Cryptographic Module Validation Program CMVP

Certificate #3554

Details

Module Name
Cisco Systems NSS Module
Standard
FIPS 140-2
Status
Active
Sunset Date
10/22/2024
Validation Dates
10/23/2019;11/08/2019
Overall Level
1
Caveat
The module generates keys whose strengths are modified by available entropy. When Operated in FIPS mode
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Cisco Systems NSS Module is a software library supporting FIPS 140-2 approved cryptographic algorithms.
Tested Configuration(s)
  • CentOS Linux 7.4 running on Cisco UCS M4 with Intel Xeon E5-2600
  • CentOS Linux 7.4 running on Cisco UCS M5 with Intel Xeon Bronze
FIPS Algorithms
AES Cert. #C503
DRBG Cert. #C503
DSA Cert. #C503
ECDSA Cert. #C503
HMAC Cert. #C503
KTS AES Cert. #C503; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Cert. #C503; key establishment methodology provides 112 bits of encryption strength
SHS Cert. #C503
Triple-DES Cert. #C503
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG
Software Versions
3.36

Vendor

Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0