| Standard | FIPS 140-3 |
|---|---|
| Overall level | 1 |
| Module type | Hardware |
| Embodiment | Multi-Chip Stand Alone |
| Status | Active |
| Sunset date | 10/10/2029 |
| Caveat | When installed, initialized and configured as specified in section "Secure Operation" of the Security Policy and operated in approved mode |
| Vendor | Ruckus Wireless LLC |
| Hardware versions | ICX7450-24P-E2, ICX7450-48P-E2, ICX7450-48F-E2 with [ICX7400-4X1GF, ICX7400-4X10GF, ICX7400-4X10GC, ICX7400-1X40GQ, ICX7400-SERVICE-MOD] |
| Algorithm | ACVP Cert |
|---|---|
| AES-CBC | A2345 |
| AES-CFB128 | A2345 |
| AES-CMAC | A2345 |
| AES-CTR | A2345 |
| AES-ECB | A2345 |
| AES-ECB | AES 4550 |
| AES-ECB | AES 5074 |
| AES-GCM | A2345 |
| AES-GCM | AES 4550 |
| AES-GCM | AES 5074 |
| AES-KW | A2345 |
| AES-KWP | A2345 |
| Counter DRBG | A2345 |
| ECDSA KeyGen (FIPS186-4) | A2345 |
| ECDSA SigGen (FIPS186-4) | A2345 |
| ECDSA SigVer (FIPS186-4) | A2345 |
| HMAC-SHA-1 | A2345 |
| HMAC-SHA2-256 | A2345 |
| HMAC-SHA2-384 | A2345 |
| KAS-ECC-SSC Sp800-56Ar3 | A2345 |
| KAS-FFC-SSC Sp800-56Ar3 | A2345 |
| KDF IKEv2 | A2345 |
| KDF SNMP | A2345 |
| KDF SP800-108 | A2345 |
| KDF SSH | A2345 |
| KDF TLS | A2345 |
| RSA KeyGen (FIPS186-4) | A2345 |
| RSA SigGen (FIPS186-4) | A2345 |
| RSA SigVer (FIPS186-4) | A2345 |
| Safe Primes Key Generation | A2345 |
| SHA-1 | A2345 |
| SHA2-256 | A2345 |
| SHA2-384 | A2345 |
flowchart LR
%% Deterministic review-risk graph for Ruckus FastIron ICX ™ 7450 Series Switch/Router
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C1["[high] Firmware / bootloader<br/>versions disclosed<br/>(identity, not provenance)<br/><i>IronWare OS 09.0.10</i>"]
C2["[high] Firmware update / recovery<br/>/ rollback services<br/><i>Update Firmware</i>"]
C3["[high] Unauthenticated /<br/>self-test / status service<br/>surface<br/><i>Perform Self-test<br/>Show Status<br/>Perform Self- test</i>"]
C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>SSH<br/>IKEV</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>bootloader<br/>application</i>"]
end
subgraph Inference["Derived inference"]
I1["Component identity is<br/>disclosed, but provenance<br/>and patch lineage are not."]
I2["Trusted code is reachable<br/>through update and<br/>recovery paths."]
I3["Some services may process<br/>input before, or without,<br/>operator authentication."]
I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R1["Do the vendor version<br/>strings obscure the<br/>upstream baseline, fork<br/>lineage, or known-CVE<br/>exposure?"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E1["SBOM / component baselines<br/>· patch and backport<br/>manifest · CVE disposition"]
E2["update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C1 --> I1 --> R1 --> E1
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C5 --> I5 --> R5 --> E5
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C1,C2,C3,C5,C6 clue;
class I1,I2,I3,I5,I6 infer;
class R1,R2,R3,R5,R6 risk;
class E1,E2,E3,E5,E6 evidence;flowchart LR
%% Deterministic clue tier for Ruckus FastIron ICX ™ 7450 Series Switch/Router
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C1["[high] Firmware / bootloader versions disclosed (identity, not provenance)<br/><i>IronWare OS 09.0.10</i><br/>src: certificate.firmwareVersions"]
C2["[high] Firmware update / recovery / rollback services<br/><i>Update Firmware</i><br/>src: securityPolicy.services"]
C3["[high] Unauthenticated / self-test / status service surface<br/><i>Perform Self-test<br/>Show Status<br/>Perform Self- test</i><br/>src: securityPolicy.services"]
C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>SSH<br/>IKEV</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>bootloader<br/>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C1,C2,C3 clueHigh;
class C5,C6 clueLow;Ruckus FastIron ICX™ 7450 Series Switch/Router Firmware Version: IronWare OS 09.0.10 Document Version: 1.5 Last Update Date: 10-04-2024 Prepared by: Ruckus Wireless LLC Salarpuria Supreme, #137, Marathahalli Bangalore, Karnataka 560037 India www.commscope.com
| # | Section | Page |
|---|---|---|
| 1 | General | 1 |
| 2 | Cryptographic Module Specification | 2 |
| 3 | Cryptographic Module Interfaces | 12 |
| 4 | Roles, Services, and Authentication | 12 |
| 5 | Software/Firmware Security | 19 |
| 6 | Operational Environment | 19 |
| 7 | Physical Security | 19 |
| 8 | Non-Invasive Security | 20 |
| 9 | Sensitive Security Parameter Management | 20 |
| 10 | Self-Test | 27 |
| 11 | Life-Cycle Assurance | 30 |
| 12 | Mitigation of Other Attacks | 31 |
| I. Terms and Definitions | 31 | |
| 10 | Self-tests | 1 |
| Name | ISO Section | Requirement | Level |
|---|---|---|---|
| 1 | 1 | General | 1 |
| 2 | 2 | Cryptographic module specification | 1 |
| 3 | 3 | Cryptographic module interfaces | 1 |
| 4 | 4 | Roles, services, and authentication | 2 |
| 5 | 5 | Software/Firmware security | 1 |
| 6 | 6 | Operational environment | 1 |
| 7 | 7 | Physical security | 1 |
| 8 | 8 | Non-invasive security | N/A |
| 9 | 9 | Sensitive security parameter management | 1 |
| 10 | 10 | Self-tests | 1 |
| 11 | 11 | Life-cycle assurance | 1 |
| 12 | 12 | Mitigation of other attacks | N/A |
This is a non-proprietary cryptographic module security policy for Ruckus FastIron ICX™ 7450 Series Switch/Router (hereinafter referred to as the module). The firmware version running on each module is IronWare OS 09.0.10. This security policy describes how the module meets the FIPS 140-3 Level 1 security requirements, and how to operate the module in an approved mode. This security policy may be freely distributed. FIPS 140-3 (Federal Information Processing Standards Publication 140-3
2. Cryptographic Module Specification Cryptographic Boundary The module is a hardware, multi-chip standalone cryptographic module. The cryptographic boundary is defined as the module’s chassis unit encompassing the "top," "front," "left," "right," “rear” and "bottom" surfaces of the case representing the module’s physical perimeter. This section illustrates the module hardware with the help of photographs. Figure 1 - Front/top side of ICX7450-48P with IPSec module inserted Figure 2 - Back side of ICX7450-48P with IPSec module inserted Figure 3 - Front/top side of ICX7450-24P with ICX7400-4X10GF, ICX7400-4X1GF, ICX7400-4X10GC and ICX7400-1X40GQ and ICX7400-SERVICE MOD
Figure 4- Back side of ICX7450-24P with ICX7400-4X10GC, ICX7400-1X40GQ and ICX7400-4X10GF Figure 5 - Front/top side of ICX7450-48P with ICX74004X1GF, ICX7400-4X10GC and ICX7400-4X10GF
Figure 6 - ICX7450-48P with ICX7400-4X1GF, ICX7400-4X10GF, ICX7400-4X10GC, ICX74001X40GQ, ICX7400-SERVICE-MOD Figure 7 - Front/top side of ICX7450-48F with ICX7400-4X1GF, ICX7400-4X10GC and ICX7400-4X10GF
| Name | Model | Hardware Version | Firmware Version | Features |
|---|---|---|---|---|
| ICX7450-24P | ICX7450-24P | ICX7450-24P-E2 with [ICX7400-4X1GF, ICX7400- 4X10GF, ICX7400-4X10GC, ICX7400-1X40GQ, ICX7400-SERVICE-MOD] | IronWare OS 09.0.10 | ICX7450-24P module has the following physical ports: • 1x RJ-45 Ethernet Mgmt port • 1x USB Type-C serial console port • 24x 10/100/1000 Mbps RJ-45 PoE+ ports In addition, each of the network modules has the following physical ports: • 4x 1GbE SFP ports on ICX7400-4X1GF • 4x 1GbE uplink/stacking SFP+ ports on ICX7400-4X10GF • 4x 1GbE 10GBASE-T copper Ethernet ports on ICX7400- 4X10GC • 1x 4 GbE uplink/stacking QSFP+ ports on ICX7400- 1X40GQ Please refer to Cryptographic Module Interfaces section for more information |
| ICX7450-48P | ICX7450-48P | ICX7450-48P-E2 with [ICX7400-4X1GF, ICX7400- 4X10GF, ICX7400-4X10GC, ICX7400-1X40GQ, ICX7400-SERVICE-MOD] | IronWare OS 09.0.10 | ICX7450-48P module has the following physical ports: • 1x RJ-45 Ethernet Mgmt port • 1x USB Type-C serial console port • 48x 10/100/1000 Mbps RJ-45 PoE+ ports In addition, each of the network modules has the following physical ports: • 4x 1GbE SFP ports on ICX7400-4X1GF • 4x 1GbE uplink/stacking SFP+ ports on ICX7400-4X10GF • 4x 1GbE 10GBASE-T copper Ethernet ports on ICX7400- 4X10GC • 1x 4 GbE uplink/stacking QSFP+ ports on ICX7400- 1X40GQ Please refer to Cryptographic Module Interfaces section for more information |
| ICX7450-48F | ICX7450-48F | ICX7450-48F-E2 with [ICX7400-4X1GF, ICX7400- 4X10GF, ICX7400-4X10GC, ICX7400-1X40GQ, ICX7400-SERVICE-MOD] | IronWare OS 09.0.10 | ICX7450-48F module has the following physical ports: • 1x RJ-45 Ethernet Mgmt port • 1x USB Type-C serial console port • 48x 1GbE SFP ports In addition, each of the network modules has the following physical ports: • 4x 1GbE SFP ports on ICX7400-4X1GF • 4x 1GbE uplink/stacking SFP+ ports on ICX7400-4X10GF • 4x 1GbE 10GBASE-T copper Ethernet ports on ICX7400- 4X10GC • 1x 4 GbE uplink/stacking QSFP+ ports on ICX7400- 1X40GQ Please refer to Cryptographic Module Interfaces section for more information |
The module delivers the performance, flexibility, and scalability required for enterprise access deployment. Table 2 below lists the model and firmware version included in this validation.
Table 2
| Name | CAVP Cert | Mode Method | Key Size | Use Function |
|---|---|---|---|---|
| AES • FIPS197 • SP800-38A | #A2345 | AES-ECB | 128 and 256 bits | Data Encryption/Decryption |
| AES • FIPS197 • SP800-38A | #A2345 | AES-CBC | 128 and 256 bits | Data Encryption/Decryption |
| AES • FIPS197 • SP800-38A | #A2345 | AES-CFB128 | 128 and 256 bits | Data Encryption/Decryption |
| AES • FIPS197 • SP800-38A | #A2345 | AES-CTR | 128 and 256 bits | Data Encryption/Decryption |
| AES • FIPS197 • SP 800-38D | #A2345 | AES-GCM | 128 and 256 bits | Authenticated Encryption/Decryption |
| AES • FIPS197 • FIPS800-38B | #A2345 | AES-CMAC | 128 bits | Assurance of the authenticity |
| AES • SP800-38F | #A2345 | AES-KW | 128 bits | Authenticated Encryption/Decryption |
| AES • SP800-38F | #A2345 | AES-KWP | 128 bits | Authenticated Encryption/Decryption |
| DRBG • SP800-90Arev1 | #A2345 | CTR_DRBG (AES-256 bits) | N/A | Deterministic Random Bit Generation |
| ECDSA • FIPS186-4 | #A2345 | ECDSA KeyGen | Curves: P-256, P-384 | ECDSA Key Generation |
| ECDSA • FIPS186-4 | #A2345 | ECDSA SigGen | Curves: P-256, P-384 | ECDSA Digital Signature Generation |
| ECDSA • FIPS186-4 | #A2345 | ECDSA SigVer | Curves: P-256, P-384 | ECDSA Digital Signature Verification |
| KAS-ECC-SSC • SP800-56Arev3 | #A2345 | KAS-ECC-SSC Scheme: Ephemeral Unified | KAS-ECC-SSC with Curves P-256, P-384, P-521 | KAS-ECC Shared Secret Computation |
| KAS • SP800-56Arev3 | #A2345 | KAS (ECC) Scheme: ephemeralUnified KAS Role: initiator, responderP KAS (KAS-SSC Cert. #A2345, CVL Cert. #A2345 | KAS-ECC with Curves P-256, P-384, P-521; Key establishment methodology provides between 128 and 256 bits of encryption strength | Key Agreement Scheme per SP800-56Arev3 with key derivation function (SP800-135rev1) Note: The module’s KAS (ECC) implementation is FIPS140-3 IG D.F Scenario 2 (path 2) compliant |
| KAS-FFC-SSC • SP800-56Arev3 | #A2345 | KAS-FFC-SSC Scheme: dhEphem | MODP-2048, MODP- 4096, MODP-8192 | KAS-FFC Shared Secret Computation |
| KAS • SP800-56Arev3 | #A2345 | KAS (FFC) Scheme: dhEphem KAS (KAS-SSC Cert. #A2345, CVL Cert. #A2345 | KAS-FFC with MODP- 2048, MODP-4096, MODP-8192 Key establishment methodology provides between 112 and 200 bits of encryption strength | Key Agreement Scheme per SP800-56Arev3 with key derivation function (SP800-135rev1) Note: The module’s KAS (ECC) implementation is FIPS140-3 IG D.F Scenario 2 (path 2) compliant |
| KBKDF • SP800-108rev1 | #A2345 | KDF Mode: Counter | N/A | SP800-108Rev1 Compliant Key Derivation Function (KDF) |
| KDF SSH (CVL) • SP800-135rev1 | #A2345 | SSHv2 KDF | N/A | SP800-135Rev1 Compliant Key Derivation Function (KDF) for SSHv2 |
| KDF TLS (CVL) • SP800-135rev1 | #A2345 | TLSv1.1/1.2 KDF | N/A | SP800-135rev1 Compliant Key Derivation Function (KDF) for TLSv1.1/1.2 |
| KDF SNMP (CVL) • SP800-135rev1 | #A2345 | SNMPv3 KDF | N/A | SP800-135rev1 Compliant Key Derivation Function (KDF) for SNMPv3 |
| KDF IKEv2 (CVL) • SP800-135rev1 | #A2345 | IKEv2 KDF | N/A | SP800-135rev1 Compliant Key Derivation Function (KDF) for IKEv2 |
| KTS (MACSec) • SP800-38F | #A2345 | KTS (AES Cert. #A2345) | Key establishment methodology provides 128 bits of encryption strength | Key Transport using AES-KW/KWP in MACSec |
| KTS (SSH) SP800-38F | #A2345 | KTS (AES Cert. #A2345 and HMAC Cert. #A2345) | Key establishment methodology provides 128 or 256 bits of encryption strength | Key Transport using AES and HMAC in SSH |
| KTS (TLS) • SP800-38F | #A2345 | KTS (AES Cert. #A2345 and HMAC Cert. #A2345) | Key establishment methodology provides 128 or 256 bits of encryption strength | Key Transport using AES and HMAC in TLS |
| KTS (TLS) • SP800-38F | #A2345 | KTS (AES-GCM Cert. #A2345) | Key establishment methodology provides 128 or 256 bits of encryption strength | Key Transport using AES-GCM in TLS |
| SHS • FIPS180-4 | #A2345 | SHA-1 Message Length: 0-51200 Increment 8 | N/A | Secure hashing Note: SHA-1 is not used for digital signature generation |
| SHS • FIPS180-4 | #A2345 | SHA2-256 Message Length: 0-51200 Increment 8 | N/A | Secure hashing |
| SHS • FIPS180-4 | #A2345 | SHA2-384 Message Length: 0-51200 Increment 8 | N/A | Secure hashing |
| HMAC • FIPS198-1 | #A2345 | HMAC-SHA-1 | At least 160 bits | Hash based message authenticate code generation and verification |
| HMAC • FIPS198-1 | #A2345 | HMAC-SHA2- 256 | At least 160 bits | Hash based message authenticate code generation and verification |
| HMAC • FIPS198-1 | #A2345 | HMAC-SHA2- 384 | At least 160 bits | Hash based message authenticate code generation and verification |
| RSA • FIPS186-4 | #A2345 | RSA KeyGen Mode: B.3.3 | Modulus: 2048 bits | Key Generation |
| RSA • FIPS186-4 | #A2345 | RSA SigGen (PKCS 1.5) | Modulus: 2048 bits | Signature Generation |
| RSA • FIPS186-4 | #A2345 | RSA Sigver (PKCS 1.5) | Modulus: 2048 bits | Signature Verification |
| Safe Primes Key Generation • SP800-56Arev3 | #A2345 | N/A | Safe Prime Groups: MODP-2048, MODP- 4096, MODP-8192 | KAS-FFC Keypair domain parameters generation |
| CKG • SP800-133rev2 | Vendor Affirmed | N/A | N/A | Vendor Affirmed Cryptographic Key Generation (CKG) compliant with SP800- 133rev2 and IG D.H The cryptographic module performs Cryptographic Key Generation (CKG) for asymmetric keys as per sections 4 and 5 in SP800-133rev2 (vendor affirmed). A seed (i.e., the random value) used in asymmetric key generation is a direct output from SP800- 90Arev1 CTR_DRBG |
| AES • FIPS197 • SP800-38A | AES #4550 | AES-ECB | 128 bits | ECB is a pre-requisite algorithm for GCM |
| AES • FIPS197 • SP800-38D | AES #4550 | AES-GCM | 128 bits | Authenticated Encryption/Decryption in MACSec |
| AES • FIPS197 • SP800-38A | AES #5074 | AES-ECB | 128 bits | ECB is a pre-requisite algorithm for GCM |
| AES • FIPS197 • SP800-38D | AES #5074 | AES-GCM | 128 bits | Authenticated Encryption/Decryption in IPSec/IKE |
Modes of Operation By default, the module is delivered with a non-approved mode of operation but supports an approved mode of operation. Once the module is configured to operate in the approved mode of operation by following the steps in section "Secure Operation" of this document by the Crypto Officer, the module can only operate in the approved mode. The module does not claim implementation of a degraded mode of operation. The tables below list all approved or vendor-affirmed security functions of the module, including specific key size(s) (in bits unless noted otherwise) employed for Approved services, and implemented modes of operation. There are some algorithm modes that were tested but not implemented by the module. Only the algorithms, modes, and key sizes that are implemented by the module are shown in these tables. Approved Security Functions The module implements the following approved cryptographic algorithms that have been ACVP certified. N/A
N/A N/A N/A
N/A N/A N/A Table 3 - Approved Algorithms (Crypto Library I) Table 4 - Approved Algorithms (Crypto Library II) Table 5 - Approved Algorithms (Crypto Library III)
5288 for TLS. The module is compatible with TLSv1.2 and provides support for the acceptable
GCM cipher suites from SP 800-52 Rev1, Section 3.3.1. The operations of one of the two parties involved in the TLS key establishment scheme were performed entirely within the cryptographic boundary of the module being validated. The counter portion of the IV is set by the module within its cryptographic boundary. When the IV exhausts the maximum number of possible values for a given session key, the first party, client or server, to encounter this condition will trigger a handshake to establish a new encryption key. In case the module’s power is lost and then restored, a new key for use with the AES GCM encryption/decryption shall be established.
7296 for IPSec/IKE. The module uses RFC 7296 compliant IPSec/IKE to establish the shared
secret SKEYSEED from which the AES GCM encryption keys are derived. The operations of one of the two parties involved in the IKE key establishment scheme shall be performed entirely within the cryptographic boundary of the module being validated. When the IV exhausts the maximum number of possible values for a given session key, the first party, client or server, to encounter this condition will trigger a handshake to establish a new encryption key. In case the module’s power is lost and then restored, a new key for use with the AES GCM encryption/decryption shall be established.
| Name | Physical Port | Logical Interface | Data That Passes |
|---|---|---|---|
| Console port, Mgmt port, SFP/SFP+ ports, QSFP+ ports, Ethernet ports | Console port, Mgmt port, SFP/SFP+ ports, QSFP+ ports, Ethernet ports | Data Input | SSH, TLS, SNMPv3, IPSec/IKEv2 or MACSec traffic |
| Console port, Mgmt port, SFP/SFP+ ports, QSFP+ ports, Ethernet ports | Console port, Mgmt port, SFP/SFP+ ports, QSFP+ ports, Ethernet ports | Data Output | SSH, TLS, SNMPv3, IPSec/IKEv2 or MACsec traffic |
| Console port, Mgmt port, SFP/SFP+ ports, QSFP+ ports, Ethernet ports | Console port, Mgmt port, SFP/SFP+ ports, QSFP+ ports, Ethernet ports | Control Input | Control Input |
| Console port, Mgmt port, SFP/SFP+ ports, QSFP+ ports, Ethernet ports, and LEDs | Console port, Mgmt port, SFP/SFP+ ports, QSFP+ ports, Ethernet ports, and LEDs | Status Output | Status information |
| N/A | N/A | Control Output | NA |
| Power | Power | N/A | Provides the power supply to the module |
| Name | Description | Roles | Csps Accessed | Approved Functions | Access | Indicator | Input | Output |
|---|---|---|---|---|---|---|---|---|
| Perform Self-test | Crypto Officer | Command to trigger self-test | The self-tests completion status information | |||||
| Perform Zeroization | Crypto Officer | Command to zeroize the module | The zeroization completion status information | |||||
| Update Firmware | Crypto Officer | Command to upload a new validated firmware | The firmware update completion status information | |||||
| CO Authentication | Crypto Officer | CO role authentication request | Status of the CO role authentication | |||||
| Configuration Management | Crypto Officer | Commands to configure the module | Status of the completion of network related configuration | |||||
| Configure RADIUS Server | Crypto Officer | Commands to configure RADIUS Server | Status of the completion of RADIUS Server configuration | |||||
| Configure SSHv2 Function | Crypto Officer | Commands to configure SSHv2 function | Status of the completion of SSHv2 configuration | |||||
| Configure SSL over TLSv1.1/1.2 Function | Crypto Officer | Commands to configure SSL over TLSv1.1/2 function | Status of the completion of SSL over TLSv1.1/1.2 configuration | |||||
| Configure SNMPv3 Function | Crypto Officer | Commands to configure SNMPv3 function | Status of the completion of SNMPv3 configuration | |||||
| Configure IPsec/IKE Function | Crypto Officer | Commands to configure IPSec/IKE function | Status of the completion of IPSec/IKE configuration | |||||
| Configure MACSec Function | Crypto Officer | Commands to configure MACSec function | Status of the completion of MACSec configuration | |||||
| Account management | Crypto Officer | Command to create user account | The status of the new user accounts | |||||
| Show Version | Crypto Officer | Command to show version | Module’s name and versioning information | |||||
| Show Status | Crypto Officer | Command to get the status of the module | Module’s current status information | |||||
| Port Configuration Management | Crypto Officer | Commands to configure the port parameters of switch/router | Port configuration completion status information | |||||
| Run SSHv2 Function | Crypto Officer | Initiate SSHv2 tunnel establishment request | Status of SSHv2 tunnel establishment | |||||
| Run SSL over TLSv1.1/v1.2 Function | Crypto Officer | Initiate SSL over TLSv1.1/v1.2 tunnel establishment request | Status of TLSv1.1/v1.2 tunnel establishment | |||||
| Run SNMPv3 Function | Crypto Officer | Initiate SNMPv3 tunnel establishment request | Status of SNMPv3 tunnel establishment | |||||
| Run IPSec/IKE Function | Crypto Officer | Initiate IPsec/IKE tunnel establishment request | Status of IPSec/IKE tunnel establishment | |||||
| Run MACSec Function | Crypto Officer | Initiate MACSec tunnel establishment request | Status of MACSec tunnel establishment | |||||
| Show Version | User | Command to show version | Module’s name and versioning information | |||||
| Show Status | User | Command to get the status of the module | Module’s current status information | |||||
| User Authentication | User | User role authentication request | Status of the User role authentication | |||||
| Run SSHv2 Function | User | Initiate SSHv2 tunnel establishment request | Status of SSHv2 tunnel establishment | |||||
| Show Version | Port Config Admin | Command to show version | Module’s name and versioning information | |||||
| Show Status | Port Config Admin | Command to get the status of the module | Module’s current status information | |||||
| Port Config Admin Authentication | Port Config Admin | Port Config Admin role authentication request | Status of the Port Config Admin role authentication | |||||
| Port Configuration Management | Port Config Admin | Commands to configure the port parameters of switch/router | Port configuration completion status information | |||||
| Run SSHv2 Function | Port Config Admin | Initiate SSHv2 tunnel establishment request | Status of SSHv2 tunnel establishment | |||||
| Perform Self- test | The module runs pre-operational self-tests and conditional algorithm Self- tests (CASTs) | Crypto Officer | N/A | N/A | N/A | Self-test completion message | ||
| Perform Zeroization | Zeroize service destroys all SSPs in the module | Crypto Officer | ALL | N/A | Z | Zeroize completion message | ||
| Update Firmware | The module’s firmware is updated to a new version | Crypto Officer | Firmware Load Test Key | RSA SigVer | E | Global indicator and Firmware update completion message | ||
| Show Status | Provide module’s name and current status information | Crypto Officer; User; Port Config Admin | N/A | N/A | R | N/A |
| Name | Key Size | |
|---|---|---|
| Password-based authentication | The minimum length is eight (8) characters (94 possible characters). The probability that a random attempt will succeed or a false acceptance will occur is 1/(948) which is less than 1/1,000,000. The probability of successfully authenticating to the module within one minute is 10/(948), which is less than 1/100,000. The configuration supports at most ten failed attempts to authenticate in a one-minute period. This calculation is based on the assumption that the typical standard American QWERTY computer keyboard has 10 Integer digits, 52 alphabetic characters, and 32 special characters providing 94 characters to choose from in total | Crypto Officer, User, Port Config Admin |
| RSA-based authentication | RSA key pair has modulus size of 2048 bits, thus providing 112 bits of strength, which means an attacker would have a 1 in 2112 chance of randomly obtaining the key, which is much stronger than the one in a million chances required by FIPS 140-3. To exceed a one in 100,000 probability of a successful random key guess in one minute, an attacker would have to be capable of approximately 8.65x10^31 (2112 /60 = 8.65 x 1031) attempts per second, which is less than 1/100,000 | Crypto Officer, User, Port Config Admin |
| ECDSA-based authentication | When configuring the smallest curve P-256, the probability that a random attempt will succeed, or a false acceptance will occur is 1/2^128, which is less than 1/1,000,000. 256 attempts are allowed in a one-minute period. Therefore, the probability of a random success in a one-minute period is 256/2^128, which is less than 1/100,000 | Crypto Officer, User, Port Config Admin |
| Name | Description | Roles | Csps Accessed | Approved Functions | Access | Indicator | Input | Output |
|---|---|---|---|---|---|---|---|---|
| Port Config Admin Authentication | Port Config Admin | Port Config Admin role authentication request | Status of the Port Config Admin role authentication | |||||
| Port Configuration Management | Port Config Admin | Commands to configure the port parameters of switch/router | Port configuration completion status information | |||||
| Run SSHv2 Function | Port Config Admin | Initiate SSHv2 tunnel establishment request | Status of SSHv2 tunnel establishment | |||||
| Perform Self- test | The module runs pre-operational self-tests and conditional algorithm Self- tests (CASTs) | Crypto Officer | N/A | N/A | N/A | Self-test completion message | ||
| Perform Zeroization | Zeroize service destroys all SSPs in the module | Crypto Officer | ALL | N/A | Z | Zeroize completion message | ||
| Update Firmware | The module’s firmware is updated to a new version | Crypto Officer | Firmware Load Test Key | RSA SigVer | E | Global indicator and Firmware update completion message | ||
| Show Status | Provide module’s name and current status information | Crypto Officer; User; Port Config Admin | N/A | N/A | R | N/A | ||
| Show Version | Provide modules version information | Crypto Officer; User; Port Config Admin | N/A | N/A | R | N/A | ||
| CO Authenticatio n | CO role authentication | Crypto Officer | Crypto Officer Password | N/A | G, R, W, E | N/A | ||
| User Authenticatio n | User role authentication | User | User Password | N/A | G, R, W, E | N/A | ||
| Port Config Admin Authenticatio n | Port Config Admin role authentication | Port Config Admin | Port Config Admin Password | N/A | G, R, W, E | N/A | ||
| Configure SSHv2 Function | Configure SSHv2 Function | Crypto Officer | DRBG Entropy Input, DRBG Seed, DRBG Internal State V value, DRBG Key, SSH ECDSA Private Key, SSH ECDSA Public Key, SSH RSA Private Key, SSH RSA Public Key, SSH DH Private Key, SSH DH Public Key, SSH DH Shared Secret Key, SSH ECDH Private Key, SSH ECDH Public Key, SSH ECDH Shared Secret Key, SSH Session Encryption Key, SSH Session Integrity Key | AES-CBC, AES-CTR, CKG, CTR_DRBG, KDF SSH, HMAC-SHA- 1, HMAC-SHA2- 256, KAS-ECC- SSC, KAS (ECC), KAS-FFC- SSC, KAS (FFC), KTS, ECDSA KeyGen, ECDSA SigGen, ECDSA SigVer, RSA KeyGen, RSA SigGen, RSA SigVer, Safe Primes KeyGen | R, W, G | Global indicator and SSH connection success log message | ||
| Configure SSL over TLSv1.1/v1.2 Function | Configure TLSv1.1/v1.2 Function | Crypto Officer | DRBG Entropy Input, DRBG Seed, DRBG Internal State V value, DRBG Key, TLS ECDSA Private Key, TLS ECDSA Public Key, TLS RSA Private Key, TLS RSA Public Key, TLS DH Private Key, TLS DH Public key, TLS DH Shared Secret, TLS ECDH Private Key, TLS ECDH Public key, | AES-ECB, AES-CBC, AES-GCM, CKG, CTR_DRBG, KDF TLS, HMAC-SHA- 1, HMAC-SHA2- 256, HMAC-SHA2- 384, KAS-ECC- SSC, | R, W, G | Global indicator and TLS connection success log message | ||
| KAS (ECC), KAS-FFC- SSC, KAS (FFC), KTS, ECDSA KeyGen, ECDSA SigGen, ECDSA SigVer, RSA KeyGen, RSA SigGen, RSA SigVer, Safe Primes KeyGen | TLS ECDH Shared Secret, TLS Pre-Master Secret, TLS Master Secret, TLS Session Encryption Key, TLS Session Integrity Key | KAS (ECC), KAS-FFC- SSC, KAS (FFC), KTS, ECDSA KeyGen, ECDSA SigGen, ECDSA SigVer, RSA KeyGen, RSA SigGen, RSA SigVer, Safe Primes KeyGen | ||||||
| SNMPv3 Function Configuration | Configure SNMPv3 Function | Crypto Officer | SNMPv3 User Authentication Secret, SNMPv3 Session Encryption Key, SNMPv3 Session Integrity Key | AES-CFB128, KDF SNMP, HMAC-SHA- 1, HMAC-SHA2- 256, HMAC-SHA2- 384 | R, W, G | Global indicator and SNMPv3 connection success log message | ||
| Configure IPsec/IKEv2 Function | Configure IPSec/IKEv2 Function | Crypto Officer | DRBG Entropy Input, DRBG Seed, DRBG Internal State V value, DRBG Key, IPSec/IKE Pre-shared Secret, IPSec/IKE ECDH Private Key, IPSec/IKE ECDH Public Key, IPSec/IKE ECDH Shared Secret, IPSec/IKE DH Private Key, IPSEC/IKE DH Public key, IPSec/IKE DH Shared Secret, IPSec/IKE RSA Private Key, IPSec/IKE RSA Public Key, IPSec/IKE ECDSA Private Key, IPSEC/IKE ECDSA Public Key, IPSec/IKE Session Encryption Key, IPSec/IKE Session Integrity Key | AES-CBC, AES-GCM, CKG, CTR_DRBG, KDF IKEv2, ECDSA KeyGen, ECDSA SigGen, ECDSA SigVer, HMAC-SHA2- 256, HMAC-SHA2- 384, KAS-ECC- SSC, KAS (ECC), KAS-FFC- SSC, KAS (FFC), RSA KeyGen, RSA SigGen, RSA SigVer, Safe Primes KeyGen | G, R, W | Global indicator and IPSec/IKE connection success log message | ||
| Configure MACSec Function | Configure MACSec Function | Crypto Officer | MACSec CAK; MACSec ICK; MACSec KEK; MACSec SAK | AES-CMAC; AES-GCM; AES-KW; AES-KWP; KBKDF; | G, R, W | Global indicator and MACSec connection success log message | ||
| Port Configuration Management | Perform Port Configuration | Crypto Officer; Port Config Admin | Crypto Officer Password; Port Config Admin Password | N/A | R, E | N/A | ||
| Account management | Account Creation | Crypto Officer | Crypto Officer Password; User Password; Port Config Admin Password | N/A | W | N/A | ||
| Run SSHv2 Function | Negotiation and encrypted data transport via SSH | Crypto Officer | DRBG Entropy Input, DRBG Seed, DRBG Internal State V value, DRBG Key, SSH ECDSA Private Key, SSH ECDSA Public Key, SSH RSA Private Key, SSH RSA Public Key, SSH DH Private Key, SSH DH Public Key, SSH DH Shared Secret Key, SSH ECDH Private Key, SSH ECDH Public Key, SSH ECDH Shared Secret Key, SSH Session Encryption Key, SSH Session Integrity Key | AES-CBC, AES-CTR, CKG, CTR_DRBG, KDF SSH, HMAC-SHA- 1, HMAC-SHA2- 256, KAS-ECC- SSC, KAS (ECC), KAS-FFC- SSC, KAS (FFC), KTS, ECDSA KeyGen, ECDSA SigGen, ECDSA SigVer, RSA KeyGen, RSA SigGen, RSA SigVer, Safe Primes KeyGen | R, W, G | Global indicator and SSH connection success log message | ||
| Run SSL over TLSv1.1/v1.2 Function | Negotiation and encrypted data transport via SSL (TLSv1.1/v1.2) | Crypto Officer | DRBG Entropy Input, DRBG Seed, DRBG Internal State V value, DRBG Key, TLS ECDSA Private Key, TLS ECDSA Public Key, TLS RSA Private Key, TLS RSA Public Key, TLS DH Private Key, TLS DH Public key, TLS DH Shared Secret, TLS ECDH Private Key, TLS ECDH Public key, TLS ECDH Shared Secret, TLS Pre-Master Secret, TLS Master Secret, TLS Session Encryption Key, TLS Session Integrity Key | AES-ECB, AES-CBC, AES-GCM, CKG, CTR_DRBG, KDF TLS, HMAC-SHA- 1, HMAC-SHA2- 256, HMAC-SHA2- 384, KAS-ECC- SSC, KAS (ECC), KAS-FFC- SSC, KAS (FFC), KTS, ECDSA KeyGen, | R, W, G | Global indicator and TLS connection success log message | ||
| Run SNMPv3 Function | Negotiation and encrypted data transport via SNMPv3 | Crypto Officer | SNMPv3 User Authentication Secret, SNMPv3 Session Encryption Key, SNMPv3 Session Integrity Key | AES-CFB128, KDF SNMP, HMAC-SHA- 1, HMAC-SHA2- 256, HMAC-SHA2- 384 | R, W, G | Global indicator and SNMPv3 connection success log message | ||
| Run IPSec/IKEv2 Function | Negotiation and encrypted data transport via IPSec | Crypto Officer | DRBG Entropy Input, DRBG Seed, DRBG Internal State V value, DRBG Key, IPSec/IKE Pre-shared Secret, IPSec/IKE ECDH Private Key, IPSec/IKE ECDH Public Key, IPSec/IKE ECDH Shared Secret, IPSec/IKE DH Private Key, IPSEC/IKE DH Public key, IPSec/IKE DH Shared Secret, IPSec/IKE RSA Private Key, IPSec/IKE RSA Public Key, IPSec/IKE ECDSA Private Key, IPSEC/IKE ECDSA Public Key, IPSec/IKE Session Encryption Key, IPSec/IKE Session Integrity Key | AES-CBC, AES-GCM, CKG, CTR_DRBG, KDF IKEv2, ECDSA KeyGen, ECDSA SigGen, ECDSA SigVer, HMAC-SHA2- 256, HMAC-SHA2- 384, KAS-ECC- SSC, KAS (ECC), KAS-FFC- SSC, KAS (FFC), RSA KeyGen, RSA SigGen, RSA SigVer, Safe Primes KeyGen | R, E | Global indicator and IPSec/IKE connection success log message | ||
| Run MACSec Function | Negotiation and encrypted data transport via MACSec | Crypto Officer | MACSec CAK, MACSec ICK, MACSec KEK, MACSec SAK | AES-CMAC, AES-GCM, AES-KW, AES-KWP, KTS, KBKDF | R, E | Global indicator and MACSec connection success log message |
N/A N/A n n n N/A N/A R G, R, W, E N/A G, R, W, E N/A N/A N/A HMAC-SHA1, HMAC-SHA2256, KAS-ECCSSC, KAS-FFCSSC, HMAC-SHA1, HMAC-SHA2256, HMAC-SHA2384, KAS-ECCSSC, R, W, G R, W, G N/A
KAS-FFCSSC, HMAC-SHA1, HMAC-SHA2256, HMAC-SHA2384 HMAC-SHA2256, HMAC-SHA2384, KAS-ECCSSC, KAS-FFCSSC, R, W, G G, R, W G, R, W
N/A HMAC-SHA1, HMAC-SHA2256, KAS-ECCSSC, KAS-FFCSSC, HMAC-SHA1, HMAC-SHA2256, HMAC-SHA2384, KAS-ECCSSC, KAS-FFCSSC, N/A R, E W R, W, G N/A R, W, G N/A
HMAC-SHA1, HMAC-SHA2256, HMAC-SHA2384 HMAC-SHA2256, HMAC-SHA2384, KAS-ECCSSC, KAS-FFCSSC, R, W, G R, E R, E Table 11 - Approved Services G = Generate: The module generates or derives the SSP R = Read: The SSP is read from the module (e.g. the SSP is output)
W = Write: The SSP is updated, imported, or written to the module E = Execute: The module uses the SSP in performing a cryptographic operation Z = Zeroise: The module zeroises the SSP Unauthenticated Services The services for someone without an authorized role are to view the status output from the module’s LEDs and to cycle power the module.
| Name | Strength | Security Function | Generation | Establishment | Storage | Zeroization | Import Export | Key/SSP Name/Type |
|---|---|---|---|---|---|---|---|---|
| Used to seed the DRBG | 384 bits | N/A | Generated from noise source | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | DRBG Entropy Input |
| Used DRBG generation | 256 bits | DRBG Cert. #A2345 | Internally Derived from entropy input string as defined by SP800-90Arev1 | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | DRBG Seed |
| Used DRBG generation | 256 bits | DRBG Cert. #A2345 | Internally Derived from entropy input string as defined by SP800-90Arev1 | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | DRBG Internal State V value |
| Used DRBG generation | 256 bits | DRBG Cert. #A2345 | Internally Derived from entropy input string as defined by SP800-90Arev1 | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | DRBG Key |
| Used for Port Config Admin authentication | 8 to 60 Characters | N/A | N/A | MD/EE | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: Encrypted by SSH session key Export: No | Port Config Admin Password |
| Used for Crypto Officer authentication | 8 to 60 Characters | N/A | N/A | MD/EE | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: Encrypted by SSH session key Export: No | Crypto Officer Password |
| Used for User authentication | 8 to 60 Characters | N/A | N/A | MD/EE | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: Encrypted by SSH session key Export: No | User Password |
| Used for RADIUS Server authentication | 8 to 64 Characters | N/A | N/A | MD/EE | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: Encrypted by SSH session key Export: No | RADIUS Secret |
| Used for SSH authentication | P-256, P- 384 | CKG, DRBG, ECDSA KeyGen, ECDSA SigGen Cert. #A2345 | Internally generated conformant to SP800-133r2 (CKG) using FIPS 186-4 ECDSA key generation method, and the random value used in key generation is generated using | N/A | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | SSH ECDSA Private Key |
| Used for SSH authentication | P-256, P- 384 | ECDSA SigVer Cert #A2345 | Internally derived per the FIPS 186-4 ECDSA key generation method | N/A | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: to the SSH peer application | SSH ECDSA Public Key |
| Used for SSH authentication | 2048 bits | CKG, DRBG, RSA KeyGen, RSA SigGen Cert. #A2345 | Internally generated conformant to SP800-133r2 (CKG) using FIPS 186-4 RSA key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG | N/A | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | SSH RSA Private Key |
| Used for SSH authentication | 2048 bits | RSA SigVer Cert #A2345 | Internally derived per the FIPS 186-4 RSA key generation method | N/A | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: to SSH peer application | SSH RSA Public Key |
| Used to derive SSH DH Shared secret | MODP- 2048, 4096, 8192 bits | CKG, DRBG, KAS-FFC-SSC Cert. #A2345 | Internally generated. conformant to SP800-133r2 (CKG) using SP800-56Arev3 Diffie-Hellman key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | SSH DH Private Key |
| Used to derive SSH DH Shared secret | MODP- 2048, 4096, 8192 bits | KAS-FFC-SSC Cert. #A2345 | Internally derived internally per the Diffie-Hellman key agreement (SP800-56Arev3) | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: to SSH peer application | SSH DH Public Key |
| Used to derive SSH Session Encryption Key, SSH Session Integrity Key | MODP- 2048, 4096, 8192 bits | KAS-FFC-SSC Cert. #A2345 | Internally derived using SP800-56A rev3 EC Diffie-Hellman shared secret computation | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | SSH DH Shared Secret |
| Used to derive SSH ECDH Shared secret | P-256, P-384, P-521 | CKG, DRBG, KAS-ECC-SSC Cert. #A2345 | Internally generated. conformant to SP800-133r2 (CKG) using SP800-56Arev3 EC Diffie-Hellman key generation method, and the random value used in key generation | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | SSH ECDH Private Key |
| Used to derive SSH ECDH Shared secret | P-256, P-384, P-521 | KAS-ECC-SSC Cert. #A2345 | Internally derived internally per the EC Diffie-Hellman key agreement (SP800-56Arev3) | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: to SSH peer application | SSH ECDH Public Key |
| Used to derive SSH Session Encryption Key SSH Session Integrity Key | P-256, P-384, P-521 | KAS-ECC-SSC Cert. #A2345 | Internally derived using SP800-56A rev3 EC Diffie-Hellman shared secret computation | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | SSH ECDH Shared Secret |
| Used for SSH session confidentiality protection | 128, 256 bits | AES-CTR, KDF SSH, KTS Cert. #A2345 | Internally derived via key derivation function defined in SP800-135rev1 KDF (SSHv2) | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | SSH Session Encryption Key |
| Used for SSH session integrity protection | At least 160 bits | HMAC-SHA-1, HMAC-SHA2- 256, KDF SSH Cert. #A2345 | Internally derived via key derivation function defined in SP800-135rev1 KDF (SSHv2) | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | SSH Session Integrity Key |
| Used to authenticate IPsec/IKE peer | 8 to 60 Characters | N/A | N/A | MD/EE | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: Encrypted by SSH session key Export: No | IPSec/IKE Pre-Shared Secret |
| Used to derive IPSec/IKE ECDH Shared secret | P-256, P- 384 | CKG, DRBG, KAS-ECC-SSC Cert. #A2345 | Internally generated. conformant to SP800-133r2 (CKG) using SP800-56Arev3 EC Diffie-Hellman key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | IPSec/IKE ECDH Private Key |
| Used to derive IPSec/IKE ECDH Shared secret | P-256, P- 384 | KAS-ECC-SSC Cert. #A2345 | Internally derived internally per the EC Diffie-Hellman key agreement (SP800-56Arev3) | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: to the IPSec/IKE peer application | IPSec/IKE ECDH Public Key |
| Used to derive IPSec/IKE Session Encryption Key, IPSec/IKE session Integrity Key | P-256, P- 384 | KAS-ECC-SSC Cert. #A2345 | Internally derived using SP800-56A rev3 EC Diffie-Hellman shared secret computation | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | IPSec/IKE ECDH Shared Secret |
| Used to derive IPSec/IKE DH Shared secret | MODP- 2048 | CKG, DRBG, KAS-FFC-SSC Cert. #A2345 | Internally generated. conformant to SP800-133r2 (CKG) using SP800-56Arev3 Diffie-Hellman key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | IPSec/IKE DH Private Key |
| Used to derive IPSec/IKE DH Shared secret | MODP- 2048 | CKG, DRBG, KAS-FFC-SSC Cert. #A2345 | Internally derived internally per the Diffie-Hellman key agreement (SP800-56Arev3) | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: to IPSec/IKE peer application | IPSec/IKE DH Public key |
| Used to derive IPSec/IKE Session Encryption Key, IPSec/IKE Session Integrity Key | MODP- 2048 | KAS-FFC-SSC Cert. #A2345 | Internally derived using SP800-56Arev3 Diffie-Hellman shared secret computation | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | IPSec/IKE DH Shared Secret |
| Used for IPSec/IKE authentication | 2048 bits | CKG, DRBG, RSA KeyGen, RSA SigGen Cert. #A2345 | Internally generated conformant to SP800-133r2 (CKG) using FIPS 186-4 RSA/RSA key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG | N/A | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | IPSec/IKE RSA Private Key |
| Used for IPSec/IKE authentication | 2048 bits | CKG, DRBG, RSA KeyGen RSA SigVer Cert. #A2345 | Internally derived per the FIPS 186-4 RSA key generation method | N/A | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: to IPSec/IKE peer application | IPSec/IKE RSA Public Key |
| Used for IPSec/IKE authentication | P-256, P- 384 | CKG, DRBG, ECDSA KeyGen, ECDSA SigGen Cert. #A2345 | Internally generated conformant to SP800-133r2 (CKG) using FIPS 186-4 ECDSA key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG | N/A | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | IPSec/IKE ECDSA Private Key |
| Used for IPSec/IKE authentication | P-256, P-384 | CKG, DRBG, ECDSA KeyGen, | Internally derived per the FIPS 186-4 | N/A | Flash (plaintext) | Zeroized by SSP (CSP/PSP) | Import: No | IPSec/IKE ECDSA Public Key |
| ECDSA SigVer Cert. #A2345 | ECDSA SigVer Cert. #A2345 | ECDSA key generation method | Zeroization Command | Export: to IPSec/IKE peer application | ||||
| Used for IPSec/IKE session confidentiality protection | 128, 256 bits | AES-CBC Cert. #A2345, AES-GCM Cert. #5074 | Internally derived via key derivation function defined in SP800-135rev1 KDF (IKEv2) | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | IPSec/IKE Session Encryption Key |
| Used for IPSec/IKE session integrity protection | At least 160 bits | HMAC-SHA2- 256, HMAC-SHA2- 384 Cert. #A2345 | Internally derived via key derivation function defined in SP800-135rev1 KDF (IKEv2) | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | IPSec/IKE Session Integrity Key |
| SNMPv3 User Authentication | 8 to 20 characters | N/A | Please see Establishment | MD/EE | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: Encrypted by SSH session key Export: No | SNMPv3 User Authenticati on Secret |
| Used for SNMPV3 session confidentiality protection | 128 bits | AES-CFB128, KDF SNMP Cert. #A2345 | Internally derived via key derivation function defined in SP800-135rev1 KDF (SNMPv3) | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | SNMPv3 Session Encryption Key |
| Used for SNMPv3 session integrity protection | At least 160 bits | HMAC-SHA-1, KDF SNMP Cert. #A2345 | Internally derived via key derivation function defined in SP800-135rev1 KDF (SNMPv3) | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | SNMPv3 Session Integrity Key |
| Used for TLS authentication | P-256, P- 384 | CKG, DRBG, ECDSA KeyGen, ECDSA SigGen Cert. #A2345 | Internally generated conformant to SP800-133r2 (CKG) using FIPS 186-4 ECDSA key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG | N/A | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | TLS ECDSA Private Key |
| Used for TLS authentication | P-256, P- 384 | ECDSA SigVer Cert. #A2345 | Internally derived per the FIPS 186-4 ECDSA key generation method | N/A | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: to TLS peer application | TLS ECDSA Public Key |
| Used for TLS authentication | 2048 bits | CKG, DRBG, RSA KeyGen, RSA SigGen, Cert. #A2345 | Internally generated conformant to SP800-133r2 (CKG) using FIPS 186-4 RSA key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG | N/A | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | TLS RSA Private Key |
| Used for TLS authentication | 2048 bits | RSA SigVer Cert. #A2345 | Internally derived per the FIPS 186-4 RSA key generation method | N/A | Flash (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: to TLS peer application | TLS RSA Public Key |
| Used to derive TLS DH Shared secret | MODP- 2048 | CKG, DRBG, KAS-FFC-SSC Cert. #A2345 | Internally generated. conformant to SP800-133r2 (CKG) using SP800-56Arev3 Diffie-Hellman key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | TLS DH Private Key |
| Used to derive TLS DH Shared secret | MODP- 2048 | KAS-FFC-SSC Cert. #A2345 | Internally derived internally per the Diffie-Hellman key agreement (SP800-56Arev3) | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: to TLS peer application | TLS DH Public Key |
| Used to derive TLS Session Encryption | MODP- 2048 | KAS-FFC-SSC Cert. #A2345 | Internally derived using SP800-56A rev3 | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) | Import: No Export: No | TLS DH Shared Secret |
| Key, TLS Session Integrity Key | Diffie-Hellman shared secret computation | Zeroization Command | ||||||
| Used to derive TLS ECDH Shared Secret | P-256, P- 384 | CKG, DRBG, KAS-ECC-SSC Cert. #A2345 | Internally generated. conformant to SP800-133r2 (CKG) using SP800-56Arev3 EC Diffie-Hellman key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | TLS ECDH Private Key |
| Used to derive TLS ECDH Shared secret | P-256, P- 384 | KAS-ECC-SSC Cert. #A2345 | Internally derived internally per the EC Diffie-Hellman key agreement (SP800-56Arev3) | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: to TLS peer application | TLS ECDH Public key |
| Used to derive TLS Session Encryption Key, TLS Session Integrity Key | P-256, P- 384 | KAS-ECC-SSC Cert. #A2345 | Internally derived using SP800-56A rev3 EC Diffie-Hellman shared secret computation | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | TLS ECDH Shared Secret |
| Used to derive TLS Session Encryption Key, TLS Session Integrity Key | 256 bits | N/A | Internally derived via key derivation function defined in SP800-135rev1 KDF (TLSv1.1/1.2) | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | TLS Pre- Master Secret |
| TLS pre master secret, TLS Encryption Key TLS Session Integrity Key | 48 bytes | N/A | Internally derived via key derivation function defined in SP800-135rev1 KDF (TLSv1.1/1.2) | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | TLS Master Secret |
| Used for TLS session confidentiality protection | 128 or 256 bits | AES-ECB, AES-CBC, AES-GCM, KDF TLS, KTS Cert. #A2345 | Internally derived via key derivation function defined in SP800-135 rev1 KDF TLSv1.1/1.2 KDF | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | TLS Session Encryption Key |
| Used for TLS session integrity protection | At least 160 bits | KDF TLS HMAC-SHA2- 256, HMAC-SHA2- 384 Cert. #A2345 | Internally derived via key derivation function defined in SP800-135 rev1 KDF TLSv1.1/1.2 | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | TLS Session Integrity Key |
| Used to derive MACSec ICK and MACSec KEK | 128 bits | N/A | N/A | MD/EE | Flash (plaintext) | Explicit zeroization by zeroization command | Import: Encrypted by SSH session key Export: No | MACSec CAK |
| used for MACSec Peer authentication | 128 bits | AES-CMAC, KBKDF Cert. #A2345 | Internally derived using SP800-108 KDF | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | MACSec ICK |
| Used to transport MACSec SAK to MACSec Peer | 128 bits | AES-KW, AES-KWP, KBKDF, KTS Cert. #A2345 | Internally derived using SP800-108 KDF | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: No | MACSec KEK |
| Used for MACSec session protection | 128 bits | AES-CMAC KBKDF, Cert. #A2345 AES-GCM AES Cert: #4550 | Internally derived using SP800-108 KDF | N/A | DRAM (plaintext) | Zeroized by SSP (CSP/PSP) Zeroization Command | Import: No Export: Encrypted by MACSec KEK | MACSec SAK |
| User for Firmware load test | 2048 bits | RSA SigVer, SHA2-256 Cert. #A2345 | Pre-loaded at the factory (in the module’s executable binary) | N/A | Flash (Plaintext) | N/A | N/A | Firmware Load Test Key |
HMAC-SHA2256, HMAC-SHA2384 N/A N/A N/A N/A N/A
P-256, P384 P-256, P384 P-256, P384 TLS PreMaster N/A N/A HMAC-SHA2256, HMAC-SHA2384 N/A N/A N/A N/A N/A N/A N/A N/A N/A
| Name | Key Size | ||
|---|---|---|---|
| Details | Entropy sources | Minimum number of | |
| The system tick clock/register as the single entropy source to provide the sufficient entropy to seed the SP800-90Arev1 DRBG (DRBG Cert. #A2345). The entropy source was directly used to seed the DRBG without the entropy conditioning process. Please refer to entropy report for details | 256 bits | ENT (NP). Periodic sampling of the high- precision CPU clock within the ARM CPU is the only single entropy source used to seed the SP800-90Arev1 DRBG (DRBG Cert. #A2345) | |
| Error State Indicator | Cause of Error | ||
| Pre-operational Firmware Integrity Test Fails | Pre-operational Firmware Integrity Test Fails | FIPS: Crypto module POST Failed | |
| Conditional CAST Fails | Conditional CAST Fails | FIPS Fatal Cryptographic Module Failure. Reason: <Reason String> | |
| Conditional PCT Fails | Conditional PCT Fails | Pairwise consistency check failed | |
| Firmware Load Test Fails | Firmware Load Test Fails | FIPS: Firmware Integrity Test: Package Checksum Verification: FAIL |
N/A N/A N/A N/A N/A N/A Table 12 - SSPs Notes:
module reboot. The module permits operators to initiate the pre-operational or conditional self-tests on demand for periodic testing of the module by rebooting the system (i.e., power-cycling). Pre-Operational Self-Tests:
In addition, the module also performs the Conditional Cryptographic Algorithm Self-tests to the following two AES-GCM algorithms: o o o
In addition, the Crypto Officer shall perform the periodic test on demand no more than 10 days to ensure all components are functioning correctly.
| Name | Term | Definition |
|---|---|---|
| FIPS | FIPS | Federal Information Processing Standard |
| CC | CC | Common Criteria |
| HMAC | HMAC | Keyed-Hash Message Authentication Code (RFC2104) |
| POST | POST | Power-on Self-Test |
| PKI | PKI | Public Key Infrastructure |
| PSK | PSK | Pre-shared keys |
| RSA | RSA | Rivest, Shamir and Aldeman Public/Private Key |
| RNG | RNG | Random Number Generator |
| SSL | SSL | Secure Socket Layer, used in HTTPS protocol for payload encryption. |
| TLS | TLS | Transport Layer Security, successor to SSL, used in HTTPS protocol for payload encryption. |
| KAT | KAT | Known Answer Test |
| DSS | DSS | Digital Signature Standard |
| DSA | DSA | Digital Signature Algorithm, proposed by NIST in 1991 for FIPS 186-x |
| DES | DES | Data Encryption Standard (single DES should not be used see TDEA) |
| NDPP | NDPP | Network Devices Protection Profile |
| DRBG | DRBG | Deterministic Random Bits Generator |
End of Life / Sanitization Crypto Officers should follow the procedure below for the secure destruction of their module: Note: This process will cause the module to no longer function after it has wiped all 1. 2. 3. a.
| ACVP | Automated Cryptographic Validation Program |
|---|---|
| NDcPP | Network Device collaborative protection profile |