Cryptographic Module Validation Program CMVP

Certificate #2984

Details

Module Name
Cisco FIPS Object Module
Standard
FIPS 140-2
Status
Active
Sunset Date
8/2/2022
Validation Dates
08/03/2017
Overall Level
1
Caveat
When installed, initialized and configured as specified in the Security Policy Section 4.2 and operated in FIPS mode. No assurance of the minimum strength of generated keys
Security Level Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Cisco FIPS Object Module (FOM) is a software library that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS 140 validated cryptographic algorithms for services such as IPSEC, SRTP, SSH, TLS, 802.1x, etc. The module does not directly implement any of these protocols, instead it provides the cryptographic primitives and functions to allow a developer to implement the various protocols.
Tested Configuration(s)
  • Android 3.10 running on an ARMv8 on a Google Nexus 5x
  • Apple iOS 9 running on an ARMv8 on an Apple iPad Air 2
  • FreeBSD 10.3 running on an Intel Xeon E5 on a Cisco UCS C220 M4 (single-user mode)
  • FreeBSD 10.3 running on an Intel Xeon on a Supermicro Intel Xeon E5
  • Linux 2.6 running on a Cavium Octeon MIPS64 on a Cisco WLC 5508
  • Linux 2.6 running on a Cavium Octeon MIPS64 with assembler on a Cisco WLC 5508
  • Linux 3.10 running on a Cavium Octeon MIPS64 with assembler on a Cisco ASA FPR-2100
  • Linux 3.10 running on an Intel Core i5 with PAA on a Lenovo M900
  • Linux 3.10 running on an Intel Core i5 without PAA on a Lenovo M900
  • Windows 10 running on an Intel Core i5 with PAA on a Lenovo M900
  • Windows 10 running on an Intel Core i5 without PAA on a Lenovo M900
FIPS Algorithms
AES Certs. #4233, #4234, #4235, #4236 and #4237
CVL Certs. #981, #982, #983 and #984
DRBG Certs. #1316 and #1317
DSA Certs. #1129 and #1130
ECDSA Certs. #978 and #979
HMAC Certs. #2771, #2772, #2773, #2774, #2775 and #2776
KBKDF Certs. #108 and #109
RSA Certs. #2285 and #2286
SHS Certs. #3470, #3471, #3472, #3473, #3474 and #3475
Triple-DES Certs. #2292, #2293 and #2294
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 219 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; RSA (key wrapping; key establishment methodology provides between 112 and 132 bits of encryption strength)
Software Versions
6.2

Vendor

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Lab

CGI ITSETF
NVLAP Code: 200928-0