Module Name
Cisco FIPS Object Module
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode
Security Level Exceptions
- Design Assurance: Level 3
Embodiment
Multi-chip standalone
Description
The Cisco FIPS Object Module (FOM) is a software library that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS 140 validated cryptographic algorithms for services such as IPSEC, SRTP, SSH, TLS, 802.1x, etc. The module does not directly implement any of these protocols, instead it provides the cryptographic primitives and functions to allow a developer to implement the various protocols.
Tested Configuration(s)
- Android 4.0 running on Samsung Galaxy S II without PAA
- Android 4.0 running on Samsung SGH-T989 without PAA
- Apple iOS 5.1 running on Apple iPad (MC705LL) without PAA
- Free BSD 9.0 running Cisco UCS C200 M2 without PAA
- Linux 2.6 running on Cisco UCS C210 M2 with PAA
- Linux 2.6 running on a Cisco ASR1K without PAA (single-user mode)
- Linux 2.6 running on Cavium CN5200-EVP-MB4-Y without PAA
- Linux 2.6 running on Cisco ASR1K without PAA
- Mac OS X 10.7 running on Apple Mac Mini 5,2 with PAA
- Microsoft Windows 7 (32-bit) running on HP Pro 3130 Microtower with PAA
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 219 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 152 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Software Versions
3.0 and 3.1