Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4790

Details

Module Name
Arista Crypto Module v3.0 [Software, Software IPsec]
Standard
FIPS 140-3
Status
Active
Sunset Date
9/5/2026
Overall Level
1
Caveat
Interim validation. When operated in approved mode. No assurance of the minimum strength of generated SSPs (e.g., keys)
Security Level Exceptions
  • Roles, services, and authentication: Level 2
  • Physical security: N/A
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Arista's crypto library is a comprehensive suite of FIPS Approved algorithms. Many key sizes and modes have been implemented to allow flexibility and efficiency. This validation is for the library contained within the CloudEOS Router products and all its related SKUs, which includes SS-CLOUDEOS-VR-CV-100M-B-1M, SS-CLOUDEOS-VR-CVS-100M-B-1M, SS-CLOUDEOS-VR-CV-1G-B-1M, SS-CLOUDEOS-VR-CVS-1G-B-1M, SS-CLOUDEOS-VR-CV-10G-B-1M, SS-CLOUDEOS-VR-CVS-10G-B-1M, SS-CVPATH-CloudEOS-100M-E-CVS-B-1M, SS-CVPATH-CloudEOS-1G-E-CVS-B-1M, SS-CVPATH-CloudEOS-10G-E-CVS-B-1M and any other future SKUs which use the validated library for the CloudEOS Router product.
Tested Configuration(s)
  • CloudEOS version 4.29 on QEMU version 2.0.0 on Linux 3.10.0-1160.el7.x86_64 running on a Supermicro SYS-1029U-TR-CTO with an Intel Xeon Gold 6240R with PAA
  • CloudEOS version 4.29 on QEMU version 2.0.0 on Linux 3.10.0-1160.el7.x86_64 running on a Supermicro SYS-1029U-TR-CTO with an Intel Xeon Gold 6240R without PAA
Approved Algorithms
AES-CBC
AES-CCM
AES-CFB1
AES-CFB128
AES-CFB8
AES-CMAC
AES-CTR
AES-ECB
AES-GCM
AES-XTS Testing Revision 2.0
Counter DRBG
ECDSA KeyGen (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigVer (FIPS186-4)
Hash DRBG
HMAC DRBG
HMAC-SHA-1
HMAC-SHA2-224
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-512
KAS-ECC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KDF IKEv1
KDF IKEv2
KDF SP800-108
KDF SSH
KDF TLS
KTS-IFC
RSA KeyGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigVer (FIPS186-4)
SHA-1
SHA2-224
SHA2-256
SHA2-384
SHA2-512
TLS v1.2 KDF RFC7627
Software Versions
3.0

Vendor

Arista Networks, Inc.
5453 Great America Parkway
Santa Clara, CA 95054
USA

Arista Networks Certification Team
cert-team@arista.com
Phone: 408-547-5500

Validation History

Date Type Lab
9/6/2024 Initial DEKRA Certification, Inc.