Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3988

Details

Module Name
Cisco ASR 1000 Series Routers without MACSEC
Standard
FIPS 140-2
Status
Historical
 Historical Reason
SP 800-56Arev3 transition - replaced by certificate #4643
Overall Level
1
Caveat
When operated in FIPS mode, installed, initialized and configured as specified in Section 9 of the Security Policy
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
The Cisco ASR 1000 Series Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services; reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Certs. #333, #4583 and #C462
CVL Certs. #1257, #1258 and #C462
DRBG Certs. #1529 and #C462
HMAC Certs. #137, #3034 and #C462
KTS AES Certs. #4583 and #C462; key establishment methodology provides 128 or 256 bits of encryption strength
KTS AES Certs. #4583 and #C462 and HMAC Certs. #3034 and #C462; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Certs. #2436 and #C462 and HMAC Certs. #3034 and #C462; key establishment methodology provides 112 bits of encryption strength
RSA Certs. #2500 and #C462
SHS Certs. #408, #3760 and #C462
Triple-DES Certs. #397, #2436 and #C462
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1257 with CVL Cert. #1258, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1257 with CVL Cert. #1258, key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Hardware Versions
ASR1002-X, [ASR1004 and ASR1006 with components ASR-1000-RP2, ASR1000-ESP20 and ASR1000-ESP40]
Firmware Versions
Cisco IOS-XE 16.12

Vendor

Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, CA 95134
USA

Global Certification Team
certteam@cisco.com

Validation History

Date Type Lab
7/19/2021 Initial ACUMEN SECURITY, LLC
8/25/2021 Update ACUMEN SECURITY, LLC