5 Cryptographic Algorithms

FIPS-approved cryptographic algorithms have been implemented in hardware and firmware. The firmware supports the following cryptographic implementations.

ArubaOS OpenSSL AP Module implements the following FIPS-approved algorithms: o AES (Cert. #1851)

o HMAC (Cert. #1099) o RNG (Cert. #970)

o RSA (Cert. #934) o SHS (Cert. #1628)

o Triple-DES (Cert. #1199)

ArubaOS Module implements the following FIPS-approved algorithms:

oAES (Cert. #1850)

oHMAC (Cert. #1098)

oRNG (Cert. #969)

oRSA (Cert. #933)

oSHS (Cert. #1627)

oTriple-DES (Cert. #1198)

ArubaOS UBOOT Bootloader implements the following FIPS-approved algorithms:

oRSA (Cert. #935)

oSHS (Cert. #1629)

Hardware encryption acceleration is provided by Cavium Octeon 5010 for bulk cryptographic operations for the following FIPS-approved algorithms:

AES (Cert. #861)

HMAC (Cert. #478)

SHS (Cert. #856)

Triple-DES (Cert. #708)

Non-FIPS Approved Algorithms

The cryptographic module implements the following non-approved algorithms that are not permitted for use in the FIPS 140-2 mode of operations:

MD5

In addition, within the FIPS Approved mode of operation, the module supports the following allowed key establishment schemes:

Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength)

30

Page 29 Page 31
Page 30
Image 30
Aruba Networks FIPS 140-2 manual Cryptographic Algorithms, Non-FIPS Approved Algorithms
Page 29 Page 31
Top Page Image Contents