Waveserver 5 Control Processor Module

Certificate #4920

Webpage information ?

Status active
Validation dates 18.12.2024
Sunset date 17-12-2026
Standard FIPS 140-3
Security level 2
Type Hardware
Embodiment Multi-Chip Embedded
Caveat Interim validation. When installed, initialized and configured as specified in Section 11 of the Security Policy. No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs. No operator authentication is enforced for executing security services that were unlocked by an authenticated service.
Exceptions
  • Roles, services, and authentication: Level 3
  • Operational environment: N/A
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Description The Ciena WaveLogic 5e Encryption Modem with AES-256-GCM, wire-speed optical layer encryption with line rates up to 800G for up to 6.4T of encrypted line capacity.
Version (Hardware) 186-3011-900 [revision 001 and revision 002], 186-3011-901 [revision 001 and revision 002]
Version (Firmware) 2.3.12
Vendor Ciena Corporation
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, AES-128, AES-192, AES-256, CAST, DES, TDES, 3DES, Triple-DES, HMAC
Asymmetric Algorithms
RSA 2048, ECDH, ECDSA, DHE, DH
Hash functions
SHA-1, MD5, PBKDF
Schemes
Key Agreement
Protocols
SSH, TLS v1.3, TLS v1.2, TLS 1.2, TLS 1.3, TLS
Randomness
DRBG, RNG
Libraries
Crypto Library 1, Crypto Library 2
Elliptic Curves
P-256, P-384, P-521, P-512
Block cipher modes
ECB, CBC, CTR, GCM

Trusted Execution Environments
PSP, SSC
Vendor
Infineon

Security level
Level 2, Level 1, level 2

Standards
FIPS 140-3, FIPS PUB 197, FIPS 186-4, FIPS PUB 198-1, FIPS PUB 186-4, FIPS PUB 180-4, SP 800-108, SP 800-38D, NIST SP 800-132, PKCS 1, PKCS1, RFC7627, RFC8446, RFC 5288, RFC 5246, RFC 8446, ISO/IEC 24759, ISO/IEC 19790, X.509

File metadata

Author Scott Ehrlich
Creation date D:20241204181108+05'30'
Modification date D:20241204181145+05'30'
Pages 55
Creator Acrobat PDFMaker 24 for Word
Producer Adobe PDF Library 24.4.48

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

  • 23.12.2024 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4920,
  "dgst": "4dfc32fc79b06f35",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "Safe Primes Key VerificationA3284",
        "ECDSA KeyVer (FIPS186-4)A3284",
        "KDF SP800-108A3284",
        "PBKDFA3284",
        "KAS-ECC-SSC Sp800-56Ar3A3284",
        "AES-CTRA3284",
        "AES-CBCA3284",
        "SHA2-384A3284",
        "AES-ECBA3284",
        "Hash DRBGA3284",
        "HMAC-SHA-1A3284",
        "HMAC-SHA2-512A3284",
        "KAS-FFC-SSC Sp800-56Ar3A3284",
        "HMAC-SHA2-256A3284",
        "SHA2-256A3284",
        "TDES-CBCA3284",
        "SHA-1A3284",
        "ECDSA SigGen (FIPS186-4)A3284",
        "RSA SigGen (FIPS186-4)A3284",
        "SHA2-512A3284",
        "RSA SigVer (FIPS186-4)A3284",
        "TLS v1.2 KDF RFC7627A3284",
        "KDF SSHA3284",
        "ECDSA KeyGen (FIPS186-4)A3284",
        "TLS v1.3 KDFA3284",
        "HMAC-SHA2-384A3284",
        "ECDSA SigVer (FIPS186-4)A3284",
        "SHA2-224A3284",
        "RSA KeyGen (FIPS186-4)A3284",
        "AES-GCMA3284",
        "Safe Primes Key GenerationA3284"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "2.3.12"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECDH": {
            "ECDH": 50
          },
          "ECDSA": {
            "ECDSA": 49
          }
        },
        "FF": {
          "DH": {
            "DH": 42,
            "DHE": 1
          }
        },
        "RSA": {
          "RSA 2048": 8
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 5
        },
        "CTR": {
          "CTR": 9
        },
        "ECB": {
          "ECB": 4
        },
        "GCM": {
          "GCM": 14
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "Generic": {
          "Crypto Library 1": 1,
          "Crypto Library 2": 1
        }
      },
      "crypto_protocol": {
        "SSH": {
          "SSH": 106
        },
        "TLS": {
          "TLS": {
            "TLS": 86,
            "TLS 1.2": 14,
            "TLS 1.3": 26,
            "TLS v1.2": 4,
            "TLS v1.3": 5
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 5
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-256": 14,
          "P-384": 12,
          "P-512": 2,
          "P-521": 28
        }
      },
      "eval_facility": {
        "Acumen": {
          "Acumen Security": 1
        }
      },
      "fips_cert_id": {
        "Cert": {
          "#1": 2,
          "#2": 1,
          "#5": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES - CTR, 128": 5,
          "AES 256": 6,
          "AES GCM 256": 1,
          "AES-128": 3,
          "AES-192": 3,
          "AES-256": 2,
          "AES-256 128, 192": 1,
          "AES-CTR, 128": 1,
          "AES-GCM 128": 8,
          "AES-GCM 256": 1,
          "HMAC-SHA-1": 2,
          "PKCS 1": 4,
          "PKCS1": 8,
          "RSA 128": 2,
          "RSA 2048": 8,
          "SHA-1": 7,
          "SHA2- 256": 2,
          "SHA2- 384": 2,
          "SHA2- 512": 4,
          "SHA2-256": 12,
          "SHA2-384": 18,
          "SHA2-512": 2,
          "SHA2-512 160": 1,
          "SHA2-512 256": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 1,
          "Level 2": 2,
          "level 2": 1
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 2
          }
        },
        "PBKDF": {
          "PBKDF": 5
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 7
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 51
        },
        "RNG": {
          "RNG": 2
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-3": 13,
          "FIPS 186-4": 4,
          "FIPS PUB 180-4": 1,
          "FIPS PUB 186-4": 1,
          "FIPS PUB 197": 4,
          "FIPS PUB 198-1": 1
        },
        "ISO": {
          "ISO/IEC 19790": 4,
          "ISO/IEC 24759": 2
        },
        "NIST": {
          "NIST SP 800-132": 1,
          "SP 800-108": 1,
          "SP 800-38D": 1
        },
        "PKCS": {
          "PKCS 1": 2,
          "PKCS1": 4
        },
        "RFC": {
          "RFC 5246": 1,
          "RFC 5288": 1,
          "RFC 8446": 2,
          "RFC7627": 1,
          "RFC8446": 1
        },
        "X509": {
          "X.509": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 31,
            "AES-128": 3,
            "AES-192": 3,
            "AES-256": 3
          },
          "CAST": {
            "CAST": 1
          }
        },
        "DES": {
          "3DES": {
            "3DES": 2,
            "TDES": 1,
            "Triple-DES": 1
          },
          "DES": {
            "DES": 2
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 12
          }
        }
      },
      "tee_name": {
        "AMD": {
          "PSP": 11
        },
        "IBM": {
          "SSC": 14
        }
      },
      "tls_cipher_suite": {},
      "vendor": {
        "Infineon": {
          "Infineon": 4
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Scott Ehrlich",
      "/CienaCategory": "9;#Engineering|227e9ad3-6a2a-42e6-bb81-df0d4df693a6",
      "/CienaPrimaryFocus": "",
      "/CienaTypeOfFile": "",
      "/Comments": "",
      "/Company": "",
      "/ContentTypeId": "0x0101008F8F9D9F290CCA4BA384EDFA619F1FEB00DF0798FF99DB7E48849AABB777628A4C",
      "/CreationDate": "D:20241204181108+05\u002730\u0027",
      "/Creator": "Acrobat PDFMaker 24 for Word",
      "/Keywords": "",
      "/ModDate": "D:20241204181145+05\u002730\u0027",
      "/Producer": "Adobe PDF Library 24.4.48",
      "/SourceModified": "D:20241204124054",
      "/Subject": "",
      "/Title": "",
      "pdf_file_size_bytes": 819520,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://csrc.nist.gov/projects/cryptographic-module-validation-program",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=15760",
          "http://www.acumensecurity.net/",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=35893",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=35894"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 55
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "2199c0f5109dfa2dcaa04d8292461b61fd49613d9aaf8e5fdfcfc9094789057e",
    "policy_txt_hash": "cfb07c5bdbddca53a28ea926772d4c2b88256c73a329f8ab550b81937467b785"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "Interim validation. When installed, initialized and configured as specified in Section 11 of the Security Policy. No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs. No operator authentication is enforced for executing security services that were unlocked by an authenticated service.",
    "certificate_pdf_url": null,
    "date_sunset": "2026-12-17",
    "description": "The Ciena WaveLogic 5e Encryption Modem with AES-256-GCM, wire-speed optical layer encryption with line rates up to 800G for up to 6.4T of encrypted line capacity.",
    "embodiment": "Multi-Chip Embedded",
    "exceptions": [
      "Roles, services, and authentication: Level 3",
      "Operational environment: N/A",
      "Non-invasive security: N/A",
      "Mitigation of other attacks: N/A",
      "Documentation requirements: N/A",
      "Cryptographic module security policy: N/A"
    ],
    "fw_versions": "2.3.12",
    "historical_reason": null,
    "hw_versions": "186-3011-900 [revision 001 and revision 002], 186-3011-901 [revision 001 and revision 002]",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "Waveserver 5 Control Processor Module",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-3",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2024-12-18",
        "lab": "ACUMEN SECURITY, LLC",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Ciena Corporation",
    "vendor_url": "http://ww.ciena.com"
  }
}