| Standard | FIPS 140-3 |
|---|---|
| Overall level | 1 |
| Module type | Software |
| Embodiment | Multi-Chip Stand Alone |
| Status | Active |
| Sunset date | 8/4/2030 |
| Caveat | When installed, initialized and configured as specified in Section 11.1 of the Security Policy |
| Vendor | Ribbon Communications, Inc. |
| Algorithm | ACVP Cert |
|---|---|
| AES-CBC | A5061 |
| AES-CFB1 | A5061 |
| AES-CFB128 | A5061 |
| AES-CFB8 | A5061 |
| AES-CTR | A5061 |
| AES-GCM | A5061 |
| Counter DRBG | A5061 |
| DSA KeyGen (FIPS186-4) | A5061 |
| ECDSA KeyGen (FIPS186-5) | A5061 |
| ECDSA KeyVer (FIPS186-5) | A5061 |
| ECDSA SigGen (FIPS186-5) | A5061 |
| ECDSA SigVer (FIPS186-5) | A5061 |
| HMAC-SHA-1 | A5061 |
| HMAC-SHA2-224 | A5061 |
| HMAC-SHA2-256 | A5061 |
| HMAC-SHA2-384 | A5061 |
| HMAC-SHA2-512 | A5061 |
| KAS-ECC CDH-Component SP800-56Ar3 (CVL) | A5061 |
| KAS-ECC-SSC Sp800-56Ar3 | A5061 |
| KAS-FFC-SSC Sp800-56Ar3 | A5061 |
| KTS-IFC | A5061 |
| PBKDF | A5061 |
| RSA KeyGen (FIPS186-5) | A5061 |
| RSA SigGen (FIPS186-5) | A5061 |
| RSA SigVer (FIPS186-5) | A5061 |
| SHA-1 | A5061 |
| SHA2-224 | A5061 |
| SHA2-256 | A5061 |
| SHA2-384 | A5061 |
| SHA2-512 | A5061 |
| AES-ECB | A5063 |
| KDF SRTP (CVL) | A5063 |
| ECDSA KeyGen (FIPS186-4) | A5061 |
| ECDSA KeyVer (FIPS186-4) | A5061 |
| ECDSA SigGen (FIPS186-4) | A5061 |
| ECDSA SigVer (FIPS186-4) | A5061 |
| RSA KeyGen (FIPS186- 4) | A5061 |
| RSA SigGen (FIPS186- 4) | A5061 |
| RSA SigVer (FIPS186- 4) | A5061 |
| TLS v1.2 KDF RFC7627 (CVL) | A5065 |
| KDF IKEv1 (CVL) | A5062 |
| KDF IKEv2 (CVL) | A5062 |
| KDF SSH (CVL) | A5064 |
| KDF TLS (CVL) | A5065 |
| SHA3-256 | A4087 |
| Requirement area | Level |
|---|---|
| Cryptographic Module Specification | 2 |
| Cryptographic Module Interfaces | 3 |
| Roles, Services, and Authentication | 4 |
| Software/Firmware Security | 5 |
| Operational Environment | 6 |
| Self-Tests | 1 |
| Life-Cycle Assurance | 1 |
flowchart LR
%% Deterministic review-risk graph for SBC SWe Session Border Controller
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C2["[high] Firmware update / recovery<br/>/ rollback services<br/><i>Manage SBC license<br/>Upgrade firmware<br/>Soft Error</i>"]
C3["[high] Unauthenticated /<br/>self-test / status service<br/>surface<br/><i>AES for SNMPv3<br/>Manage SBC license<br/>Configure the SBC system</i>"]
C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>SSH<br/>IKEV</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>application</i>"]
end
subgraph Inference["Derived inference"]
I2["Trusted code is reachable<br/>through update and<br/>recovery paths."]
I3["Some services may process<br/>input before, or without,<br/>operator authentication."]
I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E2["update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C5 --> I5 --> R5 --> E5
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C2,C3,C5,C6 clue;
class I2,I3,I5,I6 infer;
class R2,R3,R5,R6 risk;
class E2,E3,E5,E6 evidence;flowchart LR
%% Deterministic clue tier for SBC SWe Session Border Controller
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C2["[high] Firmware update / recovery / rollback services<br/><i>Manage SBC license<br/>Upgrade firmware<br/>Soft Error</i><br/>src: securityPolicy.services"]
C3["[high] Unauthenticated / self-test / status service surface<br/><i>AES for SNMPv3<br/>Manage SBC license<br/>Configure the SBC system</i><br/>src: securityPolicy.services"]
C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>SSH<br/>IKEV</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C2,C3 clueHigh;
class C5,C6 clueLow;Ribbon Communications, Inc. SBC SWe Session Border Controller Version: 10.01.06 FIPS Security Level: 1 Document Version: 0.6 Prepared for: Prepared by: Ribbon Communications, Inc.
Westford, MA 01886 United States of America Corsec Security, Inc.
Fairfax, VA 22033 United States of America Phone: +1 855 467 6687 www.ribboncommunications.com Phone: +1 703 267 6050 www.corsec.com
July 8, 2025 Table of Contents 1. 1.1 1.2 2. 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 3. 3.1 4. 4.1 4.2 4.3 4.4 4.5 5. 5.1 5.2 6. 6.1 7. 8. 9. 9.1 9.2 9.3 9.4 9.5 SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
10.3 10.4 10.5 July 8, 2025 SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 List of Tables List of Figures SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc. July 8, 2025
| Name | ISO Section | Requirement | Level |
|---|---|---|---|
| 1 | 1 | General | 1 |
| 2 | 2 | Cryptographic module specification | 1 |
| 3 | 3 | Cryptographic module interfaces | 1 |
| 4 | 4 | Roles, services, and authentication | 3 |
| 5 | 5 | Software/Firmware security | 1 |
| 6 | 6 | Operational environment | 1 |
| 7 | 7 | Physical security | N/A |
| 8 | 8 | Non-invasive security | N/A |
| 9 | 9 | Sensitive security parameter management | 1 |
| 10 | 10 | Self-tests | 1 |
| 11 | 11 | Life-cycle assurance | 1 |
| 12 | 12 | Mitigation of other attacks | N/A |
| Overall Level | Overall Level | 1 |
This document deals only with operations and capabilities of the module in the technical terms of a FIPS 140-3 cryptographic module security policy. More information is available on the module from the following sources:
ISO/IEC 19790 Annex B uses the same section naming convention as ISO/IEC 19790 section 7 - Security requirements. For example, Annex B section B.2.1 is named “General” and B.2.2 is named “Cryptographic module specification,” which is the same as ISO/IEC 19790 section 7.1 and section 7.2, respectively. Therefore, the format of this Security Policy is presented in the same order as indicated in Annex B, starting with “General” and ending with “Mitigation of other attacks.” If sections are not applicable, they have been marked as such in this document. 1.2 Security Levels The SBC SWe Session Border Controller is validated at the FIPS 140-3 section levels shown in the table below. Table 1: Security Levels N/A N/A N/A SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
The module has an overall security level of 1. SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc. July 8, 2025
2. Cryptographic Module Specification 2.1 Description July 8, 2025
Ribbon Communications, Inc. (hereafter referred to as Ribbon) is a leader in IP 1 networking with proven expertise in delivering secure, reliable and scalable next-generation infrastructure and subscriber solutions. The Ribbon line of Session Border Controller (SBC) solutions help mid-sized and large enterprises take advantage of cost-saving SIP 2 trunking services by securing their network from IP-based attacks, unifying SIP-based communications and controlling traffic in the network. The Ribbon SBC SWe Session Border Controller (SBC SWe) is a software-based, cloud-optimized SBC architected to enable and secure real-time communications in the cloud. Starting at 25 sessions and scaling to tens of thousands per instance, the unique architecture of the SBC SWe allows customers to define where on the performance curve their network needs to reside. The SBC SWe uses a “microservices” architecture designed to separate signaling, media, and transcoding to optimize virtual network resources. It also supports on-demand auto-scaling, with a feedback loop using Key Performance Indicators and the Ribbon Virtual Network Function (VNF) Manager. The SBC SWe features the same code base, resiliency, media transcoding, and security technology found in Ribbon’s hardware-based SBC 5000 Series and SBC 7000 Session Border Controllers. However, as a software solution, customers can deploy the SBC SWe as a VNF on industry-standard servers in a data center environment using a hypervisor, as a VNF in an OpenStack cloud infrastructure, or as a VNF on public cloud or hosted services. Some of the network and security features provided by the SBC SWe are:
IKEv1
SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
SNMPv3
SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 To support TLS, the module employs the following certificate management techniques:
The SBC SWe Session Border Controller 10.01.06 is a Software module.
The SBC SWe Session Border Controller has a MultiChipStand embodiment.
The module does not have any additional characteristics.
As a software appliance, the module has no physical components. Since the module has no physical characteristics, it makes use of the physical interfaces of the server hosting the virtual environment upon which the module is installed. The hypervisor controls and directs all interactions between the module and the operator, and it is responsible for mapping the module’s virtual interfaces to the host server’s physical interfaces. The module’s cryptographic boundary consists of all functionalities contained within the module’s compiled source code. This comprises the following primary components:
July 8, 2025 Figure 2 shows the logical block diagram of the module executing in memory and its interactions with surrounding software components, as well as the module’s physical perimeter and cryptographic boundary. Virtual Machine HMAC digests SBC SWe application Virtual Machine Virtual Machine Application Application Guest OS Guest OS SonusDB ConnexIP OS KEY: Cryptographic Boundary Physical Perimeter Data Input Data Output Control Input Status Output System Calls Hypervisor Server Hardware Figure 2. Module Block Diagram (with Cryptographic Boundary)
(TOEPP) The physical perimeter of the cryptographic module is defined by the hard enclosure around the GPC on which it runs. Figure 3 is a diagram illustrating the hardware components of a GPC (the dashed line surrounding the hardware components represents the module’s physical perimeter and identifies the hardware with which the processors interface. SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
Hardware Management July 8, 2025 RAM DVD Network Interface HDD Clock Generator SCSI/SATA Controller LEDs/LCD North Bridge Serial CPU(s) Audio Cache Power Interface PCI/PCIe Slots Graphics Controller South Bridge USB PCI/PCIe Slots BIOS External Power Supply Plaintext data Encrypted data Control input Status output Physical Perimeter BIOS
This section is only applicable for hardware modules. N/A for this module.
(Executable Code Sets) The module has the following executable code sets shown in the table below. SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Name | Operating System | Hardware Platform | Firmware Version | Software Version | Processor | Paa Pai | Hypervisor | Features | Package |
|---|---|---|---|---|---|---|---|---|---|
| SBC SWe Session Border Controller | 10.01.06 | Yes | SBC SWe Session Border Controller | ||||||
| Ribbon ConnexIP OS 10 | Ribbon ConnexIP OS 10 | HPE ProLiant DL380 Gen9 | 10.01.06 | Intel Xeon CPU E5 v3 (Haswell) | Yes | VMWare ESXi 6.5 | |||
| Ribbon ConnexIP OS 10 | Ribbon ConnexIP OS 10 | HPE ProLiant DL380 Gen9 | 10.01.06 | Intel Xeon CPU E5 v3 (Haswell) | No | VMWare ESXi 6.5 | |||
| OpenStack | OpenStack | ||||||||
| Amazon Web Services | Amazon Web Services | ||||||||
| Google Cloud Platform | Google Cloud Platform | ||||||||
| Microsoft Azure | Microsoft Azure |
| Name | Operating System | Hardware Platform | Firmware Version | Software Version | Processor | Paa Pai | Hypervisor | Features | Package |
|---|---|---|---|---|---|---|---|---|---|
| SBC SWe Session Border Controller | 10.01.06 | Yes | SBC SWe Session Border Controller | ||||||
| Ribbon ConnexIP OS 10 | Ribbon ConnexIP OS 10 | HPE ProLiant DL380 Gen9 | 10.01.06 | Intel Xeon CPU E5 v3 (Haswell) | Yes | VMWare ESXi 6.5 | |||
| Ribbon ConnexIP OS 10 | Ribbon ConnexIP OS 10 | HPE ProLiant DL380 Gen9 | 10.01.06 | Intel Xeon CPU E5 v3 (Haswell) | No | VMWare ESXi 6.5 | |||
| OpenStack | OpenStack | ||||||||
| Amazon Web Services | Amazon Web Services | ||||||||
| Google Cloud Platform | Google Cloud Platform | ||||||||
| Microsoft Azure | Microsoft Azure |
| Name | Operating System | Hardware Platform | Firmware Version | Software Version | Processor | Paa Pai | Hypervisor | Features | Package |
|---|---|---|---|---|---|---|---|---|---|
| SBC SWe Session Border Controller | 10.01.06 | Yes | SBC SWe Session Border Controller | ||||||
| Ribbon ConnexIP OS 10 | Ribbon ConnexIP OS 10 | HPE ProLiant DL380 Gen9 | 10.01.06 | Intel Xeon CPU E5 v3 (Haswell) | Yes | VMWare ESXi 6.5 | |||
| Ribbon ConnexIP OS 10 | Ribbon ConnexIP OS 10 | HPE ProLiant DL380 Gen9 | 10.01.06 | Intel Xeon CPU E5 v3 (Haswell) | No | VMWare ESXi 6.5 | |||
| OpenStack | OpenStack | ||||||||
| Amazon Web Services | Amazon Web Services | ||||||||
| Google Cloud Platform | Google Cloud Platform | ||||||||
| Microsoft Azure | Microsoft Azure |
July 8, 2025 Table 2: Tested Module Identification
The module does not have hybrid disjoint hardware. N/A for this module.
Hybrid The module was tested and found to be compliant with FIPS 140-3 requirements on the environments listed in the table below. Table 3: Tested Operational Environments - Software, Firmware, Hybrid The module is designed to utilize AES-NI 16 extended instruction set when available by the host platform’s CPU for processor algorithm acceleration (PAA) of its AES implementation.
Firmware, Hybrid The cryptographic module maintains validation compliance when operating in a VM with ConnexIP as the guest OS on any compatible GPC using a KVM hypervisor to provide the virtualization layer. Note that the host GPC may be deployed on-prem or in any of the following supported cloud environments:
| Name | CAVP Cert | Properties | Reference |
|---|---|---|---|
| AES-CBC | A5061 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CFB1 | A5061 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CFB128 | A5061 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CFB8 | A5061 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CTR | A5061 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A5061 | Direction - Decrypt, Encrypt IV Generation - Internal IV Generation Mode - 8.2.1 Key Length - 128, 256 | SP 800-38D |
| Counter DRBG | A5061 | Prediction Resistance - No, Yes Mode - AES-128 Derivation Function Enabled - No, Yes | SP 800-90A Rev. 1 |
| DSA KeyGen (FIPS186-4) | A5061 | L - 2048, 3072 N - 224, 256 | FIPS 186-4 |
| ECDSA KeyGen (FIPS186-5) | A5061 | Curve - P-224, P-256, P-384, P-521 Secret Generation Mode - testing candidates | FIPS 186-5 |
| ECDSA KeyVer (FIPS186-5) | A5061 | Curve - P-224, P-256, P-384, P-521 | FIPS 186-5 |
| ECDSA SigGen (FIPS186-5) | A5061 | Curve - P-224, P-256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2-512 | FIPS 186-5 |
| ECDSA SigVer (FIPS186-5) | A5061 | Curve - P-224, P-256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2-512 | FIPS 186-5 |
| HMAC-SHA-1 | A5061 | Key Length - Key Length: 112-65528 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-224 | A5061 | Key Length - Key Length: 112-65528 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-256 | A5061 | Key Length - Key Length: 112-65528 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-384 | A5061 | Key Length - Key Length: 112-65528 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-512 | A5061 | Key Length - Key Length: 112-65528 Increment 8 | FIPS 198-1 |
| KAS-ECC CDH-Component SP800-56Ar3 (CVL) | A5061 | Curve - B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, P-224, P-256, P-384, P-521 | SP 800-56A Rev. 3 |
| KAS-ECC-SSC Sp800-56Ar3 | A5061 | Domain Parameter Generation Methods - P-224, P-256, P-384, P-521 Scheme - ephemeralUnified - KAS Role - initiator, responder | SP 800-56A Rev. 3 |
| KAS-FFC-SSC Sp800-56Ar3 | A5061 | Domain Parameter Generation Methods - FB, FC Scheme - dhEphem - KAS Role - initiator, responder | SP 800-56A Rev. 3 |
| KTS-IFC | A5061 | Modulo - 2048, 3072, 4096 Key Generation Methods - rsakpg1-basic Scheme - KTS-OAEP-basic - KAS Role - initiator, responder Key Transport Method - Key Length - 768 | SP 800-56B Rev. 2 |
| PBKDF | A5061 | Iteration Count - Iteration Count: 10-1000 Increment 1 Password Length - Password Length: 8-128 Increment 1 | SP 800-132 |
| RSA KeyGen (FIPS186-5) | A5061 | Key Generation Mode - probable Modulo - 2048 Primality Tests - 2powSecStr Private Key Format - standard | FIPS 186-5 |
| RSA SigGen (FIPS186-5) | A5061 | Modulo - 2048 Signature Type - pkcs1v1.5 | FIPS 186-5 |
| RSA SigVer (FIPS186-5) | A5061 | Modulo - 2048 Signature Type - pkcs1v1.5 | FIPS 186-5 |
| SHA-1 | A5061 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
July 8, 2025 Table 4: Vendor-Affirmed Operational Environments - Software, Firmware, Hybrid The CMVP makes no statement as to the correct operation of the module or the security strengths of the generated keys when ported to an operational environment not listed on the validation certificate. 2.3 Excluded Components The module does not exclude any components from the requirements. 2.4
mode of operation only; non-Approved operations are not supported. Table 5: Modes List and Description 2.5 Algorithms
The module employs cryptographic algorithm implementations from the following sources:
SRTP
SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Name | CAVP Cert | Properties | Reference |
|---|---|---|---|
| SHA2-224 | A5061 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| SHA2-256 | A5061 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| SHA2-384 | A5061 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| SHA2-512 | A5061 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| AES-CBC | A5063 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CTR | A5063 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-ECB | A5063 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| HMAC-SHA-1 | A5063 | Key Length - Key Length: 8-524288 Increment 8 | FIPS 198-1 |
| KDF SRTP (CVL) | A5063 | AES Key Length - 128, 192 | SP 800-135 Rev. 1 |
| SHA-1 | A5063 | Message Length - Message Length: 0-51200 Increment 8 | FIPS 180-4 |
| ECDSA KeyGen (FIPS186-4) | A5061 | Curve - B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, P-224, P- 256, P-384, P-521 Secret Generation Mode - Testing Candidates | FIPS 186-4 |
| ECDSA KeyVer (FIPS186-4) | A5061 | Curve - B-163, B-233, B-283, B-409, B-571, K-163, K-233, K-283, K-409, K- 571, P-224, P-256, P-384, P-521 | FIPS 186-4 |
| ECDSA SigGen (FIPS186-4) | A5061 | Curve - B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, P-224, P- 256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2-512 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A5061 | Curve - B-163, B-233, B-283, B-409, B-571, K-163, K-233, K-283, K-409, K- 571, P-224, P-256, P-384, P-521 Hash Algorithm - SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512 | FIPS 186-4 |
| RSA KeyGen (FIPS186- 4) | A5061 | Key Generation Mode - B.3.3 Modulo - 2048 Primality Tests - Table C.2 Private Key Format - Standard | FIPS 186-4 |
| RSA SigGen (FIPS186- 4) | A5061 | Signature Type - PKCS 1.5 Modulo - 2048 | FIPS 186-4 |
| RSA SigVer (FIPS186- 4) | A5061 | Signature Type - PKCS 1.5 Modulo - 1024, 2048 | FIPS 186-4 |
| TLS v1.2 KDF RFC7627 (CVL) | A5065 | Hash Algorithm - SHA2-256, SHA2-384, SHA2-512 | SP 800-135 Rev. 1 |
| KDF IKEv1 (CVL) | A5062 | Authentication Method - Digital Signature, Pre-shared Key, Public Key Encryption Diffie-Hellman Shared Secret Length - Diffie-Hellman Shared Secret Length: 2048 Hash Algorithm - SHA-1, SHA2-256, SHA2-384, SHA2-512 Preshared Key Length - Preshared Key Length: 64-512 Increment 8 | SP 800-135 Rev. 1 |
| KDF IKEv2 (CVL) | A5062 | Diffie-Hellman Shared Secret Length - Diffie-Hellman Shared Secret Length: 224-4096 Increment 8 Derived Keying Material Length - Derived Keying Material Length: 160-4096 Increment 8 Hash Algorithm - SHA2-256, SHA2-384, SHA2-512 | SP 800-135 Rev. 1 |
| Name | CAVP Cert | Properties | Reference |
|---|---|---|---|
| SHA2-224 | A5061 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| SHA2-256 | A5061 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| SHA2-384 | A5061 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| SHA2-512 | A5061 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| AES-CBC | A5063 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CTR | A5063 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-ECB | A5063 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| HMAC-SHA-1 | A5063 | Key Length - Key Length: 8-524288 Increment 8 | FIPS 198-1 |
| KDF SRTP (CVL) | A5063 | AES Key Length - 128, 192 | SP 800-135 Rev. 1 |
| SHA-1 | A5063 | Message Length - Message Length: 0-51200 Increment 8 | FIPS 180-4 |
| ECDSA KeyGen (FIPS186-4) | A5061 | Curve - B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, P-224, P- 256, P-384, P-521 Secret Generation Mode - Testing Candidates | FIPS 186-4 |
| ECDSA KeyVer (FIPS186-4) | A5061 | Curve - B-163, B-233, B-283, B-409, B-571, K-163, K-233, K-283, K-409, K- 571, P-224, P-256, P-384, P-521 | FIPS 186-4 |
| ECDSA SigGen (FIPS186-4) | A5061 | Curve - B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, P-224, P- 256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2-512 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A5061 | Curve - B-163, B-233, B-283, B-409, B-571, K-163, K-233, K-283, K-409, K- 571, P-224, P-256, P-384, P-521 Hash Algorithm - SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512 | FIPS 186-4 |
| RSA KeyGen (FIPS186- 4) | A5061 | Key Generation Mode - B.3.3 Modulo - 2048 Primality Tests - Table C.2 Private Key Format - Standard | FIPS 186-4 |
| RSA SigGen (FIPS186- 4) | A5061 | Signature Type - PKCS 1.5 Modulo - 2048 | FIPS 186-4 |
| RSA SigVer (FIPS186- 4) | A5061 | Signature Type - PKCS 1.5 Modulo - 1024, 2048 | FIPS 186-4 |
| TLS v1.2 KDF RFC7627 (CVL) | A5065 | Hash Algorithm - SHA2-256, SHA2-384, SHA2-512 | SP 800-135 Rev. 1 |
| KDF IKEv1 (CVL) | A5062 | Authentication Method - Digital Signature, Pre-shared Key, Public Key Encryption Diffie-Hellman Shared Secret Length - Diffie-Hellman Shared Secret Length: 2048 Hash Algorithm - SHA-1, SHA2-256, SHA2-384, SHA2-512 Preshared Key Length - Preshared Key Length: 64-512 Increment 8 | SP 800-135 Rev. 1 |
| KDF IKEv2 (CVL) | A5062 | Diffie-Hellman Shared Secret Length - Diffie-Hellman Shared Secret Length: 224-4096 Increment 8 Derived Keying Material Length - Derived Keying Material Length: 160-4096 Increment 8 Hash Algorithm - SHA2-256, SHA2-384, SHA2-512 | SP 800-135 Rev. 1 |
| Name | CAVP Cert | Properties | Reference |
|---|---|---|---|
| SHA2-224 | A5061 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| SHA2-256 | A5061 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| SHA2-384 | A5061 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| SHA2-512 | A5061 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| AES-CBC | A5063 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CTR | A5063 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-ECB | A5063 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| HMAC-SHA-1 | A5063 | Key Length - Key Length: 8-524288 Increment 8 | FIPS 198-1 |
| KDF SRTP (CVL) | A5063 | AES Key Length - 128, 192 | SP 800-135 Rev. 1 |
| SHA-1 | A5063 | Message Length - Message Length: 0-51200 Increment 8 | FIPS 180-4 |
| ECDSA KeyGen (FIPS186-4) | A5061 | Curve - B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, P-224, P- 256, P-384, P-521 Secret Generation Mode - Testing Candidates | FIPS 186-4 |
| ECDSA KeyVer (FIPS186-4) | A5061 | Curve - B-163, B-233, B-283, B-409, B-571, K-163, K-233, K-283, K-409, K- 571, P-224, P-256, P-384, P-521 | FIPS 186-4 |
| ECDSA SigGen (FIPS186-4) | A5061 | Curve - B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, P-224, P- 256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2-512 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A5061 | Curve - B-163, B-233, B-283, B-409, B-571, K-163, K-233, K-283, K-409, K- 571, P-224, P-256, P-384, P-521 Hash Algorithm - SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512 | FIPS 186-4 |
| RSA KeyGen (FIPS186- 4) | A5061 | Key Generation Mode - B.3.3 Modulo - 2048 Primality Tests - Table C.2 Private Key Format - Standard | FIPS 186-4 |
| RSA SigGen (FIPS186- 4) | A5061 | Signature Type - PKCS 1.5 Modulo - 2048 | FIPS 186-4 |
| RSA SigVer (FIPS186- 4) | A5061 | Signature Type - PKCS 1.5 Modulo - 1024, 2048 | FIPS 186-4 |
| TLS v1.2 KDF RFC7627 (CVL) | A5065 | Hash Algorithm - SHA2-256, SHA2-384, SHA2-512 | SP 800-135 Rev. 1 |
| KDF IKEv1 (CVL) | A5062 | Authentication Method - Digital Signature, Pre-shared Key, Public Key Encryption Diffie-Hellman Shared Secret Length - Diffie-Hellman Shared Secret Length: 2048 Hash Algorithm - SHA-1, SHA2-256, SHA2-384, SHA2-512 Preshared Key Length - Preshared Key Length: 64-512 Increment 8 | SP 800-135 Rev. 1 |
| KDF IKEv2 (CVL) | A5062 | Diffie-Hellman Shared Secret Length - Diffie-Hellman Shared Secret Length: 224-4096 Increment 8 Derived Keying Material Length - Derived Keying Material Length: 160-4096 Increment 8 Hash Algorithm - SHA2-256, SHA2-384, SHA2-512 | SP 800-135 Rev. 1 |
July 8, 2025 Table 6: Approved Algorithms - Ribbon Cryptographic Library Ribbon SRTP KDF Library (IPP) Table 7: Approved Algorithms - Ribbon SRTP KDF Library (IPP) Ribbon IKE KDF Library Table 8: Approved Algorithms Properties SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Name | CAVP Cert | Properties | Reference |
|---|---|---|---|
| KDF IKEv1 (CVL) | A5062 | Authentication Method - Digital Signature, Pre-shared Key, Public Key Encryption Diffie-Hellman Shared Secret Length - Diffie-Hellman Shared Secret Length: 2048 Hash Algorithm - SHA-1, SHA2-256, SHA2-384, SHA2-512 Preshared Key Length - Preshared Key Length: 64-512 Increment 8 | SP 800-135 Rev. 1 |
| KDF IKEv2 (CVL) | A5062 | Diffie-Hellman Shared Secret Length - Diffie-Hellman Shared Secret Length: 224-4096 Increment 8 Derived Keying Material Length - Derived Keying Material Length: 160-4096 Increment 8 Hash Algorithm - SHA2-256, SHA2-384, SHA2-512 | SP 800-135 Rev. 1 |
| KDF SSH (CVL) | A5064 | Cipher - AES-128 Hash Algorithm - SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512 | SP 800-135 Rev. 1 |
| KDF TLS (CVL) | A5065 | TLS Version - v1.2 Hash Algorithm - SHA2-256, SHA2-384, SHA2-512 | SP 800-135 Rev. 1 |
| SHA3-256 | A4087 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 202 |
| Name | Properties | Implementation | |
|---|---|---|---|
| CKG | CKG:Symmetric | Ribbon Cryptographic Library | Per SP 800-133 Rev. 2, section 4. |
July 8, 2025 Table 9: Approved Algorithms - Ribbon IKE KDF Library Table 10: Approved Algorithms - Ribbon IKE KDF Library Table 11: Approved Algorithms - Ribbon SSH KDF Library Table 12: Approved Algorithms - Ribbon TLS KDF Library Table 13: Approved Algorithms - Ribbon Entropy Library
The vendor affirms the following cryptographic security methods in the table below: Table 14: Vendor-Affirmed Algorithms
The table below lists the non-Approved algorithms implemented by the module that are allowed for use in the Approved mode of operation. N/A for this module. SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Name | Description | Approved Functions | Type |
|---|---|---|---|
| DRBG for Random Password Generation | DRBG for generating random passwords. | Counter DRBG: (A5061) | DRBG |
| SHA for Password Storage | SHA2-512 for hashing stored password values. | SHA2-512: (A5061) | SHA |
| RSA SigVer for Certificate Loading | RSA digital signature verification, used for certificate loading. | SHA2-224: (A5061) SHA2-256: (A5061) SHA2-384: (A5061) SHA2-512: (A5061) RSA SigVer (FIPS186-5): (A5061) RSA SigVer (FIPS186-4): (A5061) | DigSig-SigVer |
| CKG for CDB Key Generation | CKG for the Config Database (CDB) Key, which is used for the encryption/decryption of RSA or ECDSA private keys and pre-shared secrets for RADIUS. | Counter DRBG: (A5061) | CKG |
| IPsec IKE | Key Agreement for IKE. Key exchange is performed using ECDH or DH. Public/private keys generation is performed using RSA. | AES-CBC: (A5061) AES-CTR: (A5061) AES-GCM: (A5061) DSA KeyGen (FIPS186- 4): (A5061) HMAC-SHA-1: (A5061) HMAC-SHA2-224: (A5061) HMAC-SHA2-384: (A5061) HMAC-SHA2-512: (A5061) KAS-ECC CDH- Component SP800- 56Ar3: (A5061) KAS-ECC-SSC Sp800- 56Ar3: (A5061) KAS-FFC-SSC Sp800- 56Ar3: (A5061) KDF IKEv1: (A5062) KDF IKEv2: (A5062) SHA-1: (A5061) SHA2-224: (A5061) SHA2-256: (A5061) SHA2-384: (A5061) SHA2-512: (A5061) Counter DRBG: (A5061) HMAC-SHA2-256: (A5061) ECDSA KeyGen (FIPS186-5): (A5061) ECDSA KeyVer (FIPS186- 5): (A5061) RSA KeyGen (FIPS186- 5): (A5061) RSA SigGen (FIPS186-5): (A5061) RSA SigVer (FIPS186-5): (A5061) ECDSA SigGen (FIPS186- 5): (A5061) ECDSA SigVer (FIPS186- 5): (A5061) ECDSA KeyGen (FIPS186-4): (A5061) ECDSA KeyVer (FIPS186- 4): (A5061) ECDSA SigGen (FIPS186- 4): (A5061) ECDSA SigVer (FIPS186- 4): (A5061) RSA KeyGen (FIPS186- 4): (A5061) RSA SigGen (FIPS186-4): (A5061) RSA SigVer (FIPS186-4): (A5061) | KAS-Full |
| SRTP | Key Agreement for SRTP. Key exchange is performed using ECDH or DH. Public/private keys generation is performed using ECDSA or RSA. | AES-CBC: (A5063) AES-CTR: (A5063) AES-ECB: (A5063) Counter DRBG: (A5061) DSA KeyGen (FIPS186- 4): (A5061) HMAC-SHA-1: (A5063) KAS-ECC-SSC Sp800- 56Ar3: (A5061) KAS-FFC-SSC Sp800- 56Ar3: (A5061) KAS-ECC CDH- Component SP800- 56Ar3: (A5061) RSA KeyGen (FIPS186- 5): (A5061) RSA SigGen (FIPS186-5): (A5061) RSA SigVer (FIPS186-5): (A5061) ECDSA KeyGen (FIPS186-5): (A5061) ECDSA KeyVer (FIPS186- 5): (A5061) ECDSA SigGen (FIPS186- 5): (A5061) ECDSA SigVer (FIPS186- 5): (A5061) KDF SRTP: (A5063) SHA-1: (A5063) ECDSA KeyGen (FIPS186-4): (A5061) ECDSA KeyVer (FIPS186- 4): (A5061) ECDSA SigGen (FIPS186- 4): (A5061) ECDSA SigVer (FIPS186- 4): (A5061) RSA KeyGen (FIPS186- 4): (A5061) RSA SigGen (FIPS186-4): (A5061) RSA SigVer (FIPS186-4): (A5061) | KAS-Full |
| AES for SNMPv3 | AES-CFB for SNMPv3 packet encryption/decryption. | AES-CFB1: (A5061) AES-CFB8: (A5061) AES-CFB128: (A5061) | BC-UnAuth |
| HMAC for SNMPv3 | HMAC for SNMPv3 packet authentication. | HMAC-SHA-1: (A5061) SHA-1: (A5061) | MAC |
| SSH | Key Agreement for SSH. Key exchange is performed using ECDH or DH. Public/private keys generation is performed using ECDSA or RSA. | AES-CBC: (A5061) AES-CTR: (A5061) AES-GCM: (A5061) Counter DRBG: (A5061) DSA KeyGen (FIPS186- 4): (A5061) HMAC-SHA-1: (A5061) KAS-ECC CDH- Component SP800- 56Ar3: (A5061) KAS-ECC-SSC Sp800- 56Ar3: (A5061) KAS-FFC-SSC Sp800- 56Ar3: (A5061) KDF SSH: (A5064) SHA-1: (A5061) ECDSA KeyGen (FIPS186-5): (A5061) ECDSA KeyVer (FIPS186- 5): (A5061) ECDSA SigGen (FIPS186- 5): (A5061) ECDSA SigVer (FIPS186- 5): (A5061) RSA KeyGen (FIPS186- 5): (A5061) RSA SigGen (FIPS186-5): (A5061) RSA SigVer (FIPS186-5): (A5061) ECDSA KeyGen (FIPS186-4): (A5061) ECDSA KeyVer (FIPS186- 4): (A5061) ECDSA SigGen (FIPS186- 4): (A5061) ECDSA SigVer (FIPS186- 4): (A5061) RSA KeyGen (FIPS186- 4): (A5061) RSA SigGen (FIPS186-4): (A5061) RSA SigVer (FIPS186-4): (A5061) | KAS-Full |
| TLS v1.2 | Key Agreement for TLS v1.2. Key exchange is performed using ECDH or DH. Public/private keys generation is performed using ECDSA or RSA. | AES-CBC: (A5061) AES-GCM: (A5061) Counter DRBG: (A5061) DSA KeyGen (FIPS186- 4): (A5061) HMAC-SHA2-256: (A5061) HMAC-SHA2-384: (A5061) KAS-ECC CDH- Component SP800- 56Ar3: (A5061) KAS-ECC-SSC Sp800- 56Ar3: (A5061) KAS-FFC-SSC Sp800- 56Ar3: (A5061) KDF TLS: (A5065) KTS-IFC: (A5061) TLS v1.2 KDF RFC7627: (A5065) ECDSA KeyGen (FIPS186-5): (A5061) ECDSA KeyVer (FIPS186- 5): (A5061) ECDSA SigGen (FIPS186- 5): (A5061) ECDSA SigVer (FIPS186- 5): (A5061) RSA KeyGen (FIPS186- 5): (A5061) RSA SigGen (FIPS186-5): (A5061) RSA SigVer (FIPS186-5): (A5061) ECDSA KeyGen (FIPS186-4): (A5061) ECDSA KeyVer (FIPS186- 4): (A5061) ECDSA SigGen (FIPS186- 4): (A5061) ECDSA SigVer (FIPS186- 4): (A5061) RSA KeyGen (FIPS186- 4): (A5061) RSA SigGen (FIPS186-4): (A5061) RSA SigVer (FIPS186-4): (A5061) | KAS-Full |
| DRBG (Random bits) | Get random bits from the DBRG. | Counter DRBG: (A5061) | DRBG |
| PBKDF | PBKDF for decrypting certificates | PBKDF: (A5061) | PBKDF |
| ECDSA or RSA SigVer for Public Key Certificate Authentication | ECDSA or RSA signature verification for public key certificate authentication. | ECDSA SigVer (FIPS186- 4): (A5061) ECDSA SigVer (FIPS186- 5): (A5061) RSA SigVer (FIPS186-5): (A5061) SHA-1: (A5061) SHA2-224: (A5061) SHA2-256: (A5061) SHA2-384: (A5061) Counter DRBG: (A5061) RSA SigVer (FIPS186-4): (A5061) | DigSig-SigVer |
| Entropy Source Conditioner | SHA3-256 entropy source conditioner | SHA3-256: (A4087) | ENT-Cond |
The module does not offer any non-Approved algorithms allowed in the Approved mode of operation with no security claimed. N/A for this module.
The module does not offer non-Approved algorithms not allowed in the Approved mode of operation. N/A for this module. 2.6 Security Function Implementations The table below lists the security function implementations for this module. SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 2.7 Table 15: Security Function Implementations Algorithm Specific Information The following is algorithm-specific information related to the module:
8.2.1 of NIST SP 800-38D. In compliance with RFC 7714, the 96-bit IV is formed by first
concatenating 16 bits of zeroes, the 32-bit Synchronization Source identifier, the 32-bit rollover counter, and the 16-octet sequence number. As described in scenario 3 of FIPS 140-3 IG C.H and, the (key, IV) collision probability does not exceed 2-32 for a given key distributed to one or more cryptographic modules. In the event that the module’s power is lost and then restored, the CO shall establish a new key for use with AES-GCM encryption/decryption.
SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Name | Type | Strength | Operational Environment | Conditioning Component | |
|---|---|---|---|---|---|
| Ribbon Entropy Library | Non- Physical | 64 | Ribbon ConnexIP OS 10 on VMware ESXi 6.5 running on Intel Xeon CPU E5 v3 (Haswell) | Full entropy | SHA3-256 (A4087) |
| Cert | Vendor Name | |
|---|---|---|
| Number | ||
| E101 | Ribbon Communications |
July 8, 2025 The length of the password/passphrase used in the PBKDF shall be at least 20 characters, and shall consist of lowercase, uppercase, and numeric characters. The upper bound for the probability of guessing the value is estimated to be 1/6220 = 10-36, which is less than 2-112. As specified in NIST SP 800-132, keys derived from passwords/passphrases may only be used in storage applications.
The following is a list of key agreement methods that the module implements:
Key transport information does not apply to the module. 2.11 Industry Protocols The module employs the following industry protocols:
| Name | Physical Port | Logical Interface | Data That Passes |
|---|---|---|---|
| N/A | N/A | Data Input | Encrypted management traffic over TLS (GUI) and SSH (CLI); user data over SSH; encrypted media and signaling traffic over TLS (GUI); redundancy synchronization traffic; operational/system status information |
| N/A | N/A | Data Output | Encrypted management traffic over TLS (GUI) and SSH (CLI); encrypted media and signaling traffic over TLS (GUI); redundancy synchronization traffic; operational/system status information |
| N/A | N/A | Control Input | Encrypted management traffic over TLS (GUI) and SSH (CLI); user data over SSH; encrypted media and signaling traffic over TLS (GUI); redundancy synchronization traffic; operational/system status information |
| N/A | N/A | Status Output | Encrypted management traffic over TLS (GUI) and SSH (CLI); encrypted media and signaling traffic over TLS (GUI); redundancy synchronization traffic; operational/system status information |
| N/A | N/A | Power | Power |
July 8, 2025 3. Cryptographic Module Interfaces 3.1 Ports and Interfaces The module supports the following logical interfaces:
| Name | Description | Strength | Security Mechanism | Strength per Minute |
|---|---|---|---|---|
| Password | For the first-time module access by the CO, the module ships with a factory-set default username ("admin") and password ("admin") for the EMA and the CLI. User accounts are assigned randomly generated passwords upon account activation. Following first-time login using default/assigned credentials, module operators are prompted to set new passwords. | 1:16,889,161,502,720 | Username/Password | 6:16,889,161,502,720 |
| Public Key Certificate | The module supports RSA and ECDSA digital certificate authentication of users during Web GUI/HTTPS (TLS) access. | 1:5.19 x 10^33 | ECDSA and RSA SigVer | 1:96.92 × 10^23 |
July 8, 2025
| Read-only access to all commands and data spaces except commands that deal with user accounts | |
|---|---|
| logging and audit controls, the TOD clock and sensitive administrative items. They do not have access to | |
| the Security Event logs and management audit logs. |
| Read-write access to all commands and data spaces except commands that deal with user | |
|---|---|
| accounts, logging and audit controls, the TOD clock, and sensitive administrative items. They do not have | |
| access to the Security Event logs and management audit logs and cannot execute any commands stopping | |
| or starting these audit log services. |
| Name | Description | Role Access | Csps Accessed | Approved Functions | Indicator | Type | Input | Output | |
|---|---|---|---|---|---|---|---|---|---|
| Crypto Officer | CO | Identity | Password Public Key Certificate | ||||||
| User | User | Identity | Password Public Key Certificate | ||||||
| Commission the module | Commission the module by following the Security Policy guidelines | Crypto Officer | None | n/a | n/a | none |
| Name | Description | Role Access | Csps Accessed | Approved Functions | Indicator | Type | Input | Output | |
|---|---|---|---|---|---|---|---|---|---|
| Crypto Officer | CO | Identity | Password Public Key Certificate | ||||||
| User | User | Identity | Password Public Key Certificate | ||||||
| Commission the module | Commission the module by following the Security Policy guidelines | Crypto Officer | None | n/a | n/a | none | |||
| Manage SBC license | Installs the license to enable SBC features; delete or update license; view current license status | Crypto Officer | None | n/a | Command | Status output | |||
| Configure the SBC system | Define network interfaces and settings; set protocols; configure authentication information; define policies and profiles | Crypto Officer | None | n/a | Command and parameter | Command response, status output | |||
| Configure routing policy and control services | Configure IP network parameters and profiles for signaling, media, call routing, call services, zone, IP ACL rules, NTP and DNS servers | Crypto Officer | None | n/a | Command and parameter | Command response, status output | |||
| Configure Crypto Suite Profile | Select crypto suites for SRTP, SRTCP, and SIP communication | Crypto Officer | None | n/a | Command and parameter | Command response, status output | |||
| Configure Call Data Record (CDR) | Configure log file behavior | Crypto Officer | None | n/a | Command and parameter | Command response, status output | |||
| Perform backup and restore services | Back up the current system configuration; restore the system configuration from a backup file; import and export backup files | Crypto Officer - SNMPv3 Privacy Key: R,W - SNMPv3 Authentication Key: R,W | TLS v1.2 | n/a | Command and parameter | Command response, status output | |||
| Manage users | Create, edit, and delete users; define user accounts and assign permissions. | Crypto Officer - User password: R,W - DRBG Entropy Input String: G,E - DRBG Seed: G,E - DRBG 'V' Value: G,E - DRBG 'Key' Value: G,E | DRBG for Random Password Generation SHA for Password Storage DRBG (Random bits) Entropy Source Conditioner | n/a | Command and parameter | Command response, status output | |||
| Manage user sessions | Terminate User sessions | Crypto Officer - SSH Session Key: Z - TLS Session Key: Z | SSH TLS v1.2 | n/a | Command and parameter | Command response, status output | |||
| Change password | Modify existing login passwords | Crypto Officer - Crypto Officer password: W User - User password: W | SHA for Password Storage | n/a | Command and parameter | Command response, status output | |||
| Load certificate | Load new certificates | Crypto Officer - Certificate Load Key: W - TLS Private Key: W - TLS Public Key: W - CA Public Key: W | RSA SigVer for Certificate Loading PBKDF | Global FIPS status indicator | Command | Command response, status output | |||
| Run script | Run a script file (a text file containing a list of CLI commands to execute in sequence) | Crypto Officer | None | Global FIPS status indicator | Command | Command response, status output | |||
| Perform on- demand self- tests | Perform self-tests on- demand using CLI/EMA command | Crypto Officer | None | n/a | Command | Command response, status output | |||
| Perform network diagnostics | Monitor connections (e.g., ping) | Crypto Officer User | None | n/a | Command | Command response, status output | |||
| Show system status | Show the system status (including Approved mode status) | Crypto Officer User | None | n/a | Command | Command response, status output | |||
| Show system versioning | Show operational status information about module components (including hardware type and application version) | Crypto Officer User | None | n/a | Command | Command response, status output | |||
| View Event Log | View event status messages | Crypto Officer | None | n/a | Command | Command response, status output | |||
| Zeroize keys | Zeroize all SSPs (using CLI/EMA command to zeroize) | Crypto Officer - Config Database (CBD) Key: Z User - Config Database (CBD) Key: Z | None | Completion indicator (message/log) | Command | Command response, status output | |||
| Perform keying of CDB Key | Generate CDB key | Crypto Officer - Config Database (CBD) Key: G | CKG for CDB Key Generation | Global FIPS status indicator | Command and parameters | Command response, status output | |||
| Reboot/Reset | Reboot or reset the module | Crypto Officer - Config Database (CBD) Key: Z | None | Global FIPS status indicator | Command | Command response, status output |
July 8, 2025 n/a n/a n/a n/a n/a n/a n/a n/a n/a R,W G,E Z Z W SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 n/a n/a n/a n/a W W n/a Perform ondemand selftests SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Establish IPsec connection | Establish an IPsec session using IKE | Global FIPS status indicator | Command and parameters | Command response, status output | IPsec IKE | Crypto Officer - ECDH Private Key: G,E - ECDH Public Key: G,E - ECDH Peer Public Key: W,E - DH Private Key: G,E - DH Public Key: G,E - DH Peer Public Key: W,E - IKE RSA Private Key: G,E - IKE RSA Public Key: G,R - IKE Shared Secret: W,E - IKE SKEYID: G,E - IKE Pre-shared Secret: G,E - IKE Encryption Key: G,E - IKE Authentication Key: G,E - IPsec Shared Secret: G,E - IPsec Encryption Key: G,E - IPsec Authentication Key: G,E - AES GCM IV: G,E - IKE Key Derivation Key: G,E User - ECDH Private Key: G,E - ECDH Public Key: G,E - ECDH Peer Public Key: W,E - DH Private Key: G,E - DH Public Key: G,E - DH Peer Public Key: W,E - IKE RSA Private Key: G,E - IKE RSA Public Key: G,R - IKE Shared Secret: W,E - IKE SKEYID: G,E - IKE Pre-shared |
|---|
July 8, 2025 G,E G,E G,E G,E G,E SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Establish SRTP connection | Establish a SRTP session using SIP/TLS protocols | Crypto Officer - SRTP Master Key: W,E - SRTP Authentication Key: G - SRTP Session Key: G - AES GCM IV: G,E User - SRTP Master Key: W,E - SRTP Authentication Key: G - SRTP Session Key: G - AES GCM IV: G,E | SRTP | Global FIPS status indicator | Command and parameters | Command response, status output |
| Manage SNMPv3 services | Manage keys, trap targets, users, and traps for SNMPv3 | Crypto Officer - SNMPv3 Privacy Key: W - SNMPv3 Authentication Key: W User - SNMPv3 Privacy Key: W - SNMPv3 Authentication Key: W | None | Global FIPS status indicator | Command and parameters | Status output |
| Perform SNMPv3 services | Perform SNMPv3 services | Crypto Officer - SNMPv3 Privacy Key: E - SNMPv3 Authentication Key: W User - SNMPv3 Privacy Key: E - SNMPv3 Authentication Key: W | AES for SNMPv3 HMAC for SNMPv3 | Global FIPS status indicator | Command and parameters | Status output |
| Establish SSH connection | Establish SSH connection | Crypto Officer - ECDH Private Key: G,E - ECDH Public Key: G,R - ECDH Peer Public Key: W,E - DH Private Key: G,E - DH Public Key: G,R - DH Peer Public Key: W,E - SSH Private Key: G,W,E - SSH Public Key: G,R - SSH Peer Public Key: W,E - SSH Session Key: G - SSH Authentication Key: G - SSH Shared Secret: G,E - AES GCM IV: G,E User - ECDH Private Key: G,E - ECDH Public Key: G,R - ECDH Peer Public Key: W,E - DH Private Key: G,E - DH Public Key: G,R - DH Peer Public Key: W,E - SSH Private Key: G,W,E - SSH Public Key: G,R - SSH Peer Public Key: W,E - SSH Session Key: G - SSH Authentication Key: G - SSH Shared Secret: G,E - AES GCM IV: G,E | SSH | Global FIPS status indicator | Command and parameters | Command response, status output |
July 8, 2025 G,E SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 G,E G,R G,W,E G,R G G,E G,R G,W,E G,R G SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Perform SFTP functions | Perform FTP functions over SSH | Global FIPS status indicator | Command and parameters | Command response, status output | SSH | Crypto Officer - ECDH Private Key: G,E - ECDH Public Key: G,R - ECDH Peer Public Key: W,E - DH Private Key: G,E - DH Public Key: G,R - DH Peer Public Key: W,E - SSH Private Key: G,W,E - SSH Public Key: G,R - SSH Peer Public Key: W,E - SSH Session Key: G - SSH Authentication Key: G - SSH Shared Secret: G,E - SFTP Private Key: G,E - SFTP Public Key: G,E - SFTP Peer Public Key: G,E - AES GCM IV: G,E User - ECDH Private Key: G,E - ECDH Public Key: G,R - ECDH Peer Public Key: W,E - DH Private Key: G,E - DH Public Key: G,R - DH Peer Public Key: W,E - SSH Private Key: G,W,E - SSH Public Key: G,R - SSH Peer Public Key: W,E - SSH Session Key: G,E - SSH Authentication Key: G,E - SSH Shared Secret: G,E |
|---|
July 8, 2025 G,E G,R G,W,E G,R G G,E G,E G,R G,W,E G,R G,E SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 G,E SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Establish TLS connection | Establish TLS connection | Global FIPS status indicator | Command and parameters | Command response, status output | TLS v1.2 | Crypto Officer - ECDH Private Key: G,E - ECDH Public Key: G,R - ECDH Peer Public Key: W,E - DH Private Key: G,E - DH Public Key: G,R - DH Peer Public Key: W,E - TLS Private Key: G,W,E - TLS Public Key: G,R,W - TLS Peer Public Key: W,E - TLS Session Key: G - TLS Authentication Key: G - TLS Pre-Master Secret: G,E - TLS Master Secret: G,E - AES GCM IV: G,E User - ECDH Private Key: G,E - ECDH Public Key: G,R - ECDH Peer Public Key: W,E - DH Private Key: G,E - DH Public Key: G,R - DH Peer Public Key: W,E - TLS Private Key: G,W,E - TLS Public Key: G,R,W - TLS Peer Public Key: W,E - TLS Session Key: G - TLS Authentication Key: G - TLS Pre-Master Secret: G,E - TLS Master Secret: G,E - AES GCM IV: G,E |
|---|
July 8, 2025 G,E G,R G,W,E G,R,W G G,E G,R G,W,E G,R,W G SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Logout | Logout of active session | Crypto Officer User | None | n/a | Command | Command response, status output |
| Perform manual zeroization | Zeroize ephemeral SSPs via power-cycle or reboot of host device | Crypto Officer | None | n/a | Command | Command response, status output |
| Perform manual on- demand self- tests | Perform pre- operational self-tests on demand via power- cycle or reboot of host device | Crypto Officer | None | n/a | Command | Command response, status output |
| Authenticate via password | Authenticate to the module by password | Crypto Officer - Crypto Officer password: W - RADIUS Shared Secret: W,E User - User password: W - RADIUS Shared Secret: W,E | SHA for Password Storage | n/a | Command and parameters | Command response, status output |
| Upgrade firmware | Load new firmware and performs an integrity test using an RSA digital signature | Crypto Officer - Image Verify Key: E | RSA SigVer for Certificate Loading | Global FIPS status indicator | Command, firmware image | Command response, status output |
| Authenticate via public key certificate | Authenticate to the module by ECDSA or RSA signature verification | Unauthenticated | ECDSA or RSA SigVer for Public Key Certificate Authentication | n/a | Command | Command response, service access. |
July 8, 2025 n/a n/a manual ondemand selftests n/a n/a n/a 4.4 W Table 21: Approved Services Non-Approved Services The module does not provide any non-Approved services in the non-Approved mode of operation. 4.5 External Software/Firmware Loaded The cryptographic module has the capability of loading software from an external source. All loads comprise a complete image replacement that replaces the existing module image in its entirety, thus forming a completely public key is loaded in write-protected flash at the factory). If the check fails, the new software is ignored and the current software remains loaded. If successful, the module will force an automatic reboot and will perform the required pre-operational integrity test using HMAC SHA digests. Per FIPS 140-3 IG 10.3.F, the integrity test inherently meets the firmware load test requirement when the load constitutes a full image replacement. SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 Only validated software may be loaded to maintain the module’s validation. The new image shall include updated versioning information to represent the newly loaded image. Prior to any execution of the new image, module operators shall zeroize all persistent keys using one of the methods described in section 9.3. All ephemeral keys are zeroized on module reboot. SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
5. Software/Firmware Security 5.1 Integrity Techniques July 8, 2025 At module start-up, all software components of the cryptographic module are verified using an approved integrity technique implemented within the cryptographic module itself. The module employs a series of HMAC SHA2-256 digests; unsuccessful verification of any of the digest values will cause the module to enter a critical error state. 5.2 Initiate on Demand The CO can initiate the pre-operational integrity tests on demand by issuing a reset/reboot command over the module’s management interfaces. Also, the module can be made to perform pre-operational self-tests by rebooting or power-cycling the module’s VM manually (when using this method, the operator is not required to assume an authorized role). SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
6. Operational Environment 6.1 Operational Environment Type and Requirements July 8, 2025 The SBC SWe Session Border Controller comprises a software cryptographic library that executes in a Modifiable operational environment. The module was tested and found to be compliant with FIPS 140-3 requirements on a Dell EMC PowerEdge r740 server with an Intel Xeon processor running Ribbon’s ConnexIP OS as the guest OS in a VM managed by a VMware ESXi 7.0 hypervisor. The cryptographic module has control over its own SSPs. The process and memory management functionality of the guest OS and the hypervisor prevents unauthorized access to plaintext private and secret keys, intermediate key generation values and other SSPs by external processes during module execution. The module only allows access to SSPs through its well-defined interfaces. The operational environment provides the capability to separate individual application processes from each other by preventing uncontrolled access to CSPs and uncontrolled modifications of SSPs regardless of whether this data is in the process memory or stored on persistent storage within the operational environment. Processes that are spawned by the module are owned by the module and are not owned by external processes or operators. SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
7. July 8, 2025 Physical Security The SBC SWe is a multi-chip standalone software cryptographic module and does not include physical security mechanisms. Therefore, per ISO/IEC 19790:2012 section 7.7.1, the requirements for physical security are not applicable. SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
8. July 8, 2025 Non-Invasive Security This section is not applicable. There are currently no approved non-invasive mitigation techniques references in Annex F of ISO/IEC 19790:2012. SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Name | Type | Description |
|---|---|---|
| Flash Memory | Static | Persistent storage of SSPs on flash memory |
| RAM | Dynamic | Dynamic storage of SSPs on RAM |
| Spinning Media | Static | Persistent storage of SSPs on spinning media |
| SSD | Static | Persistent storage of SSPs on SSD |
| CDB on SSD | Static | Persistent storage of SSPs in CDB on SSD |
| Name | Approved Functions | Type | From | To | ||
|---|---|---|---|---|---|---|
| External to RAM via DER file format | Plaintext | External | RAM | Manual | Electronic | |
| RAM to External via Encrypted Form | TLS v1.2 | Encrypted | RAM | External | Automated | Electronic |
| External to RAM via Plaintext Certificate | RSA SigVer for Certificate Loading | Plaintext | External | RAM | Automated | Electronic |
| RAM to External via Plaintext | TLS v1.2 | Plaintext | RAM | External | Automated | Electronic |
| External to CDB on SSD via CLI (SSH) | SSH | Encrypted | External | CDB on SSD | Manual | Electronic |
| External to CDB on SSD via EMA (TLS) | TLS v1.2 | Encrypted | External | CDB on SSD | Manual | Electronic |
| RAM to External via Plaintext Certificate | TLS v1.2 | Plaintext | RAM | External | Automated | Electronic |
| Backup to External via TLS | TLS v1.2 | Encrypted | CDB on SSD | External | Automated | Electronic |
July 8, 2025 9. Sensitive Security Parameters Management 9.1 Storage Areas The table below lists sensitive security parameters (SSPs) storage areas for this module. Section 9.4 selects from the storage areas listed and specifies the appropriate parameter in the “Storage” column if applicable to a specific SSP. 9.2 Table 22: Storage Areas SSP Input-Output Methods The table below lists SSP input and output methods for this module. Section 9.4 selects from the input and output methods listed and specifies the appropriate parameter in the “Inputs/Outputs” column if applicable to a specific SSP. Table 23: SSP Input-Output Methods SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Name | Type | Description | Strength | Generation | Use | |
|---|---|---|---|---|---|---|
| Config Database (CBD) Key | Symmetric Key - CSP | Encryption of RSA and ECDSA private keys and pre- shared secrets for RADIUS in CDB | 192 - 192 | DRBG (Random bits) | CKG for CDB Key Generation | |
| CA Public Key | Public Key - PSP | Verification of Certificate Authority signatures | 2048 - 112 bits | RSA SigVer for Certificate Loading | ||
| ECDH Private Key | Private Key - CSP | Input to ECDH shared secret computation | Between 224 and 512 bits - Between 112 and 256 bits | IPsec IKE SRTP SSH TLS v1.2 | IPsec IKE SRTP SSH TLS v1.2 | |
| ECDH Public Key | Public Key - PSP | Used by peer for ECDH shared secret computation | Between 224 and 512 bits - Between 112 and 256 bits | IPsec IKE SRTP SSH TLS v1.2 | IPsec IKE SRTP SSH TLS v1.2 | |
| ECDH Peer Public Key | Public Key - PSP | Input to ECDH shared secret computation | Between 224 and 512 bits - Between 112 and 256 bits | IPsec IKE SRTP SSH TLS v1.2 | IPsec IKE SRTP SSH TLS v1.2 | |
| DH Private Key | Private Key - CSP | Input to DH shared secret computation | 2048 or 3072 bits - 112 or 128 bits | IPsec IKE SRTP SSH TLS v1.2 | IPsec IKE SRTP SSH TLS v1.2 | |
| DH Public Key | Public Key - PSP | Used by peer for DH shared secret computation | 2048 or 3072 bits - 112 or 128 bits | IPsec IKE SRTP SSH TLS v1.2 | IPsec IKE SRTP SSH TLS v1.2 | |
| DH Peer Public Key | Public Key - PSP | Input to DH shared secret computation | 2048 or 3072 bits - 112 or 128 bits | IPsec IKE SRTP SSH TLS v1.2 | IPsec IKE SRTP SSH TLS v1.2 | |
| IKE RSA Private Key | Private Key - CSP | The key used in IKE authentication | 2048 - 112 bits | IPsec IKE | IPsec IKE | |
| IKE RSA Public Key | Public Key - PSP | The key used in IKE authentication | 2048 - 112 bits | IPsec IKE | IPsec IKE | |
| IKE Pre-shared Secret | Shared Secret - CSP | Used in the computation of the SKEYID during IKEv1 Phase 1 | n/a - n/a | IPsec IKE | ||
| IKE SKEYID | Keying material - CSP | Used as input to IKEv1 KDF to derive IPsec Encryption Key and IPsec Authentication Key | 112 minimum - 112 minimum | IPsec IKE | IPsec IKE | |
| IKE Shared Secret | Shared Secret - CSP | Used as input to IKEv1 KDF to derive IPsec Encryption Key and IPsec Authentication Key | n/a - n/a | IPsec IKE | IPsec IKE | |
| IKE Encryption Key | Secret Key - CSP | Used during IKE Phase 2 to encrypt and decrypt its messages | 128, 192, 256 - Between 128 and 256 bits | KDF IKEv1 (A5062) | IPsec IKE | |
| IKE Authentication Key | Symmetric Key - CSP | Used during IKE Phase 2 to authenticate its messages | 160 bits - 112 minimum | KDF IKEv1 (A5062) | IPsec IKE | |
| IKE Key Derivation Key | Derivation Key - CSP | Used by IKE KDFs for derivation of IPsec Encryption Key and IPsec Authentication Key | 128, 192, 256 - Between 128 and 256 bits | KDF IKEv1 (A5062) | IPsec IKE | |
| IPsec Shared Secret | Shared Secret - CSP | Used by IKE KDFs for derivation of IPsec Encryption Key and IPsec Authentication Key | n/a - n/a | IPsec IKE | IPsec IKE | |
| IPsec Encryption Key | Secret Key - CSP | Used during IPsec for traffic protection | 128, 192, 256 - Between 128 and 256 bits | KDF IKEv1 (A5062) KDF IKEv2 (A5062) | IPsec IKE | |
| IPsec Authentication Key | Secret Key - CSP | Used during IPsec for payload traffic verification | 160 bits - 112 minimum | KDF IKEv1 (A5062) KDF IKEv2 (A5062) | IPsec IKE | |
| SSH Private Key | Private Key - CSP | Authentication during SSH session negotiation | Between 112 and 256 bits - Between 112 and 256 bits | SSH | SSH | |
| SSH Public Key | Public Key - PSP | Authentication by peer during SSH session negotiation | Between 112 and 256 bits - Between 112 and 256 bits | SSH | SSH | |
| SSH Peer Public Key | Public Key - PSP | Authentication during SSH session negotiation 1024-bit key is used for signature verification only | Between 112 and 256 bits - Between 112 and 256 bits | SSH | ||
| SSH Session Key | Secret Key - CSP | Encryption and decryption of SSH session packets | 128 or 256 bits - 128 or 256 bits | SSH | SSH | |
| SSH Authentication Key | Secret Key - CSP | Authentication of SSH session packets | 160 bits - 112 minimum | SSH | SSH | |
| TLS Private Key | Private Key - CSP | RSA/ECDSA certificate-based authentication during TLS key negotiation | Between 112 and 256 bits - Between 112 and 256 bits | TLS v1.2 | TLS v1.2 | |
| TLS Public Key | Public Key - PSP | RSA/ECDSA certificate-based authentication during TLS key negotiation | Between 112 and 256 bits - Between 112 and 256 bits | TLS v1.2 | TLS v1.2 | |
| TLS Peer Public Key | Public Key - PSP | RSA/ECDSA certificate-based authentication during TLS key negotiation | Between 112 and 256 bits - Between 112 and 256 bits | TLS v1.2 | TLS v1.2 | |
| TLS Session Key | Secret Key - CSP | Encryption and decryption of TLS session packets | 128 or 256 bits - Between 128 or 256 bits | TLS v1.2 | TLS v1.2 | |
| TLS Authentication Key | Secret Key - CSP | Authentication of TLS session packets | 160 bits (minimum) - 112 minimum | TLS v1.2 | TLS v1.2 | |
| SRTP Session Key | Secret Key - CSP | Encryption or decryption of SRTP session packets | 128 or 256 bits - Between 128 or 256 bits | SRTP | SRTP | |
| SRTP Authentication Key | Secret Key - CSP | Authentication of SRTP session packets | 160 bits - 112 minimum | SRTP | SRTP | |
| SFTP Private Key | Private Key - CSP | Used for SFTP key negotiation | 2048 - 112 bits | SSH | SSH | |
| SFTP Public Key | Public Key - PSP | Used for SFTP key negotiation | 1024 or 2048 bits - 112 bits | SSH | SSH | |
| SFTP Peer Public Key | Public Key - PSP | Used for SFTP key negotiation | 1024 or 2048 bits - 80 or 112 bits | SSH | SSH | |
| SNMPv3 Privacy Key | Secret Key - CSP | Encrypting SNMPv3 packets | 128 bits - 128 bits | |||
| SNMPv3 Authentication Key | Secret Key - CSP | SNMPv3 Authentication Key | 160 bits (minimum) - 112 minimum | |||
| Certificate Load Key | Secret Key - CSP | Decrypting PKCS #12 certificate files when imported from an external workstation | 128 or 256 bits - Between 128 or 256 bits | RSA SigVer for Certificate Loading | PBKDF | |
| SRTP Master Key | Secret Key - CSP | Peer Authentication; Input to SRTP KDF for derivation of the SRTP Session Key and SRTP Authentication Key | n/a - n/a | |||
| SSH Shared Secret | Shared Secret - CSP | Input to SSH KDF for derivation of the SSH Session Key and SSH Authentication Key | n/a - n/a | SSH | SSH | |
| TLS Pre-Master Secret | Pre-Master Secret - CSP | Input to TLS KDF for derivation of the TLS Master Secret | n/a - n/a | DRBG (Random bits) | TLS v1.2 | TLS v1.2 |
| TLS Master Secret | Master Secret - CSP | Used by TLS KDF for derivation of the TLS Session Key and TLS Authentication Key | n/a - n/a | TLS v1.2 | TLS v1.2 |
| Zeroization Method | Description | Rationale | Operator |
|---|---|---|---|
| Initiation | |||
| Command via CLI or EMA | Zeroization upon command via CLI or EMA | Zeroize all SSPs (using CLI/EMA command to zeroize) | CLI or EMA |
| Reboot | Zeroization upon rebooting the module | Reboot to zeroize RAM | Reboot |
| Session Termination | Upon Session Termination | Upon Session Termination to zeroize session based SSPs | Terminate session |
9.3 July 8, 2025 SSP Zeroization Methods The table below lists SSP zeroization methods for this module. Section 9.4 selects from the zeroization methods listed and specifies the appropriate parameter in the “Zeroization” column if applicable to a specific SSP. Table 24: SSP Zeroization Methods 9.4 The module supports the keys and other SSPs listed in the tables below. Note that all SSP imports and exports are electronic and performed within the TOEPP. SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
n/a - n/a July 8, 2025 n/a - n/a n/a - n/a SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 n/a - n/a n/a - n/a n/a - n/a n/a - n/a SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Name | Type | Description | Strength | Establishment | Storage | Zeroization | Use | Input | Storage Duration | |
|---|---|---|---|---|---|---|---|---|---|---|
| RADIUS Shared Secret | Shared Secret - CSP | Peer authentication of RADIUS messages | n/a - n/a | |||||||
| DRBG Entropy Input String | Entropy Input - CSP | Establishment of seed for CTR_DRBG | 128 - 128 | DRBG (Random bits) | ||||||
| DRBG Seed | Seed - CSP | Generation of random number | 256 - 256 | DRBG (Random bits) | ||||||
| DRBG 'V' Value | Working state value - CSP | State value for CTR_DRBG | 128 - 128 | DRBG (Random bits) | ||||||
| DRBG 'Key' Value | Working state value - CSP | State value for CTR_DRBG | 128 - 128 | |||||||
| Crypto Officer password | Password - CSP | Authenticating the Crypto Officer to the module | n/a - n/a | |||||||
| User password | Password - CSP | Authenticating the User to the module | n/a - n/a | |||||||
| AES GCM IV | Initialization Vector - CSP | Initialization vector for the AES GCM key | 96 bits - 112 bits | IPsec IKE SRTP SSH TLS v1.2 | IPsec IKE SRTP SSH TLS v1.2 | |||||
| Image Verify Key | Public Key - Neither | Verifying the RSA signature of the digest of a new image load package | 2048 bits - 112 bits | RSA SigVer for Certificate Loading | ||||||
| Config Database (CBD) Key | SSD:Plaintext | Command via CLI or EMA | ||||||||
| CA Public Key | RAM:Plaintext | Reboot | External to RAM via DER file format | Until reboot | ||||||
| ECDH Private Key | RAM:Plaintext | Reboot Session Termination | Session | |||||||
| ECDH Public Key | RAM:Plaintext | Reboot Session Termination | RAM to External via Plaintext Certificate | Session | ||||||
| ECDH Peer Public Key | RAM:Plaintext | Reboot Session Termination | External to RAM via Plaintext Certificate | Session | ||||||
| DH Private Key | RAM:Plaintext | Reboot Session Termination | Session | |||||||
| DH Public Key | RAM:Plaintext | Reboot Session Termination | RAM to External via Plaintext | Session | ||||||
| DH Peer Public Key | RAM:Plaintext | Reboot Session Termination | External to RAM via Plaintext Certificate | Session | ||||||
| IKE RSA Private Key | SSD:Encrypted | Command via CLI or EMA | Until zeroized | |||||||
| IKE RSA Public Key | SSD:Encrypted | Command via CLI or EMA | Until zeroized |
| Name | Type | Description | Strength | Establishment | Storage | Zeroization | Use | Input | Storage Duration | |
|---|---|---|---|---|---|---|---|---|---|---|
| RADIUS Shared Secret | Shared Secret - CSP | Peer authentication of RADIUS messages | n/a - n/a | |||||||
| DRBG Entropy Input String | Entropy Input - CSP | Establishment of seed for CTR_DRBG | 128 - 128 | DRBG (Random bits) | ||||||
| DRBG Seed | Seed - CSP | Generation of random number | 256 - 256 | DRBG (Random bits) | ||||||
| DRBG 'V' Value | Working state value - CSP | State value for CTR_DRBG | 128 - 128 | DRBG (Random bits) | ||||||
| DRBG 'Key' Value | Working state value - CSP | State value for CTR_DRBG | 128 - 128 | |||||||
| Crypto Officer password | Password - CSP | Authenticating the Crypto Officer to the module | n/a - n/a | |||||||
| User password | Password - CSP | Authenticating the User to the module | n/a - n/a | |||||||
| AES GCM IV | Initialization Vector - CSP | Initialization vector for the AES GCM key | 96 bits - 112 bits | IPsec IKE SRTP SSH TLS v1.2 | IPsec IKE SRTP SSH TLS v1.2 | |||||
| Image Verify Key | Public Key - Neither | Verifying the RSA signature of the digest of a new image load package | 2048 bits - 112 bits | RSA SigVer for Certificate Loading | ||||||
| Config Database (CBD) Key | SSD:Plaintext | Command via CLI or EMA | ||||||||
| CA Public Key | RAM:Plaintext | Reboot | External to RAM via DER file format | Until reboot | ||||||
| ECDH Private Key | RAM:Plaintext | Reboot Session Termination | Session | |||||||
| ECDH Public Key | RAM:Plaintext | Reboot Session Termination | RAM to External via Plaintext Certificate | Session | ||||||
| ECDH Peer Public Key | RAM:Plaintext | Reboot Session Termination | External to RAM via Plaintext Certificate | Session | ||||||
| DH Private Key | RAM:Plaintext | Reboot Session Termination | Session | |||||||
| DH Public Key | RAM:Plaintext | Reboot Session Termination | RAM to External via Plaintext | Session | ||||||
| DH Peer Public Key | RAM:Plaintext | Reboot Session Termination | External to RAM via Plaintext Certificate | Session | ||||||
| IKE RSA Private Key | SSD:Encrypted | Command via CLI or EMA | Until zeroized | |||||||
| IKE RSA Public Key | SSD:Encrypted | Command via CLI or EMA | Until zeroized | |||||||
| IKE Pre-shared Secret | RAM:Plaintext | Reboot Session Termination | External to CDB on SSD via CLI (SSH) External to CDB on SSD via EMA (TLS) | Until reboot or session termination | ||||||
| IKE SKEYID | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| IKE Shared Secret | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| IKE Encryption Key | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| IKE Authentication Key | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| IKE Key Derivation Key | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| IPsec Shared Secret | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| IPsec Encryption Key | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| IPsec Authentication Key | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| SSH Private Key | SSD:Plaintext | Command via CLI or EMA | ||||||||
| SSH Public Key | SSD:Plaintext | Command via CLI or EMA | ||||||||
| SSH Peer Public Key | RAM:Plaintext | Reboot Session Termination | External to RAM via Plaintext Certificate | Until reboot or session termination | ||||||
| SSH Session Key | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| SSH Authentication Key | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| TLS Private Key | SSD:Encrypted | Command via CLI or EMA | External to RAM via DER file format | |||||||
| TLS Public Key | SSD:Encrypted | Command via CLI or EMA | External to RAM via Plaintext Certificate | |||||||
| TLS Peer Public Key | RAM:Plaintext | Reboot Session Termination | External to RAM via Plaintext Certificate | Until reboot or session termination | ||||||
| TLS Session Key | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| TLS Authentication Key | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| SRTP Session Key | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| SRTP Authentication Key | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| SFTP Private Key | SSD:Encrypted | Command via CLI or EMA | ||||||||
| SFTP Public Key | SSD:Plaintext | Command via CLI or EMA | External to RAM via Plaintext Certificate | |||||||
| SFTP Peer Public Key | RAM:Plaintext | Reboot Session Termination | External to RAM via Plaintext Certificate | Until reboot or session termination | ||||||
| SNMPv3 Privacy Key | SSD:Encrypted | Command via CLI or EMA | External to CDB on SSD via CLI (SSH) External to CDB on SSD via EMA (TLS) Backup to External via TLS | |||||||
| SNMPv3 Authentication Key | SSD:Encrypted | Command via CLI or EMA | External to CDB on SSD via CLI (SSH) External to CDB on SSD via EMA (TLS) Backup to External via TLS | |||||||
| Certificate Load Key | RAM:Plaintext | Reboot | Until reboot | |||||||
| SRTP Master Key | RAM:Plaintext | Reboot Session Termination | RAM to External via Encrypted Form | Until reboot or session termination | ||||||
| SSH Shared Secret | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| TLS Pre-Master Secret | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| TLS Master Secret | RAM:Plaintext | Reboot Session Termination | Until reboot or session termination | |||||||
| RADIUS Shared Secret | SSD:Encrypted | Command via CLI or EMA | External to CDB on SSD via CLI (SSH) External to CDB on SSD via EMA (TLS) | |||||||
| DRBG Entropy Input String | RAM:Plaintext | Reboot | Until reboot | |||||||
| DRBG Seed | RAM:Plaintext | Reboot | Until reboot | |||||||
| DRBG 'V' Value | RAM:Plaintext | Reboot | Until reboot | |||||||
| DRBG 'Key' Value | RAM:Plaintext | Reboot | Until reboot | |||||||
| Crypto Officer password | SSD:Encrypted | Command via CLI or EMA | External to CDB on SSD via CLI (SSH) External to CDB on SSD via EMA (TLS) | |||||||
| User password | SSD:Encrypted | Command via CLI or EMA | External to CDB on SSD via CLI (SSH) External to CDB on SSD via EMA (TLS) | |||||||
| AES GCM IV | RAM:Plaintext | Reboot | Until reboot | |||||||
| Image Verify Key | Flash Memory:Plaintext Spinning Media:Plaintext | N/A | RAM to External via Encrypted Form External to RAM via Plaintext Certificate |
July 8, 2025 n/a - n/a n/a - n/a n/a - n/a Table 25: SSP Table 1 SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
9.5 July 8, 2025 N/A Table 26: SSP Table 2 Transitions The following list specifies applicable transition periods or timeframes where an algorithm or key length transitions from Approved to non-Approved:
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator | Conditions | |
|---|---|---|---|---|---|---|---|
| HMAC-SHA2-256 (A5061) | HMAC-SHA2-256 (A5061) | Integrity test | SW/FW Integrity | software integrity test | log messages | ||
| AES-GCM (A5061) | AES-GCM (A5061) | KAT | CAST | Encrypt/Decrypt | Status can be displayed on CLI terminal of Web GUI Interface. | 256 bits | Performed during module's initial power-up sequence. |
| Counter DRBG (A5061) | Counter DRBG (A5061) | instantiate/generate/reseed KAT | CAST | DRBG | Status can be displayed on CLI terminal of Web GUI Interface. | Performed during module's initial power-up sequence. | |
| DSA KeyGen (FIPS186-4) (A5061) | DSA KeyGen (FIPS186-4) (A5061) | KAT | CAST | Sign/Verify | Status can be displayed on CLI terminal of Web GUI Interface. | 2048-bit | Performed during module's initial power-up sequence. |
| ECDSA SigGen (FIPS186-5) (A5061) | ECDSA SigGen (FIPS186-5) (A5061) | digital signature generation KAT | CAST | Signature Generation | Status can be displayed on CLI terminal of Web GUI Interface. | curve P-224/K- 233, SHA2-512 | Performed during module's initial power-up sequence. |
| ECDSA SigVer (FIPS186-4) (A5061) | ECDSA SigVer (FIPS186-4) (A5061) | digital signature generation KAT | CAST | Signature Verification | Status can be displayed on CLI terminal of Web GUI Interface. | curve P-224/K- 233, SHA2-512 | Performed during module's initial power-up sequence. |
| Entropy Stuck Test | Entropy Stuck Test | Entropy Stuck Test | CAST | SP800-90B tests | Status can be displayed on CLI terminal of Web GUI Interface. | Performed during module's initial power-up sequence. |
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator | Conditions | |
|---|---|---|---|---|---|---|---|
| HMAC-SHA2-256 (A5061) | HMAC-SHA2-256 (A5061) | Integrity test | SW/FW Integrity | software integrity test | log messages | ||
| AES-GCM (A5061) | AES-GCM (A5061) | KAT | CAST | Encrypt/Decrypt | Status can be displayed on CLI terminal of Web GUI Interface. | 256 bits | Performed during module's initial power-up sequence. |
| Counter DRBG (A5061) | Counter DRBG (A5061) | instantiate/generate/reseed KAT | CAST | DRBG | Status can be displayed on CLI terminal of Web GUI Interface. | Performed during module's initial power-up sequence. | |
| DSA KeyGen (FIPS186-4) (A5061) | DSA KeyGen (FIPS186-4) (A5061) | KAT | CAST | Sign/Verify | Status can be displayed on CLI terminal of Web GUI Interface. | 2048-bit | Performed during module's initial power-up sequence. |
| ECDSA SigGen (FIPS186-5) (A5061) | ECDSA SigGen (FIPS186-5) (A5061) | digital signature generation KAT | CAST | Signature Generation | Status can be displayed on CLI terminal of Web GUI Interface. | curve P-224/K- 233, SHA2-512 | Performed during module's initial power-up sequence. |
| ECDSA SigVer (FIPS186-4) (A5061) | ECDSA SigVer (FIPS186-4) (A5061) | digital signature generation KAT | CAST | Signature Verification | Status can be displayed on CLI terminal of Web GUI Interface. | curve P-224/K- 233, SHA2-512 | Performed during module's initial power-up sequence. |
| Entropy Stuck Test | Entropy Stuck Test | Entropy Stuck Test | CAST | SP800-90B tests | Status can be displayed on CLI terminal of Web GUI Interface. | Performed during module's initial power-up sequence. | |
| Entropy Repetition Stuck Test | Entropy Repetition Stuck Test | Entropy Repetition Stuck Test | CAST | SP800-90B tests | Status can be displayed on CLI terminal of Web GUI Interface. | Performed during module's initial power-up sequence. | |
| Entropy Adaptive Proportion Test | Entropy Adaptive Proportion Test | Entropy Adaptive Proportion Test | CAST | SP800-90B tests | Status can be displayed on CLI terminal of Web GUI Interface. | Performed during module's initial power-up sequence. | |
| Entropy Lag Test | Entropy Lag Test | Entropy Lag Test | CAST | SP800-90B tests | Status can be displayed on CLI terminal of Web GUI Interface. | Performed during module's initial power-up sequence. | |
| HMAC-SHA-1 (A5061) | HMAC-SHA-1 (A5061) | KAT | CAST | Hashed Message Authentication | Status can be displayed on CLI terminal of Web GUI Interface. | 128 bits | Performed during module's initial power-up sequence. |
| HMAC-SHA2- 224 (A5061) | HMAC-SHA2- 224 (A5061) | KAT | CAST | Hashed Message Authentication | Status can be displayed on CLI terminal of Web GUI Interface. | 128 bits | Performed during module's initial power-up sequence. |
| HMAC-SHA2- 256 (A5061) | HMAC-SHA2- 256 (A5061) | KAT | CAST | Hashed Message Authentication | Status can be displayed on CLI terminal of Web GUI Interface. | 256 bits | Performed during module's initial power-up sequence. |
| HMAC-SHA2- 384 (A5061) | HMAC-SHA2- 384 (A5061) | KAT | CAST | Hashed Message Authentication | Status can be displayed on CLI terminal of Web GUI Interface. | 192 bits | Performed during module's initial power-up sequence. |
| HMAC-SHA2- 512 (A5061) | HMAC-SHA2- 512 (A5061) | KAT | CAST | Hashed Message Authentication | Status can be displayed on CLI terminal of Web GUI Interface. | 256 bits | Performed during module's initial power-up sequence. |
| KAS-FFC-SSC Sp800-56Ar3 (A5061) | KAS-FFC-SSC Sp800-56Ar3 (A5061) | KAT | CAST | Signature Verification | Status can be displayed on CLI terminal of Web GUI Interface. | "Z" computation | Performed during module's initial power-up sequence. |
| KAS-ECC-SSC Sp800-56Ar3 (A5061) | KAS-ECC-SSC Sp800-56Ar3 (A5061) | KAT | CAST | Primitive 'Z' Computation | Status can be displayed on CLI terminal of Web GUI Interface. | "Z" computation | Performed during module's initial power-up sequence. |
| RSA SigGen (FIPS186-5) (A5061) | RSA SigGen (FIPS186-5) (A5061) | KAT | CAST | Signature Generation | Status can be displayed on CLI terminal of Web GUI Interface. | 2048-bit, SHA2-256, PKCS #1 | Performed during module's initial power-up sequence. |
| RSA SigVer (FIPS186-5) (A5061) | RSA SigVer (FIPS186-5) (A5061) | KAT | CAST | Signature Verification | Status can be displayed on CLI terminal of Web GUI Interface. | 2048-bit, SHA2-256, PKCS #1 | Performed during module's initial power-up sequence. |
| RSA KeyGen (FIPS186-4) (A5061) | RSA KeyGen (FIPS186-4) (A5061) | KAT | CAST | Encrypt/Decrypt | Status can be displayed on CLI terminal of Web GUI Interface | Performed during module's initial power-up sequence. | |
| SHA3-256 (A4087) | SHA3-256 (A4087) | KAT | CAST | Hashed Message Authentication | Status can be displayed on CLI terminal of Web GUI Interface. | 256 bits | Performed during module's initial power-up sequence. |
| KDF SRTP (A5063) | KDF SRTP (A5063) | STRP KDF KAT | CAST | STRP KDF Test | Status can be displayed on CLI terminal of Web GUI Interface. | Performed during module's initial power-up sequence. | |
| HMAC-SHA-1 (A5063) | HMAC-SHA-1 (A5063) | KAT | CAST | Hashed Message Authentication | Status can be displayed on CLI terminal of Web GUI Interface. | 128 bits | Performed during module's initial power-up sequence. |
| AES-CBC (A5063) | AES-CBC (A5063) | KAT | CAST | Encrypt/Decrypt | Status can be displayed on CLI terminal of Web GUI Interface. | 128 bits | Performed during module's initial power-up sequence. |
| KDF IKEv1 (A5062) | KDF IKEv1 (A5062) | KAT | CAST | Key Derivation | Status can be displayed on CLI terminal of Web GUI Interface. | Performed during module's initial power-up sequence. | |
| KDF SSH (A5064) | KDF SSH (A5064) | KAT | CAST | Key Derivation | Status can be displayed on CLI terminal of Web GUI Interface. | Performed during module's initial power-up sequence. | |
| KDF TLS (A5065) | KDF TLS (A5065) | KAT | CAST | Key Derivation | Status can be displayed on CLI terminal of Web GUI Interface. | Performed during module's initial power-up sequence. | |
| ECDSA KeyGen (FIPS186-5) (A5061) | ECDSA KeyGen (FIPS186-5) (A5061) | PCT | PCT | Sign/Verify | Status can be displayed on CLI terminal of Web GUI Interface. | P-256 | Performed during module's initial power-up sequence. |
| RSA KeyGen (FIPS186-5) (A5061) | RSA KeyGen (FIPS186-5) (A5061) | PCT | PCT | Sign/Verify and Encrypt/Decrypt | On Demand | 2048-bit, SHA2-256 | Performed during module's initial power-up sequence. |
| DH Key Generation | DH Key Generation | PCT | PCT | Key Generation | Status can be displayed on CLI terminal of Web GUI Interface. | Conditional before first use. | |
| ECDH Key Generation | ECDH Key Generation | PCT | PCT | Key Generation | Status can be displayed on CLI terminal of Web GUI Interface. | Conditional before first use. | |
| PBKDF (A5061) | PBKDF (A5061) | KAT | CAST | Key Derivation | Status can be displayed on CLI terminal of Web GUI Interface. | Performed during module's initial power-up sequence. |
July 8, 2025 10. Self-Tests The module performs pre-operational self-tests and conditional self-tests. Pre-operational tests are performed between the time the cryptographic module is instantiated and before the module transitions to the operational state. Conditional self-tests are performed by the module during module operation when certain conditions exist. The following sections list the self-tests performed by the module, their expected error status, and the error resolutions. 10.1 Pre-Operational Self-Tests The module performs the following pre-operational self-test(s): 10.2 Table 27: Pre-Operational Self-Tests Conditional Self-Tests The module performs the following conditional self-tests: SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 "Z" "Z" SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 Table 28: Conditional Self-Tests 10.3 Periodic Self-Test Information The operator may conduct on demand by rebooting or power-cycling the module’s VM or host server. On-demand self-test information for pre-operational and conditional self-tests are shown in the tables below. SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Name | Algorithm Or Test | Test Method | Test Type | Period | Periodic Method | Test Method | Test Type | Period |
|---|---|---|---|---|---|---|---|---|
| HMAC-SHA2-256 (A5061) | HMAC-SHA2-256 (A5061) | Integrity test | SW/FW Integrity | on module start up | on module reboot | |||
| AES-GCM (A5061) | AES-GCM (A5061) | KAT | CAST | On Demand | Manual | |||
| Counter DRBG (A5061) | Counter DRBG (A5061) | instantiate/generate/reseed KAT | CAST | On Demand | Manual | |||
| DSA KeyGen (FIPS186- 4) (A5061) | DSA KeyGen (FIPS186- 4) (A5061) | KAT | CAST | On Demand | Manual | |||
| ECDSA SigGen (FIPS186-5) (A5061) | ECDSA SigGen (FIPS186-5) (A5061) | digital signature generation KAT | CAST | On Demand | Manual | |||
| ECDSA SigVer (FIPS186- 4) (A5061) | ECDSA SigVer (FIPS186- 4) (A5061) | digital signature generation KAT | CAST | On Demand | Manual | |||
| Entropy Stuck Test | Entropy Stuck Test | Entropy Stuck Test | CAST | On Demand | Manual | |||
| Entropy Repetition Stuck Test | Entropy Repetition Stuck Test | Entropy Repetition Stuck Test | CAST | On Demand | Manual | |||
| Entropy Adaptive Proportion Test | Entropy Adaptive Proportion Test | Entropy Adaptive Proportion Test | CAST | On Demand | Manual | |||
| Entropy Lag Test | Entropy Lag Test | Entropy Lag Test | CAST | On Demand | Manual | |||
| HMAC-SHA-1 (A5061) | HMAC-SHA-1 (A5061) | KAT | CAST | On Demand | Manual | |||
| HMAC-SHA2-224 (A5061) | HMAC-SHA2-224 (A5061) | KAT | CAST | On Demand | Manual | |||
| HMAC-SHA2-256 (A5061) | HMAC-SHA2-256 (A5061) | KAT | CAST | On Demand | Manual | |||
| HMAC-SHA2-384 (A5061) | HMAC-SHA2-384 (A5061) | KAT | CAST | On Demand | Manual | |||
| HMAC-SHA2-512 (A5061) | HMAC-SHA2-512 (A5061) | KAT | CAST | On Demand | Manual | |||
| KAS-FFC-SSC Sp800- 56Ar3 (A5061) | KAS-FFC-SSC Sp800- 56Ar3 (A5061) | KAT | CAST | On Demand | Manual | |||
| KAS-ECC-SSC Sp800- 56Ar3 (A5061) | KAS-ECC-SSC Sp800- 56Ar3 (A5061) | KAT | CAST | On Demand | Manual | |||
| RSA SigGen (FIPS186-5) (A5061) | RSA SigGen (FIPS186-5) (A5061) | KAT | CAST | On Demand | Manual | |||
| RSA SigVer (FIPS186-5) (A5061) | RSA SigVer (FIPS186-5) (A5061) | KAT | CAST | On Demand | Manual | |||
| RSA KeyGen (FIPS186- 4) (A5061) | RSA KeyGen (FIPS186- 4) (A5061) | KAT | CAST | On Demand | Manual | |||
| SHA3-256 (A4087) | SHA3-256 (A4087) | KAT | CAST | On Demand | Manual | |||
| KDF SRTP (A5063) | KDF SRTP (A5063) | STRP KDF KAT | CAST | On Demand | Manual | |||
| HMAC-SHA-1 (A5063) | HMAC-SHA-1 (A5063) | KAT | CAST | On Demand | Manual | |||
| AES-CBC (A5063) | AES-CBC (A5063) | KAT | CAST | On Demand | Manual | |||
| KDF IKEv1 (A5062) | KDF IKEv1 (A5062) | KAT | CAST | On Demand | Manual | |||
| KDF SSH (A5064) | KDF SSH (A5064) | KAT | CAST | On Demand | Manual | |||
| KDF TLS (A5065) | KDF TLS (A5065) | KAT | CAST | On Demand | Manual | |||
| ECDSA KeyGen (FIPS186-5) (A5061) | ECDSA KeyGen (FIPS186-5) (A5061) | PCT | PCT | On Demand | Manual | |||
| RSA KeyGen (FIPS186- 5) (A5061) | RSA KeyGen (FIPS186- 5) (A5061) | PCT | PCT | On Demand | Manual | |||
| DH Key Generation | DH Key Generation | PCT | PCT | On Demand | Manual | |||
| ECDH Key Generation | ECDH Key Generation | PCT | PCT | On Demand | Manual | |||
| PBKDF (A5061) | PBKDF (A5061) | KAT | CAST | On Demand | Manual |
July 8, 2025 Table 29: Pre-Operational Periodic Information Table 30: Conditional Periodic Information SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Name | Description | Role Access | Indicator | |
|---|---|---|---|---|
| Soft Error | Upon failure of the conditional firmware load test | Failure of the conditional firmware load test | log file entry / console message | Reject firmware load operation. |
| Critical Error | Upon failure of any other pre- operational self-test or conditional self-test | Failure of any other pre-operational self-test or conditional self-test | log file entry / console message | Reboot or reload module |
10.4 July 8, 2025 Error States The table below describes the error states and status indicators of the module. 10.5 Table 31: Error States Operator Initiation of Self-Tests The operator may initiate self-tests on demand by issuing the reboot command or power cycling the module’s VM or host server. SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 11. Life-Cycle Assurance 11.1 Installation, Initialization, and Startup Procedures
The module is in an unconfigured operational state upon the initial power-up. The Crypto Officer shall be responsible for all initial setup activities, including configuring the virtual machine, installing the guest operating system, and installing the SBC SWe application software. For detailed guidance regarding these activities, please see the SBC Core 10.1.x Documentation webpage on Ribbon’s online Documentation and Support Portal and refer to the following document entries:
Prior to initializing the module for operation in the Approved mode, SNMPv3 must be reconfigured. All trap targets with securityLevel set for authPriv and authNoPriv must be disabled. The following steps using the CLI provide an example: % show oam snmp trapTarget EMS_-10.54.71.176 ipAddress 10.54.71.176; port 162; trapType v3; targetUsername emstrapuser; SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
July 8, 2025 targetSecurityLevel authPriv; state enabled; % set oam snmp trapTarget EMS_-10.54.71.176 state disabled % commit To initialize the module for operation in the Approved mode, the CO may use the CLI or the EMA. The sections below describe these initialization methods. 11.1.2.1 Initialization using CLI When using the CLI, the CO shall complete the following procedure:
July 8, 2025
After completion and confirmation of the above steps, the module’s VM will reboot. After this reboot, and on all subsequent reboots, the module will be operating in its Approved mode. The following steps are required for module startup. 11.1.3.1 Restoring EMA in Platform Mode To restore service to the EMA in Platform Mode after “fips-140-3 mode” is set to ‘enabled’, CA certificates and newly-generated SBC certificates must be imported using the CLI. • Import CA Certificates – Use the following procedure to import up to twenty CA certificates and associate them with the EmaTlsProfile named "defaultEmaTlsProfile." > configure private % set system security pki certificate intermediateCaCert fileName intCaCert.der state enabled type remote % set system security pki certificate rootCaCert fileName rootCaCert.der state enabled type remote % commit % set profiles security EmaTlsProfile defaultEmaTlsProfile ClientCaCert intermediateCaCert % set profiles security EmaTlsProfile defaultEmaTlsProfile ClientCaCert rootCaCert % commit • Import SBC Certificates – The SBC enables importing SBC server certificates generated with either of two different methods: those generated externally and those generated locally in the SBC. Use the following procedure to import an externally-generated SBC key and certificate in PKCS#12 format:
| After “fips-140-3 mode” is set to ‘enabled’, the SNMP Authentication Keys and SNMPv3 Privacy Keys must be | |
|---|---|
| reconfigured for all SNMPv3 users (this applies to all SNMPv3 users for authPriv/authNoPriv security level trap | |
| targets). | |
| 1. Use the following CLI commands to reconfigure the keys: |
| % set oam snmp users <username> authKey <colon separated hex string> | |
|---|---|
| % set oam snmp users <username> privKey <colon separated hex string> | |
| % commit | |
| 2. Enable the authPriv/authNoPriv trap targets: | |
| % set oam snmp trapTarget <trap_target_name> state enabled | |
| % commit |
July 8, 2025 Use the following procedure to generate an SBC key and CSR locally in the SBC, and then import as a PEM externally-signed certificate: The CO shall ensure that only keys providing at least 112 bits of encryption strength are used for signing certificate requests.
Operational mode status of the module can be viewed by navigating to Administration -> Users and Application Management -> Fips-140-3 from the SBC main screen via the EMA and selecting the desired SBC system from the dropdown menu. When running in Approved mode, the radio button marked “Enabled” will be selected. The Crypto Officer shall monitor the module’s status regularly. If any irregular activity is noticed, or the module is consistently reporting errors, customers should contact Ribbon Customer Support.
The module’s versioning information can be viewed by navigating to Monitoring -> Dashboard -> System Status from the SBC main screen via the EMA. The System Status window display will include the hardware type and SBC application version, which can be correlated with the module name and software version (respectively) on the module’s validation record.
Procedures for loading a new module image can be found under the appropriate entries on Ribbon’s Upgrading SBC Core Software webpage.
When configuring the module for high availability, the VMs for the active instance and the standby instance must reside on the same physical host for operation in the Approved mode. For connection details, refer to the instructions found under the online document entry “Setting Up Logical Connection Between High Availability Nodes”.
This section notes additional policies below that must be followed by the CO:
July 8, 2025 12. Mitigation of Other Attacks The module does not claim to mitigate any attacks beyond the FIPS 140-3 Level 1 requirements for this validation. Therefore, per ISO/IEC 19790:2012 section 7.12, requirements for this section are not applicable. SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc.
| Name | Term | Definition |
|---|---|---|
| AES | AES | Advanced Encryption Standard |
| CBC | CBC | Cipher Block Chaining |
| CCCS | CCCS | Canadian Centre for Cyber Security |
| CMVP | CMVP | Cryptographic Module Validation Program |
| CO | CO | Cryptographic Officer |
| CPU | CPU | Central Processing Unit |
| CTR | CTR | Counter |
| CVL | CVL | Component Validation List |
| DES | DES | Data Encryption Standard |
| DH | DH | Diffie-Hellman |
| DRBG | DRBG | Deterministic Random Bit Generator |
| ECB | ECB | Electronic Code Book |
| ECC CDH | ECC CDH | Elliptic Curve Cryptography Cofactor Diffie-Hellman |
| ECDH | ECDH | Elliptic Curve Diffie-Hellman |
| ECDSA | ECDSA | Elliptic Curve Digital Signature Algorithm |
| EMI/EMC | EMI/EMC | Electromagnetic Interference /Electromagnetic Compatibility |
| FIPS | FIPS | Federal Information Processing Standard |
| GCM | GCM | Galois/Counter Mode |
| GMAC | GMAC | Galois Message Authentication Code |
| GPC | GPC | General-Purpose Computer |
| HMAC | HMAC | (keyed-) Hash Message Authentication Code |
| KAS | KAS | Key Agreement Scheme |
| KAT | KAT | Known Answer Test |
| KTS | KTS | Key Transport Scheme |
| KW | KW | Key Wrap |
| KWP | KWP | Key Wrap with Padding |
| NIST | NIST | National Institute of Standards and Technology |
| OS | OS | Operating System |
| PCT | PCT | Pairwise Consistency Test |
| PKCS | PKCS | Public Key Cryptography Standard |
| PSS | PSS | Probabilistic Signature Scheme |
| RNG | RNG | Random Number Generator |
| RSA | RSA | Rivest, Shamir, and Adleman |
| SHA | SHA | Secure Hash Algorithm |
| SHS | SHS | Secure Hash Standard |
| SP | SP | Special Publication |
Appendix A. Acronyms and Abbreviations Table 32 provides definitions for the acronyms and abbreviations used in this document. Table 32. Acronyms and Abbreviations SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc. July 8, 2025
SBC SWe Session Border Controller 10.01.06 ©2025 Ribbon Communications, Inc. July 8, 2025
Prepared by: Corsec Security, Inc.
Fairfax, VA 22033 United States of America Phone: +1 703 267 6050 Email: info@corsec.com Web: www.corsec.com