- ページ 25
スイッチ Dell PowerConnect W-650のPDF 補足マニュアルをオンラインで閲覧またはダウンロードできます。Dell PowerConnect W-650 42 ページ。 Dell networking w-600 controller series
Dell PowerConnect W-650 にも: インストレーション・マニュアル (20 ページ), 仕様 (2 ページ)
Table 6 CSPs Used in Aruba Mobility Controllers
CSPs
IKEv1/IKEv2 Diffie-
Hellman shared secret
IKEv1/IKEv2 session
authentication key
IKEv1/IKEv2 session
encryption key
SSH session keys
SSH session
authentication key
SSH Diffie-Hellman
Private Key
TLS pre-master secret
TLS session encryption
key
TLS session
authentication key
RSA Private Key
ECDSA Private Key
Aruba 620, 650 and Dell W-620, W-650 | FIPS 140-2 Level 2 Release Supplement
CSPs type
Generation
128 octet or 32/48
Established during the
octet (Elliptic curve
Diffie-Hellman Key
Diffie Hellman)
Agreement
intermediate value
used for cryptographic
key derivation
160-bit HMAC-SHA1or
Established as a result
256 byte HMAC-SHA-
of Diffie-Hellman key
256-128 or 384 byte
agreement.
HMAC-SHA-384-192
key
168-bit Triple-DES or
Established as a result
128/192/256-bit AES-
of Diffie-Hellman key
CBC key
agreement.
168-bit Triple-DES or
Established during the
128/192/256-bit AES
SSH key exchange
keys
using the Diffie-
Hellman key
agreement
160-bit HMAC-SHA-1
Established during the
SSH key exchange
using the Diffie-
Hellman key
agreement
768/1024-bit Diffie-
Generated internally
Hellman private key.
during the SSH
Note: Key size 768 bits
session negotiations
is not allowed in FIPS
mode.
48 byte secret
Externally generated
AES 128, 192, 256
Generated in the
module
160-bit HMAC-SHA1
Generated in the
key
module
RSA 1024/2048 bit key Generated in the
module
ECDSA suite B P-256
Generated in the
and P-384 curves
module
Storage and Zeroization
Stored in plaintext in volatile
memory. Zeroized when
session is closed.
Stored in plaintext in volatile
memory. Zeroized when
session is closed.
Stored in plaintext in volatile
memory. Zeroized when
session is closed.
Stored in plaintext in volatile
memory. Zeroized when the
session is closed.
Stored in plaintext in volatile
memory. Zeroized when the
session is closed.
Stored in the volatile memory.
Zeroized after the session is
closed.
Stored in plaintext in volatile
memory. Zeroized when the
session is closed.
Stored in plaintext in volatile
memory. Zeroized when the
session is closed.
Stored in plaintext in volatile
memory. Zeroized when the
session is closed.
Stored in flash memory
encrypted with KEK. Zeroized
by the CO command write
erase all.
Stored in flash memory
encrypted with KEK. Zeroized
by the CO command write
erase all.
Use
Key agreement in
IKEv1/IKEv2
IKEv1/IKEv2 payload
integrity verification
IKEv1/IKEv2 payload
encryption
Secure SSH traffic
Secure SSH traffic
Used in establishing the
session key for an SSH
session.
Key agreement during
TLS
Key agreement during
802.1x connection
Key agreement during
802.1x connection
Used by TLS and EAP-
TLS/PEAP protocols
during the handshake,
used for signing OCSP
responses, and used by
IKEv1/IKEv2 for device
authentication and for
signing certificates
Used by TLS and EAP-
TLS/PEAP protocols
during the handshake.
FIPS 140-2 Level 2 Features |
23