Cryptographic Module Validation Program CMVP

Certificate #2909

Details

Module Name
Arista EOS Crypto Module v1.0
Standard
FIPS 140-2
Status
Active
Sunset Date
5/14/2022
Validation Dates
05/15/2017;01/28/2019;07/10/2020
Overall Level
1
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Arista’s crypto library is a comprehensive suite of FIPS Approved algorithms. Many key sizes and modes have been implemented to allow flexibility and efficiency.
Tested Configuration(s)
  • EOS v4 running on Arista 7050SX-72 with AMD G Series: eKabini
  • EOS v4 running on Arista 7060CX-32S with AMD G Series: Steppe Eagle
  • EOS v4 running on Arista 7150S-24 with AMD Athlon NEO X2
  • EOS v4 running on Arista 7300 (DCS-7300-SUP supervisor, DCS-7308 chassis) with Intel Sandy Bridge EN
  • EOS v4 running on Arista 7500R (DCS-7500-SUP2 supervisor, DCS-7508 chassis) with Intel Broadwell-DE (single-user mode)
FIPS Algorithms
AES Cert. #4280
CVL Cert. #1012
DRBG Cert. #1340
DSA Cert. #1141
ECDSA Cert. #998
HMAC Cert. #2816
RSA Cert. #2301
SHS Cert. #3516
Triple-DES Cert. #2309
Other Algorithms
EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD5; RSA (key transport; key establishment methodology provides 112 or 128 bits of encryption strength); AES KW (non-compliant); AES-XTS (non-compliant); Blowfish; Camellia; CAST5; DES; DES-X; HMAC-MD5; IDEA; MD4; RC2; RC4; RC5; RIPEMD-160; SEED; Triple-DES KW (non-compliant); Whirlpool
Software Versions
v1.0

Vendor

Arista Networks, Inc.
5453 Great America Parkway
Santa Clara, CA 95054

Richard Whitney
rw@arista.com
Phone: 703-627-6092
Fax: 408-538-8920
Ethan Rahn
erahn@arista.com

Lab

UL VERIFICATION SERVICES INC
NVLAP Code: 100432-0