Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4320

Details

Module Name
SR-OS Cryptographic Module
Standard
FIPS 140-2
Status
Historical
 Historical Reason
Diffie-Hellman was included on the allowed line per D.8 after the cut off date of June 2022.
Overall Level
1
Caveat
When operated in FIPS mode
Security Level Exceptions
  • Mitigation of Other Attacks: N/A
Module Type
Firmware
Embodiment
Multi-Chip Stand Alone
Description
The SR-OS Cryptographic Module (SRCM) provides the cryptographic algorithm functions needed to allow SR-OS to implement cryptography for those services and protocols that require it.
Tested Configuration(s)
  • SR-OS 20.10R4 running on 7750 SR-1 with Cavium OCTEON II CN7360
  • SR-OS 20.10R4 running on 7750 SR-14s with Cavium OCTEON II CN6645
  • SR-OS 20.10R4 running on 7750 SR-1s with Cavium OCTEON II CN7360
  • SR-OS 20.10R4 running on 7750 SR-2e with Cavium OCTEON II CN6645
  • SR-OS 20.10R4 running on 7750 SR-2s with Cavium OCTEON II CN7360
  • SR-OS 20.10R4 running on 7750 SR-7s with Cavium OCTEON II CN6645 (single-user mode)
  • SR-OS 20.10R4 running on 7750 SR-a4 with Cavium OCTEON II CN6635
  • SR-OS 20.10R4 running on 7950 SR-7 with Cavium OCTEON II CN6645
  • SR-OS 20.10R4 running on 7950 XRS-16c with Cavium OCTEON II CN6645
  • SR-OS 20.10R4 running on 7950 XRS-20 with Cavium OCTEON II CN6645
Approved Algorithms
AES Certs. #C2074, #C2075 and #C2084
CVL Certs. #C2074, #C2075 and #C2084
DRBG Certs. #C2074, #C2075 and #C2084
DSA Certs. #C2074, #C2075 and #C2084
ECDSA Certs. #C2074, #C2075 and #C2084
HMAC Certs. #C2074, #C2075 and #C2084
KTS AES Certs. #C2074, #C2075 and #C2084; key establishment methodology provides 128 or 256 bits of encryption strength
RSA Certs. #C2074, #C2075 and #C2084
SHS Certs. #C2074, #C2075 and #C2084
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); NDRNG
Firmware Versions
20.10R4

Vendor

Nokia Corporation
600 March Road
Ottawa, ON K2K 2E6
Canada

Hooman Bidgoli
hooman.bidgoli@nokia.com

Validation History

Date Type Lab
10/5/2022 Initial EWA CANADA