Module Name
Broadcom FIPS Object Module for OpenSSL
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys.
Security Level Exceptions
- Roles, Services, and Authentication: Level 2
- Physical Security: N/A
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Broadcom FIPS Module for OpenSSL is a general-purpose cryptographic module integrated in Broadcom’s products and Whitebox switches running Broadcom Network Operating Systems to provide FIPS 140-2 validated cryptography for the protection of sensitive information.
Tested Configuration(s)
- EFOS 3 (Ethernet Fabric OS) running on BES-53248 with Intel® Atom(TM) CPU C2338 with PAA
- EFOS 3 (Ethernet Fabric OS) running on BES-53248 with Intel® Atom™ CPU C2338 without PAA (single user mode)
Approved Algorithms
AES |
Cert. #A844 |
CKG |
vendor affirmed |
CVL |
Cert. #A844 |
DRBG |
Cert. #A844 |
DSA |
Cert. #A844 |
ECDSA |
Cert. #A844 |
HMAC |
Cert. #A844 |
KAS-SSC |
vendor affirmed |
RSA |
Certs. #A844 |
SHS |
Cert. #A844 |
Triple-DES |
Cert. #A844 |
Allowed Algorithms
RSA (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength)