Manuals / Dell / Computer Equipment / Network Card

Dell AP-105, W- AP92, W-AP105, AP-92, AP-175 Cryptographic Algorithms, Non-FIPS Approved Algorithms

Models: W-AP105 AP-105 AP-175 W-AP175 AP-93 W- AP92 W-AP93 AP-92

1 45

Download 45 pages 52.12 Kb

Page 39

5 Cryptographic Algorithms

FIPS-approved cryptographic algorithms have been implemented in hardware and firmware. The firmware supports the following cryptographic implementations.

∙ArubaOS OpenSSL AP Module implements the following FIPS-approved algorithms: o AES (Cert. #1851)

o HMAC (Cert. #1099) o RNG (Cert. #970)

o RSA (Cert. #934) o SHS (Cert. #1628)

o Triple-DES (Cert. #1199)

∙ArubaOS Module implements the following FIPS-approved algorithms:

oAES (Cert. #1850)

oHMAC (Cert. #1098)

oRNG (Cert. #969)

oRSA (Cert. #933)

oSHS (Cert. #1627)

oTriple-DES (Cert. #1198)

∙ArubaOS Kernel implements the following FIPS-approved algorithms:

oAES (Cert. #1847)

oHMAC (Cert. #1097)

oSHS (Cert. #1625)

oTriple-DES (Cert. #1197)

∙ArubaOS UBOOT Bootloader implements the following FIPS-approved algorithms:

oRSA (Cert. #935)

oSHS (Cert. #1629)

∙Aruba Atheros hardware CCM implements the following FIPS-approved algorithms:

oAES (Cert. #1849)

Non-FIPS Approved Algorithms

The cryptographic module implements the following non-approved algorithms that are not permitted for use in the FIPS 140-2 mode of operations:

∙MD5

In addition, within the FIPS Approved mode of operation, the module supports the following allowed key establishment schemes:

∙Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength)

39

Image 39

Dell AP-105, W- AP92, W-AP105, AP-92, AP-175, AP-93, W-AP93, W-AP175 manual Cryptographic Algorithms, Non-FIPS Approved Algorithms

Contents

Version Feb Aruba Networks Crossman Ave Sunnyvale, CA Page Security Levels Physical Security Aruba Dell Relationship Acronyms and AbbreviationsAP-105 Series AP-175 Series ROLES, Authentication and Services Introduction Aruba Dell RelationshipAcronyms and Abbreviations IPSec GHz Aruba Part Number Dell Corresponding Part Number Product OverviewAP-92 Physical Description AP-92 Indicator LEDs Label Function Action Status PWREnet Label Function Action Status AP-93 AP-93 Indicator LEDs Label Function Action Status AP-105 Series AP-105 Wireless Access Point AP-105 Indicator LEDs Label Function Action Status AP-175 Series AP-175 Wireless Access Point Physical Description Function Action Status Position AP-175 Indicator LEDs Label Applying TELs Module ObjectivesSecurity Levels Physical Security AP-92 Tel placement front view 2 AP-92 TEL Placement Aruba AP-92 Tel placement right view Aruba AP-92 Tel placement bottom view 3 AP-93 TEL Placement Aruba AP-93 Tel placement left view Aruba AP-93 Tel placement top view 4 AP-105 TEL Placement Aruba AP-105 Tel placement left view Aruba AP-105 Tel placement bottom view 5 AP-175 TEL Placement Aruba AP-175 Tel placement back view Aruba AP-175 Tel placement top view Inspection/Testing of Physical Security Mechanisms Modes of Operation Configuring Remote AP Fips Mode Enable Fips mode on the AP. This accomplished by going to Configuring Remote Mesh Portal Fips Mode Configuring Remote Mesh Point Fips Mode Operational Environment Verify that the module is in Fips mode Fips 140-2 Logical Interfaces Module Physical Interface Logical Interfaces Roles, Authentication and Services Crypto Officer AuthenticationRoles Authentication Mechanism Strength User AuthenticationWireless Client Authentication Strength of Authentication Mechanisms WPA2-PSK KEK ServicesCrypto Officer Services WPA2 PSK Eapol MIC User ServicesPMK PTK Unauthenticated Services Wireless Client Services ∙ FTP ∙ Tftp ∙ NTP Non-FIPS Approved Algorithms Cryptographic Algorithms Hmac Critical Security Parameters RNG AES-CCM PSK GTK GMK Self Tests For an AES Atheros hardware Post failure