[Cscwg-public] FIPS token supporting RSA 3072

Bruce Morton Bruce.Morton at entrust.com
Thu Jan 14 18:51:20 UTC 2021 

SafeNet states that their eToken 5110 CC supports CC EAL5+, which I believe meets our requirement.
https://cpl.thalesgroup.com/access-management/authenticators/pki-usb-authentication/etoken-5110-usb-token
https://cpl.thalesgroup.com/sites/default/files/content/product_briefs/field_document/2020-09/SafeNet_eToken_5110_PB_v20.pdf  


Bruce.

-----Original Message-----
From: Cscwg-public <cscwg-public-bounces at cabforum.org> On Behalf Of Dean Coclin via Cscwg-public
Sent: Thursday, January 14, 2021 1:22 PM
To: Tomas Gustavsson <tomas.gustavsson at primekey.com>; cscwg-public at cabforum.org
Subject: [EXTERNAL]Re: [Cscwg-public] FIPS token supporting RSA 3072

Thanks, this is the same token our team looked into and it does NOT support what they advertise.

Dean

-----Original Message-----
From: Cscwg-public <cscwg-public-bounces at cabforum.org> On Behalf Of Tomas Gustavsson via Cscwg-public
Sent: Thursday, January 14, 2021 12:53 PM
To: cscwg-public at cabforum.org
Subject: [Cscwg-public] FIPS token supporting RSA 3072

Hi,

I think I found, memory is bad since before holidays, the token I looked at then.

The YubiKey FIPS token is a bit strange:
https://www.yubico.com/products/yubikey-fips/
Here it says RSA 2048,

but here
https://support.yubico.com/hc/en-us/articles/360013729079--YubiKey-C-FIPS

It says RSA3072 and 4096 with the OpenPGP module.

The FIPS certificate gives some technical details on HW and firmware...
https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/de
tails?source=RSA&number=2569

https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/de
tails?source=RSA&number=2569

"SLE78CLUFX3000PH e58230b8 with Infineon CL70 1.03.006" is probably a very common chip to use, then it's the token vendor that has to to the FIPS validation of course...

Still a bit confusing on the 3072 bit.

Regards,
Tomas

_______________________________________________
Cscwg-public mailing list
Cscwg-public at cabforum.org
https://lists.cabforum.org/mailman/listinfo/cscwg-public

More information about the Cscwg-public mailing list