Skip to main content

Entrust Achieves FIPS 140-3 Certification for nShield 5 HSM Product Suite

Aug

14

2024

News Room Media Inquiry

News Room Media Inquiry

Entrust HSM hardware

Entrust HSMs with latest FIPS and Common Criteria certification enable the highest standards of security, compliance, and crypto-agility today and in a post-quantum future

MINNEAPOLIS (August 14, 2024)Entrust, a global leader in identity and data security, today announced that its high-performance, next-generation nShield 5 hardware security modules (HSMs) have achieved Federal Information Processing Standards (FIPS) 140-3 certification. FIPS 140-3 is the latest version of the U.S. government computer security standard from the National Institute of Standards and Technology (NIST) used to validate cryptographic modules.

By achieving FIPS 140-3 Level 3 validation, Entrust becomes one of the few vendors that can meet the very stringent data security requirements of governments, financial institutions, and enterprises globally. Entrust nShield 5 HSMs feature an innovative new container-based architecture, and a crypto-agile programmable security processor. Entrust’s newest HSM is up to 40% faster than previous versions, making it able to support the accelerating demand from applications requiring the highest levels of data security. Additionally, earlier this year, nShield 5 HSMs achieved Common Criteria EAL4+ certification, meeting the latest industry standards for HSMs to comply with the European Union’s strict eIDAS requirements. Together with the FIPS 140-3 certification, Entrust is positioned to meet organizations’ increasing need for global regulatory compliance support.

“This is a critical milestone – FIPS 140-3 certification for Entrust nShield 5 HSMs provides customers with the security foundation that meets their most demanding protection and performance requirements, and future-proofs investments with the ability to be securely updated as cryptographic standards continue to evolve, for example with post-quantum algorithms,” said Giuseppe Damiano, VP of Product Management at Entrust. “By achieving this certification, along with the Common Criteria standards certification, Entrust nShield 5 HSMs provide customers around the world with assurance their cryptographic modules deliver the highest standards of security and compliance to protect their most sensitive data.”

“To become FIPS 140-3 certified, there’s a great deal of analysis and testing that has to be done by an accredited, independent third-party laboratory,” said Jason Lawlor, President of Lightship Security. “Having an HSM with FIPS 140-3 certification is an essential next step for organizations as they work to protect their data now and into the future. We were thrilled to work with Entrust to achieve this certification and help their customers remain compliant."

Crypto-agility is the capability of organizations to seamlessly adopt new, emerging encryption methods. This is critical as the first waves of post-quantum cryptographic algorithms are standardized, and as additional algorithms continue to be introduced. The nShield 5 HSM offers crypto-agility out of the box with its security processor, a field-programmable gate array (FPGA) that can be readily reprogrammed via software updates. This reduces costly and time-consuming hardware refreshes and increases resilience against quantum computers that may compromise the encryption techniques we rely on today. As we prepare for the coming challenge of quantum computers, HSMs are essential to the security and trust of IT systems, the cloud, and the internet.

"Our customers seek best-in-class, high assurance hardware security modules to protect their high-value cryptographic keys. I'm delighted that the Entrust nShield family of HSMs are now validated to FIPS 140-3,” said Carl Persson, Sales Director Encryption at Verisec International AB. “Verisec is a long-standing partner of Entrust and we recognize the significance of achieving this new security validation for the nShield 5 HSM. Our joint customers will now be able to choose Entrust nShield HSMs to meet their high assurance needs knowing that they have the latest FIPS 140-3 validation in addition to Common Criteria certification and a number of other compelling features."

nShield 5 HSMs are designed to seamlessly integrate with Entrust KeyControl, Entrust’s flagship enterprise key management service. KeyControl offers a unified dashboard for complete visibility, traceability, compliance tracking, and an immutable audit trail for cryptographic assets such as keys and secrets. Its decentralized vault architecture ensures keys remain secure within authorized endpoints, while also supporting a wide range of cryptographic use cases. As a root of trust, Entrust nShield 5 HSMs provide an additional layer of security protecting the keys and secrets managed by KeyControl.

Additional Information
Blog Post: Good things take time...including FIPS 140-3 certification
Product Pages: nShield 5c and nShield 5s and nShield HSMi
FAQ: What is FIPS 140-3?
NIST: Cryptographic Module Validation Program FIPS 140-3 Certificate

About Entrust
Entrust is an innovative leader in identity-centric security solutions, providing an integrated platform of scalable, AI-enabled security offerings. We enable organizations to safeguard their operations, evolve without compromise, and protect their interactions in an interconnected world – so they can transform their businesses with confidence. Entrust supports customers in 150+ countries and works with a global partner network. We are trusted by the world’s most trusted organizations. Learn more at www.entrust.com.

Facebook