Bug ID 921721: FIPS 140-2 SP800-56Arev3 compliance

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1

Fixed In:
16.1.0, 15.1.3, 14.1.3

Opened: Jun 28, 2020
Severity: 3-Major

Symptoms

BIG-IP is not compliant with a NIST revision to the SP800-56A standard for cryptographic algorithms.

Impact

BIG-IP will comply with the older standard.

Conditions

Using cryptographic algorithms covered by this revision in a FIPS 140-2 deployment.

Workaround

Updated cryptographic key assurances and pair-wise consistency checks according to the SP800-56Arev3 standard.

Fix Information

None

Behavior Change