Device Cryptographic Module

Certificate #4733

Webpage information ?

Status active
Validation dates 22.07.2024
Sunset date 21-07-2026
Standard FIPS 140-3
Security level 2
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat Interim Validation. When operated in approved mode. When installed, initialized and configured as specified in Section 11 of the Security Policy. The tamper evident seals with F5-ADD-BIG-FIPS140 kit installed as indicated in the Security Policy.
Exceptions
  • Operational environment: N/A
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Description F5® Device Cryptographic Module, Application Delivery Controller and Firewall software running on F5 BIG-IP.
Version (Hardware) BIG-IP i4600, BIG-IP i4800, BIG-IP i5600, BIG-IP i5800, BIG-IP i5820-DF, BIG-IP i7600, BIG-IP i7800, BIG-IP i7820-DF, BIG-IP i10600, BIG-IP i10800, BIG-IP i11600-DS, BIG-IP i11800-DS, BIG-IP i15600, BIG-IP i15800, BIG-IP i15820-DF, VIPRION B2250, VIPRION B4450
Version (Firmware) 16.1.3.1
Vendor F5, Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, AES-128, AES-256, AES-192, AES-, CAST, RC4, DES, Triple-DES, TDES, SM4, HMAC, CMAC
Asymmetric Algorithms
ECDH, ECDSA, EdDSA, ECC, Diffie-Hellman, DH, DSA
Hash functions
SHA-1, SHA3-256, MD5
Schemes
MAC, Key Exchange, Key Agreement
Protocols
SSH, SSL, TLS, TLS v1.2, TLS1.2, IKEv1, IKEv2, IKE, IPsec
Randomness
DRBG, RNG
Elliptic Curves
P-256, P-384, Ed25519
Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTS

JavaCard API constants
SM2
Trusted Execution Environments
SSC

Security level
Level 2, Level 1

Standards
FIPS 140-3, FIPS PUB 140-3, FIPS 197, FIPS 186-4, FIPS180-4, FIPS 198-1, FIPS140-3, FIPS186-4, FIPS197, FIPS198-1, NIST SP 800-140B, SP 800-135, SP 800-38F, PKCS#1, PKCS #1, RFC 5288, ISO/IEC 24759

File metadata

Title FIPS 140-3 Non-Proprietary Security Policy
Author Alejandro Fabio Masino
Creation date D:20240703151026-05'00'
Modification date D:20240703151026-05'00'
Pages 53
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

  • 18.11.2024 The certificate data changed.
    Certificate changed

    The web extraction data was updated.

    • The vendor_url property was set to http://www.f5.com.
  • 12.08.2024 The certificate data changed.
    Certificate changed

    The web extraction data was updated.

    • The certificate_pdf_url property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/July 2024_010824_1146.pdf.
  • 24.07.2024 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4733,
  "dgst": "56937aa5a635fe21",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "ECDSA KeyGen (FIPS186-4)A2671",
        "AES-CTRA2594",
        "AES-CBCA2671",
        "HMAC-SHA2-384A2671",
        "KDF SSHA2594",
        "RSA SigGen (FIPS186-4)A2671",
        "Safe Primes Key GenerationA2671",
        "Counter DRBGA2671",
        "ECDSA SigVer (FIPS186-4)A2671",
        "HMAC-SHA2-512A2671",
        "AES-GCMA2671",
        "HMAC-SHA-1A2671",
        "KDF TLSA2671",
        "SHA2-384A2671",
        "ECDSA KeyVer (FIPS186-4)A2671",
        "RSA KeyGen (FIPS186-4)A2594",
        "ECDSA SigGen (FIPS186-4)A2671",
        "AES-GMACA2671",
        "KAS-ECC-SSC Sp800-56Ar3A2671",
        "HMAC-SHA2-256A2671",
        "Safe Primes Key VerificationA2671",
        "AES-ECBA2594",
        "RSA SigVer (FIPS186-4)A2671",
        "SHA-1A2671",
        "SHA2-512A2671",
        "SHA2-256A2671",
        "KAS-FFC-SSC Sp800-56Ar3A2671",
        "AES-CCMA2671"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "16.1.3.1"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 2
          },
          "ECDH": {
            "ECDH": 1
          },
          "ECDSA": {
            "ECDSA": 61
          },
          "EdDSA": {
            "EdDSA": 2
          }
        },
        "FF": {
          "DH": {
            "DH": 1,
            "Diffie-Hellman": 46
          },
          "DSA": {
            "DSA": 4
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 4
        },
        "CCM": {
          "CCM": 5
        },
        "CFB": {
          "CFB": 2
        },
        "CTR": {
          "CTR": 4
        },
        "ECB": {
          "ECB": 3
        },
        "GCM": {
          "GCM": 11
        },
        "OFB": {
          "OFB": 2
        },
        "XTS": {
          "XTS": 1
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "IKE": {
          "IKE": 1,
          "IKEv1": 1,
          "IKEv2": 1
        },
        "IPsec": {
          "IPsec": 2
        },
        "SSH": {
          "SSH": 107
        },
        "TLS": {
          "SSL": {
            "SSL": 4
          },
          "TLS": {
            "TLS": 141,
            "TLS v1.2": 1,
            "TLS1.2": 2
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 5
        },
        "KEX": {
          "Key Exchange": 3
        },
        "MAC": {
          "MAC": 5
        }
      },
      "device_model": {},
      "ecc_curve": {
        "Edwards": {
          "Ed25519": 1
        },
        "NIST": {
          "P-256": 36,
          "P-384": 32
        }
      },
      "eval_facility": {
        "atsec": {
          "atsec": 60
        }
      },
      "fips_cert_id": {
        "Cert": {
          "#1": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "# A2594": 1,
          "# A2671": 2,
          "AES 256": 3,
          "AES-128": 1,
          "AES-192": 1,
          "AES-256": 3,
          "HMAC SHA-1": 1,
          "HMAC- SHA-1": 1,
          "HMAC-SHA-1": 10,
          "HMAC-SHA384": 2,
          "PKCS #1": 2,
          "PKCS#1": 10,
          "RSA PKCS#1": 4,
          "SHA- 1": 2,
          "SHA-1": 10,
          "SHA2- 384": 3,
          "SHA2-224": 8,
          "SHA2-256": 17,
          "SHA2-384": 6,
          "SHA2-512": 11,
          "SHA3-256": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 1,
          "Level 2": 3
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 2
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 10
          },
          "SHA3": {
            "SHA3-256": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {
        "curves": {
          "SM2": 1
        }
      },
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 47
        },
        "RNG": {
          "RNG": 2
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-3": 63,
          "FIPS 186-4": 18,
          "FIPS 197": 5,
          "FIPS 198-1": 1,
          "FIPS PUB 140-3": 2,
          "FIPS140-3": 2,
          "FIPS180-4": 2,
          "FIPS186-4": 2,
          "FIPS197": 1,
          "FIPS198-1": 1
        },
        "ISO": {
          "ISO/IEC 24759": 2
        },
        "NIST": {
          "NIST SP 800-140B": 1,
          "SP 800-135": 9,
          "SP 800-38F": 2
        },
        "PKCS": {
          "PKCS #1": 1,
          "PKCS#1": 7
        },
        "RFC": {
          "RFC 5288": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 44,
            "AES-": 2,
            "AES-128": 1,
            "AES-192": 1,
            "AES-256": 3
          },
          "CAST": {
            "CAST": 33
          },
          "RC": {
            "RC4": 1
          }
        },
        "DES": {
          "3DES": {
            "TDES": 1,
            "Triple-DES": 3
          },
          "DES": {
            "DES": 2
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 2,
            "HMAC": 25
          }
        },
        "miscellaneous": {
          "SM4": {
            "SM4": 1
          }
        }
      },
      "tee_name": {
        "IBM": {
          "SSC": 10
        }
      },
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Alejandro Fabio Masino",
      "/CreationDate": "D:20240703151026-05\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20240703151026-05\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "/Title": "FIPS 140-3 Non-Proprietary Security Policy",
      "pdf_file_size_bytes": 1087673,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
          "http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf",
          "http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
          "http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf",
          "http://www.atsec.com/",
          "https://support.f5.com/csp/article/K7752",
          "http://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf",
          "https://csrc.nist.gov/Projects/cryptographic-module-validation-program/fips-140-3-ig-announcements",
          "http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-135r1.pdf",
          "http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
          "http://www.ietf.org/rfc/rfc3447.txt",
          "http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf",
          "http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf",
          "http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 53
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "8135e45e46aef1fb7a0ad547906e09520b92c508aefae461ccf8e0d64e88530c",
    "policy_txt_hash": "cdc2ea37135c4b357a558bf9f0eee2b62fef1664da3018dc9a108c94bf730071"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "Interim Validation. When operated in approved mode. When installed, initialized and configured as specified in Section 11 of the Security Policy. The tamper evident seals with F5-ADD-BIG-FIPS140 kit installed as indicated in the Security Policy.",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/July 2024_010824_1146.pdf",
    "date_sunset": "2026-07-21",
    "description": "F5\u00ae Device Cryptographic Module, Application Delivery Controller and Firewall software running on F5 BIG-IP.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Operational environment: N/A",
      "Non-invasive security: N/A",
      "Mitigation of other attacks: N/A",
      "Documentation requirements: N/A",
      "Cryptographic module security policy: N/A"
    ],
    "fw_versions": "16.1.3.1",
    "historical_reason": null,
    "hw_versions": "BIG-IP i4600, BIG-IP i4800, BIG-IP i5600, BIG-IP i5800, BIG-IP i5820-DF, BIG-IP i7600, BIG-IP i7800, BIG-IP i7820-DF, BIG-IP i10600, BIG-IP i10800, BIG-IP i11600-DS, BIG-IP i11800-DS, BIG-IP i15600, BIG-IP i15800, BIG-IP i15820-DF, VIPRION B2250, VIPRION B4450",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "Device Cryptographic Module",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-3",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2024-07-22",
        "lab": "ATSEC INFORMATION SECURITY CORP",
        "validation_type": "Initial"
      }
    ],
    "vendor": "F5, Inc.",
    "vendor_url": "http://www.f5.com"
  }
}