The Global Certification team is pleased to announce the Cisco Common Crypto Hybrid Module, C3M-hybrid, has been awarded FIPS validation #1668 and is complete! The C3M-hybrid module leverages AES-NI (C3M, #1643, completed in 2011). This is the first crypto module that leverages AES-NI.
The Cisco Common Cryptographic Module (C3M) is a software library that that can be utilized by many Cisco products. The module provides FIPS validated cryptographic algorithms, including advanced (Suite B) cryptography requested by USG, for services such as sRTP, SSH, TLS, 802.1x etc. Once the FIPS validated C3M is integrated into our products, GCT can engage the FIPS lab to write letters of compliance. In the future, leveraging this FIPS validation while performing HW validation will reduce cost, time and effort.
FIPS-140 is a US and Canadian government standard that specifies security requirements for cryptographic modules. A cryptographic module is defined as “the set of hardware, software, and/or firmware that implements approved security functions (including cryptographic algorithms and key generation) and is contained within the cryptographic boundary.” The cryptographic module is what is being validated.