Nokia 1830 Photonic Service Switch (PSS)

Known vulnerabilities detected

Our automated heuristics have identified vulnerabilities that may be associated with this certificate. See the CVEs section for details.

Certificate #4552

Webpage information

Status active
Validation dates 19.07.2023
Sunset date 21-09-2026
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode and installed, initialized and configured as specified in Section 3 of the Security Policy. When operated with modules as part of Nokia 1830 Photonic Service Switch (PSS) validated to FIPS 140-2 under the same certificate number.
Exceptions
  • Roles, Services, and Authentication: Level 3
  • Mitigation of Other Attacks: N/A
Description The 1830 PSS is a scalable, next-generation Dense Wave Division Multipexer (DWDM) platform that supports data center aggregation for Ethernet, Fiber Channel (FC) and other protocols. Multiprotocol services can then be dynamically and flexibly transported over metro and long-haul spans, using Tunable and Reconfigurable Optical Add-Drop Multiplexers (T-ROADMs) for optical wavelengths. The 1830 PSS enables transparent L2 Ethernet or FC and L3 IP services over the optical link.
Version (Hardware) Chassis (WOMPU00CRA / 3KC48901AA) [1], Chassis (WOMR300BRA / 3KC48960AC) [2] and Chassis (WOM4V10GRA / 8DG59319AB) [3]; 8EC2E Card (3KC48910AA) [1] and 32EC2E Card (8DG63583AA) [2, 3]; 11QPEN4 (8DG60996AA) [1-3] and S13X100E (8DG63988AA) [1-3]; Filler Card (8DG59418AA) [1-3]; Security Label Kit (8DG-6509-AAAA) [1-3]
Version (Firmware) 1830PSSECE-10.1-2
Vendor Nokia Corporation
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Certificate
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES-256, AES-, AES, AES256, Rijndael, E2, HMAC, HMAC-SHA-256
Hash functions
SHA-1, SHA256, SHA-256
Protocols
SSH
Block cipher modes
CTR, GCM

Security level
level 2, Level 2, Level 1

Standards
FIPS 140-2, FIPS PUB 140-2

File metadata

Title 1830 PSS Security Policy
Subject FIPS 140-2
Author Richard DiPasquale;Dietmar Raak
Creation date D:20230704143339-04'00'
Modification date D:20230704143339-04'00'
Pages 62
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

Heuristics

Automated inference - use with caution

All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.

Related CVEs

ID Links Severity CVSS Score Published on
Base score
CVE-2014-3809
C N
MEDIUM 6.1 31.01.2020

References

No references are available for this certificate.

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4552,
  "dgst": "65cd1264927aa198",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "AES#C882",
        "CVL#C882",
        "AES#C1144",
        "AES#3844",
        "SHS#C1545",
        "KTS#C882",
        "HMAC#C882",
        "HMAC#C1545",
        "SHS#C1143",
        "SHS#C882"
      ]
    },
    "cpe_matches": {
      "_type": "Set",
      "elements": [
        "cpe:2.3:o:nokia:1830_photonic_service_switch-16_firmware:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:nokia:1830_photonic_service_switch-32:-:*:*:*:*:*:*:*",
        "cpe:2.3:o:nokia:1830_photonic_service_switch-32_firmware:-:*:*:*:*:*:*:*",
        "cpe:2.3:o:nokia:1830_photonic_service_switch-4_firmware:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:nokia:1830_photonic_service_switch-4:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:nokia:1830_photonic_service_switch-16:-:*:*:*:*:*:*:*"
      ]
    },
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "10.1"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": {
      "_type": "Set",
      "elements": [
        "CVE-2014-3809"
      ]
    },
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {},
      "certification_process": {},
      "cipher_mode": {
        "CTR": {
          "CTR": 4
        },
        "GCM": {
          "GCM": 1
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "SSH": {
          "SSH": 5
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES 3844": 2,
          "AES- 256": 2,
          "AES-256": 15,
          "AES256": 3,
          "HMAC SHA-1-96": 1,
          "HMAC- SHA256": 1,
          "HMAC-SHA-1": 8,
          "HMAC-SHA-256": 2,
          "HMAC-SHA256": 6,
          "HMAC-SHA256 2": 2,
          "SHA-1": 2,
          "SHA-1-96": 1,
          "SHA-256": 1,
          "SHA256": 3
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 1,
          "Level 2": 2,
          "level 2": 1
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 2
          },
          "SHA2": {
            "SHA-256": 1,
            "SHA256": 3
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 104,
          "FIPS PUB 140-2": 3
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 16,
            "AES-": 2,
            "AES-256": 16,
            "AES256": 3
          },
          "E2": {
            "E2": 1
          },
          "Rijndael": {
            "Rijndael": 1
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 4,
            "HMAC-SHA-256": 1
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Richard DiPasquale;Dietmar Raak",
      "/CreationDate": "D:20230704143339-04\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20230704143339-04\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "/Subject": "FIPS 140-2",
      "/Title": "1830 PSS Security Policy",
      "pdf_file_size_bytes": 2024370,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://csrc.nist.gov/groups/STM/cmvp/documents/fips140-2/fips1402DTR.pdf",
          "http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf",
          "file:///C:/Users/draak/Desktop/Restore/Desktop/drk_proj/SE/Security-Encryption/Certification/FIPS/SecurityPolicy_103-104/Update_V2.x/FIPS-1830-Security-Policy-100G_V2.20_changeMarks.docx%23_Toc134052897",
          "http://csrc.nist.gov/groups/STM/cmvp/documents/fips140-2/FIPS1402IG.pdf"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 62
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "bf76f2a65366b9d8bf4e4c6ea19c39f98d0d88754430033e9b425f9ee3df65e7",
    "policy_txt_hash": "69a42dce8874de55bbb7025b7d3b853e751a9cea1482594d624fa5844512ec9e"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Section 3 of the Security Policy. When operated with modules as part of Nokia 1830 Photonic Service Switch (PSS) validated to FIPS 140-2 under the same certificate number.",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/July 2023_010823_0649 signed.pdf",
    "date_sunset": "2026-09-21",
    "description": "The 1830 PSS is a scalable, next-generation Dense Wave Division Multipexer (DWDM) platform that supports data center aggregation for Ethernet, Fiber Channel (FC) and other protocols. Multiprotocol services can then be dynamically and flexibly transported over metro and long-haul spans, using Tunable and Reconfigurable Optical Add-Drop Multiplexers (T-ROADMs) for optical wavelengths. The 1830 PSS enables transparent L2 Ethernet or FC and L3 IP services over the optical link.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "1830PSSECE-10.1-2",
    "historical_reason": null,
    "hw_versions": "Chassis (WOMPU00CRA / 3KC48901AA) [1], Chassis (WOMR300BRA / 3KC48960AC) [2] and Chassis (WOM4V10GRA / 8DG59319AB) [3]; 8EC2E Card (3KC48910AA) [1] and 32EC2E Card (8DG63583AA) [2, 3]; 11QPEN4 (8DG60996AA) [1-3] and S13X100E (8DG63988AA) [1-3]; Filler Card (8DG59418AA) [1-3]; Security Label Kit (8DG-6509-AAAA) [1-3]",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "Nokia 1830 Photonic Service Switch (PSS)",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-07-19",
        "lab": "EWA - Canada",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Nokia Corporation",
    "vendor_url": "http://www.nokia.com"
  }
}