Bug ID 921721: FIPS 140-2 SP800-56Arev3 compliance

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1

Fixed In:
16.1.0, 15.1.3, 14.1.3

Opened: Jun 28, 2020

Severity: 3-Major

Symptoms

BIG-IP is not compliant with a NIST revision to the SP800-56A standard for cryptographic algorithms.

Impact

BIG-IP will comply with the older standard.

Conditions

Using cryptographic algorithms covered by this revision in a FIPS 140-2 deployment.

Workaround

Updated cryptographic key assurances and pair-wise consistency checks according to the SP800-56Arev3 standard.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips