Module Name
Arista EOS Crypto Module v1.0
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Arista’s crypto library is a comprehensive suite of FIPS Approved algorithms. Many key sizes and modes have been implemented to allow flexibility and efficiency.
Tested Configuration(s)
- EOS v4 running on Arista 7050SX-72 with AMD G Series: eKabini
- EOS v4 running on Arista 7060CX-32S with AMD G Series: Steppe Eagle
- EOS v4 running on Arista 7150S-24 with AMD Athlon NEO X2
- EOS v4 running on Arista 7300 (DCS-7300-SUP supervisor, DCS-7308 chassis) with Intel Sandy Bridge EN
- EOS v4 running on Arista 7500R (DCS-7500-SUP2 supervisor, DCS-7508 chassis) with Intel Broadwell-DE (single-user mode)
Other Algorithms
EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD5; RSA (key transport; key establishment methodology provides 112 or 128 bits of encryption strength); AES KW (non-compliant); AES-XTS (non-compliant); Blowfish; Camellia; CAST5; DES; DES-X; HMAC-MD5; IDEA; MD4; RC2; RC4; RC5; RIPEMD-160; SEED; Triple-DES KW (non-compliant); Whirlpool
