 13
AuthenticationProtocol(PAP).MS-CHAPcanusenoencryption,40-
bitRC4,128-bitRC4encryption.WhenoperatedinaFIPS140-1
compliantmanner,MS-CHAPisnotenabledwithRC4encryption.
L2TP:RequiresauthenticationusingMS-CHAPCHAP,orPAP.MS-
CHAPcanusenoencryption,40-bitRC4,128-bitRC4encryption.
WhenoperatedinaFIPS140-1compliantmanner,MS-CHAPisnot
enabledwithRC4encryption.
L2F:RequiresauthenticationusingCHAP,orPAP.
2.5 KeyManagement
Theswitchsecurelyadministersbothcryptographickeysandothercriticalsecurity
parameterssuchasUserpasswords.Ephemeralsessionskeysarecreatedduringthe
negotiationofsecuretunnelsonbehalfofUserswhohavesuccessfullyauthenticated
themselvestotheswitchwiththeiruserIDandpassword.Thesekeysarecreatedfor
protocolslikeMS-CHAPandISAKMP,whichsecurelynegotiatekeyexchangeandthen
allowencryptionservicesforPPTP,L2TP,andIPSec.
Keysaredestroyedwhentheappropriatetunnel,SecurityAssociation(SA),orsessionis
terminatedandareneverarchivedorreleasedfromthedevice.Userpasswordscanbe
destroyedbytheCryptoOfficerorbyUsersoverwritingtheirownpasswords.All
passwordsarestoredintheLDAPdatabaseinanencryptedformat,andneverreleased.
Theyareusedonlyforauthenticationinkeyexchangeprotocols,whichprotectCritical
SecurityParameters(CSPs)accordingtotheirprotocol.(CryptoOfficersshouldbeaware
thatPAPtransmitspasswordinformationintheclearandshouldnotbeenabledbefore
decidinglocalpolicy.SeenotesonPAPintheContivityExtranetSwitchAdministrator’s
Guide.)
SessionKeys:Theseareephemeralencryptionkeysusedbythemodulefor
encryptingpacketsduringIPSectunneling.Thesekeysarederivedduringthe
setupofthetunnelandusedonlyduringasecuretunnelsession.TheIPSec
tunnelmayuseeither56-bitDESorTDESforencryption.Thesekeysare
createdbysettingoddparityandcheckingforknownweakkeys.Thesession
keysareinternallyderivedfromtheInternetKeyExchange(IKE)/Internet
SecurityAssociationKeyManagementProtocol(ISAKMP-Oakley).These
protocolsarebasedonDiffie-HellmanKeyAgreement.IPSec“Pre-shared
keys”mayoptionallybeusedwithDiffie-Hellmantonegotiateashared
sessionkeyfromtheconcatenatedandSHA-1hashedvalueoftheuserIDand
password.
DESpasswordkey:Thiskeyisusedtoencryptuserpasswordstobestoredin
themodule’sinternalLDAPdatabase.Thiskeyiscompiledintothemodule’s
codeandcanbezeroizedusingafloppytoerasethefirmware.Thefloppy
diskunitholdsa“format”utility.InordertozeroizetheDESkey(hard-coded
intothemodulefirmware),thecryptoofficermustruntheformatutility