Certificate 2100 - Cisco FIPS Object Module
intCertNum 2100
strVendorName Cisco Systems, Inc.
strURL http://www.cisco.com
strAddress1 170 West Tasman Drive
strAddress2
strAddress3
strCity San Jose
strStateProv CA
strPostalCode 95134
strCountry 95134
strContact Global Certification Team
strEmail certteam@cisco.com
strPhone
strFax
strContact2
strEmail2
strFax2
strPhone2
intCertNum 2100
strModuleName Cisco FIPS Object Module
strPartNumber Software Version: 4.1
memModuleNotes When installed, initialized and configured as specified in the Security Policy Section 3.2 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf]
strPURL
strModuleType Software
strValidationDate 03/07/2014
intOverallLevel 1
memIndividualLevelNotes -Physical Security: N/A ;-Design Assurance: Level 3;-Mitigation of Other Attacks: N/A ;;;-Operational Environment: Tested as meeting Level 1 with Linux 2.6 running on an Octeon Evaluation Board EBH5200 without Octeon; Linux 2.6 running on an Octeon Evaluation Board EBH5200 with Octeon; Linux 2.6 running on a Cisco ASR1002; Android v4.0 running on a Samsung Galaxy S II; Windows 7 running on a Cisco UCS C200 M2 without PAA; Windows 7 running on a Cisco UCS C210 M2 with PAA; FreeBSD 9.0 running on a Cisco UCS C210 M2 without-PAA; Linux 2.6 running on a Cisco UCS C22 M3 with PAA; Linux 2.6 running an Intel Xeon on a Cisco UCS C200 M2 without PAA (single-user mode)
strFIPSAlgorithms AES (Certs. #2678 and #2685);
Triple-DES (Certs. #1606 and #1611);
SHS (Certs. #2247 and #2256);
HMAC (Certs. #1664 and #1672);
DRBG (Certs. #431 and #435);
RSA (Certs. #1377 and #1385);
DSA (Certs. #812 and #814);
ECDSA (Certs. #467 and #471);
CVL (Certs. #151 and #153)
strOtherAlgorithms Diffie-Hellman (key agreement: key establishment methodology provides between 112 and 219 bits of encryption strength;
non-compliant less then 112 bits of encryption strength);
EC Diffie-Hellman (key agreement: key establishment methodology provides between 112 and 256 bits of encryption strength;
non-compliant less then 112 bits of encryption strength);
RSA (key wrapping;
key establishment methodology provides between 112 and 150 bits of encryption strength;
non-compliant less then 112 bits of encryption strength)
strConfiguration Multi-chip standalone
memModuleDescription The Cisco FIPS Object Module (FOM) is a software library that provides cryptographic services to a vast array of Cisco's networking and collaboration products. The module provides FIPS 140 validated cryptographic algorithms for services such as IPSEC, SRTP, SSH, TLS, 802.1x, etc. The module does not directly implement any of these protocols, instead it provides the cryptographic primitives and functions to allow a developer to implement the various protocols.
intModuleCount 1
memAdditionalNotes
strFirstValidtionDate 03/07/14 00:00:00
strLabName CGI
strValidationYear 2014