DocuSign QSCD appliance embedding IDQ’s QRNG chip is now FIPS 140-2 level 3 approved
In September 2022, ID Quantique announced that DocuSign’s new QSCD appliance embedded a QRNG chip source to meet some of the most stringent security, privacy, and data residency requirements (FIPS / CC). Today, we are happy to announce it is FIPS 140-2 level 3 approved.
All over the world, millions of customers and a billion users trust DocuSign to sign their contracts and agreements. When holding that kind of responsibility, you must ensure the highest level of trust – and quantum-grade security emerges as a natural choice in terms of reliability, robustness, and long-term protection.
As entropy represents the cornerstone of cryptography, it is crucial that any device looking at providing the highest security and the strongest encryption keys uses a superior source of entropy. DocuSign has chosen to embed IDQ’s hardware-based entropy source (Quantis IDQ6MC1 chip) that meets the requirements of NIST SP 800-90B.
What has changed regarding NIST entropy validation processes?
In April 2022, NIST’s Cryptographic Module Validation Program (CMVP) introduced a new submission process for entropy sources leading to standalone entropy source validation (ESV) certificates. The validation certificates provide the assurance that a particular entropy source on a particular operating environment conforms to SP 800-90B.
Since October 2022, it is mandatory for crypto modules aiming for FIPS 140-3 certification to have an ESV validated entropy source, which means that an ESV submission must be made prior to the FIPS 140-3 module submission to CMVP, citing an existing entropy validation certificate.
Click to view IDQ’s QRNG chip ESV certificate and DocuSign’s QSCD appliance FIPS certificate.
What changes with standalone ESV certificates?
The goal of standalone ESV certificates is to allow for “as-is” use by other FIPS modules. This means that any crypto module manufacturer who wants to be certified will be able to use IDQ6MC1 QRNG chip without having to do any work of justifying the source of entropy.
IDQ’s QRNG Chips deliver the highest level of trust
Quantis QRNG Chips have been designed to offer the highest security and robustness for the generation of random bits. Since the launch of IDQ’s first QRNG chip in 2020, the range has been expanded to now feature six variations and are embedded into edge devices such as Samsung smartphones all the way into satellites.
Each variation of IDQ’s QRNG Chips is designed to fit specific use cases, with different certifications and compliance:
- All are compliant with NIST SP800-90A/B/C recommendations and passes IID, non-IID tests, DieHarder and NIST SP800-22 test suites.
- Quantis IDQ6MC1 have obtained AEC-Q100 certification, demonstrating they can reliably be embedded in any security system of a connected car to ensure trusted and secured in-vehicle and V2X communications.
- Quantis IDQ20MC1-S chips are designed and tested to ECSS-Q-ST-60-13 versions Class 1 and Class 3 for use in space. These devices meet the harsh requirements needed to survive in mission critical satellite use cases.