Cisco ASR 1001 [1][K1], ASR 1002 [2][K2][E1 or E2], ASR1002-X [3][K2], ASR 1004 [4][K3][R1 or R2][E2, E3 or E4], ASR 1006 [5][K4][single or dual E2, E3, E4 or E5][dual R1 or R2] and ASR 1013 [6][K5][E4 or E5][R2]

Certificate #2090

Webpage information

Status historical
Historical reason RNG SP800-131A Revision 1 Transition
Validation dates 26.02.2014
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode and when tamper evident labels and security devices are installed on the initially built configuration as indicated in the Security Policy
Exceptions
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Description The ASR 1000 Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services, and reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments.
Version (Hardware) ASR1001 [1], ASR1002 [2], ASR1002-X [3], ASR1004 [4], ASR1006 [5] and ASR1013 [6]; FIPS KITs: ASR1001-FIPS-Kit [K1], ASR1002- FIPS-Kit [K2], ASR1004-FIPS-Kit [K3], ASR1006-FIPS-Kit [K4] and ASR1013-FIPS-Kit [K5]; Embedded Services Processors: ASR1000-ESP5 [E1], ASR1000-ESP10 [E2], ASR1000-ESP20 [E3], ASR1000-ESP40 [E4] and ASR1000-ESP100 [E5]; Route Processors: ASR-1000-RP1 [R1] and ASR-1000-RP2 [R2]
Version (Firmware) 3.7.2tS
Vendor Cisco Systems, Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy

Symmetric Algorithms
AES-, AES, AES-256, RC4, DES, Triple-DES, TDES, HMAC
Asymmetric Algorithms
RSA 2048, DH, Diffie-Hellman
Hash functions
SHA-1, SHA-256, MD5
Schemes
MAC, Key Exchange
Protocols
SSH, TLS, IKE, IKEv1, IPsec, VPN, PGP
Randomness
DRBG, RNG
Block cipher modes
ECB, CBC, CTR

Vendor
Cisco Systems, Inc, Cisco, Cisco Systems

Security level
Level 1, level 2, level 1, Level 2

Standards
FIPS 140-2, FIPS PUB 140-2, FIPS 140, SP 800-90, PKCS#1

File metadata

Title Microsoft Word - ASR_FIPS_Security_Policy.docx
Author tungw
Creation date D:20140224131652-05'00'
Modification date D:20140224131652-05'00'
Pages 64
Creator PScript5.dll Version 5.2.2
Producer Acrobat Distiller 11.0 (Windows)

References

Outgoing
  • 192 - historical - 7206 VXR Router

Heuristics

No heuristics are available for this certificate.

References

Loading...

Updates Feed

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 2090,
  "dgst": "6589ed9b9dd4caa5",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "SHS#2150",
        "RNG#154",
        "Triple-DES#397",
        "RSA#1304",
        "Triple-DES#1469",
        "HMAC#137",
        "SHS#408",
        "SHS#2023",
        "Triple-DES#1543",
        "HMAC#1455",
        "AES#333",
        "RNG#1170",
        "AES#2549",
        "HMAC#1570",
        "AES#2346",
        "DRBG#382"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "3.7.2"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "192"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "192"
        ]
      }
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": [
        "192"
      ]
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "FF": {
          "DH": {
            "DH": 6,
            "Diffie-Hellman": 5
          }
        },
        "RSA": {
          "RSA 2048": 2
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 14
        },
        "CTR": {
          "CTR": 6
        },
        "ECB": {
          "ECB": 2
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "IKE": {
          "IKE": 23,
          "IKEv1": 1
        },
        "IPsec": {
          "IPsec": 11
        },
        "PGP": {
          "PGP": 3
        },
        "SSH": {
          "SSH": 15
        },
        "TLS": {
          "TLS": {
            "TLS": 16
          }
        },
        "VPN": {
          "VPN": 2
        }
      },
      "crypto_scheme": {
        "KEX": {
          "Key Exchange": 7
        },
        "MAC": {
          "MAC": 2
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "# 192": 1,
          "#1": 1,
          "#10": 1,
          "#11": 1,
          "#12": 1,
          "#13": 1,
          "#14": 1,
          "#15": 1,
          "#16": 1,
          "#17": 1,
          "#18": 1,
          "#19": 1,
          "#2": 1,
          "#20": 1,
          "#21": 1,
          "#22": 1,
          "#23": 1,
          "#24": 1,
          "#25": 1,
          "#26": 1,
          "#27": 1,
          "#28": 1,
          "#29": 1,
          "#3": 1,
          "#30": 1,
          "#31": 1,
          "#32": 1,
          "#33": 1,
          "#34": 1,
          "#4": 1,
          "#5": 1,
          "#6": 1,
          "#7": 1,
          "#8": 1,
          "#9": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES (128": 1,
          "AES -168": 5,
          "AES CBC (128": 6,
          "AES- 256": 4,
          "AES-256": 2,
          "DES 9": 1,
          "HMAC SHA-1": 7,
          "HMAC SHA-1, 224": 1,
          "PKCS#1": 2,
          "RSA 2048": 2,
          "RSA PKCS#1": 2,
          "SHA-1": 14,
          "SHA-1 Byte Oriented 137": 4,
          "SHA-1 Byte Oriented 1570": 2,
          "SHA-1, 224": 2,
          "SHA-1, 256": 2,
          "SHA-256": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 1,
          "Level 2": 1,
          "level 1": 1,
          "level 2": 2
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 14
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 24
          },
          "SHA2": {
            "SHA-256": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 10
        },
        "RNG": {
          "RNG": 20
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140": 2,
          "FIPS 140-2": 15,
          "FIPS PUB 140-2": 1
        },
        "NIST": {
          "SP 800-90": 3
        },
        "PKCS": {
          "PKCS#1": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 16,
            "AES-": 4,
            "AES-256": 2
          },
          "RC": {
            "RC4": 7
          }
        },
        "DES": {
          "3DES": {
            "TDES": 1,
            "Triple-DES": 17
          },
          "DES": {
            "DES": 13
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 21
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Cisco": {
          "Cisco": 93,
          "Cisco Systems": 7,
          "Cisco Systems, Inc": 65
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "tungw",
      "/CreationDate": "D:20140224131652-05\u002700\u0027",
      "/Creator": "PScript5.dll Version 5.2.2",
      "/ModDate": "D:20140224131652-05\u002700\u0027",
      "/Producer": "Acrobat Distiller 11.0 (Windows)",
      "/Title": "Microsoft Word - ASR_FIPS_Security_Policy.docx",
      "pdf_file_size_bytes": 3815925,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 64
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.InternalState",
    "module": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": null,
      "txt_hash": null
    },
    "policy": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": "c4f00fefc54b6187be4c236e4169be6e0c4839430ed333fb6b2d37a76667b9a2",
      "txt_hash": "62ade2498313a0bad1c7524470c33005a8302fb44749fe27d850e59147f3a5f2"
    }
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode and when tamper evident labels and security devices are installed on the initially built configuration as indicated in the Security Policy",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertList0038.pdf",
    "date_sunset": null,
    "description": "The ASR 1000 Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services, and reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Design Assurance: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "3.7.2tS",
    "historical_reason": "RNG SP800-131A Revision 1 Transition",
    "hw_versions": "ASR1001 [1], ASR1002 [2], ASR1002-X [3], ASR1004 [4], ASR1006 [5] and ASR1013 [6]; FIPS KITs: ASR1001-FIPS-Kit [K1], ASR1002- FIPS-Kit [K2], ASR1004-FIPS-Kit [K3], ASR1006-FIPS-Kit [K4] and ASR1013-FIPS-Kit [K5]; Embedded Services Processors: ASR1000-ESP5 [E1], ASR1000-ESP10 [E2], ASR1000-ESP20 [E3], ASR1000-ESP40 [E4] and ASR1000-ESP100 [E5]; Route Processors: ASR-1000-RP1 [R1] and ASR-1000-RP2 [R2]",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "Cisco ASR 1001 [1][K1], ASR 1002 [2][K2][E1 or E2], ASR1002-X [3][K2], ASR 1004 [4][K3][R1 or R2][E2, E3 or E4], ASR 1006 [5][K4][single or dual E2, E3, E4 or E5][dual R1 or R2] and ASR 1013 [6][K5][E4 or E5][R2]",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2014-02-26",
        "lab": "Leidos Accredited Testing \u0026 Evaluation (AT\u0026E) Lab",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Cisco Systems, Inc.",
    "vendor_url": "http://www.cisco.com"
  }
}