U.S. flag   An official website of the United States government

Cryptographic Module Validation Program CMVP

Certificate #2034

Details

Module Name
Cisco FIPS Object Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
RNG SP800-131A Revision 1 Transition
Validation Dates
11/13/2013
Overall Level
1
Caveat
When operated in FIPS mode
Security Level Exceptions
  • Design Assurance: Level 3
Module Type
Software
Embodiment
Multi-chip standalone
Description
The Cisco FIPS Object Module (FOM) is a software library that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS 140 validated cryptographic algorithms for services such as IPSEC, SRTP, SSH, TLS, 802.1x, etc. The module does not directly implement any of these protocols, instead it provides the cryptographic primitives and functions to allow a developer to implement the various protocols.
Tested Configuration(s)
  • Android 4.0 running on Samsung Galaxy S II without PAA
  • Android 4.0 running on Samsung SGH-T989 without PAA
  • Apple iOS 5.1 running on Apple iPad (MC705LL) without PAA
  • Free BSD 9.0 running Cisco UCS C200 M2 without PAA
  • Linux 2.6 running on Cisco UCS C210 M2 with PAA
  • Linux 2.6 running on a Cisco ASR1K without PAA (single-user mode)
  • Linux 2.6 running on Cavium CN5200-EVP-MB4-Y without PAA
  • Linux 2.6 running on Cisco ASR1K without PAA
  • Mac OS X 10.7 running on Apple Mac Mini 5,2 with PAA
  • Microsoft Windows 7 (32-bit) running on HP Pro 3130 Microtower with PAA
FIPS Algorithms
AES Certs. #2255 and #2558
CVL Certs. #40 and #95
DRBG Certs. #275 and #385
DSA Certs. #703 and #783
ECDSA Certs. #362 and #440
HMAC Certs. #1382 and #1578
RNG Certs. #1125 and #1215
RSA Certs. #1156 and #1310
SHS Certs. #1942 and #2157
Triple-DES Certs. #1410 and #1548
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 219 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 152 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Software Versions
3.0 and 3.1

Vendor

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Lab

Leidos
NVLAP Code: 200427-0