U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

Cryptographic Module Validation Program CMVP

Certificate #3313

Details

Module Name
Ixia Cryptographic Module for OpenSSL
Standard
FIPS 140-2
Status
Active
Sunset Date
1/29/2022
Validation Dates
10/23/2018;12/11/2018;01/31/2019;05/28/2020;09/18/2020
Overall Level
1
Caveat
When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy and operated in FIPS mode. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module. This validation entry is a non-security relevant modification to Cert. #3220.
Security Level Exceptions
  • Roles, Services, and Authentication: Level 2
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Ixia, a Keysight business, Cryptographic Module for OpenSSL is integrated into Ixia's network visibility platform to provide FIPS 140-2 validated cryptography for the protection of sensitive information.
Tested Configuration(s)
  • AIX 6.1 32-bit running on IBM POWER 7 (PPC) with PAA (IBM XL C/C++ for AIX Compiler Version V10.1)
  • AIX 6.1 32-bit running on IBM POWER 7 (PPC) without PAA (IBM XL C/C++ for AIX Compiler Version V13.1)
  • AIX 6.1 64-bit running on IBM POWER 7 (PPC) with PAA (IBM XL C/C++ for AIX Compiler Version V10.1)
  • AIX 6.1 64-bit running on IBM POWER 7 (PPC) without PAA (IBM XL C/C++ for AIX Compiler Version V13.1)
  • AIX 7.1 32-bit running on IBM POWER 7 (PPC) without PAA (IBM XL C/C++ for AIX Compiler Version V13.1)
  • AIX 7.1 32-bit running on IBM Power8 (PPC) with PAA (IBM XL Compiler V13.1)
  • AIX 7.1 32-bit running on IBM Power8 (PPC) without PAA (IBM XL Compiler V13.1)
  • AIX 7.1 64-bit running on IBM POWER 7 (PPC) without PAA (IBM XL C/C++ for AIX Compiler Version V13.1)
  • AIX 7.1 64-bit running on IBM Power8 (PPC) with PAA (IBM XL Compiler V13.1)
  • AIX 7.1 64-bit running on IBM Power8 (PPC) without PAA (IBM XL Compiler V13.1)
  • AIX 7.2 32-bit running on IBM Power7 (PPC) without PAA (IBM XL Compiler V13.1)
  • AIX 7.2 32-bit running on IBM Power8 (PPC) with PAA (IBM XL Compiler V13.1)
  • AIX 7.2 32-bit running on IBM Power8 (PPC) without PAA (IBM XL Compiler V13.1)
  • AIX 7.2 64-bit running on IBM Power7 (PPC) without PAA (IBM XL Compiler V13.1)
  • AIX 7.2 64-bit running on IBM Power8 (PPC) with PAA (IBM XL Compiler V13.1)
  • AIX 7.2 64-bit running on IBM Power8 (PPC) without PAA (IBM XL Compiler V13.1)
  • Android 5.0 32-bit running on Qualcomm APQ8084 (ARMv7) with PAA (gcc Compiler Version 4.9)
  • Android 5.0 32-bit running on Qualcomm APQ8084 (ARMv7) without PAA (gcc Compiler Version 4.9)
  • Android 5.0 64-bit running on SAMSUNG Exynos7420 (ARMv8) with PAA (gcc Compiler Version 4.9)
  • Android 5.0 64-bit running on SAMSUNG Exynos7420 (ARMv8) without PAA (gcc Compiler Version 4.9)
  • DataGravity Discovery Series OS V2.0 running on Intel Xeon E5-2420 (x86) with PAA (gcc Compiler Version 4.7.2)
  • DataGravity Discovery Series OS V2.0 running on Intel Xeon E5-2420 (x86) without PAA (gcc Compiler Version 4.7.2)
  • Debian 9 running on Intel Atom E3845 (x86) with PAA (gcc Compiler Version 6.3.0)
  • Debian 9 running on Intel Atom E3845 (x86) without PAA (gcc Compiler Version 6.3.0)
  • ExtremeXOS-Linux 3.1 running on Cavium Octeon II (MIPS) (gcc Compiler Version 4.9.2)
  • ExtremeXOS-Linux 3.18 32-bit running on Intel Atom C2558 (x86) with PAA (gcc Compiler Version 4.9.2)
  • ExtremeXOS-Linux 3.18 32-bit running on Intel Atom C2558 (x86) without PAA (gcc Compiler Version 4.9.2)
  • ExtremeXOS-Linux 3.18 running on Cavium Octeon II (MIPS) (gcc Compiler Version 4.9.2)
  • iOS 8.1 32-bit running on Apple A7 (ARMv8) with PAA (clang Compiler Version 600.0.56)
  • iOS 8.1 32-bit running on Apple A7 (ARMv8) without PAA (clang Compiler Version 600.0.56)
  • iOS 8.1 64-bit running on Apple A7 (ARMv8) with PAA (clang Compiler Version 600.0.56)
  • iOS 8.1 64-bit running on Apple A7 (ARMv8) without PAA (clang Compiler Version 600.0.56)
  • Ixia, a Keysight Business, Network Visibility - Linux 4.12.0 running on Ixia, a Keysight Business, Network Visibility - Vision ONE using Intel Core i7-3555LE with PAA (gcc Compiler Version 5.4.0)
  • Ixia, a Keysight Business, Network Visibility - Linux 4.12.0 running on Ixia, a Keysight Business, Network Visibility - Vision ONE using Intel Core i7-3555LE without PAA (gcc Compiler Version 5.4.0) (single-user mode)
  • Linux 3.10 32-bit running on Intel Atom E3845 (x86) with PAA (gcc Compiler Version 4.8.1)
  • Linux 3.10 32-bit running on Intel Atom E3845 (x86) without PAA (gcc Compiler Version 4.8.1)
  • Linux 3.12 running on NXP T2080 (PPC) (gcc Compiler Version 4.9.2)
  • SurfWare 7.2 running on TI c64 DSP (TMS320C6x Compiler Version 6.0.19)
  • TS-Linux 2.4 running on Arm920Tid (ARMv4) (gcc Compiler Version 4.3.2)
  • Ubuntu 12.04 running on Intel Xeon E5-2430L (x86) with PAA (gcc Compiler Version 4.6.3)
  • Ubuntu 12.04 running on Intel Xeon E5-2430L (x86) without PAA (gcc Compiler Version 4.6.3)
  • VxWorks 6.7 running on Intel Core 2 Duo (x86) (gcc Compiler Version 4.1.2)
  • VxWorks 6.9 running on Freescale P2020 (PPC) (gcc Compiler Version 4.3.3)
FIPS Algorithms
AES Certs. #3090, #3264, #3451, #3751, #3990, #4141, #4391, #4469 and #5939
CVL Certs. #372, #472, #534, #699, #814, #947, #1094, #1181 and #2167
DRBG Certs. #607, #723, #845, #1027, #1182, #1256, #1414, #1451 and #2492
DSA Certs. #896, #933, #970, #1040, #1085, #1124, #1170 , #1195 and #1505
ECDSA Certs. #558, #620, #698, #801, #886, #952, #1050, #1091 and #1589
HMAC Certs. #1937, #2063, #2197, #2452, #2605, #2714, #2918, #2966 and #3914
RSA Certs. #1581, #1664, #1766, #1928, #2048, #2258, #2374, #2444 and #3117
SHS Certs. #2553, #2702, #2847, #3121, #3294, #3411, #3620, #3681 and #4692
Triple-DES Certs. #1780, #1853, #1942, #2086, #2190, #2263, #2366, #2399 and #2893
Allowed Algorithms
EC Diffie-Hellman (CVL Certs. #372, #472, #534, #699, #814, #947, #1094, #1181 and #2167, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15 or 2.0.16

Vendor

Ixia, a Keysight Business
8310 N Capital of Texas Hwy
Austin, TX 78731
USA

Fred Strelzoff
fred.strelzoff@keysight.com
Phone: (512)600-5400
Fax: N/A
N/A
Phone: N/A
Fax: N/A

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0