The Global Certification Team is proud to announce the FIPS 140-2 Crypto certification of the 6900 and 7900 Series IP Phones.

The phones received FIPS certificate #1647 for Models 6901 and 6911 and Certificate #1650 for 6921, 6941, 6945, and 6961.  Finally the 7906G, 7911G, 7931G, 7941G, 7942G, 7945G, 7961G, 7961GE, 7962G, 7965G, 7970G, 7971G, 7971GE, and 7975G were awarded FIPS certificate #1689.

Take full advantage of converged voice and data networks while retaining the convenience and user-friendliness you expect from a business phone. Cisco Unified IP Phones can help improve productivity by meeting the needs of users throughout your organization. Advanced media endpoints in this innovative suite of Cisco Unified IP Phones enhance the end-user experience.

6900 Series on Cisco.com

7900 Series Phones on Cisco.com

FIPS-140 is a US and Canadian government standard that specifies security requirements for cryptographic modules. A cryptographic module is defined as “the set of hardware, software, and/or firmware that implements approved security functions (including cryptographic algorithms and key generation) and is contained within the cryptographic boundary.” The cryptographic module is what is being validated.

Tags: 6900, 6901, 6911, 6921, 6941, 6945, 6961, 7900, 7906, 7911, 7931, 7941, 7942, 7945, 7961, 7962, 7965, 7970, 7971, 7975, Cisco, cmvp, crypto, cryptography, fips, FIPS 140-2, ip, NIST, phone, srtp, unified

The Global Certification team is pleased to announce the Cisco Common Crypto Hybrid Module, C3M-hybrid, has been awarded FIPS validation #1668 and is complete!  The C3M-hybrid module leverages AES-NI (C3M, #1643, completed in 2011). This is the first crypto module that leverages AES-NI.

http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1668

The Cisco Common Cryptographic Module (C3M) is a software library that that can be utilized by many Cisco products. The module provides FIPS validated cryptographic algorithms, including advanced (Suite B) cryptography requested by USG, for services such as sRTP, SSH, TLS, 802.1x etc. Once the FIPS validated C3M is integrated into our products, GCT can engage the FIPS lab to write letters of compliance. In the future, leveraging this FIPS validation while performing HW validation will reduce cost, time and effort.

FIPS-140 is a US and Canadian government standard that specifies security requirements for cryptographic modules. A cryptographic module is defined as “the set of hardware, software, and/or firmware that implements approved security functions (including cryptographic algorithms and key generation) and is contained within the cryptographic boundary.” The cryptographic module is what is being validated.

Tags: 1668, certificate, certified, Cisco, Common, crypto, fips, hybrid

The Global Certification Team is proud to announce the FIPS Certification of the Cisco Common Crypto Module (C3M).  The Official listing can be found on the NIST website at http://goo.gl/3vPaa.

The Cisco Common Cryptographic Module (C3M) is a software library that provides cryptographic services to a vast array of Cisco’s networking and collaboration products. The module provides FIPS validated cryptographic algorithms for services such as sRTP, SSH, TLS, 802.1x etc. The module does not implement any of the protocols directly. Instead, it provides the cryptographic primitives and functions to allow a developer to implement various protocols.

Tags: 140, 140-2, certification, Common, compliance, crypto, defense, Department, dod, fips, government, Module, of

Cryptography has been, and continues to be, the most important and ubiquitous aspect of security services (firewall, secure access, VPN, authentication). There is a vast number of cryptographic algorithms and techniques that provide information security features that are used in different protocols and functions. It is important to be able to understand the challenges, attacks, and concerns of cryptographic algorithms in order to be able to use them efficiently. Just as important is the ability to follow the latest developments in the field so that we can be “as secure as possible.” This post is trying to present the latest transformations in the cryptography field to raise awareness on what the status quo is on recommended algorithms and key sizes.

Read More »

Tags: crypto, security