![Firmware Implementations](/images/new-backgrounds/124175/1241759x1.webp)
MNR S2500 Security Policy
Version 1.3, Revision Date: 1/13/2009
Firmware Implementations
a.
b.AES - CBC (128, 192, 256 bit), ECB (128), and CFB (128) modes for IKE and SSHv2 encryption (Cert. #611)
c.
d.
e.RSA v1.5 1024 bit – for public/private key pair generation and digital signatures (Cert. #283)
f.DSA 1024 bit – for public/private key pair generation and digital signatures (Cert. #237)
g.ANSI X9.31 Deterministic Random Number Generator (DRNG) (Cert .#349)
The MNR S2500 router supports the commercially available IKE and
Allowed Algorithms
•
•Hardware
•MD5: for hashing (Provides interoperability within supported protocols)
•
Non-FIPS approved algorithms
In a Non FIPS mode of operation, the cryptographic module provides
•DES for encryption/decryption
•Non approved SW RNG
•
Page 5