This page was not yet optimized for use on mobile devices.
Cisco Adaptive Security Appliance Cryptographic Module (FPR 3100 Series)
Certificate #4966
Webpage information
Security policy
Symmetric Algorithms
AES-128, AES-192, AES-256, AES, AES-, CAST, HMACAsymmetric Algorithms
RSA 2048, ECDH, ECDHE, ECDSA, ECC, Diffie-Hellman, DHHash functions
SHA-1Schemes
MAC, Key AgreementProtocols
SSHv2, SSH, TLS v1.2, TLSv1.2, TLS, IKEv2, IKE, IPsec, VPNRandomness
DRBG, RBGElliptic Curves
P-256, P-384, P-521Block cipher modes
CTR, GCMTrusted Execution Environments
PSP, SSCVendor
Cisco Systems, Inc, CiscoSecurity level
Level 2, Level 1Certification process
out of scope, fails. Any firmware loaded into the module that is not shown on the module certificate, is out of scope of this validation and requires a separate FIPS 140-3 validation. 4.6 Bypass Actions and Status TheStandards
FIPS 140-3, FIPS186-4, FIPS 186-4, FIPS 198-1, FIPS 180-4, FIPS140-3, SP 800-140, SP 800-38A, SP 800-38D, SP 800-90A, SP 800-56A, SP 800-135, SP 800-52, NIST SP 800-90A, PKCS 1, RFC7627, RFC 5288, RFC 7296, ISO/IEC 19790File metadata
| Author | Hawes, David J. (Fed) |
|---|---|
| Creation date | D:20250214102422-05'00' |
| Modification date | D:20250214102553-05'00' |
| Pages | 67 |
| Creator | Acrobat PDFMaker 24 for Word |
| Producer | Adobe PDF Library 24.5.96 |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates
-
04.04.2025 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The keywords property was updated, with the
{'crypto_protocol': {'__update__': {'SSH': {'__insert__': {'SSHv2': 154}}}}}data.
- The keywords property was updated, with the
-
24.02.2025 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The exceptions property was updated.
-
17.02.2025 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name Cisco Adaptive Security Appliance Cryptographic Module (FPR 3100 Series) was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4966,
"dgst": "1a5fd4b21080a2de",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": []
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"3100"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 5
},
"ECDH": {
"ECDH": 103,
"ECDHE": 1
},
"ECDSA": {
"ECDSA": 96
}
},
"FF": {
"DH": {
"DH": 100,
"Diffie-Hellman": 1
}
},
"RSA": {
"RSA 2048": 2
}
},
"certification_process": {
"OutOfScope": {
"fails. Any firmware loaded into the module that is not shown on the module certificate, is out of scope of this validation and requires a separate FIPS 140-3 validation. 4.6 Bypass Actions and Status The": 1,
"out of scope": 1
}
},
"cipher_mode": {
"CTR": {
"CTR": 1
},
"GCM": {
"GCM": 22
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 5,
"IKEv2": 120
},
"IPsec": {
"IPsec": 2
},
"SSH": {
"SSH": 138,
"SSHv2": 154
},
"TLS": {
"TLS": {
"TLS": 153,
"TLS v1.2": 8,
"TLSv1.2": 133
}
},
"VPN": {
"VPN": 2
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 6
},
"MAC": {
"MAC": 21
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 34,
"P-384": 8,
"P-521": 12
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 3,
"#2": 3,
"#3": 3,
"#9": 1
}
},
"fips_certlike": {
"Certlike": {
"AES-128": 5,
"AES-192": 2,
"AES-256": 2,
"DRBG 384": 1,
"HMAC- SHA-1": 2,
"HMAC-SHA-1": 24,
"PKCS 1": 4,
"RSA 2048": 2,
"SHA-1": 18,
"SHA2- 256": 4,
"SHA2-224": 3,
"SHA2-256": 14,
"SHA2-384": 10,
"SHA2-512": 18,
"SHA3- 256": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 1,
"Level 2": 2
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 18
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 113
},
"RNG": {
"RBG": 2
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 6,
"FIPS 180-4": 9,
"FIPS 186-4": 7,
"FIPS 198-1": 9,
"FIPS140-3": 6,
"FIPS186-4": 28
},
"ISO": {
"ISO/IEC 19790": 2
},
"NIST": {
"NIST SP 800-90A": 1,
"SP 800-135": 4,
"SP 800-140": 1,
"SP 800-38A": 2,
"SP 800-38D": 2,
"SP 800-52": 1,
"SP 800-56A": 3,
"SP 800-90A": 2
},
"PKCS": {
"PKCS 1": 2
},
"RFC": {
"RFC 5288": 1,
"RFC 7296": 1,
"RFC7627": 7
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 25,
"AES-": 6,
"AES-128": 5,
"AES-192": 2,
"AES-256": 2
},
"CAST": {
"CAST": 68
}
},
"constructions": {
"MAC": {
"HMAC": 23
}
}
},
"tee_name": {
"AMD": {
"PSP": 18
},
"IBM": {
"SSC": 4
}
},
"tls_cipher_suite": {},
"vendor": {
"Cisco": {
"Cisco": 4,
"Cisco Systems, Inc": 71
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Hawes, David J. (Fed)",
"/Comments": "",
"/Company": "",
"/CreationDate": "D:20250214102422-05\u002700\u0027",
"/Creator": "Acrobat PDFMaker 24 for Word",
"/Keywords": "",
"/ModDate": "D:20250214102553-05\u002700\u0027",
"/Producer": "Adobe PDF Library 24.5.96",
"/SourceModified": "",
"/Subject": "",
"/Title": "",
"pdf_file_size_bytes": 1294036,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 67
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "a6a68e12cb7839a29c936100efea3681af03d1633113fd717e537ec4293469da",
"policy_txt_hash": "0e03c7d8c5dff2b9f1416e49953b5ac42eb2b32ea2bce5b7bbd168b65171674a"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When installed, initialized and configured as specified in Section \"Life-Cycle Assurance\" of the Security Policy. The tamper evident seals and opacity shields installed as indicated in Section \"Physical Security\" of the Security Policy.",
"certificate_pdf_url": null,
"date_sunset": "2030-02-13",
"description": "The market-leading Cisco ASA delivering robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA provides comprehensive security, performance, and reliability for network environments.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, services, and authentication: Level 3",
"Operational environment: N/A",
"Non-invasive security: N/A",
"Mitigation of other attacks: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 2,
"mentioned_certs": {},
"module_name": "Cisco Adaptive Security Appliance Cryptographic Module (FPR 3100 Series)",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2025-02-14",
"lab": "GOSSAMER SECURITY SOLUTIONS INC",
"validation_type": "Initial"
}
],
"vendor": "Cisco Systems, Inc.",
"vendor_url": "http://www.cisco.com"
}
}