Motorola S2500 manual Operational Environment, Security Rules

MNR S2500 Security Policy

Version 1.3, Revision Date: 1/13/2009

7. Operational Environment

The FIPS 140-2 Area 6 Operational Environment requirements are not applicable because the MNR S2500 router does not contain a modifiable operational environment.

8. Security Rules

The example cryptographic module’s design corresponds to the example cryptographic module’s security rules. This section documents the security rules enforced by the cryptographic module to implement the security requirements of this FIPS 140-2 Level 1 module.

1.The MNR S2500 router provides five distinct operator roles: Crypto Officer (SuperUser), Admin, Network Manager, User, and Maintenance. The Crypto Officer role uses the root account.

2.The MNR S2500 router encrypts message traffic using the AES or TDES algorithm.

3.The MNR S2500 router performs the following tests: A. Power up Self-Tests:

1.Cryptographic algorithm tests: Hardware Implementation:

a.AES-CBC Known Answer Test

b.TDES-CBC Known Answer Test

c.HMAC-SHA-1 Known Answer Test (Includes SHA-1 KAT) Firmware Implementation

a.AES-CBC Known Answer Test

b.TDES-CBC Known Answer Test

c.HMAC -SHA-1 Known Answer Test (Includes SHA-1 KAT)

d.ANSI X9.31 DRNG Known Answer Test

e.RSA Known Answer Test

f.DSA Known Answer Test

2.Firmware Integrity Test (16 bit CRC)

Page 15