Key sizes: 128, 192, 256 bits. Output length: 128 bits. (Provides between 128 and 256 bits of strength.) | Key derivation |
| SHS [FIPS 180-4] | A2513 | SHA-1, SHA2-224, SHA2-256, SHA2- 384, SHA2-512 | n/a | Message digest |
| SHA-3 [FIPS 202] | A2513 | SHA3-224, SHA3-256, SHA3-384, SHA3-512 | n/a | Message digest |
| DRBG [SP 800-90Arev1] | A2513 | Hash_DRBG | 256 bits of security strength | Random bit generation |
| RSA SigVer [FIPS 186-4] | A2404 A6385 | RSASSA-PKCS-v1_5 with SHA2-256 | Modulus length: 4096 bits (Provides 149 bits of strength) | Signature verification |
| SHS [FIPS 180-4] | A2404 A6385 | SHA2-256 | n/a | Message digest |
| AES [FIPS 197] [SP 800-38A] [SP 800-38D] | A2512 | CTR GCM ECB | Key sizes: 128 bits | Data encryption/decryption |
| CKG [SP 800- 133rev2] | Vendor affirmed | Section 6.1 "Direct Generation" of symmetric keys | n/a | Symmetric key generation |
| ECDSA SigGen [FIPS 186-4] | A2512 | n/a | Curves: P-256, P-521 (Provides between 128 and 256 bits of strength.) | Signature generation |
| ECDSA SigVer [FIPS 186-4] | A2512 | n/a | Curves: P-256, P-521 (Provides between 128 and 256 bits of strength.) | Signature verification |
| HMAC [FIPS 198] | A2512 | HMAC-SHA2-256 | Key sizes: 256 bits Output length: 32 bytes (Provides 256 bits of strength.) | MAC generation and verification |
| KAS-ECC-SSC [SP 800- 56Arev3] | A2512 | ECDH | Curves: P-256 (Key establishment methodology provides 128 bits of encryption strength) | Key agreement |
| CVL - Secure Shell (SSHv2) KDF [SP 800- 135rev1] | A2512 | n/a | n/a | Key derivation |
| KAS-ECC [SP 800- 56Arev3] [SP 800-135rev1] | A2512 | ECDH | Curves: P-256 KDF (CVL): SSHv2 (Key establishment methodology provides 128 bits of encryption strength) | Key agreement, KAS-ECC-SSC (Cert. #A2512) in conjunction with SSHv2 KDF (CVL) of SP 800-135rev1 (Cert. #A2512), which is compliant with IG D.F. Scenario 2, path 2. |
| SHS [FIPS 180-4] | A2512 | SHA2-256 SHA2-512 | n/a | Message digest |
Figure 1 nShield 5s (left) and nShield 5c (right) The cryptographic boundary is delimited in red in the images in the table below. It is delimited by the heat sink and the outer edge of the potting material on the top and bottom of the PCB. Figure 2 Cryptographic module physical boundary The module enforces that only approved services are available and plaintext import/export of secret or private keys is not allowed. Refer to Approved mode of operation.
This section describes the cryptographic mechanisms and security functions provided and used by the cryptographic module. 2.3.1 Approved algorithms The following tables describe the approved cryptographic algorithms supported by the Cryptographic Module. Note: All AES symmetric key sizes have equivalent strength. 2.3.1.1 nCore crypto
nShield 5s Hardware Security Module
n/a n/a n/a n/a n/a n/a nShield 5s Hardware Security Module
nShield 5s Hardware Security Module
Table 3 nCore - Approved Algorithms Note: For AES GCM, the 96-bit IV is internally generated using the approved DRBG as per IG C.H. Note: ECDSA SigVer with P-192 has been CAVP-tested but is not used by any approved service of the module. Only the algorithms, modes/methods, and key lengths/curves/moduli shown in this table are used by an approved service of the module. 2.3.1.2 Bootloader crypto n/a Table 4 Bootloader - Approved Algorithms nShield 5s Hardware Security Module
2.3.1.3 SSH crypto 800symmetric keys n/a n/a n/a n/a 80056Arev3] Table 5 SSH - Approved Algorithms Note: As per IG D.C., no parts of this protocol, other than the approved cryptographic algorithms and the KDFs, have been tested by the CAVP and CMVP. Note: For AES GCM, the module is compliant with RFCs 4252, 4253 and 5647, and the IV is generated according to the SSHv2 protocol IV generation, as per IG C.H. In case the module’s power is lost and then restored, a new key for use with the AES-GCM encryption/decryption is established.
nShield 5s Hardware Security Module
| Name | Use Function | Use/Function |
|---|---|---|
| ECDSA [FIPS 186-4] | • brainpoolP224r1/P224t1 (112 bits of strength) • brainpoolP256r1/P256t1 (128 bits of strength) • brainpoolP320r1/P320t1 (160 bits of strength) • brainpoolP384r1/P384t1 (192 bits of strength) • brainpoolP512r1/P512t1 (256 bits of strength) | Key generation Signature generation and verification |
| KAS-ECC [SP 800-56Arev3] | • brainpoolP224r1/P224t1 (112 bits of strength) • brainpoolP256r1/P256t1 (128 bits of strength) • brainpoolP320r1/P320t1 (160 bits of strength) • brainpoolP384r1/P384t1 (192 bits of strength) • brainpoolP512r1/P512t1 (256 bits of strength) | Key agreement |
2.3.2 Allowed algorithms The following table describes the allowed cryptographic algorithms supported by the Cryptographic Module. 2.3.2.1 nCore crypto
| Name | Physical Port | Logical Interface | Data That Passes |
|---|---|---|---|
| PCIe bus | PCIe bus | Data input | nCoreAPI, Updater, SSHAdmin |
| Data output | Data output | nCoreAPI, SSHAdmin | |
| Control input | Control input | nCoreAPI, SSHAdmin, Setup, Monitor, Discovery | |
| Status output | Status output | nCoreAPI, Updater, Setup, Monitor, Discovery | |
| Power | Power | n/a | |
| Smartcard reader serial port | Smartcard reader serial port | Data input | APDU commands |
| Data output | Data output | APDU commands | |
| Status LED | Status LED | Status output | n/a |
| Recovery button | Recovery button | Control input | n/a |
| Battery | Battery | Power | n/a |
The Cryptographic Module provides the following physical ports:
nShield 5s Hardware Security Module
| Name | Roles | Input | Output |
|---|---|---|---|
| setup info | PCO | Input arguments | Versioning information, return status code |
| setup factorystate | PCO | Input arguments | return status code |
| setup gettime | PCO | Input arguments | Time, return status code |
| setup settime | PCO | Input arguments, time | return status code |
| sshadmin set | PCO | Input arguments, service, SSH client public key | return status code |
| sshadmin list | PCO | Input arguments, service | SSH client public key, return status code |
| sshadmin get-serverkey | PCO | Input arguments, service | SSH server public key (KSSH_UPDATER, KSSH_SSHADMIN, KSSH_MONITOR, KSSH_SETUP), return status code |
| updater info | PCO | Input arguments | Versioning information, return status code |
| updater receive | PCO | Input arguments, fw update file | fw update file info, return status code |
| updater load | PCO | Input arguments, fw update file info | return status code |
| monitor getlog | PCO | Input arguments | Logs, return status code |
| monitor clearlog | PCO | Input arguments | return status code |
| discovery python-zeroconf | All | Input arguments | IP address, return status code |
| nCoreAPI Big number operation | UC | Input arguments | Operation result, return status code |
| nCoreAPI Make Blob | UC | Input arguments, key handle | Key blob, return status code |
| nCoreAPI Bulk channel | UC | Input arguments, data | Operation result, return status code |
| nCoreAPI Check User Action | UC | Input arguments, key handle | return status code |
| nCoreAPI Clear Unit | UC | Input arguments, module mode | return status code |
| nCoreAPI Set Module Key | NSO | Input arguments, key handle | return status code |
| nCoreAPI Remove Module Key | NSO | Input arguments, key hash | return status code |
| nCoreAPI Duplicate key handle | UC | Input arguments, key handle | Key handle, return status code |
| nCoreAPI Enable feature | UC | Input arguments, features | return status code |
| nCoreAPI Encryption | UC | Input arguments, mechanism, key handle, plaintext data, iv | Encrypted data, return status code |
| nCoreAPI Decryption | UC | Input arguments, mechanism, key handle, encrypted data | Decrypted data, return status code |
| nCoreAPI Erase from smartcard /softcard | UC | Input arguments, slot, file info | return status code |
| nCoreAPI Format Token | UC | Input arguments, slot | return status code |
| nCoreAPI File operations | UC | Input arguments, file info, operation | return status code |
| nCoreAPI Force module to fail | UC | Input arguments | return status code |
| nCoreAPI Generate prime number | UC | Input arguments, length | Bignumber, return status code |
| nCoreAPI Generate random number | UC | Input arguments, length | Random bytes, return status code |
| nCoreAPI Get ACL | UC | Input arguments, key handle | acl, return status code |
| nCoreAPI Get key application data | UC | Input arguments, key handle | Application data, return status code |
| nCoreAPI Get challenge | UC | Input arguments | Nonce, return status code |
| nCoreAPI Get KLF2 | UC | Input arguments | Key handle, return status code |
| nCoreAPI Get Key Information | UC | Input arguments, key handle | Key info, return status code |
| nCoreAPI Get module signing key | UC | Input arguments | Key handle, return status code |
| nCoreAPI Get list of slot in the module | UC | Input arguments | Slots info, return status code |
| nCoreAPI Get Logical Token Info | UC | Input arguments, key handle | Logical token info, return status code |
| nCoreAPI Get list of module keys | UC | Input arguments | hash of KNSO (HKNSO), hash of module keys, return status code |
| nCoreAPI Get module state | UC | Input arguments | Module attributes, return status code |
| nCoreAPI Get real time clock | UC | Input arguments | time, return status code |
| nCoreAPI Get share access control list | UC | Input arguments, slot | acl, return status code |
| nCoreAPI Get Slot Information | UC | Input arguments, slot | smartcard info, return status code |
| nCoreAPI Get Ticket | UC | Input arguments | Ticket, return status code |
| nCoreAPI Initialize Unit | UC | Input arguments | return status code |
| nCoreAPI Insert a Softcard | UC | Input arguments, slot | return status code |
| nCoreAPI Remove a Softcard | UC | Input arguments, slot | return status code |
| nCoreAPI Impath channel | UC | Input arguments, data | data, return status code |
| nCoreAPI Key generation | UC | Input arguments, key params, acl, app data | Key handle, key generation cert, return status code |
| nCoreAPI Key import | UC | Input arguments, wrapped key, acl, app data | Key handle, return status code |
| nCoreAPI Derive Key | UC | Input arguments, mechanism, key handles | Key handle, return status code |
| nCoreAPI Load Blob | UC | Input arguments, blob data | Key handle, return status code |
| nCoreAPI Load Logical Token | UC | Input arguments, logical token hash | Key handle, return status code |
| nCoreAPI Generate Logical Token | UC | Input arguments | Logical token hash, key handle, return status code |
| nCoreAPI Message digest | UC | Input arguments, mechanism, data to be hashed | Hashed data, return status code |
| nCoreAPI Modular Exponentiation | UC | Input arguments | Operation result, return status code |
| nCoreAPI Module hardware information | UC | Input arguments | Hw info, return status code |
| nCoreAPI No Operation | UC | Input arguments | return status code |
| nCoreAPI Change Share Passphrase | UC | Input arguments, slot, old pin, new pin | return status code |
| nCoreAPI NVRAM Allocate | NSO | Input arguments, file info, acl | return status code |
| nCoreAPI NVRAM Free | UC | Input arguments, file name | return status code |
| nCoreAPI Operation on NVM list | UC | Input arguments | Files info, return status code |
| nCoreAPI Operation on NVM files | UC | Input arguments, file name, operation | Operation result, return status code |
| nCoreAPI Key export | UC | Input arguments, key handle | Wrapped key, return status code |
| nCoreAPI Read file | UC | Input arguments, file info, slot | File data, return status code |
| nCoreAPI Read share | UC | Input arguments, slot, key handle | return status code |
| nCoreAPI Send share to remote slot | UC | Input arguments | Encrypted share, return status code |
| nCoreAPI Receive share from remote slot | UC | Input arguments, encrypted share | return status code |
| nCoreAPI Redeem Ticket | UC | Input arguments, ticket | Key handle, return status code |
| nCoreAPI Remote Administration | UC | Input arguments, apdu payload | apdu payload, return status code |
| nCoreAPI Destroy | UC | Input arguments, key handle | return status code |
| nCoreAPI Report statistics | UC | Input arguments | Statistics, return status code |
| nCoreAPI Show Status | UC | Input arguments | Status and versioning info, return status code |
| nCoreAPI Set ACL | UC | Input arguments, key handle, acl | return status code |
| nCoreAPI Set key application data | UC | Input arguments, key handle, app data | return status code |
| nCoreAPI Set NSO Permissions | NSO | Input arguments, hash of KNSO (KNSO), permissions | return status code |
| nCoreAPI Signature generation | UC | Input arguments, mechanism, priv key handle, data to be signed | Signed data, return status code |
| nCoreAPI Sign Module State | UC | Input arguments | Certificate, return status code |
| nCoreAPI Signature verification | UC | Input arguments, mechanism, pub key handle, data to be verified | return status code |
| nCoreAPI Write file | NSO | Input arguments, file info, slot, data | return status code |
| nCoreAPI Write share | UC | Input arguments, file info, slot | Data, return status code |
The Cryptographic Module supports the following roles:
nShield 5s Hardware Security Module
nShield 5s Hardware Security Module
| Name | Use Function | |
|---|---|---|
| Authentication Strength | Authentication Method | Role |
| The ciphersuites used are: ecdh-sha2-nistp256 , aes128-gcm@openssh.com, aes128-ctr@openssh.com, hmac- sha2-256-etm@openssh.com This results in a security strength of 128 bits. A random authentication attempt gives is a probability of success of 2-128, which is less than one in 1,000,000. | ECDSA P-256, P-521 client key authentication as part of establishing an SSH based secure channel. Identity-based and required. | PCO UC |
| Authentication Strength | Authentication Method | Role |
| The module can process around 220 commands per minute. This gives a probability of success in a one minute period of 2-108, which is less than one in 100,000. | ||
| A logical token share stored in a Smartcard or Softcard is encrypted and MAC'ed. An attacker would need to guess the encrypted share value and the associated MAC in order to be able to load a valid Logical token share into the module. This requires, as a minimum, guessing a 256-bit HMAC-SHA256 value, which gives a security strength of 256 bits. A random authentication attempt gives is a probability of success of 2-256 , which is less than one in 1,000,000. The module can process around 220 commands per minute. This gives a probability of success in a one minute period of 2-236, which is less than 10-5, which is less than one in 100,000. | smartcard authentication. Identity-based and required. | NSO |
Table 8 Roles, Service Commands, Input and Output
nShield 5s Hardware Security Module
| Name | Description | Roles | Csps Accessed | Approved Functions | Access | Indicator |
|---|---|---|---|---|---|---|
| info | This is a Show Module's Versioning Information service. This command prints out the contents of the board-id rom file and a number of flags that indicate which other setup subcommands have been previously executed as determined by the existence or non-existence of the relevant files in long-term storage. It also prints out the tag and value pairs of any options set with the setopt subcommand. | PCO | KSESSION - SSH | Data encryption/decryption (Cert. #A2512: AES CTR, GCM) MAC generation / verification (Cert. #A2512: HMAC) | E | return status code 0 |
| factorystate | This is the Perform Zeroisation service. It zeroizes unprotected SSPs and returns the module to factory state. It then initiates a module reboot. | PCO | KRESET (note: any SSP that is derived from KRESET, or protected by an SSP derived from KRESET, will also be effectively zeroised.) KSESSION - SSH | Data encryption/decryption (Cert. #A2512: AES CTR, GCM) MAC generation / verification (Cert. #A2512: HMAC) | Z E G (note: SSH server authentication keys are only generated on first reboot after a | return status code 0 |
| Key generation (Cert. #A2513: ECDSA KeyGen, vendor affirmed: CKG) | KSSH_SETUP, KSSH_SSHADMIN, KSSH_MONITOR, KSSH_UPDATER, KRESET | Key generation (Cert. #A2513: ECDSA KeyGen, vendor affirmed: CKG) | setup factorystate command) | |||
| settime | This subcommand sets the system date and time. | PCO | KSESSION - SSH | Data encryption/decryption (Cert. #A2512: AES CTR, GCM) MAC generation / verification (Cert. #A2512: HMAC) | E | return status code 0 |
| gettime | This subcommand returns the system date and time. | PCO | KSESSION - SSH | Data encryption/decryption (Cert. #A2512: AES CTR, GCM) MAC generation / verification (Cert. #A2512: HMAC) | E | return status code 0 |
| set | Loads the client public key in the module, that will be used to authenticate the requester of a particular service | PCO | KSSH_CLIENT pub KSESSION - SSH | Data encryption/decryption (Cert. #A2512: AES CTR, GCM) MAC generation / verification (Cert. #A2512: HMAC) | W E | return status code 0 |
| list | Obtains the client public key for the service given by the 'role' parameter. | PCO | KSSH_CLIENT pub KSESSION - SSH | Data encryption/decryption (Cert. #A2512: AES CTR, GCM) MAC generation / verification (Cert. #A2512: HMAC) | R E | return status code 0 |
| get- serverkey | Obtains the server public key for the service given by the 'role' parameter. | PCO | KSSH_NCORE pub KSSH_UPDATER pub KSSH_SETUP pub KSSH_SSHADMIN pub KSSH_MONITOR pub KSESSION - SSH | Data encryption/decryption (Cert. #A2512: AES CTR, GCM) MAC generation / verification (Cert. #A2512: HMAC) | R R R E | return status code 0 |
| info | This is a Show Module's Versioning Information service. Obtains the version number of the HSM firmware. | PCO | KSESSION - SSH | Data encryption/decryption (Cert. #A2512: AES) MAC generation / verification (Cert. #A2512: HMAC) | E | return status code 0 |
| receive | Transmits a file (intended to be an npkg upgrade file) to the HSM. | PCO | KSESSION - SSH | Data encryption/decryption (Cert. #A2512: AES) MAC generation / verification (Cert. #A2512: HMAC) | E | return status code 0 |
| load | Verifies that a file on the HSM filesystem is a valid npkg upgrade file and, if so loads the file onto its flash partition. | PCO | NSBIK pub NPSK pub NFIK pub NLIK pub KSESSION - SSH | Digital signature verification (Cert. #A2513: RSA SigVer, ECDSA SigVer) Data encryption/decryption (Cert. #A2512: AES) MAC generation / verification (Cert. #A2512: HMAC) | E E E E E | return status code 0 |
| getlog | This is the Show Status service. Obtains the log of the system | PCO | KSESSION - SSH | Data encryption/decryption (Cert. #A2512: AES CTR, GCM) MAC generation / verification (Cert. #A2512: HMAC) | E | return status code 0 |
| clearlog | Clears the log of the system | PCO | KSESSION - SSH | Data encryption/decryption (Cert. #A2512: AES CTR, GCM) MAC generation / verification (Cert. #A2512: HMAC) | E | return status code 0 |
| python- zeroconf | The (logical) network connection between host and HSM uses TCP/IP protocols over the PCIe bus; however, for ease of setup it needs to avoid requiring IP configuration by the user. Therefore the HSM uses zeroconf: each end of the virtual 'network segment' has only a link-local (IPv4 and IPv6) address. The HSM's address can be discovered by the host using multicast DNS, responding to mDNS queries. | Unauthenticated | return status code 0 | |||
| Big number operation Cmd_BignumOp | Performs an operation on a large integer. | UC | return status OK | |||
| Make Blob Cmd_MakeBlob | Creates a Key blob containing the key. Note that the key ACL needs to authorize the operation. | UC | KA, KRE_BLOBKEY, KR, KM, KNSO, LT BLOBKE, BLOBKM | Key derivation (Cert. #A2513: KBKDF) Key wrapping (Cert. #A2513: AES CBC and HMAC, KTS-IFC) | R E | return status OK |
| Bulk channel Cmd_ChannelOpen Cmd_ChannelUpdate | Provides a bulk processing channel for crypto operations | UC | KA | Encryption and decryption (Cert. #A2513: AES ECB, CBC, GCM) MAC generation and verification (Cert. #A2513: HMAC, KMAC, AES CMAC) Digital signature generation and verification (Cert. #A2513: RSA, ECDSA, DSA) | E | return status OK |
| Check User Action Cmd_CheckUserAction | Determines whether the ACL associated with a key allows a specific operator defined action. | UC | KNSO, KA | R | return status OK | |
| Clear Unit Cmd_ClearUnit | This is the Perform Self-tests service. Zeroises all keys, tokens and shares that are loaded in RAM. Will cause the module | UC | KA, KR, IMPATHKE, IMPATHKM, RAKME, RAKMA | Z | return status OK | |
| Set Module Key Cmd_SetKM | Allows a key to be stored internally as a Module key (KM) value. The ACL needs to authorize this operation. | NSO | KM | Message digest (Cert. #A2513: SHA-1) | W | return status OK |
| Remove Module Key Cmd_RemoveKM | Deletes the KM with a given KM hash value from non- volatile memory. | NSO | KM | Z | return status OK | |
| Duplicate key handle Cmd_Duplicate | Creates a second instance of a Key with the same ACL and returns a handle to the new instance. Note that the source key ACL needs to authorize this operation. | UC | KA | R | return status OK | |
| Enable feature Cmd_StaticFeatureEnable | Enables the service. This service requires a certificate signed by the Master Feature Enable key. | UC | return status OK | |||
| Encryption Cmd_Encrypt | Encryption using the provided key handle. | UC | KA | Data encryption (Cert. #A2513: AES ECB, CBC, GCM) | E | return status OK |
| Decryption Cmd_Decrypt | Decryption using the provided key handle. | UC | KA | Data decryption (Cert. #A2513: AES ECB, CBC, GCM) | E | return status OK |
| Erase from smartcard /softcard Cmd_EraseFile Cmd_EraseShare | Removes a file or a share from a smartcard or softcard | UC | return status OK | |||
| Format Token Cmd_FormatToken | Formats a smartcard or a softcard. | UC | return status OK | |||
| File operations Cmd_FileCopy Cmd_FileCreate Cmd_FileErase Cmd_FileOp | Performs file operations in the module. | UC | return status OK | |||
| Force module to fail Cmd_Fail | Causes the module to enter a failure state. | UC | return status OK | |||
| Generate prime number Cmd_GeneratePrime | Generates a random prime. | UC | DRBG entropy input, seed, internal state ('V' and 'C') | Random bit generation (Cert. #A2513: DRBG) | E | return status OK |
| Generate random number | Generates a random number from the Approved DRBG. | UC | DRBG entropy input, seed, | Random bit generation (Cert. #A2513: DRBG) | E | return status OK |
| Cmd_GenerateRandom | internal state ('V' and 'C') | |||||
| Get ACL Cmd_GetACL | Get the ACL of a given key. | UC | KA | R | return status OK | |
| Get key application data Cmd_GetAppData | Get the application data field from a key. | UC | KA | R | return status OK | |
| Get challenge Cmd_GetChallenge | Get a random challenge that can be used in fresh certificates. | UC | DRBG entropy input, seed, internal state ('V' and 'C') | Random bit generation (Cert. #A2513: DRBG) | E | return status OK |
| Get KLF2 Cmd_GetKLF2 | Get a handle to the Module Long Term (KLF2) public key. | UC | return status OK | |||
| Get Key Information Cmd_GetKeyInfo Cmd_GetKeyInfoEx | Get the type, length and hash of a key. | UC | KA | Message digest (Cert. #A2513: SHA-1) | R | return status OK |
| Get module signing key Cmd_GetKML | Get a handle to the KML public key. | UC | KML | R | return status OK | |
| Get list of slot in the module Cmd_GetSlotList | Get the list of slots that are available from the module. | UC | return status OK | |||
| Get Logical Token Info Cmd_GetLogicalTokenInfo Cmd_GetLogicalTokenInfoEx | Get information about a Logical Token: hash, state and number of shares. | UC | LT | Message digest (Cert. #A2513: SHA-1) | R | return status OK |
| Get list of module keys Cmd_GetKMList | Get the list of the hashes of all module keys and the KNSO. | UC | KM, KNSO, HKNSO | Message digest (Cert. #A2513: SHA-1) | R | return status OK |
| Get module state Cmd_GetModuleState | Returns unsigned data about the current state of the module. | UC | return status OK | |||
| Get real time clock Cmd_GetRTC | Get the current time from the module Real Time Clock. | UC | return status OK | |||
| Get share access control list Cmd_GetShareACL | Get the Share's ACL. | UC | SHAREKEY | R | return status OK | |
| Get Slot Information Cmd_GetSlotInfo | Get information about shares and files on a Smartcard that has been inserted in a module slot. | UC | return status OK | |||
| Get Ticket Cmd_GetTicket | Get a ticket (an invariant identifier) for a key. This can be passed to another client or to a SEE World which can redeem it using Redeem | UC | return status OK | |||
| Initialize Unit Cmd_InitializeUnit Cmd_InitializeUnitEx | Causes the nCore API service in the pre-initialization state to enter the initialization state. When the module enters the initialization state, it erases all Module keys (KM), the module's signing key (KML), and the hash of the Security Officer's keys, HKNSO. It then generates a new KML and KM. | UC | KA, KRE_BLOBKEY, KR, KM, KAL, KML, KNSO, HKNSO, LT | Key generation (Cert. #A2513: CKG, RSA, DSA) Message digest (Cert. #A2513: SHA-1) | Z, G | return status OK |
| Insert a Softcard Cmd_InsertSoftToken | Allocates memory on the module that is used to store the logical token share and other data objects. | UC | return status OK | |||
| Remove a Softcard Cmd_RemoveSoftToken | Removes a Softcard from the module. It returns the updated shares and deletes them from the module’s memory. | UC | return status OK | |||
| Impath channel Cmd_ImpathGetInfo Cmd_ImpathKXBegin Cmd_ImpathKXFinish Cmd_ImpathReceive Cmd_ImpathSend | Support for Impath channel. Requires Feature Enabled. | UC | KML, IMPATHKE, IMPATHKM | Key agreement (Cert. #A2513: KAS-FFC, Safe Primes Generation, Safe Primes Verification) Key derivation (Cert. #A2513: KBKDF) Data encryption and decryption (Cert. #A2513: AES CBC, GCM) MAC generation and verification (Cert. #A2513: HMAC-SHA256) | G, E | return status OK |
| Key generation Cmd_GenerateKey Cmd_GenerateKeyPair | Generates a cryptographic key of a given type with a specified ACL. It returns a handle to the key. Optionally, it returns a KML signed certificate with the hash of the key and its ACL information. | UC | KML, KA, DRBG entropy input, seed, internal state ('V' and 'C') | Key generation (Cert. #A2513: CKG, RSA, ECDSA, DSA, KAS-ECC, KAS-FFC, Safe Primes Generation) Digital signature generation (Cert. #A2513: DSA) | G | return status OK |
| Key import Cmd_Import | Loads a plain text key into the module. If the module is initialized in approved mode, this service is available for public keys only. | UC | KA | W | return status OK | |
| Derive Key Cmd_DeriveKey | Performs key wrapping, unwrapping, transport, exchange and derivation. The ACL needs to authorize this operation. | UC | KA | Key derivation (Cert. #A2513: KBKDF) | R, W | return status OK |
| Load Blob Cmd_LoadBlob | Load a Key blob into the module. It returns a handle to the key suitable for use with module services. | UC | KA, KRE_BLOBKEY, KR, KM, KNSO BLOBKE, BLOBKM | Key derivation (Cert. #A2513: KBKDF) Key unwrapping (Cert. #A2513: AES CBC and HMAC, KTS-IFC) | W E | return status OK |
| Load Logical Token Cmd_LoadLogicalToken | Initiates loading a Logical Token from Shares, which can be loaded with the Read Share command. | UC | return status OK | |||
| Generate Logical Token Cmd_GenerateLogicalToken | Creates a new Logical Token with given properties and secret sharing parameters. | UC | KM, LT | Key generation (Cert. #A2513: CKG) | G, W | return status OK |
| Message digest Cmd_Hash | Computes the cryptographic hash of a given message. | UC | Message digest (Cert. #A2513: SHS) | return status OK | ||
| Modular Exponentiation Cmd_ModExp Cmd_ModExpCrt Cmd_RSAImmedVerifyEncrypt Cmd_RSAImmedSignDecrypt | Performs a modular exponentiation (standard or CRT) on values supplied with the command. | UC | return status OK | |||
| Module hardware information Cmd_ModuleInfo | Reports detailed hardware information. | UC | return status OK | |||
| No Operation Cmd_NoOp | No operation. | UC | return status OK | |||
| Change Share Passphrase Cmd_ChangeSharePIN Cmd_ChangeShareGroupPIN | Updates the passphrase of a Share. | UC | SHAREKEY, LT, KM | Key derivation (KBKDF) Key wrapping/unwrapping (Cert. #A2513: AES CBC and HMAC, KTS-IFC) | G, E, R, W | return status OK |
| NVRAM Allocate Cmd_NVMemAllocate | Allocation in NVRAM. | NSO | return status OK | |||
| NVRAM Free Cmd_NVMemFree | Deallocation from NVRAM. | UC | return status OK | |||
| Operation on NVM list Cmd_NVMemList | Returns a list of files in NVRAM. | UC | return status OK | |||
| Operation on NVM files Cmd_NVMemOp | Operation on an NVRAM file. | UC | return status OK | |||
| Key export Cmd_Export | Exports a key in plain text. Note: in approved mode, only public keys can be exported. | UC | KA | R | return status OK | |
| Read file Cmd_ReadFile | Reads data from a file on a Smartcard or Softcard. The ACL needs to authorize this operation. | UC | return status OK | |||
| Read share Cmd_ReadShare | Reads a share from a Smartcard or Softcard. Once a quorum of shares have been loaded, the module re- assembles the Logical Token. | UC | SHAREKEY, LT, KM | Key derivation (Cert. #A2513: KBKDF) Key unwrapping (Cert. #A2513: AES CBC and HMAC) | G, E, R | return status OK |
| Send share to remote slot Cmd_SendShare | Reads a Share and encrypts it with the Impath session keys for transmission to the peer module. | UC | IMPATHKE, IMPATHKM, SHAREKEY | Data encryption(Cert. #A2513: AES CBC, GCM) MAC generation (Cert. #A2513: HMAC-SHA256) | R, E | return status OK |
| Receive share from remote slot Cmd_ReceiveShare | Receives a Share encrypted with the Impath session keys by a remote module. | UC | IMPATHKE, IMPATHKM, SHAREKEY | Data decryption (Cert. #A2513: AES CBC, GCM) MAC verification (Cert. #A2513: HMAC-SHA256) | R, E | return status OK |
| Redeem Ticket Cmd_RedeemTicket | Gets a handle in the current name space for the object referred to by a ticket created by Get Ticket. | UC | return status OK | |||
| Remote Administration Cmd_DynamicSlotCreateAssociation Cmd_DynamicSlotExchangeAPDUs Cmd_DynamicSlotsConfigure Cmd_DynamicSlotsConfigureQuery Cmd_VerifyCertificate | Provides remote presentation of Smartcards using a secure channel between the module and the Smartcard. | UC | RAKME, RAKMA, KWARN_pub | Key agreement (Cert. #A2513: KAS-ECC ECDH) Key derivation (Cert. #A2513: KBKDF) Data encryption and decryption (Cert. #A2513: AES CBC) MAC generation and verification (Cert. #A2513: AES CMAC) Digital signature verification (Cert. #A2513: ECDSA) | G, E E | return status OK |
| Destroy Cmd_Destroy | Remove handle to an object in RAM. If the current handle is | UC | KA, KNSO, LT | Z | return status OK | |
| Report statistics Cmd StatGetValues Cmd_StatEnumTree | Reports the values of the statistics tree. | UC | return status OK | |||
| Show Status Cmd_NewEnquiry | This is a Show Status and Show Module's Versioning Information service. Report status information. | UC | return status OK | |||
| Set ACL Cmd_SetACL | Replaces the ACL of a given key with a new ACL. The ACL needs to authorize this operation. | UC | KA | W | return status OK | |
| Set key application data Cmd_SetAppData | Writes the application information field of a key. | UC | KA | W | return status OK | |
| Set NSO Permissions Cmd_SetNSOPerms | Sets the NSO key hash and which permissions require a Delegation Certificate. | NSO | HKNSO | W | return status OK | |
| Signature generation Cmd_Sign | Generate a digital signature or MAC value. | UC | KA, KNSO | MAC generation (Cert. #A2513: HMAC, KMAC, AES CMAC) Digital signature generation (Cert. #A2513: RSA, ECDSA, DSA) | E | return status OK |
| Sign Module State Cmd_SignModuleState | Returns a signed certificate that contains data about the current configuration of the module. | UC | KML | Digital signature generation (Cert. #A2513: DSA) | E | return status OK |
| Signature verification Cmd_Verify | Verifies a digital signature or MAC value. | UC | KA | MAC verification (Cert. #A2513: HMAC, KMAC, AES CMAC) Digital signature verification (Cert. #A2513: RSA, ECDSA, DSA) | E | return status OK |
| Write file Cmd_WriteFile | Writes a file to a Smartcard or Softcard. | NSO | return status OK | |||
| Write share Cmd_WriteShare | Writes a Share to a Smartcard or Softcard. | UC | SHAREKEY, LT, KM | Key derivation (Cert. #A2513: KBKDF) Key wrapping (Cert. #A2513: AES CBC and HMAC) | G, E, W | return status OK |
The following table describes the services provided by the Cryptographic Module and the access policy. The Access column presents the access level given to the SSP G = Generate: The module generates or derives the SSP. E = Execute: The module uses the SSP in performing a cryptographic operation. 4.2.1 / / nShield 5s Hardware Security Module Z E G
/ / Table 10 Approved Services as they only use approved mechanisms. 4.2.2 E E R R E Table 11 Approved Services
nShield 5s Hardware Security Module
as they only use approved mechanisms. 4.2.3 Updater service E E E E E Table 12 Approved Services as they only use approved mechanisms. 4.2.4 Monitor service Table 13 Approved Services as they only use approved mechanisms. nShield 5s Hardware Security Module
4.2.5 Discovery service pythonzeroconf Table 14 Approved Services as they only use approved mechanisms. 4.2.6 nCoreAPI service R E E R Z
nShield 5s Hardware Security Module
R E E E E nShield 5s Hardware Security Module
nShield 5s Hardware Security Module
Z, G G, E G nShield 5s Hardware Security Module W R, W
R R, E R, E G, E E nShield 5s Hardware Security Module Z
W W E E E Table 15 Approved Services Non-approved services will fail with a return an error code indicator "StrictFIPS140".
nShield 5s Hardware Security Module
All nCore API services are sent through the SSH channel, performing security functions Data encryption/decryption, MAC generation / verification and access E (execute) of the session keys KSESSION - SSH. nShield 5s Hardware Security Module
The nShield 5s cryptographic module's executable code is delivered by Entrust as a single signed firmware package (.npkg file). The bootloader and firmware integrity is verified at start up using RSA with 4096 bit key and SHA2-256. The Library Partition is an internal storage area that contains a number of auxiliary files required for operation of the module. The integrity of the Library Partition is verified using ECDSA with curve P-521 and SHA2-512. Operators can initiate the integrity tests on demand by restarting the module.
nShield 5s Hardware Security Module
Not applicable. The module has a limited operational environment, it is designed to accept only controlled firmware changes that successfully pass the software/firmware load test. nShield 5s Hardware Security Module
| Physical Security | Recommended | Inspection/Test Guidance Details |
|---|---|---|
| Mechanism | Frequency of | |
| Inspection/Test | ||
| Hard and opaque epoxy | Monthly | The module should be inspected periodically for evidence of tamper attempts, including the entire enclosure including the epoxy resin security coating for obvious signs of damage. |
| Temperature or voltage | Specify EFP or EFT | Specify if this condition | |
|---|---|---|---|
| measurement | results in a shutdown or | ||
| zeroisation | |||
| Low Temperature | 0ºC | EFP | Shutdown |
| High Temperature | 95ºC | EFP | Shutdown |
| Low Voltage | 2.463V (battery) 0V (PCIe) | EFP | Shutdown |
| High Voltage | 3.553V (battery) 14.45V (PCIe) | EFP | Shutdown |
| Hardness tested temperature measurement | |
|---|---|
| Low Temperature | 0ºC |
| High Temperature | 95ºC |
The product is a multi-chip embedded Cryptographic Module, as defined in FIPS 140-3. It is enclosed 3. The cryptographic module implements Environmental Failure Protections (EFP) which detect out of Table 16 Physical Security Inspection Guidelines 0ºC a Table 17 EFP/EFT 0ºC Table 18 Hardness testing temperature ranges
nShield 5s Hardware Security Module
Not applicable. nShield 5s Hardware Security Module
| Name | Strength | Security Function | Generation | Establishment | Storage | Import Export | Key/SSP/Name/Type | Zeroisation |
|---|---|---|---|---|---|---|---|---|
| Key derivation | 256 bits | Re-settable key A2513 | DRBG | n/a | MSP430 FRAM, in plaintext | Never | KRESET (CSP) | factorystate |
| Encryption of all the service's server authentication SSH keys | 256 bits | Global SSH key encryption key AES-256 A2513 | Derived at start-up using KBKDF from KRESET and other fixed parameters | n/a | RAM, in plaintext | Never | KUSER_SSH (CSP) | Power cycle factorystate |
| SSH channel session | 128 bits | Server authentication SSH key for the Setup service ECDSA P-256 A2513 A2512 | DRBG | n/a | In Flash, encrypted with KUSER_SSH | Private key: never Public key: output via SSHAdmin service | KSSH_SETUP (CSP) | factorystate |
| SSH channel session | 128 bits | Server authentication SSH key for the Updater service ECDSA P-256 A2513 A2512 | DRBG | n/a | In Flash, encrypted with KUSER_SSH | Private key: never Public key: output via SSHAdmin service | KSSH_UPDATER (CSP) | factorystate |
| SSH channel session | 128 bits | Server authentication SSH key for the SSH Admin service ECDSA P-256 A2513 A2512 | DRBG | n/a | In Flash, encrypted with KUSER_SSH | Private key: never Public key: output via SSHAdmin service | KSSH_SSHADMIN (CSP) | factorystate |
| SSH channel session | 128 bits | Server authentication SSH key for the Monitor service | DRBG | n/a | In Flash, encrypted with KUSER_SSH | Private key: never Public key: output via | KSSH_MONITOR (CSP) | factorystate |
| ECDSA P-256 A2513 A2512 | ECDSA P-256 A2513 A2512 | SSHAdmin service | ||||||
| SSH channel data encryption and integrity | 128 bits | SSH channel session keys AES GCM or AES CTR, HMAC A2513 | n/a | ECDH | RAM, in plaintext | Never | KSESSION - SSH (CSP) | Power cycle or channel closure factorystate |
| Firmware integrity test | 128 bits | Bootloader public integrity key RSA 4096 bit A2404 A6385 | Entrust | n/a | Flash, in plaintext | Import: Firmware update Export: Never | NSBIK pub (not an SSP) | n/a |
| Firmware integrity test | 128 bits | Firmware public signature verification key RSA 4096 bit A2404 A6385 | Entrust | n/a | Flash, in plaintext | Import: Firmware update Export: Never | NFIK pub (not an SSP) | n/a |
| Firmware integrity test | 256 bits | Library public integrity key ECDSA P-521 A2513 | Entrust | n/a | Flash, in plaintext | Import: Firmware update Export: Never | NLIK pub (not an SSP) | n/a |
| Firmware loading test | 256 bits | Package public signature verification key ECDSA P-521 A2513 | Entrust | n/a | Flash, in plaintext | Import: Firmware update Export: Never | NPSK pub (PSP) | n/a |
| SSH authentication credentials | 128 bits | Client authentication SSH key for each of the services (Updater, Setup, SSHAdmin, nCoreAPI) ECDSA P-256 A2513 | Client side | n/a | Flash, in plaintext | Through SSHAdmin service | KSSH_CLIENT pub (PSP) | factorystate |
| Random number generation | > 256 bits | Platform DRBG A2513 | 520 bits from the approved Entropy Source. | n/a | RAM, in plaintext | Never | DRBG entropy input (CSP) | Power cycle factorystate |
| Random number generation | 256 bits | Platform DRBG A2513 | Generated as per SP 800-90Arev1 with 696 bits from the approved Entropy Source: 520 bits entropy input 176 bits random nonce | n/a | RAM, in plaintext | Never | DRBG seed (CSP) | Power cycle factorystate |
| Random number generation | 256 bits | Platform DRBG A2513 | Generated as per SP 800- 90Arev1. | n/a | RAM, in plaintext | Never | DRBG internal state ('V' and 'C' values) (CSP) | Power cycle factorystate |
| Key derivation | 256 bits | Master key for container A2513 | Derived at start-up using KBKDF from KRESET, container-id and other fixed value. | n/a | RAM, in plaintext | Never | KCONTAINER (CSP) | Power cycle factorystate |
| Encryption | 256 bits | Encryption key for KSSH_NCORE AES-256 A2513 | Derived at start-up using KBKDF from KCONTAINER, and other fixed value. | n/a | RAM, in plaintext | Never | KCONTAINERSSH (CSP) | Power cycle factorystate |
| SSH channel session | 128 bits | Server authentication ssh key for the nCore API service ECDSA P-256 A2513 A2512 | DRBG | n/a | In Flash, encrypted with KCONTAINERSSH | Private key: Never Public key output via SSH Admin service | KSSH_NCORE (CSP) | factorystate |
| e | h | Function and | n | t | t | e | ||
| Key used to protect recovery keys (KR). | 128 bits | Recovery confidentialit y key RSA 3072 bit A2513 | DRBG | n/a | RAM, in plaintext | Import: From key blob, decrypted with LTRE Export: in key blob, encrypted with LTRE | KRE_BLOBKEY (CSP) | Power cycle Cmd_Destro y factorystate |
| Key used to derive (using SP 800- 108 KDF in counter mode) the keys Ke (AES 256-bit) and Km (HMAC-SHA256) that protect an archive copy of an application key. | 256 bits | Recovery key AES 256 A2513 | DRBG | n/a | RAM, in plaintext | Import: From key blob, decrypted with KRE_BLOBKEY Export: in key blob, encrypted with KRE_BLOBKEY | KR (CSP) | Power cycle Cmd_Destro y factorystate |
| Encryption and decryption MAC generation and verification | 256 bits | Session keys for impath channel A2513 | n/a | DH | RAM, in plaintext | Never | IMPATHKE IMPATHKM (CSP) | Power cycle or channel closure factorystate |
| Application keys used for general purpose cryptographic services: • Encryption and decryption • Digital signature generation and verification • MAC generation and verification • Key derivation, key agreement . | ≥ 112 bits | Application keys A2513 | DRBG | n/a | RAM, in plaintext | Import: From key blob, decrypted with LTA or KR Export: in key blob, encrypted with LTA or KR | KA (CSP) | Power cycle Cmd_Destro y factorystate |
| e | h | Function and | n | t | t | e | ||
| Key used for key derivation to protect logical tokens and associated module Key Blobs. | 256 bits | Security World module key AES 256 A2513 | DRBG | n/a | Flash, in plaintext | Import: From key blob, decrypted with LTM Export: in key blob, encrypted with LTM | KM (CSP) | factorystate or Initialize Unit |
| Digital signature generation for key generation certificates and module state certificates. | 128 bits | Module Signing key DSA 3072 bit A2513 | DRBG | n/a | Flash, in plaintext | Never | KML (CSP) | factorystate or Initialize Unit |
| nShield Security Officer key used for NSO authorisation and Security World integrity | 128 bits | NSO key DSA 3072 bit A2513 | DRBG | n/a | RAM, in plaintext | Import: From key blob, decrypted with LTNSO Export: in key blob, encrypted with LTNSO | KNSO (CSP) | Power cycle Cmd_Destro y factorystate |
| nShield Security Officer key used for NSO authorisation and Security World integrity | 160 bits | Hash of public KNSO A2513 | n/a | Security World creation | Flash, in plaintext | Never | HKNSO (PSP) | factorystate or Initialize Unit |
| Key wrapping | 256 bits | Key blob encryption and MAC key AES 256 HMAC- SHA256 A2513 | n/a | Derived from LTx | RAM, in plaintext | Never | BLOBKE BLOBKM (CSP) | Power cycle factorystate |
| Key derivation | 256 bits | Logical token for key x AES 256 A2513 | DRBG | From Shares using Shamir Secret Schee | RAM, in plaintext | Import: From quorum of encrypted Shares using Shamir Secret Scheme Export: To encrypted Shares using Shamir Secret Scheme | LTx (CSP) | Power cycle Cmd_Destro y factorystate |
| Protects a share when written to a smartcard or softcard. This key is used to derive using KBKDF the keys Ke and Km used to wrap the share. | 256 bits | Share encryption and MAC keys AES 256 HMAC- SHA256 A2513 | n/a | Derived from KM and other additional data | RAM, in plaintext | Never | SHAREKEY (CSP) | Power cycle factorystate |
| e | h | Function and | n | t | t | e | ||
| Encryption and decryption MAC generation and verification | 256 bits | Session keys for remote admin channel AES 256 A2513 | n/a | ECDH | RAM, in plaintext | Never | RAKME RAKMA (CSP) | Power cycle or channel closure factorystate |
| Digital signature generation of the audit trail. | 128 bits | Audit logging key DSA 3072-bit A2513 | DRBG | n/a | Flash, in plaintext | Never | KAL (CSP) | factorystate or Initialize Unit factorystate |
| Digital signature verification to authenticate remote cards. | 256 bits | Entrust root warranting public key for Administrator Cards and Operator Cards ECDSA P-521 A2513 | Entrust | n/a | Flash, in plaintext , as part of the firmware image | Import: fw update Export: never | KWARN pub (PSP) | n/a protected |
| Random number generation | 256 bits | nCoreAPI DRBG A2513 | 520 bits from Platform DRBG | n/a | RAM, in plaintext | Never | DRBG entropy input (CSP) | Power cycle factorystate |
| Random number generation | 256 bits | nCoreAPI DRBG A2513 | Generated as per SP 800- 90Arev1 with 696 bits from Platform DRBG: 520 bits entropy input 176 bits random nonce | n/a | RAM, in plaintext | Never | DRBG seed (CSP) | Power cycle factorystate |
| Random number generation | 256 bits | nCoreAPI DRBG A2513 | Generated as per SP 800- 90Arev1. | n/a | RAM, in plaintext | Never | DRBG internal state ('V' and 'C' values) (CSP) | Power cycle factorystate |
This section defines the Sensitive Security Parameters (SSPs) managed by the cryptographic module. 9.1.1 Platform SSPs n/a n/a
nShield 5s Hardware Security Module
n/a n/a n/a n/a n/a n/a > nShield 5s Hardware Security Module
n/a n/a Table 19 Platform SSP table 9.1.1.1 Service SSPs The following SSPs are related to the nCore API service. & n/a n/a Table 20 nCoreAPI SSP table
nShield 5s Hardware Security Module
9.1.1.2 Security World SSPs The following SSPs are related to the Security World in which the cryptographic module is enrolled into. e h t t y
e h t t n/a n/a 80090Arev1 n/a n/a 80090Arev1. Table 21 Security World SSP table As per IG 9.7.B, the zeroisation of SSPs is explicitly indicated by the successful return code of the setup factorystate command. Temporary SSPs are zeroised implicitly. nShield 5s Hardware Security Module
| Name | Key Size | |
|---|---|---|
| Details | Minimum number of bits | Entropy sources |
| of entropy | of entropy | |
| Hardware entropy source compliant with SP 800-90B. 520 output bits are used for the entropy input of the DRBG, this is more than 256 bits of min-entropy. | 0.89 bits per output bit | nShield 5s Physical True Random Number Generator ESV Cert. #E38 |
Zeroization of all unprotected SSPs keys occurs immediately when the module is reset to the factory state with the setup factorystate command. The cryptographic module has a hardware based true random number generator used to seed the DRBGs.
| Name | Description |
|---|---|
| Bootloader crypto (Cert. #A2404, #A6385) | |
| SHA2-256 | Known Answer Test |
| RSA | Known Answer Test: verification RSASSA-PKCS-v1_5 with 4096 bit key and SHA2-256 |
| nCore crypto (Cert. #A2513) | |
| AES ECB encrypt | Known Answer Test: encryption with 128, 192 and 256-bit keys |
| AES ECB decrypt | Known Answer Test: decryption with 128, 192 and 256-bit keys |
| AES CMAC | Known Answer Test: MAC generation/verification with 128-bit key |
| SHA-1 | Known Answer Test: SHA-1, other sizes are tested along with KAT HMAC |
| SHA-3 | Known Answer Test: SHA3-224, SHA3-256, SHA3-384, SHA3-512 |
| HMAC with SHA-1, SHA2-224, SHA2-256, SHA2- 384, SHA2-512 | Known Answer Test |
| RSA | Known Answer Test: sign/verify RSASSA-PKCS-v1_5 (SHA2-224, SHA2-256, SHA2-384, SHA2-512) with 2048-bit key Known Answer Test: encrypt/decrypt RSA-OAEP with 2048-bit key |
| DSA | Known Answer Test: sign/verify with 2048-bit key and SHA2-224 |
| ECDSA | Known Answer Test: sign/verify with curves P-224 and B-233 |
| KAS-FFC | Known Answer Test: DH Shared Secret Computation with MODP-2048, MODP-3072 |
| KAS-ECC | Known Answer Test: ECDH Shared Secret Computation with curves P-256 and B-233 |
| One-step KDF | Known Answer Test: with SHA2-256 auxiliary function |
| Two-step KDF | Known Answer Test: with HMAC-SHA256 auxiliary function |
| KBKDF | Known Answer Test: Counter KDF with CMAC-AES256 |
| DRBG | Known Answer Test: instantiate, reseed, generate as per SP 800-90Arev1 section 11.3 |
| SSH crypto (Cert. #A2512) | |
| AES GCM encrypt | Known Answer Test: encryption with 128 bit key |
| AES GCM decrypt | Known Answer Test: decryption with 128 bit key |
| AES CTR encrypt | Known Answer Test: encryption with 128 bit key |
| AES CTR decrypt | Known Answer Test: decryption with 128 bit key |
| HMAC with SHA2-256 and SHA2-512 | Known Answer Test |
| KAS-ECC | Known Answer Test: ECDH Shared Secret Computation with curve P-256 |
| ECDSA | Known Answer Test: sign/verify with curves P-256 and P-521 |
| SSH KDF | Known Answer Test: with SHA2-256 |
| Field | Expected value |
| primary-version | 13.2.4-280-7f4f0c24 |
| Field | Expected value |
| recovery-version | 13.2.4-280-7f4f0c24 |
| uboot-version | 1.1.0-1245-b9bedfa or 1.4.1-0-edb84d6e |
| Field | Expected value |
| product name | nC5536E or nC5536N |
| hardware part no | PCA10005-01 revision 03 or revision 04 |
| Field | Expected value |
| buildpart | "value": "PCA10005-01" |
| buildrev | "value": "03" or "value": "04" |
The Cryptographic Module performs pre-operational, conditional and periodic self-tests. It also supports pre-operational self-tests on demand by resetting the module. In the event of a self-test failure, the module enters the error state. While in this state, the module does not process any commands, and will indicate the error on the status LED and the error log, which can be retrieved with the command monitor getlog.
At start up, the following integrity tests are performed:
The following cryptographic algorithm self tests (CASTs) are run before the first use of any cryptographic mechanism. nShield 5s Hardware Security Module
At start up, the SP 800-90B Adaptive Proportion Test and Repetition Count Test are run on the output bits of the entropy source. These tests are also run continuously during operation of the entropy source.
The module performs a pair-wise consistency test when RSA (Cert. #A2513), DSA (Cert. #A2513), generated.
Prior to updating the firmware, the cryptographic module validates the integrity and authenticity of the image update package. The module performs the following actions before replacing the current image:
nShield 5s Hardware Security Module
The following self tests are run periodically every 24 hours:
This section provides specific FIPS-related guidance to Administrators and Operators. This guidance is aimed to complement the product user and installation guides which are delivered with the cryptographic module.
The nShield cryptographic module is sent to the customers using a standard carrier service. After accepting the delivery of the module, a physical inspection of the module shall be performed (refer to Physical Security section). This inspection is done to ensure that the module has not been tampered with during transit. If the inspection results indicate that the module has not been tampered with, the Administrator can then proceed with installation and configuration of the module. The cryptographic module supports firmware upgrades in the field, which are provided by Entrust as a single signed firmware package (.npkg file).
This section provides instructions to inspect the cryptographic module´s fw and hw version information and ensure they correspond with the FIPS 140-3 validated versions.
The cryptographic module provides the service updater info which provides firmware version information in JSON format. Entrust provides the hsmadmin status command-line utility which calls the service updater info internally. hsmadmin status --json { "D5DE-E1F8-D6E7": { "succeeded": true, "data": { "mode": "primary", "uboot-version": "1.1.0-1245-b9bedfa" } } } The following fields in the output must be checked:
nShield 5s Hardware Security Module
The cryptographic module provides the command Cmd_NewEnquiry which reports hardware version information. Entrust provides the enquiry command-line utility which calls Cmd_NewEnquiry internally. The following fields in the output must be checked: Alternatively, the cryptographic module also provides the service setup info which provides hardware version information in JSON format. Entrust provides the hsmadmin info command-line utility which calls the service setup info internally. hsmadmin info --json { "15C8-4387-C748": { "eeprom": { ... , "buildpart": , "buildrev": { "value": "03", "crc": xxxxx } ... } } The following fields in the output must be checked: nShield 5s Hardware Security Module
To configure the cryptographic module in approved mode, the following steps are performed:
Per FIPS 140-3 section 7.11.8, in the event that the module is no longer deployed or intended for further use, the Crypto Officer shall zeroize and destroy the module. The module shall be taken to an electronics recycling facility that offers (and assures) the physical destruction of e-waste.
nShield 5s Hardware Security Module
Not applicable. nShield 5s Hardware Security Module
Contact Us Web site https://www.entrust.com Support https://nshieldsupport.entrust.com Email Support nShield.support@entrust.com Online documentation: Available from the Support site listed above. You can also contact our Support teams by telephone, using the following numbers: Europe, Middle East, and Africa United Kingdom: +44 1223 622 444 One Station Square Cambridge CB1 2GA UK Americas Toll Free: +1 833 425 1990 Fort Lauderdale: +1 954 953 5229 Sawgrass Commerce Center
Sunrise FL 33323 USA Asia Pacific Australia: +61 9126 9070 World Trade Centre Northbank Wharf Siddeley St Melbourne VIC 3005 Australia Japan: +81 50 3196 4994 Hong Kong: +852 3008 4994 31/F, Hysan Place
Causeway Bay Hong Kong
nShield 5s Hardware Security Module
To get help with Entrust nShield HSMs nShield.support@entrust.com nshieldsupport.entrust.com ABOUT ENTRUST CORPORATION Entrust keeps the world moving safely by enabling trusted identities, payments and data protection. Today more than ever, people demand seamless, secure experiences, whether they’re crossing borders, making a purchase, accessing egovernment services or logging into corporate networks. Entrust offers an unmatched breadth of digital security and credential issuance solutions at the very heart of all these interactions. With more than 2,500 colleagues, a network of global partners, and customers in over 150 countries, it’s no wonder the world’s most entrusted organizations trust us.