U.S. flag   An official website of the United States government

Cryptographic Module Validation Program CMVP

Certificate #2301

Details

Module Name
IOS Common Cryptographic Module (IC2M)
Standard
FIPS 140-2
Status
Historical
 Historical Reason
Moved to historical list due to sunsetting
Validation Dates
12/18/2014;06/12/2015
Overall Level
1
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys
Security Level Exceptions
  • Mitigation of Other Attacks: N/A
  • Tested: Cisco ASR1K 1NG, Cisco ISR 4451-X, Cisco ISR 4441, Cisco ASR1K RP2 and Cisco ASR1K 2KP (kingpin) with processor Intel Xeon on IOS XE3.10
  • Cisco ISR 3925E and Cisco ISR 3945E with processor Intel Xeon on IOS 15.3
  • Cisco ASR1K RP1 with processor Freescale SC8548H on IOS XE3.10
  • Cisco ISR c2951, Cisco ISR c3925 and Cisco ISR c3945 with processor Freescale 8752E on IOS 15.3
  • Cisco ISR 1921 with processor Cavium CN5020 on IOS 15.3
  • Cisco ISR 1941 and Cisco ISR 2900 with processor Cavium CN5220 on IOS 15.3
  • Cisco Catalyst 4K with processor MPC8572C on IOS XE 3.6
  • Cisco Catalyst 3750x and Cisco Catalyst 3560x with processor Power-PC 405 on IOS 15.2
  • Cisco Catalyst 3650 with processor AMCC PowerPC 405EX on IOS XE3.6
  • Cisco Catalyst 2960 with processor Cavium CN5230 on IOS 15.2
Module Type
Firmware
Embodiment
Multi-chip standalone
Description
The IC2M module provides the FIPS validated cryptographic algorithms for services requiring those algorithms. The module does not implement any protocols directly. Instead, it provides the cryptographic primitives and functions to allow IOS to implement those various protocols.
FIPS Algorithms
AES Certs. #2783 and #2817
CVL Certs. #252 and #253
DRBG Cert. #481
ECDSA Cert. #493
HMAC Cert. #1764
RSA Cert. #1471
SHS Certs. #2338 and #2361
Triple-DES Certs. #1670, #1671 and #1688
Other Algorithms
DES; Diffie-Hellman (CVL Cert. #252, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #252, key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); HMAC-MD5; MD2; MD5; NDRNG; RC2; RC4; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength); SEAL
Firmware Versions
Rel 3(1.5.2)

Vendor

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Lab

Leidos CSTL
NVLAP Code: 200427-0