Avaya G450/G430 FIPS 140-2 Cryptographic Module

Certificate #4635

Webpage information ?

Status active
Validation dates 11.10.2023
Sunset date 21-09-2026
Standard FIPS 140-2
Security level 1
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat When installed, initialized and configured as specified in Section 1.8 of the Security Policy. When operated in FIPS mode
Exceptions
  • Mitigation of Other Attacks: N/A
Description The G450 and G430 Media Gateways are complete branch office business communications systems that integrate TDM and VoIP telephony. Ideally suited for branch office locations of up to 450 extensions, the G450 and G430 replace the complexity and cost of managing disparate key and voice systems with a survivable networked solution that is easy to deploy and can be administered from a central location.
Version (Hardware) P/Ns 700506955, 700506955 with 700501368, 700512173 and 700512173 with 700503274
Version (Firmware) 41.34.5
Vendor Avaya, Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, AES-128, AES-256, AES128, AES256, DES, Triple-DES, TDEA, HMAC
Asymmetric Algorithms
RSA 2048, ECDSA, Diffie-Hellman, DH, DSA
Hash functions
SHA1, SHA-1, SHA-256, SHA-512, SHA-384, SHA-224, SHA224, SHA256, SHA384, SHA512, SHA-2, PBKDF
Schemes
Key Exchange, Key agreement
Protocols
SSH, TLS, TLS 1.2, IKEv1, IPsec, VPN
Randomness
DRBG, RNG
Elliptic Curves
P-256, P-384, P-521
Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM
TLS cipher suites
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256

Trusted Execution Environments
SSC

Security level
Level 1

Standards
FIPS 140-2, FIPS 197, FIPS 198-1, FIPS 180-4, FIPS 186-4, SP 800-38A, SP 800-135, SP 800-38D, SP 800-90A, SP 800-90B, SP 800-52, NIST SP 800-90B, PKCS1, PKCS #12, PKCS#1, RFC 5288, RFC3414, RFC 3550, RFC 3711, RFC 6188

File metadata

Subject FIPS 140-2 Security Policy Template
Author Gibbons, Lee D (Doug)
Creation date D:20230425130431-07'00'
Modification date D:20230425130529-07'00'
Pages 34
Creator Acrobat PDFMaker 23 for Word
Producer Adobe PDF Library 23.1.175

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

  • 06.11.2023 The certificate data changed.
    Certificate changed

    The web extraction data was updated.

    • The certificate_pdf_url property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/October 2023_011123_0711.pdf.
  • 01.11.2023 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4635,
  "dgst": "e3a6a7d6736f833c",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "RSA#A2087",
        "KAS#A2075",
        "KAS#A2078",
        "ECDSA#A2084",
        "KTS#A2082",
        "HMAC#A2081",
        "HMAC#A2086",
        "KTS#A2086",
        "AES#A2079",
        "DRBG#A2083",
        "KAS-SSC#A2078",
        "AES#A2082",
        "SHS#A2080",
        "Triple-DES#A2074",
        "AES#A2085",
        "SHS#A2088",
        "KAS#A2076"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "41.34.5"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECDSA": {
            "ECDSA": 6
          }
        },
        "FF": {
          "DH": {
            "DH": 2,
            "Diffie-Hellman": 5
          },
          "DSA": {
            "DSA": 1
          }
        },
        "RSA": {
          "RSA 2048": 2
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 2
        },
        "CFB": {
          "CFB": 4
        },
        "CTR": {
          "CTR": 2
        },
        "ECB": {
          "ECB": 6
        },
        "GCM": {
          "GCM": 3
        },
        "OFB": {
          "OFB": 1
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "IKE": {
          "IKEv1": 2
        },
        "IPsec": {
          "IPsec": 3
        },
        "SSH": {
          "SSH": 31
        },
        "TLS": {
          "TLS": {
            "TLS": 41,
            "TLS 1.2": 17
          }
        },
        "VPN": {
          "VPN": 2
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key agreement": 2
        },
        "KEX": {
          "Key Exchange": 2
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-256": 12,
          "P-384": 12,
          "P-521": 12
        }
      },
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#12": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES-128": 4,
          "AES-128 and 256": 2,
          "AES-256": 4,
          "AES128": 2,
          "AES256": 2,
          "HMAC-SHA-1": 4,
          "HMAC-SHA-96": 2,
          "HMAC-SHA1": 2,
          "HMAC-SHA1-32": 1,
          "HMAC-SHA1-80": 1,
          "HMAC-SHA256": 2,
          "PKCS #12": 2,
          "PKCS#1": 2,
          "PKCS1": 2,
          "RSA 2048": 2,
          "SHA- 1": 2,
          "SHA- 256": 1,
          "SHA-1": 8,
          "SHA-1 (160": 2,
          "SHA-2": 2,
          "SHA-224": 3,
          "SHA-256": 6,
          "SHA-384": 4,
          "SHA-512": 4,
          "SHA1": 5,
          "SHA224": 1,
          "SHA256": 2,
          "SHA384": 1,
          "SHA512": 2
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 2
        }
      },
      "hash_function": {
        "PBKDF": {
          "PBKDF": 2
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 10,
            "SHA1": 5
          },
          "SHA2": {
            "SHA-2": 2,
            "SHA-224": 3,
            "SHA-256": 6,
            "SHA-384": 4,
            "SHA-512": 4,
            "SHA224": 1,
            "SHA256": 2,
            "SHA384": 1,
            "SHA512": 2
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 16
        },
        "RNG": {
          "RNG": 2
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 11,
          "FIPS 180-4": 2,
          "FIPS 186-4": 3,
          "FIPS 197": 3,
          "FIPS 198-1": 3
        },
        "NIST": {
          "NIST SP 800-90B": 1,
          "SP 800-135": 10,
          "SP 800-38A": 2,
          "SP 800-38D": 3,
          "SP 800-52": 2,
          "SP 800-90A": 4,
          "SP 800-90B": 3
        },
        "PKCS": {
          "PKCS #12": 1,
          "PKCS#1": 1,
          "PKCS1": 1
        },
        "RFC": {
          "RFC 3550": 1,
          "RFC 3711": 1,
          "RFC 5288": 2,
          "RFC 6188": 1,
          "RFC3414": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 14,
            "AES-128": 6,
            "AES-256": 4,
            "AES128": 2,
            "AES256": 2
          }
        },
        "DES": {
          "3DES": {
            "TDEA": 1,
            "Triple-DES": 5
          },
          "DES": {
            "DES": 1
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 11
          }
        }
      },
      "tee_name": {
        "IBM": {
          "SSC": 1
        }
      },
      "tls_cipher_suite": {
        "TLS": {
          "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256": 1,
          "TLS_DHE_RSA_WITH_AES_256_CBC": 1,
          "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256": 1,
          "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": 1,
          "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": 1,
          "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256": 1,
          "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA384": 1,
          "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384": 1,
          "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256": 1,
          "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256": 1,
          "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384": 1,
          "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384": 1,
          "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256": 1,
          "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256": 1,
          "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384": 1,
          "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384": 1
        }
      },
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Gibbons, Lee D (Doug)",
      "/Company": "Microsoft",
      "/CreationDate": "D:20230425130431-07\u002700\u0027",
      "/Creator": "Acrobat PDFMaker 23 for Word",
      "/ModDate": "D:20230425130529-07\u002700\u0027",
      "/Producer": "Adobe PDF Library 23.1.175",
      "/SourceModified": "D:20230425200414",
      "/Subject": "FIPS 140-2 Security Policy Template",
      "/Title": "",
      "pdf_file_size_bytes": 836204,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 34
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "cb2777ea55bef9a0293510c84062635add8c673f203b6cc591ffa7aad3eecdd3",
    "policy_txt_hash": "d4e5ea0c20d29599bf283d1eaaee1b5ce8c2d43e548b99551e51cf7a1d552eea"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When installed, initialized and configured as specified in Section 1.8 of the Security Policy. When operated in FIPS mode",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/October 2023_011123_0711.pdf",
    "date_sunset": "2026-09-21",
    "description": "The G450 and G430 Media Gateways are complete branch office business communications systems that integrate TDM and VoIP telephony. Ideally suited for branch office locations of up to 450 extensions, the G450 and G430 replace the complexity and cost of managing disparate key and voice systems with a survivable networked solution that is easy to deploy and can be administered from a central location.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "41.34.5",
    "historical_reason": null,
    "hw_versions": "P/Ns 700506955, 700506955 with 700501368, 700512173 and 700512173 with 700503274",
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Avaya G450/G430 FIPS 140-2 Cryptographic Module",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-10-11",
        "lab": "UL VERIFICATION SERVICES INC",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Avaya, Inc.",
    "vendor_url": "http://www.avaya.com"
  }
}