Dell AP-135, AP-134, W-AP135, W-AP134 manual Cryptographic Algorithms, Non-FIPS Approved Algorithms

Page 29

5 Cryptographic Algorithms

FIPS-approved cryptographic algorithms have been implemented in hardware and firmware. The firmware supports the following cryptographic implementations.

ArubaOS OpenSSL AP Module implements the following FIPS-approved algorithms: o AES (Cert. #1851)

o HMAC (Cert. #1099) o RNG (Cert. #970)

o RSA (Cert. #934) o SHS (Cert. #1628)

o Triple-DES (Cert. #1199)

ArubaOS Module implements the following FIPS-approved algorithms:

oAES (Cert. #1850)

oHMAC (Cert. #1098)

oRNG (Cert. #969)

oRSA (Cert. #933)

oSHS (Cert. #1627)

oTriple-DES (Cert. #1198)

ArubaOS Kernel implements the following FIPS-approved algorithms:

oAES (Cert. #1847)

oHMAC (Cert. #1097)

oSHS (Cert. #1625)

oTriple-DES (Cert. #1197)

ArubaOS UBOOT Bootloader implements the following FIPS-approved algorithms:

oRSA (Cert. #935)

oSHS (Cert. #1629)

Aruba Atheros hardware CCM implements the following FIPS-approved algorithms:

oAES (Cert. #1849)

Non-FIPS Approved Algorithms

The cryptographic module implements the following non-approved algorithms that are not permitted for use in the FIPS 140-2 mode of operations:

MD5

In addition, within the FIPS Approved mode of operation, the module supports the following allowed key establishment schemes:

Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength)

29

Page 28 Page 30
Image 29
Page 28 Page 30
Contents Fips 140-2 Non-Proprietary Security Policy Page Security Levels Physical Security Aruba Dell Relationship Acronyms and AbbreviationsModes of Operation Operational Environment Logical InterfacesServices Aruba Dell Relationship IntroductionAcronyms and Abbreviations CPSecSHA AP-134 Product OverviewPhysical Description Aruba Part Number Dell Corresponding Part NumberPWR AP-134 Indicator LEDs Label Function Action StatusENET0 ENET1AP-135 AP-135 Indicator LEDs Label Function Action Status Security Levels Module ObjectivesPhysical Security Applying TELsAP-134 Front view 2 AP-134 TEL PlacementAP-134 Top View 3 AP-135 TEL PlacementAP-135 Front view AP-135 Top view Inspection/Testing of Physical Security MechanismsModes of Operation Configuring Remote AP Fips ModeEnable Fips mode on the AP. This accomplished by going to Configuring Remote Mesh Portal Fips Mode Configuring Remote Mesh Point Fips Mode Operational Environment Verify that the module is in Fips modeFips 140-2 Logical Interface Module Physical Interface Logical InterfacesRoles Roles, Authentication and ServicesCrypto Officer Authentication Wireless Client Authentication User AuthenticationStrength of Authentication Mechanisms Authentication Mechanism StrengthWPA2-PSK Crypto Officer Services ServicesWPA2 PSK KEKPMK User ServicesPTK Eapol MICUnauthenticated Services Wireless Client Services∙ FTP ∙ Tftp ∙ NTP Non-FIPS Approved Algorithms Cryptographic AlgorithmsHmac Critical Security ParametersRNG AES-CCM PSKGTK GMKSelf Tests For an AES Atheros hardware Post failure
Top Page Image Contents