U.S. flag   An unofficial archive of your favorite United States government website

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #3420

Details

Module Name
EOS MACsec Bravo Hybrid Module
Standard
FIPS 140-2
Status
Active
Sunset Date
3/26/2024
Validation Dates
03/27/2019;04/09/2019
Overall Level
1
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in Section 8.1 of the Security Policy
Security Level Exceptions
  • Mitigation of Other Attacks: N/A
Module Type
Firmware-Hybrid
Embodiment
Multi-Chip Stand Alone
Description
Arista’s crypto library is a comprehensive suite of FIPS Approved algorithms. Many key sizes and modes have been implemented to allow flexibility and efficiency.
Tested Configuration(s)
  • Arista Networks DCS-7280CR2M-30 with Credo MACsec chip CMX42550 and EOSv4 Firmware Version 1.0 (single-user mode)
  • Arista Networks DCS-7280SRAM-48C6 with Credo MACsec chip CMX42550 and EOSv4 Firmware Version 1.0
  • Arista Networks DCS-7280SRM-40CX2 with Credo MACsec chip CMX42550 and EOSv4 Firmware Version 1.0
  • Arista Networks DCS-7500E-SUP 01.02 with EOSv4 Firmware Version 1.0
  • Arista Networks DCS-7500R2M-36CQ-LC 21.01 with Credo MACsec chip CMX42550
  • Arista Networks DCS-7500-SUP2 03.03 with EOSv4 Firmware Version 1.0
  • Arista Networks DCS-7508N Chassis 06.00
  • Arista Networks DCS-7512N Chassis 00.06
  • Arista Networks DCS-7516N Chassis 10.00
  • Arista Networks DCS-7516-SUP2 10.00 with EOSv4 Firmware Version 1.0
FIPS Algorithms
AES Certs. #4471 and #5482
CKG vendor affirmed
CVL Certs. #1933, #1934 and #1935
DRBG Cert. #2158
ECDSA Cert. #1469
HMAC Cert. #3636
KAS Cert. #183
KBKDF Cert. #235
KTS AES Cert. #5482 and HMAC Cert. #3636; key establishment methodology provides 128 or 256 bits of encryption strength
RSA Cert. #2944
SHS Cert. #4399
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1933, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1933, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG; RSA (CVL Cert. #1934, key wrapping; key establishment methodology provides between 112 and 128 bits of encryption strength)
Hardware Versions
P/Ns Credo MACsec chip CMX42550 and Renesas Security chip R5H30211 or N313X; Chassis: DCS-7508N, Version 06.00; DCS-7512N, Version 00.06; DCS-7516N, Version 10.00; Supervisor: DCS-7500E-SUP, Version 01.02; DCS-7500-SUP2, Version 03.03; DCS-7516-SUP2, Version 10.00; Linecard: DCS-7500R2M-36CQ-LC, Version 21.01; Fixed Hardware: DCS-7280SRAM-48C6, Version 21.00; DCS-7280SRM-40CX2, Version 21.00; DCS-7280CR2M-30, Version 20.01
Firmware Versions
1.0

Vendor

Arista Networks Inc.
5453 Great America Parkway
Santa Clara, CA 95054
USA

Ethan Rahn
erahn@arista.com
 Richard Whitney
rw@arista.com
Phone: 703-627-6092
Fax: 408-538-8920

Related Files

Security Policy
Consolidated Certificate

Lab

UL VERIFICATION SERVICES INC
NVLAP Code: 100432-0