| Standard | FIPS 140-3 |
|---|---|
| Overall level | 2 |
| Module type | Hardware |
| Embodiment | Multi-Chip Stand Alone |
| Status | Active |
| Sunset date | 9/21/2030 |
| Caveat | When installed, initialized and configured as specified in Section Secure Operation in Section 11 of the Security Policy. The tamper evident seals installed as indicated in the Security Policy |
| Vendor | Nokia Corporation |
| Algorithm | ACVP Cert |
|---|---|
| AES-CBC | A4956 |
| AES-CCM | A4956 |
| AES-CMAC | A4958 |
| AES-CTR | A4956 |
| AES-ECB | A4958 |
| AES-GCM | A4956 |
| Counter DRBG | A4958 |
| ECDSA KeyGen (FIPS186-4) | A4958 |
| ECDSA SigGen (FIPS186-4) | A4958 |
| ECDSA SigVer (FIPS186-4) | A3366 |
| HMAC-SHA-1 | A4956 |
| HMAC-SHA2- 256 | A4956 |
| HMAC-SHA2- 384 | A4956 |
| HMAC-SHA2- 512 | A4956 |
| KAS-ECC-SSC Sp800-56Ar3 | A4958 |
| KAS-FFC-SSC Sp800-56Ar3 | A4958 |
| KDF IKEv2 (CVL) | A4958 |
| KDF SNMP (CVL) | A4958 |
| KDF SSH (CVL) | A4958 |
| PBKDF | A4958 |
| RSA KeyGen (FIPS186-4) | A4958 |
| RSA SigGen (FIPS186-4) | A4958 |
| RSA SigVer (FIPS186-4) | A4958 |
| SHA-1 | A4956 |
| SHA2-256 | A3366 |
| SHA2-384 | A4956 |
| SHA2-512 | A4948 |
| TLS v1.2 KDF RFC7627 (CVL) | A4958 |
| TLS v1.3 KDF (CVL) | A4958 |
| Requirement area | Level |
|---|---|
| Cryptographic Module Specification | 2 |
| Cryptographic Module Interfaces | 3 |
| Roles, Services, and Authentication | 4 |
| Software/Firmware Security | 5 |
| Operational Environment | 6 |
| Physical Security | 7 |
| Non-Invasive Security | N/A |
| Self-Tests | 1 |
| Life-Cycle Assurance | 1 |
| Mitigation of Other Attacks | N/A |
flowchart LR
%% Deterministic review-risk graph for Infinera G42
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C2["[high] Firmware update / recovery<br/>/ rollback services<br/><i>Firmware Load Test<br/>Firmware Update</i>"]
C3["[high] Unauthenticated /<br/>self-test / status service<br/>surface<br/><i>Block Ciphers (SNMPv3)<br/>Block Ciphers (SSHv2)<br/>Block Ciphers (TLSv1.2/v1.3)</i>"]
C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>SSH<br/>IKEV</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>kernel<br/>bootloader<br/>application</i>"]
end
subgraph Inference["Derived inference"]
I2["Trusted code is reachable<br/>through update and<br/>recovery paths."]
I3["Some services may process<br/>input before, or without,<br/>operator authentication."]
I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E2["update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C5 --> I5 --> R5 --> E5
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C2,C3,C5,C6 clue;
class I2,I3,I5,I6 infer;
class R2,R3,R5,R6 risk;
class E2,E3,E5,E6 evidence;flowchart LR
%% Deterministic clue tier for Infinera G42
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C2["[high] Firmware update / recovery / rollback services<br/><i>Firmware Load Test<br/>Firmware Update</i><br/>src: securityPolicy.services"]
C3["[high] Unauthenticated / self-test / status service surface<br/><i>Block Ciphers (SNMPv3)<br/>Block Ciphers (SSHv2)<br/>Block Ciphers (TLSv1.2/v1.3)</i><br/>src: securityPolicy.services"]
C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>SSH<br/>IKEV</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>kernel<br/>bootloader<br/>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C2,C3 clueHigh;
class C5,C6 clueLow;| # | Section | Page |
|---|---|---|
| 1 | General | 5 |
| 1.1 | Overview | 5 |
| 1.2 | Security Levels | 5 |
| 2 | Cryptographic Module Specification | 5 |
| 2.1 | Description | 5 |
| 2.2 | Tested and Vendor Affirmed Module Version and Identification | 7 |
| 2.3 | Excluded Components | 8 |
| 2.4 | Modes of Operation | 8 |
| 2.5 | Algorithms | 8 |
| 2.6 | Security Function Implementations | 15 |
| 2.7 | Algorithm Specific Information | 21 |
| 2.8 | RBG and Entropy | 21 |
| 2.9 | Key Generation | 21 |
| 2.10 | Key Establishment | 22 |
| 2.11 | Industry Protocols | 22 |
| 3 | Cryptographic Module Interfaces | 23 |
| 3.1 | Ports and Interfaces | 23 |
| 4 | Roles, Services, and Authentication | 23 |
| 4.1 | Authentication Methods | 23 |
| 4.2 | Roles | 26 |
| 4.3 | Approved Services | 27 |
| 4.4 | Non-Approved Services | 93 |
| 4.5 | External Software/Firmware Loaded | 93 |
| 4.6 | Bypass Actions and Status | 93 |
| 4.7 | Cryptographic Output Actions and Status | 93 |
| 4.8 | Additional Information | 94 |
| 5 | Software/Firmware Security | 94 |
| 5.1 | Integrity Techniques | 94 |
| 5.2 | Initiate on Demand | 94 |
| 6 | Operational Environment | 94 |
| 6.1 | Operational Environment Type and Requirements | 94 |
| 7 | Physical Security | 94 |
| 7.1 | Mechanisms and Actions Required | 94 |
| 7.2 | User Placed Tamper Seals | 95 |
| 7.3 | Filler Panels | 100 |
| 8 | Non-Invasive Security | 100 |
| 9 | Sensitive Security Parameters Management | 101 |
| 9.1 | Storage Areas | 101 |
| 9.2 | SSP Input-Output Methods | 101 |
| 9.3 | SSP Zeroization Methods | 102 |
| 9.4 | SSPs | 102 |
| 9.5 | Transitions | 129 |
| 10 | Self-Tests | 129 |
| 10.1 | Pre-Operational Self-Tests | 129 |
| 10.2 | Conditional Self-Tests | 131 |
| 10.3 | Periodic Self-Test Information | 138 |
| 10.4 | Operator Initiation of Self-Tests | 145 |
| 10.5 | Error States | 145 |
| 11 | Life-Cycle Assurance | 145 |
| 11.1 | Installation, Initialization, and Startup Procedures | 145 |
| 11.2 | Administrator Guidance | 147 |
| 11.3 | Non-Administrator Guidance | 147 |
| 12 | Mitigation of Other Attacks | 147 |
| slot 7) | 100 |
| Item | Page |
|---|---|
| Table 1: Security Levels | 5 |
| Table 2: Tested Module Identification – Hardware | 7 |
| Table 3: Modes List and Description | 8 |
| Table 4: Approved Algorithms | 13 |
| Table 5: Vendor-Affirmed Algorithms | 14 |
| Table 6: Security Function Implementations | 21 |
| Table 7: Entropy Certificates | 21 |
| Table 8: Entropy Sources | 21 |
| Table 9: Ports and Interfaces | 23 |
| Table 10: Authentication Methods | 25 |
| Table 11: Roles | 27 |
| Table 12: Approved Services | 93 |
| Table 13: Mechanisms and Actions Required | 95 |
| Table 14: Storage Areas | 101 |
| Table 15: SSP Input-Output Methods | 101 |
| Table 16: SSP Zeroization Methods | 102 |
| Table 17: SSP Table 1 | 112 |
| Table 18: SSP Table 2 | 129 |
| Table 19: Pre-Operational Self-Tests | 131 |
| Table 20: Conditional Self-Tests | 138 |
| Table 21: Pre-Operational Periodic Information | 140 |
| Table 22: Conditional Periodic Information | 145 |
| Table 23: Error States | 145 |
| Figure 1: Infinera G42 Module Front View | 6 |
| Figure 2: Infinera G42 IOP Card | 6 |
| Figure 3: Infinera G42 XMM4 Card | 6 |
| Figure 4: Infinera G42 CHM6 Card | 7 |
| Figure 5: Infinera G42 Module Back View | 7 |
| Figure 6: TELs on top of chassis | 96 |
| Figure 7: TELs on rear of chassis | 96 |
| Figure 8: TELs on front of chassis - IOP card (slot 2) | 97 |
| Figure 9: TELs on front of chassis - XMM4 card (slot 1) | 97 |
| Figure 10: TELs on front of chassis - XMM4 card (slot 3) | 97 |
| Figure 11: TELs on front of chassis - CHM6 card (slot 4) | 98 |
| Figure 12: TELs on front of chassis - CHM6 card (slot 4) and Blank card (slot 6) | 98 |
| Figure 13: TELs on front of chassis - CHM6 card (slot 5) | 99 |
| Figure 14: TELs on front of chassis - CHM6 card (slot 5) and Blank card (slot 7) | 99 |
| slot 7) | 100 |
| Name | ISO Section | Requirement | Level |
|---|---|---|---|
| 1 | 1 | General | 2 |
| 2 | 2 | Cryptographic module specification | 2 |
| 3 | 3 | Cryptographic module interfaces | 2 |
| 4 | 4 | Roles, services, and authentication | 3 |
| 5 | 5 | Software/Firmware security | 2 |
| 6 | 6 | Operational environment | N/A |
| 7 | 7 | Physical security | 2 |
| 8 | 8 | Non-invasive security | N/A |
| 9 | 9 | Sensitive security parameter management | 2 |
| 10 | 10 | Self-tests | 2 |
| 11 | 11 | Life-cycle assurance | 2 |
| 12 | 12 | Mitigation of other attacks | N/A |
| Overall Level | Overall Level | 2 |
This is a non-proprietary cryptographic module security policy for the Infinera G42 with the firmware version R6.2.2 or R6.2.3 (hereinafter calls the Module). The following details how this module meets the security requirements of FIPS 140-3, SP 800-140 and ISO/IEC 19790 for a
Purpose and Use: The Infinera G42 is a next-generation compact modular transport network elements deployed as part of a point-to-point, point-to-multipoint network for terrestrial and/or subsea applications. The G42 chassis provides multi-service client access (e.g. Ethernet, Optical Transport Network (OTN), etc.) to the Dense Wavelength Division Multiplexing (DWDM) transport bandwidth. The module is operated in a limited operational environment. Module Type: Hardware Module Embodiment: MultiChipStand Module Characteristics: Cryptographic Boundary: © 2021-2025 Nokia Corporation.
The module is a multiple-chip standalone hardware cryptographic module. The cryptographic boundary is defined as the entire chassis unit’s physical perimeter encompassing the "top," "front," "left," "right," “rear” and "bottom" surfaces of the case and shown in the figures below and in the Physical Security section. These modules are described in more detail further below in this section. Figure 1: Infinera G42 Module Front View Figure 2: Infinera G42 IOP Card Figure 3: Infinera G42 XMM4 Card © 2021-2025 Nokia Corporation.
| Name | Model | Hardware Version | Firmware Version | Processor |
|---|---|---|---|---|
| G42 | G42 | Chassis G42, Controller Card XMM4, GX-IOP, Line Card [CHM6- C8, CHM6S-C14, CHM6S-C15 or CHM6-L8], and Filler Plate (GX-BLANK) | R6.2.2 or R6.2.3 | Intel Atom C3558, EFR32MG21B010F1024IM32, Zynq UltraScale+, and NXP LS1012 |
Figure 5: Infinera G42 Module Back View
Tested Module Identification
N/A for this module. Tested Module Identification
N/A for this module. Modes List and Description: Table 3: Modes List and Description By default, the module is delivered with a non-compliant state but supports an Approved mode following the steps in section "Secure Operation" of this document by the Crypto Officer, the module can only operate in the Approved mode. The module does not claim implementation of The tables in section 2.5 below list all Approved security functions of the module, including specific key size(s) (in bits unless noted otherwise) employed for Approved services, and implemented modes of operation. There are some algorithm modes that were tested but not implemented by the module. Only the algorithms, modes, and key sizes that are implemented by the module are shown in these tables.
Approved Algorithms: © 2021-2025 Nokia Corporation.
| Name | CAVP Cert | Properties | Reference |
|---|---|---|---|
| AES-CBC | A4956 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CBC | A4958 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CBC | A4959 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CCM | A4956 | Key Length - 128, 192, 256 | SP 800-38C |
| AES-CCM | A4958 | Key Length - 128, 192, 256 | SP 800-38C |
| AES-CMAC | A4958 | Direction - Generation, Verification Key Length - 128, 192, 256 | SP 800-38B |
| AES-CTR | A4956 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-CTR | A4958 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-ECB | A4958 | Direction - Decrypt, Encrypt Key Length - 128, 192, 256 | SP 800-38A |
| AES-ECB | C482 | Direction - Decrypt, Encrypt Key Length - 256 | SP 800-38A |
| AES-GCM | A4956 | Direction - Decrypt, Encrypt IV Generation - External Key Length - 128, 192, 256 | SP 800-38D |
| AES-GCM | A4958 | Direction - Decrypt, Encrypt IV Generation - Internal IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| AES-GCM | A4959 | Direction - Decrypt, Encrypt IV Generation - Internal IV Generation Mode - 8.2.1 Key Length - 128, 192, 256 | SP 800-38D |
| AES-GCM | C501 | Direction - Decrypt, Encrypt IV Generation - External Key Length - 256 | SP 800-38D |
| Counter DRBG | A4958 | Prediction Resistance - Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| Counter DRBG | A4959 | Prediction Resistance - Yes Mode - AES-128, AES-192, AES-256 Derivation Function Enabled - Yes | SP 800-90A Rev. 1 |
| ECDSA KeyGen (FIPS186-4) | A4958 | Curve - P-256, P-384, P-521 Secret Generation Mode - Testing Candidates | FIPS 186-4 |
| ECDSA KeyGen (FIPS186-4) | A4959 | Curve - P-256, P-384, P-521 Secret Generation Mode - Testing Candidates | FIPS 186-4 |
| ECDSA SigGen (FIPS186-4) | A4958 | Component - No Curve - P-256, P-384, P-521 | FIPS 186-4 |
| ECDSA SigGen (FIPS186-4) | A4959 | Component - No Curve - P-256, P-384, P-521 Hash Algorithm - SHA2-224, SHA2-256, SHA2- 384, SHA2-512, SHA2-512/224, SHA2-512/256 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A3366 | Component - No Curve - P-192, P-256, P-384, P-521 Hash Algorithm - SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A4948 | Component - No Curve - P-521 Hash Algorithm - SHA2-512 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A4949 | Component - No Curve - P-521 Hash Algorithm - SHA2-512 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A4952 | Component - No Curve - P-521 Hash Algorithm - SHA2-512 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A4953 | Component - No Curve - P-521 Hash Algorithm - SHA2-512 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A4955 | Component - No Curve - P-521 Hash Algorithm - SHA2-512 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A4956 | Component - No Curve - P-521 Hash Algorithm - SHA2-512 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A4958 | Component - No Curve - P-256, P-384, P-521 Hash Algorithm - SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512, SHA2-512/224, SHA2- 512/256 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A4959 | Component - No Curve - P-256, P-384, P-521 Hash Algorithm - SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512, SHA2-512/224, SHA2- 512/256 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A4960 | Component - No Curve - P-521 Hash Algorithm - SHA2-512 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A4961 | Component - No Curve - P-521 Hash Algorithm - SHA2-512 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A4962 | Component - No Curve - P-521 Hash Algorithm - SHA2-512 | FIPS 186-4 |
| HMAC-SHA-1 | A4956 | Key Length - Key Length: 128-512 Increment 128 | FIPS 198-1 |
| HMAC-SHA-1 | A4958 | Key Length - Key Length: 8-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 256 | A4956 | Key Length - Key Length: 128-512 Increment 128 | FIPS 198-1 |
| HMAC-SHA2- 256 | A4957 | Key Length - Key Length: 64-2048 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 256 | A4958 | Key Length - Key Length: 8-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 256 | A4959 | Key Length - Key Length: 8-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 384 | A4956 | Key Length - Key Length: 384-1024 Increment 320 | FIPS 198-1 |
| HMAC-SHA2- 384 | A4958 | Key Length - Key Length: 8-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512 | A4956 | Key Length - Key Length: 512-1024 Increment 256 | FIPS 198-1 |
| HMAC-SHA2- 512 | A4958 | Key Length - Key Length: 8-524288 Increment 8 | FIPS 198-1 |
| HMAC-SHA2- 512 | A4959 | Key Length - Key Length: 8-524288 Increment 8 | FIPS 198-1 |
| KAS-ECC-SSC Sp800-56Ar3 | A4958 | Domain Parameter Generation Methods - P-256, P-384, P-521 Scheme - ephemeralUnified - KAS Role - initiator, responder | SP 800-56A Rev. 3 |
| KAS-ECC-SSC Sp800-56Ar3 | A4959 | Domain Parameter Generation Methods - P-256, P-384, P-521 Scheme - ephemeralUnified - KAS Role - initiator, responder | SP 800-56A Rev. 3 |
| KAS-FFC-SSC Sp800-56Ar3 | A4958 | Domain Parameter Generation Methods - ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192, MODP-2048, MODP-3072, MODP- 4096, MODP-6144, MODP-8192 Scheme - dhEphem - KAS Role - initiator, responder | SP 800-56A Rev. 3 |
| KDF IKEv2 (CVL) | A4958 | Diffie-Hellman Shared Secret Length - Diffie- Hellman Shared Secret Length: 384-2048 Increment 1664 Derived Keying Material Length - Derived Keying Material Length: 1056, 2432 Hash Algorithm - SHA-1, SHA2-256, SHA2-384, SHA2-512 | SP 800-135 Rev. 1 |
| KDF IKEv2 (CVL) | A4959 | Diffie-Hellman Shared Secret Length - Diffie- Hellman Shared Secret Length: 384-2048 Increment 1664 Derived Keying Material Length - Derived Keying Material Length: 1056, 2432 | SP 800-135 Rev. 1 |
| KDF SNMP (CVL) | A4958 | Password Length - Password Length: 64, 96 | SP 800-135 Rev. 1 |
| KDF SSH (CVL) | A4958 | Cipher - AES-128, AES-192, AES-256 Hash Algorithm - SHA-1, SHA2-224, SHA2-256, SHA2-384, SHA2-512 | SP 800-135 Rev. 1 |
| PBKDF | A4958 | Iteration Count - Iteration Count: 10-10000 Increment 1 Password Length - Password Length: 8-128 Increment 8 | SP 800-132 |
| RSA KeyGen (FIPS186-4) | A4958 | Key Generation Mode - B.3.6 Modulo - 2048, 3072, 4096 Primality Tests - Table C.2 Private Key Format - Standard | FIPS 186-4 |
| RSA KeyGen (FIPS186-4) | A4959 | Key Generation Mode - B.3.6 Modulo - 2048, 3072, 4096 Primality Tests - Table C.2 Private Key Format - Standard | FIPS 186-4 |
| RSA SigGen (FIPS186-4) | A4958 | Signature Type - PKCS 1.5 Modulo - 2048, 3072, 4096 | FIPS 186-4 |
| RSA SigGen (FIPS186-4) | A4959 | Signature Type - PKCS 1.5 Modulo - 2048, 3072, 4096 | FIPS 186-4 |
| RSA SigVer (FIPS186-4) | A4958 | Signature Type - PKCS 1.5, PKCSPSS Modulo - 2048, 3072, 4096 | FIPS 186-4 |
| RSA SigVer (FIPS186-4) | A4959 | Signature Type - ANSI X9.31, PKCSPSS Modulo - 2048, 3072, 4096 | FIPS 186-4 |
| Safe Primes Key Generation | A4958 | Safe Prime Groups - ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192, MODP-2048, MODP-3072, MODP-4096, MODP-6144, MODP- 8192 | SP 800-56A Rev. 3 |
| SHA-1 | A4956 | Message Length - Message Length: 8-51200 Increment 8 | FIPS 180-4 |
| SHA-1 | A4958 | Message Length - Message Length: 0-65528 Increment 8 | FIPS 180-4 |
| SHA2-256 | A3366 | Message Length - Message Length: 0-65536 Increment 8 | FIPS 180-4 |
| SHA2-256 | A4956 | Message Length - Message Length: 8-51200 Increment 8 | FIPS 180-4 |
| SHA2-256 | A4957 | Message Length - Message Length: 8-51200 Increment 8 | FIPS 180-4 |
| SHA2-256 | A4958 | Message Length - Message Length: 0-65528 Increment 8 | FIPS 180-4 |
| SHA2-256 | A4959 | Message Length - Message Length: 0-65528 Increment 8 | FIPS 180-4 |
| SHA2-384 | A4956 | Message Length - Message Length: 8-51200 Increment 8 | FIPS 180-4 |
| SHA2-384 | A4958 | Message Length - Message Length: 0-65528 Increment 8 | FIPS 180-4 |
| SHA2-512 | A4948 | Message Length - Message Length: 8-51200 Increment 8 | FIPS 180-4 |
| SHA2-512 | A4949 | Message Length - Message Length: 8-51200 Increment 8 | FIPS 180-4 |
| SHA2-512 | A4952 | Message Length - Message Length: 1536-4096 Increment 8 | FIPS 180-4 |
| SHA2-512 | A4953 | Message Length - Message Length: 1536-4096 Increment 8 | FIPS 180-4 |
| SHA2-512 | A4954 | Message Length - Message Length: 0-65528 Increment 8 | FIPS 180-4 |
| SHA2-512 | A4955 | Message Length - Message Length: 8-51200 Increment 8 | FIPS 180-4 |
| SHA2-512 | A4956 | Message Length - Message Length: 8-51200 Increment 8 | FIPS 180-4 |
| SHA2-512 | A4958 | Message Length - Message Length: 0-65528 Increment 8 | FIPS 180-4 |
| SHA2-512 | A4959 | Message Length - Message Length: 0-65528 Increment 8 | FIPS 180-4 |
| SHA2-512 | A4960 | Message Length - Message Length: 0-65528 Increment 8 | FIPS 180-4 |
| SHA2-512 | A4961 | Message Length - Message Length: 1536-65536 Increment 8 | FIPS 180-4 |
| SHA2-512 | A4962 | Message Length - Message Length: 8-51200 Increment 8 | FIPS 180-4 |
| TLS v1.2 KDF RFC7627 (CVL) | A4958 | Hash Algorithm - SHA2-256, SHA2-384, SHA2- 512 | SP 800-135 Rev. 1 |
| TLS v1.3 KDF (CVL) | A4958 | HMAC Algorithm - SHA2-256, SHA2-384 KDF Running Modes - DHE, PSK, PSK-DHE | SP 800-135 Rev. 1 |
HMAC-SHA2256 HMAC-SHA2256 HMAC-SHA2256 HMAC-SHA2256 HMAC-SHA2384 HMAC-SHA2384 HMAC-SHA2512 HMAC-SHA2512 HMAC-SHA2512 © 2021-2025 Nokia Corporation.
Table 4: Approved Algorithms Notes:
| Name | Properties | ||
|---|---|---|---|
| CKG | Key Type:Asymmetric | N/A | The cryptographic module performs Cryptographic Key Generation (CKG) for asymmetric keys as per sections 4 and 5 in SP800-133rev2 (vendor affirmed) and FIPS 140-3 IG D.H. A seed (i.e., the random value) used in asymmetric key generation is a direct output from SP800-90Arev1 CTR_DRBG (A4958) or CTR_DRBG (A4959) |
| Name | Description | Approved Functions | Type | |
|---|---|---|---|---|
| KAS-ECC- KeyGen (SSH, TLS and Control Plane IKEv2) | KAS ECC KeyGen in SSH, TLS and Control Plane IKEv2 services | Counter DRBG CKG | CKG KAS-KeyGen | |
| KAS-FFC- KeyGen (SSH, TLS and Control Plane IKEv2) | KAS FFC KeyGen in SSH, TLS and Control Plane IKEv2 services | Counter DRBG Safe Primes Key Generation CKG | CKG KAS-KeyGen | |
| KAS-ECC- KeyGen (Data Plane IKEv2) | KAS ECC KeyGen in Data Plane Encryption service | Counter DRBG CKG | CKG KAS-KeyGen | |
| KAS-ECC (SSHv2) | KAS-ECC for SSHv2 service | KAS-ECC-SSC Sp800-56Ar3 KDF SSH | KAS-Full | Bit-strength Caveat:Provides between 128 and 256 bits of encryption strength |
| KAS-FFC (SSHv2) | KAS-FFC for SSHv2 service | KAS-FFC-SSC Sp800-56Ar3 Domain Parameter Generation Method : MODP- 2048, MODP- 4096, and MODP-8192 KDF SSH | KAS-Full | Bit-strength Caveat:Provides between 112 and 200 bits of encryption strength |
| KAS-ECC (TLSv1.2/v1.3) | KAS-ECC for TLSv1.2/v1.3 service | KAS-ECC-SSC Sp800-56Ar3 TLS v1.2 KDF RFC7627 TLS v1.3 KDF | KAS-Full | Bit-strength Caveat:Provides between 128 and 256 bits of encryption strength |
| KAS-FFC (TLSv1.2/v1.3) | KAS-FFC for TLSv1.2/v1.3 service | KAS-FFC-SSC Sp800-56Ar3 Domain Parameter Generation Method: ffdhe2048 TLS v1.2 KDF RFC7627 TLS v1.3 KDF | KAS-Full | Bit-strength Caveat:Provides 112 bits of encryption strength |
| KAS-ECC (Control Plane IKEv2) | KAS-ECC for Control Plane IKEv2 service | KAS-ECC-SSC Sp800-56Ar3 KDF IKEv2 | KAS-Full | Bit-strength Caveat:Provides between 128 and 256 bits of encryption strength |
| KAS-FFC (Control Plane IKEv2) | KAS-FFC for Control Plane IKEv2 service | KAS-FFC-SSC Sp800-56Ar3 Domain Parameter Generation Method: MODP- 2048, MODP- 3072, MODP- 4096, MODP- 6144 and MODP-8192 KDF IKEv2 | KAS-Full | Bit-strength Caveat:Provides between 112 and 200 bits of encryption strength |
| KAS-ECC (Data Plane IKEv2) | KAS-ECC for Data Plane IKEv2 service | KAS-ECC-SSC Sp800-56Ar3 Curve: P-521 KDF IKEv2 | KAS-Full | Bit-strength Caveat:Provides 256 bits of encryption strength |
| ECDSA KeyGen (SSH, TLS and Control Plane IKEv2) | RSA Keypair generation for SSH, TLS and Control Plane IKEv2 services | ECDSA KeyGen (FIPS186-4) Counter DRBG CKG | AsymKeyPair- KeyGen CKG | |
| ECDSA SigGen (SSH, TLS and Control Plane IKEv2) | ECDSA SigGen for SSH, TLS and Control Plane IKEv2 services | ECDSA SigGen (FIPS186-4) | DigSig-SigGen |
Non-Approved, Allowed Algorithms: N/A for this module. Non-Approved, Allowed Algorithms with No Security Claimed: N/A for this module. Non-Approved, Not Allowed Algorithms: N/A for this module.
© 2021-2025 Nokia Corporation. Method : MODP2048, MODP4096, and
AsymKeyPairKeyGen © 2021-2025 Nokia Corporation. Method: MODP2048, MODP3072, MODP4096, MODP6144 and
| Name | Description | Approved Functions | Type |
|---|---|---|---|
| ECDSA SigVer (SSH, TLS and Control Plane IKEv2) | ECDSA SigVer for SSH, TLS and Control Plane IKEv2 services | ECDSA SigVer (FIPS186-4) | DigSig-SigVer |
| RSA KeyGen (SSH, TLS and Control Plane IKEv2) | RSA Keypair generation for SSH, TLS and Control Plane IKEv2 services | RSA KeyGen (FIPS186-4) Counter DRBG CKG | AsymKeyPair- KeyGen CKG |
| RSA SigGen (SSH, TLS and Control Plane IKEv2) | RSA SigGen for SSH, TLS and Control Plane IKEv2 services | RSA SigGen (FIPS186-4) | DigSig-SigGen |
| RSA SigVer (SSH, TLS and Control Plane IKEv2) | RSA SigVer for SSH, TLS and Control Plane IKEv2 services | RSA SigVer (FIPS186-4) | DigSig-SigVer |
| ECDSA KeyGen (Data Plane IKEv2) | ECDSA Keypair generation for Data Plane IKEv2 services | Counter DRBG ECDSA KeyGen (FIPS186-4) CKG | AsymKeyPair- KeyGen CKG |
| ECDSA SigGen (Data Plane IKEv2) | ECDSA SigGen for Data Plane IKEv2 service | ECDSA SigGen (FIPS186-4) | DigSig-SigGen |
| ECDSA SigVer (Data Plane IKEv2) | ECDSA SigVer for Data Plane IKEv2 service | ECDSA SigVer (FIPS186-4) | DigSig-SigVer |
| RSA KeyGen (Data Plane IKEv2) | RSA Keypair generation for Data Plane IKEv2 services | RSA KeyGen (FIPS186-4) Counter DRBG CKG | AsymKeyPair- KeyGen CKG |
| RSA SigGen (Data Plane IKEv2) | RSA SigGen for Data Plane IKEv2 service | RSA SigGen (FIPS186-4) | DigSig-SigGen |
| RSA SigVer (Data Plane IKEv2) | RSA SigVer for Data Plane IKEv2 service | RSA SigVer (FIPS186-4) | DigSig-SigVer |
| TLS Keying Materials Development | Keying materials, used to derive TLS session keys | TLS v1.2 KDF RFC7627 TLS v1.3 KDF | KAS-135KDF |
| IPsec/IKEv2 Keying Materials Development | Keying materials, used to derive IPSec/IKE session keys | KDF IKEv2 | KAS-135KDF |
| SNMPv3 Keying Materials Development | Keying materials, used to derive SNMP session keys | KDF SNMP | KAS-135KDF |
| Block Ciphers (SNMPv3) | Block Ciphers used for SNMPv3 service | AES-ECB HMAC-SHA-1 KDF SNMP SHA-1 | BC-UnAuth MAC |
| Block Ciphers (SSHv2) | Block Cipher for SSHv2 serivce | AES-CBC AES-CTR HMAC-SHA-1 HMAC-SHA2- 256 HMAC-SHA2- 512 SHA-1 SHA2-256 SHA2-512 AES-GCM | BC-Auth BC-UnAuth MAC |
| Block Ciphers (TLSv1.2/v1.3) | Block Cipher used for TLSv1.2/v1.3 service | AES-CBC AES-GCM HMAC-SHA2- 256 HMAC-SHA2- 384 HMAC-SHA2- 512 SHA2-256 SHA2-384 SHA2-512 | BC-Auth BC-UnAuth MAC |
| Block Ciphers (Control Plane IKEv2) | Block Ciphers for Control Plane IKEv2 service | AES-CBC AES-CCM AES-GCM AES-CBC AES-CCM AES-GCM AES-CTR AES-CTR HMAC-SHA-1 HMAC-SHA2- 256 HMAC-SHA2- 384 HMAC-SHA2- 512 HMAC-SHA-1 HMAC-SHA2- 256 HMAC-SHA2- | BC-Auth BC-UnAuth MAC |
AsymKeyPairKeyGen AsymKeyPairKeyGen AsymKeyPairKeyGen © 2021-2025 Nokia Corporation.
© 2021-2025 Nokia Corporation. HMAC-SHA2256 HMAC-SHA2512 HMAC-SHA2256 HMAC-SHA2384 HMAC-SHA2512 HMAC-SHA2256 HMAC-SHA2384 HMAC-SHA2512 HMAC-SHA2256
| Name | Description | Approved Functions | Type | Properties |
|---|---|---|---|---|
| Block Cipher (Data Plane IKEv2) | Block Cipher for Data Plane IKEv2 service | AES-GCM AES-GCM AES-CBC HMAC-SHA2- 256 HMAC-SHA2- 512 SHA2-256 SHA2-512 AES-ECB | BC-Auth | |
| SSH KTS (AES and HMAC) | KTS via SSHv2 service by using AES and HMAC | AES-CBC AES-CTR HMAC-SHA-1 HMAC-SHA2- 256 HMAC-SHA2- 512 SHA-1 SHA2-256 SHA2-512 | KTS-Wrap | Bit-strength Caveat:Provides between 128 and 256 bits of encryption strength |
| SSH KTS (GCM) | KTS via SSHv2 service by using AES-GCM | AES-GCM | KTS-Wrap | Bit-strength Caveat:Provides between 128 and 256 bits of encryption strength |
| TLS KTS (AES and HMAC) | KTS via TLSv1.2/v1.3 service by using AES and HMAC | AES-CBC HMAC-SHA2- 256 HMAC-SHA2- 384 HMAC-SHA2- 512 SHA2-256 SHA2-384 SHA2-512 | KTS-Wrap | Bit-strength Caveat:Provides between 128 and 256 bits of encryption strength |
| TLS KTS (GCM) | KTS via TLSv1.2/v1.3 | AES-GCM | KTS-Wrap | Bit-strength Caveat:Provides |
| service by using GCM | service by using GCM | between 128 and 256 bits of encryption strength | ||
| OSPFv2 Authentication | OSPFv2 authentication | HMAC-SHA2- 256 SHA2-256 | MAC | |
| LUKS Database Protection | Database integrity protection using HMAC-SHA2- 512 | SHA2-512 HMAC-SHA2- 512 PBKDF | MAC | |
| Firmware Load Test | ECDSA SigVer for firmware load test | ECDSA SigVer (FIPS186-4) Curve: P-521 | DigSig-SigVer | |
| NTP Authentication | NTP authentication | SHA-1 SHA2-256 AES-CMAC | MAC | |
| DRBG Function | Used for DRBG generation | Counter DRBG Counter DRBG | DRBG | |
| Firmware Integrity Test | Used for firmware integrity test | ECDSA SigVer (FIPS186-4) ECDSA SigVer (FIPS186-4) ECDSA SigVer (FIPS186-4) ECDSA SigVer (FIPS186-4) SHA2-512 ECDSA SigVer (FIPS186-4) ECDSA SigVer (FIPS186-4) ECDSA SigVer (FIPS186-4) ECDSA SigVer (FIPS186-4) ECDSA SigVer (FIPS186-4) ECDSA SigVer (FIPS186-4) ECDSA SigVer (FIPS186-4) SHA2-256 SHA2-512 SHA2-512 SHA2-512 SHA2-512 SHA2-512 | DigSig-SigVer |
© 2021-2025 Nokia Corporation. HMAC-SHA2512 HMAC-SHA2256 HMAC-SHA2512 HMAC-SHA2256 HMAC-SHA2512 HMAC-SHA2256 HMAC-SHA2384 HMAC-SHA2512
HMAC-SHA2512 © 2021-2025 Nokia Corporation. HMAC-SHA2256 HMAC-SHA2512
| Name | Type | Strength | Operational Environment | Conditioning Component | |
|---|---|---|---|---|---|
| EFR32MG21B010F1024IM32 | Physical | 128 bits | B with SE Firmware Version 1.2.13 | Full Entropy | A3366 (AES- CBC-MAC) |
| Cert | Vendor Name | |
|---|---|---|
| Number | ||
| E156 | Silicon Laboratories |
Table 6: Security Function Implementations
No specific algorithm information.
Table 7: Entropy Certificates Table 8: Entropy Sources The module implements two approved CTR_DRBGs based on SP800-90Arev1, with Algo Certs. #A4958 and #A4959. Each DRBG is used internally by the module (e.g. to generate symmetric keys, seeds for asymmetric key pairs, and random numbers for security functions). The DRBG is seeded by the entropy source described in the table above. The CTR_DRBG (AES-128/192/256) enables Derivation Function capability. The DRBG is instantiated with a 384-bits long entropy input (corresponding to 384 bits of entropy) and provides at least 256 bits security strength for the following cryptographic keys generation. The entropy source implementation generates an output that is considered to have full entropy. More information can be found in the public use document for ESV cert #E156.
The module generates RSA, ECDSA, EC Diffie-Hellman, and Diffie-Hellman asymmetric key pairs compliant with FIPS 186-4, using a NIST SP 800-90A CTR DRBG for random number © 2021-2025 Nokia Corporation.
generation. In accordance with FIPS 140-3 IG D.H, the cryptographic module performs CKG for asymmetric keys as per section 5 of NIST SP 800-133rev2 (vendor affirmed) by obtaining a random bit string directly from an approved DRBG. The random bit string supports the required security strength requested by the calling application (without any V, as described in Additional Comments 2 of IG D.H.).
The module provides the following key/SSP establishment services in the approved mode of operation:
- SSH (RFC 4419): MODP-2048 (ID =
The module supports SSHv2, TLS v1.2, TLSv1.3, SNMPv3 and IPsec/IKEv2 industrial protocols. No parts of SSH, TLS, SNMP and IKEv2 protocols, other than the KDFs, have been tested by the CAVP and CMVP. Please refer to SSPs Table for more information. © 2021-2025 Nokia Corporation.
| Name | Physical Port | Logical Interface | Data That Passes |
|---|---|---|---|
| Ethernet Ports and Optical Ports on CHM6 Card; DCN, CRAFT, CONSOLE, AUX 1 & AUX 2 Ports on XMM4 Card | Ethernet Ports and Optical Ports on CHM6 Card; DCN, CRAFT, CONSOLE, AUX 1 & AUX 2 Ports on XMM4 Card | Data Input | Plaintext/Ciphertext Data input to the module for all approved services defined in Table 16 |
| Ethernet Ports and Optical Ports on CHM6 Card; DCN, CRAFT, CONSOLE, AUX 1 & AUX 2 Ports on XMM4 Card | Ethernet Ports and Optical Ports on CHM6 Card; DCN, CRAFT, CONSOLE, AUX 1 & AUX 2 Ports on XMM4 Card | Data Output | Plaintext/Ciphertext Data output from the module for all approved services defined in Table 16 |
| DCN, CRAFT, CONSOLE, AUX 1 & AUX 2 Ports on XMM4 Card; Lamp Test on IOP Card | DCN, CRAFT, CONSOLE, AUX 1 & AUX 2 Ports on XMM4 Card; Lamp Test on IOP Card | Control Input | Control information input into the module for all the services defined in Tables 16 |
| DCN, CRAFT, CONSOLE, AUX 1 & AUX 2 Ports on XMM4 Card, and LEDs | DCN, CRAFT, CONSOLE, AUX 1 & AUX 2 Ports on XMM4 Card, and LEDs | Status Output | Status Information output from the module |
| Power Interface | Power Interface | Power | Power supply |
| Name | Description | Strength | Security Mechanism | Strength per Minute |
|---|---|---|---|---|
| Password- based Authentication | The minimum length is eight (8) characters (94 possible characters). The probability that a random attempt will succeed or a false acceptance will occur is 1/(94^8) which is less than 1/1,000,000. | The probability that a random attempt will succeed or a false acceptance will occur is 1/(94^8). Please refer | Password Based | The probability of successfully authenticating to the module within one minute is 10/(94^8). Please refer to Description section in this table for more details |
| As the module supports at most ten failed attempts to authenticate in a one- minute period, the probability of successfully authenticating to the module within one minute is 10/(94^8), which is less than 1/100,000. This calculation is based on the assumption that the typical standard American QWERTY computer keyboard has 10 Integer digits, 52 alphabetic characters, and 32 special characters providing 94 characters to choose from in total. | As the module supports at most ten failed attempts to authenticate in a one- minute period, the probability of successfully authenticating to the module within one minute is 10/(94^8), which is less than 1/100,000. This calculation is based on the assumption that the typical standard American QWERTY computer keyboard has 10 Integer digits, 52 alphabetic characters, and 32 special characters providing 94 characters to choose from in total. | to Description section in this table for more details | ||
| RSA-based Authentication | The modules support RSA public-key based authentication mechanism using a minimum of RSA 2048 bits, which provides 112 bits of security strength. The probability that a random attempt will succeed is 1/(2^112) which is less than 1/1,000,000. For multiple attacks during a one-minute period, as the module at its highest can support at most 17,000 new sessions per second to authenticate in a one-minute period, the probability of successfully authenticating to the | The probability that a random attempt will succeed is 1/(2^112). Please refer to Description section in this table for more details | RSA SigVer (FIPS186-4) (A4958) | the probability of successfully authenticating to the module within a one minute period is 17,000 * 60 = 1,020,000/(2^112). Please refer to Description section in this table for more details |
| ECDSA- based Authentication | The modules support ECDSA public-key based authentication mechanism using a minimum of curve P- 256, which provides 128 bits of security strength. The probability that a random attempt will succeed is 1/(2^128) which is less than 1/1,000,000. For multiple attacks during a one-minute period, as the module at its highest can support at most 17,000 new sessions per second to authenticate in a one-minute period, the probability of successfully authenticating to the module within a one minute period is 17,000 * 60 = 1,020,000/(2^128), which is less than 1/100,000. | The probability that a random attempt will succeed is 1/(2^128) which is less than 1/1,000,000. Please refer to Description section in this table for more details | ECDSA SigVer (FIPS186-4) (A4958) | the probability of successfully authenticating to the module within a one minute period is 17,000 * 60 = 1,020,000/(2^128). Please refer to Description section in this table for more details |
The module’s physical perimeter encompasses the case of the tested platform mentioned in The module’s data output interface will be disabled when performing pre-operational self-tests, loading new firmware, zeroizing keys, or when in an error state.
ECDSAbased Table 10: Authentication Methods multiple Crypto Officer roles and User roles. Each role is authenticated by the module upon initial access to the module, as detailed below. Crypto Officer Roles:
| Name | Role Access | Type | |
|---|---|---|---|
| Security Admin (SA) | Crypto Officer | Identity | Password-based Authentication RSA-based Authentication ECDSA-based Authentication |
| Network Admin (NA) | Crypto Officer | Identity | Password-based Authentication RSA-based Authentication ECDSA-based Authentication |
| Encryption Admin (EA) | Crypto Officer | Identity | Password-based Authentication RSA-based Authentication ECDSA-based Authentication |
| Network Engineer (NE) | User | Identity | Password-based Authentication RSA-based Authentication |
manage the creation, enabling / disabling of new Users and Passwords, User session monitoring, and configuration.
| Name | Description | Role Access | Csps Accessed | Approved Functions | Indicator | Type | Input | Output | Authentication Methods ECDSA-based Authentication |
|---|---|---|---|---|---|---|---|---|---|
| Monitoring Access (MA) | User | Identity | Password-based Authentication RSA-based Authentication ECDSA-based Authentication | ||||||
| Provisioning (PR) | User | Identity | Password-based Authentication RSA-based Authentication ECDSA-based Authentication | ||||||
| Turn-up and Test (TT) | User | Identity | Password-based Authentication RSA-based Authentication ECDSA-based Authentication | ||||||
| Show Version | Show module's ID and versioning information | Security Admin (SA) Network Admin (NA) Encryption Admin (EA) Network Engineer (NE) Monitoring Access (MA) Provisionin g (PR) Turn-up and Test (TT) | None | N/A | Command used to show module's version | Module's ID and versioning informatio n | |||
| Show Status | Show module's operational status | Security Admin (SA) Network Admin (NA) Encryption Admin (EA) Network | None | N/A | Command used to show Module's Status | Module's operation al status |
| Name | Description | Role Access | Csps Accessed | Approved Functions | Indicator | Type | Input | Output | Authentication Methods ECDSA-based Authentication |
|---|---|---|---|---|---|---|---|---|---|
| Monitoring Access (MA) | User | Identity | Password-based Authentication RSA-based Authentication ECDSA-based Authentication | ||||||
| Provisioning (PR) | User | Identity | Password-based Authentication RSA-based Authentication ECDSA-based Authentication | ||||||
| Turn-up and Test (TT) | User | Identity | Password-based Authentication RSA-based Authentication ECDSA-based Authentication | ||||||
| Show Version | Show module's ID and versioning information | Security Admin (SA) Network Admin (NA) Encryption Admin (EA) Network Engineer (NE) Monitoring Access (MA) Provisionin g (PR) Turn-up and Test (TT) | None | N/A | Command used to show module's version | Module's ID and versioning informatio n | |||
| Show Status | Show module's operational status | Security Admin (SA) Network Admin (NA) Encryption Admin (EA) Network | None | N/A | Command used to show Module's Status | Module's operation al status |
| Name | Description | Approved Functions | Access | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| User Account Manageme nt | User account manageme nt | None | Security Admin (SA) - Operator Password: G,R,W,Z - SSH RSA Public Key: G,R,W,Z - SSH ECDSA Public Key: G,R,W,Z | N/A | Command to manage the User account | Status of User account |
| Certificates Manageme nt | Certificates Manageme nt | None | Security Admin (SA) - SSH ECDSA Private Key: G,R,W,E,Z - SSH ECDSA Public Key: G,R,W,E,Z - SSH RSA Private Key: G,R,W,E,Z - SSH RSA Public Key: G,R,W,E,Z - TLS ECDSA Private Key: G,R,W,E,Z - TLS ECDSA Public Key: G,R,W,E,Z | N/A | Command s used to manage the certificates | Status of the completio n of network configurati on status |
| Name | Csps Accessed | Descriptio | Security |
|---|---|---|---|
| n | Access | n | Functions |
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Setup Network (non- security relevant) | Commands to configure the non- security relevant network | Network Admin (NA) Provisionin g (PR) Turn-up and Test (TT) | None | N/A | Command s to configure the network | Status of the completio n of network configurati on status |
| Enable/disa ble approved mode | Enable/disa ble approved mode | Security Admin (SA) | None | N/A | Command used to enable or disable approved mode | Module's approved mode status |
| Configure Network Access Control List | Configure network access control list | Security Admin (SA) | None | N/A | Command s used to configure network access control list | Network access control list configurati on status |
| Configure Performanc e Monitoring Service | Configure Performanc e Monitoring Service | Network Admin (NA) Turn-up and Test (TT) | None | N/A | Command s used to configure performan ce monitoring service | performan ce monitoring service configurati on status |
| Configure Equipment | Provision equipment | Network Admin (NA) Network Engineer (NE) | None | N/A | Command s used to configue equipment | Equipmen t configurati on status |
| Configure Facilities (physical or logical Interfaces) | Configure Facilities (physical or logical interfaces) | Network Admin (NA) Provisionin g (PR) Turn-up and Test (TT) | None | N/A | Command s to configure the module's physical or logical interfaces | Module's physical or logical interfaces configruait on status |
| Perform Self-Test | Perform self-tests | Security Admin (SA) Network Admin (NA) Encryption Admin (EA) Network | Firmware Integrity Test | N/A | Command to trigger self-tests | Self-tests completio n status |
n (nonsecurity the nonsecurity N/A N/A N/A e e N/A N/A t N/A N/A © 2021-2025 Nokia Corporation. G,R,W,E,Z
| Name | Description | Approved Functions | Access | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Firmware Update | Perform firmware update | Firmware Load Test | Network Admin (NA) - Firmware Load Test Key: R,E | Firmware update service completio n status | Command to trigger firmware update | Firmware update status |
| Perform Zeroization | Zeroize all SSPs in the module | None | Security Admin (SA) - DRBG Entropy Input: Z - DRBG Seed: Z - DRBG Internal State V value: Z - DRBG Key: Z - Operator Password: Z - LUKS DB Password: Z - LUKS DB Salt : Z - LUKS DB Integrity Key : Z - SSH DH Private Key: Z - SSH DH Public Key: Z - SSH Peer DH Public Key: Z - SSH DH | N/A | Command to zeroize the module | SSPs zeroizatio n status |
| Name | Csps Accessed | Descriptio | Security |
|---|---|---|---|
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Configure SSHv2 service | Configure SSHv2 service | Security Admin (SA) - SSH DH Private Key: W,Z - SSH DH Public Key: W,Z - SSH Peer DH Public Key: W,Z - SSH DH Shared Secret: W,Z - SSH ECDH Private Key: W,Z - SSH ECDH Public Key: W,Z - SSH Peer | KAS-ECC- KeyGen (SSH, TLS and Control Plane IKEv2) KAS-FFC- KeyGen (SSH, TLS and Control Plane IKEv2) KAS-ECC (SSHv2) KAS-FFC (SSHv2) ECDSA KeyGen (SSH, TLS and Control Plane IKEv2) ECDSA SigGen | Global approved mode indicator and SSHv2 service configurati on status | Commman ds used to configure SSHv2 service | SSHv2 service configurati on status |
n KAS-ECCKeyGen KAS-FFCKeyGen © 2021-2025 Nokia Corporation. Z W,Z W,Z W,Z
| Name | Description | Role Access | Csps Accessed | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Configure TLS (v1.2/v1.3) Service | Configure TLS (v1.2/v1.3) service | KAS-ECC- KeyGen (SSH, TLS and Control Plane IKEv2) KAS-FFC- KeyGen (SSH, TLS and Control | Security Admin (SA) - TLS DH Private Key: W,Z - TLS DH Public Key: W,Z - TLS Peer DH Public | Global approved mode indicator and OSPF service configurati on status | Commman ds used to configure TLS (v1.2/v1.3) service | TLS (v1.2/v1.3 ) service configurati on status |
n KAS-ECCKeyGen KAS-FFCKeyGen © 2021-2025 Nokia Corporation. W,Z W,Z W,Z W,Z W,Z
| Name | Csps Accessed | Descriptio | Security | ||
|---|---|---|---|---|---|
| n | Access | n | Functions | ||
| Plane IKEv2) KAS-ECC (TLSv1.2/v 1.3) KAS-FFC (TLSv1.2/v 1.3) ECDSA KeyGen (SSH, TLS and Control Plane IKEv2) ECDSA SigGen (SSH, TLS and Control Plane IKEv2) ECDSA SigVer (SSH, TLS and Control Plane IKEv2) RSA KeyGen (SSH, TLS and Control Plane IKEv2) RSA SigGen (SSH, TLS and Control Plane IKEv2) RSA SigVer (SSH, TLS and Control Plane IKEv2) Block Ciphers (TLSv1.2/v 1.3) TLS KTS (AES and | Plane IKEv2) KAS-ECC (TLSv1.2/v 1.3) KAS-FFC (TLSv1.2/v 1.3) ECDSA KeyGen (SSH, TLS and Control Plane IKEv2) ECDSA SigGen (SSH, TLS and Control Plane IKEv2) ECDSA SigVer (SSH, TLS and Control Plane IKEv2) RSA KeyGen (SSH, TLS and Control Plane IKEv2) RSA SigGen (SSH, TLS and Control Plane IKEv2) RSA SigVer (SSH, TLS and Control Plane IKEv2) Block Ciphers (TLSv1.2/v 1.3) TLS KTS (AES and | Key: W,Z - TLS DH Shared Secret: W,Z - TLS ECDH Private Key: W,Z - TLS ECDH Public Key: W,Z - TLS Peer ECDH Public Key: W,Z - TLS ECDH Shared Secret: W,Z - TLS ECDSA Private Key: W,Z - TLS ECDSA Public Key: W,Z - TLS RSA Private Key: W,Z - TLS RSA Public Key: W,Z - TLS Master Secret: W,Z - TLS Encryption Key: W,Z - TLS Integrity Key: W,Z - DRBG Entropy Input: W,Z |
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Configure SNMP service | Configure SNMP service | Security Admin (SA) - SNMPv3 Authenticat ion Secret: W,Z - SNMPv3 Encryption Key: W,Z - SNMPv3 Integrity Key: W,Z | Block Ciphers (SNMPv3) SNMPv3 Keying Materials Developme nt | Global approved mode indicator and SNMP service configurati on status | Commman ds used to configure SNMP service | SNMP service configurati on status |
| Configure Control Plane IPSec/IKEv 2 Service | Configure Control Plane IPSec/IKEv 2 Service | Security Admin (SA) - IPSec/IKE DH Private Key: W,Z - IPSec/IKE DH Public Key: W,Z - IPSec/IKE Peer DH Public Key: W,Z - IPSec/IKE DH Shared Secret: W,Z - IPSec/IKE ECDH Private Key: W,Z - IPSec/IKE ECDH Public Key: W,Z - IPSec/IKE Peer ECDH Public Key: | KAS-ECC- KeyGen (SSH, TLS and Control Plane IKEv2) KAS-FFC- KeyGen (SSH, TLS and Control Plane IKEv2) KAS-ECC (Control Plane IKEv2) KAS-FFC (Control Plane IKEv2) ECDSA KeyGen (SSH, TLS and Control Plane IKEv2) ECDSA SigGen | Global approved mode indicator and Control Plane IPSec/IKE v2 service configurati on status | Commman ds used to configure Control Plane IPSec/IKE v2 service | Control Plane IPSec/IKE v2 service configurati on status |
n © 2021-2025 Nokia Corporation. KAS-ECCKeyGen KAS-FFCKeyGen W,Z W,Z W,Z W,Z
| Name | Description | Role Access | Csps Accessed | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Configure Data Plane Encryption Service | Configure Data Plane Encryption Service | KAS-ECC- KeyGen (Data Plane IKEv2) | Encryption Admin (EA) - Data Plane | Global approved mode indicator | Commman ds used to configure Data Plane | Data Plane Encryptio n service |
n KAS-ECCKeyGen © 2021-2025 Nokia Corporation. W,Z W,Z W,Z W,Z D: W,Z
| Name | Csps Accessed | Indicator | Input | Output | Descriptio | Security | ||
|---|---|---|---|---|---|---|---|---|
| n | Access | n | Functions | |||||
| and Data Plane Encryptio n service configurati on status | and Data Plane Encryptio n service configurati on status | Encryption service | configurati on status | KAS-ECC (Data Plane IKEv2) ECDSA KeyGen (Data Plane IKEv2) ECDSA SigGen (Data Plane IKEv2) ECDSA SigVer (Data Plane IKEv2) RSA KeyGen (Data Plane IKEv2) RSA SigGen (Data Plane IKEv2) RSA SigVer (Data Plane IKEv2) Block Cipher (Data Plane IKEv2) DRBG Function | Encryption ECDH Private Key: W,Z - Data Plane Encryption ECDH Public Key: W,Z - Data Plane Encryption Peer ECDH Public Key: W,Z - Data Plane Encryption ECDH Shared Secret: W,Z - Data Plane Encryption ECDSA Private Key: W,Z - Data Plane Encryption ECDSA Public Key: W,Z - Data Plane Encryption RSA Private Key: W,Z - Data Plane Encryption RSA Public Key: W,Z - Data Plane |
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Configure OSPF Service | Configure OSPF Service | Security Admin (SA) - OSPFv2 Authenticat ion Key : W,Z Network Admin (NA) - OSPFv2 Authenticat ion Key : W,Z | OSPFv2 Authenticati on | Global approved mode indicator and OSPF service configurati on status log | Command s used to configure OSPF service | OSPF configurati on status |
| Configure LUKS Database Protection Service | Configure LUKS Database protection service | Security Admin (SA) - LUKS DB Password: G,W,Z | LUKS Database Protection | Global approved mode indicator and LUKS Database service configurati on status | Command s to configure LUKS database service | Status of completio n of LUKS database service configurati on |
| Run SSHv2 service | Run SSHv2 service | Security Admin (SA) - DRBG Entropy Input: G,W,E,Z - DRBG Seed: G,W,E,Z - DRBG Internal State V value: G,W,E,Z - DRBG Key: G,W,E,Z - SSH DH Private Key: G,W,E,Z - SSH DH Public Key: G,W,E,Z - SSH Peer DH Public Key: G,W,E,Z - SSH DH Shared Secret: G,W,E,Z - SSH ECDH Private Key: G,W,E,Z - SSH ECDH Public Key: G,W,E,Z - SSH Peer ECDH Public Key: G,W,E,Z - SSH ECDH Shared Secret: | KAS-ECC- KeyGen (SSH, TLS and Control Plane IKEv2) KAS-FFC- KeyGen (SSH, TLS and Control Plane IKEv2) KAS-ECC (SSHv2) KAS-FFC (SSHv2) ECDSA KeyGen (SSH, TLS and Control Plane IKEv2) ECDSA SigGen (SSH, TLS and Control Plane IKEv2) ECDSA SigVer (SSH, TLS and Control Plane IKEv2) RSA KeyGen (SSH, TLS and Control Plane IKEv2) RSA SigGen (SSH, TLS and Control Plane IKEv2) RSA SigVer (SSH, TLS and Control | Global approved mode indicator and SSHv2 service running status | Initiate SSHv2 service establishm ent request | SSHv2 service running status |
n © 2021-2025 Nokia Corporation. KAS-ECCKeyGen KAS-FFCKeyGen G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z
| Name | Csps Accessed | Descriptio | Security | ||
|---|---|---|---|---|---|
| n | Access | n | Functions | ||
| Plane IKEv2) Block Ciphers (SSHv2) SSH KTS (AES and HMAC) SSH KTS (GCM) DRBG Function | Plane IKEv2) Block Ciphers (SSHv2) SSH KTS (AES and HMAC) SSH KTS (GCM) DRBG Function | G,W,E,Z - SSH ECDSA Private Key: G,W,E,Z - SSH ECDSA Public Key: G,W,E,Z - SSH RSA Private Key: G,W,E,Z - SSH RSA Public Key: G,W,E,Z - SSH Encryption Key: G,W,E,Z - SSH Integrity Key: G,W,E,Z Network Admin (NA) - DRBG Entropy Input: G,W,E,Z - DRBG Seed: G,W,E,Z - DRBG Internal State V value: G,W,E,Z - DRBG Key: G,W,E,Z - SSH DH Private Key: G,W,E,Z - SSH DH Public Key: G,W,E,Z |
| Name | Csps Accessed | Descriptio | Security |
|---|---|---|---|
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Run TLS (v1.2/v1.3) Service | Run TLS (v1.2/v1.3) Service | Security Admin (SA) - DRBG Entropy Input: G,W,E,Z - DRBG Seed: G,W,E,Z - DRBG Internal State V value: G,W,E,Z - DRBG Key: G,W,E,Z - TLS DH | KAS-ECC- KeyGen (SSH, TLS and Control Plane IKEv2) KAS-FFC- KeyGen (SSH, TLS and Control Plane IKEv2) KAS-ECC (TLSv1.2/v 1.3) KAS-FFC (TLSv1.2/v 1.3) | Global approved mode indicator and TLS (v1.2/v1.3 ) service running status | Initiate TLS (v1.2/v1.3) service establishm ent request | TLS (v1.2/v1.3 ) service running status |
n KAS-ECCKeyGen KAS-FFCKeyGen 1.3) 1.3) © 2021-2025 Nokia Corporation. G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z
| Name | Csps Accessed | Descriptio | Security | ||
|---|---|---|---|---|---|
| n | Access | n | Functions | ||
| ECDSA KeyGen (SSH, TLS and Control Plane IKEv2) ECDSA SigGen (SSH, TLS and Control Plane IKEv2) ECDSA SigVer (SSH, TLS and Control Plane IKEv2) RSA KeyGen (SSH, TLS and Control Plane IKEv2) RSA SigGen (SSH, TLS and Control Plane IKEv2) RSA SigVer (SSH, TLS and Control Plane IKEv2) Block Ciphers (TLSv1.2/v 1.3) TLS KTS (AES and HMAC) TLS KTS (GCM) DRBG Function TLS Keying Materials | ECDSA KeyGen (SSH, TLS and Control Plane IKEv2) ECDSA SigGen (SSH, TLS and Control Plane IKEv2) ECDSA SigVer (SSH, TLS and Control Plane IKEv2) RSA KeyGen (SSH, TLS and Control Plane IKEv2) RSA SigGen (SSH, TLS and Control Plane IKEv2) RSA SigVer (SSH, TLS and Control Plane IKEv2) Block Ciphers (TLSv1.2/v 1.3) TLS KTS (AES and HMAC) TLS KTS (GCM) DRBG Function TLS Keying Materials | Private Key: G,W,E,Z - TLS DH Public Key: G,W,E,Z - TLS Peer DH Public Key: G,W,E,Z - TLS DH Shared Secret: G,W,E,Z - TLS ECDH Private Key: G,W,E,Z - TLS ECDH Public Key: G,W,E,Z - TLS Peer ECDH Public Key: G,W,E,Z - TLS ECDH Shared Secret: G,W,E,Z - TLS ECDSA Private Key: G,W,E,Z - TLS ECDSA Public Key: G,W,E,Z - TLS RSA Private Key: G,W,E,Z - TLS RSA Public Key: G,W,E,Z - TLS | |||
| n | Access | n | Functions | ||
| Developme nt | Developme nt | Master Secret: G,W,E,Z - TLS Encryption Key: G,W,E,Z - TLS Integrity Key: G,W,E,Z Network Admin (NA) - DRBG Entropy Input: G,W,E,Z - DRBG Seed: G,W,E,Z - DRBG Internal State V value: G,W,E,Z - DRBG Key: G,W,E,Z - TLS DH Private Key: G,W,E,Z - TLS DH Public Key: G,W,E,Z - TLS Peer DH Public Key: G,W,E,Z - TLS DH Shared Secret: G,W,E,Z - TLS ECDH Private Key: G,W,E,Z - TLS |
| Name | Csps Accessed | Descriptio | Security |
|---|---|---|---|
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Run Control Plane IPsec/IKEv 2 Service | Run Control Plane IPsec/IKEv 2 Service | Security Admin (SA) - DRBG Entropy Input: G,W,E,Z - DRBG Seed: | KAS-ECC- KeyGen (SSH, TLS and Control Plane IKEv2) KAS-FFC- KeyGen | Global approved mode indicator and Run IPsec/IKE v2 service completio | Command to run Run Control Plane IPsec/IKEv 2 service | Control Plane IPsec/IKE v2 service running status |
n KAS-ECCKeyGen KAS-FFCKeyGen © 2021-2025 Nokia Corporation. G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z
| Name | Csps Accessed | Indicator | Descriptio | Security | ||
|---|---|---|---|---|---|---|
| n | Access | n | Functions | |||
| n status log | n status log | (SSH, TLS and Control Plane IKEv2) KAS-ECC (Control Plane IKEv2) KAS-FFC (Control Plane IKEv2) ECDSA KeyGen (SSH, TLS and Control Plane IKEv2) ECDSA SigGen (SSH, TLS and Control Plane IKEv2) ECDSA SigVer (SSH, TLS and Control Plane IKEv2) RSA KeyGen (SSH, TLS and Control Plane IKEv2) RSA SigGen (SSH, TLS and Control Plane IKEv2) RSA SigVer (SSH, TLS and Control Plane IKEv2) Block Ciphers | G,W,E,Z - DRBG Internal State V value: G,W,E,Z - DRBG Key: G,W,E,Z - IPSec/IKE DH Private Key: G,W,E,Z - IPSec/IKE DH Public Key: G,W,E,Z - IPSec/IKE Peer DH Public Key: G,W,E,Z - IPSec/IKE DH Shared Secret: G,W,E,Z - IPSec/IKE ECDH Private Key: G,W,E,Z - IPSec/IKE ECDH Public Key: G,W,E,Z - IPSec/IKE Peer ECDH Public Key: G,W,E,Z - IPSec/IKE ECDH Shared Secret: G,W,E,Z - IPSec/IKE ECDSA Private Key: G,W,E,Z | |||
| n | Access | n | Functions | |||
| (Control Plane IKEv2) DRBG Function IPsec/IKEv 2 Keying Materials Developme nt | (Control Plane IKEv2) DRBG Function IPsec/IKEv 2 Keying Materials Developme nt | - IPSec/IKE ECDSA Public Key: G,W,E,Z - IPSec/IKE RSA Private Key: G,W,E,Z - IPSec/IKE RSA Public Key: G,W,E,Z - IPSec/IKE Pre-shared Secret: G,W,E,Z - IPSec/IKE SKEYSEE D: G,W,E,Z - IPSec/IKE Encryption Key: G,W,E,Z - IPSec/IKE Integrity Key: G,W,E,Z Network Admin (NA) - DRBG Entropy Input: G,W,E,Z - DRBG Seed: G,W,E,Z - DRBG Internal State V value: G,W,E,Z - DRBG Key: G,W,E,Z - IPSec/IKE DH Private Key: G,W,E,Z |
| Name | Csps Accessed | Descriptio | Security |
|---|---|---|---|
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Run SNMP Service | Run SNMP Service | Security Admin (SA) - SNMPv3 Authenticat ion Secret: G,W,E,Z - SNMPv3 Encryption Key: G,W,E,Z - SNMPv3 Integrity Key: G,W,E,Z Network Admin (NA) - SNMPv3 Authenticat ion Secret: G,W,E,Z - SNMPv3 Encryption Key: G,W,E,Z - SNMPv3 Integrity Key: G,W,E,Z Encryption Admin (EA) - SNMPv3 Authenticat ion Secret: G,W,E,Z - SNMPv3 Encryption Key: G,W,E,Z - SNMPv3 Integrity Key: G,W,E,Z Network Engineer (NE) - SNMPv3 Authenticat | Block Ciphers (SNMPv3) SNMPv3 Keying Materials Developme nt | Global approved mode indicator and SNMP service running status | Initiate SNMP service establishm ent request | SNMP service running status |
| Name | Csps Accessed | Descriptio | Security |
|---|---|---|---|
| n | Access | n | Functions |
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Run Data Plane Encrypiton Service | Run Data Plane Encrypiton Service | Security Admin (SA) - DRBG Entropy Input: G,W,E,Z - DRBG Seed: G,W,E,Z - DRBG Internal State V value: G,W,E,Z - DRBG Key: G,W,E,Z - Data Plane Encryption ECDH Private Key: G,W,E,Z - Data Plane Encryption ECDH Public Key: G,W,E,Z - Data Plane Encryption Peer ECDH Public Key: G,W,E,Z - Data Plane Encryption ECDH Shared Secret: G,W,E,Z | KAS-ECC- KeyGen (Data Plane IKEv2) KAS-ECC (Data Plane IKEv2) ECDSA KeyGen (Data Plane IKEv2) ECDSA SigGen (Data Plane IKEv2) ECDSA SigVer (Data Plane IKEv2) RSA KeyGen (Data Plane IKEv2) RSA SigGen (Data Plane IKEv2) RSA SigVer (Data Plane IKEv2) Block Cipher (Data Plane IKEv2) DRBG Function | Global approved mode indicator and Data Plane Encryptio n service completio n status log | Command to run OSPF service | Data Plane Encryptio n service running status |
n KAS-ECCKeyGen © 2021-2025 Nokia Corporation. G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z G,W,E,Z
| Name | Csps Accessed | Descriptio | Security |
|---|---|---|---|
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| n | Access | n | Functions |
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Run OSPF Service | Run OSPF Service | Security Admin (SA) - OSPFv2 Authenticat ion Key : W,E Network Admin (NA) - OSPFv2 Authenticat ion Key : W,E Encryption Admin (EA) - OSPFv2 Authenticat ion Key : W,E Network Engineer (NE) - OSPFv2 Authenticat ion Key : W,E Monitoring Access (MA) - OSPFv2 Authenticat ion Key : W,E Provisionin g (PR) - OSPFv2 Authenticat ion Key : W,E Turn-up and Test (TT) - OSPFv2 Authenticat ion Key : W,E | OSPFv2 Authenticati on | Global approved mode indicator and OSPF service completio n status log | Command to run OSPF Function | OSPF running status |
| Configure NTP Authenticati on | Configure NTP Authenticati on Scheme and Key | Security Admin (SA) - NTP Authenticat ion Key : G,W,Z | NTP Authenticati on | Global approved mode indicator and NTP service configurati on status | Command s to configure NTP service | Status of the completio n of NTP configurati on |
| Run LUKS Database Protection Service | Run LUKS database protection service | Security Admin (SA) - LUKS DB Password: W,E,Z - LUKS DB Salt : W,E,Z | LUKS Database Protection | Global approved mode indicator and LUKS service completio n status log | Command to run LUKS protection service | LUKS running status |
The module supports the firmware load test by using ECDSA with Curve P-521 and SHA2-512 (ECDSA Cert. #A4956) for the new validated firmware to be uploaded into the module. A Firmware Load Test Key was preloaded to the module’s binary at the factory and used for firmware load test. In order to load new firmware, the Crypto Officer must authenticate to the module before loading the firmware. This ensures that unauthorized access and use of the module is not performed. The module will load the new update upon reboot. The update attempt will be rejected if the verification fails. Any firmware loaded into this module that is not shown on the module certificate, is out of the scope of this validation and requires a separate FIPS 140-3 validation.
The module implements Self-initiated cryptographic output capability without external operator request. The Security Admin (SA) shall configure self-initiated cryptographic output capability. Prior to executing the self-initiated cryptographic output capability, the module conducts two © 2021-2025 Nokia Corporation.
| Mechanism | Inspection | Inspection Guidance | |
|---|---|---|---|
| Frequency | |||
| Tamper Evidence Labels (P/N 550- 0158-001 and P/N 550-0159-001) | 90 days | Tamper evidence labels should be checked for nicks and scratches that make the metal case visible through the nicked or scratched seal. Tamper Evidence Label (TEL) may show any of the following as evidence of tampering or removal: TEL is not preset in the positions prescribed (as shown above); TEL has been cut; TEL is not stuck |
independent internal actions to activate the capability to prevent the inadvertent output due to a single error.
The module supports unauthenticated service. The unauthenticated User/Operators can trigger the self-test service by power-cycling the module, and is able to observe the module’s LEDs status.
The module is provided in the form of binary executable code. To ensure firmware security, the module is protected by conducting multiple layers firmware integrity tests. Please refer to section 10.1 Pre-Operational Self-Tests of this Security Policy document for more details. If the firmware integrity test fails, the module would enter to an Error state with all crypto functionality inhibited.
Integrity test is performed as part of the Pre-Operational Self-Tests. It is automatically executed at power-on. The operator can power-cycle or reboot the module to initiate the firmware integrity test on-demand.
N/A for this module. Type of Operational Environment: Limited
| Mechanism | Inspection | Inspection Guidance | |
|---|---|---|---|
| Frequency | |||
| down well, or is loose; Self-destruction of the TEL (broken bits or shreds) present as from an attempt of removal; Tracking numbers do not match those recorded. | |||
| Production grade components | N/A | N/A |
N/A N/A Table 13: Mechanisms and Actions Required Appling Tamper Evidence Labels The tamper evident labels shall be installed on the security devices containing the module prior to operating in Approved mode. TELs shall be applied as depicted in the figures below. Any unused TELs must be securely stored, accounted for, and maintained by the Security Admin (SA) in a protected location. Should the Security Admin (SA) have to remove, change or replace TELs for any reason, the Security Admin (SA) must examine the location from which the TEL was removed and ensure that no residual debris is still remaining on the chassis or card. If residual debris remains, the CO must remove the debris using a damp cloth. Any deviation of the TELs placement by unauthorized operators such as tearing, misconfiguration, removal, change, replacement or any other change in the TELs from its original configuration as depicted below shall mean the module is no longer in Approved mode of operation. Returning the system back to Approved mode of operation requires the replacement of the TELs as depicted below and any additional requirement per the site security policy which are out of scope of this Security Policy. The Security Admin (SA)checks the integrity of the label by following the guidance listed above. In case of notification of tamper evidence, the Security Admin (SA) shall not power on this module and shall contact Infinera Support team. The picture below shows the physical interface side of the module’s enclosure with tamperevident labels.
Number: Twenty-one (21) Small Tamper Evident Labels (P/N 550-0158-001) and Two (2) Large Tamper Evident Labels (P/N 550-0159-001). Placement: © 2021-2025 Nokia Corporation.
Figure 6: TELs on top of chassis Figure 7: TELs on rear of chassis © 2021-2025 Nokia Corporation.
Figure 8: TELs on front of chassis - IOP card (slot
Figure 11: TELs on front of chassis - CHM6 card (slot 4) Figure 12: TELs on front of chassis - CHM6 card (slot 4) and Blank card (slot 6) © 2021-2025 Nokia Corporation.
Figure 13: TELs on front of chassis - CHM6 card (slot 5) Figure 14: TELs on front of chassis - CHM6 card (slot 5) and Blank card (slot 7) © 2021-2025 Nokia Corporation.
Figure 15: TELs on front of chassis - CHM6 card (slot 4 and slot 5) and Blank card (slot 6 and slot 7) Surface Preparation: Clean the chassis of any grease, dirt, or oil before applying the tamper evident labels. Alcohol-based cleaning pads are recommended for this purpose. Operator Responsible for Securing Unused Seals: Must be stored in a secure location under controlled access
The module uses the filler panels with Hardware number: GX-BLANK while in the approved mode.
N/A for this module. © 2021-2025 Nokia Corporation.
| Name | Type | Description |
|---|---|---|
| DRAM | Dynamic | Volatile memory |
| Flash | Static | Non-Volatile memory |
| Name | Approved Functions | Type | From | To | ||
|---|---|---|---|---|---|---|
| Module Public Key Output | Plaintext | Module | External (Outside the Module's Boundary) | Automated | Electronic | |
| Peer Public Key Input | Plaintext | External (Outside the Module's Boundary) | Module | Automated | Electronic | |
| SSPs Input/Output protected by TLS KTS (GCM) | TLS KTS (GCM) | Encrypted | External (Outside the Module's Boundary) | Module | Automated | Electronic |
| SSPs Input/Output protected by TLS KTS (AES and HMAC) | TLS KTS (AES and HMAC) | Encrypted | External (Outside the Module's Boundary) | Module | Automated | Electronic |
| SSPs Input/Output protected by SSH KTS (GCM) | SSH KTS (GCM) | Encrypted | External (Outside the Module's Boundary) | Module | Automated | Electronic |
| SSPs Input/Output protected by SSH KTS (AES and HMAC) | SSH KTS (AES and HMAC) | Encrypted | External (Outside the Module's Boundary) | Module | Automated | Electronic |
Table 15: SSP Input-Output Methods © 2021-2025 Nokia Corporation.
| Name | Type | Description | Strength | Generation | Storage | Zeroization | Use | Module Reboot |
|---|---|---|---|---|---|---|---|---|
| Zeroization upon session termination | Session termination will automatically zeroize all session based temporary SSPs | Session termination | Terminate session | |||||
| Zeroization upon rebooting the module | Reboot to zeroize all temporary SSPs stored in Module's DRAM | Reboot | Reboot | |||||
| DRBG Entropy Input | Entropy Inputs - CSP | Used to seed the DRBG | 384 bits - At least 256 bits | DRBG Function | ||||
| DRBG Seed | DRBG Seed - CSP | Used for DRBG generation | 256 bits - 256 bits | DRBG Function | ||||
| DRBG Internal State V value | DRBG Internal State V value - CSP | Used for DRBG generation | 256 bits - 256 bits | DRBG Function | ||||
| DRBG Key | DRBG Key - CSP | Used for DRBG generation | 256 bits - 256 bits | DRBG Function | ||||
| Operator Password | Authenticati on Data - CSP | Used for operator authenticati on | 8-30 characte rs - N/A | |||||
| LUKS DB Password | HMAC key - CSP | Used for LUKS DB Integrity Key derivation | 512 bits - 512 bits | DRBG Function | LUKS Database Protection | |||
| LUKS DB Salt | Salt - CSP | Used for LUKS DB Integrity | 256 bits - 256 bits | DRBG Function | LUKS Database Protection |
| Name | Type | Description | Strength | Generation | Establishment | Storage | Zeroization | Use | Module Reboot | Size - Strengt h |
|---|---|---|---|---|---|---|---|---|---|---|
| Zeroization upon session termination | Session termination will automatically zeroize all session based temporary SSPs | Session termination | Terminate session | |||||||
| Zeroization upon rebooting the module | Reboot to zeroize all temporary SSPs stored in Module's DRAM | Reboot | Reboot | |||||||
| DRBG Entropy Input | Entropy Inputs - CSP | Used to seed the DRBG | 384 bits - At least 256 bits | DRBG Function | ||||||
| DRBG Seed | DRBG Seed - CSP | Used for DRBG generation | 256 bits - 256 bits | DRBG Function | ||||||
| DRBG Internal State V value | DRBG Internal State V value - CSP | Used for DRBG generation | 256 bits - 256 bits | DRBG Function | ||||||
| DRBG Key | DRBG Key - CSP | Used for DRBG generation | 256 bits - 256 bits | DRBG Function | ||||||
| Operator Password | Authenticati on Data - CSP | Used for operator authenticati on | 8-30 characte rs - N/A | |||||||
| LUKS DB Password | HMAC key - CSP | Used for LUKS DB Integrity Key derivation | 512 bits - 512 bits | DRBG Function | LUKS Database Protection | |||||
| LUKS DB Salt | Salt - CSP | Used for LUKS DB Integrity | 256 bits - 256 bits | DRBG Function | LUKS Database Protection | |||||
| LUKS DB Integrity Key | Authenticati on - CSP | Used for LUKS Database integrity protection | 512 bits - 512 bits | PBKDF (A4958) | LUKS Database Protection | |||||
| Firmware Load Test Key | Public Key - PSP | Used for firmware load test | P-521 - 256 bits | Firmware Load Test | ||||||
| SSH DH Private Key | Private Key - CSP | Used to derive SSH DH Shared Secret | MODP- 2048, MODP- 4096, and MODP- 8192 - 112-200 bits | KAS- FFC- KeyGen (SSH, TLS and Control Plane IKEv2) | KAS-FFC- KeyGen (SSH, TLS and Control Plane IKEv2) | |||||
| SSH DH Public Key | Public Key - PSP | Used to derive SSH DH Shared Secret | MODP- 2048, MODP- 4096, and MODP- 8192 - 112-200 bits | KAS-FFC- KeyGen (SSH, TLS and Control Plane IKEv2) | ||||||
| SSH Peer DH Public Key | Public Key - PSP | Used to derive SSH DH Shared Secret | MODP- 2048, MODP- 4096, and MODP- 8192 - N/A | KAS-FFC- KeyGen (SSH, TLS and Control Plane IKEv2) | ||||||
| SSH DH Shared Secret | Shared Secret - CSP | Used to derive SSH Encryption Key and SSH Integrity Key | MODP- 2048, MODP- 4096, and MODP- 8192 - 112-200 bits | KAS-FFC (SSHv2) | KAS-FFC (SSHv2) | |||||
| SSH ECDH Private Key | Private Key - CSP | Used to derive SSH | P-256, P-384, | KAS- ECC- | KAS-ECC- KeyGen | |||||
| ECDH Shared Secret | ECDH Shared Secret | P-521 - 128-256 bits | KeyGen (SSH, TLS and Control Plane IKEv2) | (SSH, TLS and Control Plane IKEv2) | ||||||
| SSH ECDH Public Key | Public Key - PSP | Used to derive SSH ECDH Shared Secret | P-256, P-384, P-521 - 128-256 bits | KAS-ECC- KeyGen (SSH, TLS and Control Plane IKEv2) | ||||||
| SSH Peer ECDH Public Key | Public Key - PSP | Used to derive SSH ECDH Shared Secret | P-256, P-384, P-521 - N/A | KAS-ECC- KeyGen (SSH, TLS and Control Plane IKEv2) | ||||||
| SSH ECDH Shared Secret | Shared Secret - CSP | Used to derive SSH Encryption Key and SSH Integrity Key | P-256, P-384, P-521 - 128-256 bits | KAS-ECC (SSHv2) | KAS-ECC (SSHv2) | |||||
| SSH ECDSA Private Key | Private Key - CSP | Used for SSH authenticati on | P-256, P-384 and P- 521 - 128-256 bits | ECDSA KeyGen (SSH, TLS and Control Plane IKEv2) | ECDSA SigGen (SSH, TLS and Control Plane IKEv2) | |||||
| SSH ECDSA Public Key | Public Key - PSP | Used for SSH authetnicati on | P-256, P-384 and P- 521 - 128-256 bits | ECDSA KeyGen (SSH, TLS and Control Plane IKEv2) | ECDSA SigVer (SSH, TLS and Control Plane IKEv2) | |||||
| SSH RSA Private Key | Private Key - CSP | Used for SSH authetnicati on | 2048, 3072 and 4096 bits - 112 -152 bits | RSA KeyGen (SSH, TLS and Control Plane IKEv2) | RSA SigGen (SSH, TLS and Control Plane IKEv2) | |||||
| SSH RSA Public Key | Public Key - PSP | Used for SSH | 2048, 3072 | RSA KeyGen | RSA SigVer (SSH, TLS | |||||
| authetnicati on | authetnicati on | and 4096 bits - 112 -152 bits | (SSH, TLS and Control Plane IKEv2) | and Control Plane IKEv2) | ||||||
| SSH Encryption Key | Symmetric Key - CSP | Used for SSH traffic protection | 128-256 bits - 128-256 bits | KAS-ECC (SSHv2) KAS-FFC (SSHv2) | Block Ciphers (SSHv2) | |||||
| SSH Integrity Key | Authenticati on Key - CSP | Used for SSH traffic integrity protection | at least 112 bits - at least 112 bits | KAS-ECC (SSHv2) KAS-FFC (SSHv2) | Block Ciphers (SSHv2) | |||||
| TLS DH Private Key | Private Key - CSP | Used to drive TLS DH Shared Secret | ffdhe204 8 - 112 bits | KAS- FFC- KeyGen (SSH, TLS and Control Plane IKEv2) | KAS-FFC- KeyGen (SSH, TLS and Control Plane IKEv2) | |||||
| TLS DH Public Key | Public Key - PSP | Used to drive TLS DH Shared Secret | ffdhe204 8 - 112 bits | KAS-FFC- KeyGen (SSH, TLS and Control Plane IKEv2) | ||||||
| TLS Peer DH Public Key | Public Key - PSP | Used to derive TLS DH Shared Secret | ffdhe204 8 - 112 bits | KAS-FFC- KeyGen (SSH, TLS and Control Plane IKEv2) | ||||||
| TLS DH Shared Secret | Shared Secret - CSP | Used to derive TLS encryption Key and TLS Integrity Key | ffdhe204 8 - 112 bits | KAS-FFC (TLSv1.2/v1 .3) | KAS-FFC (TLSv1.2/v1 .3) | |||||
| TLS ECDH Private Key | Private Key - CSP | Used to drive TLS ECDH Shared Secret | P-256, P-384 and P- 521 - 128-256 bits | KAS- ECC- KeyGen (SSH, TLS and Control | KAS-ECC- KeyGen (SSH, TLS and Control Plane IKEv2) | |||||
| TLS ECDH Public Key | Public Key - PSP | Used to drive TLS ECDH Shared Secret | P-256, P-384 and P- 521 - 128-256 bits | KAS-ECC- KeyGen (SSH, TLS and Control Plane IKEv2) | ||||||
| TLS Peer ECDH Public Key | Public Key - PSP | Used to derive TLS ECDH Shared Secret | P-256, P-384 and P- 521 - N/A | KAS-ECC- KeyGen (SSH, TLS and Control Plane IKEv2) | ||||||
| TLS ECDH Shared Secret | Shared Secret - CSP | Used to derive TLS Encryption Key and TLS Integrity Key | P-256, P-384 and P- 521 - 128-256 bits | KAS-ECC (TLSv1.2/v1 .3) | KAS-ECC (TLSv1.2/v1 .3) | |||||
| TLS ECDSA Private Key | Private Key - CSP | Used for TLS authenticati on | P-256, P-384 and P- 521 - 128-256 bits | ECDSA KeyGen (SSH, TLS and Control Plane IKEv2) | ECDSA SigGen (SSH, TLS and Control Plane IKEv2) | |||||
| TLS ECDSA Public Key | Public Key - PSP | Used for TLS authenticati on | P-256, P-384 and P- 521 - 128-256 bits | ECDSA KeyGen (SSH, TLS and Control Plane IKEv2) | ECDSA SigVer (SSH, TLS and Control Plane IKEv2) | |||||
| TLS RSA Private Key | Private Key - CSP | Used for TLS authenticati on | 2048 bits - 112 bits | RSA KeyGen (SSH, TLS and Control Plane IKEv2) | RSA SigGen (SSH, TLS and Control Plane IKEv2) | |||||
| TLS RSA Public Key | Public Key - PSP | Used for TLS peer authenticati on | 2048 bits - 112 bits | RSA KeyGen (SSH, TLS and Control Plane IKEv2) | RSA SigVer (SSH, TLS and Control Plane IKEv2) | |||||
| TLS Master Secret | TLS Master Secret - CSP | Used to derive TLS Encryption Key and TLS Integrity Key | 384 bits - 384 bits | TLS Keying Materials Developme nt | TLS Keying Materials Developme nt | |||||
| TLS Encryption Key | Encryption Key - CSP | Used to protect TLS traffic confidentiali ty. | 128-256 bits - 128-256 bits | KAS-ECC (TLSv1.2/v1 .3) KAS-FFC (TLSv1.2/v1 .3) | Block Ciphers (TLSv1.2/v1 .3) | |||||
| TLS Integrity Key | Authenticati on Key - CSP | Used to protect traffic confidentiali ty. | at least 112 bits - at least 112 bits | KAS-ECC (TLSv1.2/v1 .3) KAS-FFC (TLSv1.2/v1 .3) | Block Ciphers (TLSv1.2/v1 .3) | |||||
| IPSec/IKE DH Private Key | Private Key - CSP | Used for IPsec/IKE DH Shared Secret derivation | MODP- 2048, MODP- 3072, MODP- 4096, MODP- 6144 and MODP- 8192 - 112-200 bits | KAS- FFC- KeyGen (SSH, TLS and Control Plane IKEv2) | KAS-FFC- SSC Sp800- 56Ar3 (A4958) | |||||
| IPSec/IKE DH Public Key | Public Key - PSP | Used for IPsec/IKE DH Shared Secret derivation | MODP- 2048, MODP- 3072, MODP- 4096, MODP- 6144 and MODP- 8192 - 112-200 bits | KAS-FFC- KeyGen (SSH, TLS and Control Plane IKEv2) | ||||||
| IPSec/IKE Peer DH Public Key | Public Key - PSP | Used for IPsec/IKE DH Shared Secret derivation | MODP- 2048, MODP- 3072, MODP- 4096, MODP- 6144 and MODP- 8192 - N/A | KAS-FFC- KeyGen (SSH, TLS and Control Plane IKEv2) | ||||||
| IPSec/IKE DH Shared Secret | Shared Secret - CSP | Used for IPSec/IKE Encryption Key and IPSec/IKE Integrity key derivation | MODP- 2048, MODP- 3072, MODP- 4096, MODP- 6144 and MODP- 8192 - 112-200 bits | KAS-FFC- KeyGen (SSH, TLS and Control Plane IKEv2) | KAS-FFC (Control Plane IKEv2) | |||||
| IPSec/IKE ECDH Private Key | Private Key - CSP | Used for IPSec/IKE ECDH Shared Secret derivation | P-256, P-384 and P- 521 - 128-256 bits | KAS- ECC- KeyGen (SSH, TLS and Control Plane IKEv2) | KAS-ECC (Control Plane IKEv2) | |||||
| IPSec/IKE ECDH Public Key | Public Key - PSP | Used for IPSec/IKE ECDH Shared Secret derivation | P-256, P-384 and P- 521 - 128-256 bits | KAS-ECC- KeyGen (SSH, TLS and Control Plane IKEv2) | ||||||
| IPSec/IKE Peer ECDH Public Key | Public Key - PSP | Used for IPSec/IKE ECDH Shared Secret derivation | P-256, P-384 and P- 521 - 128-256 bits | KAS-ECC (Control Plane IKEv2) | ||||||
| IPSec/IKE ECDH Shared Secret | Shared Secret - CSP | Used for IPSec/IKE Encryption Key and IPSec/IKE Integrity Key derivation | P-256, P-384 and P- 521 - 128-256 bits | KAS-ECC (Control Plane IKEv2) | KAS-ECC (Control Plane IKEv2) | |||||
| IPSec/IKE ECDSA Private Key | Private Key - CSP | Used for IPSec/IKE peer authenticati on | P-256, P-384 and P- 521 - 128-256 bits | ECDSA SigGen (SSH, TLS and Control Plane IKEv2) | ECDSA SigGen (SSH, TLS and Control Plane IKEv2) | |||||
| IPSec/IKE ECDSA Public Key | Public Key - PSP | Used for IPSec/IKE peer authenticati on | P-256, P-384 and P- 521 - 128-256 bits | ECDSA KeyGen (SSH, TLS and Control Plane IKEv2) | ECDSA SigVer (SSH, TLS and Control Plane IKEv2) | |||||
| IPSec/IKE RSA Private Key | Private Key - CSP | Used for IPSec/IKE peer authenticati on | 2048, 3072 and 4096 bits - 112-152 bits | RSA KeyGen (SSH, TLS and Control Plane IKEv2) | RSA SigGen (SSH, TLS and Control Plane IKEv2) | |||||
| IPSec/IKE RSA Public Key | Public Key - PSP | Used for IPSec/IKE peer authenticati on | 2048, 3072 and 4096 bits - 112-152 bits | RSA KeyGen (SSH, TLS and Control Plane IKEv2) | RSA SigVer (SSH, TLS and Control Plane IKEv2) | |||||
| IPSec/IKE Pre-shared Secret | Shared Secret - CSP | Used for IPSec/IKE peer authenticati on | 256 bits - N/A | IPsec/IKEv2 Keying Materials Developme nt | ||||||
| IPSec/IKE SKEYSEED | Keying Material - CSP | Keying material used to derive the IPSec/IKE Encryption Key and | 160 bits - N/A | IPsec/IKEv2 Keying Materials Developme nt | ||||||
| IPSec/IKE Encryption Key | Encryption Key - CSP | Used for IPSec/IKE traffic confidentiali ty protection | 128-256 bits - 128-256 bits | IPsec/IKEv2 Keying Materials Developme nt | Block Ciphers (Control Plane IKEv2) | |||||
| IPSec/IKE Integrity Key | Authenticati on Key - CSP | Used for IPSec/IKE traffic integrity protection | At least 112 bits - At least 112 bits | Block Ciphers (Control Plane IKEv2) | Block Ciphers (Control Plane IKEv2) | |||||
| SNMPv3 Authenticati on Secret | Authenticati on Secret - CSP | Used to SNMPv3 authenticati on | 64 characte rs - N/A | SNMPv3 Keying Materials Developme nt | ||||||
| SNMPv3 Encryption Key | Symmetric Key - CSP | Used to secure SNMPv3 traffic confidentiali ty | 128-256 bits - 128-256 bits | SNMPv3 Keying Materials Developme nt | Block Ciphers (SNMPv3) | |||||
| SNMPv3 Integrity Key | Authenticati on Key - CSP | Used to secure SNMPv3 traffic integrity | At least 112 bits - At least 112 bits | SNMPv3 Keying Materials Developme nt | Block Ciphers (SNMPv3) | |||||
| Data Plane Encryption ECDH Private Key | Private Key - CSP | Used to derive Data Plane Encryption ECDH Shared Secret | P-521 - 256 bits | KAS- ECC- KeyGen (Data Plane IKEv2) | KAS-ECC (Data Plane IKEv2) | |||||
| Data Plane Encryption ECDH Public Key | Public Key - PSP | Used to derive Data Plane Encryption ECDH Shared Secret | P-521 - 256 bits | KAS-ECC- KeyGen (Data Plane IKEv2) | ||||||
| Data Plane Encryption ECDH | Shared Secret - CSP | Used to derive Data Plane | P-521 - 256 bits | KAS-ECC (Data Plane IKEv2) | KAS-ECC (Data Plane IKEv2) | |||||
| Shared Secret | Encryption IKE-SA Session Key and Data Plane Encryption Child-SA Session Key | |||||||||
| Data Plane Encryption Peer ECDH Public Key | Public Key - PSP | Used to derive Data Plane Encryption ECDH Shared Secret | P-521 - 256 bits | KAS-ECC (Data Plane IKEv2) | ||||||
| Data Plane Encryption ECDSA Private Key | Private Key - CSP | Used for Data Plane Encryption authenticati on | P-256, P-384 and P- 521 - 128-256 bits | ECDSA KeyGen (Data Plane IKEv2) | ECDSA SigGen (Data Plane IKEv2) | |||||
| Data Plane Encryption ECDSA Public Key | Public Key - PSP | Used for Data Plane Encryption authenticati on | P-256, P-384 and P- 521 - 128-256 bits | ECDSA KeyGen (Data Plane IKEv2) | ECDSA SigVer (Data Plane IKEv2) | |||||
| Data Plane Encryption RSA Private Key | Private Key - CSP | Used for Data Plane Encryption authenticati on | 2048, 3072 and 4096 bits - 112- 152 bits | RSA KeyGen (Data Plane IKEv2) | RSA SigGen (Data Plane IKEv2) | |||||
| Data Plane Encryption RSA Public Key | Public Key - PSP | Used for Data Plane Encryption authenticati on | 2048, 3072 and 4096 bits - 112- 152 bits | RSA KeyGen (Data Plane IKEv2) | RSA SigVer (Data Plane IKEv2) | |||||
| Data Plane Encryption Pre-shared Secret | Shared Secret - CSP | Used for Data Plane Encryption service | Curves: P-256, P-384, P-521 - | KAS-ECC (Data Plane IKEv2) | ||||||
| authenticati on | authenticati on | 128-256 bits | ||||||||
| Data Plane Encryption IKE-SA Session Key | Authenticat ed Symmetric Key - CSP | Used to secure Data Plane Encryption traffic confidentiali ty | 256 bits - 256 bits | KAS-ECC (Data Plane IKEv2) | Block Cipher (Data Plane IKEv2) | |||||
| Data Plane Encryption Child-SA Session Key | Authenticat ed Symmetric Key - CSP | Used to secure Data Plane Encryption Child-SA traffic confidentiali ty | 256 bits - 256 bits | KAS-ECC (Data Plane IKEv2) | Block Cipher (Data Plane IKEv2) | |||||
| NTP Authenticati on Key | Authenticati on - CSP | Used for NTP authenticati on | 8-40 characte rs - N/A | NTP Authenticati on | ||||||
| OSPFv2 Authenticati on Key | Authenticati on - CSP | Used for OSPFv2 authenticati on | 8-25 characte rs - N/A | OSPFv2 Authenticati on | ||||||
| DRBG Entropy Input | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | DRBG Seed:Used With DRBG Internal State V value:Used With DRBG Key:Used With | Until Reboot | ||||||
| DRBG Seed | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | DRBG Entropy Input:Used With DRBG Internal State V value:Used With DRBG Key:Used With | Until Reboot | ||||||
| DRBG Internal State V value | DRAM:Plaintext | Zeroizatio n command Session | DRBG Entropy Input:Used With DRBG Seed:Used With | Until Reboot |
Table 16: SSP Zeroization Methods Please note that the Firmware Load Test Key is only used for Firmware Load Test Authentication and not subject to the zeroization requirement. n © 2021-2025 Nokia Corporation. h
n © 2021-2025 Nokia Corporation. h MODP2048, MODP4096, MODP2048, MODP4096, MODP2048, MODP4096, MODP8192 N/A MODP2048, MODP4096, KASFFCKeyGen KAS-FFCKeyGen KAS-FFCKeyGen KAS-FFCKeyGen KASECCKAS-ECCKeyGen
h n © 2021-2025 Nokia Corporation. KAS-ECCKeyGen KAS-ECCKeyGen
n h © 2021-2025 Nokia Corporation. KASFFCKeyGen KAS-FFCKeyGen .3) KASECCKeyGen KAS-FFCKeyGen KAS-FFCKeyGen .3) KAS-ECCKeyGen
n h and P521 N/A © 2021-2025 Nokia Corporation. KAS-ECCKeyGen .3) KAS-ECCKeyGen .3)
n h .3) .3) .3) .3) .3) MODP2048, MODP3072, MODP4096, MODP6144 MODP2048, MODP3072, MODP4096, MODP6144 © 2021-2025 Nokia Corporation. KASFFCKeyGen KAS-FFCKeyGen .3) KAS-FFCSSC Sp80056Ar3
n h MODP2048, MODP3072, MODP4096, MODP6144 MODP8192 N/A MODP2048, MODP3072, MODP4096, MODP6144 © 2021-2025 Nokia Corporation. KAS-FFCKeyGen KAS-FFCKeyGen KASECCKeyGen KAS-ECCKeyGen
n © 2021-2025 Nokia Corporation. h KAS-ECCKeyGen KASECCKeyGen
n h Table 17: SSP Table 1 © 2021-2025 Nokia Corporation. n n n n n n
| Name | Storage | Zeroization | Use | ||
|---|---|---|---|---|---|
| DRBG Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | DRBG Entropy Input:Used With DRBG Seed:Used With DRBG Internal State V value:Used With | Until Reboot | |
| Operator Password | Flash:Obfuscat ed | Zeroizatio n command | Until zeroized | SSPs Input/Outp ut protected by TLS KTS (GCM) SSPs Input/Outp ut protected by TLS KTS (AES and HMAC) SSPs Input/Outp ut protected by SSH KTS (GCM) SSPs Input/Outp ut protected by SSH KTS (AES and HMAC) | |
| LUKS DB Password | Flash:Plaintext | Zeroizatio n command | LUKS DB Salt :Used With | Until zeroized | |
| LUKS DB Salt | Flash:Plaintext | Zeroizatio n command | LUKS DB Password:Used With | Until zeroized | |
| LUKS DB Integrity Key | Flash:Plaintext | Zeroizatio n command | LUKS DB Password:Derived From LUKS DB Salt :Derived From | Until zeroized | |
| Firmware Load Test Key | Flash:Plaintext | N/A | N/A. This PSP is only used for Firmware Load Test, which is not subject to the zeroization requirement s. | ||
| SSH DH Private Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | SSH DH Public Key:Paired With | while SSH session is on | |
| SSH DH Public Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | SSH DH Private Key:Paired With | while SSH session is on | Module Public Key Output |
| SSH Peer DH Public Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | SSH DH Private Key:Used With | while SSH session is on | Peer Public Key Input |
| SSH DH Shared Secret | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | SSH Encryption Key:Derived To SSH Integrity Key:Derived To SSH DH Private Key:Derived From SSH Peer DH Public Key:Derived From | while SSH session is on | |
| SSH ECDH Private Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | SSH ECDH Public Key:Paired With | while SSH session is on | |
| SSH ECDH Public Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | SSH ECDH Private Key:Paired With | while SSH session is on | Module Public Key Output |
| SSH Peer ECDH Public Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | SSH ECDH Private Key:Used With | while SSH session is on | Peer Public Key Input |
| SSH ECDH Shared Secret | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | SSH ECDH Private Key:Derived From SSH Peer ECDH Public Key:Derived From SSH Encryption Key:Derive To SSH Integrity Key:Derive To | while SSH session is on | |
| SSH ECDSA Private Key | Flash:Plaintext | Zeroizatio n command | SSH ECDSA Public Key:Paired With | Until zeroized | |
| SSH ECDSA Public Key | Flash:Plaintext | Zeroizatio n command | SSH ECDSA Private Key:Paired With | Until zeroized | SSPs Input/Outp ut protected by TLS KTS (GCM) SSPs Input/Outp ut protected by TLS KTS (AES and |
| SSH RSA Private Key | Flash:Plaintext | Zeroizatio n command | SSH RSA Public Key:Paired With | Until zeroized | |
| SSH RSA Public Key | Flash:Plaintext | Zeroizatio n command | SSH RSA Private Key:Paired With | Until zeroized | SSPs Input/Outp ut protected by TLS KTS (GCM) SSPs Input/Outp ut protected by TLS KTS (AES and HMAC) SSPs Input/Outp ut protected by SSH KTS (GCM) SSPs Input/Outp ut protected by SSH KTS (AES and HMAC) |
| SSH Encryption Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | SSH Integrity Key:Used With | while SSH session is on | |
| SSH Integrity Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | SSH Encryption Key:Used With | while SSH session is on | |
| TLS DH Private Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | TLS DH Public Key:Paired With | while TLS session is on | |
| TLS DH Public Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | TLS DH Private Key:Paired With | while TLS tunnel is on | Module Public Key Output |
| TLS Peer DH Public Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | TLS DH Private Key:Used With TLS DH Shared Secret:Derived To | while TLS tunnel is on | Peer Public Key Input |
| TLS DH Shared Secret | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | TLS DH Private Key:Derived From TLS Peer DH Public Key:Derived From | while TLS tunnel is on | |
| TLS ECDH Private Key | DRAM:Plaintext | Zeroizatio n command Session terminatio | TLS ECDH Public Key:Paired With | while TLS tunnel is on | |
| TLS ECDH Public Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | TLS ECDH Private Key:Paired With | while TLS tunnel is on | Module Public Key Output |
| TLS Peer ECDH Public Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | TLS ECDH Private Key:Used With | while TLS tunnel is on | Peer Public Key Input |
| TLS ECDH Shared Secret | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | TLS ECDH Private Key:Derived From TLS Peer ECDH Public Key:Derived From | while TLS tunnel is on | |
| TLS ECDSA Private Key | Flash:Plaintext | Zeroizatio n command | TLS ECDSA Public Key:Paired With | Until zeroized | |
| TLS ECDSA Public Key | Flash:Plaintext | Zeroizatio n command | TLS ECDSA Private Key:Paired With | Until zeroized | SSPs Input/Outp ut protected by TLS KTS (GCM) SSPs Input/Outp ut protected by TLS KTS (AES and HMAC) SSPs Input/Outp ut protected by SSH KTS (GCM) |
| TLS RSA Private Key | Flash:Plaintext | Zeroizatio n command | TLS RSA Public Key:Paired With | Until zeroized | |
| TLS RSA Public Key | Flash:Plaintext | Zeroizatio n command | TLS RSA Private Key:Paired With | Until zeroized | SSPs Input/Outp ut protected by TLS KTS (GCM) SSPs Input/Outp ut protected by TLS KTS (AES and HMAC) SSPs Input/Outp ut protected by SSH KTS (GCM) SSPs Input/Outp ut protected by SSH KTS (AES and HMAC) |
| TLS Master Secret | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | TLS DH Shared Secret:Derived From | while TLS session is on | |
| TLS Encryption Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | TLS Integrity Key:Used With | while TLS session is on | |
| TLS Integrity Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | TLS Encryption Key:Used With | while TLS session is on | |
| IPSec/IKE DH Private Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | IPSec/IKE DH Public Key:Paired With | while Control Panel IPSec/IKE session is on | |
| IPSec/IKE DH Public Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | IPSec/IKE DH Private Key:Paired With | while Control Panel IPSec/IKE session is on | Module Public Key Output |
| IPSec/IKE Peer DH Public Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | IPSec/IKE DH Private Key:Used With | while Control Panel IPSec/IKE session is on | Peer Public Key Input |
| IPSec/IKE DH Shared Secret | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | IPSec/IKE SKEYSEED:Deriv e TO | while Control Panel IPSec/IKE session is on | |
| IPSec/IKE ECDH Private Key | DRAM:Plaintext | Zeroizatio n command Session terminatio | IPSec/IKE ECDH Public Key:Paired With | while Control Panel IPSec/IKE session is on | |
| IPSec/IKE ECDH Public Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | IPSec/IKE ECDH Private Key:Paired With | while Control Panel IPSec/IKE session is on | Module Public Key Output |
| IPSec/IKE Peer ECDH Public Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | IPSec/IKE ECDH Private Key:Used With | while Control Panel IPSec/IKE session is on | Peer Public Key Input |
| IPSec/IKE ECDH Shared Secret | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | IPSec/IKE SKEYSEED:Deriv e To | while Control Panel IPSec/IKE session is on | |
| IPSec/IKE ECDSA Private Key | Flash:Plaintext | Zeroizatio n command | IPSec/IKE ECDSA Public Key:Paired With | Until zeroized | |
| IPSec/IKE ECDSA Public Key | Flash:Plaintext | Zeroizatio n command | IPSec/IKE ECDSA Private Key:Paired With | Until zeroized | SSPs Input/Outp ut protected by TLS KTS (GCM) SSPs Input/Outp ut protected by TLS KTS (AES and HMAC) SSPs Input/Outp ut protected by SSH KTS (GCM) |
| IPSec/IKE RSA Private Key | Flash:Plaintext | Zeroizatio n command | IPSec/IKE RSA Public Key:Paired With | Until zeroized | |
| IPSec/IKE RSA Public Key | Flash:Plaintext | Zeroizatio n command | IPSec/IKE RSA Private Key:Paired With | Until zeroized | SSPs Input/Outp ut protected by TLS KTS (GCM) SSPs Input/Outp ut protected by TLS KTS (AES and HMAC) SSPs Input/Outp ut protected by SSH KTS (GCM) SSPs Input/Outp ut protected by SSH KTS (AES and HMAC) |
| IPSec/IKE Pre-shared Secret | Flash:Plaintext | Zeroizatio n command | IPSec/IKE SKEYSEED:Deriv ed To | Until zeroized | SSPs Input/Outp ut protected by TLS KTS (GCM) |
| IPSec/IKE SKEYSEED | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | TLS ECDH Shared Secret:Derived From IPSec/IKE DH Shared Secret:Derived From | while Control Panel IPSec/IKE session is on | |
| IPSec/IKE Encryption Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | IPSec/IKE SKEYSEED:Deriv ed From | while Control Panel IPSec/IKE session is on | |
| IPSec/IKE Integrity Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | IPSec/IKE SKEYSEED:Deriv ed From | while Control Panel IPSec/IKE session is on | |
| SNMPv3 Authenticati on Secret | Flash:Plaintext | Zeroizatio n command | Until zeroized | SSPs Input/Outp ut | |
| SNMPv3 Encryption Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | SNMPv3 Authentication Secret:Derived From SNMPv3 Integrity Key:Used With | while SNMPv3 session is on | |
| SNMPv3 Integrity Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | SNMPv3 Authentication Secret:Derived From SNMPv3 Encryption Key:Used With | while SNMPv3 session is on | |
| Data Plane Encryption ECDH Private Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | Data Plane Encryption ECDH Public Key:Paired With | while Data Plane Encryption session is on | |
| Data Plane Encryption ECDH Public Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | IPSec/IKE ECDH Private Key:Paired With | while Data Plane Encryption session is on | Module Public Key Output |
| Data Plane Encryption ECDH Shared Secret | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | Data Plane Encryption ECDH Private Key:Derived From Data Plane Encryption Peer ECDH Public Key:Derived From Data Plane Encryption IKE-SA Session Key:Derived To Data Plane Encryption Child- SA Session Key :Derived To | while Data Plane Encryption session is on | |
| Data Plane Encryption Peer ECDH Public Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | Data Plane Encryption ECDH Private Key:Used With | while Data Plane Encryption session is on | Peer Public Key Input |
| Data Plane Encryption ECDSA Private Key | Flash:Plaintext | Zeroizatio n command | Data Plane Encryption ECDSA Private Key:Paired With | Until zeroized | |
| Data Plane Encryption ECDSA Public Key | Flash:Plaintext | Zeroizatio n command | Data Plane Encryption ECDSA Private Key:Paired With | Until zeroized | SSPs Input/Outp ut protected by TLS KTS (GCM) SSPs Input/Outp ut protected by TLS KTS (AES and |
| Data Plane Encryption RSA Private Key | Flash:Plaintext | Zeroizatio n command | Data Plane Encryption RSA Public Key:Paired With | Until zeroized | |
| Data Plane Encryption RSA Public Key | Flash:Plaintext | Zeroizatio n command | Data Plane Encryption RSA Private Key:Paired With | Until zeroized | SSPs Input/Outp ut protected by TLS KTS (GCM) SSPs Input/Outp ut protected by TLS KTS (AES and HMAC) SSPs Input/Outp ut protected by SSH KTS (GCM) SSPs Input/Outp ut protected by SSH KTS (AES |
| Data Plane Encryption Pre-shared Secret | Flash:Obfuscat ed | Zeroizatio n command | IPSec/IKE SKEYSEED:Used With IPSec/IKE Encryption Key:Derived to IPSec/IKE Authentication Key:Derived to | Until zeroized | SSPs Input/Outp ut protected by TLS KTS (GCM) SSPs Input/Outp ut protected by TLS KTS (AES and HMAC) SSPs Input/Outp ut protected by SSH KTS (GCM) SSPs Input/Outp ut protected by SSH KTS (AES and HMAC) |
| Data Plane Encryption IKE-SA Session Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | Data Plane Encryption ECDH Shared Secret:Derived From | while Data Plane Encryption session is on | |
| Data Plane Encryption Child-SA Session Key | DRAM:Plaintext | Zeroizatio n command Session terminatio n Reboot | Data Plane Encryption ECDH Shared Secret:Derived From | while Data Plane Encryption session is on | |
| NTP Authenticati on Key | Flash:Plaintext | Zeroizatio n command | Until zeroized | SSPs Input/Outp ut protected by TLS KTS (GCM) SSPs Input/Outp ut protected by TLS KTS (AES and HMAC) SSPs Input/Outp ut protected by SSH KTS (GCM) SSPs Input/Outp ut protected by SSH KTS (AES and HMAC) | |
| OSPFv2 Authenticati on Key | Flash:Plaintext | Zeroizatio n command | Until Zeroized | SSPs Input/Outp ut protected by TLS KTS (GCM) SSPs Input/Outp ut protected by TLS KTS (AES and HMAC) SSPs Input/Outp ut protected |
| Name | Algorithm Or Test | Test Method | Test Type | Details | Indicator | Indicat or | Conditio ns | |
|---|---|---|---|---|---|---|---|---|
| Gecko Firmware Bootloader Integrity Test | Gecko Firmware Bootloader Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A3366 | ECDSA SigVer P-256 with SHA2-256 | Module is in normal state | ||
| Gecko Firmware Application Integrity Test | Gecko Firmware Application Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A3366 | ECDSA SigVer P-256 with SHA2-256 | Module is in normal state | ||
| CHM6_Zynq Firmware Bootloader Integrity Test | CHM6_Zynq Firmware Bootloader Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4955 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| DCO_NXP Firmware Bootloader Integrity Test | DCO_NXP Firmware Bootloader Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4955 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| DCO_Zynq Firmware Bootloader Integrity Test | DCO_Zynq Firmware Bootloader Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4955 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| XMM4_Intel Firmware Bootloader Integrity Test | XMM4_Intel Firmware Bootloader Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4955 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| CHM6_Zynq Firmware Kernel Integrity Test | CHM6_Zynq Firmware Kernel Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4952 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| CHM6_Zynq Firmware init script Integrity Test | CHM6_Zynq Firmware init script Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4948 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| CHM6_Zynq Firmware Application Manifest file Integrity Test | CHM6_Zynq Firmware Application Manifest file Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4948 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| CHM6_Zynq Firmware Application Integrity Test | CHM6_Zynq Firmware Application Integrity Test | KAT | SW/FW Integrity | SHA2-512 from SHA Cert. #A4954 | SHA2-512 | Module is in normal state | ||
| DCO_NXP Firmware Kernel Integrity Test | DCO_NXP Firmware Kernel Integrity Test | KAT | SW/FW Integrity | ECDSA from ECDSA Cert. #A4953 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| DCO_NXP Firmware init script Integrity | DCO_NXP Firmware init script Integrity | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4949 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| DCO_NXP Firmware Application Manifest file Integrity Test | DCO_NXP Firmware Application Manifest file Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4949 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| DCO_NXP Firmware Application Integrity Test | DCO_NXP Firmware Application Integrity Test | KAT | SW/FW Integrity | SHA2-512 from SHA Cert. #A4954 | SHA2-512 | Module is in normal state | ||
| DCO_Zynq Firmware Kernel Integrity Test | DCO_Zynq Firmware Kernel Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| DCO_Zynq Firmware Application Integrity Test | DCO_Zynq Firmware Application Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4960 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| XMM4_Intel Firmware Kernel Integrity Test | XMM4_Intel Firmware Kernel Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4962 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| XMM4_Intel Firmware init script Integrity Test | XMM4_Intel Firmware init script Integrity Test | KAT | SW/FW Integrity | ECDSA from ECDSA Cert. #A4956 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| XMM4 Intel Firmware Application Manifest file Integrity Test | XMM4 Intel Firmware Application Manifest file Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4956 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||
| XMM4 Intel Firmware Application Integrity Test | XMM4 Intel Firmware Application Integrity Test | KAT | SW/FW Integrity | SHA2-512 from SHA Cert. #A4958 | SHA2-512 | Module is in normal state | ||
| SHA2-256 KAT (A3366) | SHA2-256 KAT (A3366) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |
| ECDSA SigVer (FIPS186-4) KAT (A3366) | ECDSA SigVer (FIPS186-4) KAT (A3366) | Known Answer Test (KAT) | CAST | N/A | Curve: P-256 | Module is in normal state | Power up |
| Name | Algorithm Or Test | Test Method | Test Type | Period | Periodic Method | Details | Indicator | Indicat or | Conditio ns | |
|---|---|---|---|---|---|---|---|---|---|---|
| DCO_Zynq Firmware Application Integrity Test | DCO_Zynq Firmware Application Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4960 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||||
| XMM4_Intel Firmware Kernel Integrity Test | XMM4_Intel Firmware Kernel Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4962 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||||
| XMM4_Intel Firmware init script Integrity Test | XMM4_Intel Firmware init script Integrity Test | KAT | SW/FW Integrity | ECDSA from ECDSA Cert. #A4956 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||||
| XMM4 Intel Firmware Application Manifest file Integrity Test | XMM4 Intel Firmware Application Manifest file Integrity Test | KAT | SW/FW Integrity | ECDSA SigVer from ECDSA Cert. #A4956 | ECDSA SigVer P-521 with SHA2-512 | Module is in normal state | ||||
| XMM4 Intel Firmware Application Integrity Test | XMM4 Intel Firmware Application Integrity Test | KAT | SW/FW Integrity | SHA2-512 from SHA Cert. #A4958 | SHA2-512 | Module is in normal state | ||||
| SHA2-256 KAT (A3366) | SHA2-256 KAT (A3366) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| ECDSA SigVer (FIPS186-4) KAT (A3366) | ECDSA SigVer (FIPS186-4) KAT (A3366) | Known Answer Test (KAT) | CAST | N/A | Curve: P-256 | Module is in normal state | Power up | |||
| SHA2-512 KAT (A4955) | SHA2-512 KAT (A4955) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| ECDSA SigVer (FIPS186-4) KAT (A4955) | ECDSA SigVer (FIPS186-4) KAT (A4955) | Known Answer Test (KAT) | CAST | N/A | Curve: P-521 | Module is in normal state | Power up | |||
| SHA2-512 KAT (A4960) | SHA2-512 KAT (A4960) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| ECDSA SigVer (FIPS186-4) KAT (A4960) | ECDSA SigVer (FIPS186-4) KAT (A4960) | Known Answer Test (KAT) | CAST | N/A | Curve: P-521 | Module is in normal state | Power up | |||
| SHA2-512 KAT (A4961) | SHA2-512 KAT (A4961) | Known Answer Test (KAT) | CAST | N/A | SHA2- 512 | Module is in normal state | Power up | |||
| ECDSA SigVer (FIPS186-4) KAT (A4961) | ECDSA SigVer (FIPS186-4) KAT (A4961) | Known Answer Test (KAT) | CAST | N/A | Curve: P-521 | Module is in normal state | Power up | |||
| SHA2-512 KAT (A4948) | SHA2-512 KAT (A4948) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| ECDSA SigVer (FIPS186-4) KAT (A4948) | ECDSA SigVer (FIPS186-4) KAT (A4948) | Known Answer Test (KAT) | CAST | N/A | Curve: P-521 | Module is in normal state | Power up | |||
| SHA2-512 KAT (A4952) | SHA2-512 KAT (A4952) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| ECDSA SigVer (FIPS186-4) KAT (A4952) | ECDSA SigVer (FIPS186-4) KAT (A4952) | Known Answer Test (KAT) | CAST | N/A | Curve: P-521 | Module is in normal state | Power up | |||
| SHA2-512 KAT (A4949) | SHA2-512 KAT (A4949) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| ECDSA SigVer (FIPS186-4) KAT (A4949) | ECDSA SigVer (FIPS186-4) KAT (A4949) | Known Answer | CAST | N/A | Curve: P-521 | Module is in | Power up | |||
| Test (KAT) | Test (KAT) | normal state | ||||||||
| SHA2-512 KAT (A4953) | SHA2-512 KAT (A4953) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| ECDSA SigVer (FIPS186-4) KAT (A4953) | ECDSA SigVer (FIPS186-4) KAT (A4953) | Known Answer Test (KAT) | CAST | N/A | Curve: P-521 | Module is in normal state | Power up | |||
| SHA2-512 KAT (A4954) | SHA2-512 KAT (A4954) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| AES-CBC Encrypt KAT (A4959) | AES-CBC Encrypt KAT (A4959) | Known Answer Test (KAT) | CAST | Encryption KAT | 128 bits | Module is in normal state | Power up | |||
| AES-CBC Decrypt KAT (A4959) | AES-CBC Decrypt KAT (A4959) | Known Answer Test (KAT) | CAST | Decryption KAT | 128 bits | Module is in normal state | Power up | |||
| AES-GCM Authenticated Encrypt KAT (A4959) | AES-GCM Authenticated Encrypt KAT (A4959) | Known Answer Test (KAT) | CAST | Authenticat ed Encryption KAT | 256 bits | Module is in normal state | Power up | |||
| AES-GCM Authenticated Decrypt KAT (A4959) | AES-GCM Authenticated Decrypt KAT (A4959) | Known Answer Test (KAT) | CAST | Authenticat ed Decryption KAT | 256 bits | Module is in normal state | Power up | |||
| Counter DRBG Generate/Reseed/Insta ntiate KAT (A4959) | Counter DRBG Generate/Reseed/Insta ntiate KAT (A4959) | Known Answer Test (KAT) | CAST | Generate KAT, Reseed KAT, and Instantiate KAT | N/A | Module is in normal state | Power up | |||
| KDF IKEv2 KAT (A4959) | KDF IKEv2 KAT (A4959) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| KAS-ECC-SSC Sp800- 56Ar3 KAT (A4959) | KAS-ECC-SSC Sp800- 56Ar3 KAT (A4959) | Known Answer Test (KAT) | CAST | N/A | Curve: P-521 | Module is in normal state | Power up | |||
| RSA SigGen (FIPS186- 4) KAT (A4959) | RSA SigGen (FIPS186- 4) KAT (A4959) | Known Answer | CAST | N/A | Modulus: 2048 bits | Module is in | Power up | |||
| Test (KAT) | Test (KAT) | normal state | ||||||||
| RSA SigVer (FIPS186- 4) KAT (A4959) | RSA SigVer (FIPS186- 4) KAT (A4959) | Known Answer Test (KAT) | CAST | N/A | Modulus: 2048 bits | Module is in normal state | Power up | |||
| SHA2-512 KAT (A4959) | SHA2-512 KAT (A4959) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| HMAC-SHA2-512 KAT (A4959) | HMAC-SHA2-512 KAT (A4959) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| ECDSA SigVer (FIPS186-4) KAT (A4962) | ECDSA SigVer (FIPS186-4) KAT (A4962) | Known Answer Test (KAT) | CAST | N/A | Curve: P-521 | Module is in normal state | Power up | |||
| SHA2-512 KAT (A4962) | SHA2-512 KAT (A4962) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| AES-CBC Encrypt KAT (A4956) | AES-CBC Encrypt KAT (A4956) | Known Answer Test (KAT) | CAST | Encryption KAT | 128, 192 and 256 bits | Module is in normal state | Power up | |||
| AES-CBC Decrypt KAT (A4956) | AES-CBC Decrypt KAT (A4956) | Known Answer Test (KAT) | CAST | Decryption KAT | 128, 192 and 256 bits | Module is in normal state | Power up | |||
| AES-CCM Authenticated Encrypt KAT (A4956) | AES-CCM Authenticated Encrypt KAT (A4956) | Known Answer Test (KAT) | CAST | Authenticat ed Encryption KAT | 256 bits | Module is in normal state | Power up | |||
| AES-CCM Authenticated Decrypt KAT (A4956) | AES-CCM Authenticated Decrypt KAT (A4956) | Known Answer Test (KAT) | CAST | Authenticat ed Decryption KAT | 256 bits | Module is in normal state | Power up | |||
| AES-GCM Authenticated Encrypt KAT (A4956) | AES-GCM Authenticated Encrypt KAT (A4956) | Known Answer Test (KAT) | CAST | Authenticat ed Encryption KAT | 256 bits | Module is in normal state | Power up | |||
| AES-GCM Authenticated Decrypt KAT (A4956) | AES-GCM Authenticated Decrypt KAT (A4956) | Known Answer Test (KAT) | CAST | Authenticat ed Decryption KAT | 256 bits | Module is in normal state | Power up | |||
| HMAC-SHA-1 KAT (A4956) | HMAC-SHA-1 KAT (A4956) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| HMAC-SHA2-256 KAT (A4956) | HMAC-SHA2-256 KAT (A4956) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| HMAC-SHA2-384 KAT (A4956) | HMAC-SHA2-384 KAT (A4956) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| HMAC-SHA2-512 KAT (A4956) | HMAC-SHA2-512 KAT (A4956) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| ECDSA SigVer (FIPS186-4) KAT (A4956) | ECDSA SigVer (FIPS186-4) KAT (A4956) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| SHA2-256 KAT (A4957) | SHA2-256 KAT (A4957) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| HMAC-SHA2-256 KAT (A4957) | HMAC-SHA2-256 KAT (A4957) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| AES-ECB Encrypt KAT (A4958) | AES-ECB Encrypt KAT (A4958) | Known Answer Test (KAT) | CAST | Encryption KAT | 128 bits | Module is in normal state | Power up | |||
| AES-ECB Decrypt KAT (A4958) | AES-ECB Decrypt KAT (A4958) | Known Answer Test (KAT) | CAST | Decryption KAT | 128 bits | Module is in normal state | Power up | |||
| AES-GCM Authenticated Encrypt KAT (A4958) | AES-GCM Authenticated Encrypt KAT (A4958) | Known Answer Test (KAT) | CAST | Authenticat ed Encryption KAT | 256 bits | Module is in normal state | Power up | |||
| AES-GCM Authenticated Decrypt KAT (A4958) | AES-GCM Authenticated Decrypt KAT (A4958) | Known Answer Test (KAT) | CAST | Authenticat ed Decryption KAT | 256 bits | Module is in normal state | Power up | |||
| Counter DRBG Generate/Reseed/Insta ntiate KAT (A4958) | Counter DRBG Generate/Reseed/Insta ntiate KAT (A4958) | Known Answer | CAST | Generate KAT, Reseed | N/A | Module is in | Power up | |||
| Test (KAT) | Test (KAT) | KAT, and Instantiate KAT | normal state | |||||||
| ECDSA SigGen (FIPS186-4) KAT (A4958) | ECDSA SigGen (FIPS186-4) KAT (A4958) | Known Answer Test (KAT) | CAST | N/A | Curve: P-521 | Module is in normal state | Power up | |||
| ECDSA SigVer (FIPS186-4) KAT (A4958) | ECDSA SigVer (FIPS186-4) KAT (A4958) | Known Answer Test (KAT) | CAST | N/A | Curve: P-521 | Module is in normal state | Power up | |||
| HMAC-SHA2-256 KAT (A4958) | HMAC-SHA2-256 KAT (A4958) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| KDF SSH KAT (A4958) | KDF SSH KAT (A4958) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| KDF IKEv2 KAT (A4958) | KDF IKEv2 KAT (A4958) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| KDF SNMP KAT (A4958) | KDF SNMP KAT (A4958) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| TLS v1.2 KDF RFC7627 KAT (A4958) | TLS v1.2 KDF RFC7627 KAT (A4958) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| TLS v1.3 KDF KAT (A4958) | TLS v1.3 KDF KAT (A4958) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| KAS-ECC-SSC KAT (A4958) | KAS-ECC-SSC KAT (A4958) | Known Answer Test (KAT) | CAST | KAS-ECC- SSC Primitive Z | N/A | Module is in normal state | Power up | |||
| KAS-FFC-SSC KAT (A4958) | KAS-FFC-SSC KAT (A4958) | Known Answer Test (KAT) | CAST | KAS-FFC- SSC Primitive Z | N/A | Module is in normal state | Power up | |||
| PBKDF KAT (A4958) | PBKDF KAT (A4958) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| RSA SigGen KAT (A4958) | RSA SigGen KAT (A4958) | Known Answer Test (KAT) | CAST | N/A | Modulus: 2048 bits | Module is in normal state | Power up | |||
| RSA SigVer KAT (A4958) | RSA SigVer KAT (A4958) | Known Answer Test (KAT) | CAST | N/A | Modulus: 2048 bits | Module is in normal state | Power up | |||
| SHA-1 KAT (A4958) | SHA-1 KAT (A4958) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| SHA2-512 KAT (A4958) | SHA2-512 KAT (A4958) | Known Answer Test (KAT) | CAST | N/A | N/A | Module is in normal state | Power up | |||
| AES-GCM Authenticated Encrypt KAT (C501) | AES-GCM Authenticated Encrypt KAT (C501) | Known Answer Test (KAT) | CAST | Authenticat ed Encryption KAT | 256 bits | Module is in normal state | Power up | |||
| AES-GCM Authenticated Decrypt KAT (C501) | AES-GCM Authenticated Decrypt KAT (C501) | Known Answer Test (KAT) | CAST | Authenticat ed Decryption KAT | 256 bits | Module is in normal state | Power up | |||
| Entropy Source Start-up Health Test (RCT) | Entropy Source Start-up Health Test (RCT) | RCT | CAST | N/A | N/A | Module is in normal state | Power up | |||
| Entropy Source Start-up Health Test (APT) | Entropy Source Start-up Health Test (APT) | APT | CAST | N/A | N/A | Module is in normal state | Power up | |||
| Entropy Source Continuous Health Test (RCT) | Entropy Source Continuous Health Test (RCT) | RCT | CAST | N/A | N/A | Module is in normal state | Power up | |||
| Entropy Source Continuous Health Test (APT) | Entropy Source Continuous Health Test (APT) | APT | CAST | N/A | N/A | Module is in normal state | Power up | |||
| ECDSA KeyGen (FIPS186-4) PCT (A4958) | ECDSA KeyGen (FIPS186-4) PCT (A4958) | Pair-Wise Consisten cy Test (PCT) | PCT | N/A | Curve: P-256 | Module is in normal state | ECDSA Keypair generatio n | |||
| RSA KeyGen (FIPS186- 4) PCT (A4958) | RSA KeyGen (FIPS186- 4) PCT (A4958) | Pair-Wise Consisten | PCT | N/A | Modulus: 2048 bits | Module is in | RSA Keypair | |||
| cy Test (PCT) | cy Test (PCT) | normal state | generatio n | |||||||
| KAS-ECC-SSC (FIPS186-4) PCT (A4958) | KAS-ECC-SSC (FIPS186-4) PCT (A4958) | Pair-Wise Consisten cy Test (PCT) | PCT | N/A | Curve: P-256 | Module is in normal state | KAS- ECC Keypair generatio n | |||
| KAS-FFC-SSC (FIPS186-4) PCT (A4958) | KAS-FFC-SSC (FIPS186-4) PCT (A4958) | Pair-Wise Consisten cy Test (PCT) | PCT | N/A | MODP- 2048 | Module is in normal state | KAS-FFC Keypair generatio n | |||
| KAS-ECC-SSC Sp800- 56Ar3 PCT (A4959) | KAS-ECC-SSC Sp800- 56Ar3 PCT (A4959) | Pair-Wise Consisten cy Test (PCT) | PCT | N/A | Curve: P-256 | Module is in normal state | ECDSA Keypair generatio n | |||
| ECDSA KeyGen (FIPS186-4) PCT (A4959) | ECDSA KeyGen (FIPS186-4) PCT (A4959) | Pair-Wise Consisten cy Test (PCT) | PCT | N/A | Curve: P-256 | Module is in normal state | ECDSA Keypair generatio n | |||
| Firmware Load Test | Firmware Load Test | ECDSA SigVer | SW/F W Load | N/A | Curve: P-521 | Module is in normal state | Firmware Load Test | |||
| Gecko Firmware Bootloader Integrity Test | Gecko Firmware Bootloader Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | |||||
| Gecko Firmware Application Integrity Test | Gecko Firmware Application Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | |||||
| CHM6_Zynq Firmware Bootloader Integrity Test | CHM6_Zynq Firmware Bootloader Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | |||||
| DCO_NXP Firmware | DCO_NXP Firmware | KAT | SW/FW Integrity | On-demand | Module Reboot |
Table 19: Pre-Operational Self-Tests The module performs the following self-tests, including the pre-operational self-tests and Conditional self-tests. Prior to the module providing any data output via the data output interface, the module performs and passes the pre-operational self-tests. Following the successful pre-operational self-tests, the module executes the Conditional Cryptographic Algorithm Self-tests (CASTs). If anyone of the self-tests fails, the module transitions into an error state and outputs the error message via the module’s status output interface. While the module is in the error state, all data through the data output interface and all cryptographic operations are disabled. The error state can only be cleared by reloading the module. All self-tests must be completed successfully before the module transitions to the operational state.
N/A N/A N/A N/A N/A N/A N/A N/A N/A © 2021-2025 Nokia Corporation. N/A N/A N/A N/A N/A N/A N/A N/A KAS-ECCSSC KAS-FFCSSC N/A
| Name | Algorithm Or Test | Test Method | Test Type | Period | Periodic Method | Details | Indicat or | Conditio ns | |
|---|---|---|---|---|---|---|---|---|---|
| cy Test (PCT) | cy Test (PCT) | normal state | generatio n | ||||||
| KAS-ECC-SSC (FIPS186-4) PCT (A4958) | KAS-ECC-SSC (FIPS186-4) PCT (A4958) | Pair-Wise Consisten cy Test (PCT) | PCT | N/A | Module is in normal state | KAS- ECC Keypair generatio n | Curve: P-256 | ||
| KAS-FFC-SSC (FIPS186-4) PCT (A4958) | KAS-FFC-SSC (FIPS186-4) PCT (A4958) | Pair-Wise Consisten cy Test (PCT) | PCT | N/A | Module is in normal state | KAS-FFC Keypair generatio n | MODP- 2048 | ||
| KAS-ECC-SSC Sp800- 56Ar3 PCT (A4959) | KAS-ECC-SSC Sp800- 56Ar3 PCT (A4959) | Pair-Wise Consisten cy Test (PCT) | PCT | N/A | Module is in normal state | ECDSA Keypair generatio n | Curve: P-256 | ||
| ECDSA KeyGen (FIPS186-4) PCT (A4959) | ECDSA KeyGen (FIPS186-4) PCT (A4959) | Pair-Wise Consisten cy Test (PCT) | PCT | N/A | Module is in normal state | ECDSA Keypair generatio n | Curve: P-256 | ||
| Firmware Load Test | Firmware Load Test | ECDSA SigVer | SW/F W Load | N/A | Module is in normal state | Firmware Load Test | Curve: P-521 | ||
| Gecko Firmware Bootloader Integrity Test | Gecko Firmware Bootloader Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| Gecko Firmware Application Integrity Test | Gecko Firmware Application Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| CHM6_Zynq Firmware Bootloader Integrity Test | CHM6_Zynq Firmware Bootloader Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| DCO_NXP Firmware | DCO_NXP Firmware | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| DCO_Zynq Firmware Bootloader Integrity Test | DCO_Zynq Firmware Bootloader Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| XMM4_Intel Firmware Bootloader Integrity Test | XMM4_Intel Firmware Bootloader Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| CHM6_Zynq Firmware Kernel Integrity Test | CHM6_Zynq Firmware Kernel Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| CHM6_Zynq Firmware init script Integrity Test | CHM6_Zynq Firmware init script Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| CHM6_Zynq Firmware Application Manifest file Integrity Test | CHM6_Zynq Firmware Application Manifest file Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| CHM6_Zynq Firmware Application Integrity Test | CHM6_Zynq Firmware Application Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| DCO_NXP Firmware Kernel Integrity Test | DCO_NXP Firmware Kernel Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| DCO_NXP Firmware init script Integrity | DCO_NXP Firmware init script Integrity | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| DCO_NXP Firmware Application Manifest file Integrity Test | DCO_NXP Firmware Application Manifest file Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| DCO_NXP Firmware Application Integrity Test | DCO_NXP Firmware Application Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| DCO_Zynq Firmware Kernel Integrity Test | DCO_Zynq Firmware Kernel Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| DCO_Zynq Firmware Application Integrity Test | DCO_Zynq Firmware Application Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| XMM4_Intel Firmware Kernel Integrity Test | XMM4_Intel Firmware Kernel Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| XMM4_Intel Firmware init script Integrity Test | XMM4_Intel Firmware init script Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| XMM4 Intel Firmware Application Manifest file Integrity Test | XMM4 Intel Firmware Application Manifest file Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| XMM4 Intel Firmware Application Integrity Test | XMM4 Intel Firmware Application Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot | ||||
| SHA2-256 KAT (A3366) | SHA2-256 KAT (A3366) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot | ||||
| ECDSA SigVer (FIPS186-4) KAT (A3366) | ECDSA SigVer (FIPS186-4) KAT (A3366) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot | ||||
| SHA2-512 KAT (A4955) | SHA2-512 KAT (A4955) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot | ||||
| ECDSA SigVer (FIPS186-4) KAT (A4955) | ECDSA SigVer (FIPS186-4) KAT (A4955) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot | ||||
| SHA2-512 KAT (A4960) | SHA2-512 KAT (A4960) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot | ||||
| ECDSA SigVer (FIPS186-4) KAT (A4960) | ECDSA SigVer (FIPS186-4) KAT (A4960) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot | ||||
| SHA2-512 KAT (A4961) | SHA2-512 KAT (A4961) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot | ||||
| ECDSA SigVer (FIPS186-4) KAT (A4961) | ECDSA SigVer (FIPS186-4) KAT (A4961) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot | ||||
| SHA2-512 KAT (A4948) | SHA2-512 KAT (A4948) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
MODP2048 W Table 20: Conditional Self-Tests N/A N/A N/A N/A N/A n KASECC n n n n The module performs on-demand self-tests initiated by the operator, by powering off and powering the module back on. The full suite of self-tests is then executed. The same procedure may be employed by the operator to perform periodic self-tests.
| Name | Algorithm Or Test | Test Method | Test Type | Period | Periodic Method |
|---|---|---|---|---|---|
| XMM4_Intel Firmware Kernel Integrity Test | XMM4_Intel Firmware Kernel Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot |
| XMM4_Intel Firmware init script Integrity Test | XMM4_Intel Firmware init script Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot |
| XMM4 Intel Firmware Application Manifest file Integrity Test | XMM4 Intel Firmware Application Manifest file Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot |
| XMM4 Intel Firmware Application Integrity Test | XMM4 Intel Firmware Application Integrity Test | KAT | SW/FW Integrity | On-demand | Module Reboot |
| SHA2-256 KAT (A3366) | SHA2-256 KAT (A3366) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| ECDSA SigVer (FIPS186-4) KAT (A3366) | ECDSA SigVer (FIPS186-4) KAT (A3366) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| SHA2-512 KAT (A4955) | SHA2-512 KAT (A4955) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| ECDSA SigVer (FIPS186-4) KAT (A4955) | ECDSA SigVer (FIPS186-4) KAT (A4955) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| SHA2-512 KAT (A4960) | SHA2-512 KAT (A4960) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| ECDSA SigVer (FIPS186-4) KAT (A4960) | ECDSA SigVer (FIPS186-4) KAT (A4960) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| SHA2-512 KAT (A4961) | SHA2-512 KAT (A4961) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| ECDSA SigVer (FIPS186-4) KAT (A4961) | ECDSA SigVer (FIPS186-4) KAT (A4961) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| SHA2-512 KAT (A4948) | SHA2-512 KAT (A4948) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| ECDSA SigVer (FIPS186-4) KAT (A4948) | ECDSA SigVer (FIPS186-4) KAT (A4948) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| SHA2-512 KAT (A4952) | SHA2-512 KAT (A4952) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| ECDSA SigVer (FIPS186-4) KAT (A4952) | ECDSA SigVer (FIPS186-4) KAT (A4952) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| SHA2-512 KAT (A4949) | SHA2-512 KAT (A4949) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| ECDSA SigVer (FIPS186-4) KAT (A4949) | ECDSA SigVer (FIPS186-4) KAT (A4949) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| SHA2-512 KAT (A4953) | SHA2-512 KAT (A4953) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| ECDSA SigVer (FIPS186-4) KAT (A4953) | ECDSA SigVer (FIPS186-4) KAT (A4953) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| SHA2-512 KAT (A4954) | SHA2-512 KAT (A4954) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-CBC Encrypt KAT (A4959) | AES-CBC Encrypt KAT (A4959) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-CBC Decrypt KAT (A4959) | AES-CBC Decrypt KAT (A4959) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-GCM Authenticated Encrypt KAT (A4959) | AES-GCM Authenticated Encrypt KAT (A4959) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-GCM Authenticated Decrypt KAT (A4959) | AES-GCM Authenticated Decrypt KAT (A4959) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| Counter DRBG Generate/Reseed/Instantiate KAT (A4959) | Counter DRBG Generate/Reseed/Instantiate KAT (A4959) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| KDF IKEv2 KAT (A4959) | KDF IKEv2 KAT (A4959) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| KAS-ECC-SSC Sp800- 56Ar3 KAT (A4959) | KAS-ECC-SSC Sp800- 56Ar3 KAT (A4959) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| RSA SigGen (FIPS186-4) KAT (A4959) | RSA SigGen (FIPS186-4) KAT (A4959) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| RSA SigVer (FIPS186-4) KAT (A4959) | RSA SigVer (FIPS186-4) KAT (A4959) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| SHA2-512 KAT (A4959) | SHA2-512 KAT (A4959) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| HMAC-SHA2-512 KAT (A4959) | HMAC-SHA2-512 KAT (A4959) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| ECDSA SigVer (FIPS186-4) KAT (A4962) | ECDSA SigVer (FIPS186-4) KAT (A4962) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| SHA2-512 KAT (A4962) | SHA2-512 KAT (A4962) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-CBC Encrypt KAT (A4956) | AES-CBC Encrypt KAT (A4956) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-CBC Decrypt KAT (A4956) | AES-CBC Decrypt KAT (A4956) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-CCM Authenticated Encrypt KAT (A4956) | AES-CCM Authenticated Encrypt KAT (A4956) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-CCM Authenticated Decrypt KAT (A4956) | AES-CCM Authenticated Decrypt KAT (A4956) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-GCM Authenticated Encrypt KAT (A4956) | AES-GCM Authenticated Encrypt KAT (A4956) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-GCM Authenticated Decrypt KAT (A4956) | AES-GCM Authenticated Decrypt KAT (A4956) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| HMAC-SHA-1 KAT (A4956) | HMAC-SHA-1 KAT (A4956) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| HMAC-SHA2-256 KAT (A4956) | HMAC-SHA2-256 KAT (A4956) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| HMAC-SHA2-384 KAT (A4956) | HMAC-SHA2-384 KAT (A4956) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| HMAC-SHA2-512 KAT (A4956) | HMAC-SHA2-512 KAT (A4956) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| ECDSA SigVer (FIPS186-4) KAT (A4956) | ECDSA SigVer (FIPS186-4) KAT (A4956) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| SHA2-256 KAT (A4957) | SHA2-256 KAT (A4957) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| HMAC-SHA2-256 KAT (A4957) | HMAC-SHA2-256 KAT (A4957) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-ECB Encrypt KAT (A4958) | AES-ECB Encrypt KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-ECB Decrypt KAT (A4958) | AES-ECB Decrypt KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-GCM Authenticated Encrypt KAT (A4958) | AES-GCM Authenticated Encrypt KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-GCM Authenticated Decrypt KAT (A4958) | AES-GCM Authenticated Decrypt KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| Counter DRBG Generate/Reseed/Instantiate KAT (A4958) | Counter DRBG Generate/Reseed/Instantiate KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| ECDSA SigGen (FIPS186-4) KAT (A4958) | ECDSA SigGen (FIPS186-4) KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| ECDSA SigVer (FIPS186-4) KAT (A4958) | ECDSA SigVer (FIPS186-4) KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| HMAC-SHA2-256 KAT (A4958) | HMAC-SHA2-256 KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| KDF SSH KAT (A4958) | KDF SSH KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| KDF IKEv2 KAT (A4958) | KDF IKEv2 KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| KDF SNMP KAT (A4958) | KDF SNMP KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| TLS v1.2 KDF RFC7627 KAT (A4958) | TLS v1.2 KDF RFC7627 KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| TLS v1.3 KDF KAT (A4958) | TLS v1.3 KDF KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| KAS-ECC-SSC KAT (A4958) | KAS-ECC-SSC KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| KAS-FFC-SSC KAT (A4958) | KAS-FFC-SSC KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| PBKDF KAT (A4958) | PBKDF KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| RSA SigGen KAT (A4958) | RSA SigGen KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| RSA SigVer KAT (A4958) | RSA SigVer KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| SHA-1 KAT (A4958) | SHA-1 KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| SHA2-512 KAT (A4958) | SHA2-512 KAT (A4958) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-GCM Authenticated Encrypt KAT (C501) | AES-GCM Authenticated Encrypt KAT (C501) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| AES-GCM Authenticated Decrypt KAT (C501) | AES-GCM Authenticated Decrypt KAT (C501) | Known Answer Test (KAT) | CAST | On-demand | Module Reboot |
| Entropy Source Start-up Health Test (RCT) | Entropy Source Start-up Health Test (RCT) | RCT | CAST | On-demand | Module Reboot |
| Entropy Source Start-up Health Test (APT) | Entropy Source Start-up Health Test (APT) | APT | CAST | On-demand | Module Reboot |
| Entropy Source Continuous Health Test (RCT) | Entropy Source Continuous Health Test (RCT) | RCT | CAST | On-demand | Module Reboot |
| Entropy Source Continuous Health Test (APT) | Entropy Source Continuous Health Test (APT) | APT | CAST | On-demand | Module Reboot |
| ECDSA KeyGen (FIPS186- 4) PCT (A4958) | ECDSA KeyGen (FIPS186- 4) PCT (A4958) | Pair-Wise Consistency Test (PCT) | PCT | On-demand | Module Reboot |
| RSA KeyGen (FIPS186-4) PCT (A4958) | RSA KeyGen (FIPS186-4) PCT (A4958) | Pair-Wise Consistency Test (PCT) | PCT | On-demand | Module Reboot |
| KAS-ECC-SSC (FIPS186-4) PCT (A4958) | KAS-ECC-SSC (FIPS186-4) PCT (A4958) | Pair-Wise Consistency Test (PCT) | PCT | On-demand | Module Reboot |
| KAS-FFC-SSC (FIPS186-4) PCT (A4958) | KAS-FFC-SSC (FIPS186-4) PCT (A4958) | Pair-Wise Consistency Test (PCT) | PCT | On-demand | Module Reboot |
| KAS-ECC-SSC Sp800- 56Ar3 PCT (A4959) | KAS-ECC-SSC Sp800- 56Ar3 PCT (A4959) | Pair-Wise Consistency Test (PCT) | PCT | On-demand | Module Reboot |
| ECDSA KeyGen (FIPS186- 4) PCT (A4959) | ECDSA KeyGen (FIPS186- 4) PCT (A4959) | Pair-Wise Consistency Test (PCT) | PCT | On-demand | Module Reboot |
| Firmware Load Test | Firmware Load Test | ECDSA SigVer | SW/FW Load | On-demand | Module Reboot |
Table 21: Pre-Operational Periodic Information © 2021-2025 Nokia Corporation.
| Name | Description | Role Access | Indicator | |
|---|---|---|---|---|
| Error State | If self-test tests fail, the module is put into an error state | Self-tests failure | System Halt | Reboot the module |
Table 22: Conditional Periodic Information
On demand and periodic self-tests are performed by powering off the module and powering it on again. This service performs the same cryptographic algorithm tests executed during pre-operational self-tests and CASTs. During the execution of the periodic and on-demand self-tests, crypto services are not available and no data output or input is possible.
Table 23: Error States If any of the above-mentioned self-tests fail, the module reports the error and enters the Error state. In the Error State, no cryptographic services are provided, and data output is prohibited. The only method to recover from the error state is to reboot the module and perform the selftests, including the pre-operational firmware integrity test and the conditional CASTs. The module will only enter into the operational state after successfully passing the pre-operational firmware integrity test and the conditional CASTs.
The module meets all the Level 1 requirements for FIPS 140-3. Follow the secure operations provided below to place the module in approved mode. Operating this module without maintaining the following settings would put module operated in a non-compliance state. Secure Operation The Security Admin (SA) must configure and enforce the following initialization steps. Step 1. Strictly follow up the steps in section Physical Security to place the Opacity Shield and Tamper Evident Labels on the module. © 2021-2025 Nokia Corporation.
Step
No specific Administrator guidance.
No specific Non-Administrator guidance.
N/A for this module. © 2021-2025 Nokia Corporation.