| Standard | FIPS 140-3 |
|---|---|
| Overall level | 3 |
| Module type | Hardware |
| Embodiment | Multi-Chip Stand Alone |
| Status | Active |
| Sunset date | 10/27/2026 |
| Caveat | Interim Validation. When installed, initialized and configured as specified in Section 11.1 of the Security Policy |
| Vendor | RigSec Technology Limited |
| Hardware versions | 3.4.0 |
| Algorithm | ACVP Cert |
|---|---|
| AES-CBC | A2750 |
| AES-ECB | A2750 |
| ECDSA KeyGen (FIPS186-4) | A2750 |
| ECDSA SigGen (FIPS186-4) | A2750 |
| ECDSA SigVer (FIPS186-4) | A2750 |
| Hash DRBG | A2750 |
| HMAC-SHA2-256 | A2750 |
| KDF SP800-108 | A2750 |
| KTS-IFC | A2750 |
| RSA KeyGen (FIPS186-4) | A2750 |
| RSA SigGen (FIPS186-4) | A2750 |
| RSA SigVer (FIPS186-4) | A2750 |
| SHA2-256 | A2749 |
| SHA2-256 | A2750 |
| Requirement area | Level |
|---|---|
| Cryptographic Module Specification | 3 |
| Cryptographic Module Interfaces | 3 |
| Software/Firmware Security | 3 |
| Operational Environment | N/A |
| Physical Security | 3 |
| Non-Invasive Security | N/A |
| Sensitive Security Parameter Management | 3 |
| Self-Tests | 3 |
| Life-Cycle Assurance | 3 |
| Mitigation of Other Attacks | N/A |
flowchart LR
%% Deterministic review-risk graph for RIGFORT Pro Blockchain HSM
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C1["[high] Firmware / bootloader<br/>versions disclosed<br/>(identity, not provenance)<br/><i>1.4.0</i>"]
C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>firmware load<br/>recovery</i>"]
C3["[low] Self-test / status surface<br/>(referenced in text)<br/><i>Self-Test</i>"]
C4["[high] Physical/logical<br/>interfaces (some 'blocked<br/>in firmware')<br/><i>Serial Port (RS-232)</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>kernel<br/>bootloader<br/>application</i>"]
end
subgraph Inference["Derived inference"]
I1["Component identity is<br/>disclosed, but provenance<br/>and patch lineage are not."]
I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
I3["Possible only, some<br/>services may process input<br/>before, or without,<br/>operator authentication."]
I4["Interface reachability may<br/>vary by boot stage and<br/>lifecycle state."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R1["Do the vendor version<br/>strings obscure the<br/>upstream baseline, fork<br/>lineage, or known-CVE<br/>exposure?"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R4["Are interfaces blocked<br/>before the bootloader<br/>runs, or only after<br/>approved mode starts?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E1["SBOM / component baselines<br/>· patch and backport<br/>manifest · CVE disposition"]
E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E4["lifecycle reachability<br/>matrix · boot-stage<br/>interface timing ·<br/>factory/recovery/error-state<br/>access controls"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C1 --> I1 --> R1 --> E1
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C4 --> I4 --> R4 --> E4
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C1,C2,C3,C4,C6 clue;
class I1,I2,I3,I4,I6 infer;
class R1,R2,R3,R4,R6 risk;
class E1,E2,E3,E4,E6 evidence;flowchart LR
%% Deterministic clue tier for RIGFORT Pro Blockchain HSM
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C1["[high] Firmware / bootloader versions disclosed (identity, not provenance)<br/><i>1.4.0</i><br/>src: certificate.firmwareVersions"]
C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>firmware load<br/>recovery</i><br/>src: text:keyword"]
C3["[low] Self-test / status surface (referenced in text)<br/><i>Self-Test</i><br/>src: text:keyword"]
C4["[high] Physical/logical interfaces (some 'blocked in firmware')<br/><i>Serial Port (RS-232)</i><br/>src: securityPolicy.portsAndInterfaces"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>kernel<br/>bootloader<br/>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C1,C4 clueHigh;
class C2,C3,C6 clueLow;RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy RigSec Technology Limited RIGFORT Pro Blockchain HSM Non-Proprietary FIPS 140-3 Security Policy Version: 1.7 Date: January 14, 2026 Version 1.7 Amber Group Public Material
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Table of Contents Version 1.7 Amber Group Public Material
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy List of Tables List of Figures Version 1.7 Amber Group Public Material
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Version 1.7 Amber Group Public Material
| Name | ISO Section | Requirement | Level |
|---|---|---|---|
| 1 | 1 | General | 3 |
| 2 | 2 | Cryptographic Module Specification | 3 |
| 3 | 3 | Cryptographic Module Interfaces | 3 |
| 4 | 4 | Roles, Services and, Authentication | 3 |
| 5 | 5 | Software/Firmware Security | 3 |
| 6 | 6 | Operational Environment | N/A |
| 7 | 7 | Physical Security | 3 |
| 8 | 8 | Non-Invasive Security | N/A |
| 9 | 9 | Sensitive Security Parameter Management | 3 |
| 10 | 10 | Self-Tests | 3 |
| 11 | 11 | Life-Cycle Assurance | 3 |
| 12 | 12 | Mitigation of Other Attacks | N/A |
| Overall | Overall | 3 |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy This document defines the Security Policy for the RIGFORT Pro Blockchain HSM, hereafter denoted the Module. The Module is a multiple-chip standalone cryptographic module. It is a security module that supports the encryption algorithm approved by FIPS 140-3 and with physical security protection measures, key management mechanisms, and security features to provide secured and applicable cryptographic services for customer systems. Specifically, the security features include key wrapping, message authentication code (MAC), message digest, data encryption and decryption, digital signature generation and verification, etc. The FIPS 140-3 security levels for the Module are as follows: N/A N/A N/A Version 1.7 Amber Group Public Material
| Name | Model | Hardware Version | Firmware Version | Features | # |
|---|---|---|---|---|---|
| 1 | RIGFORT Pro Blockchain HSM | 3.4.0 | 1.4.0 | hard metal 1U chassis | 1 |
Security Policy Cryptographic Module Specification The Module is a hardware cryptographic module. The Module is intended for use by US Federal agencies or other markets that require FIPS 140-3 validated Data Encryption Cryptographic implementation. The Module is intended to be used in customer systems requiring security features include key wrapping, message authentication code (MAC), message digest, data encryption and decryption, digital signature generation and verification, etc. 2.1 Operational Environment RigSec Data Encryption cryptographic module is tested on the following operational environment. Table 2
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Figure 3
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Figure 6
| Name | Description | Indicator | FIPS |
|---|---|---|---|
| Non-Approved Mode | Non-approved security functions are available | See HSM mode in Figure 9 | Non-FIPS |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy 2.3 Modes of Operation The Module supports both an Approved and non-Approved mode of operation. To verify that the Module is in the Approved mode of operation, the operation mode indicator can be seen on the left side of the management software or check the operation mode status via the menu: Tools → Display Module Status. Table 3
The Approved mode of operation is configured at reception of the Module by the CO role who implements the instructions in Section 11.2 Cryptographic Officer Guidance. The operation mode can be selected at initialization through the management software and cannot be changed once selected unless restored to factory settings.
The non-Approved mode of operation is configured at reception of the Module by the CO role who implements the instructions in Section 11.2 Cryptographic Officer Guidance. The operation mode can be selected at initialization through the management software and cannot be changed once selected unless restored to factory settings. In order to switch modes, the CO must perform a reset of the module by selecting from Management Console menu: Tools → Reset HSM, which zeroizes all the SSPs. Version 1.7 Amber Group Public Material
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Figure 7
| Name | CAVP Cert | Mode Method | Key Size | Use Function |
|---|---|---|---|---|
| AES [197] | A2750 | ECB [38A] | Key Sizes: 256 | Encrypt, Decrypt |
| CBC [38A] | CBC [38A] | Key Sizes: 256 | Encrypt, Decrypt | |
| DRBG [90A] | A2750 | Hash | SHA-256 | Deterministic Random Bit Generation Security Strength = 256 bits |
| ECDSA [186] | A2750 | Mode: SHA-256 Curves: P-256 | Keys Length: 128 | KeyGen |
| HMAC [198] | A2750 | SHA-256 | Key Length: 256 | Key Derivation for the Session and Session HMAC Keys |
| KBKDF [108] | A2750 | Counter | HMAC-SHA2-256 | Key Derivation |
| KTS-IFC [56Br2] | A2750 | Method: KTS-OAEP- Basic; OAEP-Party_V- confirmation Modulus Length: 2048 Hash: SHA2-256 | Keys Length: 112 | Key Transport: encapsulation and un-encapsulation |
| RSA [186] | A2750 | n = 2048 SHA-256 | KeyGen |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Figure 9
| Name | CAVP Cert | Mode Method | Properties | Use Function | Reference | |
|---|---|---|---|---|---|---|
| SHS [180] | A2750 | SHA2-256 | ECDSA, HMAC, RSA, Message Digest ECDSA, RSA Key Generation | |||
| SHS [180] | A2749 | SHA2-256 | Integrity check, Message Digest | |||
| VA | [133] Sections 4 and 5.1 Asymmetric signature key generation using unmodified DRBG output | Key Generation | CKG [IG D.H] |
| Name | CAVP Cert | Mode Method | Properties | Use Function | Reference | |
|---|---|---|---|---|---|---|
| SHS [180] | A2750 | SHA2-256 | ECDSA, HMAC, RSA, Message Digest ECDSA, RSA Key Generation | |||
| SHS [180] | A2749 | SHA2-256 | Integrity check, Message Digest | |||
| VA | [133] Sections 4 and 5.1 Asymmetric signature key generation using unmodified DRBG output | Key Generation | CKG [IG D.H] |
| Algorithm | D | escription | |
|---|---|---|---|
| ECDSA_secp256k1 | Signature Algorithms of Blockchain | ||
| ed25519 | Signature Algorithms of Blockchain | ||
| ripmd160 | Message Digest algorithm of Blockchain | ||
| sha3-256 (FIPS 202) | Message Digest algorithm of Blockchain | ||
| SM2 | Chinese Elliptic Curve Digital Signature Algorithm (asymmetric encryption/decryption, key agreement, signature generation/verification) | ||
| SM3 | Chinese Message Digest Algorithm (message digest) | ||
| SM4 | Chinese Block Cipher Symmetric Algorithm (symmetric encryption/decryption) | ||
| sr25519 | Signature Algorithms of Blockchain |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Table 5
| Name | Description | Approved Functions | Type | Properties | |
|---|---|---|---|---|---|
| KTS1 | SP 800-56Brev2. KTS-IFC [56Br2] (Key encapsulation and un- encapsulation) per IG D.G | KTS-IFC (Cert. #A2750) Hash: SHA2-256 | KTS | 2048-bit modulus providing 112 bits of encryption strength | Modulus Length: 2048 Keys Length: 112 |
| KTS2 | SP 800-38F. KTS (key wrapping and unwrapping) per IG D.G. | AES-256 (CBC) and HMAC-SHA-256 (Cert. #2750) | KTS | 256- bit keys providing 256 bits of encryption strength | Keys Length: 256 |
| Name | Use Function | Description |
|---|---|---|
| Shamir Secrets Share | Split Knowledge Procedures: Polynomial method used only for secret-sharing. Note: As per NISTIR 8214, Section 6.2, implementation of Shamir Secret Sharing is used to satisfy section 7.9.5 of the FIPS 140-3 standard which defines security requirements for split-knowledge procedures. | The secret sharing algorithm divides the secret and shares the secret among n participants more than specific t participants can calculate or recover the secret, and less than t participants cannot get it. |
| Name | Type | Strength | Operating Environment | Entropy per Sample | Conditioning Components |
|---|---|---|---|---|---|
| AS578 Entropy Source | Physical | 1 bit | ARM Cortex-M | .83 bits | SHA2-256 (Cert. #A2750) |
| Vendor Name | Cert. Number |
|---|---|
| RigSec Technology Limited | ESV Cert. #E17 |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Table 7
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy 2.6 Overall Security Design
| Name | Physical Port | Logical Interface | Data That Passes |
|---|---|---|---|
| Power Ports (2) | Power Ports (2) | Power | Connect the module to the power outlet via the redundant power supply |
| Power button | Power button | Control In | Electrical signal passes through |
| LEDs | LEDs | Status out | Display the working status of the module through different combinations |
| Serial Port (RS-232) | Serial Port (RS-232) | Control in | Data in | Data out | Status out | Connected to the management computer to provide management services |
| Type-c Port | Type-c Port | Control in | Data in | Data out | Status out | Connected to the communication computer to provide cryptographic services for user applications |
| Trusted Channel | Description | ||
|---|---|---|---|
| Directly connected cable through a Serial Port (RS-232) from the Management Console to the module | The Trusted Channel must be setup per section 11.1 Secure Installation, Initialization, Startup and Operation of the Module. The Management Console connects directly to module via a serial port (RS-232). To protect the plaintext CSPs, the physical ports used for the trusted channel are physically separated from all other ports and will be under the direct supervision of the CO. A status indicator through the management console is provided when the trusted channel is in use or not. See the Channel section of Figure 8 |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Table 10
| Name | Roles | Input | Output |
|---|---|---|---|
| Create DMK | ✓ | Command In | Generated DMK. |
| Restore DMK | ✓ | Command In | DMK restored. |
| Add MNG | ✓ | Command In | The MNG account is created. Success/failure status. |
| MNG Login | ✓ | Password | Login CO role. |
| MNG Logout | ✓ | Command In | Logout CO role. |
| Add User Application | ✓ | Command In | The User Application user account is created. Success/failure status. |
| Delete User Application | ✓ | Command In | The User Application user account is deleted. Success/failure status. |
| Reset User Application password | ✓ | Command In | The User Application default password. Success/failure status. |
| List User Application | ✓ | Command In | User list |
| Create User Key | ✓ | Command In | Creates AES/HMAC/HASH/RSA2048/ECDSA-P256 keys for the user |
| Remove User Key | ✓ | Command In | Deletes User Keys |
| List User Key | ✓ | Command In | User key list |
| Key Derivation Function | ✓ | DMK | PK |
| View Log | ✓ | Command In | Log |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Roles, Services and Authentication 4.1 Assumption of Roles and Related Services The Module supports two distinct operator roles, User (User Application external entity) and Cryptographic Officer (CO) (Manager). The cryptographic module enforces the separation of roles using identity-based authentication. Re-authentication is enforced when changing roles. If the CO logs in while the user is logged in, the user will be automatically logged out. Table 12 lists all operator roles supported by the Module and their related services. In addition, the Module supports services which does not require to be authenticated, listed UA in Table 12. The Module does not support a maintenance role and bypass capability. The Module does not support concurrent operators. Previous authentications will be cleared on power cycle. The physical security mechanisms employed by the module protect the SSPs from unauthorized disclosure, modification, and substitution via physical intrusions. Table 12
| Name | Roles | Input | Output | Role | ||||
|---|---|---|---|---|---|---|---|---|
| CO | CO | User | UA | |||||
| User Application Login | ✓ | Command In | Login User role | |||||
| User Application Logout | ✓ | Command In | Logout User role | |||||
| Modify User Application password | ✓ | User Application password | Updated the User Application password. Success/failure status. | |||||
| AES CBC Encryption | ✓ | Plaintext | Ciphertext. Success/failure status | |||||
| AES CBC Decryption | ✓ | Cyphertext | Plaintext. Success/failure status | |||||
| AES ECB Encryption | ✓ | Plaintext | Ciphertext. Success/failure status | |||||
| AES ECB Decryption | ✓ | Cyphertext | Plaintext. Success/failure status | |||||
| RSA2048 Signature generation | ✓ | Command In | Generated signature. Success/failure status | |||||
| RSA2048 Signature verification | ✓ | Signature data | Success/failure status | |||||
| Random Bit Generation | ✓ | Entropy data, DRBG state values | DRBG Seed | ✓ | ||||
| ECDSA Signature generation | ✓ | Command In | Generated signature. Success/failure status | |||||
| ECDSA Signature verification | ✓ | Signature data | Success/failure status | |||||
| Display Module Version | Command In | Module HW version, FW version information | ✓ | ✓ | ||||
| Display Module Status | Command In | FIPS status. | ✓ | ✓ | ||||
| Zeroize | Factory reset Command In | All keys zeroized | ✓ | ✓ | ||||
| Tamper switch triggered, EFP failed | Tamper switch triggered, EFP failed | All unprotected SSPs zeroized | ||||||
| Self-Tests | Command In (Reset, automatic periodic self- tests) | Success/Reset. | ✓ | ✓ | ||||
| Set Mode of operation | Command In | Success/failure status | ✓ |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ periodic selftests) ✓ ✓ ✓ ✓ ✓ Amber Group Public Material
| Name | Key Size | |
|---|---|---|
| Identity-based - The CO is authenticated by UKEY_ID and verified using challenge- response mechanism based on a 2048-bit RSA key pair. The public key is stored in the module in plaintext, and the private key is stored in the user’s USB token. | 112 bits strength of the authentication method, the probability of a successful random attempt is 1 in 2112 Each RSA Signature Verification authentication attempt takes at least 60ms. So, the number of attempts for one minute cannot exceed 1000. The USB token corresponding to CO allows six (6) consecutive failed attempts before locking. After a successful attempt, the number of failures will be reset to zero. After six (6) consecutive failed attempts, the USB token cannot be used. | CO |
| Identity-based – The User role sends assigned username to HSM, and HSM utilizes a challenge-response mechanism for user role authentication. The user's password is protected with a cryptographic hash (SHA- 256 message digest). | Since the password length is eight (8) ASCII printable characters and there are 95 ASCII printable characters, the probability of a successful random attempt is 1 in {(10)*(26^2)*(95^5)} (at least one number, one uppercase, one lowercase). 1. HSM waits for the user to log in. 2. When the user enters the wrong PIN code for the first time, HSM sets the number of consecutive PIN code errors to 1 and starts the consecutive PIN code error cycle timing. 3. Within the consecutive PIN code error cycle (24 hours), if the user enters the wrong PIN code 6 times, the HSM will be locked for 60 minutes. 4. After 60 minutes, HSM will clear the number of consecutive PIN code errors, and the consecutive PIN code error cycle will end and be cleared. 5. Loop back to step 1 and provide login service to the user again. | User |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy 4.2 Authentication Methods The module ensures that there is no visible display of the authentication data. Table 13
| Name | Description | Roles | Csps Accessed | Approved Functions | Access | Indicator |
|---|---|---|---|---|---|---|
| Create DMK | Create a DMK, use the Shamir Secrets Share algorithm to divide the DMK into 3 component keys, and back up these three keys to three external USB tokens respectively. Then derive PK through DMK | CO | Device Master Key (DMK), Protection Key (PK) | HASH_DRBG, KBKDF [108] (Cert. #A2750) | G, R, E | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| Restore DMK | Import 2 component keys stored in the USB token into the cryptographic module, synthesize the DMK through the Shamir Secrets Share algorithm, and then derive the PK through the DMK. | CO | Device Master Key (DMK), Protection Key (PK) | KBKDF (Cert. #A2750) | W, E | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| Add MNG | Write ID and RSA public key from management console to the module. | CO | CO RSA-pub Key | AES-256, SHA2-256, RSA-2048 SigVer. (Cert. #A2750) | G | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| MNG Login | The cryptographic module authenticates the manager's identity | CO | CO RSA-pub Key | RSA-2048 SigVer, HASH_DRBG (Cert. #A2750) | R | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| MNG Logout | Manager logout | CO | N/A | RSA-2048 SigVer. (Cert. #A2750) | N/A | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| Add User Application | Create a user, write the user name and default password to module, and store it with PK protection. | CO | User Password, Protection Key (PK) | AES-256, SHA2-256, RSA-2048 SigVer. (Cert. #A2750) | G | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| Delete User Application | Delete user’s information | CO | User password, Protection Key (PK) | AES-256, SHA2-256, RSA-2048 SigVer. (Cert. #A2750) | Z | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| Reset User Application password | modify user password, write the new default password to the module, and store it with PK protection. | CO | Protection Key (PK) | AES-256, SHA2-256, RSA-2048 SigVer. (Cert. #A2750) | W | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| List User Application | List all currently existing User Application users | CO | N/A | N/A | R | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| Create User Key | Create user key, and store it with PK protection. | CO | User AES key, User ECDSA- pub Key, User ECDSA- priv Key, User RSA-pub Key, User RSA-priv Key, Protection Key (PK) | AES-256, SHA2-256, RSA-2048, ECDSA-P256 (Cert. #2750) | G | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| Remove User Key | Remove user key | CO | User AES key, User ECDSA- pub Key, User ECDSA- priv Key, User RSA-pub Key, User RSA-priv Key, Protection Key (PK) | AES-256, SHA2-256, RSA-2048, ECDSA-P256 (Cert. #2750) | Z | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| List User Key | List user key types | CO | N/A | AES-256, SHA2-256, RSA-2048, ECDSA-P256 (Cert. #2750) | R | Approved mode; ERROR_HSM _STATE; ERROR_OK; |
| Key Derivation Function | Perform Key Derivation using NIST SP800-108 KDF in CTR mode | CO | Device Master KEY (DMK), Protection Key (PK) | KBKDF with HMAC- SHA-256 (Cert. #2750) | R, W, E | Approved mode; ERROR_HSM _STATE; ERROR_OK; |
| View Log | View HSM log | CO | N/A | N/A | R | Approved mode; ERROR_HSM _STATE; ERROR_OK; |
| User Application Login | Verify Username and PASSWORD | User | User Password, RSA Key Decryption Key (KDK), RSA Key Encryption Key (KEK), Session AES Key, Session HMAC Key, Protection Key (PK) | AES-256, HMAC- SHA-256, HASH_DRBG, SHA2- 256, KTS-RSA-2048 (Cert. #A2750) | R | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| User Application Logout | User Application Logout | User | Session AES Key, Session HMAC Key | N/A | R | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| Modify User Application password | modify user password, write the new password to module, and store it with PK protection. | User | User password, Session AES Key, Session HMAC Key, Protection Key (PK) | AES-256, HMAC- SHA-256, KTS-RSA- 2048 (Cert. #A2750) | W | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| AES CBC Encryption | User uses AES CBC encryption service | User | User AES Key, Session AES Key, Session HMAC Key, Protection Key (PK) | AES-256 CBC (Cert. #A2750) | E | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| AES CBC Decryption | User uses AES CBC decryption service | User | User AES Key, Session AES Key, Session HMAC Key, Protection Key (PK) | AES-256 CBC (Cert. #A2750) | E | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| AES ECB Encryption | User uses AES ECB encryption service | User | User AES Key, Session AES Key, Session HMAC Key, Protection Key (PK) | AES-256 ECB (Cert. #A2750) | E | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| AES ECB Decryption | User uses AES ECB decryption service | User | User AES Key, Session AES Key, Session HMAC Key, Protection Key (PK) | AES-256 ECB (Cert. #A2750) | E | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| RSA2048 Signature generation | User uses RSA 2048 signature generation service | User | User RSA-priv Key, Session AES Key, Session HMAC Key, Protection Key (PK) | RSA-2048 SigGen (Cert. #A2750) | E | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| RSA2048 Signature verification | User uses RSA 2048 Signature verification service | User | User RSA-pub Key, Session AES Key, Session HMAC Key, Protection Key (PK) | RSA-2048 SigVer (Cert. #A2750) | E | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| ECDSA Signature generation | User uses ECDSA signature generation service | User | User ECDSA- priv Key, Session AES Key, Session HMAC Key, Protection Key (PK) | ECDSA SigGen (Cert. #A2750) | E | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| ECDSA Signature verification | User uses ECDSA Signature verification service | User | User ECDSA- pub Key, Session AES Key, Session HMAC Key, Protection Key (PK) | ECDSA SigVer (Cert. #A2750) | E | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| Random Bit Generation | Provide random bits from the DRBG | CO, User | DRBG-EI, DRBG-State, DRBG Seed | DRBG [90A] (CERT. #A2750) | R, W, E | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| Display Module Version | Display version number of modules in HSM/hardware/ firmware | CO, UA | N/A | N/A | R, E | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| Display Module Status | View Module status | CO, UA | N/A | N/A | R, E | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
| Zeroize | Zeroization through Factory reset of the module, tamper switch or EFP failure. | CO, UA | Device Master Key (DMK), Protection Key (PK), User AES Key, User ECDSA- priv Key, User ECDSA- pub Key, User RSA-priv key, User RSA-pub keys, User Password, CO RSA-pub Key | N/A | Z | Approved mode; ERROR_OK; |
| Self-Tests | Perform the self-tests automatically when the module is powered on or restarted | CO, UA | N/A | AES-256, HASH_DRBG [90A], ESV [90B] HMAC-SHA-256 KBKDF [108] KTS-RSA-2048 SHA2-256, RSA-2048, ECDSA-P256 (Cert. #2750) | R, E | Approved mode; ERROR_OK; |
| Set Mode of operation | Set the mode of operation | CO | CO RSA-pub Key | RSA-2048 SigVer HASH_DRBG (Cert. #A2750) | W, E | Approved mode; ERROR_OK; ERROR_HSM _STATE; |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy 4.3 Services All services implemented by the Module are listed in Table 14 and Table 15 below. The SSPs modes of access shown in Table 14 are defined as:
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy G N/A Z W N/A R Version 1.7 Amber Group Public Material
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy N/A R R, W, E N/A N/A R R N/A Version 1.7 Amber Group Public Material
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy W E E E Version 1.7 Amber Group Public Material
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy E E E N/A N/A E Amber Group Public Material
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy N/A N/A N/A N/A R, E Z R, E Version 1.7 Amber Group Public Material
| Name | Description | Roles | Approved Functions | Indicator |
|---|---|---|---|---|
| Create User Key | Create user key | CO | ECDSA_secp256k1, ed25519, SM2, SM4, SR25519 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| Remove User Key | Remove user key | CO | ECDSA_secp256k1, ed25519, SM2, SM4, SR25519 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| List User Key | List user key types | CO | ECDSA_secp256k1, ed25519, SM2, SM4, SR25519 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| SM4 Decryption | User uses sm4 decryption service | User | SM4 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| SM4 Encryption | User uses sm4 encryption service | User | SM4 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| SM2 Signature generation | User uses sm2 signature generation service | User | SM2 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| SM2 Signature verification | User uses sm2 Signature verification service | User | SM2 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| ECDSA_secp256k 1 Signature generation | User uses ECDSA_secp256k1 signature generation service | User | ECDSA_secp256k1 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| ECDSA_secp256k 1 Signature verification | User uses ECDSA_secp256k1 Signature verification service | User | ECDSA_secp256k1 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| sr25519 Signature generation | User uses sr25519 signature generation service | User | sr25519 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| sr25519 Signature verification | User uses sr25519 Signature verification service | User | sr25519 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| ed25519 Signature generation | User uses ed25519 signature generation service | User | ed25519 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| ed25519 Signature verification | User uses ed25519 Signature verification service | User | ed25519 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| ripmd160 digest | User uses ripmd160 message digest service | User | ripmd160 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| SHA3-256 digest | User uses sha3-256 message digest service | User | SHA3-256 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| SM3 digest | User uses SM3 message digest service | User | SM3 | Non-Approved Mode; ERROR_OK; ERROR_HSM_S TATE; ERROR_HSM_ MODE; |
| Zeroize | Zeroization through Factory reset of the module, tamper switch or EFP failure. | CO | ECDSA_secp256k1, ed25519, SM2, ripmd160, SHA3-256, SM3, SM4, SR25519 | Non-Approved Mode; ERROR_OK; |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Table 15
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Version 1.7 Amber Group Public Material
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Version 1.7 Amber Group Public Material
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy NOTE: All non-approved services are only available in Non-Approved mode. If invoke any non-approved service in approved mode, the module will return error code ERROR_HSM_MODE. NOTE: All services in Table 14 and Approved SSPs in Table 20 and Table 21 are available in Non-Approved mode. These services are considered non-approved services. Version 1.7 Amber Group Public Material
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Software/Firmware Security The Module is a Level 3 multi-chip standalone hardware module. Firmware integrity verification uses an approved digital signature cryptographic mechanism, if the calculated result is not successfully verified, the test fails, and the module enters the error state. In the production process, the public key of the firmware integrity key pair is written into the flash of the AS578 in plaintext. Use the sha256 algorithm to calculate the message digest of the bootloader, kernel, and application of the IMX6 and the message digest of the executable code of the AS578, sign these message digests with the private key of the firmware integrity key pair, and write these signatures into the flash of the AS578. The firmware integrity check of IMX6 and AS578 is performed as follows: AS578:
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Operational Environment The Module has a non-modifiable operational environment under the FIPS 140-3 definitions. The tested operational environment is listed in Table 2. The Module does not include a firmware load service to support necessary updates. Any firmware not identified in this Security Policy does not constitute the Module defined by this Security Policy or covered by this validation. Version 1.7 Amber Group Public Material
| Physical Security | Recommended Frequency of | Inspection/Test Guidance Details | ||
|---|---|---|---|---|
| Mechanism | Inspection/Test | |||
| Tamper-Evident Seals | Inspect tamper-evident seals monthly. | Look for signs of tampering. If tampering is suspected, then the module must be removed from service. |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy The module is a multiple-chip standalone cryptographic module. Physical security is designed according to Level 3 standards. 7.1 The cryptographic module is contained within a strong enclosure with four (4) tamper-evident seals on the top, left side and bottom and right side and bottom as described in Table
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Seal ID 1 and 2 Figure 10
| Seal ID | Placement |
|---|---|
| 1 | Top side |
| 2 | Top side |
| 3 | Left side and bottom |
| 4 | Right side and bottom |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Figure 12
| Temperature or voltage | EFP | Results | |||
|---|---|---|---|---|---|
| measurement | description | ||||
| Low Temperature | -2.6℃ | A tamper flag is raised, zeroization will proceed. | Zeroization | ||
| High Temperature | 46℃ | A tamper flag is raised, zeroization will proceed. | Zeroization | ||
| Low Voltage | 68V | A tamper flag is raised, triggering the product to shut down immediately | Shut down | ||
| High Voltage | 280V | A tamper flag is raised, triggering the product to shut down immediately | Shut down |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy 7.2 Tamper Detection The cryptographic module includes a tamper detection feature that will immediately zeroize all SSPs when the module's cover is removed. This forces a factory reset and will put the module into the Invasive Error State. This will also close all external interfaces and stop providing all services. The tamper detection remains active at all times including when the module is powered off, which at that point, will operate with an internal battery. As the tamper-evident seals will need to be broken to remove the cover, there is no recovery from the error state as the module will no longer be in service. 7.3 Environmental Failure Protection (EFP) The cryptographic module includes Environmental Failure Protection (EFP). If the voltage falls outside the normal operating range of the module, the module will shut down immediately. If the temperature falls outside the normal operating range of the module, the module will immediately zeroizes all unprotected SSPS. See Table 18 for the temperature and voltage measurements Table 18
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Non-Invasive Security The Module does not implement any mitigation method against non-invasive attack. Version 1.7 Amber Group Public Material
| Method | Description | |
|---|---|---|
| G1 | G1 | Generated internally by using the internal CAVP validated DRBG during module |
| initialization | ||
| G2 | Derived by DMK using SP800-108 CTR KDF (HMAC-SHA256 PRF) | |
| G3 | FIPS 186-4 compliant RSA key generation, using the internal CAVP validated DRBG | |
| G4 | Symmetric key generated by internal CAVP validated DRBG | |
| G5 | FPS 186-4 compliant ECDSA key generation, using the internal CAVP validated DRBG. | |
| G7 | Generated external to the Module and installed during manufacturing | |
| G8 | Generated internally by using the internal entropy source | |
| E1 | E1 | Input in plaintext from 2 of the 3 components stored in the token during module |
| initialization using trusted channel and split knowledge | ||
| E2 | Split into 3 components and Output to 3 tokens in plaintext using trusted channel and | |
| split knowledge. | ||
| E3 | Public key output in plaintext | |
| E4 | E4 | Generated by SDK using AES algorithm and transmitted into the module through KTS- |
| RSA | ||
| E5 | Encrypted by session key and Input by User application | |
| E6 | Generate by USB_TOKEN and imported as identify Key | |
| E7 | Input at manufacturer | |
| E8 | E8 | Generated by SDK using HMAC-SHA256 algorithm and transmitted into the module |
| through KTS-RSA | ||
| S1 | Only stored in volatile memory (RAM). | |
| S2 | Stored in flash encapsulated by PK | |
| S3 | Stored in flash in plaintext | |
| Z1 | Zeroized by Module power cycle | |
| Z2 | Zeroized by the “zeroize” service by overwriting with a fixed pattern of 0s. | |
| Z3 | Dereferenced by session termination and zeroized by OS memory cleanup. | |
| Z4 | Zeroized when the tamper switch is triggered or EFP failed. | |
| Z5 | Zeroized by Factory reset |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Sensitive Security Parameter (SSP) Management The SSPs access methods are described in Table 19 below: Table 19
| Name | Strength | Security Function | Generation | Establishment | Storage | Zeroization | Use | Import Export | Device Master Key (DMK) | |
|---|---|---|---|---|---|---|---|---|---|---|
| Key (PK) | SP800-108 | AES algorithm and | Key (PK) | |||||||
| CTR (Cert. | CTR (Cert. | store (S2) in flash | ||||||||
| #A2750) | #A2750) | inside the module. | ||||||||
| 2048 (Cert. | 2048 (Cert. | transport key used to | ||||||||
| #A2750) | #A2750) | decrypt the RSA Key | ||||||||
| SHA256 | SHA256 | and verification with | ||||||||
| #E17 | #E17 | inputs 512 bits of | ||||||||
| (V and C | information and | (V and C | ||||||||
| value (Per IG | temporary variables | value (Per IG | ||||||||
| D.L entropy | for approved DRBG | D.L entropy | ||||||||
| meets the | function. | meets the | ||||||||
| User AES Key | 128/192/ 256 | G4 | N/A | S2 | Z2, Z5 | User encryption and | N/A | User AES Key | AES CBC, ECB (Cert. #A2750) | |
| User ECDSA- priv Key | 128 | G5 | N/A | S2 | Z2, Z5 | User Signature | N/A | ECDSA P- 256 (Cert. #A2750) | ||
| User RSA- priv Key | 112 | G3 | N/A | S2 | Z2, Z5 | User Signature | N/A | RSA 2048 (Cert. #A2750) | ||
| User Password | 8 charac- ters | N/A | E5 | S2 | Z2, Z5 | User identity | I | N/A |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy 9.1 Critical Security Parameters (CSP) All CSPs used by the Module are described in this section. All usage of these CSPs by the Module is described in the services detailed in 0. Table 20
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Import EstablishZeroizaStorage and SP80090B) N/A N/A and SP80090B) N/A N/A N/A N/A N/A N/A N/A N/A N/A I Version 1.7 Amber Group Public Material
| Name | Strength | Security Function | Generation | Establishment | Storage | Zeroization | Import Export | PSP | Use / Related SSPs | |
|---|---|---|---|---|---|---|---|---|---|---|
| [FIPS 186-4] | 112 | RSA 2048 | N/A | E6 | S2 | Z2, Z4, Z5 | N/A | CO RSA-pub Key | RSA 2048 (Cert. #A2750) | |
| CO Authentication | (Cert. | |||||||||
| RSA (2048) key | 112 | KTS-RSA | G3 | N/A | S1 | Z1, Z3, Z4, Z5 | E3 | RSA Key Encryption Key (KEK) | RSA (2048) key transport (Encryption) key | |
| transport | 2048 | |||||||||
| (Encryption) key | (Cert. | |||||||||
| [FIPS 186-4] | 128 | ECDSA | G5 | N/A | S2 | Z2, Z5 | N/A | User ECDSA-pub | ECDSA P256 (Cert. #A2750) | |
| ECDSA signature | P256 | |||||||||
| verification key and | (Cert. | |||||||||
| protected by the | #A2750) | |||||||||
| [FIPS 186-4] | 112 | G3 | N/A | S2 | Z2, Z5 | N/A | User RSA- pub | RSA 2048 (Cert. #A2750) |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy 9.2 Public Security Parameters (PSP) All PSPs used by the Module are described in this section. All usage of these PSPs by the Module is described in the services detailed in Table 15. Table 21
| Name | Call | Description | Method | Error State | |||
|---|---|---|---|---|---|---|---|
| Firmware integrity | Firmware | The public key of the firmware integrity key pair is written | Firmware integrity | RSA Digital Signature FIPS 186-4 | RSA Digital | ES1 | ES1 |
| integrity | integrity | into the flash of the AS578 in plaintext. Use the sha256 | Signature FIPS | ||||
| 186-4 | algorithm to calculate the message digest of the | 186-4 | |||||
| Entropy Critical Function | When HSM powers on, SP800-90B health tests are | Entropy Critical Function | APT and RCT | ES1 |
| Error State | Description | Indicator | ||
|---|---|---|---|---|
| ES1 | ES1 | The Module fails a KAT, PCT or firmware integrity pre- | The Module enters the critical error state and outputs status of the red LED stays on, the blue LED flashes quickly, otherwise it indicates successful completion by Red LED flashes quickly, blue LED flashes normally. | The Module enters the critical error |
| operational self-test. | state and outputs status of the red | |||
| When HSM enters ES1, the input and output are all closed, | LED stays on, the blue LED flashes | |||
| and the only operation to recovery from error state is to | quickly, otherwise it indicates | |||
| switch power button to restart HSM. After restart, the | successful completion by Red LED | |||
| HSM performs self-test, that will determine which state | flashes quickly, blue LED flashes | |||
| HSM will enter. If HSM enters error state again, the CO | normally. | |||
| must send the HSM to vendor. |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy categorized as either pre-operational self-tests or conditional self-tests. the module is powered on, without external input or control. The Module will not accept any commands when a periodic self-test is required; the commands still in the I/O buffer will be processed by The Module and the periodic self-test executed when the I/O buffer is emptied. The Module logs self-test errors in the system log, the CO can consult the error log by View system logs on management software. When HSM powers on, the operator can perform the on-demand self-test through power cycling. Table 22
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Version 1.7 Amber Group Public Material
| Name | Call | Description | Method | Error State | ||||
|---|---|---|---|---|---|---|---|---|
| AES – ECB | AES – ECB | AES(ECB) with 256-bit key, encryption | AES – ECB | KAT | KAT | ES1 | ES1 | |
| AES – CBC | AES(CBC) with 256-bit key, encryption | AES – CBC | KAT | ES1 | ||||
| DRBG | DRBG | Hash_DRBG using SHA-256, with PR | KAT | ES1 | ||||
| ECDSA | ECDSA | ECDSA with P-256 and SHA-256, signature generation | ECDSA | KAT | KAT | ES1 | ES1 | |
| ECDSA Key Generation | ECDSA Key Generation | ECDSA P-256 Key Generation Pairwise Consistency Test | PCT | ES1 | ||||
| ESV | ESV | An RCT and APT as specified in [90B] section 4.4 are | ESV | SP 800- 90B Health- Test | SP 800- | ES1 | ES1 | |
| 90B | executed before generation of the DRBG entropy input. | 90B | ||||||
| Health- | When the entropy source fails health test, the entropy | Health- | ||||||
| Test | source cannot generate enough entropy. At this time, the | Test | ||||||
| HMAC | HMAC | KAT | ES1 | HMAC-SHA2-256 | ||||
| KBKDF SP800-108 | KBKDF SP800-108 | KAT | ES1 | HMAC-SHA2-256 in Counter Mode | ||||
| RSA | RSA | RSA PKCS#1v1.5 with 2048-bit key and SHA-256, signature | RSA | KAT | KAT | ES1 | ||
| RSA Key Generation | 2048-bit RSA Encryption and Decryption per IG D.G. | RSA Key Generation | PCT | ES1 | ||||
| SHS (Cert. #A2749) | SHS (Cert. #A2749) | SHA2-256 | KAT | ES1 | ||||
| SHS (Cert. #A2750) | SHS (Cert. #A2750) | SHA2-256 | KAT | ES1 |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy The Module performs the following conditional self-tests: Table 24
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy
The module will be securely delivered to the operators via UPS with tracking codes to ensure there is no tampering during delivery. Upon receipt of the module, the CO must check that the module's outer packaging is intact or that the packaging has been opened during transport. Upon delivery, the operator must initialize the module as follows:
The serial port is used to connect the cryptographic module and the management computer. The CO implements management functions such as Add MNG, Restore DMK, user application management, and key management through the management computer. The following is the specific function description. Connect HSM Before use HSM, you have to connect to it first. Choose “Connect” from menu, then the dialog below will appear: Version 1.7 Amber Group Public Material
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Figure 14
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Figure 16
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Figure 18
The Type-C Port is used to connect the cryptographic module and the communication computer. The communication computer is connected to the application server via Ethernet. When CO creates a user account, a default password is generated. The default password is emailed to the appropriate user. The user must change the password when logging in for the first time. Users can access the services of the cryptographic module only after their identity authentication is passed. The cryptographic module provides user applications with services such as user login/logout, data encryption and decryption, data signature and verification. Users are responsible for protecting their passwords from theft.
The Module does not implement any mitigation method against other attacks. Version 1.7 Amber Group Public Material
| Name | Term | Definition | Abbreviation | Full Specification Name |
|---|---|---|---|---|
| [FIPS140-3] | [FIPS140-3] | Security Requirements for Cryptographic Modules, March 22, 2019 | ||
| [ISO19790] | [ISO19790] | International Standard, ISO/IEC 19790, Information technology — Security techniques — Test requirements for cryptographic modules, Third edition, March 2017 | ||
| [ISO24759] | [ISO24759] | International Standard, ISO/IEC 24759, Information technology — Security techniques — Test requirements for cryptographic modules, Second and Corrected version, 15 December 2015 | ||
| [IG] | [IG] | Implementation Guidance for FIPS PUB 140-3 and the Cryptographic Module Validation Program, October 7, 2022 | ||
| [108] | [108] | NIST Special Publication 800-108 rev1, Recommendation for Key Derivation Using Pseudorandom Functions (Revised), August 17, 2022 | ||
| [131A] | [131A] | Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, Revision 2, March 2019 | ||
| [132] | [132] | NIST Special Publication 800-132, Recommendation for Password-Based Key Derivation, Part 1: Storage Applications, December 2010 | ||
| [133] | [133] | NIST Special Publication 800-133, Recommendation for Cryptographic Key Generation, Revision 2, June 2020 | ||
| [135] | [135] | National Institute of Standards and Technology, Recommendation for Existing Application- Specific Key Derivation Functions, Special Publication 800-135rev1, December 2011. | ||
| [186] | [186] | National Institute of Standards and Technology, Digital Signature Standard (DSS), Federal Information Processing Standards Publication 186-4, July 2013. | ||
| [197] | [197] | National Institute of Standards and Technology, Advanced Encryption Standard (AES), Federal Information Processing Standards Publication 197, November 26, 2001 | ||
| [198] | [198] | National Institute of Standards and Technology, The Keyed-Hash Message Authentication Code (HMAC), Federal Information Processing Standards Publication 198-1, July, 2008 | ||
| [180] | [180] | National Institute of Standards and Technology, Secure Hash Standard, Federal Information Processing Standards Publication 180-4, August, 2015 | ||
| [202] | [202] | FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions, FIPS PUB 202, August 2015 | ||
| [38A] | [38A] | National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation, Methods and Techniques, Special Publication 800-38A, December 2001 | ||
| [38B] | [38B] | National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication, Special Publication 800-38B, May 2005 | ||
| [38C] | [38C] | National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality, Special Publication 800-38C, May 2004 | ||
| [38D] | [38D] | National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC, Special Publication 800-38D, November 2007 | ||
| [38E] | [38E] | National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices, Special Publication 800-38E, January 2010 | ||
| [38F] | [38F] | National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping, Special Publication 800-38F, December 2012 | ||
| [56Ar3] | [56Ar3] | NIST Special Publication 800-56A Revision 3, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, April 2018 | ||
| [56Br2] | [56Br2] | NIST Special Publication 800-56B Revision 2, Recommendation for Pair-Wise Key Establishment Schemes Using Finite Field Cryptography, March 2019 | ||
| [56Cr2] | [56Cr2] | NIST Special Publication 800-56C Revision 2, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, August 2020 | ||
| [67] | [67] | National Institute of Standards and Technology, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, Special Publication 800-67rev2, November 17 2017 | ||
| [90A] | [90A] | National Institute of Standards and Technology, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, Special Publication 800-90A, Revision 1, June 2015. | ||
| [90B] | [90B] | National Institute of Standards and Technology, Recommendation for the Entropy Sources Used for Random Bit Generation, Special Publication 800-90B, January 2018. | ||
| Acronym | Acronym | Definition | ||
| AES | AES | Advanced Encryption Standard | ||
| APT | APT | Adaptative Proportion Test | ||
| CBC | CBC | Cipher Block Chaining | ||
| CO | CO | Cryptographic Officer | ||
| CTR | CTR | Counter | ||
| Acronym | Acronym | Definition | ||
| DMK | DMK | Device Master Key | ||
| DRBG | DRBG | Deterministic Random Bit Generator | ||
| ECB | ECB | Electronic Codebook | ||
| ECDSA | ECDSA | Elliptic Curve Digital Signature Algorithm | ||
| EFP | EFP | Environmental Failure Protection | ||
| ENT | ENT | Approved SP800-90B Entropy Source | ||
| ESV | ESV | Entropy Source Validation | ||
| FIPS | FIPS | Federal Information Processing Standard | ||
| HMAC | HMAC | Hash Message Authentication Code | ||
| HSM | HSM | Hardware Security Module | ||
| KAT | KAT | Know Answer Test | ||
| KBKDF | KBKDF | Key-Based Key Derivation Functions | ||
| KDF | KDF | Key Derivation Function | ||
| KTS | KTS | Key Transport Methods | ||
| NIST | NIST | National Institute of Standards and Technology | ||
| OAEP | OAEP | Optimal Asymmetric Encryption Padding | ||
| PCT | PCT | Pairwise Consistency Test | ||
| PK | PK | Protection Key | ||
| PKCS | PKCS | Public-Key Cryptography Standards | ||
| PR | PR | Prediction Resistance | ||
| RAM | RAM | Random Access Memory | ||
| RCT | RCT | Repetition Count Test | ||
| RSA | RSA | Rivest-Shamir-Adleman | ||
| PUB | PUB | Publication | ||
| SDK | SDK | Software Develop Kit | ||
| SHA | SHA | Secure Hash Algorithm | ||
| SHS | SHS | Secure Hash Standard |
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy
The following standards are referred to in this Security Policy. Table 25
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Table 26
RIGFORT Pro Blockchain HSM FIPS 140-3 Security Policy Version 1.7 Amber Group Public Material