Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
© 2021-2025 Cisco Systems, Inc.
Cisco Systems logo is registered trademark of Cisco Systems, Inc.
Cisco Systems, Inc.
Cisco Secure Firewall Threat Defense Cryptographic Module (FPR 3100 Series)
FIPS 140-3 Non-Proprietary Security Policy
Page 2 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Table of Contents
1 General................................................................................................................................... 5
1.1 Overview .......................................................................................................................... 5
1.2 Security Levels ................................................................................................................. 5
2 Cryptographic Module Specification........................................................................................ 5
2.1 Description ....................................................................................................................... 5
2.2 Tested and Vendor Affirmed Module Version and Identification........................................ 6
2.3 Excluded Components...................................................................................................... 7
2.4 Modes of Operation.......................................................................................................... 7
2.5 Algorithms ........................................................................................................................ 7
2.6 Security Function Implementations..................................................................................10
2.7 Algorithm Specific Information .........................................................................................15
2.8 RBG and Entropy ............................................................................................................16
2.9 Key Generation................................................................................................................16
2.10 Key Establishment.........................................................................................................16
2.11 Industry Protocols..........................................................................................................17
3 Cryptographic Module Interfaces............................................................................................17
3.1 Ports and Interfaces ........................................................................................................17
4 Roles, Services, and Authentication.......................................................................................17
4.1 Authentication Methods ...................................................................................................17
4.2 Roles...............................................................................................................................19
4.3 Approved Services ..........................................................................................................19
4.4 Non-Approved Services...................................................................................................36
4.5 External Software/Firmware Loaded................................................................................37
4.6 Cryptographic Output Actions and Status ........................................................................37
4.7 Additional Information......................................................................................................37
5 Software/Firmware Security ...................................................................................................37
5.1 Integrity Techniques ........................................................................................................37
5.2 Initiate on Demand ..........................................................................................................37
6 Operational Environment........................................................................................................38
6.1 Operational Environment Type and Requirements ..........................................................38
7 Physical Security....................................................................................................................38
7.1 Mechanisms and Actions Required..................................................................................38
7.2 User Placed Tamper Seals..............................................................................................38
7.3 Filler Panels.....................................................................................................................40
8 Non-Invasive Security ............................................................................................................42
Page 3 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
9 Sensitive Security Parameters Management..........................................................................42
9.1 Storage Areas .................................................................................................................42
9.2 SSP Input-Output Methods..............................................................................................43
9.3 SSP Zeroization Methods................................................................................................44
9.4 SSPs ...............................................................................................................................44
10 Self-Tests.............................................................................................................................58
10.1 Pre-Operational Self-Tests ............................................................................................58
10.2 Conditional Self-Tests....................................................................................................59
10.3 Periodic Self-Test Information........................................................................................62
10.4 Error States ...................................................................................................................64
11 Life-Cycle Assurance ...........................................................................................................65
11.1 Installation, Initialization, and Startup Procedures..........................................................65
11.2 Administrator Guidance .................................................................................................66
11.3 Non-Administrator Guidance..........................................................................................66
12 Mitigation of Other Attacks ...................................................................................................66
Page 4 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
List of Tables
Table 1: Security Levels............................................................................................................. 5
Table 2: Tested Module Identification – Hardware ..................................................................... 7
Table 3: Modes List and Description .......................................................................................... 7
Table 4: Approved Algorithms - CiscoSSL FOM Cryptographic Implementation......................... 9
Table 5: Approved Algorithms - Marvell Cavium Nitrox V........................................................... 9
Table 6: Vendor-Affirmed Algorithms ........................................................................................10
Table 7: Security Function Implementations..............................................................................15
Table 8: Entropy Certificates.....................................................................................................16
Table 9: Entropy Sources..........................................................................................................16
Table 10: Ports and Interfaces ..................................................................................................17
Table 11: Authentication Methods.............................................................................................19
Table 12: Roles.........................................................................................................................19
Table 13: Approved Services ....................................................................................................36
Table 14: Mechanisms and Actions Required ...........................................................................38
Table 15: Storage Areas ...........................................................................................................43
Table 16: SSP Input-Output Methods........................................................................................44
Table 17: SSP Zeroization Methods..........................................................................................44
Table 18: SSP Table 1..............................................................................................................51
Table 19: SSP Table 2..............................................................................................................58
Table 20: Pre-Operational Self-Tests........................................................................................58
Table 21: Conditional Self-Tests ...............................................................................................62
Table 22: Pre-Operational Periodic Information.........................................................................62
Table 23: Conditional Periodic Information................................................................................64
Table 24: Error States...............................................................................................................65
List of Figures
Figure 1 FPR 3105, 3110, 3120, 3130, 3140 ............................................................................. 6
Figure 2 Module’s front view opacity shield..............................................................................39
Figure 3 Module’s back view....................................................................................................39
Figure 4 Module’s top view with opacity shield.........................................................................39
Figure 5 Module’s bottom view with opacity shield ...................................................................40
Figure 6 Module’s left view with opacity shield .........................................................................40
Figure 7 Module’s right view with opacity shield.......................................................................40
Figure 8 Opacity Shield Brackets .............................................................................................42
Page 5 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
1 General
1.1 Overview
This is Cisco Systems, Inc. non-proprietary security policy for the Cisco Secure Firewall Threat
Defense Cryptographic Module (FPR 3100 Series) (hereinafter referred to as FTD or Module),
version 7.4. The following details how this module meets the security requirements of FIPS
140-3, SP 800-140 and ISO/IEC 19790 for a Security Level 2 hardware cryptographic module.
The security requirements cover areas related to the design and implementation of a
cryptographic module. These areas include cryptographic module specification; cryptographic
module interfaces; roles, services, and authentication; software/firmware security; operational
environment; physical security; non-invasive security; sensitive security parameter
management; self-tests; life-cycle assurance; and mitigation of other attacks. The following
table indicates the actual security levels for each area of the cryptographic module.
1.2 Security Levels
Section Title Security Level
1 General 2
2 Cryptographic module specification 2
3 Cryptographic module interfaces 2
4 Roles, services, and authentication 3
5 Software/Firmware security 2
6 Operational environment N/A
7 Physical security 2
8 Non-invasive security N/A
9 Sensitive security parameter management 2
10 Self-tests 2
11 Life-cycle assurance 2
12 Mitigation of other attacks N/A
Overall Level 2
Table 1: Security Levels
2 Cryptographic Module Specification
2.1 Description
Purpose and Use:
This module is a multi-chip standalone hardware cryptographic module which houses Firepower
solutions with underlying operating system identified as Linux 4 (also referred to as Firepower
eXtensible Operating System or FX-OS throughout this document). The Module is operated in
a limited operational environment.
FTD delivers enterprise-class firewall for businesses, improving security at the Internet edge,
high performance and throughput for demanding enterprise data centers. The FTD solution
offers the combination of the industry's most deployed stateful firewall with a comprehensive
Page 6 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
range of next-generation network security services, intrusion prevention system (IPS), content
security and secure unified communications, HTTPS/TLSv1.2, SSHv2, IPsec/IKEv2, SNMPv3
and Cryptographic Cipher Suite B.
Module Type: Hardware
Module Embodiment: MultiChipStand
Module Characteristics:
Cryptographic Boundary:
The cryptographic boundary is defined as the entire chassis unit’s physical perimeter
encompassing the "top," "front," "left," "right," “rear” and "bottom" surfaces of the case, and
shown in the figures below and in the Physical Security section. The FPR 3105, FPR 3110,
FPR 3120, FPR 3130 and FPR 3140 all have the same exterior appearance. Where they differ
is in Firewall throughput, IPS throughput, IPsec VPN throughput and number of VPN peers
allowed.
Tested Operational Environment’s Physical Perimeter (TOEPP):
Figure 1 FPR 3105, 3110, 3120, 3130, 3140
2.2 Tested and Vendor Affirmed Module Version and Identification
Tested Module Identification – Hardware:
Model
and/or
Part
Number
Hardware
Version
Firmware
Version
Processors Features
FRP
3105
FPR-3105 7.4 AMD EPYC 7272 (Zen2) & NITROX-V,
Marvell Semiconductor, NITROX
FRP
3110
FPR-3110 7.4 AMD EPYC 7272 (Zen2) & NITROX-V,
Marvell Semiconductor, NITROX
FRP
3120
FPR-3120 7.4 AMD EPYC 7282 (Zen2) & NITROX-V,
Marvell Semiconductor, NITROX
FRP
3130
FPR-3130 7.4 AMD EPYC 7352 (Zen2) & NITROX-V,
Marvell Semiconductor, NITROX
FRP
3140
FPR-3140 7.4 AMD EPYC 7452 (Zen2) & NITROX-V,
Marvell Semiconductor, NITROXC
Page 7 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Table 2: Tested Module Identification – Hardware
Tested Module Identification – Software, Firmware, Hybrid (Executable Code Sets):
N/A for this module.
Tested Module Identification – Hybrid Disjoint Hardware:
N/A for this module.
Tested Operational Environments - Software, Firmware, Hybrid:
N/A for this module.
Vendor-Affirmed Operational Environments - Software, Firmware, Hybrid:
N/A for this module.
2.3 Excluded Components
N/A for this module.
2.4 Modes of Operation
Modes List and Description:
Mode Name Description Type Status Indicator
Approved
Mode of
Operation
The module is always in the approved
mode of operation after initial
operations are performed.
Approved Approved mode
indicator: "FIPS is
currently enabled."
Table 3: Modes List and Description
The module has one approved mode of operation and is always in the approved mode of
operation after initial operations are performed (See Section 11). The module does not claim
implementation of a degraded mode of operation. Section 4 provides details on the service
indicator implemented by the module.
2.5 Algorithms
Approved Algorithms:
CiscoSSL FOM Cryptographic Implementation
Algorithm CAVP
Cert
Properties Reference
AES-CBC A4446 Direction - Decrypt, Encrypt
Key Length - 128, 192, 256
SP 800-38A
Page 8 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Algorithm CAVP
Cert
Properties Reference
AES-GCM A4446 Direction - Decrypt, Encrypt
IV Generation - Internal
IV Generation Mode - 8.2.1
Key Length - 128, 192, 256
SP 800-38D
Counter DRBG A4446 Prediction Resistance - Yes
Mode - AES-128, AES-192, AES-256
Derivation Function Enabled - Yes
SP 800-90A
Rev. 1
ECDSA KeyGen
(FIPS186-4)
A4446 Curve - P-256, P-384, P-521 FIPS 186-4
ECDSA SigGen
(FIPS186-4)
A4446 Curve - P-256, P-384, P-521
Hash Algorithm - SHA2-224, SHA2-256,
SHA2-384, SHA2-512
FIPS 186-4
ECDSA SigVer
(FIPS186-4)
A4446 Curve - P-256, P-384, P-521 FIPS 186-4
HMAC-SHA-1 A4446 Key Length - Key Length: 256-448 Increment
8
FIPS 198-1
HMAC-SHA2-224 A4446 Key Length - Key Length: 256-448 Increment
8
FIPS 198-1
HMAC-SHA2-256 A4446 Key Length - Key Length: 256-448 Increment
8
FIPS 198-1
HMAC-SHA2-384 A4446 Key Length - Key Length: 256-448 Increment
8
FIPS 198-1
HMAC-SHA2-512 A4446 Key Length - Key Length: 256-448 Increment
8
FIPS 198-1
KAS-ECC-SSC
Sp800-56Ar3
A4446 Domain Parameter Generation Methods - P-
256, P-384, P-521
SP 800-56A
Rev. 3
KAS-FFC-SSC
Sp800-56Ar3
A4446 Domain Parameter Generation Methods -
ffdhe2048, ffdhe3072, ffdhe4096, modp-2048,
modp-3072, modp-4096
SP 800-56A
Rev. 3
KDF IKEv2 (CVL) A4446 Diffie-Hellman Shared Secret Length - Diffie-
Hellman Shared Secret Length: 2048
Derived Keying Material Length - Derived
Keying Material Length: 3072
Hash Algorithm - SHA-1
SP 800-135
Rev. 1
KDF SNMP
(CVL)
A4446 Password Length - Password Length: 256, 64 SP 800-135
Rev. 1
KDF SSH (CVL) A4446 Cipher - AES-128, AES-192, AES-256 SP 800-135
Rev. 1
RSA KeyGen
(FIPS186-4)
A4446 Key Generation Mode - B.3.4
Modulo - 2048, 3072, 4096
Hash Algorithm - SHA2-256
Private Key Format - Standard
FIPS 186-4
RSA SigGen
(FIPS186-4)
A4446 Signature Type - ANSI X9.31, PKCS 1.5,
PKCSPSS
Modulo - 2048, 3072, 4096
FIPS 186-4
RSA SigVer
(FIPS186-4)
A4446 Signature Type - ANSI X9.31, PKCS 1.5,
PKCSPSS
Modulo - 1024, 2048, 3072, 4096
FIPS 186-4
Page 9 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Algorithm CAVP
Cert
Properties Reference
Safe Primes Key
Generation
A4446 Safe Prime Groups - modp-2048, modp-3072,
modp-4096
SP 800-56A
Rev. 3
SHA-1 A4446 Message Length - Message Length: 0-65536
Increment 8
FIPS 180-4
SHA2-224 A4446 Message Length - Message Length: 0-65536
Increment 8
FIPS 180-4
SHA2-256 A4446 Message Length - Message Length: 0-65536
Increment 8
FIPS 180-4
SHA2-384 A4446 Message Length - Message Length: 0-65536
Increment 8
FIPS 180-4
SHA2-512 A4446 Message Length - Message Length: 0-65536
Increment 8
FIPS 180-4
TLS v1.2 KDF
RFC7627 (CVL)
A4446 Hash Algorithm - SHA2-256, SHA2-384,
SHA2-512
SP 800-135
Rev. 1
Table 4: Approved Algorithms - CiscoSSL FOM Cryptographic Implementation
Marvell Cavium Nitrox V
Algorithm CAVP
Cert
Properties Reference
AES-CBC C1026 Direction - Decrypt, Encrypt
Key Length - 128, 192, 256
SP 800-38A
AES-GCM C1026 Direction - Decrypt, Encrypt
IV Generation - External
Key Length - 128, 192, 256
SP 800-38D
Hash DRBG C1026 Prediction Resistance - No
Mode - SHA2-512
SP 800-90A
Rev. 1
HMAC-SHA-1 C1026 - FIPS 198-1
HMAC-SHA2-
256
C1026 - FIPS 198-1
HMAC-SHA2-
384
C1026 - FIPS 198-1
HMAC-SHA2-
512
C1026 - FIPS 198-1
SHA-1 C1026 Message Length - Message Length: 0-
51200 Increment 8
FIPS 180-4
SHA2-256 C1026 Message Length - Message Length: 0-
51200 Increment 8
FIPS 180-4
SHA2-384 C1026 Message Length - Message Length: 0-
102400 Increment 8
FIPS 180-4
SHA2-512 C1026 Message Length - Message Length: 0-
102400 Increment 8
FIPS 180-4
Table 5: Approved Algorithms - Marvell Cavium Nitrox V
Vendor-Affirmed Algorithms:
Page 10 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Properties Implementation Reference
CKG Key
Type:Asymmetric
CiscoSSL FOM
Cryptographic
Implementation
The cryptographic module performs
Cryptographic Key Generation (CKG) for
asymmetric keys as per sections 4 and 5 in
SP800-133rev2 (vendor affirmed) and FIPS
140-3 IG D.H. A seed (i.e., the random
value) used in asymmetric key generation
is a direct output from SP800-90Arev1
CTR_DRBG (A4446) or HMAC_DRBG
(C1026)
Table 6: Vendor-Affirmed Algorithms
Non-Approved, Allowed Algorithms:
N/A for this module.
Non-Approved, Allowed Algorithms with No Security Claimed:
N/A for this module.
Non-Approved, Not Allowed Algorithms:
N/A for this module.
2.6 Security Function Implementations
Name Type Description Properties Algorithms
KAS-ECC-
KeyGen
(SSHv2)
KAS-KeyGen KAS ECC
keygen used in
SSHv2 service
Counter DRBG
Hash DRBG
CKG
KAS-FFC-
KeyGen
(SSHv2)
KAS-KeyGen KAS FFC
keygen used in
SSHv2 service
Counter DRBG
Safe Primes Key
Generation
Hash DRBG
CKG
KAS-ECC-
KeyGen
(TLSv1.2)
KAS-KeyGen KAS ECC
keygen used in
TLSv1.2 service
Counter DRBG
Hash DRBG
CKG
KAS-FFC-
KeyGen
(TLSv1.2)
KAS-KeyGen KAS FFC
keygen used in
TLSv1.2 service
Counter DRBG
Safe Primes Key
Generation
Hash DRBG
CKG
Page 11 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Type Description Properties Algorithms
KAS-ECC-
KeyGen (IKEv2)
KAS-KeyGen KAS ECC
keygen used in
IKE v2 service
Counter DRBG
Hash DRBG
CKG
KAS-FFC-
KeyGen (IKEv2)
KAS-KeyGen KAS FFC
keygen used in
IKE v2 service
Counter DRBG
Safe Primes Key
Generation
Hash DRBG
CKG
KAS-FFC
(SSHv2)
KAS-Full Key Agreement
Scheme per
SP800-56Arev3
with KDF SSH.
The module’s
KAS (FFC)
implementation
is FIPS140-3 IG
D.F Scenario 2
(path 2)
compliant
Bit-strength
Caveat:Provides
between 112 to
152 bits of
encryption
strength
KDF SSH
KAS-FFC-SSC
Sp800-56Ar3
Domain
Parameter
Generation
Methods:: modp-
2048
KAS-ECC
(SSHv2)
KAS-Full Key Agreement
Scheme per
SP800-56Arev3
with KDF SSH.
The module’s
KAS (FFC)
implementation
is FIPS140-3 IG
D.F Scenario 2
(path 2)
compliant
Bit-strength
Caveat:Provides
between 128
and 256 bits of
encryption
strength
KDF SSH
KAS-ECC-SSC
Sp800-56Ar3
KAS-FFC
(TLSv1.2)
KAS-Full Key Agreement
Scheme per
SP800-56Arev3
with TLS v1.2
KDF RFC7627.
The module’s
KAS (FFC)
implementation
is FIPS140-3 IG
D.F Scenario 2
(path 2)
compliant
Bit-strength
Caveat:Provides
between 112 to
152 bits of
encryption
strength
TLS v1.2 KDF
RFC7627
KAS-FFC-SSC
Sp800-56Ar3
Domain
Parameter
Generation
Methods::
ffdhe2048
KAS-ECC
(TLSv1.2)
KAS-Full Key Agreement
Scheme per
SP800-56Arev3
with KDF IKEv2.
The module’s
KAS (ECC)
implementation
Bit-strength
Caveat:Provides
between 128
and 256 bits of
encryption
strength
TLS v1.2 KDF
RFC7627
KAS-ECC-SSC
Sp800-56Ar3
Page 12 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Type Description Properties Algorithms
is FIPS140-3 IG
D.F Scenario 2
(path 2)
compliant
KAS-ECC
(IKEv2)
KAS-Full Key Agreement
Scheme per
SP800-56Arev3
with KDF IKEv2.
The module’s
KAS (ECC)
implementation
is FIPS140-3 IG
D.F Scenario 2
(path 2)
compliant
Bit-strength
Caveat:Provides
between 112
and 256 bits of
encryption
strength
KAS-ECC-SSC
Sp800-56Ar3
KDF IKEv2
KAS-FFC
(IKEv2)
KAS-Full Key Agreement
Scheme per
SP800-56Arev3
with KDF IKEv2.
The module’s
KAS (FFC)
implementation
is FIPS140-3 IG
D.F Scenario 2
(path 2)
compliant
Bit-strength
Caveat:Provides
between 112
and 152 bits of
encryption
strength
KAS-FFC-SSC
Sp800-56Ar3
KDF IKEv2
KTS (TLSv1.2
with AES and
HMAC)
KTS-Wrap KTS via TLSv1.2
service by using
AES and HMAC
Bit-strength
Caveat:Provides
between 128
and 256 bits of
encryption
strength
AES-CBC
Key Length:
128, 256
HMAC-SHA-1
HMAC-SHA2-
256
HMAC-SHA2-
384
SHA-1
SHA2-256
SHA2-384
KTS (TLSv1.2
with AES-GCM)
KTS-Wrap KTS via TLSv1.2
service by using
AES-GCM
Bit-strength
Caveat:Provides
between 128
and 256 bits of
encryption
strength
AES-GCM
Key Length:
128, 256
AES-CBC
KTS (SSHv2
with AES and
HMAC)
KTS-Wrap KTS via SSHv2
service by using
AES and HMAC
Bit-strength
Caveat:Provides
between 128
and 256 bits of
encryption
strength
AES-CBC
Key Length:
128, 256
HMAC-SHA-1
HMAC-SHA2-
256
Page 13 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Type Description Properties Algorithms
SHA-1
SHA2-256
KTS (SSHv2
with AES-GCM)
KTS-Wrap KTS via SSHv2
service by using
AES-GCM
Bit-strength
Caveat:Provides
between 128
and 256 bits of
encryption
strength
AES-GCM
Key Length:
128, 256
AES-CBC
RSA KeyGen
(SSHv2,
TLSv1.2, IKEv2)
AsymKeyPair-
KeyGen
RSA KeyGen for
SSHv2,
TLSv1.2, and
IKEv2 services
RSA KeyGen
(FIPS186-4)
Counter DRBG
Hash DRBG
ECDSA KeyGen
(SSHv2,
TLSv1.2 and
IKEv2)
AsymKeyPair-
KeyGen
ECDSA KeyGen
for TLSv1.2 and
IKEv2 services
ECDSA KeyGen
(FIPS186-4)
Counter DRBG
Hash DRBG
RSA SigGen
(SSHv2,
TLSv1.2, IKEv2)
DigSig-SigGen RSA SigGen for
SSHv2,
TLSv1.2, and
IKEv2 services
RSA SigGen
(FIPS186-4)
ECDSA SigGen
(SSHv2,
TLSv1.2 and
IKEv2)
DigSig-SigGen ECDSA SigGen
for TLSv1.2, and
IKEv2 services
ECDSA SigGen
(FIPS186-4)
RSA SigVer
(SSHv2,
TLSv1.2, and
IKEv2)
DigSig-SigVer RSA SigVer for
SSHv2,
TLSv1.2, and
IKEv2 services
RSA SigVer
(FIPS186-4)
ECDSA SigVer
(SSHv2,
TLSv1.2, and
IKEv2)
DigSig-SigVer ECDSA SigVer
for TLSv1.2 and
IKEv2 services
ECDSA SigVer
(FIPS186-4)
Block Cipher
(SSHv2)
BC-Auth
BC-UnAuth
Block Cipher for
SSHv2 service
AES-CBC
Key Length:
128, 256
AES-GCM
Key Length:
128, 256
Block Cipher
(TLSv1.2)
BC-Auth
BC-UnAuth
Block Cipher for
TLSv1.2 service
AES-GCM
Key Length:
128, 256
AES-CBC
Key Length:
128, 256
Block Cipher
(IPSec/IKEv2)
BC-Auth
BC-UnAuth
Block Cipher for
IPSec/IKEv2
service
AES-CBC
AES-GCM
AES-CBC
AES-GCM
Page 14 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Type Description Properties Algorithms
Block Cipher
(SNMPv3)
BC-UnAuth Block Cipher for
SNMPv3 service
AES-CBC
KDF SNMP
MAC (SSHv2) MAC MAC for SSHv2
service
HMAC-SHA-1
HMAC-SHA2-
256
SHA-1
SHA2-256
MAC (TLSv1.2) MAC Message
Authentication
for TLSv1.2
services
HMAC-SHA-1
HMAC-SHA2-
256
HMAC-SHA2-
384
SHA-1
SHA2-256
SHA2-384
MAC
(IPSec/IKEv2)
MAC Message
Authentication
for IPSec/IKEv2
services
HMAC-SHA2-
256
HMAC-SHA2-
384
HMAC-SHA2-
512
SHA2-256
SHA2-384
SHA2-512
HMAC-SHA2-
256
HMAC-SHA2-
384
HMAC-SHA2-
512
SHA2-256
SHA2-384
SHA2-512
HMAC-SHA-1
SHA-1
MAC (SNMPv3) MAC Message
Authentication
for SNMPv3
service
HMAC-SHA-1
SHA-1
KDF SNMP
HMAC-SHA2-
256
HMAC-SHA2-
384
SHA2-256
SHA2-384
HMAC-SHA2-
224
SHA2-224
Page 15 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Type Description Properties Algorithms
Firmware Load
Test
MAC MAC for
firmware load
test
HMAC-SHA2-
512
SSHv2 Keying
Materials
Development
KAS-135KDF SSHv2 session
keying materials,
used to derive
SSHv2 session
keys
KDF SSH
TLS Keying
Materials
Development
KAS-135KDF TLS session
keying materials,
used to derive
TLS session
keys
TLS v1.2 KDF
RFC7627
IKEv2 Keying
Materials
Development
KAS-135KDF IKEv2 session
keying materials,
used to derive
IKEv2 session
keys
KDF IKEv2
SNMPv3 Keying
Materials
Development
KAS-135KDF SNMPv3
session keying
materials, used
to derive
SNMPv3
session keys
KDF SNMP
DRBG Function DRBG DRBG
generation
Counter DRBG
Hash DRBG
Table 7: Security Function Implementations
2.7 Algorithm Specific Information
There are some algorithm modes that were tested but not implemented by the module. Only
the algorithms, modes, and key sizes that are implemented by the module are shown in this
table.
The module’s AES-GCM implementation conforms to Implementation Guidance C.H scenario
#1 following RFC 5288 for TLS. The module is compatible with TLSv1.2 and provides support
for the acceptable GCM cipher suites from SP 800-52 Rev1, Section 3.3.1. The operations of
one of the two parties involved in the TLS key establishment scheme were performed entirely
within the cryptographic boundary of the module being validated. The counter portion of the IV
is set by the module within its cryptographic boundary. When the IV exhausts the maximum
number of possible values for a given session key, the first party, client or server, to encounter
this condition will trigger a handshake to establish a new encryption key. The keys for the client
and server negotiated in the TLSv1.2 handshake process (client_write_key and
server_write_key) are compared and the module aborts the session if the key values are
identical. In case the module’s power is lost and then restored, a new key for use with the AES
GCM encryption/decryption shall be established.
Page 16 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
The module uses RFC 7296 compliant IKEv2 to establish the shared secret SKEYSEED from
which the AES GCM encryption keys are derived. When the IV exhausts the maximum number
of possible values for a given session key, the first party, client or server, to encounter this
condition will trigger a handshake to establish a new encryption key. Two keys established by
IKEv2 for one security association (one key for encryption in each direction between the parties)
are not identical and abort the session if they are. In case the module’s power is lost and then
restored, a new key for use with the AES GCM encryption/decryption shall be established.
2.8 RBG and Entropy
Cert
Number
Vendor Name
E3 Cisco Systems, Inc.
Table 8: Entropy Certificates
Name Type Operational Environment Sample
Size
Entropy
per
Sample
Conditioning
Component
Cisco Jitter
Entropy
Source
Non-
Physical
AMD EPYC 7272 (Zen2),
AMD EPYC 7282 (Zen2),
AMD EPYC 7352 (Zen2),
AMD EPYC 7452 (Zen2)
4 bits 2 bits A2810 (SHA3-
256)
Table 9: Entropy Sources
2.9 Key Generation
The module generates RSA, ECDSA, ECDH, and DH asymmetric key pairs compliant with FIPS
186-4, using a NIST SP 800-90A CTR DRBG or NIST SP 800-90A Hash DRBG for random
number generation. In accordance with FIPS 140-3 IG D.H, the cryptographic module performs
CKG for asymmetric keys as per section 5.1 of NIST SP 800-133rev2 (vendor affirmed) by
obtaining a random bit string directly from an approved DRBG. The random bit string supports
the required security strength requested by the calling application (without any V, as described
in Additional Comments 2 of IG D.H.).
2.10 Key Establishment
The module provides the following key/SSP establishment services in the approved mode of
operation:
• KAS-FFC Shared Secret Computation: The module provides SP800-56Arev3 compliant
key establishment according to FIPS 140-3 IG D.F scenario 2 path (2) with KAS-FFC
shared secret computation. The shared secret computation provides between 112 and
152 bits of encryption strength.
• KAS-ECC Shared Secret Computation: The module provides SP800-56Arev3 compliant
key establishment according to FIPS 140-3 IG D.F scenario 2 path (2) with KAS-ECC
Page 17 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
shared secret computation. The shared secret computation provides between 128 and
256 bits of encryption strength.
2.11 Industry Protocols
The module supports SSHv2, TLS v1.2, SNMPv3 and IPsec/IKEv2 industrial protocols. Please
refer to the Security Function Implementations Table for more information. No parts of SSH,
TLS, IKE and SNMP protocols, other than the KDFs, have been tested by the CAVP and
CMVP.
3 Cryptographic Module Interfaces
3.1 Ports and Interfaces
Physical Port Logical
Interface(s)
Data That Passes
Ethernet Port, SFP (1G)
port, SFP+ (10G) port,
and Console Port
Data Input Data input into the module for all the services
defined in Approved Services Table, including
TLSv1.2, SSHv2, SNMPv3 and IPsec/IKEv2
service data.
Ethernet Port, SFP (1G)
port, SFP+ (10G) port
and Console Port
Data Output Data output from the module for all the services
defined in Approved Services Table, including
TLSv1.2, SSHv2, SNMPv3 and IPsec/IKEv2
service data.
Ethernet Port, SFP (1G)
port, SFP+ (10G) port,
Console Port and RESET
Control
Input
Control Data input into the module for all the
services defined in Approved Services Table,
including TLSv1.2, SSHv2, SNMPv3 and
IPsec/IKEv2 service data.
Ethernet Port, SFP (1G)
port, SFP+ (10G) port,
Console Port and LEDs
Status
Output
Status Information output from the module.
N/A Control
Output
N/A
Power Power Provide the Power Supply to the module.
Table 10: Ports and Interfaces
The module’s physical perimeter encompasses the case of the tested platform mentioned in
Table 2. The module provides physical ports which are mapped to logical interfaces provided
by the module (data input, data output, control input, control output and status output) as above.
The module’s data output interface will be disabled when performing pre-operational self-tests,
loading new firmware, zeroizing keys, or when in an error state.
4 Roles, Services, and Authentication
4.1 Authentication Methods
Page 18 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Method
Name
Description Security
Mechanism
Strength
Each Attempt
Strength per Minute
Password The minimum length is
eight (8) characters (94
possible characters).
The configuration
supports at most ten
failed attempts to
authenticate in a one-
minute period.
Password
Based
The probability
that a random
attempt will
succeed or a
false
acceptance
will occur is
1/(94^8) which
is less than
1/1,000,000.
The probability of
successfully
authenticating to the
module within one
minute is 10/(94^8),
which is less than
1/100,000.
RSA-
Based
Certificate
The modules support
RSA public-key based
authentication
mechanism using a
minimum of RSA 2048
bits, which provides 112
bits of security strength.
The probability that a
random attempt will
succeed is 1/(2^112)
which is less than
1/1,000,000. For
multiple attacks during a
one-minute period, as
the module at its highest
can support at most
17,000 new sessions
per second to
authenticate in a one-
minute period, the
probability of
successfully
authenticating to the
module within a one
minute period is 17,000
* 60 =
1,020,000/(2^112),
which is less than
1/100,000.
RSA SigVer
(FIPS186-4)
(A4446)
The probability
that a random
attempt will
succeed is
1/(2^112).
Please refer to
Description
section in this
table for more
details
the probability of
successfully
authenticating to the
module within a one
minute period is
17,000 * 60 =
1,020,000/(2^112).
Please refer to
Description section in
this table for more
details
ECDSA-
Based
Certificate
The modules support
ECDSA public-key
based authentication
mechanism using a
minimum of curve P-
256, which provides 128
bits of security strength.
The probability that a
random attempt will
succeed is 1/(2^128)
ECDSA
SigVer
(FIPS186-4)
(A4446)
The probability
that a random
attempt will
succeed is
1/(2^128)
which is less
than
1/1,000,000.
Please refer to
Description
the probability of
successfully
authenticating to the
module within a one
minute period is
17,000 * 60 =
1,020,000/(2^128).
Please refer to
Description section in
Page 19 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Method
Name
Description Security
Mechanism
Strength
Each Attempt
Strength per Minute
which is less than
1/1,000,000. For
multiple attacks during a
one-minute period, as
the module at its highest
can support at most
17,000 new sessions
per second to
authenticate in a one-
minute period, the
probability of
successfully
authenticating to the
module within a one
minute period is 17,000
* 60 =
1,020,000/(2^128),
which is less than
1/100,000.
section in this
table for more
details
this table for more
details
Table 11: Authentication Methods
The module implements identity-based authentication. The module supports Crypto Officer role
and the User role. The module also allows the concurrent operators.
4.2 Roles
Name Type Operator Type Authentication Methods
Crypto Officer Identity CO Password
RSA-Based Certificate
ECDSA-Based Certificate
User Identity User Password
RSA-Based Certificate
ECDSA-Based Certificate
Table 12: Roles
Unauthenticated Users can run the self-test service by power-cycling the module by removing
the power and re-applying.
4.3 Approved Services
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
Show
Status
Provide
Module’s
current
N/A Command
used to
show
Module's
Operationa
l Status
None Crypto
Officer
User
Page 20 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
status
(return
codes
and/or
syslog
messages)
Module's
Status
Show
Version
Provide
Module's
name and
version
information
N/A Command
to show
version
Module's
ID and
versioning
information
None Crypto
Officer
User
Perform
Self-Tests
Perform
Self-Tests
(Pre-
operational
self-test
and
Conditional
Self-Tests)
N/A Command
to trigger
Self-Test
Status of
the self-
tests
results
None Crypto
Officer
User
Unauthentic
ated
Perform
Zeroization
Perform
Zeroization
Syslog
message
Command
to zeroize
the module
Status of
the SSPs
zeroization
None Crypto
Officer
- DRBG
Entropy
Input: Z
- DRBG
Seed: Z
- DRBG
Internal
State V
value: Z
- DRBG Key:
Z
- User
Password: Z
- Crypto
Officer
Password: Z
- RADIUS
Secret: Z
- TACACS+
Secret: Z
- Firmware
Load Test
Key: Z
- SSH DH
Private Key:
Z
- SSH DH
Page 21 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
Public Key:
Z
- SSH Peer
DH Public
Key: Z
- SSH DH
Shared
Secret: Z
- SSH ECDH
Private Key:
Z
- SSH ECDH
Public Key:
Z
- SSH Peer
ECDH
Public Key:
Z
- SSH ECDH
Shared
Secret: Z
- SSH RSA
Private Key:
Z
- SSH RSA
Public Key:
Z
- SSH
ECDSA
Private Key:
Z
- SSH
ECDSA
Public Key:
Z
- SSH
Session
Encryption
Key: Z
- SSH
Session
Authenticatio
n Key: Z
- TLS DH
Private Key:
Z
- TLS DH
Public Key:
Z
Page 22 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
- TLS Peer
DH Public
Key: Z
- TLS DH
Shared
Secret: Z
- TLS ECDH
Private Key:
Z
- TLS ECDH
Public Key:
Z
- TLS Peer
ECDH
Public Key:
Z
- TLS ECDH
Shared
Secret: Z
- TLS
ECDSA
Private Key:
Z
- TLS
ECDSA
Public Key:
Z
- TLS RSA
Private Key:
Z
- TLS RSA
Public Key:
Z
- TLS Master
Secret: Z
- TLS
Session
Encryption
Key: Z
- TLS
Session
Authenticatio
n Key: Z
- IPSec/IKE
DH Private
Key: Z
- IPSec/IKE
DH Public
Key: Z
Page 23 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
- IPSec/IKE
Peer DH
Public Key:
Z
- IPSec/IKE
DH Shared
Secret: Z
- IPSec/IKE
ECDH
Private Key:
Z
- IPSec/IKE
ECDH
Public Key:
Z
- IPSec/IKE
Peer ECDH
Public Key:
Z
- IPSec/IKE
ECDH
Shared
Secret: Z
- IPSec/IKE
ECDSA
Private Key:
Z
- IPSec/IKE
ECDSA
Public Key:
Z
- IPSec/IKE
RSA Private
Key: Z
- IPSec/IKE
RSA Public
Key: Z
- IPSec/IKE
Pre-shared
Secret: Z
-
SKEYSEED:
Z
- IPSec/IKE
Session
Encryption
Key: Z
- IPSec/IKE
Authenticatio
Page 24 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
n Key: Z
- SNMPv3
Shared
Secret: Z
- SNMPv3
Encryption
Key: Z
- SNMPv3
Authenticatio
n Key: Z
Configure
Network
Sets
configurati
on of the
systems
None Command
s to
configure
the
network
Status of
the
completion
of network
configurati
on status
None Crypto
Officer
Crypto
Officer
Authenticat
ion
CO Role
Authenticat
ion
N/A CO
Authenticat
ion
Request
Status of
the CO
authenticat
ion
None Crypto
Officer
- Crypto
Officer
Password:
W,Z
User
Authenticat
ion
User Role
Authenticat
ion
N/A User role
authenticat
ion request
Status of
the User
role
authenticat
ion
None User
- User
Password:
W,Z
Configure
SSHv2
Function
Configure
SSHv2
Function
Global
Indicator
and
SSHv2
configurat
ion
success
status
message
Command
s to
configure
SSHv2
Status of
the
completion
of the
SSHv2
configurati
on
KAS-FFC
(SSHv2)
KAS-ECC
(SSHv2)
KTS
(SSHv2
with AES
and
HMAC)
KTS
(SSHv2
with AES-
GCM)
RSA
KeyGen
(SSHv2,
TLSv1.2,
IKEv2)
ECDSA
KeyGen
(SSHv2,
Crypto
Officer
- SSH DH
Private Key:
W,E
- SSH DH
Public Key:
W,E
- SSH Peer
DH Public
Key: W,E
- SSH DH
Shared
Secret: W,E
- SSH ECDH
Private Key:
W,E
- SSH ECDH
Public Key:
W,E
- SSH Peer
Page 25 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
TLSv1.2
and IKEv2)
RSA
SigGen
(SSHv2,
TLSv1.2,
IKEv2)
ECDSA
SigGen
(SSHv2,
TLSv1.2
and IKEv2)
RSA
SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
ECDSA
SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
Block
Cipher
(SSHv2)
MAC
(SSHv2)
KAS-ECC-
KeyGen
(SSHv2)
KAS-FFC-
KeyGen
(SSHv2)
DRBG
Function
SSHv2
Keying
Materials
Developm
ent
ECDH
Public Key:
W,E
- SSH ECDH
Shared
Secret: W,E
- SSH RSA
Private Key:
W,E
- SSH RSA
Public Key:
W,E
- SSH
ECDSA
Private Key:
W,E
- SSH
ECDSA
Public Key:
W,E
- SSH
Session
Encryption
Key: W,E
- SSH
Session
Authenticatio
n Key: W,E
- DRBG
Entropy
Input: W,E
- DRBG
Seed: W,E
- DRBG
Internal
State V
value: W,E
- DRBG Key:
W,E
Configure
HTTPS
over
TLSv1.2
Function
Configure
HTTPS
over
TLSv1.2
Function
Global
Indicator
and
HTTPS
over
TLSv1.2
configurat
ion
success
Command
s to
configure
TLSv1.2
Status of
the
completion
of TLSv1.2
configurati
on
KAS-FFC
(TLSv1.2)
KAS-ECC
(TLSv1.2)
KTS
(TLSv1.2
with AES
and
HMAC)
Crypto
Officer
- TLS DH
Private Key:
W,E
- TLS DH
Public Key:
W,E
- TLS Peer
Page 26 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
status
message
KTS
(TLSv1.2
with AES-
GCM)
RSA
KeyGen
(SSHv2,
TLSv1.2,
IKEv2)
ECDSA
KeyGen
(SSHv2,
TLSv1.2
and IKEv2)
RSA
SigGen
(SSHv2,
TLSv1.2,
IKEv2)
ECDSA
SigGen
(SSHv2,
TLSv1.2
and IKEv2)
RSA
SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
ECDSA
SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
Block
Cipher
(TLSv1.2)
MAC
(TLSv1.2)
KAS-ECC-
KeyGen
(TLSv1.2)
KAS-FFC-
KeyGen
(TLSv1.2)
TLS
Keying
Materials
Developm
DH Public
Key: W,E
- TLS DH
Shared
Secret: W,E
- TLS ECDH
Private Key:
W,E
- TLS ECDH
Public Key:
W,E
- TLS Peer
ECDH
Public Key:
W,E
- TLS ECDH
Shared
Secret: W,E
- TLS
ECDSA
Private Key:
W,E
- TLS
ECDSA
Public Key:
W,E
- TLS RSA
Private Key:
W,E
- TLS RSA
Public Key:
W,E
- TLS Master
Secret: W,E
- TLS
Session
Encryption
Key: W,E
- TLS
Session
Authenticatio
n Key: W,E
- DRBG
Entropy
Input: W,E
- DRBG
Seed: W,E
- DRBG
Internal
Page 27 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
ent
DRBG
Function
State V
value: W,E
- DRBG Key:
W,E
Configure
IPsec/IKEv
2 Function
Configure
IPSec/IKEv
2 Function
Global
Indicator
with
IPsec/IKE
v2
configurat
ion
success
status
message
Command
s to
configure
IPsec/IKEv
2
Status of
the
completion
of
IPsec/IKEv
2
configurati
on
KAS-ECC
(IKEv2)
KAS-FFC
(IKEv2)
RSA
KeyGen
(SSHv2,
TLSv1.2,
IKEv2)
ECDSA
KeyGen
(SSHv2,
TLSv1.2
and IKEv2)
RSA
SigGen
(SSHv2,
TLSv1.2,
IKEv2)
ECDSA
SigGen
(SSHv2,
TLSv1.2
and IKEv2)
RSA
SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
ECDSA
SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
Block
Cipher
(IPSec/IKE
v2)
MAC
(IPSec/IKE
v2)
KAS-ECC-
KeyGen
(IKEv2)
KAS-FFC-
Crypto
Officer
- IPSec/IKE
DH Private
Key: W,E
- IPSec/IKE
DH Public
Key: W,E
- IPSec/IKE
Peer DH
Public Key:
W,E
- IPSec/IKE
DH Shared
Secret: W,E
- IPSec/IKE
ECDH
Private Key:
W,E
- IPSec/IKE
ECDH
Public Key:
W,E
- IPSec/IKE
Peer ECDH
Public Key:
W,E
- IPSec/IKE
ECDH
Shared
Secret: W,E
- IPSec/IKE
ECDSA
Private Key:
W,E
- IPSec/IKE
ECDSA
Public Key:
W,E
- IPSec/IKE
RSA Private
Key: W,E
- IPSec/IKE
RSA Public
Key: W,E
Page 28 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
KeyGen
(IKEv2)
IKEv2
Keying
Materials
Developm
ent
DRBG
Function
- IPSec/IKE
Pre-shared
Secret: W,E
-
SKEYSEED:
W,E
- IPSec/IKE
Session
Encryption
Key: W,E
- IPSec/IKE
Authenticatio
n Key: W,E
- DRBG
Entropy
Input: W,E
- DRBG
Seed: W,E
- DRBG
Internal
State V
value: W,E
- DRBG Key:
W,E
Run
SSHv2
Function
Execute
SSHv2
Function
Global
Indicator
and
successfu
l SSHv2
log
message
Initiate
SSHv2
tunnel
establishm
ent
Status of
SSHv2
tunnel
establishm
ent
KAS-FFC
(SSHv2)
KAS-ECC
(SSHv2)
KTS
(SSHv2
with AES
and
HMAC)
KTS
(SSHv2
with AES-
GCM)
RSA
KeyGen
(SSHv2,
TLSv1.2,
IKEv2)
ECDSA
KeyGen
(SSHv2,
TLSv1.2
and IKEv2)
RSA
SigGen
Crypto
Officer
- SSH DH
Private Key:
W,E
- SSH DH
Public Key:
W,E
- SSH Peer
DH Public
Key: W,E
- SSH DH
Shared
Secret: W,E
- SSH ECDH
Private Key:
W,E
- SSH ECDH
Public Key:
W,E
- SSH Peer
ECDH
Public Key:
W,E
- SSH ECDH
Page 29 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
(SSHv2,
TLSv1.2,
IKEv2)
ECDSA
SigGen
(SSHv2,
TLSv1.2
and IKEv2)
RSA
SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
ECDSA
SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
Block
Cipher
(SSHv2)
MAC
(SSHv2)
KAS-ECC-
KeyGen
(SSHv2)
KAS-FFC-
KeyGen
(SSHv2)
DRBG
Function
SSHv2
Keying
Materials
Developm
ent
Shared
Secret: W,E
- SSH RSA
Private Key:
W,E
- SSH RSA
Public Key:
W,E
- SSH
ECDSA
Private Key:
W,E
- SSH
ECDSA
Public Key:
W,E
- SSH
Session
Encryption
Key: W,E
- SSH
Session
Authenticatio
n Key: W,E
- DRBG
Entropy
Input: W,E
- DRBG
Seed: W,E
- DRBG
Internal
State V
value: W,E
- DRBG Key:
W,E
User
- SSH DH
Private Key:
W,E
- SSH DH
Public Key:
W,E
- SSH Peer
DH Public
Key: W,E
- SSH DH
Shared
Secret: W,E
- SSH ECDH
Page 30 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
Private Key:
W,E
- SSH ECDH
Public Key:
W,E
- SSH Peer
ECDH
Public Key:
W,E
- SSH ECDH
Shared
Secret: W,E
- SSH RSA
Private Key:
W,E
- SSH RSA
Public Key:
W,E
- SSH
ECDSA
Private Key:
W,E
- SSH
ECDSA
Public Key:
W,E
- SSH
Session
Encryption
Key: W,E
- SSH
Session
Authenticatio
n Key: W,E
- DRBG
Entropy
Input: W,E
- DRBG
Seed: W,E
- DRBG
Internal
State V
value: W,E
- DRBG Key:
W,E
Run
HTTPS
over
Execute
HTTPS
over
Global
Indicator
and
successfu
Initiate
TLSv1.2
tunnel
Status of
TLSv1.2
tunnel
KAS-FFC
(TLSv1.2)
KAS-ECC
(TLSv1.2)
Crypto
Officer
- TLS DH
Private Key:
Page 31 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
TLSv1.2
Function
TLSv1.2
function
l HTTPS
over
TLSv1.2
log
message
establishm
ent request
establishm
ent
KTS
(TLSv1.2
with AES
and
HMAC)
KTS
(TLSv1.2
with AES-
GCM)
RSA
KeyGen
(SSHv2,
TLSv1.2,
IKEv2)
ECDSA
KeyGen
(SSHv2,
TLSv1.2
and IKEv2)
RSA
SigGen
(SSHv2,
TLSv1.2,
IKEv2)
ECDSA
SigGen
(SSHv2,
TLSv1.2
and IKEv2)
RSA
SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
ECDSA
SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
Block
Cipher
(TLSv1.2)
MAC
(TLSv1.2)
KAS-ECC-
KeyGen
(SSHv2)
KAS-FFC-
KeyGen
W,E
- TLS DH
Public Key:
W,E
- TLS Peer
DH Public
Key: W,E
- TLS DH
Shared
Secret: W,E
- TLS ECDH
Private Key:
W,E
- TLS ECDH
Public Key:
W,E
- TLS Peer
ECDH
Public Key:
W,E
- TLS ECDH
Shared
Secret: W,E
- TLS
ECDSA
Private Key:
W,E
- TLS
ECDSA
Public Key:
W,E
- TLS RSA
Private Key:
W,E
- TLS RSA
Public Key:
W,E
- TLS Master
Secret: W,E
- TLS
Session
Encryption
Key: W,E
- TLS
Session
Authenticatio
n Key: W,E
- DRBG
Entropy
Page 32 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
(SSHv2)
DRBG
Function
SSHv2
Keying
Materials
Developm
ent
Input: W,E
- DRBG
Seed: W,E
- DRBG
Internal
State V
value: W,E
- DRBG Key:
W,E
User
- TLS DH
Private Key:
W,E
- TLS DH
Public Key:
W,E
- TLS Peer
DH Public
Key: W,E
- TLS DH
Shared
Secret: W,E
- TLS ECDH
Private Key:
W,E
- TLS ECDH
Public Key:
W,E
- TLS Peer
ECDH
Public Key:
W,E
- TLS ECDH
Shared
Secret: W,E
- TLS
ECDSA
Private Key:
W,E
- TLS
ECDSA
Public Key:
W,E
- TLS RSA
Private Key:
W,E
- TLS RSA
Public Key:
W,E
Page 33 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
- TLS Master
Secret: W,E
- TLS
Session
Encryption
Key: W,E
- TLS
Session
Authenticatio
n Key: W,E
- DRBG
Entropy
Input: W,E
- DRBG
Seed: W,E
- DRBG
Internal
State V
value: W,E
- DRBG Key:
W,E
Run
IPSec/IKEv
2 Function
Execute
IPsec/IKEv
2 Function
Global
Indicator
and
succesful
IPsec/IKE
v2 log
message
Initiate
IPsec/IKEv
2 tunnel
establishm
ent request
Status of
IPSec/IKE
v2 tunnel
establishm
ent
KAS-ECC
(IKEv2)
KAS-FFC
(IKEv2)
RSA
KeyGen
(SSHv2,
TLSv1.2,
IKEv2)
ECDSA
KeyGen
(SSHv2,
TLSv1.2
and IKEv2)
RSA
SigGen
(SSHv2,
TLSv1.2,
IKEv2)
ECDSA
SigGen
(SSHv2,
TLSv1.2
and IKEv2)
RSA
SigVer
(SSHv2,
TLSv1.2,
Crypto
Officer
- IPSec/IKE
DH Private
Key: W,E
- IPSec/IKE
DH Public
Key: W,E
- IPSec/IKE
Peer DH
Public Key:
W,E
- IPSec/IKE
DH Shared
Secret: W,E
- IPSec/IKE
ECDH
Private Key:
W,E
- IPSec/IKE
ECDH
Public Key:
W,E
- IPSec/IKE
Peer ECDH
Public Key:
W,E
- IPSec/IKE
Page 34 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
and IKEv2)
ECDSA
SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
Block
Cipher
(IPSec/IKE
v2)
MAC
(IPSec/IKE
v2)
KAS-ECC-
KeyGen
(IKEv2)
KAS-FFC-
KeyGen
(IKEv2)
IKEv2
Keying
Materials
Developm
ent
DRBG
Function
ECDH
Shared
Secret: W,E
- IPSec/IKE
ECDSA
Private Key:
W,E
- IPSec/IKE
ECDSA
Public Key:
W,E
- IPSec/IKE
RSA Private
Key: W,E
- IPSec/IKE
RSA Public
Key: W,E
- IPSec/IKE
Pre-shared
Secret: W,E
-
SKEYSEED:
W,E
- IPSec/IKE
Session
Encryption
Key: W,E
- IPSec/IKE
Authenticatio
n Key: W,E
- DRBG
Entropy
Input: W,E
- DRBG
Seed: W,E
- DRBG
Internal
State V
value: W,E
- DRBG Key:
W,E
User
- IPSec/IKE
DH Private
Key: W,E
- IPSec/IKE
DH Public
Key: W,E
- IPSec/IKE
Page 35 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
Peer DH
Public Key:
W,E
- IPSec/IKE
DH Shared
Secret: W,E
- IPSec/IKE
ECDH
Private Key:
W,E
- IPSec/IKE
ECDH
Public Key:
W,E
- IPSec/IKE
Peer ECDH
Public Key:
W,E
- IPSec/IKE
ECDH
Shared
Secret: W,E
- IPSec/IKE
ECDSA
Private Key:
W,E
- IPSec/IKE
ECDSA
Public Key:
W,E
- IPSec/IKE
RSA Private
Key: W,E
- IPSec/IKE
RSA Public
Key: W,E
- IPSec/IKE
Pre-shared
Secret: W,E
-
SKEYSEED:
W,E
- IPSec/IKE
Session
Encryption
Key: W,E
- IPSec/IKE
Authenticatio
n Key: W,E
Page 36 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Descriptio
n
Indicator Inputs Outputs Security
Functions
SSP Access
- DRBG
Entropy
Input: W,E
- DRBG
Seed: W,E
- DRBG
Internal
State V
value: W,E
- DRBG Key:
W,E
Configure
SNMPv3
Function
Configure
SNMPv3
Function
Global
Indicator
and
SNMPv3
configurat
ion
success
status
message
Command
s to
configure
SNMPv3
Status of
the
completion
of
SNMPv3
configurati
on
Block
Cipher
(SNMPv3)
MAC
(SNMPv3)
SNMPv3
Keying
Materials
Developm
ent
Crypto
Officer
- SNMPv3
Shared
Secret: W,E
- SNMPv3
Encryption
Key: W,E
- SNMPv3
Authenticatio
n Key: W,E
Run
SNMPv3
Function
Execute
SNMPv3
Function
Global
Indicator
and
successfu
l SNMPv3
log
message
Initiate
SNMPv3
tunnel
establishm
ent request
Status of
SNMPv3
tunnel
establishm
ent
Block
Cipher
(SNMPv3)
MAC
(SNMPv3)
SNMPv3
Keying
Materials
Developm
ent
Crypto
Officer
User
Firmware
Load Test
Execute
the
Firmware
Load Test
Global
indicator
and
successfu
l
Firmware
Loading
status
message
Command
s to load
new
firmware
image
Outcome
of the
Firmware
Load Test
Firmware
Load Test
Crypto
Officer
- Firmware
Load Test
Key: R
Table 13: Approved Services
4.4 Non-Approved Services
N/A for this module.
Page 37 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
4.5 External Software/Firmware Loaded
The module supports the firmware load test by using HMAC-SHA2-512 (HMAC Cert. #A4446)
for the new validated firmware to be uploaded into the module. A Firmware Load Test Key was
preloaded to the module’s binary at the factory and used for firmware load test. In order to load
new firmware, the Crypto Officer must authenticate to the module before loading the firmware.
This ensures that unauthorized access and use of the module is not performed. The module will
load the new update upon reboot. The update attempt will be rejected if the verification fails.
4.6 Cryptographic Output Actions and Status
The module implements Self-initiated cryptographic output capability without external operator
request. The Crypto Officer shall configure self-initiated cryptographic output capability. Prior to
executing the self-initiated cryptographic output capability, the module conducts two
independent internal actions to activate the capability to prevent the inadvertent output due to a
single error.
4.7 Additional Information
The module supports unauthenticated service. The unauthenticated User/Operators can trigger
the self-test service by power-cycling the module, and is able to observe the module’s LEDs
status.
5 Software/Firmware Security
5.1 Integrity Techniques
The module is provided in the form of binary executable code. To ensure firmware security, the
module is protected by RSA 2048 bits with SHA2-512 (RSA Cert. #A4446) algorithm. A
Firmware Integrity Test Key (non-SSP) was preloaded to the module’s binary at the factory and
used for firmware integrity test only at the pre-operational self-test. The module uses the RSA
2048 bits modulus public key to verify the digital signature. If the firmware integrity test fails, the
module would enter to an Error state with all crypto functionality inhibited.
5.2 Initiate on Demand
Integrity test is performed as part of the Pre-Operational Self-Tests. It is automatically executed
at power-on. The operator can power-cycle or reboot the tested platform to initiate the firmware
integrity test on-demand.
Page 38 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
6 Operational Environment
6.1 Operational Environment Type and Requirements
Type of Operational Environment: Limited
7 Physical Security
7.1 Mechanisms and Actions Required
Mechanism Inspection
Frequency
Inspection Guidance
Tamper labels (9) with Part
number: AIR-AP-FIPSKIT=
Recommend 30
Days
Visible inspection of platform for
residual evidence of tampering
Opacity shield (1) with Part
number: FPR3K-FIPS-KIT=
Recommend 30
Days
Visible inspection of platform for
evidence of tampering, removal or
access
Table 14: Mechanisms and Actions Required
Appling Tamper Evidence Labels
Step 1: Turn off and unplug the module.
Step 2: Clean the chassis of any grease, dirt, oil or any other material other than the surface
coating from manufacture before applying the tamper evident labels. Alcohol-based cleaning
pads are recommended for this purpose.
Step 3: Apply a label to cover the module as shown in the figures below.
The tamper evident labels are produced from a special thin gauge vinyl with self-adhesive
backing. Any attempt to open the module will damage the tamper evident labels or the material
of the security appliance cover. Because the tamper evident labels have non-repeated serial
numbers, they may be inspected for damage and compared against the applied serial numbers
to verify that the security appliance has not been tampered with. Tamper evident labels can
also be inspected for signs of tampering, which include the following: curled corners, rips, and
slices. The word “FIPS” may appear if the label was peeled back.
7.2 User Placed Tamper Seals
Number: Nine (9)
Placement:
Page 39 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Figure 2 Module’s front view opacity shield
Figure 3 Module’s back view
Figure 4 Module’s top view with opacity shield
TEL 8
TEL 1
TEL 2
TEL 4
TEL 5
TEL 3
TEL 7
TEL 6
TEL 1
Page 40 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Figure 5 Module’s bottom view with opacity shield
Figure 6 Module’s left view with opacity shield
Figure 7 Module’s right view with opacity shield
Surface Preparation: Clean the chassis of any grease, dirt, or oil before applying the tamper
evident labels. Alcohol-based cleaning pads are recommended for this purpose.
Operator Responsible for Securing Unused Seals: Any unused TELs must be securely
stored, accounted for, and maintained by the CO in a protected location.
7.3 Filler Panels
3105, 3110, 3120, 3130, 3140 Opacity Shield
FPR3K-FIPS-KIT=
Step 1: Attach the Slide Rail Locking Bracket, #2 in diagram to the Side of the Chassis using the
countersink screws #3 in diagram.
TEL 7
TEL 6
TEL 8
TEL 2
TEL 3
TEL 9
Page 41 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Step 2: Attach the Cable Management Bracket (#1) to the Slide Rail Locking Bracket (#2) using the
countersink screws (#3)
Step 3: Route the Cables through the Cable Management Brackets
Step 4: Attach the FIPS Opacity Shield (#1) to the Cable Management Brackets (#3) using the
countersink screws (#2)
Page 42 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Figure 8 Opacity Shield Brackets
8 Non-Invasive Security
N/A for this module.
9 Sensitive Security Parameters Management
9.1 Storage Areas
Page 43 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Storage
Area
Name
Description Persistence
Type
DRAM Volatile Memory Dynamic
Flash Non-Volatile Memory Static
Table 15: Storage Areas
9.2 SSP Input-Output Methods
Name From To Format
Type
Distributio
n Type
Entry
Type
SFI or
Algorith
m
Peer Public Key
Input
External
(Outside
of the
Module's
Boundary
)
Module Plaintext Automated Electroni
c
Module Public
Key Output
Module External
(Outside
of the
Module's
Boundary
)
Plaintext Automated Electroni
c
Password/Secre
t Input via
SSHv2
encrypted by
GCM
External
(Outside
of the
Module's
Boundary
)
Module Encrypte
d
Automated Electroni
c
KTS
(SSHv2
with AES-
GCM)
Password/Secre
t Input via
SSHv2
encrypted by
AES and HMAC
External
(Outside
of the
Module's
Boundary
)
Module Encrypte
d
Automated Electroni
c
KTS
(SSHv2
with AES
and
HMAC)
Password/Secre
t Input via TLS
encrypted by
GCM
External
(Outside
of the
Module's
Boundary
)
Module Encrypte
d
Automated Electroni
c
KTS
(TLSv1.2
with AES-
GCM)
Password/Secre
t Input via TLS
encrypted by
AES and HMAC
External
(Outside
of the
Module's
Boundary
)
Module Encrypte
d
Automated Electroni
c
KTS
(TLSv1.2
with AES
and
HMAC)
Page 44 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Table 16: SSP Input-Output Methods
9.3 SSP Zeroization Methods
Zeroization
Method
Description Rationale Operator
Initiation
Zeroization
Command
CO issues
zeroization
service
the zeroization command will erase all
SSPs stored in the DRAM or in the
Flash of the module.
'configure
factory-default'
Table 17: SSP Zeroization Methods
Please note that the Firmware Load Test Key is only used for Firmware Load Test
Authentication and not subject to the zeroization requirement.
9.4 SSPs
Name Description Size -
Strength
Type -
Category
Generat
ed By
Establishe
d By
Used By
DRBG
Entropy
Input
Used to
seed the
DRBG
384 bits -
at least
256 bits
Entropy
Input - CSP
DRBG
Function
DRBG
Seed
Used in
DRBG
Generation
256 bits -
256 bits
DRBG
Seed - CSP
DRBG
Function
DRBG
Internal
State V
value
Used in
DRBG
Generation
256 bits -
256 bits
DRBG
Internal
State V
value - CSP
DRBG
Function
DRBG Key Used in
DRBG
Generation
256 bits -
256 bits
DRBG Key
- CSP
DRBG
Function
User
Password
User
authenticati
on
8-30
Characte
rs - 8-30
Characte
rs
Authenticati
on Data -
CSP
Crypto
Officer
Password
Crypto
Officer
authenticati
on
8-30
Characte
rs - 8-30
Characte
rs
Authenticati
on Data -
CSP
RADIUS
Secret
RADIUS
Server
Authenticati
on
16
Characte
rs - 16
Characte
rs
Authenticati
on Data -
CSP
Page 45 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Description Size -
Strength
Type -
Category
Generat
ed By
Establishe
d By
Used By
TACACS+
Secret
TACACS+
Authenticati
on
16
Characte
rs - 16
Characte
rs
Authenticati
on Data -
CSP
Firmware
Load Test
Key
Used for
Firmware
Load Test
112 bits -
112 bits
Public Key -
CSP
Firmware
Load Test
SSH DH
Private Key
Used to
derive the
SSH DH
Shared
Secret
MODP-
2048,
MODP-
3072,
MODP-
4096 -
112-152
bits
Private Key
- CSP
KAS-
FFC-
KeyGen
(SSHv2)
KAS-FFC
(SSHv2)
SSH DH
Public Key
Used to
derive SSH
DH Shared
Secret
MODP-
2048,
MODP-
3072,
MODP-
4096 -
112-152
bits
Public Key -
PSP
KAS-FFC-
KeyGen
(SSHv2)
KAS-FFC
(SSHv2)
SSH Peer
DH Public
Key
Used to
derive SSH
DH Shared
Secret
MODP-
2048,
MODP-
3072,
MODP-
4096 -
112-152
bits
Public Key -
PSP
KAS-FFC
(SSHv2)
SSH DH
Shared
Secret
Used to
derive SSH
Session
Encryption
Keys, SSH
Session
Authenticati
on Keys
MODP-
2048,
MODP-
3072,
MODP-
4096 -
112-152
bits
Shared
Secret -
CSP
KAS-FFC
(SSHv2)
KAS-FFC
(SSHv2)
SSH ECDH
Private Key
Used to
derive the
SSH ECDH
Shared
Secret
Curves:
256, 384,
521 bits -
128 to
256 bits
Private Key
- CSP
KAS-
ECC-
KeyGen
(SSHv2)
KAS-ECC
(SSHv2)
SSH ECDH
Public Key
Used to
derive SSH
ECDHE
Curves:
256, 384,
521 bits -
Public Key -
PSP
KAS-ECC-
KeyGen
(SSHv2)
KAS-ECC
(SSHv2)
Page 46 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Description Size -
Strength
Type -
Category
Generat
ed By
Establishe
d By
Used By
Shared
Secret
128-256
bits
SSH Peer
ECDH
Public Key
Used to
derive SSH
DH Shared
Secret
Curves:
256, 384,
521 bits -
128 to
256 bits
Public Key -
PSP
KAS-ECC
(SSHv2)
SSH ECDH
Shared
Secret
Used to
derive SSH
Session
Encryption
Keys, SSH
Session
Authenticati
on Keys
Curves:
256, 384,
521 bits -
128 to
256 bits
Shared
Secret -
CSP
KAS-ECC
(SSHv2)
KAS-ECC
(SSHv2)
SSH RSA
Private Key
Used for
SSH
session
authenticati
on
Modulus
2048 and
3072 bits
- 112-
128 bits
Private Key
- CSP
RSA
KeyGen
(SSHv2,
TLSv1.2,
IKEv2)
RSA SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
SSH RSA
Public Key
Used for
SSH
sessions
aiuthenticati
on
Modulus
2048 and
3072 bits
- 112-
128 bits
Public Key -
PSP
RSA
KeyGen
(SSHv2,
TLSv1.2,
IKEv2)
RSA SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
SSH
ECDSA
Private Key
Used for
SSH
session
authenticati
on
Curves:
256, 384,
521 bits -
128 to
256 bits
Private Key
- CSP
ECDSA
KeyGen
(SSHv2,
TLSv1.2
and
IKEv2)
ECDSA
SigGen
(SSHv2,
TLSv1.2
and IKEv2)
SSH
ECDSA
Public Key
Used for
SSH
sessions
aiuthenticati
on
Curves:
256, 384,
521 bits -
128 to
256 bits
Public Key -
PSP
ECDSA
KeyGen
(SSHv2,
TLSv1.2
and IKEv2)
ECDSA
SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
SSH
Session
Encryption
Key
Used for
SSH
Session
confidentialit
y protection
128-256
bits -
128-256
bits
Session
Key - CSP
SSHv2
Keying
Materials
Developme
nt
Block
Cipher
(SSHv2)
SSH
Session
Authenticati
on Key
Used for
SSH
Session
integrity
protection
At least
160 bits -
At least
160 bits
Session
Key - CSP
SSHv2
Keying
Materials
Developme
nt
MAC
(SSHv2)
TLS DH
Private Key
Used to
Derive TLS
Modulus:
2048,
Private Key
- CSP
KAS-
FFC-
KAS-FFC
(TLSv1.2)
Page 47 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Description Size -
Strength
Type -
Category
Generat
ed By
Establishe
d By
Used By
DH Shared
Secret
3072,
4096 bits
- 128-
152 bits
KeyGen
(TLSv1.2
)
TLS DH
Public Key
Used to
Derive TS
DH Shared
Secret
Modulus:
2048,
3072, or
4096 bits
- 128-
152 bits
Public Key -
PSP
KAS-FFC-
KeyGen
(TLSv1.2)
KAS-FFC
(TLSv1.2)
TLS Peer
DH Public
Key
Used to
derive IKE
DH Shared
Secret
Modulus:
2048,
3072, or
4096 bits
- 128-
152 bits
Public Key -
PSP
KAS-FFC
(TLSv1.2)
TLS DH
Shared
Secret
Used to
Derive TLS
Session
Encryption
Key and
TLS
Session
Authenticati
on Key
Modulus
2048,
3072, or
4096 -
128-152
bits
Shared
Secret -
CSP
KAS-FFC
(TLSv1.2)
KAS-FFC
(TLSv1.2)
TLS ECDH
Private Key
Used to
Derive TLS
ECDH
Shared
Secret
Curves
P-256, P-
384, and
P-521 -
128-256
bits
Private Key
- CSP
KAS-
ECC-
KeyGen
(TLSv1.2
)
KAS-ECC
(TLSv1.2)
TLS ECDH
Public Key
Used to
Derive TS
ECDH
Shared
Secret
Curves
P-256, P-
384, and
P-521 -
128-256
bits
Public Key -
PSP
KAS-ECC-
KeyGen
(TLSv1.2)
KAS-ECC
(TLSv1.2)
TLS Peer
ECDH
Public Key
Used to
derive IKE
ECDH
Shared
Secret
Curves:
P-256, P-
384, P-
521 -
128-256
bits
Public Key -
PSP
KAS-ECC
(TLSv1.2)
TLS ECDH
Shared
Secret
Used to
Derive TLS
Session
Encryption
Key and
Curves
p-256, P-
384, P-
521 -
Shared
Secret -
CSP
KAS-ECC
(TLSv1.2)
KAS-ECC
(TLSv1.2)
Page 48 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Description Size -
Strength
Type -
Category
Generat
ed By
Establishe
d By
Used By
TLS
Session
Authenticati
on Key
128-256
bits
TLS
ECDSA
Private Key
Used to
support CO
and Admin
HTTPS
interfaces
Curves
P-256, P-
384, P-
521 -
128-256
bits
Private Key
- CSP
ECDSA
KeyGen
(SSHv2,
TLSv1.2
and
IKEv2)
ECDSA
SigGen
(SSHv2,
TLSv1.2
and IKEv2)
TLS
ECDSA
Public Key
Used to
support CO
and User
HTTPS
Interfaces
Curves
P-256, P-
384, P-
521 -
128-256
bits
Public Key -
PSP
ECDSA
KeyGen
(SSHv2,
TLSv1.2
and IKEv2)
ECDSA
SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
TLS RSA
Private Key
Used to
support CO
and Admin
HTTPS
Interfaces
Modulus
2048 and
3072 bits
- 112-
128 bits
Private Key
- CSP
RSA
KeyGen
(SSHv2,
TLSv1.2,
IKEv2)
RSA SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
TLS RSA
Public Key
Used to
support CO
and User
HTTPS
interfaces
Modulus
2048 and
3072 bits
- 112-
128 bits
Public Key -
PSP
RSA
KeyGen
(SSHv2,
TLSv1.2,
IKEv2)
RSA SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
TLS Master
Secret
Used to
protect
HTTPS
Session.
Pre-master
secret
At least
112 bits -
At least
112 bits
Master
Secret -
CSP
TLS
Keying
Materials
Developme
nt
TLS Keying
Materials
Developme
nt
TLS
Session
Encryption
Key
Used to
protect
HTTPS
Session.
TLS Master
secret
128-256
bits -
128-256
bits
Session
Key - CSP
TLS
Keying
Materials
Developme
nt
Block
Cipher
(TLSv1.2)
TLS
Session
Authenticati
on Key
Used to
protect
HTTPS
Session.
TLS master
secret
at least
112 bits -
at least
112 bits
Session
Key - CSP
TLS
Keying
Materials
Developme
nt
MAC
(TLSv1.2)
IPSec/IKE
DH Private
Key
Used to
derive
IPSec/IKE
MODP-
2048,
MODP-
3072,
Private Key
- CSP
KAS-
FFC-
KeyGen
(IKEv2)
KAS-FFC
(IKEv2)
Page 49 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Description Size -
Strength
Type -
Category
Generat
ed By
Establishe
d By
Used By
DH Shared
Secret
MODP-
4096 -
112-152
bits
IPSec/IKE
DH Public
Key
Used to
derive
IPSec/IKE
DH Shared
Secret
MODP-
2048,
MODP-
3072,
MODP-
4096 -
112-152
bits
Public Key -
PSP
KAS-FFC-
KeyGen
(IKEv2)
KAS-FFC
(IKEv2)
IPSec/IKE
Peer DH
Public Key
Used to
derive
IPSec/IKE
DH Shared
Secret
MODP-
2048,
MODP-
3072,
MODP-
4096 -
112-152
bits
Public Key -
PSP
KAS-FFC
(IKEv2)
IPSec/IKE
DH Shared
Secret
Used to
derive
IPSec/IKE
Session
Encryption
Keys,
IPSec/IKE
Authenticati
on Keys
MODP-
2048,
MODP-
3072,
MODP-
4096 -
112-152
bits
Shared
Secret -
CSP
KAS-FFC
(IKEv2)
KAS-FFC
(IKEv2)
IPSec/IKE
ECDH
Private Key
Used to
derive
IPSec/IKE
ECDH
Shared
Secrets
Curves
P-256, P-
384, P-
521 -
128-256
bits
Private Key
- CSP
KAS-
ECC-
KeyGen
(IKEv2)
KAS-ECC
(IKEv2)
IPSec/IKE
ECDH
Public Key
Used to
derive
IPSec/IKE
ECDH
Shared
Secrets
Curves
P-256, P-
384, P-
521 -
128-256
bits
Public Key -
PSP
KAS-ECC-
KeyGen
(IKEv2)
KAS-ECC
(IKEv2)
IPSec/IKE
Peer ECDH
Public Key
Used to
derive
IPSec/IKE
ECDH
Shared
Secrets
Curves
P-256, P-
384, P-
521 -
128-256
bits
Public Key -
PSP
KAS-ECC
(IKEv2)
Page 50 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Description Size -
Strength
Type -
Category
Generat
ed By
Establishe
d By
Used By
IPSec/IKE
ECDH
Shared
Secret
Used to
derive
IPSec/IKE
ECDH
Shared
Secrets
Curves
P-256, P-
384, P-
521 -
128-256
bits
Shared
Secret -
CSP
KAS-ECC
(IKEv2)
KAS-ECC
(IKEv2)
IPSec/IKE
ECDSA
Private Key
Used for
IPSec/IKE
peer
authenticati
on
Curves
P-256, P-
384, P-
521 -
128-256
bits
Private Key
- CSP
ECDSA
KeyGen
(SSHv2,
TLSv1.2
and
IKEv2)
ECDSA
SigGen
(SSHv2,
TLSv1.2
and IKEv2)
IPSec/IKE
ECDSA
Public Key
Used for
IPSec/IKE
peer
authenticati
on
Curves
P-256, P-
384, P-
521 -
128-256
bits
Public Key -
PSP
ECDSA
KeyGen
(SSHv2,
TLSv1.2
and IKEv2)
ECDSA
SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
IPSec/IKE
RSA Private
Key
Used for
IPSec/IKE
peer
authenticati
on
Modulus
2048 or
3072 -
112 or
128 bits
Private Key
- CSP
RSA
KeyGen
(SSHv2,
TLSv1.2,
IKEv2)
RSA
SigGen
(SSHv2,
TLSv1.2,
IKEv2)
IPSec/IKE
RSA Public
Key
Used for
IPSec/IKE
peer
authenticati
on
Modulus
2048 or
3072 -
112 or
128 bits
Public Key -
PSP
RSA
KeyGen
(SSHv2,
TLSv1.2,
IKEv2)
RSA SigVer
(SSHv2,
TLSv1.2,
and IKEv2)
IPSec/IKE
Pre-shared
Secret
Used for
IPSec/IKE
peer
authenticati
on
16-32
bytes
character
s - 16-32
bytes
character
s
shared
secret -
CSP
IKEv2
Keying
Materials
Developme
nt
SKEYSEED Keying
material
used to
derive the
IPSec/IKE
Session
Encryption
Key and
IPSec/IKE
Authenticati
on Key
160 bits -
160 bits
Keying
Material -
CSP
IKEv2
Keying
Materials
Developme
nt
IKEv2
Keying
Materials
Developme
nt
IPSec/IKE
Session
Used to
secure
128-256
bits -
Session
Key - CSP
IKEv2
Keying
Block
Cipher
Page 51 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Description Size -
Strength
Type -
Category
Generat
ed By
Establishe
d By
Used By
Encryption
Key
IPSec/IKEv
2 session
confidentialit
y
128-256
bits
Materials
Developme
nt
(IPSec/IKEv
2)
IPSec/IKE
Authenticati
on Key
Used to
secure
IPSec/IKEv
2 session
integrity
at least
160 bits -
at least
160 bits
Session
Key - CSP
IKEv2
Keying
Materials
Developme
nt
MAC
(IPSec/IKEv
2)
SNMPv3
Shared
Secret
Used for
SNMPv3
user
authenticati
on
8-32
character
s - N/A
Authenticati
on Secret -
CSP
IKEv2
Keying
Materials
Developme
nt
SNMPv3
Encryption
Key
Used to
protect
SNMPv3
traffic
confidentialit
y
128 bits -
128 bits
Encryption
Key - CSP
SNMPv3
Keying
Materials
Developme
nt
Block
Cipher
(SNMPv3)
SNMPv3
Authenticati
on Key
Used to
secure
SNMPv3
traffic
integrity
At least
112 bits -
At least
112 bits
Authenticati
on Key -
CSP
SNMPv3
Keying
Materials
Developme
nt
MAC
(SNMPv3)
Table 18: SSP Table 1
Name Input - Output Storage Storage
Duration
Zeroizatio
n
Related SSPs
DRBG
Entropy
Input
DRAM:Plainte
xt
Until
Reboot
Zeroizatio
n
Command
DRBG
Seed:Used With
DRBG Internal
State V
value:Used With
DRBG Key:Used
With
DRBG Seed DRAM:Plainte
xt
Until
Reboot
Zeroizatio
n
Command
DRBG Entropy
Input:Used With
DRBG Internal
State V
value:Used With
DRBG Key:Used
With
DRBG
Internal
State V
value
DRAM:Plainte
xt
Until
Reboot
Zeroizatio
n
Command
DRBG Entropy
Input:Used With
DRBG
Seed:Used With
Page 52 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Input - Output Storage Storage
Duration
Zeroizatio
n
Related SSPs
DRBG Key:Used
With
DRBG Key DRAM:Plainte
xt
Until
Reboot
Zeroizatio
n
Command
DRBG Entropy
Input:Used With
DRBG
Seed:Used With
DRBG Internal
State V
value:Used With
User
Password
Password/Sec
ret Input via
TLS encrypted
by GCM
Password/Sec
ret Input via
TLS encrypted
by AES and
HMAC
Password/Sec
ret Input via
SSHv2
encrypted by
GCM
Password/Sec
ret Input via
SSHv2
encrypted by
AES and
HMAC
Flash:Encrypt
ed
Zeroizatio
n
Command
Crypto
Officer
Password
Password/Sec
ret Input via
TLS encrypted
by GCM
Password/Sec
ret Input via
TLS encrypted
by AES and
HMAC
Password/Sec
ret Input via
SSHv2
encrypted by
GCM
Password/Sec
ret Input via
SSHv2
encrypted by
Flash:Encrypt
ed
Zeroizatio
n
Command
Page 53 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Input - Output Storage Storage
Duration
Zeroizatio
n
Related SSPs
AES and
HMAC
RADIUS
Secret
Password/Sec
ret Input via
TLS encrypted
by GCM
Password/Sec
ret Input via
TLS encrypted
by AES and
HMAC
Password/Sec
ret Input via
SSHv2
encrypted by
GCM
Password/Sec
ret Input via
SSHv2
encrypted by
AES and
HMAC
Flash:Plaintex
t
Zeroizatio
n
Command
TACACS+
Secret
Password/Sec
ret Input via
TLS encrypted
by GCM
Password/Sec
ret Input via
TLS encrypted
by AES and
HMAC
Password/Sec
ret Input via
SSHv2
encrypted by
GCM
Password/Sec
ret Input via
SSHv2
encrypted by
AES and
HMAC
Flash:Plaintex
t
Zeroizatio
n
Command
Firmware
Load Test
Key
Flash:Plaintex
t
N/A
SSH DH
Private Key
DRAM:Plainte
xt
While SSH
tunnel is
on
Zeroizatio
n
Command
SSH DH Public
Key:Paired With
SSH Peer DH
Page 54 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Input - Output Storage Storage
Duration
Zeroizatio
n
Related SSPs
Public Key:Used
With
SSH DH
Public Key
Module Public
Key Output
DRAM:Plainte
xt
While SSH
tunnel is
on
Zeroizatio
n
Command
SSH DH Private
Key:Paired With
SSH Peer
DH Public
Key
Peer Public
Key Input
DRAM:Plainte
xt
While SSH
tunnel is
on
Zeroizatio
n
Command
SSH DH Private
Key:Used With
SSH DH
Shared
Secret
DRAM:Plainte
xt
While SSH
tunnel is
on
Zeroizatio
n
Command
SSH DH Private
Key:Derived From
SSH DH Public
Key:Derived From
SSH ECDH
Private Key
DRAM:Plainte
xt
While SSH
tunnel is
on
Zeroizatio
n
Command
SSH ECDH
Public Key:Paired
With
SSH Peer ECDH
Public Key:Used
With
SSH ECDH
Public Key
Module Public
Key Output
DRAM:Plainte
xt
While SSH
tunnel is
on
Zeroizatio
n
Command
SSH ECDH
Private
Key:Paired With
SSH Peer
ECDH
Public Key
Peer Public
Key Input
DRAM:Plainte
xt
While SSH
tunnel is
on
Zeroizatio
n
Command
SSH ECDH
Private Key:Used
With
SSH ECDH
Shared
Secret
DRAM:Plainte
xt
While SSH
tunnel is
on
Zeroizatio
n
Command
SSH ECDH
Private
Key:Derived From
SSH ECDH
Public
Key:Derived From
SSH RSA
Private Key
Flash:Plaintex
t
Zeroizatio
n
Command
SSH RSA Public
Key:Paired With
SSH Peer RSA
Public Key:Used
With
SSH RSA
Public Key
Module Public
Key Output
Flash:Plaintex
t
Zeroizatio
n
Command
SSH RSA Private
Key:Paired With
SSH
ECDSA
Private Key
Flash:Plaintex
t
Zeroizatio
n
Command
SSH ECDSA
Public Key:Paired
With
SSH
ECDSA
Public Key
Module Public
Key Output
Flash:Plaintex
t
Zeroizatio
n
Command
SSH ECDSA
Private
Key:Paired With
SSH
Session
Encryption
Key
DRAM:Plainte
xt
While SSH
tunnel is
on
Zeroizatio
n
Command
SSH Session
Authentication
Key:Used With
Page 55 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Input - Output Storage Storage
Duration
Zeroizatio
n
Related SSPs
SSH
Session
Authenticati
on Key
DRAM:Plainte
xt
While SSH
tunnel is
on
Zeroizatio
n
Command
SSH Session
Encryption
Key:Used With
TLS DH
Private Key
DRAM:Plainte
xt
While TLS
tunnel is
on
Zeroizatio
n
Command
TLS DH Public
Key:Paired With
TLS Peer DH
Public Key:Used
With
TLS DH
Public Key
Module Public
Key Output
DRAM:Plainte
xt
While TLS
tunnel is
on
Zeroizatio
n
Command
TLS DH Private
Key:Paired With
TLS Peer
DH Public
Key
Peer Public
Key Input
DRAM:Plainte
xt
while TLS
tunnel is
on
Zeroizatio
n
Command
TLS DH Private
Key:Used With
TLS DH
Shared
Secret
DRAM:Plainte
xt
While TLS
tunnel is
on
Zeroizatio
n
Command
TLS ECDH
Private
Key:Derived From
TLS Peer ECDH
Public
Key:Derived From
TLS ECDH
Private Key
DRAM:Plainte
xt
While TLS
tunnel is
on
Zeroizatio
n
Command
TLS ECDH Public
Key:Paired With
TLS Peer ECDH
Public Key:Used
With
TLS ECDH
Public Key
Module Public
Key Output
DRAM:Plainte
xt
While TLS
tunnel is
on
Zeroizatio
n
Command
TLS ECDH
Private
Key:Paired With
TLS Peer
ECDH
Public Key
Peer Public
Key Input
DRAM:Plainte
xt
while TLS
tunnel is
on
Zeroizatio
n
Command
TLS ECDH
Private Key:Used
With
TLS ECDH
Shared
Secret
DRAM:Plainte
xt
While TLS
tunnel is
on
Zeroizatio
n
Command
TLS ECDH
Private
Key:Derived From
TLS Peer ECDH
Public
Key:Derived From
TLS ECDSA
Private Key
Flash:Plaintex
t
Zeroizatio
n
Command
TLS ECDSA
Public Key:Paired
With
TLS ECDSA
Public Key
Module Public
Key Output
Flash:Plaintex
t
Zeroizatio
n
Command
TLS ECDSA
Private
Key:Paired With
TLS RSA
Private Key
Flash:Plaintex
t
Zeroizatio
n
Command
TLS RSA Public
Key:Paired With
Page 56 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Input - Output Storage Storage
Duration
Zeroizatio
n
Related SSPs
TLS RSA
Public Key
Module Public
Key Output
Flash:Plaintex
t
Zeroizatio
n
Command
TLS RSA Private
Key:Paired With
TLS Master
Secret
DRAM:Plainte
xt
While TLS
tunnel is
on
Zeroizatio
n
Command
TLS ECDH
Shared
Secret:Derived
From
TLS
Session
Encryption
Key
DRAM:Plainte
xt
While TLS
tunnel is
on
Zeroizatio
n
Command
TLS Session
Authentication
Key:Used With
TLS
Session
Authenticati
on Key
DRAM:Plainte
xt
While TLS
tunnel is
on
Zeroizatio
n
Command
TLS Session
Encryption
Key:Used With
IPSec/IKE
DH Private
Key
DRAM:Plainte
xt
While
IPSec/IKE
v2 tunnel
is on
Zeroizatio
n
Command
IPSec/IKE DH
Public Key:Paired
With
IPSec/IKE Peer
DH Public
Key:Used With
IPSec/IKE
DH Public
Key
Module Public
Key Output
DRAM:Plainte
xt
While
IPSec/IKE
v2 tunnel
is on
Zeroizatio
n
Command
IPSec/IKE DH
Private
Key:Paired With
IPSec/IKE
Peer DH
Public Key
Peer Public
Key Input
DRAM:Plainte
xt
while
IPSec/IKE
tunnel is
on
Zeroizatio
n
Command
IPSec/IKE DH
Private Key:Used
With
IPSec/IKE
DH Shared
Secret
DRAM:Plainte
xt
While
IPSec/IKE
v2 tunnel
is on
Zeroizatio
n
Command
SKEYSEED:Used
With
IPSec/IKE
ECDH
Private Key
DRAM:Plainte
xt
While
IPSec/IKE
v2 tunnel
is on
Zeroizatio
n
Command
IPSec/IKE ECDH
Public Key:Paired
With
IPSec/IKE Peer
ECDH Public
Key:Used With
IPSec/IKE
ECDH
Public Key
Module Public
Key Output
DRAM:Plainte
xt
While
IPSec/IKE
v2 tunnel
is on
Zeroizatio
n
Command
IPSec/IKE ECDH
Private
Key:Paired With
IPSec/IKE
Peer ECDH
Public Key
Peer Public
Key Input
DRAM:Plainte
xt
While
IPSec/IKE
v2 tunnel
is on
Zeroizatio
n
Command
IPSec/IKE ECDH
Private Key:Used
With
Page 57 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Input - Output Storage Storage
Duration
Zeroizatio
n
Related SSPs
IPSec/IKE
ECDH
Shared
Secret
DRAM:Plainte
xt
While
IPSec/IKE
v2 tunnel
is on
Zeroizatio
n
Command
SKEYSEED:Used
With
IPSec/IKE
ECDSA
Private Key
Flash:Plaintex
t
Zeroizatio
n
Command
IPSec/IKE
ECDSA Public
Key:Paired With
IPSec/IKE
ECDSA
Public Key
Module Public
Key Output
Flash:Plaintex
t
Zeroizatio
n
Command
IPSec/IKE
ECDSA Private
Key:Paired With
IPSec/IKE
RSA Private
Key
Flash:Plaintex
t
Zeroizatio
n
Command
IPSec/IKE RSA
Public Key:Paired
With
IPSec/IKE
RSA Public
Key
Module Public
Key Output
Flash:Plaintex
t
Zeroizatio
n
Command
IPSec/IKE RSA
Private
Key:Paired With
IPSec/IKE
Pre-shared
Secret
DRAM:Plainte
xt
While
IPSec/IKE
v2 tunnel
is on
Zeroizatio
n
Command
SKEYSEED:Deriv
ed to
SKEYSEED DRAM:Plainte
xt
While
IPSec/IKE
v2 tunnel
is on
Zeroizatio
n
Command
IPSec/IKE DH
Shared
Secret:Derived
From
IPSec/IKE ECDH
Shared
Secret:Derived
From
IPSec/IKE Pre-
shared
Secret:Derived
From
IPSec/IKE
Session
Encryption
Key
DRAM:Plainte
xt
While
IPSec/IKE
v2 tunnel
is on
Zeroizatio
n
Command
IPSec/IKE DH
Shared
Secret:Derived
From
IPSec/IKE ECDH
Shared
Secret:Derived
From
IPSec/IKE
Authenticati
on Key
DRAM:Plainte
xt
While
IPSec/IKE
v2 tunnel
is on
Zeroizatio
n
Command
IPSec/IKE DH
Shared
Secret:Derived
From
IPSec/IKE ECDH
Shared
Secret:Derived
From
Page 58 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Input - Output Storage Storage
Duration
Zeroizatio
n
Related SSPs
SNMPv3
Shared
Secret
Password/Sec
ret Input via
TLS encrypted
by GCM
Password/Sec
ret Input via
TLS encrypted
by AES and
HMAC
Password/Sec
ret Input via
SSHv2
encrypted by
GCM
Password/Sec
ret Input via
SSHv2
encrypted by
AES and
HMAC
DRAM:Plainte
xt
While
SNMPv3
tunnel is
on
Zeroizatio
n
Command
SNMPv3
Encryption
Key:Derive To
SNMPv3
Authentication
Key:Derive To
SNMPv3
Encryption
Key
DRAM:Plainte
xt
While
SNMPv3
tunnel is
on
Zeroizatio
n
Command
SNMPv3 Shared
Secret:Derived
From
SNMPv3
Authenticati
on Key
DRAM:Plainte
xt
While
SNMPv3
tunnel is
on
Zeroizatio
n
Command
SNMPv3 Shared
Secret:Derived
From
SNMPv3
Encryption
Key:Used With
Table 19: SSP Table 2
10 Self-Tests
10.1 Pre-Operational Self-Tests
Algorithm or Test Test Properties Test
Method
Test Type Indicator Details
RSA SigVer
(FIPS186-4)
(A4446)
RSA SigVer 2048
bits with SHA2-512
KAT SW/FW
Integrity
Module is in
normal state
RSA
SigVer
Table 20: Pre-Operational Self-Tests
The module performs the following self-tests, including the pre-operational self-tests and
Conditional self-tests. Prior to the module providing any data output via the data output
interface, the module performs and passes the pre-operational self-tests. Following the
Page 59 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
successful pre-operational self-tests, the module executes the Conditional Cryptographic
Algorithm Self-tests (CASTs). If anyone of the self-tests fails, the module transitions into an
error state and outputs the error message via the module’s status output interface. While
the module is in the error state, all data through the data output interface and all
cryptographic operations are disabled. The error state can only be cleared by reloading the
module. All self-tests must be completed successfully before the module transitions to the
operational state.
10.2 Conditional Self-Tests
Algorithm
or Test
Test
Properties
Test
Method
Test
Type
Indicator Details Conditions
AES-CBC
(A4446)
256 bits KAT CAST Module is
in normal
state
Encrypt Power Up
AES-CBC
(A4446)
256 bits KAT CAST Module is
in normal
state
Decrypt Power Up
AES-GCM
(A4446)
256 bits KAT CAST Module is
in normal
state
Authenticated
Encrypt
Power Up
AES-GCM
(A4446)
256 bits KAT CAST Module is
in normal
state
Authenticated
Decrypt
Power Up
Counter
DRBG
(A4446)
AES-128 KAT CAST Module is
in normal
state
Instantiate
KAT
Power Up
Counter
DRBG
(A4446)
AES-128 KAT CAST Module is
in normal
state
Generate
KAT
Power Up
Counter
DRBG
(A4446)
AES-128 KAT CAST Module is
in normal
state
Reseed KAT Power Up
ECDSA
SigGen
(FIPS186-
4) (A4446)
P-256
curve with
SHA2-256
KAT CAST Module is
in normal
state
ECDSA
SigGen KAT
Power Up
ECDSA
SigVer
(FIPS186-
4) (A4446)
P-256
curve with
SHA2-256
KAT CAST Module is
in normal
state
ECDSA
SigVer KAT
Power Up
HMAC-
SHA-1
(A4446)
SHA-1 KAT CAST Module is
in normal
state
HMAC-SHA-1 Power Up
HMAC-
SHA2-256
(A4446)
SHA2-256 KAT CAST Module is
in normal
state
HMAC-SHA2-
256
Power Up
Page 60 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Algorithm
or Test
Test
Properties
Test
Method
Test
Type
Indicator Details Conditions
HMAC-
SHA2-384
(C1026)
SHA2-384 KAT CAST Module is
in normal
state
HMAC-SHA2-
384
Power Up
HMAC-
SHA2-512
(A4446)
SHA2-512 KAT CAST Module is
in normal
state
HMAC-SHA2-
512
Power Up
KAS-ECC-
SSC
Sp800-
56Ar3
(A4446)
P-256
Curve
KAT CAST Module is
in normal
state
Primitive Z
KAT
Power Up
KAS-FFC-
SSC
Sp800-
56Ar3
(A4446)
MODP-
2048
KAT CAST Module is
in normal
state
Primitive Z
KAT
Power Up
RSA
SigGen
(FIPS186-
4) (A4446)
2048 bit
modulus
with SHA2-
256
KAT CAST Module is
in normal
state
RSA SigGen
KAT
Power Up
RSA
SigVer
(FIPS186-
4) (A4446)
2048 bit
modulus
with SHA2-
256
KAT CAST Module is
in normal
state
RSA SigVer
KAT
Power Up
KDF IKEv2
(A4446)
N/A KAT CAST Module is
in normal
state
N/A Power Up
KDF SNMP
(A4446)
N/A KAT CAST Module is
in normal
state
N/A Power Up
KDF SSH
(A4446)
N/A KAT CAST Module is
in normal
state
N/A Power Up
TLS v1.2
KDF
RFC7627
(A4446)
N/A KAT CAST Module is
in normal
state
N/A Power Up
SHA-1
(A4446)
N/A KAT CAST Module is
in normal
state
N/A Power Up
AES-CBC
(C1026)
128 bits KAT CAST Module is
in normal
state
Encrypt KAT Power Up
AES-CBC
(C1026)
128 bits KAT CAST Module is
in normal
state
Decrypt KAT Power Up
Page 61 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Algorithm
or Test
Test
Properties
Test
Method
Test
Type
Indicator Details Conditions
AES-GCM
(C1026)
128 bits KAT CAST Module is
in normal
state
Encrypt KAT Power Up
AES-GCM
(C1026)
128 bits KAT CAST Module is
in normal
state
Decrypt KAT Power Up
Hash
DRBG
(C1026)
SHA2-512 KAT CAST Module is
in normal
state
Instantiate
KAT
Power Up
Hash
DRBG
(C1026)
SHA2-512 KAT CAST Module is
in normal
state
Generate
KAT
Power Up
Hash
DRBG
(C1026)
SHA2-512 KAT CAST Module is
in normal
state
Reseed KAT Power Up
HMAC-
SHA-1
(C1026)
SHA-1 KAT CAST Module is
in normal
state
HMAC-SHA-1 Power Up
HMAC-
SHA2-256
(C1026)
SHA2-256 KAT CAST Module is
in normal
state
HMAC-SHA2-
256
Power Up
HMAC-
SHA2-384
(C1026)
SHA2-384 KAT CAST Module is
in normal
state
HMAC-SHA2-
384
Power Up
HMAC-
SHA2-512
(C1026)
SHA2-512 KAT CAST Module is
in normal
state
HMAC-SHA2-
512
Power Up
SHA-1
(C1026)
N/A KAT CAST Module is
in normal
state
N/A Power Up
ECDSA
KeyGen
(FIPS186-
4) (A4446)
Curve P-
256 with
SHA2-256
PCT PCT Module is
in normal
state
ECDSA Performs all
required pair-
wise
consistency
tests on the
newly
generated key
pairs before the
first operational
use.
RSA
KeyGen
(FIPS186-
4) (A4446)
2048 bit
Modulus
PCT PCT Module is
in normal
state
RSA Performs all
required pair-
wise
consistency
tests on the
newly
generated key
pairs before the
Page 62 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Algorithm
or Test
Test
Properties
Test
Method
Test
Type
Indicator Details Conditions
first operational
use.
KAS-ECC-
SSC
Sp800-
56Ar3
(A4446)
Curve P-
256 with
SHA2-256
PCT PCT Module is
in normal
state
N/A Performs all
required pair-
wise
consistency
tests on the
newly
generated key
pairs before the
first operational
use.
KAS-FFC-
SSC
Sp800-
56Ar3
(A4446)
MODP-
2048
PCT PCT Module is
in normal
state
N/A Performs all
required pair-
wise
consistency
tests on the
newly
generated key
pairs before the
first operational
use.
HMAC-
SHA2-512
(A4446)
HMAC-
SHA2-512
KAT SW/FW
Load
Module is
in normal
state
N/A When firmware
has been
uploaded to the
module
Table 21: Conditional Self-Tests
The module performs on-demand self-tests initiated by the operator, by powering off and
powering the module back on. The full suite of self-tests is then executed. The same
procedure may be employed by the operator to perform periodic self-tests.
10.3 Periodic Self-Test Information
Algorithm or
Test
Test Method Test Type Period Periodic
Method
RSA SigVer
(FIPS186-4)
(A4446)
KAT SW/FW Integrity Recommend 60
Days
Reboot
Table 22: Pre-Operational Periodic Information
Algorithm or
Test
Test Method Test Type Period Periodic
Method
AES-CBC
(A4446)
KAT CAST Recommend 60
Days
Reboot
Page 63 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Algorithm or
Test
Test Method Test Type Period Periodic
Method
AES-CBC
(A4446)
KAT CAST Recommend 60
Days
Reboot
AES-GCM
(A4446)
KAT CAST Recommend 60
Days
Reboot
AES-GCM
(A4446)
KAT CAST Recommend 60
Days
Reboot
Counter DRBG
(A4446)
KAT CAST Recommend 60
Days
Reboot
Counter DRBG
(A4446)
KAT CAST Recommend 60
Days
Reboot
Counter DRBG
(A4446)
KAT CAST Recommend 60
Days
Reboot
ECDSA SigGen
(FIPS186-4)
(A4446)
KAT CAST Recommend 60
Days
Reboot
ECDSA SigVer
(FIPS186-4)
(A4446)
KAT CAST Recommend 60
Days
Reboot
HMAC-SHA-1
(A4446)
KAT CAST Recommend 60
Days
Reboot
HMAC-SHA2-
256 (A4446)
KAT CAST Recommend 60
Days
Reboot
HMAC-SHA2-
384 (C1026)
KAT CAST Recommend 60
Days
Reboot
HMAC-SHA2-
512 (A4446)
KAT CAST Recommend 60
Days
Reboot
KAS-ECC-SSC
Sp800-56Ar3
(A4446)
KAT CAST Recommend 60
Days
Reboot
KAS-FFC-SSC
Sp800-56Ar3
(A4446)
KAT CAST Recommend 60
Days
Reboot
RSA SigGen
(FIPS186-4)
(A4446)
KAT CAST Recommend 60
Days
Reboot
RSA SigVer
(FIPS186-4)
(A4446)
KAT CAST Recommend 60
Days
Reboot
KDF IKEv2
(A4446)
KAT CAST Recommend 60
Days
Reboot
KDF SNMP
(A4446)
KAT CAST Recommend 60
Days
Reboot
KDF SSH
(A4446)
KAT CAST Recommend 60
Days
Reboot
TLS v1.2 KDF
RFC7627
(A4446)
KAT CAST Recommend 60
Days
Reboot
Page 64 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Algorithm or
Test
Test Method Test Type Period Periodic
Method
SHA-1 (A4446) KAT CAST Recommend 60
Days
Reboot
AES-CBC
(C1026)
KAT CAST Recommend 60
Days
Reboot
AES-CBC
(C1026)
KAT CAST Recommend 60
Days
Reboot
AES-GCM
(C1026)
KAT CAST Recommend 60
Days
Reboot
AES-GCM
(C1026)
KAT CAST Recommend 60
Days
Reboot
Hash DRBG
(C1026)
KAT CAST Recommend 60
Days
Reboot
Hash DRBG
(C1026)
KAT CAST Recommend 60
Days
Reboot
Hash DRBG
(C1026)
KAT CAST Recommend 60
Days
Reboot
HMAC-SHA-1
(C1026)
KAT CAST Recommend 60
Days
Reboot
HMAC-SHA2-
256 (C1026)
KAT CAST Recommend 60
Days
Reboot
HMAC-SHA2-
384 (C1026)
KAT CAST Recommend 60
Days
Reboot
HMAC-SHA2-
512 (C1026)
KAT CAST Recommend 60
Days
Reboot
SHA-1 (C1026) KAT CAST Recommend 60
Days
Reboot
ECDSA KeyGen
(FIPS186-4)
(A4446)
PCT PCT Recommend 60
Days
Reboot
RSA KeyGen
(FIPS186-4)
(A4446)
PCT PCT Recommend 60
Days
Reboot
KAS-ECC-SSC
Sp800-56Ar3
(A4446)
PCT PCT Recommend 60
Days
Reboot
KAS-FFC-SSC
Sp800-56Ar3
(A4446)
PCT PCT Recommend 60
Days
Reboot
HMAC-SHA2-
512 (A4446)
KAT SW/FW Load N/A N/A
Table 23: Conditional Periodic Information
10.4 Error States
Page 65 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Name Description Conditions Recovery
Method
Indicator
Error
State
If self-test tests fail, the module is
put into an error state
Self-test
failure
Reboot the
module
System
Halt
Table 24: Error States
If any of the above-mentioned self-tests fail, the module reports the error and enters the Error
state. In the Error State, no cryptographic services are provided, and data output is prohibited.
The only method to recover from the error state is to reboot the module and perform the self-
tests, including the pre-operational firmware integrity test and the conditional CASTs. The
module will only enter into the operational state after successfully passing the pre-operational
firmware integrity test and the conditional CASTs.
11 Life-Cycle Assurance
11.1 Installation, Initialization, and Startup Procedures
The validated module firmware was installed onto the respective test platforms listed in Table 2
above. The Crypto Officer must configure and enforce the following initialization steps:
Step 1: The Crypto Officer must install opacity shields as described in section 7 above.
Step 2: The Crypto Officer must apply tamper evidence labels as described in section 7 above.
Step 3: The Crypto Officer must securely store any unused tamper evidence labels.
Note: Each module has a Type A USB 2.0 port, but it is considered to be disabled once the
Crypto Officer has applied the TEL #9.
Step 4: The Crypto Officer shall configure the module to be managed by the Firepower
Management Center (FMC), and follow the procedure below from the FMC:
a) Choose Devices > Platform Settings and create or edit a Firepower policy.
b) On the left click “UCAPL/CC Compliance”.
c) Choose “CC” from the dropdown under “Enable UCAPL/CC Compliance”.
d) Click “Save” to save the changes.
e) Click “Deploy” and select “Deploy All”.
Step 5: The module will automatically reboot, and will be placed in the approved mode once it is
done rebooting.
Step 6: Crypto Officer can verify the version installed and running
> show version
Step 7: Crypto Officer can verify the module is in approved mode:
> show fips
Step 8: Assign users a Privilege Level of basic.
Page 66 of 66
© 2021-2025 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Step 9: Configure IP address for unit and all distant endpoints from the FMC.
Step 10: Define RADIUS shared secret keys that are at least 8 characters long and secure
traffic between the security module and the RADIUS server via secure (IPSec, TLS) tunnel.
Note: Perform this step only if RADIUS is configured, otherwise proceed.
Step 11: Configure the security module so that any remote connections via Telnet are secured
through IPSec.
Step 12: Configure the security module so that only approved algorithms are used for all
security connections (SSHv2, TLSv1.2, SNMPv3 and IPSec/IKEv2).
Step 13: Configure the security module so that error messages can only be viewed by Crypto
Officer.
Step 14: Enable HTTPS with TLS. HTTPS with TLS should always be used for Web-based
management.
Step 15: Ensure that installed digital certificates are signed using approved algorithms.
Step 16: Save and reboot the module.
11.2 Administrator Guidance
Specific Administrator guidance can be found in the Cisco Secure Firewall Management Center
Administration Guide, 7.4: https://www.cisco.com/c/en/us/td/docs/security/secure-
firewall/management-center/admin/740/management-center-admin-74.html
11.3 Non-Administrator Guidance
Specific Non-Administrator guidance can be found in the Cisco Secure Firewall 3100 Series
Hardware Installation Guide: https://www.cisco.com/c/en/us/td/docs/security/secure-
firewall/hardware/3100/fw-3100-install.html
12 Mitigation of Other Attacks
N/A for this module.