Entrust Delivers Enhanced Security with FIPS 140-3 Certification

Entrust, a global leader in identity and data security, today announced that its high-performance, next-generation nShield 5, hardware security modules (HSMs) have achieved Federal Information Processing Standards (FIPS) 140-3 certification. FIPS 140-3 is the latest version of the U.S. government computer security standard from the National Institute of Standards and Technology (NIST) used to validate cryptographic modules.

By achieving FIPS 140-3 Level 3 validation, Entrust becomes one of the few vendors that can meet the very stringent data security requirements of governments, financial institutions, and enterprises globally. Entrust nShield 5 HSMs feature an innovative new container-based architecture and a crypto-agile programmable security processor. Entrust’s newest HSM is up to 40% faster than previous versions, making it able to support the accelerating demand from applications requiring the highest levels of data security. Additionally, earlier this year, nShield 5 HSMs achieved Common Criteria EAL4+ certification, meeting the latest industry standards for HSMs to comply with the European Union’s strict eIDAS requirements. Together with the FIPS 140-3 certification, Entrust is positioned to meet organisations’ increasing need for global regulatory compliance support.

“This is a critical milestone – FIPS 140-3 certification for Entrust nShield 5 HSMs provides customers with the security foundation that meets their most demanding protection and performance requirements, and future-proofs investments with the ability to be securely updated as cryptographic standards continue to evolve, for example with post-quantum algorithms,” said Giuseppe Damiano, VP of Product Management at Entrust. “By achieving this certification, along with the Common Criteria Standards certification, Entrust nShield 5 HSMs provide customers around the world with assurance their cryptographic modules deliver the highest standards of security and compliance to protect their most sensitive data.”

Entrust HSMs Gain FIPS 140-3 Certification

“To become FIPS 140-3 certified, there’s a great deal of analysis and testing that has to be done by an accredited, independent third-party laboratory,” said Jason Lawlor, President of Lightship Security. “Having an HSM with FIPS 140-3 certification is an essential next step for organisations as they work to protect their data now and into the future. We were thrilled to work with Entrust to achieve this certification and help their customers remain compliant.”

Crypto agility is the capability of organisations to seamlessly adopt new, emerging encryption methods. This is critical as the first waves of post-quantum cryptographic algorithms are standardised, and as additional algorithms continue to be introduced. The nShield 5 HSM offers crypto agility out of the box with its security processor, a field programmable gate array (FPGA) that can be readily reprogrammed via software updates. This reduces costly and time-consuming hardware refreshes and increases resilience against quantum computers that may compromise the encryption techniques we rely on today. As we prepare for the coming challenge of quantum computers, HSMs are essential to the security and trust of IT systems, the cloud, and the Internet.

“Our customers seek best-in-class, high-assurance hardware security modules to protect their high-value cryptographic keys. I’m delighted that the Entrust nShield family of HSMs are now validated to FIPS 140-3,” said Carl Persson, Sales Director Encryption at Verisec International AB. “Verisec is a long-standing partner of Entrust and we recognise the significance of achieving this new security validation for the nShield 5 HSM. Our joint customers will now be able to choose Entrust nShield HSMs to meet their high assurance needs knowing that it has the latest FIPS 140-3 validation in addition to Common Criteria certification and a number of other compelling features.”

nShield 5 HSMs are designed to seamlessly integrate with Entrust KeyControl, Entrust’s flagship enterprise key management service. KeyControl offers a unified dashboard for complete visibility, traceability, compliance tracking, and an immutable audit trail for cryptographic assets such as keys and secrets. Its decentralised vault architecture ensures keys remain secure within authorized endpoints, while also supporting a wide range of cryptographic use cases. As a root of trust, Entrust nShield 5 HSMs provide an additional layer of security protecting the keys and secrets managed by KeyControl.