| Standard | FIPS 140-3 |
|---|---|
| Overall level | 2 |
| Module type | Hardware |
| Embodiment | Multi-Chip Stand Alone |
| Status | Active |
| Sunset date | 9/21/2030 |
| Caveat | When installed, initialized and configured as specified in Section Life-Cycle Assurance of the Security Policy. The tamper evident seals installed as indicated in the Security Policy |
| Vendor | Cisco Systems, Inc. |
| Algorithm | ACVP Cert |
|---|---|
| AES-CBC | A4446 |
| AES-GCM | A4446 |
| Counter DRBG | A4446 |
| ECDSA KeyGen (FIPS186-4) | A4446 |
| ECDSA SigGen (FIPS186-4) | A4446 |
| ECDSA SigVer (FIPS186-4) | A4446 |
| HMAC-SHA-1 | A4446 |
| HMAC-SHA2-224 | A4446 |
| HMAC-SHA2-256 | A4446 |
| HMAC-SHA2-384 | A4446 |
| HMAC-SHA2-512 | A4446 |
| KAS-ECC-SSC Sp800-56Ar3 | A4446 |
| KAS-FFC-SSC Sp800-56Ar3 | A4446 |
| KDF IKEv2 (CVL) | A4446 |
| KDF SNMP (CVL) | A4446 |
| KDF SSH (CVL) | A4446 |
| RSA KeyGen (FIPS186-4) | A4446 |
| RSA SigGen (FIPS186-4) | A4446 |
| RSA SigVer (FIPS186-4) | A4446 |
| SHA-1 | A4446 |
| SHA2-224 | A4446 |
| SHA2-256 | A4446 |
| SHA2-384 | A4446 |
| SHA2-512 | A4446 |
| TLS v1.2 KDF RFC7627 (CVL) | A4446 |
| Hash DRBG | |
| HMAC-SHA2- 256 | |
| HMAC-SHA2- 384 | |
| HMAC-SHA2- 512 |
| Requirement area | Level |
|---|---|
| Cryptographic Module Specification | 2 |
| Cryptographic Module Interfaces | 3 |
| Roles, Services, and Authentication | 4 |
| Software/Firmware Security | 5 |
| Operational Environment | 6 |
| Physical Security | 7 |
| Non-Invasive Security | N/A |
| Self-Tests | 1 |
| Life-Cycle Assurance | 1 |
| Mitigation of Other Attacks | N/A |
flowchart LR
%% Deterministic review-risk graph for Cisco Adaptive Security Appliance Cryptographic Module (FPR 2100 Series)
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C2["[high] Firmware update / recovery<br/>/ rollback services<br/><i>Firmware Load Test<br/>Firmware Update</i>"]
C3["[high] Unauthenticated /<br/>self-test / status service<br/>surface<br/><i>Block Cipher (SSHv2)<br/>Block Cipher (TLSv1.2)<br/>Block Cipher (IPSec/IKE)</i>"]
C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>SSH<br/>IKEV</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>application</i>"]
end
subgraph Inference["Derived inference"]
I2["Trusted code is reachable<br/>through update and<br/>recovery paths."]
I3["Some services may process<br/>input before, or without,<br/>operator authentication."]
I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E2["update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C5 --> I5 --> R5 --> E5
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C2,C3,C5,C6 clue;
class I2,I3,I5,I6 infer;
class R2,R3,R5,R6 risk;
class E2,E3,E5,E6 evidence;flowchart LR
%% Deterministic clue tier for Cisco Adaptive Security Appliance Cryptographic Module (FPR 2100 Series)
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C2["[high] Firmware update / recovery / rollback services<br/><i>Firmware Load Test<br/>Firmware Update</i><br/>src: securityPolicy.services"]
C3["[high] Unauthenticated / self-test / status service surface<br/><i>Block Cipher (SSHv2)<br/>Block Cipher (TLSv1.2)<br/>Block Cipher (IPSec/IKE)</i><br/>src: securityPolicy.services"]
C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>SSH<br/>IKEV</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C2,C3 clueHigh;
class C5,C6 clueLow;Cisco Systems, Inc. Cisco Adaptive Security Appliance Cryptographic Module (FPR 2100 Series) Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA © 2021-2025 Cisco Systems, Inc. Cisco Systems logo is registered trademark of Cisco Systems, Inc.
| # | Section | Page |
|---|---|---|
| 1 | General | 5 |
| 1.1 | Overview | 5 |
| 1.2 | Security Levels | 5 |
| 2 | Cryptographic Module Specification | 5 |
| 2.1 | Description | 5 |
| 2.2 | Tested and Vendor Affirmed Module Version and Identification | 6 |
| 2.3 | Excluded Components | 7 |
| 2.4 | Modes of Operation | 7 |
| 2.5 | Algorithms | 7 |
| 2.6 | Security Function Implementations | 10 |
| 2.7 | Algorithm Specific Information | 16 |
| 2.8 | RBG and Entropy | 16 |
| 2.9 | Key Generation | 17 |
| 2.10 | Key Establishment | 17 |
| 2.11 | Industry Protocols | 18 |
| 3 | Cryptographic Module Interfaces | 18 |
| 3.1 | Ports and Interfaces | 18 |
| 4 | Roles, Services, and Authentication | 19 |
| 4.1 | Authentication Methods | 19 |
| 4.2 | Roles | 20 |
| 4.3 | Approved Services | 20 |
| 4.4 | Non-Approved Services | 38 |
| 4.5 | External Software/Firmware Loaded | 38 |
| 4.6 | Bypass Actions and Status | 39 |
| 4.7 | Cryptographic Output Actions and Status | 39 |
| 5 | Software/Firmware Security | 39 |
| 5.1 | Integrity Techniques | 39 |
| 5.2 | Initiate on Demand | 39 |
| 6 | Operational Environment | 40 |
| 6.1 | Operational Environment Type and Requirements | 40 |
| 7 | Physical Security | 40 |
| 7.1 | Mechanisms and Actions Required | 40 |
| 7.2 | User Placed Tamper Seals | 40 |
| 7.3 | Filler Panels | 43 |
| 8 | Non-Invasive Security | 45 |
| 9 | Sensitive Security Parameters Management | 45 |
| 9.1 | Storage Areas | 45 |
| 9.2 | SSP Input-Output Methods | 45 |
| 9.3 | SSP Zeroization Methods | 46 |
| 9.4 | SSPs | 47 |
| 9.5 | Transitions | 61 |
| 10 | Self-Tests | 61 |
| 10.1 | Pre-Operational Self-Tests | 61 |
| 10.2 | Conditional Self-Tests | 62 |
| 10.3 | Periodic Self-Test Information | 67 |
| 10.4 | Error States | 70 |
| 11 | Life-Cycle Assurance | 70 |
| 11.1 | Installation, Initialization, and Startup Procedures | 70 |
| 11.2 | Administrator Guidance | 72 |
| 11.3 | Non-Administrator Guidance | 72 |
| 12 | Mitigation of Other Attacks | 72 |
| Item | Page |
|---|---|
| Table 1: Security Levels | 5 |
| Table 2: Tested Module Identification – Hardware | 7 |
| Table 3: Modes List and Description | 7 |
| Table 4: Approved Algorithms - CiscoSSL FOM Cryptographic Implementation | 9 |
| Table 5: Approved Algorithms - Octeon III Family Crypyto Engine | 9 |
| Table 6: Vendor-Affirmed Algorithms | 10 |
| Table 7: Security Function Implementations | 15 |
| Table 8: Entropy Certificates | 16 |
| Table 9: Entropy Sources | 16 |
| Table 10: Ports and Interfaces | 18 |
| Table 11: Authentication Methods | 20 |
| Table 12: Roles | 20 |
| Table 13: Approved Services | 38 |
| Table 14: Mechanisms and Actions Required | 40 |
| Table 15: Storage Areas | 45 |
| Table 16: SSP Input-Output Methods | 46 |
| Table 17: SSP Zeroization Methods | 46 |
| Table 18: SSP Table 1 | 54 |
| Table 19: SSP Table 2 | 61 |
| Table 20: Pre-Operational Self-Tests | 62 |
| Table 21: Conditional Self-Tests | 67 |
| Table 22: Pre-Operational Periodic Information | 67 |
| Table 23: Conditional Periodic Information | 70 |
| Table 24: Error States | 70 |
| Figure 1 FPR 2110 and FPR 2120 | 6 |
| Figure 2 FPR 2130 and FPR 2140 | 6 |
| Figure 3 Module front view with opacity shield | 40 |
| Figure 4 FRP 2110/2120 back view | 41 |
| Figure 5 FRP 2130/2140 back view | 41 |
| Figure 6 FRP 2110/2120 top view with opacity shield | 41 |
| Figure 7 FRP 2130/2140 top view with opacity shield | 42 |
| Figure 8 Module’s bottom view with opacity shield | 42 |
| Figure 9 Module’s left view with opacity shield | 43 |
| Figure 10 Module’s right view with opacity shield | 43 |
| Figure 11 Opacity Shield Brackets | 45 |
| Name | ISO Section | Requirement | Level |
|---|---|---|---|
| 1 | 1 | General | 2 |
| 2 | 2 | Cryptographic module specification | 2 |
| 3 | 3 | Cryptographic module interfaces | 2 |
| 4 | 4 | Roles, services, and authentication | 3 |
| 5 | 5 | Software/Firmware security | 2 |
| 6 | 6 | Operational environment | N/A |
| 7 | 7 | Physical security | 2 |
| 8 | 8 | Non-invasive security | N/A |
| 9 | 9 | Sensitive security parameter management | 2 |
| 10 | 10 | Self-tests | 2 |
| 11 | 11 | Life-cycle assurance | 2 |
| 12 | 12 | Mitigation of other attacks | N/A |
| Overall Level | Overall Level | 2 |
Appliance Cryptographic Module (FPR 2100 Series) (hereinafter referred to as ASA or Module), version 9.20. The following details how this module meets the security requirements of FIPS 140-3, SP 800-140 and ISO/IEC 19790 for a Security Level 2 Hardware cryptographic module. The security requirements cover areas related to the design and implementation of a cryptographic module. These areas include cryptographic module specification; cryptographic table indicates the actual security levels for each area of the cryptographic module.
Purpose and Use: This module is a multi-chip standalone hardware cryptographic module deployed under the Next-Generation Firewall (NGFW) with Adaptive Security Appliance (ASA). The module’s operational environment is Limited. ASA delivers enterprise-class firewall for businesses, improving security at the Internet edge, high performance and throughput for demanding enterprise data centers. The ASA solution offers the combination of the industry's most deployed stateful firewall with a comprehensive range of next-generation network security services, intrusion prevention system (IPS), content © 2021-2025 Cisco Systems, Inc.
| Name | Model | Hardware Version | Firmware Version | Processor |
|---|---|---|---|---|
| FRP 2110 | FRP 2110 | FPR-2110 | 9.20 | Intel Xeon D-1526 (Broadwell), Octeon III Family Crypto Engine |
| FRP 2120 | FRP 2120 | FPR-2120 | 9.20 | Intel Xeon D-1528 (Broadwell), Octeon III Family Crypto Engine |
| FRP 2130 | FRP 2130 | FPR-2130 | 9.20 | Intel Xeon D-1548 (Broadwell), Octeon III Family Crypto Engine |
| FRP 2140 | FRP 2140 | FPR-2140 | 9.20 | Intel Xeon D-1577 (Broadwell), Octeon III Family Crypto Engine |
security and secure unified communications, HTTPS/TLSv1.2, SSHv2, IPsec/IKEv2, SNMPv3 and Cryptographic Cipher Suite B using the ASA Cryptographic Module. Module Type: Hardware Module Embodiment: MultiChipStand Module Characteristics: Cryptographic Boundary: The cryptographic boundary is defined as the entire chassis unit’s physical perimeter encompassing the "top," "front," "left," "right," “rear” and "bottom" surfaces of the case, and shown in the figures below and in the Physical Security section. The FPR 2110 and FPR 2120 have the same exterior features while FPR 2130 and FPR 2140 have the same exterior features. Where they differ is in Firewall throughput, IPS throughput, IPsec VPN throughput and number of VPN peers allowed. Figure 2 FPR 2130 and FPR 2140
Tested Module Identification
| Name | Description | Indicator | Type |
|---|---|---|---|
| Approved Mode of Operation | The module is always in the approved mode of operation after initial operations are performed. | Approved mode indicator: "FIPS is currently enabled." | Approved |
Table 2: Tested Module Identification
N/A for this module. Modes List and Description: Table 3: Modes List and Description operation after initial operations are performed (See Section 11). The module does not claim implementation of a degraded mode of operation. Section 4 provides details on the service
| Name | CAVP Cert | Properties | Reference |
|---|---|---|---|
| AES-CBC | A4446 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | A4446 | Direction - Decrypt, Encrypt IV Generation - Internal IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| Counter DRBG | A4446 | Prediction Resistance - Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| ECDSA KeyGen (FIPS186-4) | A4446 | Curve - P-256, P-384, P-521 | FIPS 186-4 |
| ECDSA SigGen (FIPS186-4) | A4446 | Curve - P-256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2-384, SHA2-512 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A4446 | Curve - P-256, P-384, P-521 | FIPS 186-4 |
| HMAC-SHA-1 | A4446 | Key Length - Key Length: 256-448 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-224 | A4446 | Key Length - Key Length: 256-448 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-256 | A4446 | Key Length - Key Length: 256-448 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-384 | A4446 | Key Length - Key Length: 256-448 Increment 8 | FIPS 198-1 |
| HMAC-SHA2-512 | A4446 | Key Length - Key Length: 256-448 Increment 8 | FIPS 198-1 |
| KAS-ECC-SSC Sp800-56Ar3 | A4446 | Domain Parameter Generation Methods - P- 256, P-384, P-521 | SP 800-56A Rev. 3 |
| KAS-FFC-SSC Sp800-56Ar3 | A4446 | Domain Parameter Generation Methods - ffdhe2048, ffdhe3072, ffdhe4096, modp-2048, modp-3072, modp-4096 | SP 800-56A Rev. 3 |
| KDF IKEv2 (CVL) | A4446 | Diffie-Hellman Shared Secret Length - Diffie- Hellman Shared Secret Length: 2048 Derived Keying Material Length - Derived Keying Material Length: 3072 Hash Algorithm - SHA-1 | SP 800-135 Rev. 1 |
| KDF SNMP (CVL) | A4446 | Password Length - Password Length: 256, 64 | SP 800-135 Rev. 1 |
| KDF SSH (CVL) | A4446 | Cipher - AES-128, AES-192, AES-256 | SP 800-135 Rev. 1 |
| RSA KeyGen (FIPS186-4) | A4446 | Key Generation Mode - B.3.4 Modulo - 2048, 3072 Hash Algorithm - SHA2-256 Private Key Format - Standard | FIPS 186-4 |
| RSA SigGen (FIPS186-4) | A4446 | Signature Type - PKCS 1.5, PKCSPSS Modulo - 2048, 3072 | FIPS 186-4 |
| RSA SigVer (FIPS186-4) | A4446 | Signature Type - PKCS 1.5, PKCSPSS Modulo - 2048, 3072 | FIPS 186-4 |
| Safe Primes Key Generation | A4446 | Safe Prime Groups - ffdhe2048, ffdhe3072, ffdhe4096, modp-2048, modp-3072, modp- 4096 | SP 800-56A Rev. 3 |
| SHA-1 | A4446 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| SHA2-224 | A4446 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| SHA2-256 | A4446 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| SHA2-384 | A4446 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| SHA2-512 | A4446 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| TLS v1.2 KDF RFC7627 (CVL) | A4446 | Hash Algorithm - SHA2-256, SHA2-384, SHA2-512 | SP 800-135 Rev. 1 |
| AES-CBC | AES 3301 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-GCM | AES 3301 | Direction - Decrypt, Encrypt IV Generation - External Key Length - 128, 192, 256 | SP 800-38D |
| Hash DRBG | DRBG 819 | Prediction Resistance - No Mode - SHA2-512 | SP 800-90A Rev. 1 |
| HMAC-SHA-1 | HMAC 2095 | FIPS 198-1 | |
| HMAC-SHA2- 256 | HMAC 2095 | FIPS 198-1 | |
| HMAC-SHA2- 384 | HMAC 2095 | FIPS 198-1 | |
| HMAC-SHA2- 512 | HMAC 2095 | FIPS 198-1 | |
| SHA-1 | SHS 2737 | Message Length - Message Length: 8- 51200 Increment 8 | FIPS 180-4 |
| SHA2-256 | SHS 2737 | Message Length - Message Length: 8- 51200 Increment 8 | FIPS 180-4 |
| SHA2-384 | SHS 2737 | Message Length - Message Length: 8- 102400 Increment 8 | FIPS 180-4 |
| SHA2-512 | SHS 2737 | Message Length - Message Length: 8- 102400 Increment 8 | FIPS 180-4 |
Approved Algorithms: CiscoSSL FOM Cryptographic Implementation © 2021-2025 Cisco Systems, Inc.
Table 4: Approved Algorithms - CiscoSSL FOM Cryptographic Implementation Octeon III Family Crypyto Engine HMAC-SHA2HMAC HMAC-SHA2HMAC HMAC-SHA2HMAC Table 5: Approved Algorithms - Octeon III Family Crypyto Engine © 2021-2025 Cisco Systems, Inc.
| Name | Description | Approved Functions | Type | Properties | ||
|---|---|---|---|---|---|---|
| CKG | Key Type:Asymmetric | N/A | SP 800-133r2 Section 4, Method 1 | |||
| KAS-ECC- KeyGen (SSHv2) | KAS ECC keygen used in SSHv2 service | Counter DRBG: (A4446) Hash DRBG: (DRBG 819) CKG: () | KAS-KeyGen CKG | Keysize:128 to 256 bits encryption strength | ||
| KAS-FFC- KeyGen (SSHv2) | KAS FFC keygen used in SSHv2 service | Counter DRBG: (A4446) Hash DRBG: (DRBG 819) Safe Primes Key Generation: (A4446) Safe Prime Groups: modp- 2048, modp- 3072, modp- 4096 CKG: () | KAS-KeyGen CKG | Keysize:112 to 152 bits encryption strength | ||
| KAS-ECC- KeyGen (TLSv1.2) | KAS ECC keygen used in TLSv1.2 service | Counter DRBG: (A4446) Hash DRBG: | KAS-KeyGen CKG | Keysize:128 to 256 bits encryption strength |
| Name | Description | Approved Functions | Type | Properties | ||
|---|---|---|---|---|---|---|
| CKG | Key Type:Asymmetric | N/A | SP 800-133r2 Section 4, Method 1 | |||
| KAS-ECC- KeyGen (SSHv2) | KAS ECC keygen used in SSHv2 service | Counter DRBG: (A4446) Hash DRBG: (DRBG 819) CKG: () | KAS-KeyGen CKG | Keysize:128 to 256 bits encryption strength | ||
| KAS-FFC- KeyGen (SSHv2) | KAS FFC keygen used in SSHv2 service | Counter DRBG: (A4446) Hash DRBG: (DRBG 819) Safe Primes Key Generation: (A4446) Safe Prime Groups: modp- 2048, modp- 3072, modp- 4096 CKG: () | KAS-KeyGen CKG | Keysize:112 to 152 bits encryption strength | ||
| KAS-ECC- KeyGen (TLSv1.2) | KAS ECC keygen used in TLSv1.2 service | Counter DRBG: (A4446) Hash DRBG: | KAS-KeyGen CKG | Keysize:128 to 256 bits encryption strength | ||
| KAS-FFC- KeyGen (TLSv1.2) | KAS FFC keygen used in TLSv1.2 service | Counter DRBG: (A4446) Hash DRBG: (DRBG 819) Safe Primes Key Generation: (A4446) Safe Prime Groups: ffdhe2048, ffdhe3072, ffdhe4096 CKG: () | KAS-KeyGen CKG | Keysize:112 to 152 bits encryption strength | ||
| KAS-ECC- KeyGen (IKEv2) | KAS ECC keygen used in TLSv1.2 service | Counter DRBG: (A4446) Hash DRBG: (DRBG 819) CKG: () | KAS-KeyGen CKG | Keysize:128 to 256 bits encryption strength | ||
| KAS-FFC- KeyGen (IKEv2) | KAS FFC keygen used in IKEv2 service | Counter DRBG: (A4446) Hash DRBG: (DRBG 819) Safe Primes Key Generation: (A4446) Safe Prime Groups: modp- 2048, modp- 3072, modp- 4096 CKG: () | KAS-KeyGen CKG | Keysize:112 to 152 bits encryption strength | ||
| KAS-ECC (SSHv2) | KAS-ECC for SSHv2 service | KAS-ECC-SSC Sp800-56Ar3: (A4446) KDF SSH: (A4446) | KAS-Full | Security Strength:Provides between 128 and 256 bits of encryption strength | ||
| KAS-FFC (SSHv2) | KAS-FFC SSHv2 service | KDF SSH: (A4446) KAS-FFC-SSC Sp800-56Ar3: (A4446) Safe-Prime Groups:: modp- 2048, modp- 3072, modp- 4096 | KAS-Full | Security Strength:Provides between 112 to 152 bits of encryption strength | ||
| KAS-ECC (TLSv1.2) | KAS-ECC for TLSv1.2 service | KAS-ECC-SSC Sp800-56Ar3: (A4446) TLS v1.2 KDF RFC7627: (A4446) | KAS-Full | Security Strength:Provides between 128 and 256 bits of encryption strength | ||
| KAS-FFC (TLSv1.2) | KAS-FFC for TLSv1.2 service | TLS v1.2 KDF RFC7627: (A4446) KAS-FFC-SSC Sp800-56Ar3: (A4446) Safe-Prime Groups: ffdhe2048, ffdhe3082, ffdhe4096 | KAS-Full | Security Strength:Provides 112-152 bits of encryption strength | ||
| KAS-ECC (IKEv2) | KAS-ECC for IKEv2 Service | KAS-ECC-SSC Sp800-56Ar3: (A4446) KDF IKEv2: (A4446) | KAS-Full | Security Strength:Provides between 128 and 256 bits of encryption strength | ||
| KAS-FFC (IKEv2) | KAS-FFC for IKEv2 service | KAS-FFC-SSC Sp800-56Ar3: (A4446) Safe-Prime Groups: modp- 2048, modp- 3072, modp- 4096 KDF IKEv2: (A4446) | KAS-Full | Security Strength:Provides between 112 and 152 bits of encryption strength | ||
| KTS (TLSv1.2 with AES and HMAC) | KTS via TLSv1.2 service by using AES and HMAC | AES-CBC: (A4446) Key Length: 128, 256 HMAC-SHA-1: (A4446) HMAC-SHA2- 256: (A4446) HMAC-SHA2- 384: (A4446) SHA-1: (A4446) SHA2-256: (A4446) SHA2-384: (A4446) | KTS-Wrap | Security Strength:Provides between 128 and 256 bits of encryption strength | ||
| KTS (TLSv1.2 with AES-GCM) | KTS via TLSv1.2 service by using AES- GCM | AES-GCM: (A4446) Key Length: 128, 256 | KTS-Wrap | Security Strength:Provides between 128 and 256 bits of encryption strength | ||
| KTS (SSHv2 with AES and HMAC) | KTS via SSHv2 service by using AES and HMAC | AES-CBC: (A4446) Key Length: 128, 256 HMAC-SHA-1: (A4446) HMAC-SHA2- 256: (A4446) SHA-1: (A4446) SHA2-256: (A4446) | KTS-Wrap | Security Strength:Provides between 128 and 256 bits of encryption strength | ||
| KTS (SSHv2 with AES-GCM) | KTS via SSHv2 service by using AES-GCM | AES-GCM: (A4446) Key Length: 128, 256 | KTS-Wrap | Security Strength:Provides between 128 and 256 bits of encryption strength | ||
| RSA KeyGen (SSHv2, TLSv1.2, IKEv2) | RSA KeyGen for SSHv2, TLSv1.2, and IKEv2 services | RSA KeyGen (FIPS186-4): (A4446) Counter DRBG: (A4446) Hash DRBG: (DRBG 819) CKG: () | AsymKeyPair- KeyGen CKG | |||
| ECDSA KeyGen (SSHv2, TLSv1.2 and IKEv2) | ECDSA KeyGen for TLSv1.2 and IKEv2 services | ECDSA KeyGen (FIPS186-4): (A4446) Counter DRBG: (A4446) Hash DRBG: (DRBG 819) CKG: () | AsymKeyPair- KeyGen CKG | |||
| RSA SigGen (SSHv2, TLSv1.2, IKEv2) | RSA SigGen for SSHv2, TLSv1.2, and IKEv2 services | RSA SigGen (FIPS186-4): (A4446) | DigSig-SigGen | |||
| ECDSA SigGen (SSHv2, TLSv1.2 and IKEv2) | ECDSA SigGen for TLSv1.2, and IKEv2 services | ECDSA SigGen (FIPS186-4): (A4446) | DigSig-SigGen |
Vendor-Affirmed Algorithms: Table 6: Vendor-Affirmed Algorithms Non-Approved, Allowed Algorithms: N/A for this module. Non-Approved, Allowed Algorithms with No Security Claimed: N/A for this module. Non-Approved, Not Allowed Algorithms: N/A for this module.
KAS-ECCKeyGen KAS-FFCKeyGen KAS-ECCKeyGen © 2021-2025 Cisco Systems, Inc. Groups: modp2048, modp3072, modp4096
KAS-FFCKeyGen © 2021-2025 Cisco Systems, Inc. Groups: modp2048, modp3072, modp4096 Groups:: modp2048, modp3072, modp4096
© 2021-2025 Cisco Systems, Inc. Groups: modpstrength 2048, modp3072, modp4096
AsymKeyPairKeyGen AsymKeyPairKeyGen © 2021-2025 Cisco Systems, Inc.
| Name | Description | Approved Functions | Type |
|---|---|---|---|
| RSA SigVer (SSHv2, TLSv1.2, and IKEv2) | RSA SigVer for SSHv2, TLSv1.2, and IKEv2 services | RSA SigVer (FIPS186-4): (A4446) | DigSig-SigVer |
| ECDSA SigVer (SSHv2, TLSv1.2, and IKEv2) | ECDSA SigVer for TLSv1.2 and IKEv2 services | ECDSA SigVer (FIPS186-4): (A4446) | DigSig-SigVer |
| Block Cipher (SSHv2) | Block Cipher for SSHv2 service | AES-CBC: (A4446) Key Length: 128, 256 AES-GCM: (A4446) Key Length: 128, 256 | BC-Auth BC-UnAuth |
| Block Cipher (TLSv1.2) | Block Cipher for TLSv1.2 service | AES-GCM: (A4446) Key Length: 128, 256 AES-CBC: (A4446) Key Length: 128, 256 | BC-Auth BC-UnAuth |
| Block Cipher (IPSec/IKE) | Block Cipher for IPSec/IKEv2 service | AES-CBC: (A4446, AES 3301) AES-GCM: (A4446, AES 3301) | BC-Auth BC-UnAuth |
| Block Cipher (SNMPv3) | Block Cipher for SNMPv3 service | AES-CBC: (A4446) KDF SNMP: (A4446) | BC-UnAuth |
| MAC (SSHv2) | MAC for SSHv2 service | HMAC-SHA-1: (A4446) HMAC-SHA2- 256: (A4446) SHA-1: (A4446) SHA2-256: (A4446) | MAC |
| MAC (TLSv1.2) | Message Authentication for TLSv1.2 services | HMAC-SHA-1: (A4446) HMAC-SHA2- 256: (A4446) HMAC-SHA2- 384: (A4446) SHA-1: (A4446) SHA2-256: | MAC |
| MAC (IPSec/IKEv2) | Message Authentication for IPSec/IKEv2 services | HMAC-SHA2- 256: (A4446, HMAC 2095) HMAC-SHA2- 384: (A4446, HMAC 2095) HMAC-SHA2- 512: (A4446, HMAC 2095) SHA2-256: (A4446, SHS 2737) SHA2-384: (A4446, SHS 2737) SHA2-512: (A4446, SHS 2737) HMAC-SHA-1: (HMAC 2095) SHA-1: (SHS 2737) | MAC |
| MAC (SNMPv3) | Message Authentication for SNMPv3 service | HMAC-SHA-1: (A4446) SHA-1: (A4446) KDF SNMP: (A4446) HMAC-SHA2- 256: (A4446) HMAC-SHA2- 384: (A4446) SHA2-256: (A4446) SHA2-384: (A4446) HMAC-SHA2- 224: (A4446) SHA2-224: (A4446) | MAC |
| Firmware Load Test | MAC for firmware load test | HMAC-SHA2- 512: (A4446) | MAC |
Table 7: Security Function Implementations © 2021-2025 Cisco Systems, Inc.
| Name | Type | Strength | Operational Environment | Conditioning Component | |
|---|---|---|---|---|---|
| Cisco Jitter Entropy Source | Non- Physical | 256 bits | Intel Xeon D-1526 (Broadwell), Intel Xeon D-1528 (Broadwell), Intel Xeon D-1548 (Broadwell), Intel Xeon D-1577(Broadwell) | Full Entropy | A2810 (SHA3- 256) |
| Cert | Vendor Name | |
|---|---|---|
| Number | ||
| E3 | Cisco Systems, Inc. |
Table 8: Entropy Certificates NonPhysical Table 9: Entropy Sources A2810 (SHA3256) The module implements two approved DRBGs based on SP800-90Arev1, including CRT_DRBG with Algo Cert. #A4446, and HASH_DRBG with DRBG Algo Cert. #819.
Those two DRBGs are used internally by the module (e.g. to generate symmetric keys, seeds for asymmetric key pairs, and random numbers for security functions). Each DRBG is seeded by the entropy source described in the table above. The CTR_DRBG (AES-128/192/256) enables Derivation Function capability, and the HASH_DRBG (SHA2-512) doesn’t support Prediction Resistance. Each DRBG is instantiated with a 384-bits long entropy input (corresponding to 384 bits of entropy) and provides at least 256 bits security strength for the cryptographic keys generation while in the approved mode. The Cisco JENT entropy source implementation generates an output that is considered to have full entropy. More information can be found in the public use document for ESV cert #E3.
The module generates RSA, ECDSA, ECDH, and DH asymmetric key pairs compliant with FIPS 186-4, using a NIST SP 800-90Arev1 DRBG for random number generation. In accordance with FIPS 140-3 IG D.H, the cryptographic module performs CKG for asymmetric keys as per section
5.1 of NIST SP 800-133rev2 (vendor affirmed) by obtaining a random bit string directly from an
approved DRBG. The random bit string supports the required security strength requested by the calling application (without any V, as described in Additional Comments 2 of IG D.H.).
The module provides the following key/SSP establishment services in the approved mode of operation:
o SSH (RFC 4419): MODP-2048 (ID =
| Name | Physical Port | Logical Interface | Data That Passes |
|---|---|---|---|
| Ethernet Port, SFP (1G) port, SFP+ (10G) port, and Console Port | Ethernet Port, SFP (1G) port, SFP+ (10G) port, and Console Port | Data Input | Data input into the module for all the services defined in Approved Services Table, including TLSv1.2, SSHv2, SNMPv3 and IPsec/IKEv2 service data. |
| Ethernet Port, SFP (1G) port, SFP+ (10G) port and Console Port | Ethernet Port, SFP (1G) port, SFP+ (10G) port and Console Port | Data Output | Data output from the module for all the services defined in Approved Services Table, including TLSv1.2, SSHv2, SNMPv3 and IPsec/IKEv2 service data. |
| Ethernet Port, SFP (1G) port, SFP+ (10G) port, Console Port and RESET | Ethernet Port, SFP (1G) port, SFP+ (10G) port, Console Port and RESET | Control Input | Control Data input into the module for all the services defined in Approved Services Table, including TLSv1.2, SSHv2, SNMPv3 and IPsec/IKEv2 service data. |
| Ethernet Port, SFP (1G) port, SFP+ (10G) port, Console Port and LEDs | Ethernet Port, SFP (1G) port, SFP+ (10G) port, Console Port and LEDs | Status Output | Status Information output from the module. |
| N/A | N/A | Control Output | N/A |
| Power | Power | Power | Provide the Power Supply to the module. |
The module supports SSHv2, TLS v1.2, SNMPv3 and IPsec/IKEv2 industrial protocols. Please refer to SSPs Table for more information. No parts of IPSec/IKEv2, SNMPv3, SSH and TLS protocols, other than the KDFs, have been tested by the CAVP and CMVP.
N/A Table 10: Ports and Interfaces N/A The module’s physical perimeter encompasses the case of the tested platform mentioned in Table 2. The module provides physical ports which are mapped to logical interfaces provided © 2021-2025 Cisco Systems, Inc.
| Name | Description | Strength | Strength per Minute | |
|---|---|---|---|---|
| Password | The minimum length is eight (8) characters (94 possible characters). The configuration supports at most ten failed attempts to authenticate in a one- minute period. | The probability that a random attempt will succeed or a false acceptance will occur is 1/(94^8) which is less than 1/1,000,000. | Password Based | The probability of successfully authenticating to the module within one minute is 10/(94^8), which is less than 1/100,000. |
| RSA- Based Certificate | The modules support RSA public-key based authentication mechanism using a minimum of RSA 2048 bits, which provides 112 bits of security strength. The probability that a random attempt will succeed is 1/(2^112) which is less than 1/1,000,000. For multiple attacks during a one-minute period, as the module at its highest can support at most 17,000 new sessions per second to authenticate in a one- minute period, the probability of successfully authenticating to the module within a one minute period is 17,000 * 60 = 1,020,000/(2^112), which is less than 1/100,000. | The probability that a random attempt will succeed is 1/(2^112). Please refer to Description section in this table for more details | RSA SigVer (FIPS186-4) (A4446) | the probability of successfully authenticating to the module within a one minute period is 17,000 * 60 = 1,020,000/(2^112). Please refer to Description section in this table for more details |
| ECDSA- Based Certificate | The modules support ECDSA public-key based authentication mechanism using a | The probability that a random attempt will succeed is | ECDSA SigVer (FIPS186-4) (A4446) | the probability of successfully authenticating to the module within a one |
RSABased ECDSABased © 2021-2025 Cisco Systems, Inc.
| Name | Role Access | Type | |
|---|---|---|---|
| Crypto Officer | CO | Identity | Password RSA-Based Certificate ECDSA-Based Certificate |
| User | User | Identity | Password RSA-Based Certificate ECDSA-Based Certificate |
| Method | Description | Security | Strength | Strength per Minute | |
|---|---|---|---|---|---|
| Name | Mechanism | Each Attempt | |||
| minimum of curve P- 256, which provides 128 bits of security strength. The probability that a random attempt will succeed is 1/(2^128) which is less than 1/1,000,000. For multiple attacks during a one-minute period, as the module at its highest can support at most 17,000 new sessions per second to authenticate in a one- minute period, the probability of successfully authenticating to the module within a one minute period is 17,000 * 60 = 1,020,000/(2^128), which is less than 1/100,000. | 1/(2^128) which is less than 1/1,000,000. Please refer to Description section in this table for more details | minute period is 17,000 * 60 = 1,020,000/(2^128). Please refer to Description section in this table for more details |
and the User role. The module also allows the concurrent operators.
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Show Status | Provide Module's current status (return codes and/or syslog messages) | Crypto Officer User | None | Global Indicator or Syslog Message | Command used to show Module's Status | Module's Operationa l Status |
| Show Version | Provide Module's name and version information | Crypto Officer User | None | Console Message | Command to show version | Module's ID and versioning information |
| Perform Self-Tests | Reload the module to perform Self-Tests (Pre- operational self-test and Conditional Self-Tests) | Crypto Officer User Unauthentic ated | None | Global Indicator or syslog message | Command to trigger reload or Removal and reconnecti on of power supply | Status of the self- tests results |
| Perform Zeroization | Perform Zeroization | Crypto Officer - DRBG Entropy Input: Z - DRBG Seed: Z - DRBG Internal State (V, Key): Z - DRBG Internal State (V, C): Z - User Password: Z - Crypto Officer Password: Z - RADIUS Secret: Z - TACACS+ Secret: Z | None | Syslog message | Command to zeroize the module | Status of the SSPs zeroization |
n (Preoperational the selftests Z © 2021-2025 Cisco Systems, Inc.
| Name | Descriptio | Security |
|---|---|---|
| n | n | Functions |
| n | n | Functions |
| n | n | Functions |
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Configure Network | Sets configurati on of the systems | Crypto Officer | None | None | Command s to configure the network | Status of the completion of network configurati on status |
| Crypto Officer Authenticat ion | CO Role Authenticat ion | Crypto Officer - Crypto Officer Password: W,Z | None | N/A | CO Authenticat ion Request | Status of the CO authenticat ion |
| User Authenticat ion | User Role Authenticat ion | User - User Password: W,Z | None | N/A | User role authenticat ion request | Status of the User role authenticat ion |
| Configure Bypass Capability | Sets the Bypass capability | Crypto Officer | None | None | CLI Bypass commands | Status of the completion of Bypass capability configurati on |
| Configure SSHv2 Function | Configure SSHv2 Function | Crypto Officer - SSH DH Private Key: W,E - SSH DH Public Key: | KAS-ECC- KeyGen (SSHv2) KAS-FFC- KeyGen (SSHv2) KAS-ECC | Global Indicator and SSHv2 configurat ion success | Command s to configure SSHv2 | Status of the completion of the SSHv2 configurati on |
n N/A N/A © 2021-2025 Cisco Systems, Inc. Z W,Z W,Z KAS-ECCKeyGen KAS-FFCKeyGen W,E
| Name | Csps Accessed | Indicator | Descriptio | Security | |
|---|---|---|---|---|---|
| n | n | Functions | |||
| status message | W,E - SSH Peer DH Public Key: W,E - SSH DH Shared Secret: W,E - SSH ECDH Private Key: W,E - SSH ECDH Public Key: W,E - SSH Peer ECDH Public Key: W,E - SSH ECDH Shared Secret: W,E - SSH RSA Private Key: W,E - SSH RSA Public Key: W,E - SSH ECDSA Private Key: W,E - SSH ECDSA Public Key: W,E - SSH Session Encryption Key: W,E - SSH Session Authenticatio n Key: W,E - DRBG Entropy Input: W,E - DRBG Seed: W,E - DRBG Internal | status message | (SSHv2) KAS-FFC (SSHv2) KTS (SSHv2 with AES and HMAC) KTS (SSHv2 with AES- GCM) RSA KeyGen (SSHv2, TLSv1.2, IKEv2) ECDSA KeyGen (SSHv2, TLSv1.2 and IKEv2) RSA SigGen (SSHv2, TLSv1.2, IKEv2) ECDSA SigGen (SSHv2, TLSv1.2 and IKEv2) RSA SigVer (SSHv2, TLSv1.2, and IKEv2) ECDSA SigVer (SSHv2, TLSv1.2, and IKEv2) Block Cipher (SSHv2) MAC (SSHv2) |
n © 2021-2025 Cisco Systems, Inc. with AESGCM) W,E W,E W,E W,E W,E W,E W,E W,E
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Configure HTTPS over TLSv1.2 Function | Configure HTTPS over TLSv1.2 Function | Crypto Officer - TLS DH Private Key: W,E - TLS DH Public Key: W,E - TLS Peer DH Public Key: W,E - TLS DH Shared Secret: W,E - TLS ECDH Private Key: W,E - TLS ECDH Public Key: W,E - TLS Peer ECDH Public Key: W,E - TLS ECDH Shared Secret: W,E - TLS ECDSA Private Key: W,E - TLS ECDSA Public Key: W,E - TLS RSA Private Key: W,E - TLS RSA | KAS-ECC- KeyGen (TLSv1.2) KAS-FFC- KeyGen (TLSv1.2) KAS-ECC (TLSv1.2) KAS-FFC (TLSv1.2) KTS (TLSv1.2 with AES and HMAC) KTS (TLSv1.2 with AES- GCM) RSA KeyGen (SSHv2, TLSv1.2, IKEv2) ECDSA KeyGen (SSHv2, TLSv1.2 and IKEv2) RSA SigGen (SSHv2, TLSv1.2, IKEv2) ECDSA SigGen (SSHv2, TLSv1.2 and IKEv2) | Global Indicator and HTTPS over TLSv1.2 configurat ion success status message | Command s to configure TLSv1.2 | Status of the completion of TLSv1.2 configurati on |
| RSA SigVer (SSHv2, TLSv1.2, and IKEv2) ECDSA SigVer (SSHv2, TLSv1.2, and IKEv2) Block Cipher (TLSv1.2) MAC (TLSv1.2) | Public Key: W,E - TLS Master Secret: W,E - TLS Session Encryption Key: W,E - TLS Session Authenticatio n Key: W,E - DRBG Entropy Input: W,E - DRBG Seed: W,E - DRBG Internal State (V, Key): W,E - DRBG Internal State (V, C): W,E | RSA SigVer (SSHv2, TLSv1.2, and IKEv2) ECDSA SigVer (SSHv2, TLSv1.2, and IKEv2) Block Cipher (TLSv1.2) MAC (TLSv1.2) | ||||
| Configure IPsec/IKEv 2 Function | Configure IPSec/IKEv 2 Function | Crypto Officer - IPSec/IKE DH Private Key: W,E - IPSec/IKE DH Public Key: W,E - IPSec/IKE Peer DH Public Key: W,E - IPSec/IKE DH Shared Secret: W,E - IPSec/IKE ECDH Private Key: W,E - IPSec/IKE ECDH Public Key: W,E - IPSec/IKE | KAS-ECC- KeyGen (IKEv2) KAS-FFC- KeyGen (IKEv2) KAS-ECC (IKEv2) KAS-FFC (IKEv2) RSA KeyGen (SSHv2, TLSv1.2, IKEv2) ECDSA KeyGen (SSHv2, TLSv1.2 and IKEv2) RSA SigGen (SSHv2, TLSv1.2, | Global Indicator with IPsec/IKE v2 configurat ion success status message | Command s to configure IPsec/IKEv 2 | Status of the completion of IPsec/IKEv 2 configurati on |
n © 2021-2025 Cisco Systems, Inc. KAS-ECCKeyGen KAS-FFCKeyGen with AESGCM) W,E W,E W,E W,E W,E W,E W,E W,E W,E
n © 2021-2025 Cisco Systems, Inc. KAS-ECCKeyGen KAS-FFCKeyGen W,E W,E W,E W,E W,E
| Name | Csps Accessed | Descriptio | Security | |
|---|---|---|---|---|
| n | n | Functions | ||
| IKEv2) ECDSA SigGen (SSHv2, TLSv1.2 and IKEv2) RSA SigVer (SSHv2, TLSv1.2, and IKEv2) ECDSA SigVer (SSHv2, TLSv1.2, and IKEv2) Block Cipher (IPSec/IKE ) MAC (IPSec/IKE v2) | Peer ECDH Public Key: W,E - IPSec/IKE ECDH Shared Secret: W,E - IPSec/IKE ECDSA Private Key: W,E - IPSec/IKE ECDSA Public Key: W,E - IPSec/IKE RSA Private Key: W,E - IPSec/IKE RSA Public Key: W,E - IPSec/IKE Pre-shared Secret: W,E - SKEYSEED: W,E - IPSec/IKE Session Encryption Key: W,E - IPSec/IKE Authenticatio n Key: W,E - DRBG Entropy Input: W,E - DRBG Seed: W,E - DRBG Internal State (V, Key): W,E - DRBG Internal State (V, C): W,E | IKEv2) ECDSA SigGen (SSHv2, TLSv1.2 and IKEv2) RSA SigVer (SSHv2, TLSv1.2, and IKEv2) ECDSA SigVer (SSHv2, TLSv1.2, and IKEv2) Block Cipher (IPSec/IKE ) MAC (IPSec/IKE v2) |
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Run SSHv2 Function | Execute SSHv2 Function | Crypto Officer - SSH DH Public Key: W,E - SSH Peer DH Public Key: W,E - SSH DH Shared Secret: W,E - SSH ECDH Private Key: W,E - SSH ECDH Public Key: W,E - SSH Peer ECDH Public Key: W,E - SSH ECDH Shared Secret: W,E - SSH RSA Private Key: W,E - SSH RSA Public Key: W,E - SSH ECDSA Private Key: W,E - SSH ECDSA Public Key: W,E - SSH Session Encryption Key: W,E - SSH Session Authenticatio n Key: W,E - DRBG Entropy Input: W,E | KAS-ECC- KeyGen (SSHv2) KAS-FFC- KeyGen (SSHv2) KAS-ECC (SSHv2) KAS-FFC (SSHv2) KTS (SSHv2 with AES and HMAC) KTS (SSHv2 with AES- GCM) RSA KeyGen (SSHv2, TLSv1.2, IKEv2) ECDSA KeyGen (SSHv2, TLSv1.2 and IKEv2) RSA SigGen (SSHv2, TLSv1.2, IKEv2) ECDSA SigGen (SSHv2, TLSv1.2 and IKEv2) RSA SigVer (SSHv2, TLSv1.2, and IKEv2) ECDSA SigVer (SSHv2, TLSv1.2, and IKEv2) | Global Indicator and successfu l SSHv2 log message | Initiate SSHv2 tunnel establishm ent | Status of SSHv2 tunnel establishm ent |
n © 2021-2025 Cisco Systems, Inc. KAS-ECCKeyGen KAS-FFCKeyGen with AESGCM) W,E W,E W,E W,E W,E W,E W,E W,E
| Name | Csps Accessed | Descriptio | Security | |
|---|---|---|---|---|
| n | n | Functions | ||
| Block Cipher (SSHv2) MAC (SSHv2) | - DRBG Seed: W,E - DRBG Internal State (V, Key): W,E - DRBG Internal State (V, C): W,E - RADIUS Secret: R,E - TACACS+ Secret: R,E User - SSH DH Private Key: W,E - SSH DH Public Key: W,E - SSH Peer DH Public Key: W,E - SSH DH Shared Secret: W,E - SSH ECDH Private Key: W,E - SSH ECDH Public Key: W,E - SSH Peer ECDH Public Key: W,E - SSH ECDH Shared Secret: W,E - SSH RSA Private Key: W,E - SSH RSA Public Key: W,E - SSH ECDSA Private Key: | Block Cipher (SSHv2) MAC (SSHv2) |
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Run HTTPS over TLSv1.2 Function | Execute HTTPS over TLSv1.2 function | Crypto Officer - TLS DH Private Key: W,E - TLS DH Public Key: W,E - TLS Peer DH Public Key: W,E - TLS DH Shared Secret: W,E - TLS ECDH Private Key: W,E - TLS ECDH Public Key: | KAS-ECC- KeyGen (TLSv1.2) KAS-FFC- KeyGen (TLSv1.2) KAS-ECC (TLSv1.2) KAS-FFC (TLSv1.2) KTS (TLSv1.2 with AES and HMAC) KTS (TLSv1.2 with AES- GCM) | Global Indicator and successfu l HTTPS over TLSv1.2 log message | Initiate TLSv1.2 tunnel establishm ent request | Status of TLSv1.2 tunnel establishm ent |
n © 2021-2025 Cisco Systems, Inc. KAS-ECCKeyGen KAS-FFCKeyGen with AESGCM) W,E W,E W,E W,E W,E W,E
| Name | Csps Accessed | Descriptio | Security | |
|---|---|---|---|---|
| n | n | Functions | ||
| RSA KeyGen (SSHv2, TLSv1.2, IKEv2) ECDSA KeyGen (SSHv2, TLSv1.2 and IKEv2) RSA SigGen (SSHv2, TLSv1.2, IKEv2) ECDSA SigGen (SSHv2, TLSv1.2 and IKEv2) RSA SigVer (SSHv2, TLSv1.2, and IKEv2) ECDSA SigVer (SSHv2, TLSv1.2, and IKEv2) Block Cipher (TLSv1.2) MAC (TLSv1.2) | W,E - TLS Peer ECDH Public Key: W,E - TLS ECDH Shared Secret: W,E - TLS ECDSA Private Key: W,E - TLS ECDSA Public Key: W,E - TLS RSA Private Key: W,E - TLS RSA Public Key: W,E - TLS Master Secret: W,E - TLS Session Encryption Key: W,E - TLS Session Authenticatio n Key: W,E - DRBG Entropy Input: W,E - DRBG Seed: W,E - DRBG Internal State (V, Key): W,E - DRBG Internal State (V, C): W,E User - TLS DH Private Key: W,E | RSA KeyGen (SSHv2, TLSv1.2, IKEv2) ECDSA KeyGen (SSHv2, TLSv1.2 and IKEv2) RSA SigGen (SSHv2, TLSv1.2, IKEv2) ECDSA SigGen (SSHv2, TLSv1.2 and IKEv2) RSA SigVer (SSHv2, TLSv1.2, and IKEv2) ECDSA SigVer (SSHv2, TLSv1.2, and IKEv2) Block Cipher (TLSv1.2) MAC (TLSv1.2) |
| Name | Descriptio | Security |
|---|---|---|
| n | n | Functions |
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Run IPSec/IKEv 2 Function | Execute IPsec/IKEv 2 Function | Crypto Officer - IPSec/IKE DH Private Key: W,E - IPSec/IKE DH Public Key: W,E - IPSec/IKE Peer DH Public Key: W,E - IPSec/IKE DH Shared Secret: W,E - IPSec/IKE ECDH Private Key: W,E - IPSec/IKE ECDH Public Key: W,E - IPSec/IKE Peer ECDH Public Key: W,E - IPSec/IKE ECDH Shared Secret: W,E - IPSec/IKE ECDSA Private Key: W,E - IPSec/IKE ECDSA Public Key: W,E | KAS-ECC- KeyGen (IKEv2) KAS-FFC- KeyGen (IKEv2) KAS-ECC (IKEv2) KAS-FFC (IKEv2) RSA KeyGen (SSHv2, TLSv1.2, IKEv2) ECDSA KeyGen (SSHv2, TLSv1.2 and IKEv2) RSA SigGen (SSHv2, TLSv1.2, IKEv2) ECDSA SigGen (SSHv2, TLSv1.2 and IKEv2) RSA SigVer (SSHv2, TLSv1.2, and IKEv2) ECDSA SigVer (SSHv2, TLSv1.2, | Global Indicator and succesful IPsec/IKE v2 log message | Initiate IPsec/IKEv 2 tunnel establishm ent request | Status of IPSec/IKE v2 tunnel establishm ent |
n © 2021-2025 Cisco Systems, Inc. KAS-ECCKeyGen KAS-FFCKeyGen W,E W,E W,E W,E W,E W,E W,E
| Name | Csps Accessed | Descriptio | Security | |
|---|---|---|---|---|
| n | n | Functions | ||
| and IKEv2) Block Cipher (IPSec/IKE ) MAC (IPSec/IKE v2) | - IPSec/IKE RSA Private Key: W,E - IPSec/IKE RSA Public Key: W,E - IPSec/IKE Pre-shared Secret: W,E - SKEYSEED: W,E - IPSec/IKE Session Encryption Key: W,E - IPSec/IKE Authenticatio n Key: W,E - DRBG Entropy Input: W,E - DRBG Seed: W,E - DRBG Internal State (V, Key): W,E - DRBG Internal State (V, C): W,E User - IPSec/IKE DH Private Key: W,E - IPSec/IKE DH Public Key: W,E - IPSec/IKE Peer DH Public Key: W,E - IPSec/IKE DH Shared Secret: W,E - IPSec/IKE ECDH Private Key: | and IKEv2) Block Cipher (IPSec/IKE ) MAC (IPSec/IKE v2) |
| Name | Descriptio | Security |
|---|---|---|
| n | n | Functions |
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Configure SNMPv3 Function | Configure SNMPv3 Function | Crypto Officer - SNMPv3 Shared Secret: W,E - SNMPv3 Encryption Key: W,E - SNMPv3 Authenticatio n Key: W,E | Block Cipher (SNMPv3) MAC (SNMPv3) | Global Indicator and SNMPv3 configurat ion success status message | Command s to configure SNMPv3 | Status of the completion of SNMPv3 configurati on |
| Run SNMPv3 Function | Execute SNMPv3 Function | Crypto Officer User | Block Cipher (SNMPv3) MAC (SNMPv3) | Global Indicator and successfu l SNMPv3 log message | Initiate SNMPv3 tunnel establishm ent request | Status of SNMPv3 tunnel establishm ent |
| Firmware Update | Update the existing Firmware | Crypto Officer - Firmware Load Test Key: R | Firmware Load Test | Global indicator and successfu l Firmware Loading status message | Command s to load new firmware image | Outcome of the Firmware Update |
The module supports the firmware load test by using HMAC-SHA2-512 (HMAC Cert. #A4446) for the new validated firmware to be uploaded into the module. A Firmware Load Test Key was preloaded to the module’s binary at the factory and used for firmware load test. In order to complete firmware update service, the Crypto Officer must authenticate to the module before loading the firmware. This ensures that unauthorized access and use of the module is not © 2021-2025 Cisco Systems, Inc.
performed. The module will load the new update upon reboot. The update attempt will be rejected if the verification fails.
The module implements alternating Bypass service. Traffic output from the module’s data output interface can be cryptographically protected via IPSec/IKE VPN, or passed as plaintext (Bypass state), depending on the VPN tunnel establishment on the dedicated data output interface. The operator shall assume Crypto Officer role so as to configure IPSec/IKE VPN capability. If no IPSec/IKE VPN was configured, after running two independent internal actions, Module would enter the Bypass state. Before the module executes the Bypass service (sending out plaintext traffic via the data output interface), the module would conduct two independent internal actions to prevent the inadvertent bypass of plaintext data due to a single error. The Crypto Officer can use commands “show access-list” and “show crypto ipsec sa” to verify the module’s Bypass status. In Bypass tests fail, the module would enter an error state, and drop the traffic.
The module implements Self-initiated cryptographic output capability without external operator request. The Crypto Officer shall configure self-initiated cryptographic output capability. Prior to executing the self-initiated cryptographic output capability, the module conducts two independent internal actions to activate the capability to prevent the inadvertent output due to a single error.
The module supports Unauthenticated service, where the unauthenticated users can run the self-test service by power-cycling the module.
The module is provided in the form of binary executable code. To ensure firmware security, the module is protected by RSA 2048 bits with SHA2-512 (RSA Cert. #A4446) algorithm. A Firmware Integrity Test Key (non-SSP) was preloaded to the module’s binary at the factory and used for firmware integrity test only at the pre-operational self-test. The module uses the RSA
2048 bits modulus public key to verify the digital signature. If the firmware integrity test fails, the
module would enter to an Error state with all crypto functionality inhibited.
Integrity test is performed as part of the Pre-Operational Self-Tests. It is automatically executed at power-on. The operator can power-cycle or reboot the tested platform to initiate the firmware integrity test on-demand. © 2021-2025 Cisco Systems, Inc.
| Mechanism | Inspection | Inspection Guidance | |
|---|---|---|---|
| Frequency | |||
| Tamper labels (9) with Part number: AIR-AP-FIPSKIT= | Recommend 30 Days | Visible inspection of platform for residual evidence of tampering | |
| Opacity shield (1) with Part number: FPR-2100-FIPS-KIT= | Recommend 30 Days | Visible inspection of platform for evidence of tampering, removal or access |
Type of Operational Environment: Limited
Table 14: Mechanisms and Actions Required Step 1: Turn off and unplug the module. Step 2: Clean the chassis of any grease, dirt, oil or any other material other than the surface coating from manufacture before applying the tamper evident labels. Alcohol-based cleaning pads are recommended for this purpose. Step 3: Apply a label to cover the module as shown in the figures below. The tamper evident labels are produced from a special thin gauge vinyl with self-adhesive backing. Any attempt to open the module will damage the tamper evident labels or the material of the security appliance cover. Because the tamper evident labels have non-repeated serial numbers, they may be inspected for damage and compared against the applied serial numbers to verify that the security appliance has not been tampered with. Tamper evident labels can also be inspected for signs of tampering, which include the following: curled corners, rips, and slices. The word “FIPS” may appear if the label was peeled back.
Number: Nine (9) Placement: Figure 3 Module front view with opacity shield © 2021-2025 Cisco Systems, Inc.
Figure 4 FRP 2110/2120 back view TEL 1 Figure 5 FRP 2130/2140 back view TEL 1 TEL 6 TEL 2 TEL 4 TEL 1 TEL 5 TEL 6 TEL 3 Figure 6 FRP 2110/2120 top view with opacity shield © 2021-2025 Cisco Systems, Inc.
TEL 2 TEL 4 TEL 1 TEL 5 TEL 6 TEL 3 Figure 7 FRP 2130/2140 top view with opacity shield TEL 7 TEL 8 TEL 9 Figure 8 Module’s bottom view with opacity shield © 2021-2025 Cisco Systems, Inc.
TEL 6 TEL 2 Figure 9 Module’s left view with opacity shield TEL 3 Figure 10 Module’s right view with opacity shield Surface Preparation: Clean the chassis of any grease, dirt, or oil before applying the tamper evident labels. Alcohol-based cleaning pads are recommended for this purpose. Operator Responsible for Securing Unused Seals: It is recommended seals be stored in a secure location under controlled access Part Numbers: AIR-AP-FIPSKIT=
2110, 2120, 2130 and 2140 Opacity Shield FPR-2100-FIPS-KIT= Step 1: Attach the Slide Rail Locking Bracket, #2 in diagram to the Side of the Chassis using the countersink screws #3 in diagram. Step 2: Attach the Cable Management Bracket (#1) to the Slide Rail Locking Bracket (#2) using the countersink screws (#3) © 2021-2025 Cisco Systems, Inc.
Step 3: Route the Cables through the Cable Management Brackets Step 4: Attach the FIPS Opacity Shield (#1) to the Cable Management Brackets (#3) using the countersink screws (#2) © 2021-2025 Cisco Systems, Inc.
| Name | Type | Description |
|---|---|---|
| DRAM | Dynamic | Volatile Memory |
| Flash | Static | Non-Volatile Memory |
| Name | Approved Functions | Type | From | To | Distributio n Type |
|---|---|---|---|---|---|
| Peer Public Key Input | Electroni c | Plaintext | External (Outside of the Module's | Module | Automated |
Figure 11 Opacity Shield Brackets
| Name | Approved Functions | Type | From Boundary ) | To | Distributio n Type | Entry Type |
|---|---|---|---|---|---|---|
| Module Public Key Output | Plaintext | Module | External (Outside of the Module's Boundary ) | Automated | Electroni c | |
| Password/Secre t Input via SSHv2 encrypted by GCM | KTS (SSHv2 with AES- GCM) | Encrypte d | External (Outside of the Module's Boundary ) | Module | Automated | Electroni c |
| Password/Secre t Input via SSHv2 encrypted by AES and HMAC | KTS (SSHv2 with AES and HMAC) | Encrypte d | External (Outside of the Module's Boundary ) | Module | Automated | Electroni c |
| Password/Secre t Input via TLS encrypted by GCM | KTS (TLSv1.2 with AES- GCM) | Encrypte d | External (Outside of the Module's Boundary ) | Module | Automated | Electroni c |
| Password/Secre t Input via TLS encrypted by AES and HMAC | KTS (TLSv1.2 with AES and HMAC) | Encrypte d | External (Outside of the Module's Boundary ) | Module | Automated | Electroni c |
| Zeroization | Description | Rationale | Operator | ||
|---|---|---|---|---|---|
| Method | Initiation | ||||
| Zeroization Command | CO issues zeroization service | the zeroization command will erase all SSPs stored in the DRAM or in the Flash of the module. | 'configure factory-default' |
) ) ) ) ) m ) c d c with AESGCM) d c d c with AESGCM) d c Table 16: SSP Input-Output Methods
Table 17: SSP Zeroization Methods Please note that the Firmware Load Test Key is only used for Firmware Load Test Authentication and not subject to the zeroization requirement. © 2021-2025 Cisco Systems, Inc.
| Name | Type | Description | Strength | Use |
|---|---|---|---|---|
| DRBG Entropy Input | Entropy Input - CSP | Used to seed the DRBG | 384 bits - at least 256 bits | Counter DRBG (A4446) Hash DRBG (DRBG 819) |
| DRBG Seed | DRBG Seed - CSP | Used in DRBG Generation | 256 bits - 256 bits | Counter DRBG (A4446) Hash DRBG (DRBG 819) |
| DRBG Internal State (V, Key) | DRBG Internal State - CSP | Used in DRBG Generation | 256 bits - 256 bits | Counter DRBG (A4446) |
| DRBG Internal State (V, C) | DRBG Internal State - CSP | Used in DRBG Generation | 256 bits - 256 bits | Hash DRBG (DRBG 819) |
| User Password | Authenticati on Data - CSP | User authenticati on | 8-30 Characte rs - 8-30 Characte rs | |
| Crypto Officer Password | Authenticati on Data - CSP | Crypto Officer authenticati on | 8-30 Characte rs - 8-30 Characte rs | |
| RADIUS Secret | Authenticati on Data - CSP | RADIUS Server Authenticati on | 16 Characte rs - 16 Characte rs | |
| TACACS+ Secret | Authenticati on Data - CSP | TACACS+ Authenticati on | 16 Characte rs - 16 Characte rs | |
| Firmware Load Test Key | Public Key - CSP | Used for Firmware Load Test | 112 bits - 112 bits | Firmware Load Test |
| Name | Type | Description | Strength | Use | ||
|---|---|---|---|---|---|---|
| SSH DH Private Key | Private Key - CSP | Used to derive the SSH DH Shared Secret | MODP- 2048, MODP- 3072, MODP- 4096 - 112-152 bits | KAS-FFC- SSC Sp800- 56Ar3 (A4446) | KAS- FFC- KeyGen (SSHv2) | |
| SSH DH Public Key | Public Key - PSP | Used to derive SSH DH Shared Secret | MODP- 2048, MODP- 3072, MODP- 4096 - 112-152 bits | KAS-FFC- SSC Sp800- 56Ar3 (A4446) | Safe Primes Key Generatio n (A4446) | |
| SSH Peer DH Public Key | Public Key - PSP | Used to derive SSH DH Shared Secret | MODP- 2048, MODP- 3072, MODP- 4096 - 112-152 bits | KAS-FFC- SSC Sp800- 56Ar3 (A4446) | ||
| SSH DH Shared Secret | Shared Secret - CSP | Used to derive SSH Session Encryption Keys, SSH Session Authenticati on Keys | MODP- 2048, MODP- 3072, MODP- 4096 - 112-152 bits | KDF SSH (A4446) | KAS-FFC- SSC Sp800- 56Ar3 (A4446) | |
| SSH ECDH Private Key | Private Key - CSP | Used to derive the SSH ECDH Shared Secret | Curves: 256, 384, 521 bits - 128 to 256 bits | KAS-ECC- SSC Sp800- 56Ar3 (A4446) | KAS- ECC- KeyGen (SSHv2) | |
| SSH ECDH Public Key | Public Key - PSP | Used to derive SSH ECDHE Shared Secret | Curves: 256, 384, 521 bits - 128-256 bits | KAS-ECC- SSC Sp800- 56Ar3 (A4446) | ||
| SSH Peer ECDH Public Key | Public Key - PSP | Used to derive SSH DH Shared Secret | Curves: 256, 384, 521 bits - 128 to 256 bits | KAS-ECC- SSC Sp800- 56Ar3 (A4446) | ||
| SSH ECDH Shared Secret | Shared Secret - CSP | Used to derive SSH Session Encryption Keys, SSH Session Authenticati on Keys | Curves: 256, 384, 521 bits - 128 to 256 bits | KDF SSH (A4446) | KAS-ECC- SSC Sp800- 56Ar3 (A4446) | |
| SSH RSA Private Key | Private Key - CSP | Used for SSH session authenticati on | Modulus 2048 and 3072 bits - 112- 128 bits | RSA SigGen (FIPS186-4) (A4446) | RSA KeyGen (SSHv2, TLSv1.2, IKEv2) | |
| SSH RSA Public Key | Public Key - PSP | Used for SSH sessions aiuthenticati on | Modulus 2048 and 3072 bits - 112- 128 bits | RSA SigVer (FIPS186-4) (A4446) | RSA KeyGen (FIPS186- 4) (A4446) | |
| SSH ECDSA Private Key | Private Key - CSP | Used for SSH session authenticati on | Curves: 256, 384, 521 bits - 128 to 256 bits | ECDSA SigGen (FIPS186-4) (A4446) | ECDSA KeyGen (SSHv2, TLSv1.2 and IKEv2) | |
| SSH ECDSA Public Key | Public Key - PSP | Used for SSH sessions aiuthenticati on | Curves: 256, 384, 521 bits - 128 to 256 bits | ECDSA SigVer (FIPS186-4) (A4446) | ECDSA KeyGen (FIPS186- 4) (A4446) | |
| SSH Session Encryption Key | Session Key - CSP | Used for SSH Session confidentialit y protection | 128-256 bits - 128-256 bits | Block Cipher (SSHv2) | KDF SSH (A4446) | |
| SSH Session Authenticati on Key | Session Key - CSP | Used for SSH Session integrity protection | At least 160 bits - At least 160 bits | MAC (SSHv2) | KDF SSH (A4446) | |
| TLS DH Private Key | Private Key - CSP | Used to Derive TLS DH Shared Secret | ffdhe204 8, ffdhe307 2, ffdhe409 6 - 112- 152 bits | KAS-FFC- SSC Sp800- 56Ar3 (A4446) | KAS- FFC- KeyGen (TLSv1.2 ) | |
| TLS DH Public Key | Public Key - PSP | Used to Derive TLS | ffdhe204 8, | KAS-FFC- SSC | Safe Primes | |
| DH Shared Secret | DH Shared Secret | ffdhe307 2, ffdhe409 6 - 112- 152 bits | Sp800- 56Ar3 (A4446) | Key Generatio n (A4446) | ||
| TLS Peer DH Public Key | Public Key - PSP | Used to derive TLS DH Shared Secret | ffdhe204 8, ffdhe307 2, ffdhe409 6 - 112- 152 bits | KAS-FFC- SSC Sp800- 56Ar3 (A4446) | ||
| TLS DH Shared Secret | Shared Secret - CSP | Used to Derive TLS Session Encryption Key and TLS Session Authenticati on Key | ffdhe204 8, ffdhe307 2, ffdhe409 6 - 112- 152 bits | TLS v1.2 KDF RFC7627 (A4446) | KAS-FFC- SSC Sp800- 56Ar3 (A4446) | |
| TLS ECDH Private Key | Private Key - CSP | Used to Derive TLS ECDH Shared Secret | Curves P-256, P- 384, and P-521 - 128-256 bits | KAS-ECC- SSC Sp800- 56Ar3 (A4446) | KAS- ECC- KeyGen (TLSv1.2 ) | |
| TLS ECDH Public Key | Public Key - PSP | Used to Derive TS ECDH Shared Secret | Curves P-256, P- 384, and P-521 - 128-256 bits | KAS-ECC- SSC Sp800- 56Ar3 (A4446) | ||
| TLS Peer ECDH Public Key | Public Key - PSP | Used to derive IKE ECDH Shared Secret | Curves: P-256, P- 384, P- 521 - 128-256 bits | KAS-ECC- SSC Sp800- 56Ar3 (A4446) | ||
| TLS ECDH Shared Secret | Shared Secret - CSP | Used to Derive TLS Session Encryption Key and TLS Session Authenticati on Key | Curves p-256, P- 384, P- 521 - 128-256 bits | TLS v1.2 KDF RFC7627 (A4446) | KAS-ECC- SSC Sp800- 56Ar3 (A4446) | |
| TLS ECDSA Private Key | Private Key - CSP | Used to support CO and Admin HTTPS interfaces | Curves P-256, P- 384, P- 521 - 128-256 bits | ECDSA SigGen (FIPS186-4) (A4446) | ECDSA KeyGen (SSHv2, TLSv1.2 and IKEv2) | |
| TLS ECDSA Public Key | Public Key - PSP | Used to support CO and User HTTPS Interfaces | Curves P-256, P- 384, P- 521 - 128-256 bits | ECDSA SigVer (FIPS186-4) (A4446) | ECDSA KeyGen (FIPS186- 4) (A4446) | |
| TLS RSA Private Key | Private Key - CSP | Used to support CO and Admin HTTPS Interfaces | Modulus 2048 and 3072 bits - 112- 128 bits | RSA SigGen (FIPS186-4) (A4446) | RSA KeyGen (SSHv2, TLSv1.2, IKEv2) | |
| TLS RSA Public Key | Public Key - PSP | Used to support CO and User HTTPS interfaces | Modulus 2048 and 3072 bits - 112- 128 bits | RSA SigVer (FIPS186-4) (A4446) | RSA KeyGen (FIPS186- 4) (A4446) | |
| TLS Master Secret | Master Secret - CSP | Used to protect HTTPS Session. Pre-master secret | At least 112 bits - At least 112 bits | TLS v1.2 KDF RFC7627 (A4446) | ||
| TLS Session Encryption Key | Session Key - CSP | Used to protect HTTPS Session. TLS Master secret | 128-256 bits - 128-256 bits | Block Cipher (TLSv1.2) | TLS v1.2 KDF RFC7627 (A4446) | |
| TLS Session Authenticati on Key | Session Key - CSP | Used to protect HTTPS Session. TLS master secret | at least 112 bits - at least 112 bits | MAC (TLSv1.2) | TLS v1.2 KDF RFC7627 (A4446) | |
| IPSec/IKE DH Private Key | Private Key - CSP | Used to derive IPSec/IKE DH Shared Secret | MODP- 2048, MODP- 3072, MODP- 4096 - 112-152 bits | KAS-FFC- SSC Sp800- 56Ar3 (A4446) | KAS- FFC- KeyGen (IKEv2) | |
| IPSec/IKE DH Public Key | Public Key - PSP | Used to derive IPSec/IKE DH Shared Secret | MODP- 2048, MODP- 3072, MODP- 4096 - 112-152 bits | KAS-FFC- SSC Sp800- 56Ar3 (A4446) | Safe Primes Key Generatio n (A4446) | |
| IPSec/IKE Peer DH Public Key | Public Key - PSP | Used to derive IPSec/IKE DH Shared Secret | MODP- 2048, MODP- 3072, MODP- 4096 - 112-152 bits | KAS-FFC- SSC Sp800- 56Ar3 (A4446) | ||
| IPSec/IKE DH Shared Secret | Shared Secret - CSP | Used to derive IPSec/IKE Session Encryption Keys, IPSec/IKE Authenticati on Keys | MODP- 2048, MODP- 3072, MODP- 4096 - 112-152 bits | KDF IKEv2 (A4446) | KAS-FFC- SSC Sp800- 56Ar3 (A4446) | |
| IPSec/IKE ECDH Private Key | Private Key - CSP | Used to derive IPSec/IKE ECDH Shared Secrets | Curves P-256, P- 384, P- 521 - 128-256 bits | KAS-ECC- SSC Sp800- 56Ar3 (A4446) | KAS- ECC- KeyGen (IKEv2) | |
| IPSec/IKE ECDH Public Key | Public Key - PSP | Used to derive IPSec/IKE ECDH Shared Secrets | Curves P-256, P- 384, P- 521 - 128-256 bits | KAS-ECC- SSC Sp800- 56Ar3 (A4446) | ||
| IPSec/IKE Peer ECDH Public Key | Public Key - PSP | Used to derive IPSec/IKE ECDH Shared Secrets | Curves P-256, P- 384, P- 521 - 128-256 bits | KAS-ECC- SSC Sp800- 56Ar3 (A4446) | ||
| IPSec/IKE ECDH Shared Secret | Shared Secret - CSP | Used to derive IPSec/IKE ECDH | Curves P-256, P- 384, P- 521 - | KDF IKEv2 (A4446) | KAS-ECC- SSC Sp800- 56Ar3 (A4446) | |
| Shared Secrets | Shared Secrets | 128-256 bits | ||||
| IPSec/IKE ECDSA Private Key | Private Key - CSP | Used for IPSec/IKE peer authenticati on | Curves P-256, P- 384, P- 521 - 128-256 bits | ECDSA SigGen (FIPS186-4) (A4446) | ECDSA KeyGen (SSHv2, TLSv1.2 and IKEv2) | |
| IPSec/IKE ECDSA Public Key | Public Key - PSP | Used for IPSec/IKE peer authenticati on | Curves P-256, P- 384, P- 521 - 128-256 bits | ECDSA SigVer (FIPS186-4) (A4446) | ECDSA KeyGen (FIPS186- 4) (A4446) | |
| IPSec/IKE RSA Private Key | Private Key - CSP | Used for IPSec/IKE peer authenticati on | Modulus 2048 or 3072 - 112 or 128 bits | RSA SigGen (FIPS186-4) (A4446) | RSA KeyGen (SSHv2, TLSv1.2, IKEv2) | |
| IPSec/IKE RSA Public Key | Public Key - PSP | Used for IPSec/IKE peer authenticati on | Modulus 2048 or 3072 - 112 or 128 bits | RSA SigVer (FIPS186-4) (A4446) | RSA KeyGen (FIPS186- 4) (A4446) | |
| IPSec/IKE Pre-shared Secret | shared secret - CSP | Used for IPSec/IKE peer authenticati on | 16-32 bytes character s - 16-32 bytes character s | KDF IKEv2 (A4446) | ||
| SKEYSEED | Keying Material - CSP | Keying material used to derive the IPSec/IKE Session Encryption Key and IPSec/IKE Authenticati on Key | 160 bits - 160 bits | KDF IKEv2 (A4446) | ||
| IPSec/IKE Session Encryption Key | Session Key - CSP | Used to secure IPSec/IKEv2 session confidentialit y | 128-256 bits - 128-256 bits | Block Cipher (IPSec/IKE) | KDF IKEv2 (A4446) |
© 2021-2025 Cisco Systems, Inc. MODP2048, MODP3072, MODP2048, MODP3072, MODP2048, MODP3072, MODP2048, MODP3072, KASFFCKeyGen KAS-FFCSSC Sp80056Ar3 KAS-FFCSSC Sp80056Ar3 KAS-FFCSSC Sp80056Ar3 KAS-FFCSSC Sp80056Ar3 KASECCKeyGen KAS-ECCSSC Sp80056Ar3 KAS-ECCSSC Sp80056Ar3 KAS-ECCSSC Sp80056Ar3
© 2021-2025 Cisco Systems, Inc. - 112128 bits - 112128 bits KAS-ECCSSC Sp80056Ar3 (FIPS1864) (A4446) (FIPS1864) (A4446) 8, 2,
8, KASFFCKeyGen ) KAS-FFCSSC Sp80056Ar3 KAS-FFCSSC
P-256, P384, P521 128-256 p-256, P384, P521 128-256 Sp80056Ar3 KAS-FFCSSC Sp80056Ar3 KAS-FFCSSC Sp80056Ar3 KASECCKeyGen ) KAS-ECCSSC Sp80056Ar3 KAS-ECCSSC Sp80056Ar3 KAS-ECCSSC Sp80056Ar3 KAS-ECCSSC Sp80056Ar3
© 2021-2025 Cisco Systems, Inc. P-256, P384, P521 128-256 P-256, P384, P521 128-256 - 112128 bits - 112128 bits MODP2048, MODP3072, (FIPS1864) (A4446) (FIPS1864) (A4446) KASFFCKeyGen KAS-FFCSSC Sp80056Ar3
© 2021-2025 Cisco Systems, Inc. MODP2048, MODP3072, MODP2048, MODP3072, MODP2048, MODP3072, P-256, P384, P521 128-256 P-256, P384, P521 128-256 P-256, P384, P521 128-256 P-256, P384, P521 KAS-FFCSSC Sp80056Ar3 KAS-FFCSSC Sp80056Ar3 KAS-FFCSSC Sp80056Ar3 KASECCKeyGen KAS-ECCSSC Sp80056Ar3 KAS-ECCSSC Sp80056Ar3 KAS-ECCSSC Sp80056Ar3 KAS-ECCSSC Sp80056Ar3
y © 2021-2025 Cisco Systems, Inc. P-256, P384, P521 128-256 P-256, P384, P521 128-256 s (FIPS1864) (A4446) (FIPS1864) (A4446)
| Name | Type | Description | Strength | Generation | Storage | Zeroization | Use | Related SSPs | |
|---|---|---|---|---|---|---|---|---|---|
| IPSec/IKE Authenticati on Key | Session Key - CSP | Used to secure IPSec/IKEv2 session integrity | at least 160 bits - at least 160 bits | KDF IKEv2 (A4446) | MAC (IPSec/IKEv 2) | ||||
| SNMPv3 Shared Secret | Authenticati on Secret - CSP | Used for SNMPv3 user authenticati on | 8-32 character s - N/A | ||||||
| SNMPv3 Encryption Key | Encryption Key - CSP | Used to protect SNMPv3 traffic confidentialit y | 128 bits - 128 bits | KDF SNMP (A4446) | Block Cipher (SNMPv3) | ||||
| SNMPv3 Authenticati on Key | Authenticati on Key - CSP | Used to secure SNMPv3 traffic integrity | At least 112 bits - At least 112 bits | KDF SNMP (A4446) | MAC (SNMPv3) | ||||
| DRBG Entropy Input | DRAM:Plainte xt | Zeroizatio n Command | Until Reboot | DRBG Seed:Used With DRBG Internal State (V, Key):Used With DRBG Internal State (V, C):Used With | |||||
| DRBG Seed | DRAM:Plainte xt | Zeroizatio n Command | Until Reboot | DRBG Entropy Input:Used With DRBG Internal State (V, Key):Used With DRBG Internal State (V, C):Used With | |||||
| DRBG Internal State (V, Key) | DRAM:Plainte xt | Zeroizatio n Command | Until Reboot | DRBG Entropy Input:Used With DRBG Seed:Used With | |||||
| DRBG Internal State (V, C) | DRAM:Plainte xt | Zeroizatio n Command | Until Reboot | DRBG Entropy Input:Used With |
| Name | Type | Description | Strength | Generation | Storage | Zeroization | Use | Related SSPs | |
|---|---|---|---|---|---|---|---|---|---|
| IPSec/IKE Authenticati on Key | Session Key - CSP | Used to secure IPSec/IKEv2 session integrity | at least 160 bits - at least 160 bits | KDF IKEv2 (A4446) | MAC (IPSec/IKEv 2) | ||||
| SNMPv3 Shared Secret | Authenticati on Secret - CSP | Used for SNMPv3 user authenticati on | 8-32 character s - N/A | ||||||
| SNMPv3 Encryption Key | Encryption Key - CSP | Used to protect SNMPv3 traffic confidentialit y | 128 bits - 128 bits | KDF SNMP (A4446) | Block Cipher (SNMPv3) | ||||
| SNMPv3 Authenticati on Key | Authenticati on Key - CSP | Used to secure SNMPv3 traffic integrity | At least 112 bits - At least 112 bits | KDF SNMP (A4446) | MAC (SNMPv3) | ||||
| DRBG Entropy Input | DRAM:Plainte xt | Zeroizatio n Command | Until Reboot | DRBG Seed:Used With DRBG Internal State (V, Key):Used With DRBG Internal State (V, C):Used With | |||||
| DRBG Seed | DRAM:Plainte xt | Zeroizatio n Command | Until Reboot | DRBG Entropy Input:Used With DRBG Internal State (V, Key):Used With DRBG Internal State (V, C):Used With | |||||
| DRBG Internal State (V, Key) | DRAM:Plainte xt | Zeroizatio n Command | Until Reboot | DRBG Entropy Input:Used With DRBG Seed:Used With | |||||
| DRBG Internal State (V, C) | DRAM:Plainte xt | Zeroizatio n Command | Until Reboot | DRBG Entropy Input:Used With |
s - N/A y 2) Table 18: SSP Table 1 n n n © 2021-2025 Cisco Systems, Inc. n n
| Name | Storage | Zeroization | Input |
|---|---|---|---|
| User Password | Flash:Encrypt ed | Zeroizatio n Command | Password/Sec ret Input via TLS encrypted by GCM Password/Sec ret Input via TLS encrypted by AES and HMAC Password/Sec ret Input via SSHv2 encrypted by GCM Password/Sec ret Input via SSHv2 encrypted by AES and HMAC |
| Crypto Officer Password | Flash:Encrypt ed | Zeroizatio n Command | Password/Sec ret Input via TLS encrypted by GCM Password/Sec ret Input via TLS encrypted by AES and HMAC Password/Sec ret Input via SSHv2 encrypted by GCM Password/Sec ret Input via SSHv2 encrypted by AES and HMAC |
| RADIUS Secret | Flash:Encrypt ed | Zeroizatio n Command | Password/Sec ret Input via TLS encrypted by GCM Password/Sec ret Input via |
| Name | Storage | Zeroization | Input | Related SSPs | |
|---|---|---|---|---|---|
| TACACS+ Secret | Flash:Encrypt ed | Zeroizatio n Command | Password/Sec ret Input via TLS encrypted by GCM Password/Sec ret Input via TLS encrypted by AES and HMAC Password/Sec ret Input via SSHv2 encrypted by GCM Password/Sec ret Input via SSHv2 encrypted by AES and HMAC | ||
| Firmware Load Test Key | Flash:Plaintex t | N/A | |||
| SSH DH Private Key | DRAM:Plainte xt | Zeroizatio n Command | While SSH tunnel is on | SSH DH Public Key:Paired With SSH Peer DH Public Key:Used With | |
| SSH DH Public Key | DRAM:Plainte xt | Zeroizatio n Command | Module Public Key Output | While SSH tunnel is on | SSH DH Private Key:Paired With |
| SSH Peer DH Public Key | DRAM:Plainte xt | Zeroizatio n Command | Peer Public Key Input | While SSH tunnel is on | SSH DH Private Key:Used With |
| SSH DH Shared Secret | DRAM:Plainte xt | Zeroizatio n Command | While SSH tunnel is on | SSH DH Private Key:Derived From SSH DH Public Key:Derived From | |
| SSH ECDH Private Key | DRAM:Plainte xt | Zeroizatio n Command | While SSH tunnel is on | SSH ECDH Public Key:Paired With SSH Peer ECDH Public Key:Used With | |
| SSH ECDH Public Key | DRAM:Plainte xt | Zeroizatio n Command | Module Public Key Output | While SSH tunnel is on | SSH ECDH Private Key:Paired With |
| SSH Peer ECDH Public Key | DRAM:Plainte xt | Zeroizatio n Command | Peer Public Key Input | While SSH tunnel is on | SSH ECDH Private Key:Used With |
| SSH ECDH Shared Secret | DRAM:Plainte xt | Zeroizatio n Command | While SSH tunnel is on | SSH ECDH Private Key:Derived From SSH ECDH Public Key:Derived From | |
| SSH RSA Private Key | Flash:Plaintex t | Zeroizatio n Command | SSH RSA Public Key:Paired With | ||
| SSH RSA Public Key | Flash:Plaintex t | Zeroizatio n Command | Module Public Key Output | SSH RSA Private Key:Paired With | |
| SSH ECDSA Private Key | Flash:Plaintex t | Zeroizatio n Command | SSH ECDSA Public Key:Paired With | ||
| SSH ECDSA Public Key | Flash:Plaintex t | Zeroizatio n Command | Module Public Key Output | SSH ECDSA Private Key:Paired With | |
| SSH Session Encryption Key | DRAM:Plainte xt | Zeroizatio n Command | While SSH tunnel is on | SSH Session Authentication Key:Used With | |
| SSH Session Authenticati on Key | DRAM:Plainte xt | Zeroizatio n Command | While SSH tunnel is on | SSH Session Encryption Key:Used With | |
| TLS DH Private Key | DRAM:Plainte xt | Zeroizatio n Command | While TLS tunnel is on | TLS DH Public Key:Paired With TLS Peer DH Public Key:Used With | |
| TLS DH Public Key | DRAM:Plainte xt | Zeroizatio n Command | Module Public Key Output | While TLS tunnel is on | TLS DH Private Key:Paired With |
| TLS Peer DH Public Key | DRAM:Plainte xt | Zeroizatio n Command | Peer Public Key Input | while TLS tunnel is on | TLS DH Private Key:Used With |
| TLS DH Shared Secret | DRAM:Plainte xt | Zeroizatio n Command | While TLS tunnel is on | TLS ECDH Private Key:Derived From TLS Peer ECDH Public Key:Derived From | |
| TLS ECDH Private Key | DRAM:Plainte xt | Zeroizatio n Command | While TLS tunnel is on | TLS ECDH Public Key:Paired With TLS Peer ECDH Public Key:Used With | |
| TLS ECDH Public Key | DRAM:Plainte xt | Zeroizatio n Command | Module Public Key Output | While TLS tunnel is on | TLS ECDH Private Key:Paired With |
| TLS Peer ECDH Public Key | DRAM:Plainte xt | Zeroizatio n Command | Peer Public Key Input | while TLS tunnel is on | TLS ECDH Private Key:Used With |
| TLS ECDH Shared Secret | DRAM:Plainte xt | Zeroizatio n Command | While TLS tunnel is on | TLS ECDH Private Key:Derived From TLS Peer ECDH Public Key:Derived From | |
| TLS ECDSA Private Key | Flash:Plaintex t | Zeroizatio n Command | TLS ECDSA Public Key:Paired With | ||
| TLS ECDSA Public Key | Flash:Plaintex t | Zeroizatio n Command | Module Public Key Output | TLS ECDSA Private Key:Paired With | |
| TLS RSA Private Key | Flash:Plaintex t | Zeroizatio n Command | TLS RSA Public Key:Paired With | ||
| TLS RSA Public Key | Flash:Plaintex t | Zeroizatio n Command | Module Public Key Output | TLS RSA Private Key:Paired With | |
| TLS Master Secret | DRAM:Plainte xt | Zeroizatio n Command | While TLS tunnel is on | TLS ECDH Shared Secret:Derived From | |
| TLS Session | DRAM:Plainte xt | Zeroizatio n Command | While TLS tunnel is on | TLS Session Authentication Key:Used With | |
| TLS Session Authenticati on Key | DRAM:Plainte xt | Zeroizatio n Command | While TLS tunnel is on | TLS Session Encryption Key:Used With | |
| IPSec/IKE DH Private Key | DRAM:Plainte xt | Zeroizatio n Command | While IPSec/IKE v2 tunnel is on | IPSec/IKE DH Public Key:Paired With IPSec/IKE Peer DH Public Key:Used With | |
| IPSec/IKE DH Public Key | DRAM:Plainte xt | Zeroizatio n Command | Module Public Key Output | While IPSec/IKE v2 tunnel is on | IPSec/IKE DH Private Key:Paired With |
| IPSec/IKE Peer DH Public Key | DRAM:Plainte xt | Zeroizatio n Command | Peer Public Key Input | while IPSec/IKE tunnel is on | IPsec/IKE DH Private Key:Used With |
| IPSec/IKE DH Shared Secret | DRAM:Plainte xt | Zeroizatio n Command | While IPSec/IKE v2 tunnel is on | SKEYSEED:Used With | |
| IPSec/IKE ECDH Private Key | DRAM:Plainte xt | Zeroizatio n Command | While IPSec/IKE v2 tunnel is on | IPSec/IKE ECDH Public Key:Paired With IPSec/IKE Peer ECDH Public Key:Used With | |
| IPSec/IKE ECDH Public Key | DRAM:Plainte xt | Zeroizatio n Command | Module Public Key Output | While IPSec/IKE v2 tunnel is on | IPSec/IKE ECDH Private Key:Paired With |
| IPSec/IKE Peer ECDH Public Key | DRAM:Plainte xt | Zeroizatio n Command | Peer Public Key Input | While IPSec/IKE v2 tunnel is on | IPSec/IKE ECDH Private Key:Used With |
| IPSec/IKE ECDH Shared Secret | DRAM:Plainte xt | Zeroizatio n Command | While IPSec/IKE v2 tunnel is on | SKEYSEED:Used With | |
| IPSec/IKE ECDSA Private Key | Flash:Plaintex t | Zeroizatio n Command | IPSec/IKE ECDSA Public Key:Paired With | ||
| IPSec/IKE ECDSA Public Key | Flash:Plaintex t | Zeroizatio n Command | Module Public Key Output | IPSec/IKE ECDSA Private Key:Paired With | |
| IPSec/IKE RSA Private Key | Flash:Plaintex t | Zeroizatio n Command | IPSec/IKE RSA Public Key:Paired With | ||
| IPSec/IKE RSA Public Key | Flash:Plaintex t | Zeroizatio n Command | Module Public Key Output | IPSec/IKE RSA Private Key:Paired With | |
| IPSec/IKE Pre-shared Secret | Flash:Encrypt ed | Zeroizatio n Command | While IPSec/IKE v2 tunnel is on | SKEYSEED:Deriv ed to | |
| SKEYSEED | DRAM:Plainte xt | Zeroizatio n Command | While IPSec/IKE v2 tunnel is on | IPSec/IKE DH Shared Secret:Derived From IPSec/IKE ECDH Shared Secret:Derived From IPSec/IKE Pre- shared Secret:Derived From | |
| IPSec/IKE Session Encryption Key | DRAM:Plainte xt | Zeroizatio n Command | While IPSec/IKE v2 tunnel is on | IPSec/IKE DH Shared Secret:Derived From IPSec/IKE ECDH Shared Secret:Derived From | |
| IPSec/IKE Authenticati on Key | DRAM:Plainte xt | Zeroizatio n Command | While IPSec/IKE v2 tunnel is on | IPSec/IKE DH Shared Secret:Derived From IPSec/IKE ECDH Shared Secret:Derived From | |
| SNMPv3 Shared Secret | Flash:Encrypt ed | Zeroizatio n Command | Password/Sec ret Input via TLS encrypted by GCM Password/Sec ret Input via TLS encrypted by AES and HMAC Password/Sec | While SNMPv3 tunnel is on | SNMPv3 Encryption Key:Derive To SNMPv3 Authentication Key:Derive To |
| SNMPv3 Encryption Key | DRAM:Plainte xt | Zeroizatio n Command | While SNMPv3 tunnel is on | SNMPv3 Shared Secret:Derived From | |
| SNMPv3 Authenticati on Key | DRAM:Plainte xt | Zeroizatio n Command | While SNMPv3 tunnel is on | SNMPv3 Shared Secret:Derived From SNMPv3 Encryption Key:Used With |
| Name | Algorithm Or Test | Test Method | Test Type | Details | Test Properties | Indicator | Conditions | |
|---|---|---|---|---|---|---|---|---|
| RSA SigVer Firmware Integrity Test | RSA SigVer Firmware Integrity Test | KAT | SW/FW Integrity | RSA SigVer | RSA SigVer 2048 bits with SHA2-512 | Module is in normal state | ||
| Pre-Operational Bypass Test | Pre-Operational Bypass Test | N/A | Bypass | N/A | N/A | Module is in normal state | ||
| AES-CBC Encrypt KAT (A4446) | AES-CBC Encrypt KAT (A4446) | KAT | CAST | Encrypt | Module is in normal state | 256 bits | Power Up | |
| AES-CBC Decrypt KAT (A4446) | AES-CBC Decrypt KAT (A4446) | KAT | CAST | Decrypt | Module is in normal state | 256 bits | Power Up | |
| AES-GCM Authenticated Encrypt KAT (A4446) | AES-GCM Authenticated Encrypt KAT (A4446) | KAT | CAST | Authenticated Encrypt | Module is in normal state | 256 bits | Power Up | |
| AES-GCM Authenticated Decrypt KAT (A4446) | AES-GCM Authenticated Decrypt KAT (A4446) | KAT | CAST | Authenticated Decrypt | Module is in normal state | 256 bits | Power Up | |
| Counter DRBG Instantiate KAT (A4446) | Counter DRBG Instantiate KAT (A4446) | KAT | CAST | Instantiate KAT | Module is in normal state | AES-128 | Power Up | |
| Counter DRBG Generate KAT (A4446) | Counter DRBG Generate KAT (A4446) | KAT | CAST | Generate KAT | Module is in normal state | AES-128 | Power Up |
| Name | Algorithm Or Test | Test Method | Test Type | Details | Test Properties | Indicator | Conditions | |
|---|---|---|---|---|---|---|---|---|
| RSA SigVer Firmware Integrity Test | RSA SigVer Firmware Integrity Test | KAT | SW/FW Integrity | RSA SigVer | RSA SigVer 2048 bits with SHA2-512 | Module is in normal state | ||
| Pre-Operational Bypass Test | Pre-Operational Bypass Test | N/A | Bypass | N/A | N/A | Module is in normal state | ||
| AES-CBC Encrypt KAT (A4446) | AES-CBC Encrypt KAT (A4446) | KAT | CAST | Encrypt | Module is in normal state | 256 bits | Power Up | |
| AES-CBC Decrypt KAT (A4446) | AES-CBC Decrypt KAT (A4446) | KAT | CAST | Decrypt | Module is in normal state | 256 bits | Power Up | |
| AES-GCM Authenticated Encrypt KAT (A4446) | AES-GCM Authenticated Encrypt KAT (A4446) | KAT | CAST | Authenticated Encrypt | Module is in normal state | 256 bits | Power Up | |
| AES-GCM Authenticated Decrypt KAT (A4446) | AES-GCM Authenticated Decrypt KAT (A4446) | KAT | CAST | Authenticated Decrypt | Module is in normal state | 256 bits | Power Up | |
| Counter DRBG Instantiate KAT (A4446) | Counter DRBG Instantiate KAT (A4446) | KAT | CAST | Instantiate KAT | Module is in normal state | AES-128 | Power Up | |
| Counter DRBG Generate KAT (A4446) | Counter DRBG Generate KAT (A4446) | KAT | CAST | Generate KAT | Module is in normal state | AES-128 | Power Up | |
| Counter DRBG Reseed KAT (A4446) | Counter DRBG Reseed KAT (A4446) | KAT | CAST | Reseed KAT | Module is in normal state | AES-128 | Power Up | |
| ECDSA SigGen KAT (A4446) | ECDSA SigGen KAT (A4446) | KAT | CAST | ECDSA SigGen KAT | Module is in normal state | P-256 curve with SHA2-256 | Power Up | |
| ECDSA SigVer KAT (A4446) | ECDSA SigVer KAT (A4446) | KAT | CAST | ECDSA SigVer KAT | Module is in normal state | P-256 curve with SHA2-256 | Power Up | |
| HMAC-SHA-1 KAT (A4446) | HMAC-SHA-1 KAT (A4446) | KAT | CAST | HMAC-SHA-1 | Module is in normal state | SHA-1 | Power Up | |
| HMAC-SHA2- 256 KAT (A4446) | HMAC-SHA2- 256 KAT (A4446) | KAT | CAST | HMAC-SHA2- 256 | Module is in normal state | SHA2-256 | Power Up | |
| HMAC-SHA2- 384 KAT (A4446) | HMAC-SHA2- 384 KAT (A4446) | KAT | CAST | HMAC-SHA2- 384 | Module is in normal state | SHA2-384 | Power Up | |
| HMAC-SHA2- 512 KAT (A4446) | HMAC-SHA2- 512 KAT (A4446) | KAT | CAST | HMAC-SHA2- 512 | Module is in normal state | SHA2-512 | Power Up | |
| KAS-ECC- SSC Sp800- 56Ar3 KAT (A4446) | KAS-ECC- SSC Sp800- 56Ar3 KAT (A4446) | KAT | CAST | Primitive Z KAT | Module is in normal state | P-256 Curve | Power Up | |
| KAS-FFC- SSC Sp800- 56Ar3 KAT (A4446) | KAS-FFC- SSC Sp800- 56Ar3 KAT (A4446) | KAT | CAST | Primitive Z KAT | Module is in normal state | MODP- 2048 | Power Up | |
| RSA SigGen (FIPS186-4) KAT (A4446) | RSA SigGen (FIPS186-4) KAT (A4446) | KAT | CAST | RSA SigGen KAT | Module is in normal state | 2048 bit modulus with SHA2- 256 | Power Up | |
| RSA SigVer (FIPS186-4) KAT (A4446) | RSA SigVer (FIPS186-4) KAT (A4446) | KAT | CAST | RSA SigVer KAT | Module is in normal state | 2048 bit modulus with SHA2- 256 | Power Up | |
| KDF IKEv2 KAT (A4446) | KDF IKEv2 KAT (A4446) | KAT | CAST | N/A | Module is in normal state | N/A | Power Up | |
| KDF SNMP KAT (A4446) | KDF SNMP KAT (A4446) | KAT | CAST | N/A | Module is in normal state | N/A | Power Up | |
| KDF SSH KAT (A4446) | KDF SSH KAT (A4446) | KAT | CAST | N/A | Module is in normal state | N/A | Power Up | |
| TLS v1.2 KDF RFC7627 KAT (A4446) | TLS v1.2 KDF RFC7627 KAT (A4446) | KAT | CAST | N/A | Module is in normal state | N/A | Power Up | |
| SHA-1 KAT (A4446) | SHA-1 KAT (A4446) | KAT | CAST | N/A | Module is in normal state | N/A | Power Up | |
| AES-CBC Encrypt KAT (AES 3301) | AES-CBC Encrypt KAT (AES 3301) | KAT | CAST | Encrypt KAT | Module is in normal state | 128 bits | Power Up | |
| AES-CBC Decrypt KAT (AES 3301) | AES-CBC Decrypt KAT (AES 3301) | KAT | CAST | Decrypt KAT | Module is in normal state | 128 bits | Power Up | |
| AES-GCM Authenticated Encrypt KAT (AES 3301) | AES-GCM Authenticated Encrypt KAT (AES 3301) | KAT | CAST | Encrypt KAT | Module is in normal state | 128 bits | Power Up | |
| AES-GCM Authenticated Decrypt KAT (AES 3301) | AES-GCM Authenticated Decrypt KAT (AES 3301) | KAT | CAST | Decrypt KAT | Module is in normal state | 128 bits | Power Up | |
| Hash DRBG Instantiate KAT (DRBG 819) | Hash DRBG Instantiate KAT (DRBG 819) | KAT | CAST | Instantiate KAT | Module is in normal state | SHA2-512 | Power Up | |
| Hash DRBG Generate KAT (DRBG 819) | Hash DRBG Generate KAT (DRBG 819) | KAT | CAST | Generate KAT | Module is in normal state | SHA2-512 | Power Up | |
| Hash DRBG Reseed KAT (DRBG 819) | Hash DRBG Reseed KAT (DRBG 819) | KAT | CAST | Reseed KAT | Module is in normal state | SHA2-512 | Power Up | |
| HMAC-SHA-1 KAT (HMAC 2095) | HMAC-SHA-1 KAT (HMAC 2095) | KAT | CAST | HMAC-SHA-1 | Module is in normal state | SHA-1 | Power Up | |
| HMAC-SHA2- 256 KAT (HMAC 2095) | HMAC-SHA2- 256 KAT (HMAC 2095) | KAT | CAST | HMAC-SHA2- 256 | Module is in normal state | SHA2-256 | Power Up | |
| HMAC-SHA2- 384 KAT (HMAC 2095) | HMAC-SHA2- 384 KAT (HMAC 2095) | KAT | CAST | HMAC-SHA2- 384 | Module is in normal state | SHA2-384 | Power Up | |
| HMAC-SHA2- 512 KAT (HMAC 2095) | HMAC-SHA2- 512 KAT (HMAC 2095) | KAT | CAST | HMAC-SHA2- 512 | Module is in normal state | SHA2-512 | Power Up | |
| ECDSA KeyGen (FIPS186-4) PCT (A4446) | ECDSA KeyGen (FIPS186-4) PCT (A4446) | PCT | PCT | ECDSA | Module is in normal state | Curve P- 256 with SHA2-256 | Performs all required pair-wise consistency tests on the | |
| RSA KeyGen (FIPS186-4) PCT (A4446) | RSA KeyGen (FIPS186-4) PCT (A4446) | PCT | PCT | RSA | Module is in normal state | 2048 bit Modulus | Performs all required pair-wise consistency tests on the newly generated key pairs before the first operational use. | |
| KAS-ECC- SSC Sp800- 56Ar3 PCT (A4446) | KAS-ECC- SSC Sp800- 56Ar3 PCT (A4446) | PCT | PCT | N/A | Module is in normal state | Curve P- 256 with SHA2-256 | Performs all required pair-wise consistency tests on the newly generated key pairs before the first operational use. | |
| KAS-FFC- SSC Sp800- 56Ar3 PCT (A4446) | KAS-FFC- SSC Sp800- 56Ar3 PCT (A4446) | PCT | PCT | N/A | Module is in normal state | MODP- 2048 | Performs all required pair-wise consistency tests on the newly generated key pairs before the first operational use. | |
| HMAC-SHA2- 512 Firmware Load Test | HMAC-SHA2- 512 Firmware Load Test | KAT | SW/FW Load | N/A | Module is in normal state | HMAC- SHA2-512 | When firmware has been uploaded to the module | |
| Conditional Bypass Test | Conditional Bypass Test | N/A | Bypass | N/A | Module is in normal state | N/A | Performs conditional bypass test before first operational use of bypass service | |
| Entropy 90B Start-up Repetition Count Test (RCT) | Entropy 90B Start-up Repetition Count Test (RCT) | RCT | CAST | Designed to quickly detect catastrophic failures that cause the noise source to become "stuck" on a single output value for a long period of time | Module is in normal state | Repetition Count Test | Power Up | |
| Entropy 90B Start-up Adaptive Proportion Test (APT) | Entropy 90B Start-up Adaptive Proportion Test (APT) | APT | CAST | Designed to detect a large loss of entropy that might occur as a result of some physical failure or environmental change affecting the noise source | Module is in normal state | Adaptive Proportion Test | Power Up | |
| Entropy 90B Continuous Repetition Count Test (RCT) | Entropy 90B Continuous Repetition Count Test (RCT) | RCT | CAST | Designed to quickly detect catastrophic failures that cause the noise source to become "stuck" on a single output value for a long period of time | Module is in normal state | Repetition Count Test | Entropy data is generated from the Entropy Source - Continuous | |
| Entropy 90B Continuous Adaptive Proportion Test (APT) | Entropy 90B Continuous Adaptive Proportion Test (APT) | APT | CAST | Designed to detect a large loss of entropy that might occur as a result of some | Module is in normal state | Adaptive Proportion Test | Entropy data is generated from the Entropy Source - Continuous |
N/A N/A N/A Table 20: Pre-Operational Self-Tests The module performs the following self-tests, including the pre-operational self-tests and Conditional self-tests. Prior to the module providing any data output via the data output interface, the module performs and passes the pre-operational self-tests. Following the successful pre-operational self-tests, the module executes the Conditional Cryptographic Algorithm Self-tests (CASTs). If anyone of the self-tests fails, the module transitions into an error state and outputs the error message via the module’s status output interface. While the module is in the error state, all data through the data output interface and all cryptographic operations are disabled. The error state can only be cleared by reloading the module. All self-tests must be completed successfully before the module transitions to the
KAS-ECCSSC Sp80056Ar3 KAT KAS-FFCSSC Sp80056Ar3 KAT HMAC-SHA2256 HMAC-SHA2384 HMAC-SHA2512 MODP2048 with SHA2256 with SHA2256 N/A N/A N/A N/A N/A N/A © 2021-2025 Cisco Systems, Inc.
N/A N/A N/A N/A HMAC-SHA2256 HMAC-SHA2384 HMAC-SHA2512 © 2021-2025 Cisco Systems, Inc.
KAS-ECCSSC Sp80056Ar3 PCT N/A KAS-FFCSSC Sp80056Ar3 PCT MODP2048 N/A HMACSHA2-512 N/A © 2021-2025 Cisco Systems, Inc.
| Name | Algorithm Or Test | Test Method | Test Type | Period | Periodic Method |
|---|---|---|---|---|---|
| RSA SigVer Firmware Integrity Test | RSA SigVer Firmware Integrity Test | KAT | SW/FW Integrity | Recommend 60 Days | Reboot |
| Pre-Operational Bypass Test | Pre-Operational Bypass Test | N/A | Bypass | Recommend 60 Days | Reboot |
| AES-CBC Encrypt KAT (A4446) | AES-CBC Encrypt KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| AES-CBC Decrypt KAT (A4446) | AES-CBC Decrypt KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| AES-GCM Authenticated Encrypt KAT (A4446) | AES-GCM Authenticated Encrypt KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| AES-GCM Authenticated Decrypt KAT (A4446) | AES-GCM Authenticated Decrypt KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| Counter DRBG Instantiate KAT (A4446) | Counter DRBG Instantiate KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| Counter DRBG Generate KAT (A4446) | Counter DRBG Generate KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| Counter DRBG Reseed KAT (A4446) | Counter DRBG Reseed KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| ECDSA SigGen KAT (A4446) | ECDSA SigGen KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| ECDSA SigVer KAT (A4446) | ECDSA SigVer KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| HMAC-SHA-1 KAT (A4446) | HMAC-SHA-1 KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| HMAC-SHA2- 256 KAT (A4446) | HMAC-SHA2- 256 KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| HMAC-SHA2- 384 KAT (A4446) | HMAC-SHA2- 384 KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| HMAC-SHA2- 512 KAT (A4446) | HMAC-SHA2- 512 KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| KAS-ECC-SSC Sp800-56Ar3 KAT (A4446) | KAS-ECC-SSC Sp800-56Ar3 KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| KAS-FFC-SSC Sp800-56Ar3 KAT (A4446) | KAS-FFC-SSC Sp800-56Ar3 KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| RSA SigGen (FIPS186-4) KAT (A4446) | RSA SigGen (FIPS186-4) KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| RSA SigVer (FIPS186-4) KAT (A4446) | RSA SigVer (FIPS186-4) KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| KDF IKEv2 KAT (A4446) | KDF IKEv2 KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| KDF SNMP KAT (A4446) | KDF SNMP KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| KDF SSH KAT (A4446) | KDF SSH KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| TLS v1.2 KDF RFC7627 KAT (A4446) | TLS v1.2 KDF RFC7627 KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| SHA-1 KAT (A4446) | SHA-1 KAT (A4446) | KAT | CAST | Recommend 60 Days | Reboot |
| AES-CBC Encrypt KAT (AES 3301) | AES-CBC Encrypt KAT (AES 3301) | KAT | CAST | Recommend 60 Days | Reboot |
| AES-CBC Decrypt KAT (AES 3301) | AES-CBC Decrypt KAT (AES 3301) | KAT | CAST | Recommend 60 Days | Reboot |
| AES-GCM Authenticated Encrypt KAT (AES 3301) | AES-GCM Authenticated Encrypt KAT (AES 3301) | KAT | CAST | Recommend 60 Days | Reboot |
| AES-GCM Authenticated Decrypt KAT (AES 3301) | AES-GCM Authenticated Decrypt KAT (AES 3301) | KAT | CAST | Recommend 60 Days | Reboot |
| Hash DRBG Instantiate KAT (DRBG 819) | Hash DRBG Instantiate KAT (DRBG 819) | KAT | CAST | Recommend 60 Days | Reboot |
| Hash DRBG Generate KAT (DRBG 819) | Hash DRBG Generate KAT (DRBG 819) | KAT | CAST | Recommend 60 Days | Reboot |
| Hash DRBG Reseed KAT (DRBG 819) | Hash DRBG Reseed KAT (DRBG 819) | KAT | CAST | Recommend 60 Days | Reboot |
| HMAC-SHA-1 KAT (HMAC 2095) | HMAC-SHA-1 KAT (HMAC 2095) | KAT | CAST | Recommend 60 Days | Reboot |
| HMAC-SHA2- 256 KAT (HMAC 2095) | HMAC-SHA2- 256 KAT (HMAC 2095) | KAT | CAST | Recommend 60 Days | Reboot |
| HMAC-SHA2- 384 KAT (HMAC 2095) | HMAC-SHA2- 384 KAT (HMAC 2095) | KAT | CAST | Recommend 60 Days | Reboot |
| HMAC-SHA2- 512 KAT (HMAC 2095) | HMAC-SHA2- 512 KAT (HMAC 2095) | KAT | CAST | Recommend 60 Days | Reboot |
| ECDSA KeyGen (FIPS186-4) PCT (A4446) | ECDSA KeyGen (FIPS186-4) PCT (A4446) | PCT | PCT | Recommend 60 Days | Reboot |
| RSA KeyGen (FIPS186-4) PCT (A4446) | RSA KeyGen (FIPS186-4) PCT (A4446) | PCT | PCT | Recommend 60 Days | Reboot |
| KAS-ECC-SSC Sp800-56Ar3 PCT (A4446) | KAS-ECC-SSC Sp800-56Ar3 PCT (A4446) | PCT | PCT | Recommend 60 Days | Reboot |
| KAS-FFC-SSC Sp800-56Ar3 PCT (A4446) | KAS-FFC-SSC Sp800-56Ar3 PCT (A4446) | PCT | PCT | Recommend 60 Days | Reboot |
| HMAC-SHA2- 512 Firmware Load Test | HMAC-SHA2- 512 Firmware Load Test | KAT | SW/FW Load | N/A | N/A |
| Conditional Bypass Test | Conditional Bypass Test | N/A | Bypass | N/A | N/A |
| Entropy 90B Start-up | Entropy 90B Start-up | RCT | CAST | N/A | N/A |
| Entropy 90B Start-up Adaptive Proportion Test (APT) | Entropy 90B Start-up Adaptive Proportion Test (APT) | APT | CAST | N/A | N/A |
| Entropy 90B Continuous Repetition Count Test (RCT) | Entropy 90B Continuous Repetition Count Test (RCT) | RCT | CAST | N/A | N/A |
| Entropy 90B Continuous Adaptive Proportion Test (APT) | Entropy 90B Continuous Adaptive Proportion Test (APT) | APT | CAST | N/A | N/A |
Table 21: Conditional Self-Tests The module performs on-demand self-tests initiated by the operator, by powering off and powering the module back on. The full suite of self-tests is then executed. The same procedure may be employed by the operator to perform periodic self-tests.
N/A Table 22: Pre-Operational Periodic Information © 2021-2025 Cisco Systems, Inc.
| Name | Description | Role Access | Indicator | |
|---|---|---|---|---|
| Error State | If self-test tests fail, the module is put into an error state | Self-test failure | System Halt | Reboot the module |
N/A N/A N/A N/A N/A N/A Table 23: Conditional Periodic Information
Table 24: Error States If any of the above-mentioned self-tests fail, the module reports the error and enters the Error state. In the Error State, no cryptographic services are provided, and data output is prohibited. The only method to recover from the error state is to reboot the module and perform the selftests, including the pre-operational firmware integrity test and the conditional CASTs. The module will only enter into the operational state after successfully passing the pre-operational firmware integrity test and the conditional CASTs.
The validated module firmware was installed onto the respective test platforms listed in Table 2 above. Any firmware/software loaded into this module that is not shown on the module certificate, is out of the scope of this validation and requires a separate FIPS 140-3 validation. The Crypto Officer must configure and enforce the following initialization steps. Operating this module without maintaining the following settings will put the module into a non-compliant state. Step 1: The Crypto Officer must install opacity shields as described in section Physical Security above. © 2021-2025 Cisco Systems, Inc.
Step 2: The Crypto Officer must apply tamper evidence labels as described in section Physical Security above. Step 3: The Crypto Officer must securely store any unused tamper evidence labels. Note: Each module has a Type A USB 2.0 port, but it is considered to be disabled once the Crypto Officer has applied the TEL #9. Step 4: Crypto Officer performs the following configurations: ciscoasa# configure terminal Note, the Crypto Officer needs to connect the platform to cisco.com to obtain the license for ASA from Cisco. ciscoasa(config)# license smart register idtoken [token data] ciscoasa(config)#license smart ciscoasa(config-smart-lic)# show license all Smart Licensing Status ====================== Smart Licensing is ENABLED -ORciscoasa(config-smart-lic)# show license summary Smart Licensing is ENABLED Registration: Step
Step 11: Define RADIUS and TACACS+ shared secret keys that are at least 8 characters long and secure traffic between the security module and the RADIUS/TACACS+ server via secure (IPSec, TLS) tunnel. Note: Perform this step only if RADIUS/TACAS+ is configured, otherwise skip over and proceed to next step. Step 12: Configure the security module so that any remote connections via Telnet are secured through IPSec connection by using the following commands crypto map interface access-list protocol esp encryption protocol esp integrity If IPSec secure connection is not configured, after running two internal independent actions defined in section 4.6 above, the module would enter the Bypass state. Step 13: Configure the security module so that only approved algorithms are used for all security connections (SSHv2, TLSv1.2, SNMPv3 and IPSec/IKEv2). Step 14: Configure the security module so that error messages can only be viewed by Crypto Officer. Step 15: Disable the TFTP server. Step 16: Disable HTTP for performing system management in approved mode of operation. HTTPS with TLSv1.2 should always be used for Web-based management. Step 17: Ensure that installed digital certificates are signed using approved algorithms. Step 18: Save the configuration. Step 19: Reboot the module.
No specific Administrator guidance.
No specific Non-Administrator guidance.
N/A for this module. © 2021-2025 Cisco Systems, Inc.