41
CSP
CSP TYPE
GENERATION
STORAGE
And
ZEROIZATI
ON
USE
IKEv1/IKEv2 Diffie-
Hellman Private key
1024-bit
Diffie-
Hellman
private key
Generated internally
during IKEv1/IKEv2
negotiation
Stored in
plaintext in
volatile
memory;
zeroized when
session is
closed or
system is
powered off
Used in
establishing
the session key
for IPSec
IKEv1/IKEv2 Diffie-
Hellman shared secret
128 bit Octet
Generated internally
during IKEv1/IKEv2
negotiation
Stored in
plaintext in
volatile
memory;
zeroized when
session is
closed or
system is
powered off
IKEv1/IKEv2
payload
integrity
verification
ArubaOS OpenSSL RNG
Seed for FIPS compliant
ANSI X9.31, Appendix
A2.4 using AES-128 Key
algorithm
Seed (16
Bytes)
Derived using NON-
FIPS approved HW RNG
(/dev/urandom)
Stored in
plaintext in
volatile
memory only;
zeroized on
reboot
Seed ANSI
X9.31 RNG
ArubaOS OpenSSL RNG
Seed key for FIPS
compliant ANSI X9.31,
Appendix A2.4 using
AES-128 Key algorithm
Seed key (16
bytes, AES-
128 Key
algorithm)
Derived using NON-
FIPS approved HW RNG
(/dev/urandom)
Stored in
plaintext in
volatile
memory only;
zeroized on
reboot
Seed ANSI
X9.31 RNG
ArubaOS Cryptographic
Module RNG Seed for
FIPS compliant 186-2
General Purpose (X
change Notice); SHA-1
RNG
Seed (64
bytes)
Derived using NON-
FIPS approved HW RNG
(/dev/urandom)
Stored in
plaintext in
volatile
memory only;
zeroized on
reboot
Seed 186-2
General
Purpose (X
change
Notice); SHA-
1 RNG
ArubaOS Cryptographic
Module RNG Seed key for
FIPS compliant 186-2
General Purpose (X
change Notice); SHA-1
RNG
Seed Key
(64 bytes)
Derived using NON-
FIPS approved HW RNG
(/dev/urandom)
Stored in
plaintext in
volatile
memory only;
zeroized on
reboot
Seed 186-2
General
Purpose (X
change
Notice); SHA-
1 RNG