This page was not yet optimized for use on mobile
devices.
Cisco ASR 1001 [1][K1], ASR 1002 [2][K2][E1 or E2], ASR1002-X [3][K2], ASR 1004 [4][K3][R1 or R2][E2, E3 or E4], ASR 1006 [5][K4][single or dual E2, E3, E4 or E5][dual R1 or R2] and ASR 1013 [6][K5][E4 or E5][R2]
Certificate #2090
Webpage information
| Status | historical |
|---|---|
| Historical reason | RNG SP800-131A Revision 1 Transition |
| Validation dates | 26.02.2014 |
| Standard | FIPS 140-2 |
| Security level | 2 |
| Type | Hardware |
| Embodiment | Multi-Chip Stand Alone |
| Caveat | When operated in FIPS mode and when tamper evident labels and security devices are installed on the initially built configuration as indicated in the Security Policy |
| Exceptions |
|
| Description | The ASR 1000 Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services, and reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments. |
| Version (Hardware) | ASR1001 [1], ASR1002 [2], ASR1002-X [3], ASR1004 [4], ASR1006 [5] and ASR1013 [6]; FIPS KITs: ASR1001-FIPS-Kit [K1], ASR1002- FIPS-Kit [K2], ASR1004-FIPS-Kit [K3], ASR1006-FIPS-Kit [K4] and ASR1013-FIPS-Kit [K5]; Embedded Services Processors: ASR1000-ESP5 [E1], ASR1000-ESP10 [E2], ASR1000-ESP20 [E3], ASR1000-ESP40 [E4] and ASR1000-ESP100 [E5]; Route Processors: ASR-1000-RP1 [R1] and ASR-1000-RP2 [R2] |
| Version (Firmware) | 3.7.2tS |
| Vendor | Cisco Systems, Inc. |
| References | This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates. |
Security policy
Symmetric Algorithms
AES-, AES, AES-256, RC4, DES, Triple-DES, TDES, HMACAsymmetric Algorithms
RSA 2048, DH, Diffie-HellmanHash functions
SHA-1, SHA-256, MD5Schemes
MAC, Key ExchangeProtocols
SSH, TLS, IKE, IKEv1, IPsec, VPN, PGPRandomness
DRBG, RNGBlock cipher modes
ECB, CBC, CTRVendor
Cisco Systems, Inc, Cisco, Cisco SystemsSecurity level
Level 1, level 2, level 1, Level 2Standards
FIPS 140-2, FIPS PUB 140-2, FIPS 140, SP 800-90, PKCS#1File metadata
| Title | Microsoft Word - ASR_FIPS_Security_Policy.docx |
|---|---|
| Author | tungw |
| Creation date | D:20140224131652-05'00' |
| Modification date | D:20140224131652-05'00' |
| Pages | 64 |
| Creator | PScript5.dll Version 5.2.2 |
| Producer | Acrobat Distiller 11.0 (Windows) |
References
Outgoing- 192 - historical - 7206 VXR Router
Heuristics
No heuristics are available for this certificate.
References
Loading...
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 2090,
"dgst": "6589ed9b9dd4caa5",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"SHS#2150",
"RNG#154",
"Triple-DES#397",
"RSA#1304",
"Triple-DES#1469",
"HMAC#137",
"SHS#408",
"SHS#2023",
"Triple-DES#1543",
"HMAC#1455",
"AES#333",
"RNG#1170",
"AES#2549",
"HMAC#1570",
"AES#2346",
"DRBG#382"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"3.7.2"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"192"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"192"
]
}
},
"policy_prunned_references": {
"_type": "Set",
"elements": [
"192"
]
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"FF": {
"DH": {
"DH": 6,
"Diffie-Hellman": 5
}
},
"RSA": {
"RSA 2048": 2
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 14
},
"CTR": {
"CTR": 6
},
"ECB": {
"ECB": 2
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 23,
"IKEv1": 1
},
"IPsec": {
"IPsec": 11
},
"PGP": {
"PGP": 3
},
"SSH": {
"SSH": 15
},
"TLS": {
"TLS": {
"TLS": 16
}
},
"VPN": {
"VPN": 2
}
},
"crypto_scheme": {
"KEX": {
"Key Exchange": 7
},
"MAC": {
"MAC": 2
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"# 192": 1,
"#1": 1,
"#10": 1,
"#11": 1,
"#12": 1,
"#13": 1,
"#14": 1,
"#15": 1,
"#16": 1,
"#17": 1,
"#18": 1,
"#19": 1,
"#2": 1,
"#20": 1,
"#21": 1,
"#22": 1,
"#23": 1,
"#24": 1,
"#25": 1,
"#26": 1,
"#27": 1,
"#28": 1,
"#29": 1,
"#3": 1,
"#30": 1,
"#31": 1,
"#32": 1,
"#33": 1,
"#34": 1,
"#4": 1,
"#5": 1,
"#6": 1,
"#7": 1,
"#8": 1,
"#9": 1
}
},
"fips_certlike": {
"Certlike": {
"AES (128": 1,
"AES -168": 5,
"AES CBC (128": 6,
"AES- 256": 4,
"AES-256": 2,
"DES 9": 1,
"HMAC SHA-1": 7,
"HMAC SHA-1, 224": 1,
"PKCS#1": 2,
"RSA 2048": 2,
"RSA PKCS#1": 2,
"SHA-1": 14,
"SHA-1 Byte Oriented 137": 4,
"SHA-1 Byte Oriented 1570": 2,
"SHA-1, 224": 2,
"SHA-1, 256": 2,
"SHA-256": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 1,
"Level 2": 1,
"level 1": 1,
"level 2": 2
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 14
}
},
"SHA": {
"SHA1": {
"SHA-1": 24
},
"SHA2": {
"SHA-256": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 10
},
"RNG": {
"RNG": 20
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140": 2,
"FIPS 140-2": 15,
"FIPS PUB 140-2": 1
},
"NIST": {
"SP 800-90": 3
},
"PKCS": {
"PKCS#1": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 16,
"AES-": 4,
"AES-256": 2
},
"RC": {
"RC4": 7
}
},
"DES": {
"3DES": {
"TDES": 1,
"Triple-DES": 17
},
"DES": {
"DES": 13
}
},
"constructions": {
"MAC": {
"HMAC": 21
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Cisco": {
"Cisco": 93,
"Cisco Systems": 7,
"Cisco Systems, Inc": 65
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "tungw",
"/CreationDate": "D:20140224131652-05\u002700\u0027",
"/Creator": "PScript5.dll Version 5.2.2",
"/ModDate": "D:20140224131652-05\u002700\u0027",
"/Producer": "Acrobat Distiller 11.0 (Windows)",
"/Title": "Microsoft Word - ASR_FIPS_Security_Policy.docx",
"pdf_file_size_bytes": 3815925,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 64
}
},
"state": {
"_type": "sec_certs.sample.fips.InternalState",
"module": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"source_hash": null,
"txt_hash": null
},
"policy": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"source_hash": "c4f00fefc54b6187be4c236e4169be6e0c4839430ed333fb6b2d37a76667b9a2",
"txt_hash": "62ade2498313a0bad1c7524470c33005a8302fb44749fe27d850e59147f3a5f2"
}
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and when tamper evident labels and security devices are installed on the initially built configuration as indicated in the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertList0038.pdf",
"date_sunset": null,
"description": "The ASR 1000 Routers accelerate services by offering performance and resiliency with optimized, intelligent services; establishing a benchmark for price-to-performance offerings in the enterprise routing, service provider edge, and broadband aggregation segments; facilitating significant network innovations in areas such as secure WAN aggregation, managed customer-premises-equipment services, and service provider edge services, and reducing operating expenses and capital expenditures by facilitating managed or hosted services over identical architectures and operating environments.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "3.7.2tS",
"historical_reason": "RNG SP800-131A Revision 1 Transition",
"hw_versions": "ASR1001 [1], ASR1002 [2], ASR1002-X [3], ASR1004 [4], ASR1006 [5] and ASR1013 [6]; FIPS KITs: ASR1001-FIPS-Kit [K1], ASR1002- FIPS-Kit [K2], ASR1004-FIPS-Kit [K3], ASR1006-FIPS-Kit [K4] and ASR1013-FIPS-Kit [K5]; Embedded Services Processors: ASR1000-ESP5 [E1], ASR1000-ESP10 [E2], ASR1000-ESP20 [E3], ASR1000-ESP40 [E4] and ASR1000-ESP100 [E5]; Route Processors: ASR-1000-RP1 [R1] and ASR-1000-RP2 [R2]",
"level": 2,
"mentioned_certs": {},
"module_name": "Cisco ASR 1001 [1][K1], ASR 1002 [2][K2][E1 or E2], ASR1002-X [3][K2], ASR 1004 [4][K3][R1 or R2][E2, E3 or E4], ASR 1006 [5][K4][single or dual E2, E3, E4 or E5][dual R1 or R2] and ASR 1013 [6][K5][E4 or E5][R2]",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2014-02-26",
"lab": "Leidos Accredited Testing \u0026 Evaluation (AT\u0026E) Lab",
"validation_type": "Initial"
}
],
"vendor": "Cisco Systems, Inc.",
"vendor_url": "http://www.cisco.com"
}
}