All modules
CMVP Validated Module · FIPS 140-3 Security Policy

Nokia 1830 Photonic Service Switch (PSS) R23.3 Nokia 1830 Photonic Service Interconnect – Modular (PSI-M) R23.3

Certificate#4751StandardFIPS 140-3Level2TypeHardwareEmbodimentMulti-Chip Stand AloneStatusActiveVendorNokia of America Corporation (Nokia)
Critical review priority  ·  exposes debug/recovery interface  ·  last validated 23 months ago. How this is derived →

Certificate

StandardFIPS 140-3
Overall level2
Module typeHardware
EmbodimentMulti-Chip Stand Alone
StatusActive
Sunset date8/4/2026
CaveatInterim Validation.The tamper evident seals installed as indicated in the Security Policy
VendorNokia of America Corporation (Nokia)
Hardware versionsHardware Version: PSS-8 Chassis (WOMPU00CRA / 3KC48901AA ) [1], PSS-16II Chassis (WOMR300BRA / 3KC48960AC) [2], PSS-32 Chassis (WOM4V10GRA / 8DG59319AB) [3], PSS-24x Chassis (WOMP410CRB / 3KC50378AA) [4] and PSI-M Chassis (3KC81791AA) [5], 8EC2 Card (3KC48820AA) [1], 32EC2 Card (8DG63979AA) [2, 3], CEC2 Card (3KC50335AA) [4] and MEC2 Card (3KC81775AA) [5], 11QPEN4 (8DG60996AA) [1-3], S13X100E (8DG63988AA) [1-3], 2UC400E (3KC60522AA) [4], DFC12E (3KC82081AA) [5] and 8P20 (3KC49240AA) [1-3], MFC24X Multi-Function Card (3KC50330AA) [4], Filler Card (8DG59418AA) [1-3], Filler Card (3KC59819AC) [4] and Filler Card (3KC81780AA) [5], Security Label Kit (8DG-6509-AAAA) [1-5]

Approved Algorithms (52)

AlgorithmACVP Cert
AES-CBCA2415
AES-CBCA2538
AES-CBCA2591
AES-CBCA3369
AES-CBCA3369
AES-CFB128A2502
AES-CTRA2537
AES-CTRA2599
AES-CTRA3369
AES-CTRAES 3844
AES-ECBA2537
AES-ECBA2539
AES-ECBA2599
AES-ECBA3369
AES-ECBAES 3844
AES-GCMA2539
AES-GCMA3369
AES-GMACA2599
AES-GMACAES 3844
Counter DRBGA3369
ECDSA KeyGen (FIPS186-4)A3369
ECDSA KeyVer (FIPS186-4)A3369
ECDSA SigGen (FIPS186-4)A3369
ECDSA SigVer (FIPS186-4)A3369
HMAC-SHA-1A2502
HMAC-SHA2-256A2415
HMAC-SHA2-256A2502
HMAC-SHA2-256A2538
HMAC-SHA2-256A2591
HMAC-SHA2-256A3369
HMAC-SHA2-384A3369
HMAC-SHA2-512A3369
KAS-ECC-SSC Sp800-56Ar3A3369
KAS-FFC-SSC Sp800-56Ar3A3369
KDF SNMPA2502
KDF SSHA3369
KDF TLSA3369
RSA KeyGen (FIPS186-4)A3369
RSA SigGen (FIPS186-4)A3369
RSA SigVer (FIPS186-4)A3369
Safe Primes Key GenerationA3369
Safe Primes Key VerificationA3369
SHA-1A2502
SHA-1A3369
SHA2-256A2415
SHA2-256A2502
SHA2-256A2538
SHA2-256A2591
SHA2-256A3369
SHA2-384A3369
SHA2-512A3369
SHA3-256A3310

Derived Review-Risk Graph (review prompts, not findings)

flowchart LR
  %% Deterministic review-risk graph for Nokia 1830 Photonic Service Switch (PSS) R23.3 Nokia 1830 Photonic Service Interconnect – Modular (PSI-M) R23.3
  %% Review prompts and evidence gaps, NOT vulnerability findings.
  subgraph CMVP["CMVP-disclosed clues"]
    C1["[high] Firmware / bootloader<br/>versions disclosed<br/>(identity, not provenance)<br/><i>1830PSS ECN R23.3, 1830PSI-M ECN R23.3</i>"]
    C2["[high] Firmware update / recovery<br/>/ rollback services<br/><i>Upgrade Application Firmware</i>"]
    C3["[high] Unauthenticated /<br/>self-test / status service<br/>surface<br/><i>Show Status</i>"]
    C4["[high] Physical/logical<br/>interfaces (some 'blocked<br/>in firmware')<br/><i>Craft (USB) (1)<br/>USB (1)<br/>USB (#3)</i>"]
    C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>SSH<br/>IPSEC</i>"]
    C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>application</i>"]
  end
  subgraph Inference["Derived inference"]
    I1["Component identity is<br/>disclosed, but provenance<br/>and patch lineage are not."]
    I2["Trusted code is reachable<br/>through update and<br/>recovery paths."]
    I3["Some services may process<br/>input before, or without,<br/>operator authentication."]
    I4["Interface reachability may<br/>vary by boot stage and<br/>lifecycle state."]
    I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
    I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
  end
  subgraph Risk["Reviewer question"]
    R1["Do the vendor version<br/>strings obscure the<br/>upstream baseline, fork<br/>lineage, or known-CVE<br/>exposure?"]
    R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
    R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
    R4["Are interfaces blocked<br/>before the bootloader<br/>runs, or only after<br/>approved mode starts?"]
    R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
    R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
  end
  subgraph Evidence["Evidence needed to close"]
    E1["SBOM / component baselines<br/>· patch and backport<br/>manifest · CVE disposition"]
    E2["update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
    E3["pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
    E4["lifecycle reachability<br/>matrix · boot-stage<br/>interface timing ·<br/>factory/recovery/error-state<br/>access controls"]
    E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
    E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
  end
  C1 --> I1 --> R1 --> E1
  C2 --> I2 --> R2 --> E2
  C3 --> I3 --> R3 --> E3
  C4 --> I4 --> R4 --> E4
  C5 --> I5 --> R5 --> E5
  C6 --> I6 --> R6 --> E6
  classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
  classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
  classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
  classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
  class C1,C2,C3,C4,C5,C6 clue;
  class I1,I2,I3,I4,I5,I6 infer;
  class R1,R2,R3,R4,R5,R6 risk;
  class E1,E2,E3,E4,E5,E6 evidence;
Underlying clues
flowchart LR
  %% Deterministic clue tier for Nokia 1830 Photonic Service Switch (PSS) R23.3 Nokia 1830 Photonic Service Interconnect – Modular (PSI-M) R23.3
  %% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
  subgraph CMVP["CMVP-disclosed clues (deterministic)"]
    C1["[high] Firmware / bootloader versions disclosed (identity, not provenance)<br/><i>1830PSS ECN R23.3, 1830PSI-M ECN R23.3</i><br/>src: certificate.firmwareVersions"]
    C2["[high] Firmware update / recovery / rollback services<br/><i>Upgrade Application Firmware</i><br/>src: securityPolicy.services"]
    C3["[high] Unauthenticated / self-test / status service surface<br/><i>Show Status</i><br/>src: securityPolicy.services"]
    C4["[high] Physical/logical interfaces (some 'blocked in firmware')<br/><i>Craft (USB) (1)<br/>USB (1)<br/>USB (#3)</i><br/>src: securityPolicy.portsAndInterfaces"]
    C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>SSH<br/>IPSEC</i><br/>src: text:keyword"]
    C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>application</i><br/>src: text:keyword"]
  end
  classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
  classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
  classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
  class C1,C2,C3,C4 clueHigh;
  class C5,C6 clueLow;

Security Policy, page by page

Page 1

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Nokia 1830 Photonic Service Switch (PSS) R23.3 Nokia 1830 Photonic Service Interconnect

Page 2

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Table of Contents 2.1 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.2 2.3 2.4 2.5 2.5.1 2.5.2 3.1 3.1.1 3.2 3.2.1 3.3 3.3.1 3.4 3.4.1 3.5 3.5.1 3.6 3.7 3.8 3.9 3.10 3.11 3.12 3.13 3.14 3.15 Security Policy July 31, 2024 1.5

Page 3

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy 4.1 4.2 4.3 5.1 5.2 6.1 6.2 7.1 7.2 7.3 7.4 11.1 11.2 11.3 11.4 15.1 15.2 15.3 15.4 15.5 15.6 15.7 16.1 16.2 Security Policy July 31, 2024 1.5

Page 4

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy 16.3 16.4 16.5 List of Tables Security Policy July 31, 2024 1.5

Page 5

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy List of Figures Security Policy July 31, 2024 1.5

Page 6

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Security Policy July 31, 2024 1.5

Page 7
Security level
NameISO SectionRequirementLevel
11General2
22Cryptographic module specification2
33Cryptographic module interfaces2
44Roles, services, and authentication3
55Software/Firmware security2
66Operational environment2
77Physical security2
88Non-invasive securityN/A
99Sensitive security parameter management2
1010Self-tests2
1111Life-cycle assurance2
1212Mitigation of other attacksN/A

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy This document describes the non-proprietary Cryptographic Module Security Policy for the Nokia 1830 Photonic Service Switch (PSS) R23.3 (internal release R14.2) and Nokia 1830 Photonic Service Interconnect

Page 8
Module configuration
NameModelHardware VersionFirmware VersionFeatures
1830 PSS- 321830 PSS- 32Chassis - WOM4V10GRA / 8DG59319ABn/aCard Holder
32EC2 - 8DG63979AA32EC2 - 8DG63979AA1830PSS ECN R23.3Equipment Controller Card
11QPEN4 - 8DG60996AA11QPEN4 - 8DG60996AA10G Interface Card
8P20 - 3KC49240AA8P20 - 3KC49240AA10G Interface Card
S13X100E - 8DG63988AAS13X100E - 8DG63988AA100G Interface Card
Filler Card - 8DG59418AAFiller Card - 8DG59418AAn/aEmpty Slot Blank
Security Label Kit - 8DG-6509- AAAASecurity Label Kit - 8DG-6509- AAAAn/aTamper Labels
1830 PSS 16II1830 PSS 16IIChassis - WOMR300BRA / 3KC48960ACn/aCard Holder
32EC2 - 8DG63979AA32EC2 - 8DG63979AA1830PSS ECN R23.3Equipment Controller Card
11QPEN4 - 8DG60996AA11QPEN4 - 8DG60996AA10G Interface Card
8P20 - 3KC49240AA8P20 - 3KC49240AA10G Interface Card
S13X100E - 8DG63988AAS13X100E - 8DG63988AA100G Interface Card
Filler Card - 8DG59418AAFiller Card - 8DG59418AAn/aEmpty Slot Blank
Security Label Kit - 8DG-6509- AAAASecurity Label Kit - 8DG-6509- AAAAn/aTamper Labels
1830 PSS- 81830 PSS- 8Chassis - WOMPU00CRA / 3KC48901AAn/aCard Holder
8EC2 - 3KC48820AA8EC2 - 3KC48820AA1830PSS ECN R23.3Equipment Controller Card
11QPEN4 - 8DG60996AA11QPEN4 - 8DG60996AA10G Interface Card
8P20 - 3KC49240AA8P20 - 3KC49240AA10G Interface Card
S13X100E - 8DG63988AAS13X100E - 8DG63988AA100G Interface Card
Filler Card - 8DG59418AAFiller Card - 8DG59418AAn/aEmpty Slot Blank
Security Label Kit - 8DG-6509- AAAASecurity Label Kit - 8DG-6509- AAAAn/aTamper Labels
1830 PSS-24x1830 PSS-24xChassis - WOMP410CRB / 3KC50378AAn/aCard Holder
CEC2 - 3KC50335AACEC2 - 3KC50335AA1830PSS ECN R23.3Equipment Controller Card
MFC24X - 3KC50330AAMFC24X - 3KC50330AAMulti-Function Card
2UC400E - 3KC60522AA2UC400E - 3KC60522AA100G Interface Card
Filler Card – 3KC59819ACFiller Card – 3KC59819ACn/aEmpty Slot Blank
Security Label Kit - 8DG-6509-AAAASecurity Label Kit - 8DG-6509-AAAAn/aTamper Labels
1830 PSI-M1830 PSI-MChassis - 3KC81791AAn/aCard Holder
MEC2 - 3KC81775AAMEC2 - 3KC81775AA1830PSI-M ECN R23.3Equipment Controller Card
DFC12E - 3KC82081AADFC12E - 3KC82081AA100G Interface Card
Filler Card – 3KC81780AAFiller Card – 3KC81780AAn/aEmpty Slot Blank
Security Label Kit - 8DG-6509-AAAASecurity Label Kit - 8DG-6509-AAAAn/aTamper Labels

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Cryptographic module specification For the purposes of FIPS 140-3, the 1830 is designated as a multi-chip standalone hardware cryptographic module.

2.1 Tested Platforms

The following platforms were tested for running the module in a FIPS approved mode. They all share the same CPU, the Marvell MV78460, which does not contain a Processor Algorithm Accelerator (PAA). Use of circuit packs not tested under this validation will invalidate the FIPS certification.

1830 PSS32

n/a n/a n/a n/a Table 2

Page 9
Module configuration
NameModelHardware VersionFirmware VersionFeatures
1830 PSS- 81830 PSS- 8Chassis - WOMPU00CRA / 3KC48901AAn/aCard Holder
8EC2 - 3KC48820AA8EC2 - 3KC48820AA1830PSS ECN R23.3Equipment Controller Card
11QPEN4 - 8DG60996AA11QPEN4 - 8DG60996AA10G Interface Card
8P20 - 3KC49240AA8P20 - 3KC49240AA10G Interface Card
S13X100E - 8DG63988AAS13X100E - 8DG63988AA100G Interface Card
Filler Card - 8DG59418AAFiller Card - 8DG59418AAn/aEmpty Slot Blank
Security Label Kit - 8DG-6509- AAAASecurity Label Kit - 8DG-6509- AAAAn/aTamper Labels
1830 PSS-24x1830 PSS-24xChassis - WOMP410CRB / 3KC50378AAn/aCard Holder
CEC2 - 3KC50335AACEC2 - 3KC50335AA1830PSS ECN R23.3Equipment Controller Card
MFC24X - 3KC50330AAMFC24X - 3KC50330AAMulti-Function Card
2UC400E - 3KC60522AA2UC400E - 3KC60522AA100G Interface Card
Filler Card – 3KC59819ACFiller Card – 3KC59819ACn/aEmpty Slot Blank
Security Label Kit - 8DG-6509-AAAASecurity Label Kit - 8DG-6509-AAAAn/aTamper Labels
1830 PSI-M1830 PSI-MChassis - 3KC81791AAn/aCard Holder
MEC2 - 3KC81775AAMEC2 - 3KC81775AA1830PSI-M ECN R23.3Equipment Controller Card
DFC12E - 3KC82081AADFC12E - 3KC82081AA100G Interface Card
Filler Card – 3KC81780AAFiller Card – 3KC81780AAn/aEmpty Slot Blank
Security Label Kit - 8DG-6509-AAAASecurity Label Kit - 8DG-6509-AAAAn/aTamper Labels

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

1830 PSS8

n/a n/a n/a Table 4 - PSS-8 Cryptographic Module Test Configuration n/a n/a n/a Table 5 - PSS-24x Cryptographic Module Test Configuration n/a n/a Table 6 - PSI-M Cryptographic Module Test Configuration Security Policy July 31, 2024 1.5

Page 10
Approved algorithm
NameCAVP CertMode MethodKey SizeUse FunctionDescription / Key Size / Key Strength
AES [FIPS 197] [SP 800-38A]A2502CFB128Key Length: 256 bitsSymmetric Encryption and Decryption
HMAC [FIPS 198-1]A2502SHA-1, SHA2- 256Key Length: 160 bits, 256 bitsKeyed Hash
CVL [SP 800-135 Rev 1]A2502SNMP KDF Note: The SNMP protocols have not been reviewed or tested by the CAVP and CMVPKey Derivation
KTS [SP 800-38F Rev 1]A2502SP 800-38A, FIPS 198-1, and SP 800-38F. KTS (key wrapping and unwrapping) per IG D.G.Key Length: 256 bits Key Strength: 256 bitsKey establishment methodology provides 256 bits of encryption strength)
SHS [FIPS 180-4]A2502SHA-1, SHA- 256Message Digest
AES [FIPS 197] [SP 800-38A]A3369CBC, CTRKey length: 128, 256 bitsSymmetric Encryption and Decryption
AES [FIPS 197] [SP 800-38A]A3369ECBKey Length: 128 bitsSymmetric Encryption and Decryption Self-Test only
AES [SP 800-38D]A3369GCMKey length: 128, 256 bitsSymmetric Encryption and Decryption
CKG [SP 800-133 Rev 2]Vendor AffirmedSymmetric key generation Symmetric keys and generated
Section 5.1: Key Pairs for Digital Signature Schemes Section 6.1: The Direct Generation of Symmetric Keysseeds are produced using unmodified output from the Approved DRBG.
CTR_DRBG [SP800-90A]A3369AES-256 Derivation Function Enabled No Prediction Resistance256 bitsRandom Number Generation
ECDSA [FIPS 186-4]A3369Key Pair Generation (PKG)Curve: P-256, P-384, P-521Asymmetric Key Generation
ECDSA [FIPS 186-4]A3369Public Key Validation (PKV)Curve: P-256, P-384, P-521Asymmetric Public Key Verification
ECDSA [FIPS 186-4]A3369Signature GenerationCurve: P-256, P-384, P-521Digital Signature Verification
ECDSA [FIPS 186-4]A3369Signature VerificationCurve: P-256, P-384, P-521Digital Signature Verification
HMAC [FIPS 198-1]A3369SHA-256, SHA- 384, SHA-512Key Length: 256 bits or greaterKeyed Hash
KAS-SSC [SP800-56A Rev 3]A3369KAS-ECC-SSC: Scheme: “Ephemeral Unified” with curve P-256, P- 384, P-521 KAS-FFC-SSC: Scheme: “dhEphem” and domain parameter generation methods “ffdhe2048, MODP-4096, MODP-8192”Domain Parameter Generation Methods: ffdhe2048, MODP-4096, MODP-8192Shared Secret Computation ffdhe2048 self- test only
KAS [SP800-56A Rev 3]A3369KAS (ECC): P-256, P-384 and P-521KAS (KAS-SSC Cert. #A3369, CVL
with SSH and TLS v1.2 KDF (SP800- 135rev1) KAS (FFC): ffdhe2048, MODP-4096, and MODP- 8192 with SSH KDF (SP800- 135rev1)with SSH and TLS v1.2 KDF (SP800- 135rev1) KAS (FFC): ffdhe2048, MODP-4096, and MODP- 8192 with SSH KDF (SP800- 135rev1)Cert. #A3369) As per IG D.F Scenario 2 path (2), the CAVP testing is performed in which case it is split into (i) testing the computation of the shared secret, (ii) testing the key derivation function used in deriving the keying material as per SP800- 135 Rev 1
KTS [SP 800-38F Rev 1]A3369SP 800-38A, FIPS 198-1, and SP 800-38F. KTS (key wrapping and unwrapping) per IG D.G.Key Length: 128, 256 bits Key Strength: 128, 256 bitsKey establishment methodology provides between 128 and 256 bits of encryption strength.
KTS [SP 800-38F Rev 1]A3369Key wrapping per IG D.G.Key Length: 128, 256 bits Key Strength: 128, 256 bitsKey Transport (SSH, TLS) Key establishment methodology provides between 128 and 256 bits of encryption strength.
CVL [SP 800-135 Rev 1]A3369SSH KDF, TLS KDF Note: The SSH, TLS protocols have not been reviewed or tested by the CAVP and CMVPKey DerivationCipher: AES-
RSA [FIPS 186-4]A3369Modulus: 2048, 3072, 4096Asymmetric Key Generation
RSA [FIPS 186-4]A3369Signature Generation (PKCS#1 v1.5)Modulus: 2048, 3072, 4096Digital Signature Generation
RSA [FIPS 186-4]A3369Signature Verification (PKCS#1 v1.5)Modulus: 1024, 2048, 3072, 4096Digital Signature Verification
RSA [FIPS 186-4]A3369Signature Verification (PKCS PSS)Modulus: 4096Digital Signature Verification Self-test only
Safe Primes Key Generation [SP 800-133 Rev 1]A3369KeyGen for DHSafe Prime Groups: ffdhe2048, MODP-4096, MODP-8192Key Generation ffdhe2048 Self- test only
Safe Primes Key Verification [SP 800-133 Rev 1]A3369KeyVer for DHSafe Prime Groups: MODP- 4096, MODP- 8192Key Verification
SHS [FIPS 180-4]A3369SHA-1, SHA-256, SHA-384, SHA- 512N/AMessage Digest

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

2.2 Algorithms

Nokia PSS-32/16II/8/24x PSI-M SNMP-Engine 1] SHA-1, SHA2256 SHA-1, SHA256 Table 7 - Approved Algorithms (Nokia SNMP-Engine) The use of truncated HMAC-SHA-1-96 in SNMP protocol is compliant with IG.C.D Nokia openSSL Security Policy July 31, 2024 1.5

Page 11

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Security Policy July 31, 2024 1.5

Page 12

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy KDF (SP800135rev1) and MODP8192 KDF (SP800135rev1) Security Policy July 31, 2024 1.5

Page 13

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy 4096, MODPRev 1] Table 8 - Approved Algorithms (Nokia openSSL) Security Policy July 31, 2024 1.5

Page 14
Approved algorithm
NameCAVP CertMode MethodKey SizeUse Function
A3310SHA3-256Message DigestA3310SHS [FIPS 202]256
E26N/A (Algorithms covered by A3310)Random Number GenerationE26Entropy [SP800-90B]N/A
AES [FIPS 197] [SP 800-38A]A2537CTRKey length: 256 bitsSymmetric Encryption and Decryption
AES [FIPS 197] [SP 800-38A]ECB Encryption onlyKey length: 256 bitsSymmetric Encryption
AES [SP 800-38D]A2539GCMKey length: 256 bitsSymmetric Encryption and Decryption
AES [FIPS 197] [SP 800-38A]ECB Encryption onlyKey length: 256 bitsSymmetric Encryption
AES [FIPS 197] [SP 800-38A]A2538CBCKey length: 256 bitsSymmetric Encryption and Decryption
HMAC [FIPS 198-1]SHA2-256256 bitsKeyed Hash
SHS [FIPS 180-4]SHA2-256256 bitsMessage Digest
Approved algorithm
NameCAVP CertMode MethodKey SizeUse Function
A3310SHA3-256Message DigestA3310SHS [FIPS 202]256
E26N/A (Algorithms covered by A3310)Random Number GenerationE26Entropy [SP800-90B]N/A
AES [FIPS 197] [SP 800-38A]A2537CTRKey length: 256 bitsSymmetric Encryption and Decryption
AES [FIPS 197] [SP 800-38A]ECB Encryption onlyKey length: 256 bitsSymmetric Encryption
AES [SP 800-38D]A2539GCMKey length: 256 bitsSymmetric Encryption and Decryption
AES [FIPS 197] [SP 800-38A]ECB Encryption onlyKey length: 256 bitsSymmetric Encryption
AES [FIPS 197] [SP 800-38A]A2538CBCKey length: 256 bitsSymmetric Encryption and Decryption
HMAC [FIPS 198-1]SHA2-256256 bitsKeyed Hash
SHS [FIPS 180-4]SHA2-256256 bitsMessage Digest

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Nokia Jitter Entropy (JENT) N/A N/A Table 9

Page 15
Approved algorithm
NameCAVP CertMode MethodKey SizeUse Function
AES [FIPS 197] [SP 800- 38A]AES 3844 (S13X100E and 2UC400E)CTRKey length: 256 bitsSymmetric Encryption and Decryption
AES [FIPS 197] [SP 800- 38A]ECB Encryption onlyKey length: 256 bitsSymmetric Encryption
AES [SP 800- 38D]GMACKey length: 256 bitsSymmetric Encryption and Decryption
AES [FIPS 197] [SP 800- 38A]A2415 (S13X100E), A2416 (2UC400E)CBCKey length: 256 bitsSymmetric Encryption and Decryption
HMAC [FIPS 198-1]SHA2-256256 bitsKeyed Hash
SHS [FIPS 180-4]SHA2-256256 bitsMessage Digest
AES [FIPS 197] [SP 800- 38A]A2599 (DCF12E)CTRKey length: 256 bitsSymmetric Encryption and Decryption
AES [FIPS 197] [SP 800- 38A]ECB Encryption onlyKey length: 256 bitsSymmetric Encryption
AES [SP 800- 38D]GMACKey length: 256 bitsSymmetric Encryption and Decryption
AES [FIPS 197] [SP 800- 38A]A2591 (MEC2)CBCKey length: 256 bitsSymmetric Encryption and Decryption
HMAC [FIPS 198-1]SHA2-256256 bitsKeyed Hash
SHS [FIPS 180-4]SHA2-256256 bitsMessage Digest

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy CRYPOTN (Nokia 100G using Microsemi, S13X100E, 2UC400E) [SP 8002UC400E) [SP 800only [SP 800bits Table 11 - Approved Algorithms (S13X100E, 2UC400E) CRYPOTN IP (Nokia 100G using Microsemi IP, DFC12E, MEC2) [SP 80038A] [SP 800only [SP 800bits [SP 80038A] Table 12 - Approved Algorithms (DFC12E, MEC2) Security Policy July 31, 2024 1.5

Page 16

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy CRYPOTN (Nokia 100G using Microsemi) uses HMAC-SHA256 (and the underlying SHA-256) for the authentication of the pack serial number, which is used to distinguish the two ends of the encryption section (certificate C1545). CRYPOTN (Nokia 100G using Microsemi) uses AES-256-CTR combined with AES-GMAC to form a proprietary authenticated encryption function (GMAC+CTR). The authentication key is derived from the encryption key in exactly the same way that AES-GCM does and also all calculations are done in a GCM like manner. The only difference is that the length of the authentication and cipher text fields are transposed. For CRYPOTN, the IV generation follows the rules of [FIPS 140-3 IG] section C.H (case 4): The probability that the proprietary GMAC+CTR authenticated encryption function ever will be invoked with the same IV and the same key on two (or more) distinct sets of input data shall be no greater than 2-32 for 1830 PSS S13X100E and 2UC400E. The following rules ensure that the construction of the IV, the keys and the Fixed Field used satisfy the above requirement. i.) By implementation, the Fixed Field for AtoZ direction is always different than the ZtoA direction. ii.) By implementation, the IV is composed of a Fixed Field and a running counter (Invocation Field) that starts at zero iii.) By implementation, authentication stops and new keys are required from the key management system if: a. The modules power is lost and then restored (which would cause the IV to be reset) b. Running counter reaches its maximum iv.) Therefore, since IV are only reused with different keys, as long as the probability of new keys being different than any previous used keys exceeds 2-32, then the concatenation of the keys with the IV will also exceed 2-32. v.) By Policy, the key management system (external to the module) always generates random 256-bit keys and the probability of the key manager ever generating the same key again shall be no greater than 2-32 during the system lifetime across all keys generated. vi.) By Policy, the key management system uses one newly generated key on one circuit per one key session time period. The key is used for both the AtoZ and the ZtoA directions of that circuit for that key session time period. Security Policy July 31, 2024 1.5

Page 17

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy 2.3 Module Description The 1830 PSS is a scalable, next-generation Dense Wave Division Multiplexer (DWDM) platform that supports data center aggregation for Ethernet, Fiber Channel (FC) and other protocols. Multiprotocol services can then be dynamically and flexibly transported over metro and long-haul spans, using Tunable and Reconfigurable Optical Add-Drop Multiplexers (T-ROADMs) for optical wavelengths. The 1830 PSS enables transparent L2 Ethernet or FC and L3 IP services over the optical link. The Nokia 1830 PSS-32 shelves provide increased network flexibility and operational automation through zero-touch, transparent photonic networking. Photonic networks use simplified and accelerated operations to transform wavelength division multiplexing (WDM) into true transport networking with advanced flexibility, performance, automation, and integration. Several Optical Add-Drop multiplexing (OADM) configurations are supported by components that provide optical filter routing, optical amplification, and support for interworking with optical signals originating on non-1830 PSS hardware. The Nokia 1830 PSS-32s are closely related shelves that compose the Nokia 1830 PSS-32 multi-service multi-reach solution. They are scalable optical transport platforms that implement a converged platform solution for multi-service DWDM metro-area, long-haul, and Optical Transport Network (OTN) switching, and leading-edge flexibility with next generation optical and OTN capabilities. The Nokia 1830 PSS-32 Central Office Shelf provides a 32-slot primarily DWDM platform. Figure 1 - PSS-32 Shelf The Nokia 1830 PSS-8 and PSS-16II are the new generation in the 1830 portfolio; it is future-oriented product to provide high capacity, high flexibility and high scalability. Integrated together with existing network management systems and engineering tools, both shelves provide operational automation through zero-touch, transparent photonic networking. These two new products are based on the platform that converges Lambda switching, OTN switching and packet switching in metro aggregation and core layers for service grooming and aggregation. Figure 2 - PSS-16II Shelf Security Policy July 31, 2024 1.5

Page 18

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Figure 3 - PSS-8 Shelf The 1830 PSS-24x is designed to address multilayer, multiservice, optical network scale and efficiency by delivering an industry leading level of optical transport network (OTN) and Ethernet switching. Capable of supporting up to 48 Tbps of OTN/Ethernet switching capacity in a single rack, terabit capable card slots and low system power utilization, the 1830 PSS-24x takes OTN/Ethernet grooming and protection to the next level of scale required to support efficient 100G, 200G, 400G, 500G and beyond wavelength transport. Figure 4 - PSS-24x Shelf The 1830 Photonic Services Interconnect

Page 19

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy The FIPS approved configurations of 1830 PSS and 1830 PSI-M consist of physically secured single shelf entities equipped with equipment controller cards and encryption cards. The cryptographic module is based on the encryption cards 11QPEN4, S13X100E, 2UC400E installed on a single shelf version of an 1830 PSS with an equipment controller (32EC2E, 8EC2E or CEC2) as shown in 2.1.

2.4 Block Diagram

Figure 6 - 1830 PSS, 1830 PSI-M Block Diagram Security Policy July 31, 2024 1.5

Page 20
Approved algorithm
NameUse Function
AES- DeviS-256 evice1830 PSS AES-256 32EC2 Device 8EC2 S13X100E CEC2 11QPEN4 2UC400E Key Repository cryptographic boundaryAES-256 Device S13X100E 11QPEN4 2UC400E Key RepositoryAE D256 ce

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

2.5.1 PSS-32/16II/8/24x

FIPS Configurations of 1830 PSS must meet stringent Physical, Logical and Operational requirements that are more restrictive than typical telecom or data center deployments. While the generalized use of

1830 PSS may normally include many different multi-shelf configurations with many different circuit

pack types, the FIPS approved configurations of 1830 PSS consist of physically secured single shelf entities equipped with equipment controller cards and 11QPEN4, S13X100E, 2UC400E cards. The cryptographic module is based on the encryption card 11QPEN4 and/or S13X100E or 2UC400E installed on a single shelf version of an 1830 PSS with an Equipment Controller (32EC2E, 8EC2E or The cryptographic modules are intended to be deployed at both ends of a transmit/receive pair of external optical fibers between two data centers to provide encryption of 10GE, 8G/10GFC and ODU2 client traffic (for 11QPEN4) and 10x 10GE/ODU2, 2x 40GE or 100GE/ODU4 (for S13X100E) and 4x ODU4 (for 2UC400E) while in flight between data centers. Data Service Interface (10GE/10GFC/OTU2) (100GE/40GE/10GE Data Service Interface (10GE/10GFC/OTU2) (100GE/40GE/10GE NM-NE interfaces KM-NE interfaces External KM KM-NE interfaces NM-NE interfaces External NM Figure 7 - Network Configuration of 1830 PSS-32/16II/8/24x

2.5.2 PSI-M

FIPS Configurations of 1830 PSI-M must meet stringent Physical, Logical and Operational requirements that are more restrictive than typical telecom or data center deployments. The FIPS approved configurations of 1830 PSI-M consist of physically secured single shelf entities equipped with equipment controller cards and DFC12E cards. The cryptographic module is based on the encryption card DFC12E installed on an 1830 PSI-M with an Equipment Controller (MEC2). The cryptographic modules are intended to be deployed at both ends of a transmit/receive pair of external optical fibers between two data centers to provide encryption of 12x ODU4 (for DFC12E) while in flight between data centers. Security Policy July 31, 2024 1.5

Page 21

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Data Service Interface (100GE) Encrypted ODU-4 (x12 per DFC12E) Data Service Interface (100GE) Optical Fiber

1830 PSI-M

MEC2 AES-256 Device AES-256 Device DFC12E DFC12E Key Repository Key Repository cryptographic boundary cryptographic boundary NM-NE interfaces

1830 PSI-M

MEC2 KM-NE interfaces External KM KM-NE interfaces NM-NE interfaces External NM Figure 8 - Network Configuration of 1830 PSI-M Security Policy July 31, 2024 1.5

Page 22
Ports and interfaces
NamePhysical PortLogical InterfaceData That Passes
OAMP (1)OAMP (1)OAMP interfaceControl Input – Status Output
Craft (USB) (1)Craft (USB) (1)Craft TerminalControl Input – Status Output
Craft (DB-9) (1)Craft (DB-9) (1)Craft TerminalControl Input – Status Output
CIT (2)CIT (2)OAMP interface (local)Control Input – Status Output
LEDs (9)LEDs (9)Card, Transmission statusStatus output
L (4)L (4)TransmissionData Input – Data Output
VA (4)VA (4)TransmissionData Output
LEDs (2)LEDs (2)Card, Transmission statusStatus output
L (1)L (1)TransmissionData Input – Data Output
n.a.n.a.n.a.No Interfaces
STATUS (1)STATUS (1)NE status LEDStatus Output
HOUSEKEEPING (1)HOUSEKEEPING (1)Housekeepingn.a. (shelf internal)
ALARM (1)ALARM (1)Rack Alarmn.a. (shelf internal)
CR/PROMPT (1)CR/PROMPT (1)Critical Condition LEDStatus Output
MJ/PROMPT (1)MJ/PROMPT (1)Major Condition LEDStatus Output
MN/DEFRD (1)MN/DEFRD (1)Minor Condition LEDStatus Output
WARNING (1)WARNING (1)Warning Condition LEDStatus Output
ATTENDED (1)ATTENDED (1)NE attended status LEDStatus Output
ABNORMAL (1)ABNORMAL (1)NE attended status LEDStatus Output
OAMP (1) (incl. LED)OAMP (1) (incl. LED)OAMP (GbE)Control Input – Status Output
VOIP (1) (incl. LED)VOIP (1) (incl. LED)Voice over IPData Input – Data Output
Ports and interfaces
NamePhysical PortLogical InterfaceData That Passes
OAMP (1)OAMP (1)OAMP interfaceControl Input – Status Output
Craft (USB) (1)Craft (USB) (1)Craft TerminalControl Input – Status Output
Craft (DB-9) (1)Craft (DB-9) (1)Craft TerminalControl Input – Status Output
CIT (2)CIT (2)OAMP interface (local)Control Input – Status Output
LEDs (9)LEDs (9)Card, Transmission statusStatus output
L (4)L (4)TransmissionData Input – Data Output
VA (4)VA (4)TransmissionData Output
LEDs (2)LEDs (2)Card, Transmission statusStatus output
L (1)L (1)TransmissionData Input – Data Output
n.a.n.a.n.a.No Interfaces
STATUS (1)STATUS (1)NE status LEDStatus Output
HOUSEKEEPING (1)HOUSEKEEPING (1)Housekeepingn.a. (shelf internal)
ALARM (1)ALARM (1)Rack Alarmn.a. (shelf internal)
CR/PROMPT (1)CR/PROMPT (1)Critical Condition LEDStatus Output
MJ/PROMPT (1)MJ/PROMPT (1)Major Condition LEDStatus Output
MN/DEFRD (1)MN/DEFRD (1)Minor Condition LEDStatus Output
WARNING (1)WARNING (1)Warning Condition LEDStatus Output
ATTENDED (1)ATTENDED (1)NE attended status LEDStatus Output
ABNORMAL (1)ABNORMAL (1)NE attended status LEDStatus Output
OAMP (1) (incl. LED)OAMP (1) (incl. LED)OAMP (GbE)Control Input – Status Output
VOIP (1) (incl. LED)VOIP (1) (incl. LED)Voice over IPData Input – Data Output
E1, E2 (2) (incl. LED)E1, E2 (2) (incl. LED)Inter-Shelf LANn.a. (shelf internal)
CRAFT (1)CRAFT (1)Type B USB interface Craft: Craft Port (USB signal)Control Input – Status Output
ACO (1)ACO (1)Alarm cut off buttonControl Input
LAMP TEST (1)LAMP TEST (1)Lamp test buttonControl Input
CRAFT (Sub-D) (1)CRAFT (Sub-D) (1)(D-Sub DE-9) Debug Serial In/OutControl Input – Status Output
RACK, LAMP (1)RACK, LAMP (1)Rack alarm, Rack Lampn.a. (shelf internal)
OAMP (1)OAMP (1)OAMP interfaceControl Input – Status Output
Craft (USB) (1)Craft (USB) (1)Craft TerminalControl Input – Status Output
Craft (DB-9) (1)Craft (DB-9) (1)Craft TerminalControl Input – Status Output
CIT (2)CIT (2)OAMP interface (local)Control Input – Status Output
LEDs (9)LEDs (9)Card, Transmission statusStatus output
L (4)L (4)TransmissionData Input – Data Output
VA (4)VA (4)TransmissionData Output
LEDs (2)LEDs (2)Card, Transmission statusStatus output
L (1)L (1)TransmissionData Input – Data Output
n.a.n.a.n.a.No Interfaces

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Cryptographic module interfaces The logical interface Control Output is not used by the module. The module does not output any command or control data used to control another module. L (4) L (1) n.a. n.a. Table 13 - PSS-32 Ports and Interfaces 3.1.1 Figure 9 - PSS32 User Panel - front view Security Policy July 31, 2024 1.5

Page 23
Ports and interfaces
NamePhysical PortLogical InterfaceData That Passes
E1, E2 (2) (incl. LED)E1, E2 (2) (incl. LED)Inter-Shelf LANn.a. (shelf internal)
CRAFT (1)CRAFT (1)Type B USB interface Craft: Craft Port (USB signal)Control Input – Status Output
ACO (1)ACO (1)Alarm cut off buttonControl Input
LAMP TEST (1)LAMP TEST (1)Lamp test buttonControl Input
CRAFT (Sub-D) (1)CRAFT (Sub-D) (1)(D-Sub DE-9) Debug Serial In/OutControl Input – Status Output
RACK, LAMP (1)RACK, LAMP (1)Rack alarm, Rack Lampn.a. (shelf internal)
OAMP (1)OAMP (1)OAMP interfaceControl Input – Status Output
Craft (USB) (1)Craft (USB) (1)Craft TerminalControl Input – Status Output
Craft (DB-9) (1)Craft (DB-9) (1)Craft TerminalControl Input – Status Output
CIT (2)CIT (2)OAMP interface (local)Control Input – Status Output
LEDs (9)LEDs (9)Card, Transmission statusStatus output
L (4)L (4)TransmissionData Input – Data Output
VA (4)VA (4)TransmissionData Output
LEDs (2)LEDs (2)Card, Transmission statusStatus output
L (1)L (1)TransmissionData Input – Data Output
n.a.n.a.n.a.No Interfaces

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Table 14 - PSS-32 User Panel - Ports and Interfaces L (4) L (1) n.a. n.a. Table 15 - PSS-16II Ports and Interfaces 3.2.1 Figure 10 - PSS-16II User Panel - Ports and Interfaces Security Policy July 31, 2024 1.5

Page 24
Ports and interfaces
NamePhysical PortLogical InterfaceData That Passes
LEDs Alarm Status (4) (#1)LEDs Alarm Status (4) (#1)NE alarm statusStatus Output
LED ATT (1) (#2)LED ATT (1) (#2)NE attended statusStatus Output
LED STAT (1) (#3)LED STAT (1) (#3)NE statusStatus Output
Shelf-ID Rotary H, L (2) (#4,5)Shelf-ID Rotary H, L (2) (#4,5)Shelf-ID configurationControl Input
CRAFT (#6)CRAFT (#6)Type B USB interface Craft: Craft Port (USB signal)Control Input – Status Output
HK1, HK2 (#7)HK1, HK2 (#7)Housekeepingn.a. (shelf internal)
RACK, LAMP (#8)RACK, LAMP (#8)Rack alarm, Rack Lampn.a. (shelf internal)
OAMP (#9) (incl. LED)OAMP (#9) (incl. LED)OAMP (GbE)Control Input – Status Output
VOIP (#9) (incl. LED)VOIP (#9) (incl. LED)Voice over IPData Input – Data Output
E1, E2 (#10) (incl. LED)E1, E2 (#10) (incl. LED)Inter-Shelf LANn.a. (shelf internal)
BITS out TOD out (#11)BITS out TOD out (#11)Clock and timingData Output
BITS in TOD in (#11)BITS in TOD in (#11)Clock and timingData Input
BITS out TOD out (#12)BITS out TOD out (#12)Clock and timingData Output
BITS in TOD in (#12)BITS in TOD in (#12)Clock and timingData Input
INV (#13)INV (#13)1-wire connection to SFD44n.a. (shelf internal)
ACO (#14)ACO (#14)Alarm cut off buttonControl Input
LAMP TEST (#15)LAMP TEST (#15)Lamp test buttonControl Input
OAMP (1)OAMP (1)OAMP interfaceControl Input – Status Output
Craft (1)Craft (1)Craft TerminalControl Input – Status Output
CIT (2)CIT (2)OAMP interface (local)Control Input – Status Output
LEDs (9)LEDs (9)Card, Transmission statusStatus output
L (4)L (4)TransmissionData Input – Data Output
VA (4)VA (4)TransmissionData Output
LEDs (2)LEDs (2)Card, Transmission statusStatus output
L (1)L (1)TransmissionData Input – Data Output
n.a.n.a.n.a.No Interfaces
Ports and interfaces
NamePhysical PortLogical InterfaceData That Passes
LEDs Alarm Status (4) (#1)LEDs Alarm Status (4) (#1)NE alarm statusStatus Output
LED ATT (1) (#2)LED ATT (1) (#2)NE attended statusStatus Output
LED STAT (1) (#3)LED STAT (1) (#3)NE statusStatus Output
Shelf-ID Rotary H, L (2) (#4,5)Shelf-ID Rotary H, L (2) (#4,5)Shelf-ID configurationControl Input
CRAFT (#6)CRAFT (#6)Type B USB interface Craft: Craft Port (USB signal)Control Input – Status Output
HK1, HK2 (#7)HK1, HK2 (#7)Housekeepingn.a. (shelf internal)
RACK, LAMP (#8)RACK, LAMP (#8)Rack alarm, Rack Lampn.a. (shelf internal)
OAMP (#9) (incl. LED)OAMP (#9) (incl. LED)OAMP (GbE)Control Input – Status Output
VOIP (#9) (incl. LED)VOIP (#9) (incl. LED)Voice over IPData Input – Data Output
E1, E2 (#10) (incl. LED)E1, E2 (#10) (incl. LED)Inter-Shelf LANn.a. (shelf internal)
BITS out TOD out (#11)BITS out TOD out (#11)Clock and timingData Output
BITS in TOD in (#11)BITS in TOD in (#11)Clock and timingData Input
BITS out TOD out (#12)BITS out TOD out (#12)Clock and timingData Output
BITS in TOD in (#12)BITS in TOD in (#12)Clock and timingData Input
INV (#13)INV (#13)1-wire connection to SFD44n.a. (shelf internal)
ACO (#14)ACO (#14)Alarm cut off buttonControl Input
LAMP TEST (#15)LAMP TEST (#15)Lamp test buttonControl Input
OAMP (1)OAMP (1)OAMP interfaceControl Input – Status Output
Craft (1)Craft (1)Craft TerminalControl Input – Status Output
CIT (2)CIT (2)OAMP interface (local)Control Input – Status Output
LEDs (9)LEDs (9)Card, Transmission statusStatus output
L (4)L (4)TransmissionData Input – Data Output
VA (4)VA (4)TransmissionData Output
LEDs (2)LEDs (2)Card, Transmission statusStatus output
L (1)L (1)TransmissionData Input – Data Output
n.a.n.a.n.a.No Interfaces

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Table 16 - PSS-16II User Panel - Ports and Interfaces L (4) L (1) n.a. n.a. Table 17 - PSS-8 Ports and Interfaces 3.3.1 Security Policy July 31, 2024 1.5

Page 25
Ports and interfaces
NamePhysical PortLogical InterfaceData That Passes
BITS out TOD out (#1)BITS out TOD out (#1)Clock and timingData Output
BITS in TOD in (#2)BITS in TOD in (#2)Clock and timingData Input
OAMP (1) (#3)OAMP (1) (#3)OAMP interfaceControl Input – Status Output
STAT (1)STAT (1)NE status LEDStatus Output
Shelf ID MSB, LSB (2)Shelf ID MSB, LSB (2)Shelf ID Rotary DialsControl Input
STAT (1)STAT (1)Card Status LEDStatus Output
EPS (1)EPS (1)EPS LEDStatus Output
(1)(1)Alarm cut off buttonControl Input
C, M, m, W (4)C, M, m, W (4)Alarm Condition LEDStatus Output
AT (1)AT (1)Attended LEDStatus Output
AB (1)AB (1)Abnormal LEDStatus Output
(1)(1)Type B USB interface Craft: Craft Port (USB signal)Control Input – Status Output
DLAN (1)DLAN (1)Debug LANControl Input – Status Output
DSER (1)DSER (1)Debug Serial In/OutControl Input – Status Output
DNR (1)DNR (1)Do Not Remove LEDStatus Output
CIT (1)CIT (1)OAMP Management (local)Control Input – Status Output
OAMP (1)OAMP (1)OAMP ManagementControl Input – Status Output
E1 (1)E1 (1)OAMP ManagementControl Input – Status Output
RRReset ButtonControl Input
STATSTATCard status LEDStatus Output
1, 2 LED (2)1, 2 LED (2)Transmission status LEDStatus output
1, 2 (2)1, 2 (2)Line InterfaceData Input – Data Output
n.a.n.a.n.a.No Interfaces
Ports and interfaces
NamePhysical PortLogical InterfaceData That Passes
BITS out TOD out (#1)BITS out TOD out (#1)Clock and timingData Output
BITS in TOD in (#2)BITS in TOD in (#2)Clock and timingData Input
OAMP (1) (#3)OAMP (1) (#3)OAMP interfaceControl Input – Status Output
STAT (1)STAT (1)NE status LEDStatus Output
Shelf ID MSB, LSB (2)Shelf ID MSB, LSB (2)Shelf ID Rotary DialsControl Input
STAT (1)STAT (1)Card Status LEDStatus Output
EPS (1)EPS (1)EPS LEDStatus Output
(1)(1)Alarm cut off buttonControl Input
C, M, m, W (4)C, M, m, W (4)Alarm Condition LEDStatus Output
AT (1)AT (1)Attended LEDStatus Output
AB (1)AB (1)Abnormal LEDStatus Output
(1)(1)Type B USB interface Craft: Craft Port (USB signal)Control Input – Status Output
DLAN (1)DLAN (1)Debug LANControl Input – Status Output
DSER (1)DSER (1)Debug Serial In/OutControl Input – Status Output
DNR (1)DNR (1)Do Not Remove LEDStatus Output
CIT (1)CIT (1)OAMP Management (local)Control Input – Status Output
OAMP (1)OAMP (1)OAMP ManagementControl Input – Status Output
E1 (1)E1 (1)OAMP ManagementControl Input – Status Output
RRReset ButtonControl Input
STATSTATCard status LEDStatus Output
1, 2 LED (2)1, 2 LED (2)Transmission status LEDStatus output
1, 2 (2)1, 2 (2)Line InterfaceData Input – Data Output
n.a.n.a.n.a.No Interfaces

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Table 18 - PSS-8 Shelf Panel - Ports and Interfaces

3.4 PSS-24x Interfaces

(1) C, M, m, W (4) (1) R 1, 2 (2) n.a. n.a. Table 19 - PSS-24x Ports and Interfaces Security Policy July 31, 2024 1.5

Page 26
Ports and interfaces
NamePhysical PortLogical InterfaceData That Passes
STAT (1)STAT (1)NE status LEDStatus Output
Shelf ID MSB, LSB (2)Shelf ID MSB, LSB (2)Shelf ID Rotary DialsControl Input
HK IN, HK OUT (2)HK IN, HK OUT (2)Housekeepingn.a. (shelf internal)
RA OUT, RL IN, RL OUT (3)RA OUT, RL IN, RL OUT (3)Rack alarm, Rack Lampn.a. (shelf internal)
SENSOR IN (1)SENSOR IN (1)Interface to sensor cardn.a. (shelf internal)
OAMP (1)OAMP (1)OAMP interfaceControl Input – Status Output
USB (1)USB (1)Type B USB interface Craft: Craft Port (USB signal)Control Input – Status Output
CON (1)CON (1)Serial DebugControl Input – Status Output
CIT (1)CIT (1)OAMP interface (local)Control Input – Status Output
E1E1Inter-Shelf LANNot used
E2E2Inter-Shelf LANNot used
UID/RESETUID/RESETShelf ResetControl Input
n.a.n.a.n.a.
STAT LED (1)STAT LED (1)Card status LEDStatus output
L1, L2 LED (2)L1, L2 LED (2)Transmission status LEDStatus output
C01..C12 LED (12)C01..C12 LED (12)Transmission status LEDStatus output
L1, L2 (2)L1, L2 (2)TransmissionData Input – Data Output
C01..C12 (12)C01..C12 (12)TransmissionData Input – Data Output
n.a.n.a.n.a.No Interfaces
Ports and interfaces
NamePhysical PortLogical InterfaceData That Passes
STAT (1)STAT (1)NE status LEDStatus Output
Shelf ID MSB, LSB (2)Shelf ID MSB, LSB (2)Shelf ID Rotary DialsControl Input
HK IN, HK OUT (2)HK IN, HK OUT (2)Housekeepingn.a. (shelf internal)
RA OUT, RL IN, RL OUT (3)RA OUT, RL IN, RL OUT (3)Rack alarm, Rack Lampn.a. (shelf internal)
SENSOR IN (1)SENSOR IN (1)Interface to sensor cardn.a. (shelf internal)
OAMP (1)OAMP (1)OAMP interfaceControl Input – Status Output
USB (1)USB (1)Type B USB interface Craft: Craft Port (USB signal)Control Input – Status Output
CON (1)CON (1)Serial DebugControl Input – Status Output
CIT (1)CIT (1)OAMP interface (local)Control Input – Status Output
E1E1Inter-Shelf LANNot used
E2E2Inter-Shelf LANNot used
UID/RESETUID/RESETShelf ResetControl Input
n.a.n.a.n.a.
STAT LED (1)STAT LED (1)Card status LEDStatus output
L1, L2 LED (2)L1, L2 LED (2)Transmission status LEDStatus output
C01..C12 LED (12)C01..C12 LED (12)Transmission status LEDStatus output
L1, L2 (2)L1, L2 (2)TransmissionData Input – Data Output
C01..C12 (12)C01..C12 (12)TransmissionData Input – Data Output
n.a.n.a.n.a.No Interfaces

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy 3.4.1 MFC24X Figure 12 - PSS-24x MFC24X - Ports and Interfaces Table 20 - MFC24x - Ports and Interfaces n.a. n.a. n.a. n.a. Table 21

Page 27
Ports and interfaces
NamePhysical PortLogical InterfaceData That Passes
Status (1)Status (1)NE alarm statusStatus Output
OAMP (incl. LED) (1)OAMP (incl. LED) (1)OAMP (GbE)Control Input – Status Output
CON (1)CON (1)Serial Debug
CIT (1)CIT (1)OAMP interface (local)Control Input – Status Output
USB (1)USB (1)Type B USB interface Craft: Craft Port (USB signal)Control Input – Status Output
E1, E2 (incl. LED) (2)E1, E2 (incl. LED) (2)Inter-Shelf LANn.a. (shelf internal)
UID/RESET (1)UID/RESET (1)Shelf ResetControl Input
LED (#1)LED (#1)LED statusStatus Output
LED (#2)LED (#2)LED EPSStatus Output
USB (#3)USB (#3)USBControl Input – Status Output
CIT (#4)CIT (#4)OAMP Management (local)Control Input – Status Output
Ports and interfaces
NamePhysical PortLogical InterfaceData That Passes
Status (1)Status (1)NE alarm statusStatus Output
OAMP (incl. LED) (1)OAMP (incl. LED) (1)OAMP (GbE)Control Input – Status Output
CON (1)CON (1)Serial Debug
CIT (1)CIT (1)OAMP interface (local)Control Input – Status Output
USB (1)USB (1)Type B USB interface Craft: Craft Port (USB signal)Control Input – Status Output
E1, E2 (incl. LED) (2)E1, E2 (incl. LED) (2)Inter-Shelf LANn.a. (shelf internal)
UID/RESET (1)UID/RESET (1)Shelf ResetControl Input
LED (#1)LED (#1)LED statusStatus Output
LED (#2)LED (#2)LED EPSStatus Output
USB (#3)USB (#3)USBControl Input – Status Output
CIT (#4)CIT (#4)OAMP Management (local)Control Input – Status Output
AUX (#5)AUX (#5)Port disabled and cannot be used in FIPS configuration
ES1, ES2 (#6,7)ES1, ES2 (#6,7)Inter-Shelf LANPort enabled, but shall not be used in FIPS configuration
LED (#1)LED (#1)LED statusStatus Output
LED (#8)LED (#8)LED EPSStatus Output
CRAFT (#3)CRAFT (#3)Craft TerminalControl Input – Status Output
CIT (#2)CIT (#2)OAMP Management (local)Control Input – Status Output
ES1, ES2 (#4,5)ES1, ES2 (#4,5)Inter-Shelf LANPort enabled, but shall not be used in FIPS configuration
USB (#6)USB (#6)USBControl Input – Status Output
RST (#7)RST (#7)Reset buttonControl Input
STAT (1)STAT (1)Card Status LEDStatus Output
EPS (1)EPS (1)EPS LEDStatus Output
(1)(1)Alarm cut off buttonControl Input
C (1)C (1)Critical Condition LEDStatus Output
M (1)M (1)Major Condition LEDStatus Output
m (1)m (1)Minor Condition LEDStatus Output
W (1)W (1)Warning Condition LEDStatus Output
AT (1)AT (1)Attended LEDStatus Output
AB (1)AB (1)Abnormal LEDStatus Output
(1)(1)Type B USB interface Craft: Craft Port (USB signal)Control Input – Status Output
DLAN (1)DLAN (1)Debug LANControl Input – Status Output
DSER (1)DSER (1)Debug Serial In/OutControl Input – Status Output
DNR (1)DNR (1)Do Not Remove LEDStatus Output
ES1, ES2 (2)ES1, ES2 (2)Inter-Shelf LANPort enabled, but shall not be used in FIPS configuration
CIT (1)CIT (1)OAMP Management (local)Control Input – Status Output
OAMP (1)OAMP (1)OAMP ManagementControl Input – Status Output
E1 (1)E1 (1)OAMP ManagementControl Input – Status Output
AUXAUXPort enabled, but shall not be used in FIPS configuration
RRReset ButtonControl Input
LED (#1)LED (#1)LED statusStatus Output
L1, L2, L3, L4 (4) (#2)L1, L2, L3, L4 (4) (#2)TransmissionData Input – Data Output
VA1, VA2, VA3, VA4 (4) (#3)VA1, VA2, VA3, VA4 (4) (#3)TransmissionData Output
C1, C2, C3, C4 (4) (#4)C1, C2, C3, C4 (4) (#4)TransmissionData Input – Data Output
LEDs (12) (#2,3,4)LEDs (12) (#2,3,4)TransmissionStatus Output
LED STATLED STATLED statusStatus Output
L1 (1)L1 (1)Line InterfaceData Input – Data Output
C1..C10C1..C10Client XFP interfacesData Input – Data Output
C31..32C31..32Client QSFP interfacesData Input – Data Output
C21C21Client CFP4 interfacesData Input – Data Output
STATSTATCard status LEDStatus Output
C1, C2, C3, C4, VA1/C5, VA2/C6, L1/C7, L1/C8 LED (8)C1, C2, C3, C4, VA1/C5, VA2/C6, L1/C7, L1/C8 LED (8)Transmission status LEDStatus output
C1, C2, C3, C4, VA1/C5, VA2/C6,C1, C2, C3, C4, VA1/C5, VA2/C6,Client/Line InterfaceData Input – Data Output
STATSTATCard status LEDStatus Output
1, 2 LED (2)1, 2 LED (2)Transmission status LEDStatus output
1, 2 (2)1, 2 (2)Line InterfaceData Input – Data Output
n.a.n.a.n.a.No interfaces
LED STATLED STATCard status LEDStatus Output
L1, L2 LED (2)L1, L2 LED (2)Transmission status LEDStatus output
C01..C12 LED (12)C01..C12 LED (12)Transmission status LEDStatus output
L1, L2 (1)L1, L2 (1)Line InterfaceData Input – Data Output
C1..C12C1..C12Client QSFP interfacesData Input – Data Output
n.a.n.a.n.a.No interfaces

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy 3.5.1 PSI-M Chassis Chassis Front Chassis Back Figure 13

Page 28

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy (#6,7) Table 23 - 32EC2 - Ports and Interfaces The physical access to the AUX, ES1, ES2 is prevented by a faceplate which is secured by tamper labels if the module is in approved mode of operation. The AUX channel is disabled in the approved mode of operation and cannot be used. For ES1/ES2, non-usage of ES1/2 is by policy. The ES1/2 are unused in FIPS configurations and instead, the ports are used in non-FIPS multi-shelf configurations. They are, however, only used if the connected shelf is accepted to be a part of the NE. This requires provisioning actions that are prohibited by policy. CSPs are not accessible through ES1/2 and code

3.7 Equipment Controller 8EC2 for PSS-8

Figure 15 - 8EC2 - Ports and Interfaces (#4,5) Table 24 - 8EC2 - Ports and Interfaces The physical access to the ES1, ES2 is prevented by a faceplate which is secured by tamper labels if the module is in approved mode of operation. For ES1/ES2, non-usage of ES1/2 is by policy. The ES1/2 are unused in FIPS configurations and instead, the ports are used in non-FIPS multi-shelf configurations. They are, however, only used if the connected shelf is accepted to be a part of the NE. This requires provisioning actions that are prohibited by policy. CSPs are not accessible through ES1/2 and code 3.8 Equipment Controller CEC2 for PSS-24x Figure 16 - CEC2 - Ports and Interfaces Security Policy July 31, 2024 1.5

Page 29

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy (1) C (1) M (1) m (1) W (1) (1) R Table 25 - CEC2 - Ports and Interfaces

3.9 11QPEN4

The 11QPEN4 has four pluggable client interfaces (C1, C2, C3, and C4), four pluggable line interfaces Figure 10. The client and line interfaces are equipped with XFP transceivers. Each transceiver provides an optical fiber interface for receive and an optical fiber interface for transmit. Each line-client pair (L1-C1, L2-C2, L3-C3, L4-C4) provides an encrypted line port and the associated unencrypted client port. In the transmit direction, unencrypted data in the form of Fibre Channel, Ethernet or OTU2 signals enter a client port and are encrypted and then transmitted out the associated line port. In the receive direction, encrypted data is received on the Line Port and then decrypted and sent out the associated client port. The VOA sockets provide a means to optically attenuate the Line port signals- (They do not access or modify the content of the line port signals). Figure 17 - 11QPEN4 - Ports and Interfaces Table 26 - 11QPEN4 - Ports and Interfaces Security Policy July 31, 2024 1.5

Page 30

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

3.10 S13X100E

The S13X100E has

3.11 8P20

The 8P20 has

Page 31

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy L1/C7, L1/C8 (8) Table 28

3.12 2UC400E

The 2UC400E has

3.13 MEC2

The MEC2 has no interfaces. All needed interfaces (e.g. for OAMP) are accessible at the PSI-M Chassis. n.a. n.a. Table 30

3.14 DFC12E

The DFC12E has

Page 32

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Figure 21

3.15 Filler Card (PSS-32/16II/8/24x PSI-M)

The Filler Card has no transmission functionality. Its main purpose is to guarantee the proper airflow for the cooling of the NE. Figure 22

Page 33
Service
NameDescriptionRolesCsps AccessedApproved FunctionsAccessIndicator
User Account ManagementManage user accounts, password complexity and user privileges via CLI, WebUI interfaceAdminUser Password (all accounts)N/AWLog entry, Command execution returns success indicator
Change User PasswordChange the User password for same account via CLI, Web UI interfaceAdminUser PasswordN/AWLog entry, Command execution returns success indicator
SNMP Configuration and ManagementManage SNMPv3 configurations via CLI, WebUI interfaceAdminSNMPv3 Passphrase SNMPv3 Authentication Key SNMPv3 Privacy KeyAES-CFB128 Keyed Hash Message Authentication SNMPv3 Key Derivation KTS Secure HashE, WLog entry, Command execution returns success indicator
Key and Certificate ManagementManage Keys and Certificates (including Trust Anchors) via CLI, WebUI interfaceAdminTLS Public Key TLS Private Key SSH Private Key SSH Public Key SNMP Certificate Fingerprint CA Public Key SSH User Public Key SFTP SSH User Private Key SFTP Server Public Host KeyRSA/ECDSA Key Pair Generation KTS Secure HashG, E, R, WLog entry, Command execution returns success indicator
Commission the ModuleCommission the module by following the Security Policy guidelines via CLI interfaceAdminNoneN/AN/ALog entry, Command execution returns success indicator
Perform Self- testsPerform on-demand Power-up Self Tests by power cycling the cryptographic moduleAdminNoneA3369, A2502, A3310, A2537, A2538, A2539, A2415, A2416, AES 3844All ephemeral keys/CSP s – ZN/A
Show StatusAllows operator to view status of the parameters associated with FIPS- Approved mode via SNMPv3 and CLI interfacesAdminNoneN/AN/AN/A
Alarms MonitoringAllows operator to view active alarms via SNMPv3 interfacesAdminNoneN/AN/AN/A
Events MonitoringAllows the user to view all logged events associated with their permissions via SNMPv3 interfacesAdminNoneN/AN/AN/A
11QPEN4 Provision EquipmentAllows the user to provision and configure the 11QPEN4 cards via SNMPv3 interfaceAdminNoneN/AN/AN/A
11QPEN4 Provision FacilityAllows the user to provision and configure the facility information associated with 11QPEN4 cards via SNMPv3 interfaceAdminNoneN/AN/AN/A
S13X100E Provision EquipmentAllows the user to provision and configure the S13X100E cards via SNMPv3 interfaceAdminNoneN/AN/AN/A
S13X100E Provision FacilityAllows the user to provision and configure the facility information associated with S13X100E cards via SNMPv3 interfaceAdminNoneN/AN/AN/A
Zeroize KeysZeroize keys and CSPs over SNMPv3 and CLI interfacesAdminSNMPv3 Passphrase SNMPv3 Authentication Key SNMPv3 Privacy Key 11QPEN4 Session Encryption Key 11QPEN4 Session KAT Key S13X100E Session Encryption Key S13X100E Session KAT KeyN/AZLog entry, Command execution returns success indicator
Session initiationInitiate session with another module using AES keys.Admin11QPEN4 Session Encryption Key 11QPEN4 Session KAT Key S13X100E Session Encryption and Authentication Key S13X100E Session Communication Authentication Key S13X100E Session KAT Key 2UC400E Session Encryption Key 2UC400E Session Communication Authentication Key 2UC400E Session KAT KeyAES Encryption/Decrypti on Keyed Hash Message Authentication Secure HashELog entry, Command execution returns success indicator
Zeroize all SSPsZeroize all SSPs over CLI interface using Return-to Factory commandAdminAll SSPsN/AZLED status indicator
Show versionShow the version of the moduleAdminNoneN/AN/AN/A
Establish TLS sessionEstablish TLS sessionAdminCA Public Key TLS Public Key TLS Private Key ECDH Private Key Component ECDH Public Key Component ECDH Peer Public Key Component TLS Pre-Master Secret TLS Master Secret TLS Session Key TLS Authentication Key SNMPv3 Certificate Fingerprint Database Encryption Key AES GCM IV DRBG Seed Entropy Input String DRBG V DRBG KeyAES-CBC, AES- GCM Encryption/Decrypti on Keyed Hash Message Authentication RSA Digital Signature Generation RSA Digital Signature Verification TLS 1.2 Key Derivation RSA Key Generation KAS-ECC-SSC Shared Secret Computation KTS Secure Hash Random Number GenerationG, R, W, ELog entry TLS session completes
Establish SSH sessionEstablish SSH sessionAdminDH Public Key Component DH Private Key Component ECDH Public Key Component ECDH Private Key Component SSH Private Key SSH Public Key SSH Shared Secret SSH Session Key SSH Authentication Key SSH User Public Key SFTP SSH User Private Key SFTP Server Public Host Key Database Encryption Key AES GCM IV DRBG Seed Entropy Input String DRBG V DRBG KeyAES-CTR, AES- GCM Encryption/Decrypti on Keyed Hash Message Authentication ECDSA Digital Signature Generation ECDSA Digital Signature Verification RSA Digital Signature Generation RSA Digital Signature Verification SSHv2 Key Derivation RSA/ECDSA Key Generation KAS-FCC-SSC Shared Secret Computation KAS-ECC-SSC Shared Secret Computation KeyGen for DH KeyVer for DH KTS Secure Hash Random Number GenerationG, R, W, ELog entry SSH session completes
Establish SNMPv3 sessionPerform actions over SNMPv3AdminSNMPv3 Authentication Key SNMPv3 Privacy Key SNMP Certificate FingerprintAES CFB128 Encryption/Decrypti on Keyed Hash Message Authentication KTS SNMPv3 KDF Secure HashW, ELog entry SNMPv3 session completes
Upgrade Application FirmwareLoad FIPS validated application firmwareAdminFirmware Load Authentication KeyRSA Digital Signature VerificationELog entry Show version confirmation
Change Crypto PasswordChange the Crypto password for same accountCryptoCrypto PasswordN/AWN/A
Perform Self- testsPerform on-demand Power-up Self Tests by power cycling the cryptographic moduleCryptoNoneA3369, A2502, A3310, A2537, A2538, A2539, A2415, A2416, AES 3844All ephemeral keys/CSP s – ZN/A
Alarms MonitoringAllows users to view active alarms via SNMPv3 interfacesCryptoNoneN/AN/AN/A
Events MonitoringAllows the user to view all logged events associated with their permissions via SNMPv3 interfacesCryptoNoneN/AN/AN/A
11QPEN4 Line Port WKAT ProvisioningAllows the crypto user to provision and configure the WKAT via SNMPv3 interfaceCrypto11QPEN4 Session KAT key (WKAT Authentication String)KTSWLog entry, Command execution returns success indicator
11QPEN4 Line Port Encryption Key ProvisioningAllows the crypto user to provision and switch the Encryption Key via SNMPv3 interfaceCrypto11QPEN4 Session Encryption KeyKTSWLog entry, Command execution returns success indicator
11QPEN4 Line Port Encryption State ProvisioningAllows the user to provision and configure the facility information associated with 11QPEN4 cards via SNMPv3CryptoNoneN/AN/AN/A
S13X100E Line Port WKAT ProvisioningAllows the crypto user to provision and configure the WKAT via SNMPv3 interfaceCryptoS13X100E Session KAT key (WKAT Authentication String)KTSWLog entry, Command execution returns success indicator
S13X100E Line Port Encryption Key ProvisioningAllows the crypto user to provision and switch the Encryption Key via SNMPv3 interfaceCryptoS13X100E Session Encryption and Authentication KeyKTSWLog entry, Command execution returns success indicator
S13X100E Line Port Encryption State ProvisioningAllows the user to provision and configure the facility information associated with S13X100E cards via SNMPv3CryptoNoneN/AN/AN/A
2UC400E Line Port WKAT ProvisioningAllows the crypto user to provision and configure the WKAT via SNMPv3 interfaceCrypto2UC400E Session KAT key (WKAT Authentication String)KTSWLog entry, Command execution returns success indicator
2UC400E Line Port Encryption Key ProvisioningAllows the crypto user to provision and switch the Encryption Key via SNMPv3 interfaceCrypto2UC400E Session Communication Authentication KeyKTSWLog entry, Command execution returns success indicator
2UC400E Line Port Encryption State ProvisioningAllows the user to provision and configure the facility information associated with 2UC400E cards via SNMPv3CryptoNoneN/AN/ALog entry, Command execution returns success indicator
Zeroize KeysZeroize keys and CSPs over SNMPv3 interfacesCryptoSNMPv3 Passphrase SNMPv3 Authentication Key SNMPv3 Privacy Key 11QPEN4 Session Encryption Key 11QPEN4 Session KAT Key S13X100E Session Encryption Key S13X100E Session KAT KeyN/AZLog entry, Command execution returns success indicator
RoleTypeOperator TypeAuthentication Methods
AdminRoleCOSNMPv3 Authentication, CLI/WebUI Password
CryptoRoleUserSNMPv3 Authentication, CLI Password

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy The module supports identity-based authentication and the module supports two roles:

Page 34

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Perform Selftests s–Z N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A Z E N/A Z N/A N/A N/A Security Policy July 31, 2024 1.5

Page 35

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy G, R, W, E G, R, W, E W, E Security Policy July 31, 2024 1.5

Page 36

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy E Perform Selftests N/A W N/A s–Z N/A N/A N/A N/A N/A N/A N/A W W N/A N/A N/A W W N/A N/A W W N/A N/A N/A Z N/A Table 34 - Approved Services Security Policy July 31, 2024 1.5

Page 37

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Access rights: G = Generate: The module generates or derives the SSP. R = Read: The SSP is read from the module (e.g. the SSP is output). W = Write: The SSP is updated, imported, or written to the module. E = Execute: The module uses the SSP in performing a cryptographic operation. Z = Zeroise: The module zeroises the SSP. Security Policy July 31, 2024 1.5

Page 38
Approved algorithm
NameUse Function
Strength of MechanismAuthenticationKeyword / Password
MechanismMechanismRules
The SNMP v3 Crypto user is created by the user manually at system turn-up. The keyword can be entered from 27 to 32 characters, upper and lower letter case and numeric. There are 26 lower case plus 26 upper case plus 10 digits for a total of 62 characters: with a minimum keyword length of 27, the minimum combinations that are possible are 2,481E+48 or 62^27. The fastest network connection supported by the module is 100 Mbps. Hence at most (100×10^6 × 60 = 6 × 10^9) = 6,000,000,000 bits of data can be transmitted in one minute. Therefore, the probability that a random attempt will succeed or a false acceptance will occur in one minute is 1 : 62^27 possible keywords / ((6 ×10^9 bits per minute) / 64 bits per keyword)), which is 1: 2,481E+48 possible keywords / 93,750,000 keywords per minute), which is 1: 2,646E+40, which is a smaller probability than 1:100,000 as required by FIPS 140-3.SNMPv3 username and keyword for 1830 SMS and NMS The username should not be longer than 21 characters. The username is a human readable string and no more than 21 characters in length, there are no additional SNMPv3 standards for user restrictions.The keyword can be from 27 to 32 characters, using upper- and lower-case letters and numeric digits 0–9. The keyword must be generated by a key generator (to guarantee the required randomness).
(26 lower case + 26 upper case + 10 digits + 14 special characters) = 76 characters X a minimum password length of 12. 7612 = 37,133,262,473,195,501,387,776 After a failed login attempt, the system delays the next login prompt. With this delay, a maximum of 31 attempts can occur in one minute. Therefore, the probability that a random attempt will succeed or a false acceptance will occur in one minute is 1: 37,133,262,473,195,501,387,776 possible passwords / 31 passwords per minute) = 1:1,197,847,176,554,693,593,154 which is a smaller probability than 1 in 100,000 as required by FIPS 140-3.CLI username and password Usernames are strings of 5 to 12 case-sensitive alphanumeric characters where the first character is an alphabetic character. The following special characters are also valid: • % (percent • + (plus sign) • # (pound sign) • _ (underscore)Minimum password length is 12 characters. There are 26 lower case plus 26 upper case plus 10 digits plus 14 special characters for a total of 76 characters. A password is a case- sensitive string of 12 to 32 alphanumeric characters having at least one of the following: • at least one lowercase alphabetic character • at least one uppercase alphabetic character • at least one numeric character • at least one special character The following special characters are valid: % (percent) + (plus sign) # (pound sign) _ (underscore)
RoleAuthentication MethodAuthentication Strength
AdminSNMPv3 Authentication160 bit
CLI/WebUI Authentication160 bit
CryptoSNMPv3 Authentication160 bit
CLI/WebUI Authentication160 bit

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Table 35 - Roles and Authentication The cryptographic module only provides access to a user that assumes a role (Administrator or Crypto) and has a specific identity (username and a password). Users are required to follow password Security Policy July 31, 2024 1.5

Page 39

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy ! (exclamation mark) @ (at sign) $ (dollar sign) ” (double quotation mark) & (ampersand) ' (apostrophe) ( (left parenthesis) ) (right parenthesis) (asterisk) . (period) The first character of the password can be any alphabetic, numeric, or a valid special character. The New Password cannot be the same as or the reverse of the associated username and the password must not have three consecutive identical characters. Table 36 - Strengths of Authentication Mechanisms Security Policy July 31, 2024 1.5

Page 40

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Software/Firmware security A Nokia-Generic is the means to store software and firmware for a PSS-8/16II/32/24x or PSI-M system. The Nokia-Generic consists of a number of RPMs and each RPM contains a number of files.

5.1 Securing RPMs

Each RPM is protected in integrity and authentication (proof of origin) using a digital signature based on:

5.2 Securing Files

Each file is protected in integrity using an integrity check based on

Page 41

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Operational environment The operational environment is non-modifiable.

6.1 Operating System and Hardware Platforms

For the used Operating Systems and Hardware Platforms, please refer to chapter 2 “Cryptographic module specification”.

6.2 FIPS Approved Mode Indicator

The module shall be provisioned as described in chapter 16.1 and physically secured as described in chapter 15. The Admin can unambiguously determine that the module is in approved mode if the tamper-evident labels remain intact. Security Policy July 31, 2024 1.5

Page 42

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Physical security

7.1 Overview

To operate in FIPS Approved mode the tamper-evident labels shall be installed as shown in chapter 15 “Guidance

7.2 Physical boundary

The cryptographic boundary of the 1830 PSS shelves is

7.3 Physical Security Mechanisms

After the tamper seals have been applied to the module, the shelf cannot be accessed without indicating signs of tampering. The multi-chip standalone cryptographic module includes the following physical security mechanisms:

7.4 Tamper-evident labels

Tamper-evident labels shall be installed (by the Crypto Officer (CO)) for the module to operate in a FIPS-approved mode of operation. The following graphics illustrate a tamper-evident label. Figure 23 - Tamper-evident label: intact, illustrates a tamper-evident label with no evidence of tampering. Figure 23 - Tamper-evident label: intact Security Policy July 31, 2024 1.5

Page 43

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Figure 24 - Tamper-evident label: broken, illustrates a tamper-evident label that shows signs of tampering. Note the VOID markings on the solid red label. If any portion of the VOID marking is visible, the equipment is showing signs of potential tampering. Figure 24 - Tamper-evident label: broken Scan labels The tamper-evident labels each have a unique serial number and a linear barcode. The linear barcodes can be scanned while still on the sheet. Broken tamper-evident labels If a tamper-evident label is broken, then the respective module must be considered compromised and must not be used anymore. Non-invasive security The module claims no non-invasive security techniques. Security Policy July 31, 2024 1.5

Page 44
Sensitive security parameter
NameStrengthSecurity FunctionGenerationEstablishmentStorageUseImport ExportZeroisat ion
SNMPv3 PassphraseMinimu m: 27 charact ers, 32 chars: 190 bitsN/AN/AAD/EE KTSPlaintext in volatile memoryDerivation of SNMPv3 privacy and authenticati on keysInput in encrypted form via CLI or WebUI Never exits the moduleReboot; power- cycle
SNMPv3 Privacy Key256- bitsAES CFB128 Encryption/ Decryption A2502N/ADerived internally using SNMP KDFLocal database cleartextEncrypting SNMPv3 packetsNever exits the moduleZeroized when SNMPv3 passphras e is updated with a new one
SNMPv3 Authenticat ion Key160- 256 bitsKeyed-Hash Message Authentication A2502N/ADerived internally using SNMP KDFLocal database cleartextAuthenticat ing SNMPv3 packetsNever exits the moduleZeroized when SNMPv3 passphras e is updated with a new one
11QPEN4 Session Encryption Key (AES-256 key)256- bitsAES-CTR, AES- GCM A2537, A2539Imported across encrypted SNMPv3 link from KMAD/EE KTSStored in write only device registers in FPGAUsed to encrypt traffic dataImported Encrypted, no ExportZeroized on module reset and key switches to new keys
S13X100E Session Encryption and Authenticat ion Key (AES-256 key)256- bitsAES-CTR, AES- GMAC AES 3844Imported across encrypted SNMPv3 link from KMAD/EE KTSStored in write only device registers in FPGAUsed to encrypt traffic dataImported Encrypted, no ExportZeroized on module reset and key switches to new keys
2UC400E Session Encryption Key (AES-256 key)256- bitsAES-CTR, AES- GMAC AES 3844Imported across encrypted SNMPv3 link from KMAD/EE KTSStored in write only device registers in FPGAUsed to encrypt traffic dataImported Encrypted, no ExportZeroized on module reset and key switches to new keys
11QPEN4 Session KAT Key (WKAT Authenticat ion String) (Hexadecim al-Alpha- Numeric- String)N/AAES-ECB A2537, A2539Imported across encrypted SNMPv3 link from KMAD/EE KTSStored within module in plain text in EC flash memory and in ASICUsed to authenticat e traffic data connectionExits the module in plaintext over secured SNMPv3 linkZeroized when new string is entered or when service is deleted
S13X100E Session KAT Key (WKAT Authenticat ion String) (Hexadecim al-Alpha- Numeric- String)N/AAES-ECB AES 3844Imported across encrypted SNMPv3 link from KMAD/EE KTSStored within module in plain text in EC flash memory and in ASICUsed to authenticat e traffic data connectionExits the module in plaintext over secured SNMPv3 linkZeroized when new string is entered or when service is deleted
2UC400E Session KAT Key (WKAT Authenticat ion String) (Hexadecim al-Alpha- Numeric- String)N/AAES-ECB AES 3844Imported across encrypted SNMPv3 link from KMAD/EE KTSStored within module in plain text in EC flash memory and in ASICUsed to authenticat e traffic data connectionExits the module in plaintext over secured SNMPv3 linkZeroized when new string is entered or when service is deleted
S13X100E Session Communica tion Authenticat ion Key (AES-256 key)256- bitsHMAC-SHA2- 256 A2415S13X100E Session Encryption and Authentica tion Key is usedN/AStored AES-256 encrypted in module RAMUsed to authenticat e (with HMAC- SHA256) information exchanged between modulesNo Import, no ExportZeroized on module reset and key switches to new keys
2UC400E Session Communica tion Authenticat ion Key (AES-256 key)256- bitsHMAC-SHA2- 256 A241562UC400E Session Encryption Key is usedN/AStored AES-256 encrypted in module RAMUsed to authenticat e (with HMAC- SHA256) information exchanged between modulesNo Import, no ExportZeroized on module reset and key switches to new keys
User PasswordMinimu m: 12 charact ers 32 chars= 199N/AEntered in module via CLI or Web UIN/ALocal database plaintextAuthenticat ion of UsersEntered Encrypted, no ExportZeroized when password is updated with a new one Return- to- Factory Comman d
AES GCM IV96-bitAES-GCM A3369Generated internallyN/APlaintext in volatile memoryIV for AES GCMNever exits the moduleReboot; power- cycle
DH Private Key Component112- 200 bitsDH Shared Secret Computation A3369Generated internally via Approved DRBGN/APlaintext in volatile memoryGeneration of SSH shared secretsNever exits the moduleReboot; power- cycle; session terminatio n
DH Public Key Component112- 200 bitsDH Shared Secret Computation A3369[for the module] Generated internally via Approved DRBGN/APlaintext in volatile memoryGeneration of SSH shared secrets[for the module] Exits the module in plaintext form [for a peer] Input in plaintext form, never exits the moduleReboot; power- cycle; session terminatio n
ECDH Private Key Component128- 256 bitsECDH Shared Secret Computation A3369Generated internally via Approved DRBGN/APlaintext in volatile memoryGeneration of SSH and TLS shared secretsNever exits the moduleReboot; power- cycle; session terminatio n
ECDH Public Key Component128- 256 bitsECDH Shared Secret Computation A3369[for the module] Generated internally via Approved DRBGN/APlaintext in volatile memoryGeneration of SSH and TLS shared secrets[for the module] Exits the module in plaintext form [for a peer] Input in plaintext form, never exits the moduleReboot; power- cycle; session terminatio n
SSH User Public Key112- 150 bits (RSA) 128- 256 bits (ECDS A)ECDSA Signature Verification RSA Signature Verification A3369N/AAD/EE KTSLocal database AES-128 encryptedPublic key authenticati on (authorized key)Imported in Base64 encoded (PEM) file format via WebUI or CLIZeroized when key is updated with a new one Return- to- Factory command
SFTP SSH User Private Key112- 150 bits (RSA) 128- 256 bits (ECDS A)ECDSA Signature Generation RSA Signature Generation A3369N/AAD/EE KTSLocal database AES-128 encryptedPublic key authenticati on to SFTP server (Identity key)Imported in Base64 encoded (PEM) file format via WebUI or CLIReturn- to- Factory command
SFTP Server Public Host Key112- 150 bits (RSA) 128- 256 bits (ECDS A)ECDSA Signature Verification RSA Signature Verification A3369N/AAD/EE KTSLocal database cleartextAuthenticat ion of SFTP server (known host key)[for the module] Imported in Base64 encoded (PEM) file format via WebUI or CLI [for a peer] Input in plaintext form as part of SSH session negotiation Never exits the moduleReturn- to- Factory command
SSH Private Key112- 150 bits (RSA) 128- 256 bits (ECDS A)ECDSA/RSA Key Generation ECDSA Signature Generation RSA Signature Generation A3369Generated internally via Approved DRBGN/ALocal database AES-128 encryptedAuthenticat ion during SSH session negotiationNever exits the moduleReturn- to- Factory command
SSH Public key112- 150 bits (RSA) 128- 256 bits (ECDS A)ECDSA/RSA Key Generation ECDSA Signature Verification RSA Signature Verification A3369[for the module] Generated internally via Approved DRBGN/ALocal database AES-128 encryptedAuthenticat ion during SSH session negotiation[for the module] Exits the module in plaintext form during SSH session negotiation Exported from module via CLI or WebUI (for install on client for host key authenticat ion) [for a peer] Input in plaintext form as part of SSH session negotiation Never exits the moduleReturn- to- Factory command
SSH Shared Secret112- 200 bits (FFC) 128- 256 bits (ECC)KAS-FFC-SSC, KAS-ECC-SSC Shared Secret Computation A3369N/AKAS-FFC- SSC KAS-ECC- SSC Shared Secret Computatio nPlaintext in volatile memoryDerivation of the SSH Session Key and SSH Authenticat ion KeyNever exits the moduleReboot; power- cycle; session terminatio n
SSH Session Key128- 256 bitsAES-CTR AES-GCM Encryption/Decr yption A3369N/ASSH KDF used to derive keying materialPlaintext in volatile memoryEncryption and decryption of SSH session packetsNever exits the moduleReboot; power- cycle; session terminatio n
SSH Authenticat ion Key256- 512 bitsKeyed-Hash Message Authentication A3369N/ASSH KDF used to derive keying materialPlaintext in volatile memoryAuthenticat ion of SSH session packetsNever exits the moduleReboot; power- cycle; session terminatio n
CA Public Key112- 150 bitsRSA Signature Verification A3369Generated externallyAD/EE KTSLocal database AES-128 encryptedVerificatio n of CA signaturesImported in Base64 encoded (PEM) file format via WebUI or CLIZeroized when certificate is updated with a new one Return- to- Factory command
TLS Private Key112- 150 bitsRSA Key Generation/RSA Signature Generation A3369Generated internally via Approved DRBGLocal database AES-128 encryptedTLS authenticati onNever exits the moduleReturn- to- Factory command
TLS Public Key112- 150 bitsRSA Key Generation/RSA Signature Verification A3369[for the module] Generated internally via Approved DRBG[for the module] Local database AES-128 encrypted [for a peer] Plaintext in volatile memoryTLS authenticati on 1024-bit RSA public keys are used for signature verification only[for the module] Exits the module in plaintext form [for a peer] Input in plaintext form as part of TLS session negotiation Never exits the moduleReturn- to- Factory command
TLS Pre- Master Secret128- 256 bitsKAS-ECC-SSC Shared Secret Computation A3369N/ADerived internally via KAS- ECC-SSC Shared Secret Computatio nPlaintext in volatile memoryDerivation of the TLS Master SecretNever exits the moduleReboot; power- cycle; upon completio n of TLS Master Secret computati on
TLS Master Secret128- 256 bitsKAS-ECC-SSC Shared Secret Computation A3369N/ADerived internally using the TLS Pre- Master Secret via TLS KDFPlaintext in volatile memoryDerivation of the TLS Session Key and TLS Authenticat ion KeyNever exits the moduleReboot; power- cycle; session terminatio n
TLS Session Key128, 256AES-CBC. AES- GCM Encryption/ Decryption A3369N/ADerived internally using the TLS Master Secret via TLS KDFPlaintext in volatile memoryEncryption and decryption of TLS session packetsNever exits the moduleReboot; power- cycle; session terminatio n
TLS Authenticat ion Key256- 384 bitsKeyed-Hash Message Authentication A3369N/ADerived internally using the TLS Master Secret via TLS KDFPlaintext in volatile memoryAuthenticat ion of TLS session packetsNever exits the moduleReboot; power- cycle; session terminatio n
DRBG Seed384 bitsRandom number generation A3369Entropy from ESV (Cert #26) approved platform noise source.N/APlaintext in volatile memoryRandom seed data drawn from Nokia Jitter Entropy(JE NT) and used to seed an implementa tion of the NIST SP 800- 90Ar1 CTR (AES) DRBG.Never exits the moduleReboot; power- cycle
DRBG Key 256-bit AES key256 bitsRandom number generation A3369Internal state generated using CTR_DRB G from [SP800- 90Ar1].N/APlaintext in volatile memory32 bytes AES key stored in the RAM. Used in an implementa tion of the NIST SP 800-90Ar1 CTR (AES) DRBG.Never exits the moduleReboot; power- cycle
DRBG V128 bitsRandom number generation A3369Internal state generated using CTR_DRB G from [SP800- 90Ar1].N/APlaintext in volatile memoryPart of the secret state of the approved DRBG. The value is generated using the methods described in [SP800- 90Ar1].Never exits the moduleReboot; power- cycle
Entropy Input String256 bitsEntropy Source for Random number generation E26Generated internallyN/APlaintext in volatile memoryRandom number generationNever exits the moduleReboot; power- cycle
Firmware Load Authenticat ion KeyN/ARSA Digital Signature Verification A3369N/AN/AHardcoded/emb edded in the application firmware imageSelf-TestN/AN/A
SNMP Certificate Fingerprint256- 512 bitsSecure Hash A3369N/AAD/EE KTSLocal database cleartext, certificate fingerprint onlySNMPv3 user authenticati on for SNMP over TLSImported in hex format over CLI or WebUIZeroized when certificate fingerprin t is updated with a new one Return- to- Factory command
Database Encryption Key128-bitAES-CBC A3369N/AN/AHardcoded/emb edded in the application firmware imageEncryption of SSPs in local databaseN/AReturn- to- Factory Comman d

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Sensitive security parameter management List of SSPs: N/A N/A powercycle 256bits N/A

160256 bits

N/A 256bits 256bits 256bits al-AlphaNumericString) N/A Security Policy July 31, 2024 1.5

Page 45

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy al-AlphaNumericString) al-AlphaNumericString) N/A N/A 256bits HMAC-SHA2256 N/A 256bits HMAC-SHA2256 N/A N/A N/A N/A N/A ReturntoFactory d powercycle powercycle; n HMACSHA256) HMACSHA256)

112200 bits
Page 46

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

112200 bits
128256 bits
128256 bits
112150 bits
128256 bits
112150 bits
128256 bits

A) N/A ReturntoFactory ReturntoFactory Security Policy July 31, 2024 1.5

Page 47

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

112150 bits
128256 bits
112150 bits
128256 bits
112150 bits
128256 bits

A) N/A ReturntoFactory Security Policy July 31, 2024 1.5

Page 48

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

112200 bits
128256 bits
128256 bits

N/A KAS-FFCSSC KAS-ECCSSC n

256512 bits
112150 bits
112150 bits
112150 bits

powercycle; n powercycle; n ReturntoFactory ReturntoFactory ReturntoFactory TLS PreMaster

128256 bits

N/A powercycle; Security Policy July 31, 2024 n 1.5

Page 49

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

128256 bits
256384 bits

N/A powercycle; n powercycle; n powercycle TLS PreMaster N/A [SP80090Ar1]. N/A powercycle [SP80090Ar1]. N/A powercycle Security Policy July 31, 2024 in [SP80090Ar1]. 1.5

Page 50

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy N/A powercycle N/A N/A N/A N/A N/A N/A N/A N/A N/A ReturntoFactory ReturntoFactory d

256512 bits

Table 37 - SSPs Note: The AES-GCM IV is used in the TLS and SSH protocol. For TLS, the AES-GCM IV is internally generated deterministically in compliance with TLSv1.2 GCM cipher suites as specified in RFC 5288 and Section 8.2.1 of NIST SP 800-38D. Per RFC 5246, when the nonce explicit part of the IV exhausts the maximum number of possible values for a given session key, the module will trigger a handshake to ciphersuites from Section 3.3.1 of SP 800- 52 Rev 2. For SSH, the AES GCM IV is constructed in compliance with the SSHv2 specification (RFCs 4252, 4253 and 5647) and only for use within the SSHv2 protocol. Security Policy July 31, 2024 1.5

Page 51
Approved algorithm
NameUse Function
TestTestDescription
Encrypt Known answer test for AES-256 CFB-128.AES Encrypt KAT
Decrypt Known answer test for AES-256 CFB-128.AES Decrypt KAT
Encrypt Known answer test for AES-256 CTR.AES Encrypt FPGA KAT (11QPEN4 cards)
Decrypt Known answer test for AES-256 CTR.AES Decrypt FPGA KAT (11QPEN4 cards)
Encrypt Known answer test for AES-256 GMAC.AES Encrypt ASIC KAT (S13X100E cards)
Decrypt Known answer test for AES-256 GMAC.AES Decrypt ASIC KAT (S13X100E cards)
Known answer test for SHA-1SHA KAT
Known answer test for HMAC-SHA-1HMAC-SHA-1 KAT
Known answer test for HMAC-SHA256HMAC-SHA256 KAT
Details see belowOpenSSL self-test (Nokia openSSL)
Entropy sourcesMinimum number of bits of entropyDetails
8EC2256JENT is used as entropy source
32EC2256JENT is used as entropy source
CEC2256JENT is used as entropy source
MEC2256JENT is used as entropy source

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Table 38 - Non-Deterministic Random Number Generation Specification

10 Self-tests

The 1830 PSS-32/PSS-16II/PSS-8/24x and PSI-M perform known answer tests and critical functions tests at power up. Table 39 - Self-tests Pre-Operational Self-Tests

Page 52

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Conditional Self-Tests

Page 53
AESAdvanced Encryption Standard
AGDAssurance Guidance Documents
ALCAssurance Life Cycle
ANSSIAgence Nationale de la Sécurité des Systèmes d'Information
CIAConfidentiality, Integrity and Availability
CCCommon Criteria
CITCraft Interface Terminal
CLICommand Line Interface
COECentral Office Equipment
CPECustomer Premises Equipment
CTCommercial Temperature
DWDMDense Wavelength Division Multiplexing
ECEquipment Controller

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

11.1 Delivery & Operation

Nokia delivers the module both physically and electronically. The hardware is delivered physically via a trusted carrier. The box is sealed by PVC adhesive tape with identification labels. A tamper free tape is also applied. The box is then belted if required. The software and guidance documentation are retrieved electronically from a web site. Hardware and software items associated with the module are itemized by a unique Nokia Part Number (APN). In addition, each 1830 PSS or 1830 PSI-M shelf can be ordered as a kit with the minimum required equipment for approved operation. The kit is also specified by a unique APN. Final versions of 1830 PSS customer documentation are posted on the Nokia Support portal, a Nokia Extranet site for internal users and external customers with entitlement. If a customer document is reissued, the re-issue is then posted on Nokia Support portal and the previous issue of the document removed.

11.2 Crypto Officer (Admin) Commisioning Guidance

The approved mode of operation has to be prepared by the Crypto Officer (Admin) by following the instructions in chapter 15 and chapter 16. If the module starts up successfully, then the module has passed all self-tests (described in chapter 10) and is operating in the approved mode of operation.

11.3 Tamper-Evident Seal Inspection

The Crypto Officer is responsible for inspecting the tamper-evident labels on the shelves at least every 3 months.

11.4 Decommissioning the module

When a zeroization of all SSPs is needed, because the module shall be decommissioned or taken out of the secured mode of operation, then the Return-to-Factory procedure can be used. Please note, that this erases also all Firmware and thus leads to a need to send the equipment back to the factory before the next use. For details, refer to chapter 16.4.

12 Mitigation of other attacks

The module has not been designed to mitigate any specific attacks beyond the scope of FIPS 140-3 requirements.

13 Acronyms
Page 54
FCFibre Channel
GEGigabit Ethernet
KATKnown Answer Test
KMKey Manager
NENetwork Element
NMNetwork Manager
NOCNetwork Operations Center
OAMPOperations, Administration, Maintenance and Provisoning
OTUOptical Transport Unit
PPProtection Profile
PSSPhotonic Service Switch
QPENQuad Pluggable ENcryption
RBACRole Based Access Control
RFSRemote File Server
SFRSecurity Functional Requirement
SNMPSimple Network Manager Protocol
STSecurity Target
TOETarget of Evaluation
T-ROADMTunable-Reconfigurable Optical Add/Drop Mulitplexer
TSFTOE Security Functions
UIDUser Identifier
VOAVariable Optical Attenuator
VOIPVoice over Internet Protocol
WKATWell Known Answer Test
XFPeXtended Form-factor Pluggable
FIPS
[FIPS 140-3]FIPS PUB 140-3, Security Requirements for Cryptographic Modules
[FIPS 140-3 DTR]Derived Test Requirements for FIPS PUB 140-3, Security Requirements for Cryptographic Modules
[FIPS 140-3 IG]Implementation Guidance for FIPS PUB 140-3 and the Cryptographic Module Validation Program
NIST
[NIST800-38A]Recommendation for Block Cipher Modes of Operation: Methods and Techniques - NIST Special Publication 800-38A
[NIST800-38D]Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC - NIST Special Publication 800-38D
[NIST800-38F]Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping - NIST Special Publication 800-38F

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Table 40 - Acronyms

14 References
Page 55

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

15 Guidance – Physical Installation – Installing Tamper-evident labels
15.1 Procedure 1: Install tamper-evident-labels

Purpose Use this procedure to provision to install the tamper-evident labels on a Nokia 1830 PSS-8/16-II/32. The tamper seals are provided in the Security Label Kit (8DG-6509-AAAA), which is a component of Shelf FIPS Kit: (3KC-13453-AAAA) Steps

  1. When applying tamper-evident labels, ensure that the surface temperature to be sealed is be a minimum of +10°F and a maximum of +167°F.
  2. Ensure that the surface to be sealed is dry. Moisture of any kind can cause a problem. Wipe the area with a clean paper towel.
  3. Ensure that the surface to be sealed is clean. Wipe the area with a clean cloth or paper towel to remove any dust or other loose particles.
  4. If there are possible chemical contaminants (oil, lubricants, release agents, etc), clean the surface with 100% iso-propyl alcohol. Wipe the alcohol dry with clean dry cloth or paper towel. • Note: Avoid using rubbing alcohol; it can leave an oily coating that will interfere with adhesion of the label.
  5. Installed tamper-evident labels shall be cured for 24 hours.
  6. Proceed to the appropriate procedure to install the tamper-evident labels: • PSS-8 • PSS-16II • PSS-32 • PSS-24x • PSI-M Security Policy July 31, 2024 1.5
Page 56

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

15.2 Procedure 1.1: Install the tamper-evident labels on Nokia 1830 PSS-8

Purpose Use this procedure to provision to install the tamper-evident labels on a Nokia 1830 PSS-8. Steps

  1. Place labels 1-4 horizontally over the 4 mounting screws that affix the rear cover to the shelf. Figure 25 - PSS-8 shelf – rear
  2. Place labels 5 and 6 over the over the top cover to wrap the faceplate latches. Figure 26 - PSS-8 shelf – top Security Policy July 31, 2024 1.5
Page 57

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

  1. Place label 7 and 8 vertically over the 2 mounting screws that affix the front cover adaptor to the shelf. Left Right Figure 27 - PSS-8 shelf – left / right
  2. Place labels 9 and 10 over the 2 mounting screws that affix the front cover to the shelf. Figure 28 - PSS-8 shelf – front
  3. The cryptographic boundary of the Nokia 1830 PSS-8 shelf is now sealed.
  4. Log the installation of the tamper evident labels used to be referenced at the time of label inspection. Security Policy July 31, 2024 1.5
Page 58

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

15.3 Procedure 1.2: Install the tamper-evident labels on Nokia 1830 PSS-16II

Purpose Use this procedure to provision to install the tamper-evident labels on a Nokia 1830 PSS-16II. Overview Figure 29

Page 59

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

  1. Place labels 1-5 vertically over the 5 mounting screws that affix the rear cover to the shelf. Figure 31 – PSS-16II shelf - rear
  2. Place labels 6 to 7 vertically over the 2 mounting screws that affix the left bracket to the shelf. Figure 32 - PSS-16II shelf - left Security Policy July 31, 2024 1.5
Page 60

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

  1. Place labels 8 and 9 horizontally over the 2 mounting screws that affix the right bracket to the shelf. Figure 33 - PSS-16II shelf - right
  2. Place labels 10 and 11 vertically over the 2 mounting screws that affix the front cover to the shelf. Place labels 12 and 13 vertically over the 2 mounting screws that affix the front cover to the fan tray. Figure 34 - PSS-16II shelf - front
  3. The cryptographic boundary of the Nokia 1830 PSS-16II shelf is now sealed. Security Policy July 31, 2024 1.5
Page 61

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

15.4 Procedure 1.3: Install the tamper-evident labels on Nokia 1830 PSS-32

Purpose Use this procedure to provision to install the tamper-evident labels on a Nokia 1830 PSS-32. Steps 1. Place labels 1–4 horizontally over the 4 mounting screws that affix the rear cover to the shelf. Figure 35 - PSS-32 shelf

Page 62

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

  1. Wrap labels 5 around one of the 2 mounting screws that affix the bottom shelf cover mounting bracket to the shelf. Figure 36 – PSS-32 shelf – bottom (1)
  2. Wrap label 6 around one of the 2 mounting screws that affix the bottom shelf cover mounting bracket to the shelf. Figure 37 - PSS-32 shelf – bottom (2) Security Policy July 31, 2024 1.5
Page 63

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

  1. Place label 7 over one of the two screws that affix the top air exhaust to the shelf. Place labels 8 and 9 over the 2 mounting screws that affix the front cover to the shelf. Figure 38 - PSS-32 shelf – front
  2. The cryptographic boundary of the Nokia 1830 PSS-32 shelf is now sealed.
  3. Log the installation of the tamper evident labels used to be referenced at the time of label inspection. Security Policy July 31, 2024 1.5
Page 64

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

15.5 Procedure 1.4: Install the tamper-evident labels on Nokia 1830 PSS-24x ETSI variant

Purpose Use this procedure to provision to install the tamper-evident labels on a Nokia 1830 PSS-24x ETSI variant. Steps

  1. Place label 1 over the front door opener and label 2 over the rear door opener.
  2. Place label 3 and 4 over the screws on the left side and place labels 5 and 6 over the screws on the right side. Figure 39 - PSS-24x ETSI rack
  3. The cryptographic boundary of the Nokia 1830 PSS-24x ETSI rack is now sealed. Note: Top and bottom of the PSS-24x rack does not need to be secured as this is implicitly achieved by the steps in this procedure. Security Policy July 31, 2024 1.5
Page 65

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

15.6 Procedure 1.4: Install the tamper-evident labels on Nokia 1830 PSS-24x ANSI variant

Purpose Use this procedure to provision to install the tamper-evident labels on a Nokia 1830 PSS-24x ANSI variant. Steps

  1. Place label 1 and 2 over the screws on the front cover of the PSS-24x ANSI shelf.
  2. Place label 3 and 4 on the left side of the PSS-24x ANSI shelf. Attach the tamper-evident labels over the cover brackets and the central rack-post.
  3. Place label 5 and 6 on the right side of the PSS-24x ANSI shelf. Attach the tamper-evident labels over the cover brackets and the central rack-post. Figure 40 - PSS-24x ANSI shelf – front, left and right Security Policy July 31, 2024 1.5
Page 66

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy 4. 5. 6. 7. 8.

  1. Place label 7 over the border of the TPSC96, as shown in figure below. Place label 8 over the screw on the back wall of the shelf, as shown in figure below. Place label 9, 10 over the thumb screw that secures the TIC. Place label 11 over the thumb screw that secures the MFC24X. Place label 12, 13, 14 over the border between FAN housing and shelf. Place label 15, 16, 17, 18 over the thumb screw that secures the PSF96. FAN TIC 15..18 PSF PSS-24x Rear View MFC TPSC Figure 41 - PSS24x ANSI shelf – rear
  2. The cryptographic boundary of the Nokia 1830 PSS-24x ANSI shelf is now sealed. Security Policy July 31, 2024 1.5
Page 67

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

15.7 Procedure 1.5: Install the tamper-evident labels on Nokia 1830 PSI-M

Purpose Use this procedure to provision to install the tamper-evident labels on a Nokia 1830 PSI-M. Steps

  1. Place labels 1-4 horizontally over the 4 blades and onto the top cover making sure to not cover any air holes or labels. Figure 42 - PSI-M shelf – front
  2. Place label 5 and 6 vertically over the mounting thumb screw for the chassis to mount into the rack. Figure 43 - PSI-M shelf – front left
  3. Place label 7 over the top cover horizontally to cover the chassis and the top cover. Making sure to cover the screw head on the chassis. Figure 44 - PSI-M shelf – top Security Policy July 31, 2024 1.5
Page 68

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

  1. Place Label 8 on the chassis and over the fan grill as shown. Place Labels 9 and 10 over the fan handle. Make sure the fan handle is in the down position and put the make sure it is on the bottom surface of the chassis once on the handles as shown. Figure 45 - PSI-M shelf – rear Label coming onto the bottom surface of the shelf Figure 46 - PSI-M shelf – rear, bottom
  2. The cryptographic boundary of the Nokia 1830 PSI-M shelf is now sealed.
  3. Log the installation of the tamper evident labels used to be referenced at the time of label inspection. Security Policy July 31, 2024 1.5
Page 69

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

16 Guidance – System Configuration Procedures
16.1 Provisioning the 1830 PSS and 1830 PSI-M
16.1.1 Procedure: Provision for FIPS 140-3 Approved Mode of Operation
16.1.1.1 Overview
16.1.1.2 Purpose

This procedure describes how to put the module into the FIPS-Approved mode.

16.1.1.3 Preconditions
16.1.1.4 Communication environment

Important! Until the NE is secured by performing the steps described up to and including chapter 16.1.1.15, it must not be connected to a LAN in order to avoid vulnerabilities. For a FIPS compliant configuration, the NE must run an ECN software load. When the NE is operational, the NE, along with the whole communication network, must be under restricted access. Internet access must be disabled, and access within the customer DCN must be restricted to selected systems, for example the NMS and computers of administrators. The Gateway NE (GNE) does have a rudimentary firewall, but the PSS network should also be protected from network attacks, such as Denial of Service attacks or rogue packets. This protection is typically implemented at the DCN router that connects to the GNE. Additionally, IPSec tunneling between the DCN router and the management system(s) is recommended.

16.1.1.5 10.2.2 NE status

The NE is properly installed and running: The NE is physically assembled, and the software is installed. The NE has booted and can be accessed via CIT.

16.1.1.6 Environment security

Any equipment used to access the NE must be secured through the current state of the art security measures. This applies to computers that the 1830 PSS WebUI user interface or WS-NOC run on, but also, to the use of input devices for such computers. Note: A cordless mouse or keyboard cannot be considered secure. The OWASP (Open Web Application Security Project) community, among others, can provide the best practices in regard to this topic.

16.1.1.7 Communication with the NE

All communication from/to the Management System(s) can be secured using an IPSec tunnel. This is an additional security measure that is not required for most communication channels. The communication channels where this is mandatory, are explicitly shown in the respective chapters. Irrespective of the use of IPSec tunnel, secure protocols (SSH, SNMPv3, HTTPS, etc.) should be used to connect to the NE. The IPSec tunnel is set up between the management system(s) and a DCN router placed next to the NE. From the DCN router to the NE, there is no IPSec tunnel possible, so this physical connection must be physically secured. Note: A FIPS compliant configuration allows secure communication protocols at the OAMP interface only.

16.1.1.8 General steps
16.1.1.9 Before you begin

Refer to the 1830 Photonic Service Switch (PSS) Release 22.12 Command Line Interface Guide [PSS-CLIG] for more detailed information regarding the CLI commands used in this chapter. 16.1.1.10 Preparation When the NE is connected to a DCN while the default user account passwords were not yet changed or ZTP enabled, and keys not set, the NE might be compromised. Required steps:

  1. Disconnect the NE from DCN, if the NE was connected to the DCN before. If the security was already compromised (e.g., illegitimate user accounts were created), the system shall be reset to an initial status wiping out all configuration data. After this, restart the system turn-up procedure. The following command resets the system: config admin factory-reset
  2. From the serial console of the active EC cryptographic module, access CLI as the default administrator 'admin’. Set the NE TID.”
  3. From the serial console of the active EC, login to CLI as default administrator ‘admin’. Security Policy July 31, 2024 1.5
Page 70

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy Execute the following CLI command to set the OAMP IP address. config interface usrpnl oamp ip <ipaddress/mask> 16.1.1.11 Configuration access: CIT Required steps must be executed using a locally connected Craft Interface Terminal (CIT) in order to avoid interference from DCN before the NE is secured. 16.1.1.12 NE keys NE keys and certificates must be generated. Required steps:

  1. Generate an SSH key. crypto key generate all
  2. Generate an SSL key (note: SSL means really TLS). crypto sslkey generate keytype rsa keylen 2048
  3. Get and install a signed TLS X.509v3 certificate. Refer to chapter 16.1.1.13 for more detailed information. Note: When the NE is security hardened it can be connected to the LAN. Note: Please refer to the User Provisioning Guide for more information. 16.1.1.13 Signed SSL/TLS X.509v3 certificate In section 16.1.1.12, an SSL/TLS key was generated. Create a signed X.509v3 certificate for the NE based on this SSL/TLS key. Required steps: Create a signed X.509v3 certificate and load it onto the NE. Use the following commands:
  4. Generate a CSR (Certificate Signing Request): config sslcsr generate
  5. Provision Subject Alternative Names (SAN) if SAN authentication/server authentication is required on the peer. config sslcsr san {add | delete} {<ip-address> |<domain>}
  6. Upload the CSR to a file server: config software server transfer < ip address of server: example 135.104.252.100> config software server transfer protocol sftp config software server transfer userid < user-id-forserver> config software server transfer root <example path: /home/sw1/ SAN8CSR.csr> config software server transfer detail config software server transfer load sslnecsr
  7. Create the certificate by signing the CSR by an external CA (Certificate Authority).
  8. Download the signed certificate to the NE: config software server transfer protocol sftp config software server transfer userid < user-id-forserver> config software server transfer root <example path: /home/sw1/ SAN8certificate.pem> config software server transfer load sslomscsr
  9. Install downloaded certificate: config sslcert yes Be sure to install the NE root certificate on any clients connecting to the WebUI Note: Please refer to the User Provisioning Guide for more information. Security Policy July 31, 2024 1.5
Page 71

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy 16.1.1.14 Secure mode In order to enforce secure (encrypted) protocols, the NE must be set to secure mode. Required step:

  1. Set NE to secure mode via CLI: config admin ui mode encrypted 16.1.1.15 16.1.1.16 User and account administration for NE management TL1, CLI, WebUI, NETCONF/gRPC System security settings The following settings are required to help enforce better security. config admin session maxfailedlogins 5 config admin authentication local password minlength 12 config admin session timeout 15 config admin maxsession 1 config admin minwaitlogin 15 Default local accounts At the time of NE deployment, there are two default accounts: admin and service. admin: The admin account is used to initially configure the NE. This includes creation of additional accounts to manage the NE. service: The service account is used by Nokia service personnel to install the NE and perform maintenance activities. Required steps:
  2. Change the default admin password. config admin users edit admin passwd
  3. Create a non-default account with administrative privileges to be used instead of the default admin account. For example, to create a user named “adminjoe” with administrative privileges, use the following command: config admin users add adminjoe administrator Note: Should you lose the new password, or disable the users, no maintenance access to the system will be available in case of emergency. It is recommended to always create new users with Administrative privilege for periodic work, and to disable the default user permanently. Recommended steps:
  4. Disable the default admin account. config admin users edit admin status disabled
  5. Disable the default service account. config admin users edit service status disabled 16.1.1.17 SNMP The following steps must be executed regardless if the NE is to be managed using SNMP or not. Accounts for SNMP are maintained by the NE. Internal accounts Important! The SNMP user accounts v3IntComDefUser is used for internal purposes. It must not be changed or removed. Default accounts At the time of NE deployment, there are two default accounts: v3DefaultUser and v3DftAdvUser. Required steps:
  6. Disable default accounts: config admin snmpusers edit v3DftAdvUser status disabled config admin snmpusers edit v3DefaultUser status disabled Other predefined accounts If the NE was connected to a DCN before it was secured, other accounts might have been created. If other accounts than the default accounts are present, then those accounts must be deleted unless there is a clear and acceptable reason for them to be there. Required step: Security Policy July 31, 2024 1.5
Page 72

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

  1. Check for additional accounts and delete all non-default accounts (unless they are legitimate). User-defined accounts Required steps:
  2. Create SNMP accounts as needed for accessing management systems.
  3. Configure security options and passwords in alignment with accessing management systems. WS-NOC related accounts WS-NOC connection is not required. If WS-NOC is used, one SNMP user account is needed for the WS-NOC to manage the NE. The WS-NOC account is an SNMPv3 user. Required steps:
  4. Create an SNMPv3 user with the following commands: config admin snmpusers add newnfmuser120 admin aes256sha256 config admin snmpusers edit newnfmuser120 privpasswd 16.1.1.18 Open Agent The Open Agent provides the NETCONF/gRPC interface and is disabled by default. If the Open Agent is enabled, disable it. Required step:
  5. If it was enabled, use the following command to disable Open Agent: config general openagent disabled 16.1.1.19 ZTP (Zero Touch Provisioning) By default, ZTP is enabled. Disable ZTP mode. Required step:
  6. Disable ZTP via an Admin CLI account: config admin ztp disable 16.1.1.20 FIPS squelching Enable fips-squelching mode. Required step:
  7. In CLI, enter: config general fips-squelching enable 16.1.1.21 Maintenance accounts Accounts for maintenance are maintained by the NE. Those accounts are to be distinguished from TL1/CLI/WebUI, SNMP, or GMPLS CP accounts. Default accounts At the time of NE deployment, there are two default accounts: maint1 and maint2. The default status is that they are disabled. Required steps:
  8. Disable remote access to maint1 if it is enabled. config admin system maint1 disable
  9. Change the default passwords. Use an Admin CLI account to change the passwords of maint1 and maint2: config admin system maint1 <password> config admin system maint2 <password> Note: Passwords must available when required for action by service personnel and kept in a safe area. Recommended step:
  10. Disable remote access to maint2 if it is enabled. maint2 has less access rights than maint1 and could be used for remote access while remote access for maint1is disabled. Still, the disabling of remote access to maint2 is recommended. To disable the remote access to maint2, use an Admin CLI account to execute: config admin system maint2 disable 16.1.1.22 Disable local serial console The local serial console can be used for local maintenance actions. For the login the maint1 user will be used. It is required that it is either managed by the autostate feature [see 16.1.1.28] or permanently disabled. To disable it, execute the following command: config admin system maint1 localdisable Note: If all management protocols at the OAMP interface and remote maintenance logins Security Policy July 31, 2024 1.5
Page 73

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy have failed or are disabled, then no maintenance access is possible anymore - neither remote nor local. If the local serial console is enabled, it will be notified by the standing condition MAINT-ALLOWEDLOCAL. The default severity is NR (not reported). It appears in the condition list and logs only. If the severity shall be increased to MJ (major), CR (critical) or WR (warning), then it is automatically present in the alarm list because the FIPS status of the NE is violated in case it is open. 16.1.1.23 16.1.1.24 Remote access is now safe Precondition The required steps described in the preceding sections of the security hardening guidelines were executed. This means that the NE is now hardened to a degree that it is safe to connect to a general network. 16.1.1.25 Allow remote access to the NE The next steps can be done using any management access type that has a secure connection. Configuration access via remote access is now safe, and you may connect to a LAN now. Note: The DCN is secured, using IP ACL throughout the DCN (see DCN Guide for concepts and instructions). 16.1.1.26 16.1.1.27 Physical security Introduction The NE must be in a secure network; see chapter 16.1.1.4. In addition, the communication channel in and out of the NE must be restricted. 16.1.1.28 Customer LAN ports, Embedded Communication Channel (ECC) Recommended steps:

  1. Assign IP Address to OAMP port of TOE: config interface mfc shelf/slot/oamp <ip address for the TOE> config cn routes default add <ip address for DHCP server> 16.1.1.29 16.1.1.30 Services Introduction The following services should only be enabled if they are used. If they are not used, they should be disabled. The following services are covered by this document: NTP, SNMP Traps. 16.1.1.31 NTP with authentication To authenticate the NTP server(s), a key must be provisioned per NTP server used. Required steps:
  2. Establish an authentication key on each NTP server.
  3. Provision each NE receiving time from that server with the authentication key. Note: The length of the NTP Key must be at least 12 characters and the NTP Key hash type must be SHA-1 (Secure Hash Algorithm 1), not MD5 (Message-digest algorithm). 16.1.1.32 SWNE For a FIPS compliant configuration, SWNE functionality must be disabled. NEs can be in a server or in a client role. Required step: Disable the SWNE functionality:
  4. Execute the following command: config general ftpserver disable Note: In case of a software update, SWNE functionality must be enabled temporarily. 16.1.1.33 Installation from USB stick For a FIPS-compliant configuration, use of USB ports is prohibited. The USB ports are therefore sealed and shall not be used. 16.1.1.34 Bluetooth access The NE can be accessed via bluetooth using a bluetooth dongle. For a FIPS-compliant Security Policy July 31, 2024 1.5
Page 74

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy configuration, access via bluetooth must be disabled. Required step:

  1. Execute the following command to disable it: config interface BT state down 16.1.1.35 SFTP client
  2. Provision key-based authentication which supports mutual authentication for SFTP file transfers. The following file transfers support this: • SW download config software server <ip address of server> • Software dynamic download config software dynamic refreshserver • Data backup & restore config database server ip <ip address of server: example 135.104.252.100> config database server protocol sftp config database server userid <user-id-for-server> config database path <example path: /home/sw1/ajayoka/DB> • Log file transfer config transferlog server ip <ip address of server: example
192.168.219.170 >

config transferlog server protocol SFTP config transferlog server userid crypto prompted for <password> config transferlog server port 22 config transferlog path /home/crypto • Syslog file transfer config admin transfersyslog server • System Trust anchor installation file transfer config keystore system trustanchor Note: The parameters are always the same, but the commands differ. The configuration must be done for all used services.

  1. Provision the server and the user credentials on the server.[use server documentation]
  2. Once the provisioning is complete, mutual authentication is available for SFTP. Required steps:
  3. Enable SFTP only if needed.
  4. The recommended password length for the password used for the SFTP server login as a client is 12 characters. Alternatively, use key based authentication. 16.1.1.36 SNMP traps Required step:
  5. Set the SNMP trap destination(s) for 1830 SMS. config snmpserver trapdest add <snmp-server-name> <ip address of server> 1500 3 v3 0 smsuser256 16.1.1.37 TLS
  6. Use TLS 1.2: config admin security tls tls-system version max 1.2 config admin security tls tls-system version min 1.2 config admin security commit Security Policy July 31, 2024 1.5
Page 75

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

16.2 Periodically Check Log Files

The NE stores information in various log files. This log files should be periodically checked. Recommended step: 1. Check log files periodically for anomalies. Show logs all

16.3 On-demand Self-test

A FIPS self-test can be initiated by power cycling the system. (This action will impact service until system fully boots up.) After starting, verify the status of the self-test. FIPSSFMISMATCH or AESFIPSFAILURE conditions must not appear. show condition Security Policy July 31, 2024 1.5

Page 76

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

16.4 De-Provisioning the 1830 PSS and 1830 PSI-M
16.4.1 Procedure: Zeroization of All SSPs
16.4.1.1 Overview
16.4.1.2 Purpose

This procedure describes how to zeroize all SSPs to comply with the Federal Information Processing Standards (FIPS) Publication 140-3 (Security Requirements for Cryptographic Modules), detailing the U.S and Canadian governments' requirements for cryptographic modules.

16.4.1.3 Initiate SSP Zeroization

All SSPs are zeroized when the module executes the command to return it to factory. Administrator privilege is needed to execute this command. Required steps: 1. initiate Return-to-Factory: config admin return-to-factory

16.4.1.4 Finish SSP Zeroization

Zeroizing all SSPs in the module takes some time, so the operator must wait for the internal steps to complete. The Zeroization process is considered completed once all controllers show their LED in Solid Red. Required steps: 1. Wait for all controller card LEDs to show solid red. Security Policy July 31, 2024 1.5

Page 77
[PSS-32 ITUG]1830 Photonic Service Switch (PSS-32) Release 22.12 Installation and System Turn-Up Guide
Issue Date: 2022/12/22 | Issue: 1 | Document: 3KC-71311-PBAA-TJZZA
[PSS-16II ITUG]1830 Photonic Service Switch (PSS-16II) Release 22.12 Installation and System Turn-Up Guide
Issue Date: 2022/12/22 | Issue: 1 | Document: 3KC-71311-PBAA-SMZZA
[PSS-8 ITUG]1830 Photonic Service Switch (PSS-8) Release 22.12 Installation and System Turn-Up Guide
Issue Date: 2022/12/22 | Issue: 1 | Document: 3KC-71311-PBAA-SLZZA
[PSS-24x ITUG]1830 Photonic Service Switch (PSS-24x) Release 22.12 Installation and System Turn-Up Guide
Issue Date: 2022/12/22 | Issue: 1 | Document: 3KC-71311-PBAA-SJZZA
[PSI-M ITUG]1830 Photonic Service Interconnect-M (PSI-M) Release 22.12 Installation and System Turn-Up Guide
Issue Date: 2022/12/22 | Issue: 1 | Document: 3KC-82427-AAAA
[PSS CLIG]1830 Photonic Service Switch (PSS) Release 22.12 Command Line Interface Guide
Issue Date: 2022/12/22 | Issue: 1 | Document: 3KC-71311-PBAA-THZZA

Nokia 1830 PSS/PSI-M R23.3 FIPS 140-3 Security Policy

16.5 Additional Guidance

In additional to direct guidance provided in this security policy, additional detailed guidance is available to registered customers from Nokia documentation web site at documentation.nokia.com. Note: the ITUG and CLIG documents of Release 22.12 are valid for Release 23.3 as well. Security Policy July 31, 2024 1.5