Module Name
IOS Common Cryptographic Module (IC2M)
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys
Security Level Exceptions
- Mitigation of Other Attacks: N/A
- Tested: Cisco ASR1K 1NG, Cisco ISR 4451-X, Cisco ISR 4441, Cisco ASR1K RP2 and Cisco ASR1K 2KP (kingpin) with processor Intel Xeon on IOS XE3.10
- Cisco ISR 3925E and Cisco ISR 3945E with processor Intel Xeon on IOS 15.3
- Cisco ASR1K RP1 with processor Freescale SC8548H on IOS XE3.10
- Cisco ISR c2951, Cisco ISR c3925 and Cisco ISR c3945 with processor Freescale 8752E on IOS 15.3
- Cisco ISR 1921 with processor Cavium CN5020 on IOS 15.3
- Cisco ISR 1941 and Cisco ISR 2900 with processor Cavium CN5220 on IOS 15.3
- Cisco Catalyst 4K with processor MPC8572C on IOS XE 3.6
- Cisco Catalyst 3750x and Cisco Catalyst 3560x with processor Power-PC 405 on IOS 15.2
- Cisco Catalyst 3650 with processor AMCC PowerPC 405EX on IOS XE3.6
- Cisco Catalyst 2960 with processor Cavium CN5230 on IOS 15.2
Embodiment
Multi-chip standalone
Description
The IC2M module provides the FIPS validated cryptographic algorithms for services requiring those algorithms. The module does not implement any protocols directly. Instead, it provides the cryptographic primitives and functions to allow IOS to implement those various protocols.
Other Algorithms
DES; Diffie-Hellman (CVL Cert. #252, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #252, key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); HMAC-MD5; MD2; MD5; NDRNG; RC2; RC4; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength); SEAL
Firmware Versions
Rel 3(1.5.2)
