Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4744

Details

Module Name
Linux Kernel FIPS Object Module (KFOM) Cryptographic Module
Standard
FIPS 140-3
Status
Active
Sunset Date
7/28/2029
Overall Level
1
Caveat
No assurance of the minimum strength of generated SSPs (e.g., keys). No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs.
Security Level Exceptions
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Firmware-hybrid
Embodiment
Multi-Chip Stand Alone
Description
The Cisco Linux Kernel FIPS Object Module (KFOM) is a firmware hybrid cryptographic library that serves the operating system kernel. It does not implement any security protocols, instead only allowing for Linux kernel applications access to using approved algorithms.
Tested Configuration(s)
  • Linux 4.9 running on Cisco Meraki MX68CW with ARMv8 Cortex-A53 with PAA
  • Ubuntu 18.04 running on Cisco UCS C220 M5 with Intel Xeon Gold 6138 (Skylake) with PAA
Approved Algorithms
AES-CBC
AES-CBC
AES-CBC-CS3
AES-CBC-CS3
AES-CCM
AES-CCM
AES-CMAC
AES-CMAC
AES-CTR
AES-CTR
AES-ECB
AES-ECB
AES-GCM
AES-GCM
AES-GMAC
AES-GMAC
AES-XTS
AES-XTS
Counter DRBG
Counter DRBG
Hash DRBG
Hash DRBG
HMAC DRBG
HMAC DRBG
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-512
HMAC-SHA2-512
SHA-1
SHA-1
SHA2-224
SHA2-224
SHA2-256
SHA2-256
SHA2-384
SHA2-384
SHA2-512
SHA2-512
Allowed Algorithms
N/A (N/A; N/A)
Hardware Versions
ARMv8 Cortex-A53, Intel Xeon Gold 6138
Firmware Versions
1.0

Vendor

Cisco Systems, Inc.
170 West Tasman Dr.
San Jose, California 95314
USA

Global Certification Team
certteam@cisco.com
Phone: 8005536387

Validation History

Date Type Lab
7/29/2024 Initial ACUMEN SECURITY, LLC