Module Name
F5® Device Cryptographic Module
Validation Dates
03/04/2020
Caveat
When operated in FIPS Mode and configured as specified in the section 8 of the Security Policy with tamper evident labels contained in F5-ADD-BIG-FIPS140 kit and installed as indicated in the Security Policy section 4.
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
F5® Device Cryptographic Module, Application Delivery Controller and Firewall software running on F5 BIG-IP and VIPRION hardware.
FIPS Algorithms
| AES |
Certs. #C699, #C700 and #C701 |
| CVL |
Certs. #C699, #C700 and #C701 |
| DRBG |
Certs. #C699, #C700 and #C701 |
| ECDSA |
Certs. #C699, #C700 and #C701 |
| HMAC |
Certs. #C699, #C700 and #C701 |
| KTS |
AES Certs. #C699 and #C700; key establishment methodology provides 128 or 256 bits of encryption strength |
| KTS |
AES Certs. #C699 and #C700 and HMAC Certs. #C699 and #C700; key establishment methodology provides 128 or 256 bits of encryption strength |
| KTS |
AES Cert. #C701; key establishment methodology provides between 128 and 256 bits of encryption strength |
| KTS |
AES Cert. #C701 and HMAC Cert. #C701; key establishment methodology provides between 128 and 256 bits of encryption strength |
| RSA |
Certs. #C699, #C700 and #C701 |
| SHS |
Certs. #C699, #C700 and #C701 |
Allowed Algorithms
EC Diffie-Hellman (CVL Certs. #C699, #C700 and #C701 with #C699, #C700 and #C701, key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Hardware Versions
BIG-IP i4000, BIG-IP i5000, BIG-IP i5820-DF, BIG-IP i7000, BIG-IP i7820-DF, BIG-IP i10800, BIG-IP i11800-DS, BIG-IP i15800, BIG-IP 5250v-F, BIG-IP 7200v-F, BIG-IP 10200v-F, BIG-IP 10350v-F, VIPRION B2250, VIPRION B4450
Firmware Versions
14.1.0.3 EHF
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
