Cryptographic Module Validation Program

Cryptographic Module Validation Program CMVP

Certificate #1496

Historical - The referenced cryptographic module should not be included by Federal Agencies in new procurements. Agencies may make a risk determination on whether to continue using this module based on their own assessment of where and how it is used.

Details

Module Name

Cisco Secure Access Control Server (ACS) FIPS module (cryptolib)

Standard

FIPS 140-2

Status

Historical

Historical Reason

RNG SP800-131A Revision 1 Transition

Overall Level

Caveat

When operated in FIPS mode

Module Type

Software

Embodiment

Multi-chip standalone

Description

The Cisco Secure ACS FIPS Module Version 1.1 is a software cryptographic library that provides cryptographic services to the Cisco Access Control Server (ACS) application. The Secure ACS FIPS module provides FIPS compliant cryptography supporting AAA for IEEE 802.11i security (WPA2) with EAP protocols like EAP-TLS, EAP-FAST, PEAP with RADIUS Key Wrap functionalities, Cisco TrustSec (CTS), and 802.1x-rev.

Tested Configuration(s)

Cisco CARS 1.2.0.182 (single-user mode)

Approved Algorithms

AES	Cert. #1474
HMAC	Cert. #867
RNG	Cert. #805
RSA	Cert. #721
SHS	Cert. #1333

Other Algorithms

AES (Cert. #1474, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); HMAC MD5; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)

Software Versions

1.1, 1.2 and 1.3

Vendor

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Related Files

Security Policy
Consolidated Certificate

Validation History

Date	Type	Lab
2/10/2011	Initial	SAIC-VA
4/27/2011	Update	SAIC-VA
2/23/2012	Update
6/21/2012	Update	SAIC-VA