Aruba 620 Especificações descarregar pdf (Página 65)

Security Target Version 1.0 9/29/2014

65

NIST SP800-56B

Section Reference

“should”, “should not”, or

“shall not”

Implemented? Rationale for deviation

6.5.1

should

yes

Not applicable

6.5.2

should

yes

Not applicable

6.5.2.1

should

yes

Not applicable

6.6

shall not

no

Not applicable

7.1.2

should

yes

Not applicable

7.2.1.3

should

yes

Not applicable

7.2.1.3

should not

no

Not applicable

7.2.2.3

should (first occurrence)

yes

Not applicable

7.2.2.3

should (second occurrence)

yes

Not applicable

7.2.2.3

should (third occurrence)

yes

Not applicable

7.2.2.3

should (fourth occurrence)

yes

Not applicable

7.2.2.3

should not

no

Not applicable

7.2.2.3

shall not

no

Not applicable

7.2.3.3

should (first occurrence)

yes

Not applicable

7.2.3.3

should (second occurrence)

yes

Not applicable

7.2.3.3

should (third occurrence)

yes

Not applicable

7.2.3.3

should (fourth occurrence)

yes

Not applicable

7.2.3.3

should (fifth occurrence)

yes

Not applicable

7.2.3.3

should not

no

Not applicable

8

should

yes

Not applicable

8.3.2

should not

no

Not applicable

Table 6 NIST SP800-56B Conformance

Name

CSPs type

Generation

Storage and

Zeroization

Use

Key Encryption

Key (KEK)

Triple-DES 168-

bit key

Hardcoded during

manufacturing

Stored in Flash.

Zeroized by using

command ‘wipe out

flash’

Encrypts

IKEv1/IKEv2 Pre-

shared key, RADIUS

server shared secret,

RSA private key,

ECDSA private key,

802.11i pre-shared key

and Passwords.

DRBG entropy

input

SP800-90a DRBG

(512 bits)

Derived using NON-

FIPS approved HW

RNG

Stored in plaintext in

volatile memory.

Zeroized on reboot.

DRBG initialization

DRBG seed SP800-90a DRBG

(384 bits)

Generated per SP800-

90A using a derivation

function

Stored in plaintext in

volatile memory.

Zeroized on reboot.

DRBG initialization

1 2 ... 60 61 62 63 64 65 66 67 68 69 70 ... 92 93

Comentários a estes Manuais

Sem comentários