Manuals / Dell / Computer Equipment / Network Card

Dell W- AP92, W-AP105, AP-92, AP-175, AP-93, W-AP93, W-AP175, AP-105 Critical Security Parameters, Hmac

Models: W-AP105 AP-105 AP-175 W-AP175 AP-93 W- AP92 W-AP93 AP-92

1 45

Download 45 pages 52.12 Kb

Page 40

6	Critical Security Parameters
The following Critical Security Parameters (CSPs) are used by the module:

				STORAGE
	CSP	CSP TYPE	GENERATION	And	USE
				ZEROIZATI
				ON

Key	Encryption Key	Triple-DES	Hard-coded	Stored in flash,	Encrypts
(KEK)		168-bits key		zeroized by the	IKEv1/IKEv2
				‘ap wipe out	preshared keys
				flash’	and
				command.	configuration
					parameters

IKEv1/IKEv2 Pre-shared		64 character	CO configured	Encrypted in	Module and
secret		preshared		flash using the	crypto officer
		key		KEK; zeroized	authentication
				by updating	during
				through	IKEv1/IKEv2;
				administrative	entered into
				interface, or by	the module in
				the ‘ap wipe	plaintext
				out flash’	during
				command.	initialization
					and encrypted
					over the IPSec
					session
					subsequently.

IPSec session encryption		168-bit	Established during	Stored in	Secure IPSec
keys		Triple-DES,	Diffie-Hellman key	plaintext in	traffic
		or	agreement	volatile
		128/192/256		memory;
		bit AES		zeroized when
		keys;		session is
				closed or
				system powers
				off

IPSec session		HMAC	Established during	Stored in	Secure IPSec
authentication keys		SHA-1 keys	Diffie-Hellman key	plaintext in	traffic
			agreement	volatile
				memory;
				zeroized when
				session is
				closed or
				system powers
				off

40

Image 40

Dell W- AP92, W-AP105, AP-92, AP-175, AP-93, W-AP93, W-AP175, AP-105 manual Critical Security Parameters, Hmac

Contents

Version Feb Aruba Networks Crossman Ave Sunnyvale, CA Page Aruba Dell Relationship Acronyms and Abbreviations AP-105 SeriesAP-175 Series Security Levels Physical Security ROLES, Authentication and Services Aruba Dell Relationship IntroductionAcronyms and Abbreviations GHz IPSec Product Overview AP-92Physical Description Aruba Part Number Dell Corresponding Part Number PWR AP-92 Indicator LEDs Label Function Action StatusEnet AP-93 Label Function Action Status AP-93 Indicator LEDs Label Function Action Status AP-105 Wireless Access Point AP-105 Series AP-105 Indicator LEDs Label Function Action Status AP-175 Wireless Access Point AP-175 Series Physical Description AP-175 Indicator LEDs Label Function Action Status Position Module Objectives Security LevelsPhysical Security Applying TELs 2 AP-92 TEL Placement AP-92 Tel placement front view Aruba AP-92 Tel placement right view 3 AP-93 TEL Placement Aruba AP-92 Tel placement bottom view Aruba AP-93 Tel placement left view 4 AP-105 TEL Placement Aruba AP-93 Tel placement top view Aruba AP-105 Tel placement left view 5 AP-175 TEL Placement Aruba AP-105 Tel placement bottom view Aruba AP-175 Tel placement back view Inspection/Testing of Physical Security Mechanisms Aruba AP-175 Tel placement top view Configuring Remote AP Fips Mode Modes of Operation Enable Fips mode on the AP. This accomplished by going to Configuring Remote Mesh Portal Fips Mode Configuring Remote Mesh Point Fips Mode Verify that the module is in Fips mode Operational Environment Logical Interfaces Fips 140-2 Logical Interfaces Module Physical Interface Crypto Officer Authentication Roles, Authentication and ServicesRoles User Authentication Wireless Client AuthenticationStrength of Authentication Mechanisms Authentication Mechanism Strength WPA2-PSK Services Crypto Officer ServicesWPA2 PSK KEK User Services PMKPTK Eapol MIC Wireless Client Services Unauthenticated Services ∙ FTP ∙ Tftp ∙ NTP Cryptographic Algorithms Non-FIPS Approved Algorithms Critical Security Parameters Hmac RNG PSK AES-CCM GMK GTK Self Tests For an AES Atheros hardware Post failure