Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 Date 2022-03-30 HUAWEI TECHNOLOGIES CO., LTD. Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. i Copyright © Huawei Technologies Co., Ltd. 2020. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademarks and Permissions and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute a warranty of any kind, express or implied. Huawei Technologies Co., Ltd. Address: Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China Website: http://www.huawei.com Email: support@huawei.com Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. ii Change History Changes between document issues are cumulative. The latest document issue contains all the changes made in earlier issues. Date Version Change Description Author 2019-02-15 0.1 Initial Draft Gu zhenlin 2020-02-20 1.1 Modify issues Gu zhenlin 2020-05-15 1.2 Update Gu zhenlin 2020-07-04 1.3 Update Gu zhenlin 2021-07-10 1.4 Update Wang Chunning 2021-07-15 1.5 Update Wang Chunning 2021-10-22 1.6 Update Wang Chunning 2022-03-30 1.7 Update Wang Chunning Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. iii Contents 1 Introduction................................................................................................................................... 10 1.1 ST reference..................................................................................................................................................................10 1.2 TOE reference...............................................................................................................................................................10 1.3 TOE overview...............................................................................................................................................................11 1.3.1 TOE Usage.................................................................................................................................................................11 1.3.2 TOE type....................................................................................................................................................................11 1.3.3 Non TOE Hardware and Software.............................................................................................................................11 1.3.4 Major Security Features.............................................................................................................................................13 1.4 TOE Description...........................................................................................................................................................14 1.4.1 Physical scope............................................................................................................................................................15 1.4.1.1 Evaluated Configuration.........................................................................................................................................16 1.4.2 Logical scope.............................................................................................................................................................17 1.5 Standalone TOE............................................................................................................................................................18 2 CPP_ND Conformance Claims.................................................................................................... 19 2.1 CPP_ND Conformance Claim......................................................................................................................................19 2.2 Protection Profile Conformance................................................................................................................................... 19 2.3 Conformance Rationale................................................................................................................................................ 19 2.3.1 TOE Appropriateness.................................................................................................................................................19 2.3.2 TOE Security Problem Definition Consistency.........................................................................................................19 2.3.3 Statement of Security Objectives Consistency..........................................................................................................20 2.3.4 Statement of Security Requirements Consistency.....................................................................................................20 3 Security Problem Definition......................................................................................................... 21 3.1 ASSET..........................................................................................................................................................................21 3.2 Threats.......................................................................................................................................................................... 22 3.2.1 T.UNAUTHORIZED_ADMINISTRATOR_ACCESS.............................................................................................22 3.2.2 T.WEAK_CRYPTOGRAPHY.................................................................................................................................. 22 3.2.3 T.UNTRUSTED_COMMUNICATION_CHANNELS.............................................................................................23 3.2.4 T.WEAK_AUTHENTICATION_ENDPOINTS.......................................................................................................23 3.2.5 T.UPDATE_COMPROMISE.................................................................................................................................... 23 3.2.6 T.UNDETECTED_ACTIVITY.................................................................................................................................23 3.2.7 T.SECURITY_FUNCTIONALITY_COMPROMISE..............................................................................................24 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. iv 3.2.8 T.PASSWORD_CRACKING....................................................................................................................................24 3.2.9 T.SECURITY_FUNCTIONALITY_FAILURE........................................................................................................24 3.3 Assumptions................................................................................................................................................................. 25 3.3.1 A.PHYSICAL_PROTECTION.................................................................................................................................25 3.3.2 A.LIMITED_FUNCTIONALITY.............................................................................................................................25 3.3.3 A.NO_THRU_TRAFFIC_PROTECTION............................................................................................................... 25 3.3.4 A.TRUSTED_ADMINISTRATOR...........................................................................................................................25 3.3.5 A.REGULAR_UPDATES.........................................................................................................................................26 3.3.6 A.ADMIN_CREDENTIALS_SECURE................................................................................................................... 26 3.3.7 A.RESIDUAL_INFORMATION..............................................................................................................................26 3.4 Organizational Security Policies...................................................................................................................................26 3.4.1 P.ACCESS_BANNER...............................................................................................................................................26 4 Security Objectives........................................................................................................................27 4.1 Security Objectives for the Operational Environment..................................................................................................27 4.1.1 OE. PHYSICAL........................................................................................................................................................ 27 4.1.2 OE. NO_GENERAL_PURPOSE..............................................................................................................................27 4.1.3 OE. NO_THRU_TRAFFIC_PROTECTION............................................................................................................27 4.1.4 OE. TRUSTED_ADMIN.......................................................................................................................................... 27 4.1.5 OE. UPDATES.......................................................................................................................................................... 27 4.1.6 OE. ADMIN_CREDENTIALS_SECURE................................................................................................................28 4.1.7 OE. RESIDUAL_INFORMATION...........................................................................................................................28 5 Extended Components Definition................................................................................................ 29 6 Security Functional Requirements...............................................................................................30 6.1 Conventions..................................................................................................................................................................30 6.2 SFR Architecture.......................................................................................................................................................... 31 6.2.1 Security Audit (FAU).................................................................................................................................................31 6.2.1.1 FAU_GEN.1 Audit data generation................................................................................................................31 6.2.1.2 FAU_GEN.2 User identity association...........................................................................................................34 6.2.1.3 FAU_STG_EXT.1 Protected Audit Event Storage.........................................................................................34 6.2.1.4 FAU_STG.3/LocSpace Action in case of possible audit data loss < O >...............................................................34 6.2.1.5 FAU_STG.1 Protected audit trail storage .......................................................................................................34 6.2.2 Cryptographic Support (FCS)....................................................................................................................................35 6.2.2.1 FCS_CKM.1 Cryptographic Key Generation (Refinement) ......................................................................... 35 6.2.2.2 FCS_CKM.2 Cryptographic Key Establishment (Refinement)..................................................................... 35 6.2.2.3 FCS_CKM.4 Cryptographic Key Destruction................................................................................................35 6.2.2.4 FCS_COP.1/DataEncryption Cryptographic Operation (AES Data Encryption/ Decryption) ......................36 6.2.2.5 FCS_COP.1/SigGen Cryptographic Operation (Signature Generation and Verification) ............................. 36 6.2.2.6 FCS_COP.1/Hash Cryptographic Operation (Hash Algorithm) ....................................................................36 6.2.2.7 FCS_COP.1/KeyedHash Cryptographic Operation (Keyed Hash Algorithm) .............................................. 36 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. v 6.2.2.8 FCS_RBG_EXT.1 Random Bit Generation................................................................................................... 37 6.2.2.9 FCS_SSHS_EXT.1 SSH Server Protocol .......................................................................................................37 6.2.2.10 FCS_TLSC_EXT.2 TLS Client Protocol with Authentication ..................................................................... 37 6.2.3 Identification and Authentication (FIA).................................................................................................................... 38 6.2.3.1 FIA_AFL.1 Authentication Failure Management (Refinement).................................................................... 38 6.2.3.2 FIA_PMG_EXT.1 Password Management.................................................................................................... 38 6.2.3.3 FIA_UIA_EXT.1 User Identification and Authentication .............................................................................39 6.2.3.4 FIA_UAU_EXT.2 Password-based Authentication Mechanism ...................................................................39 6.2.3.5 FIA_UAU.7 Protected Authentication Feedback .......................................................................................... 39 6.2.3.6 FIA_X509_EXT.1/Rev X.509 Certificate Validation .....................................................................................39 6.2.3.7 FIA_X509_EXT.2 X.509 Certificate Authentication ..................................................................................... 40 6.2.4 Security Management (FMT).................................................................................................................................... 40 6.2.4.1 FMT_MOF.1/ManualUpdate Management of security functions behaviour ................................................40 6.2.4.2 FMT_MOF.1/Services Management of security functions behaviour ............................................................40 6.2.4.3 FMT_MTD.1/CoreData Management of TSF Data ......................................................................................40 6.2.4.4 FMT_MTD.1/CryptoKeys Management of TSF data .................................................................................... 41 6.2.4.5 FMT_SMF.1 Specification of Management Functions ................................................................................. 41 6.2.4.6 FMT_SMR.2 Restrictions on security roles ..................................................................................................41 6.2.5 Protection of the TSF (FPT)...................................................................................................................................... 42 6.2.5.1 FPT_SKP_EXT.1 Protection of TSF Data (for reading of all pre-shared, symmetric and private keys) ......42 6.2.5.2 FPT_APW_EXT.1 Protection of Administrator Passwords...........................................................................42 6.2.5.3 FPT_TST_EXT.1 TSF Testing (Extended) ....................................................................................................42 6.2.5.4 FPT_TUD_EXT.1 Trusted Update ................................................................................................................ 42 6.2.5.5 FPT_STM.EXT.1 Reliable Time Stamps ...................................................................................................... 43 6.2.6 TOE Access (FTA).....................................................................................................................................................43 6.2.6.1 FTA_SSL_EXT.1 TSF-initiated Session Locking .........................................................................................43 6.2.6.2 FTA_SSL.3 TSF-initiated Termination (Refinement) ...................................................................................43 6.2.6.3 FTA_SSL.4 User-initiated Termination (Refinement)................................................................................... 43 6.2.6.4 FTA_TAB.1 Default TOE Access Banners (Refinement) ............................................................................. 43 6.2.7 Trusted path/channels (FTP)......................................................................................................................................44 6.2.7.1 FTP_ITC.1 Inter-TSF trusted channel (Refined)............................................................................................44 6.2.7.2 FTP_TRP.1/Admin Trusted Path (Refinement) .............................................................................................44 6.3 Assurance Security Requirements................................................................................................................................44 6.4 SFR Rationale...............................................................................................................................................................45 7 TOE Summary Specification........................................................................................................48 7.1 Security Audit (FAU)....................................................................................................................................................48 7.1.1 FAU_GEN.1 Audit data generation...........................................................................................................................48 7.1.2 FAU_GEN.2 User identity association..................................................................................................................... 48 7.1.3 FAU_STG.1 Protected audit trail storage................................................................................................................ 49 7.1.4 FAU_STG_EXT.1 Protected audit event storage......................................................................................................49 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. vi 7.1.5 FAU_STG.3/LocSpace Action in case of possible audit data loss............................................................................ 50 7.2 Cryptographic Support (FCS).......................................................................................................................................50 7.2.1 FCS_CKM.1 Cryptographic Key Generation............................................................................................................50 7.2.2 FCS_CKM.2 Cryptographic Key Establishment.......................................................................................................50 7.2.3 FCS_CKM.4 Cryptographic Key Destruction...........................................................................................................51 7.2.4 FCS_COP.1/DataEncryption Cryptographic Operation (AES Data Encryption/ Decryption)..................................52 7.2.5 FCS_COP.1/SigGen Cryptographic Operation (Signature Generation and Verification)......................................... 52 7.2.6 FCS_COP.1/Hash Cryptographic Operation (Hash Algorithm)................................................................................52 7.2.7 FCS_COP.1/KeyedHash Cryptographic Operation (Keyed Hash Algorithm).......................................................... 53 7.2.8 FCS_RBG_EXT.1 Extended: Cryptographic Operation (Random Bit Generation)................................................. 53 7.2.9 FCS_SSHS_EXT.1 SSH Server................................................................................................................................ 54 7.2.9.1 FCS_SSHS_EXT.1.1.............................................................................................................................................. 54 7.2.9.2 FCS_SSHS_EXT.1.2.............................................................................................................................................. 54 7.2.9.3 FCS_SSHS_EXT.1.3.............................................................................................................................................. 54 7.2.9.4 FCS_SSHS_EXT.1.4.............................................................................................................................................. 54 7.2.9.5 FCS_SSHS_EXT.1.5.............................................................................................................................................. 55 7.2.9.6 FCS_SSHS_EXT.1.6.............................................................................................................................................. 55 7.2.9.7 FCS_SSHS_EXT.1.7.............................................................................................................................................. 55 7.2.9.8 FCS_SSHS_EXT.1.8.............................................................................................................................................. 55 7.2.10 FCS_TLSC_EXT.2 TLS Client Protocol with Authentication................................................................................56 7.2.10.1 FCS_TLSC_EXT.2.1............................................................................................................................................56 7.2.10.2 FCS_TLSC_EXT.2.2............................................................................................................................................56 7.2.10.3 FCS_TLSC_EXT.2.3............................................................................................................................................56 7.2.10.4 FCS_TLSC_EXT.2.4............................................................................................................................................56 7.2.10.5 FCS_TLSC_EXT.2.5............................................................................................................................................56 7.3 Identification and Authentication (FIA)....................................................................................................................... 56 7.3.1 FIA_AFL.1 Authentication Failure Management......................................................................................................56 7.3.2 FIA_PMG_EXT.1 Password Management............................................................................................................... 57 7.3.3 FIA_UIA_EXT.1 User Identification and Authentication.........................................................................................57 7.3.4 FIA_UAU_EXT.2 Password-based Authentication Mechanism...............................................................................57 7.3.5 FIA_UAU.7 Protected Authentication Feedback...................................................................................................... 58 7.3.6 FIA_X509_EXT.1/Rev X.509 Certificate Validation................................................................................................58 7.3.7 FIA_X509_EXT.2 X.509 Certificate Authentication................................................................................................ 58 7.4 Security management (FMT)........................................................................................................................................59 7.4.1 FMT_MOF.1/ManualUpdate.....................................................................................................................................59 7.4.2 FMT_MOF.1/Services...............................................................................................................................................59 7.4.3 FMT_MTD.1/CoreData Management of TSF Data.................................................................................................. 59 7.4.4 FMT_MTD.1/CryptoKeys Management of TSF data...............................................................................................60 7.4.5 FMT_SMF.1 Specification of Management Functions............................................................................................. 60 7.4.6 FMT_SMR.2 Restrictions on security roles..............................................................................................................61 7.5 Protection of the TSF (FPT)......................................................................................................................................... 61 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. vii 7.5.1 FPT_SKP_EXT.1 Protection of TSF Data (for reading of all symmetric keys)........................................................61 7.5.2 FPT_APW_EXT.1 Protection of Administrator Passwords...................................................................................... 61 7.5.3 FPT_TST_EXT.1 TSF testing................................................................................................................................... 62 7.5.4 FPT_TUD_EXT.1 Trusted Update............................................................................................................................ 62 7.5.5 FPT_STM_EXT.1 Reliable Time Stamps................................................................................................................. 62 7.6 TOE Access (FTA)........................................................................................................................................................63 7.6.1 FTA_SSL_EXT.1 TSF-initiated Session Locking.....................................................................................................63 7.6.2 FTA_SSL.3 TSF-initiated Termination..................................................................................................................... 63 7.6.3 FTA_SSL.4 User-initiated Termination.....................................................................................................................63 7.6.4 FTA_TAB.1 Default TOE Access Banners................................................................................................................64 7.7 Trusted path/channels (FTP).........................................................................................................................................64 7.7.1 FTP_ITC.1 Inter-TSF trusted channel.......................................................................................................................64 7.7.2 FTP_TRP.1/Admin Trusted Path............................................................................................................................... 64 8 Crypto Disclaimer........................................................................................................................65 9 Abbreviations Terminology and References..........................................................................68 9.1 Abbreviations................................................................................................................................................................68 9.2 Terminology..................................................................................................................................................................70 9.3 References.....................................................................................................................................................................70 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. viii Tables Table 1 Environment Components required.......................................................................................................12 Table 2 Cryptography provided by TOE............................................................................................................ 17 Table 3 TOE Assets.............................................................................................................................................22 Table 4 Definition of Extended Components - references to [CPP_ND].......................................................... 29 Table 5 Security Functional Requirements and Auditable Events.....................................................................31 Table 6 Security Assurance Requirements......................................................................................................... 44 Table 7 Dependency rationale for SFRs.............................................................................................................45 Table 8 Key Destructions....................................................................................................................................51 Table 9 Usage of Hash Algorithm...................................................................................................................... 53 Table 10 Specification of Keyed Hash Algorithm..............................................................................................53 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. ix Figures Figure 1-1 IT Entities which connect with TOE................................................................................................ 12 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 10 1 Introduction 1.1 ST reference ST Title Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target ST version 1.7 Date 2022-03-30 Vendor and ST author Huawei Technologies Co., Ltd 1.2 TOE reference TOE Name Huawei AR6000&AR600 Series Routers running VRP software TOE software version V300R019C11SPC200 Patch V300R019C11HP0095T TOE Hardware Models AR6300, AR6280, AR6140-9G-2AC, AR6140-16G4XG, AR6121, AR6120, AR651C, AR651W, AR651, AR657W, AR611W and AR617VW-LTE4EA Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 11 1.3 TOE overview 1.3.1 TOE Usage Huawei NetEngine AR6000 (AR6000 for short): Huawei's next-generation NetEngine AR6000 series enterprise routers use high-performance multi-core processors and a non-blocking switching structure, helping to deliver higher forwarding performance than the industry average. Huawei NetEngine AR6000 series enterprise routers can be deployed at enterprise headquarters or branches as required to provide enterprise network egress capabilities. The NetEnfngine AR6000 series consists of models such as NetEngine AR6120 NetEngine AR6121, NetEngine AR6140-9G-2AC, NetEngine AR6140-16G4XG, NetEngine AR6280, and NetEngine AR6300, which can meet networking requirements of enterprises of different scales. Huawei NetEngine AR600 (AR600 for short) : Huawei's next-generation NetEngine AR600 series enterprise routers use multi-core processors and a non-blocking switching structure, helping to deliver four times the industry average performance. Huawei NetEngine AR600 series enterprise routers can be deployed at branches of SMBs and small-sized enterprises as required to provide enterprise network egress capabilities. The NetEngine AR600 series consists of models such as NetEngine AR651C, NetEngine AR651, NetEngine AR651W, NetEngine AR657W, NetEngine AR611W and NetEngine AR617VW-LTE4EA. Huawei provides various models which can meet networking requirements of enterprises of different scales. They consist of both hardware and software, providing network traffic processing capacity. The TOE is software only and is consisting of the Versatile Routing Platform (VRP) and the underlying Operating System (OS). Network traffic is processed and forwarded by the underlying hardware according to routing decisions downloaded from VRP. They run with the VRP developed by Huawei. VRP provides extensive security features. These features include different interfaces with according access levels for administrators, enforcing authentications prior to establishment of administrative sessions, auditing of security-relevant management activities. These security features constitute the TOE. 1.3.2 TOE type The TOE type is a routers product series (network devices) using high-performance multi-core processors and a non-blocking switching structure, helping to deliver higher forwarding performance than the industry average. 1.3.3 Non TOE Hardware and Software The TOE supports the following hardware, software, and firmware components in its operational environment. All of the following environment components are supported by all TOE evaluated configuration. Component Required Usage/Purpose Description for TOE performance Network Management Server YES This includes any Management workstation with a SSH client installed that is used to establish a protected channel with the TOE. Local Console YES This includes any Console that is directly connected to the TOE via the Serial Console Port and is used by the TOE administrator to support TOE administration. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 12 Component Required Usage/Purpose Description for TOE performance Syslog Server YES This includes any syslog server to which the TOE would transmit syslog messages. NTP server YES The TOE supports secure communications with an NTP server in order to synchronize the date and time on the TOE with the NTP server’s date and time. When the TOE acts as NTP server, it receives NTP request from client and send timestamp to the client. Table 1 Environment Components required Therefore, the following figure shows the IT entities which are connected to the TOE: Figure 1-1 IT Entities which connect with TOE The HARDWARE that is necessary for the TOE to work is the following: Hardware Configuration NetEngine AR6120 NetEngine AR6120 fixed 8*GE RJ45 for LAN interfaces, and fixed 1* GE combo, 1*GE RJ45, 10GE SFP+ for WAN interfaces.NetEngine AR6120 supports 2 SIC slots and 1 WSIC slot. NetEngine AR6121 NetEngine AR6121 fixed 8*GE RJ45 for LAN interfaces, and fixed 1* GE combo, 1*GE RJ45, 10GE SFP+ for WAN interfaces. NetEngine AR6121 supports 2 SIC slots and 1 WSIC slot. NetEngine AR6140-9G-2AC NetEngine AR6140-9G-2AC fixed 2*GE SFP, 3*GE RJ45 for LAN interfaces, and fixed 2*GE RJ45, 2*GE SFP for WAN interfaces. NetEngine AR6140-9G-2AC supports 4 SIC slots, 2 WSIC slots and 1 XSIC slot. NetEngine AR6140-16G4XG NetEngine AR6140-16G4XG fixed 16*GE RJ45 for LAN interfaces, and fixed 4*GE RJ45, 4*10GE SFP for WAN interfaces. NetEngine AR6140-16G4XG supports 4 SIC slots and 2 WSIC slots. NetEngine AR6280 NetEngine AR6280 fixed 14*10GE SFP, 10*10GE RJ45 for WAN interfaces. NetEngine AR3280 supports 4 SIC slots, 2 WSIC slots and 2 XSIC slots. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 13 NetEngine AR6300 NetEngine AR6280 fixed 14*10GE SFP, 10*10GE RJ45 for WAN interfaces. NetEngine AR3280 supports 4 SIC slots, 4 WSIC slots and 6 XSIC slots. NetEngine AR651 NetEngine AR651 fixed 8*GE RJ45 for LAN interfaces, and fixed 2*GE combo for WAN interfaces. Not support slots. NetEngine AR651C NetEngine AR651 fixed 8*GE RJ45 for LAN interfaces, and fixed 2*GE SFP, 2*GE RJ45 for WAN interfaces. Not support slots. NetEngine AR651W NetEngine AR651 fixed 8*GE RJ45 for LAN interfaces, and fixed 2*GE SFP, 2*GE RJ45 for WAN interfaces. Not support slots. NetEngine AR657W NetEngine AR651 fixed 8*GE RJ45 for LAN interfaces, and fixed 1*VDSL, 2*GE RJ45 for WAN interfaces. Not support slots. NetEngine AR611W NetEngine AR651 fixed 4*GE electrical ports for LAN interfaces, and fixed 1*GE combo for WAN interfaces. Not support slots. NetEngine AR617VW-LTE4E A NetEngine AR651 fixed 4*GE electrical ports for LAN interfaces, and fixed 1*GE combo, 1*VDSL, 1*LTE for WAN interfaces. Not support slots. Huawei relies on 3rd party shipping world class logistics service providers such as DHL, KN, Schenker, Panalpina and so on to ensure the security of product in international transportation and regional warehousing, so as to deliver products to customers efficiently and securely. Huawei has a contractual agreement on Logistics Security that they have signed with all of these companies. Staff of the production facility shall notify the user of the shipping company that will ship the TOE in advance. In the e-mail, Huawei sent a delivery note with the information related to the TOE. 1.3.4 Major Security Features (1) Security Audit - The TOE generates audit records to provide basis for system diagnosis and maintenance. Audit records reflect the operating status of a device and are used to analyze the conditions of a network and to find out the causes of network failure or faults. Audit records are stored locally and may be backed up to a remote syslog server. (2) Cryptographic support - The TOE provides cryptography in support of secure connections that includes remote administrative management. (3) Identification and authentication - The TOE ensures that all Authorized Administrator are successfully identified and authenticated prior to gaining access to the TOE. (4) Secure Management - The TOE restricts the ability to determine the behavior of and modify the behavior of the functions transmission of audit data to the security administrator. Only the security administrator can manage the cryptographic keys. Only the security administrator has the right of opening/closing the security services and creation/deletion/modification of the user accounts. (5) Protection of the TSF - The TOE protects the pre-shared keys, symmetric keys, and private keys from reading them by an unauthorized entity. The TOE stores the users or administrator passwords in non-plaintext form preventing them from reading. The TOE verifies the packet before their installation and uses the digital signature. (6) TOE access through user authentication - The TOE provides communication security by implementing SSH protocol. (7) Trusted path and channels for device authentication - The TOE supports the trusted connections using TLS for the communication with the audit server. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 14 1.4 TOE Description The TOE is AR6000&NetEngine AR600 Series Routers is comprised of software. This software is comprised in turn of Versatile Routing Platform (VRP) software, VRP is a network OS incorporating Huawei's proprietary intellectual properties and capable of supporting various network systems of Huawei. The hardware is comprised of the following: AR6300, AR6280, AR6140-9G-2AC, AR6140-16G4XG, AR6121, AR6120, AR651C, AR651W, AR651, AR657W, AR611W and AR617VW-LTE4EA. The Huawei AR6000& AR600 Series Routers use the same VRP version. TSF relevant functions depend on software implementation. Hardware Configuration Processor Interface NetEngine AR6120 NetEngine AR6120 fixed 8*GE RJ45 for LAN interfaces, and fixed 1* GE combo, 1*GE RJ45, 10GE SFP+ for WAN interfaces. NetEngine AR6120 supports 2 SIC slots and 1 WSIC slot. ARM Based on TOE's I/O modules NetEngine AR6121 NetEngine AR6121 fixed 8*GE RJ45 for LAN interfaces, and fixed 1* GE combo, 1*GE RJ45, 10GE SFP+ for WAN interfaces. NetEngine AR6121 supports 2 SIC slots and 1 WSIC slot. ARM Based on TOE's I/O modules NetEngine AR6140-9G-2A C NetEngine AR6140-9G-2AC fixed 2*GE SFP, 3*GE RJ45 for LAN interfaces, and fixed 2*GE RJ45, 2*GE SFP for WAN interfaces. NetEngine AR6140-9G-2AC supports 4 SIC slots, 2 WSIC slots and 1 XSIC slot. ARM Based on TOE's I/O modules NetEngine AR6140-16G4X G NetEngine AR6140-16G4XG fixed 16*GE RJ45 for LAN interfaces, and fixed 4*GE RJ45, 4*10GE SFP for WAN interfaces. NetEngine AR6140-16G4XG supports 4 SIC slots and 2 WSIC slots. ARM Based on TOE's I/O modules NetEngine AR6280 NetEngine AR6280 fixed 14*10GE SFP, 10*10GE RJ45 for WAN interfaces. NetEngine AR3280 supports 4 SIC slots, 2 WSIC slots and 2 XSIC slots. ARM Based on TOE's I/O modules NetEngine AR6300 NetEngine AR6280 fixed 14*10GE SFP, 10*10GE RJ45 for WAN interfaces. NetEngine AR3280 supports 4 SIC slots, 4 WSIC slots and 6 XSIC slots. ARM Based on TOE's I/O modules NetEngine AR651 NetEngine AR651 fixed 8*GE RJ45 for LAN interfaces, and fixed 2*GE combo for WAN interfaces. Not support slots. ARM NetEngine AR651C NetEngine AR651 fixed 8*GE RJ45 for LAN interfaces, and fixed 2*GE SFP, 2*GE RJ45 for WAN interfaces. Not support slots. ARM Based on TOE's I/O modules NetEngine AR651W NetEngine AR651 fixed 8*GE RJ45 for LAN interfaces, and fixed 2*GE SFP, 2*GE RJ45 for WAN interfaces. Not support slots. ARM Based on TOE's I/O modules Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 15 NetEngine AR657W NetEngine AR651 fixed 8*GE RJ45 for LAN interfaces, and fixed 1*VDSL, 2*GE RJ45 for WAN interfaces. Not support slots. ARM Based on TOE's I/O modules NetEngine AR611W NetEngine AR651 fixed 4*GE electrical ports for LAN interfaces, and fixed 1*GE combo for WAN interfaces. Not support slots. ARM Based on TOE's I/O modules NetEngine AR617VW-LTE 4EA NetEngine AR651 fixed 4*GE electrical ports for LAN interfaces, and fixed 1*GE combo, 1*VDSL, 1*LTE for WAN interfaces. Not support slots. ARM Based on TOE's I/O modules Table 2 The models that have been claimed within this evaluation. 1.4.1 Physical scope This section will define the physical scope of AR6000&AR600 series routers to be evaluated. ● The SOFTWARE part of the TOE is the following: Hardware Product serie model Delivery Item Version Signature File Sha256sum hash AR6000 series AR6300 AR6300-V300R019C 11SPC200.cc V300R019C1 1SPC200 AR6300-V300R019C11 SPC200.cc.asc c1917d06b1781dbbbd9cda0ca90db53b4436 6bb5be9a59d6dc1db42c6530ce55 AR6280 AR6280-V300R019C 11SPC200.cc AR6280-V300R019C11 SPC200.cc.asc c1917d06b1781dbbbd9cda0ca90db53b4436 6bb5be9a59d6dc1db42c6530ce55 AR6140-9G- 2AC AR6140-V300R019C 11SPC200.cc AR6140-V300R019C11 SPC200.cc.asc cf76f996ac2e8452ec370b1d400638e273b4 767afc46d56ae0127ef7e20b463b AR6140-16 G4XC AR6140H-V300R019 C11SPC200.cc AR6140H-V300R019C 11SPC200.cc.asc 165e964868725a1aeb6dbeea04988e785c87 2ee4721e5264ada83b37d619a9cc AR6121 AR6120-V300R019C 11SPC200.cc AR6120-V300R019C11 SPC200.cc.asc 40984f43886a3d71b53ca28f2d3d8653f5b3 0cdca2731d711c9eed8ca2e51e1e AR6120 AR600 series AR651C AR650AL-V300R019 C11SPC200.cc V300R019C1 1SPC200 AR650AL-V300R019C 11SPC200.cc.asc 180510efe1f791e2a1f24eafd80d7d8c9d2d5 8da9572690262dc1a389ebd3a4c AR651W AR650A-V300R019 C11SPC200.cc AR650A-V300R019C1 1SPC200.cc.asc 4e382eddd4823bb57d7663f3ec716100b636 774b9571632719355024eb56d311 AR651 AR657W AR611W AR610-V300R019C1 1SPC200.cc AR610-V300R019C11S PC200.cc.asc cd762c2b774a2b70d0ac926aa93179d87e78 ad47bf9e62bb09db8321a0e670e1 AR617VW- LTE4EA Huawei will provide an account to the customer via email with sufficient privilege that allows a user to log in the official website and download the corresponding software package. The software is available in the following links: - For AR6000: https://support.huawei.com/enterprise/en/routers/ar6000-pid-250680700/sof tware/251987280?idAbsPath=fixnode01%7C24030814%7C21432787%7C2 3708834%7C250680700 - For AR600: https://support.huawei.com/enterprise/en/routers/ar600-pid-250680707/soft ware/251756243?idAbsPath=fixnode01%7C24030814%7C21432787%7C2 3708834%7C250680707 ● The SOFTWARE PATCH part of the TOE is the following: Hardware Product serie model Delivery Item Version Signature File Sha256sum hash AR6000 AR6300 AR6300-SRU100H-V V300R019C1 AR6300-SRU100H-V3 2c7d3c262f33361005660d8c8a95c5aa435d Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 16 series 300R019C11HP0095 T.pat 1HP0095T 00R019C11HP0095T.p at.asc 019c558f9039151a3bdc10cac17b AR6280 AR6280-SRU100H-V 300R019C11HP0095 T.pat AR6280-SRU100H-V3 00R019C11HP0095T.p at.asc 2c7d3c262f33361005660d8c8a95c5aa435d 019c558f9039151a3bdc10cac17b AR6140-9G- 2AC AR6140-9G-V300R0 19C11HP0095T.pat AR6140-9G-V300R019 C11HP0095T.pat.asc 773ec0210cce25f909f28c0143f7855b2dca3 dc41c47bed7f916e9dafcc368af AR6140-16 G4XC AR6140-16G-V300R 019C11HP0095T.pat AR6140-16G-V300R01 9C11HP0095T.pat.asc 03956e0e587e243934417fc88a52054ff3b42 4949d9ec6d6c1a6008a769e619c AR6121 AR6120-V300R019C 11HP0095T.pat AR6120-V300R019C11 HP0095T.pat.asc 1e5691cbf8c511692befca5e151edd26551bf e255b7cc873a4cb5ca08647b3ef AR6120 AR600 series AR651C AR650AL-V300R019 C11HP0095T.pat V300R019C1 1HP0095T AR650AL-V300R019C 11HP0095T.pat.asc 3e7603af8e1aa188de6e6b4d4e5488ff8840f a041ff542f2ff0494424e978643 AR651W AR650A-V300R019 C11HP0095T.pat AR650A-V300R019C1 1HP0095T.pat.asc 82552c6646e26fa692edbf9ef31b71bf51047 95790084f514bba034e1b2a4457 AR651 AR657W AR611W AR610-V300R019C1 1HP0095T.pat AR610-V300R019C11 HP0095T.pat.asc cce9e0a5ee1d78bafb573c1439142517e090 bfc6c8720ac38a3fec3aab5f9056 AR617VW- LTE4EA Huawei will provide an account to the customer via email with sufficient privilege that allows a user to log in the official website and download the corresponding software patch. The software patches are available in the following link: https://support.huawei.com/enterprise/en/routers/ar6000-pid-250680700/sof tware/253642529/?idAbsPath=fixnode01|24030814|21432787|23708834|25 0680700 ● The GUIDANCE part of the TOE is the following: Name of the document Version/Issue Sha256sum hash NetEngine AR V300R019 Product Documentation.chm 09 0db2017c573b2b6f796f61c9412ceb95ac097e5da92a 3772413b1b3a94196f85 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Operational user Guidance.pdf 1.4 6d3cb55ace7bcff2fc34f68edc08b07beefc33829b40f4 83fb8eed148188a24f Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Preparative Procedures.pdf 1.4 2ba787cba192f506728b5be49cabc5ea24c4c49be026 b62e1b91e36e093271d1 Huawei sends the previous documentation via an email generated automatically by Huawei File Transfer System (etrans). 1.4.1.1 Evaluated Configuration Model HW Software NetEngine AR6120 NetEngine AR6120 fixed 8*GE RJ45 for LAN interfaces, and fixed 1* GE combo, 1*GE RJ45, 10GE SFP+ for WAN interfaces. V300R019C11SPC200 Patch V300R019C11HP0095T NetEngine AR6121 NetEngine AR6121 fixed 8*GE RJ45 for LAN interfaces, and fixed 1* GE combo, 1*GE RJ45, 10GE SFP+ for WAN interfaces. NetEngine AR6140-9G-2AC NetEngine AR6140-9G-2AC fixed 2*GE SFP, 3*GE RJ45 for LAN interfaces, and fixed 2*GE RJ45, 2*GE SFP for WAN interfaces. NetEngine AR6140-16G4XG NetEngine AR6140-16G4XG fixed 16*GE RJ45 for LAN interfaces, and fixed 4*GE RJ45, 4*10GE SFP for WAN interfaces. NetEngine AR6280 NetEngine AR6280 fixed 14*10GE SFP, 10*10GE RJ45 for WAN interfaces. NetEngine AR6300 NetEngine AR6280 fixed 14*10GE SFP, 10*10GE RJ45 for WAN interfaces. NetEngine AR651 NetEngine AR651 fixed 8*GE RJ45 for LAN interfaces, and fixed 2*GE combo for WAN interfaces. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 17 NetEngine AR651C NetEngine AR651 fixed 8*GE RJ45 for LAN interfaces, and fixed 2*GE SFP, 2*GE RJ45 for WAN interfaces. NetEngine AR651W NetEngine AR651 fixed 8*GE RJ45 for LAN interfaces, and fixed 2*GE SFP, 2*GE RJ45 for WAN interfaces. NetEngine AR657W NetEngine AR651 fixed 8*GE RJ45 for LAN interfaces, and fixed 1*VDSL, 2*GE RJ45 for WAN interfaces. NetEngine AR611W NetEngine AR651 fixed 4*GE electrical ports for LAN interfaces, and fixed 1*GE combo for WAN interfaces. NetEngine AR617VW-LTE4EA NetEngine AR651 fixed 4*GE electrical ports for LAN interfaces, and fixed 1*GE combo, 1*VDSL, 1*LTE for WAN interfaces. Other software: ● SSH Client v2.0 ● OpenSSL v1.1.1g 1.4.2 Logical scope The TOE is comprised of several security features. Each of the security features identified above consists of several security functionalities, as identified below. (1)Security audit ● The log module of the host software records operations on a device and events that occur to a device. The recorded operations and events are log messages. Log messages provide evidence for diagnosing and maintaining a system. Log messages reflect the operating status of a device and are used to analyze the conditions of a network and to find out the causes of network failure or faults. ● Key elements of log messages include timestamp, host name, Huawei identity, version, module name, severity, brief description, etc. ● IC component are the module processing, outputting log records. Information hierarchy is designed to help the user roughly differentiate between information about normal operation and information about faults. Since the information center needs to output information to the terminal, console, log buffer, and log file. (2)Cryptographic support ● The TOE provides cryptography in support of secure connections that includes remote administrative management. ● The cryptographic services provided by the TOE are described in Table below. Cryptography Function Use in the TOE DRBG Used in session establishment of TLS and SSH RSA Used in session establishment of TLS and SSH SHA Used to provide cryptographic hashing services HMAC-SHA Used to provide integrity and authentication verification AES Used to encrypt traffic transmitted through TLS and SSH Table 2 Cryptography provided by TOE (3)Identification and authentication Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 18 ● The authentication functionality provides validation by user’s account name and password. Public key authentication is supported for SSH users. Detailed functionalities, for example max idle-timeout period, max log-in attempts, UI lock, user kick out, can be applies by administrator according to networking environment, customized security considerations, differential user role on TOE, and/or other operational concerns. (4)Secure Management ● The TOE restricts the ability to determine the behavior of and modify the behavior of the functions transmission of audit data to the security administrator. Only the security administrator can manage the cryptographic keys. Only the security administrator has the right of opening/closing the security services and creation/deletion/modification of the user accounts. (5)Protection of the TSF ● The TOE protects the pre-shared keys, symmetric keys, and private keys from reading them by an unauthorized entity. The TOE stores the users or administrator passwords in non-plaintext form preventing them from reading. The TOE verifies the packet before their installation and uses the digital signature. (6)TOE access through user authentication ● The TOE provides communication security by implementing SSH protocol. ● To protect the TOE from eavesdrop and to ensure data transmission security and confidentiality, SSH implements: - authentication by password or by public-key; - AES encryption algorithms; - secure cryptographic key exchange; - Besides default TCP port 22, manually specifying a listening port is also implemented since it can effectively reduce attack. (7)Trusted path and channels for device authentication ● The TOE supports the trusted connections using TLS for the communication with the audit server. 1.5 Standalone TOE [CPP_ND], chapter 3 introduces distributed TOEs, i.e. TOEs that consist of more than one component. This does not refer to different software components running on one hardware component but same version software components running on each hardware components. This ST refers to a standalone TOE which is not a distributed TOE in the sense of [CPP_ND], chapter 3. All additional requirements that are defined for distributed TOEs within [CPP_ND] are therefore ignored in this ST. There are dedicated paragraphs in several Application Notes of [CPP_ND] which are only applicable to distributed TOEs. These dedicated paragraphs have not been integrated into the Application Notes in this ST since the TOE is not a distributed TOE. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 19 2 CPP_ND Conformance Claims 2.1 CPP_ND Conformance Claim As defined by the references [CC1[, [CC2] and [CC3], this ST: • conforms to the requirements of Common Criteria v3.1, Revision 5 • is Part 2 extended, Part 3 conformant • does not claim conformance to any other PP than the one specified in chap 2.2 • does not claim conformance to any Evaluation Assurance Level as defined in CC3, chap. 8. 2.2 Protection Profile Conformance This security target claims “Exact Conformance” to [CPP_ND]. Note that "Exact Conformance" is defined in [CPP_ND], chap. 2. The methodology applied for the cPP evaluation is defined in [CEM]. In addition to [CEM], the evaluation activities for [CPP_ND] are completed in [SD_ND]. 2.3 Conformance Rationale 2.3.1 TOE Appropriateness The TOE provides all of the functionality at a level of security commensurate with that identified in the [CPP_ND]. 2.3.2 TOE Security Problem Definition Consistency The Threats, Assumptions, and Organization Security Policies included in the Security Target represent the Threats, Assumptions, and Organization Security Policies specified in [CPP_ND] for which conformance is claimed verbatim. All concepts covered in the collaborative Protection Profile Security Problem Definition are included in the Security Target. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 20 2.3.3 Statement of Security Objectives Consistency The security objectives included in the security target represent the security objectives specified in [CPP_ND] for which conformance is claimed verbatim. All concepts covered in Protection Profile`s Statement of security objectives are included in the Security Target. 2.3.4 Statement of Security Requirements Consistency The Security Functional Requirements included in the Security Target represent the Security Functional Requirements specified in the [CPP_ND] for which conformance is claimed verbatim. All concepts covered the Protection Profile’s Statement of Security Requirements are included in the Security Target. Additionally, the Security Assurance Requirements included in the Security Target are identical to the Security Assurance Requirements included in section 6 of the [CPP_ND]. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 21 3 Security Problem Definition 3.1 ASSET The owner of the TOE presumably places value upon the following entities as long as they are in the scope of the TOE. Asset Name Description Audit data The data which is provided during security audit logging. TOE Security characteristic: confidentiality, integrity. Authentication data The data which is used to identify and authenticate the external entities such as account, password, certificate, etc. TOE Security characteristic: confidentiality, integrity. Cryptography data The data which is used for digital signature and encryption/decryption such as key. TOE Security characteristic: confidentiality, integrity. Management data The data which is used for software updates, and software integrity checking. TOE Security characteristic: integrity. Configuration data TOE Security characteristic: integrity. Software &firmware device firmware; software; TOE Security characteristic: integrity. Critical network traffic Administration traffic; Authentication traffic containing Authentication data; Audit traffic; traffic containing cryptography data; traffic containing Management data TOE Security characteristic: confidentiality, integrity. Security Functionality of the Device The TOE Security Functions (TSF) (Remark: In the context of this ST the Security Functionality of the device refers to the security functions of the TOE). TOE Security characteristic: integrity. Network on which the device resides The network on which the device resides. TOE Security characteristic: integrity. Network device The network device itself. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 22 TOE Security characteristic: integrity. Trust relations with other network devices Trust relations of the TOE with other network devices. TOE Security characteristic: integrity, authenticity. Table 3 TOE Assets 3.2 Threats The threats for the Network Device are grouped according to functional areas of the device in the sections below. 3.2.1 T.UNAUTHORIZED_ADMINISTRATOR_ACCESS Threat agents may attempt to gain Administrator access to the network device by nefarious means such as masquerading as an Administrator to the device, masquerading as the device to an Administrator, replaying an administrative session (in its entirety, or selected portions), or performing man-in-the-middle attacks, which would provide access to the administrative session, or sessions between network devices. Successfully gaining Administrator access allows malicious actions that compromise the security functionality of the device and the network on which it resides. SFR Rationale: The Administrator role is defined in FMT_SMR.2 and the relevant administration capabilities are defined in FMT_SMF.1 and FMT_MTD.1/CoreData, with additional capabilities in FMT_MOF.1/Services. The actions allowed before authentication of an Administrator are constrained by FIA_UIA_EXT.1, and include the advisory notice and consent warning message displayed according to FTA_TAB.1 The requirement for the Administrator authentication process is described in FIA_UAU_EXT.2 Locking of Administrator sessions is ensured by FTA_SSL_EXT.1 (for local sessions), FTA_SSL.3 (for remote sessions), and FTA_SSL.4 (for all interactive sessions) The secure channel used for remote Administrator connections is specified in FTP_TRP.1/Admin (Malicious actions carried out from an Administrator session are separately addressed by T.UNDETECTED_ACTIVITY) (Protection of the Administrator credentials is separately addressed by T.PASSWORD_CRACKING). 3.2.2 T.WEAK_CRYPTOGRAPHY Threat agents may exploit weak cryptographic algorithms or perform a cryptographic exhaust against the key space. Poorly chosen encryption algorithms, modes, and key sizes will allow attackers to compromise the algorithms, or brute force exhaust the key space and give them unauthorized access allowing them to read, manipulate and/or control the traffic with minimal effort. SFR Rationale: Requirements for key generation and key distribution are set in FCS_CKM.1 and FCS_CKM.2 respectively Requirements for use of cryptographic schemes are set in FCS_COP.1/DataEncryption, FCS_COP.1/SigGen, FCS_COP.1/Hash, and FCS_COP.1/KeyedHash Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 23 Requirements for random bit generation to support key generation and secure protocols (see SFRs resulting from T.UNTRUSTED_COMMUNICATION_CHANNELS) are set in FCS_RBG_EXT.1 Management of cryptographic functions is specified in FMT_SMF.1 3.2.3 T.UNTRUSTED_COMMUNICATION_CHANNELS Threat agents may attempt to target network devices that do not use standardized secure tunnelling protocols to protect the critical network traffic. Attackers may take advantage of poorly designed protocols or poor key management to successfully perform man-in-the-middle attacks, replay attacks, etc. Successful attacks will result in loss of confidentiality and integrity of the critical network traffic, and potentially could lead to a compromise of the network device itself. SFR Rationale: The general use of secure protocols for identified communication channels is described at the top level in FTP_ITC.1 and FTP_TRP.1/Admin Requirements for the use of secure communication protocols are set for all the allowed protocols in FCS_SSHS_EXT.1, FCS_TLSC_EXT.2 Requirements for use of public key certificates to support secure protocols are defined in FIA_X509_EXT.1/Rev, FIA_X509_EXT.2 3.2.4 T.WEAK_AUTHENTICATION_ENDPOINTS Threat agents may take advantage of secure protocols that use weak methods to authenticate the endpoints – e.g. a shared password that is guessable or transported as plaintext. The consequences are the same as a poorly designed protocol, the attacker could masquerade as the Administrator or another device, and the attacker could insert themselves into the network stream and perform a man-in-the-middle attack. The result is the critical network traffic is exposed and there could be a loss of confidentiality and integrity, and potentially the network device itself could be compromised. SFR Rationale: The use of appropriate secure protocols to provide authentication of endpoints (as in the SFRs addressing T.UNTRUSTED_COMMUNICATION_CHANNELS) are ensured by the requirements in FTP_ITC.1 and FTP_TRP.1/Admin 3.2.5 T.UPDATE_COMPROMISE Threat agents may attempt to provide a compromised update of the software or firmware which undermines the security functionality of the device. Non-validated updates or updates validated using non-secure or weak cryptography leave the update firmware vulnerable to surreptitious alteration. SFR Rationale: Requirements for protection of updates are set in FPT_TUD_EXT.1 Certificate-based protection of signatures is supported by the X.509 certificate processing requirements in FIA_X509_EXT.1/Rev and FIA_X509_EXT.2 Requirements for management of updates are defined in FMT_SMF.1 and (for manual updates) in FMT_MOF.1/ManualUpdate 3.2.6 T.UNDETECTED_ACTIVITY Threat agents may attempt to access, change, and/or modify the security functionality of the network device without Administrator awareness. This could result in the attacker finding an avenue (e.g., Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 24 misconfiguration, flaw in the product) to compromise the device and the Administrator would have no knowledge that the device has been compromised. SFR Rationale: Requirements for basic auditing capabilities are specified in FAU_GEN.1 and FAU_GEN.2, with timestamps provided according to FPT_STM_EXT.1 Requirements for protecting audit records stored on the TOE are specified in FAU_STG.1 Requirements for secure transmission of local audit records to an external IT entity via a secure channel are specified in FAU_STG_EXT.1 Additional requirements for dealing with potential loss of locally stored audit records are specified in FAU_STG.3/LocSpace Configuration of the audit functionality is specified in FMT_SMF.1. 3.2.7 T.SECURITY_FUNCTIONALITY_COMPROMISE Threat agents may compromise credentials and device data enabling continued access to the network device and its critical data. The compromise of credentials includes replacing existing credentials with an attacker’s credentials, modifying existing credentials, or obtaining the Administrator or device credentials for use by the attacker. SFR Rationale: Protection of secret/private keys against compromise is specified in FPT_SKP_EXT.1 Secure destruction of keys is specified in FCS_CKM.4 Management of keys is specified in FMT_SMF.1, and confining this functionality to Security Administrators is required by FMT_MTD.1/CryptoKeys (Protection of passwords is separately covered under T.PASSWORD_CRACKING), 3.2.8 T.PASSWORD_CRACKING Threat agents may be able to take advantage of weak administrative passwords to gain privileged access to the device. Having privileged access to the device provides the attacker unfettered access to the network traffic, and may allow them to take advantage of any trust relationships with other network devices. SFR Rationale: Requirements for password lengths and available characters are set in FIA_PMG_EXT.1 Protection of password entry by providing only obscured feedback is specified in FIA_UAU.7 Actions on reaching a threshold number of consecutive password failures are specified in FIA_AFL.1 Requirements for secure storage of passwords are set in FPT_APW_EXT.1. 3.2.9 T.SECURITY_FUNCTIONALITY_FAILURE A component of the network device may fail during start-up or during operations causing a compromise or failure in the security functionality of the network device, leaving the device susceptible to attackers. SFR Rationale: Requirements for running self-test(s) are defined in FPT_TST_EXT.1 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 25 3.3 Assumptions This section describes the assumptions made in identification of the threats and security requirements for network devices. The network device is not expected to provide assurance in any of these areas, and as a result, requirements are not included to mitigate the threats associated. 3.3.1 A.PHYSICAL_PROTECTION The network device is assumed to be physically protected in its operational environment and not subject to physical attacks that compromise the security and/or interfere with the device’s physical interconnections and correct operation. This protection is assumed to be sufficient to protect the device and the data it contains. As a result, the ST will not include any requirements on physical tamper protection or other physical attack mitigations. The ST will not expect the product to defend against physical access to the device that allows unauthorized entities to extract data, bypass other controls, or otherwise manipulate the device. [OE.PHYSICAL] 3.3.2 A.LIMITED_FUNCTIONALITY The device is assumed to provide networking functionality as its core function and not provide functionality/services that could be deemed as general purpose computing. For example, the device should not provide a computing platform for general purpose applications (unrelated to networking functionality). [[OE.NO_GENERAL_PURPOSE]] 3.3.3 A.NO_THRU_TRAFFIC_PROTECTION A standard/generic network device does not provide any assurance regarding the protection of traffic that traverses it. The intent is for the network device to protect data that originates on or is destined to the device itself, to include administrative data and audit data. Traffic that is traversing the network device, destined for another network entity, is not covered by this ST. It is assumed that this protection will be covered by cPPs for particular types of network devices (e.g., firewall). [OE.NO_THRU_TRAFFIC_PROTECTION] 3.3.4 A.TRUSTED_ADMINISTRATOR The Security Administrator(s) for the network device are assumed to be trusted and to act in the best interest of security for the organization. This includes being appropriately trained, following policy, and adhering to guidance documentation. Administrators are trusted to ensure passwords/credentials have sufficient strength and entropy and to lack malicious intent when administering the device. The network device is not expected to be capable of defending against a malicious Administrator that actively works to bypass or compromise the security of the device. The TOE supports X.509v3 certificate-based authentication. The Security Administrator(s) are expected to fully validate (e.g. offline verification) any CA certificate (root CA certificate or intermediate CA certificate) loaded into the TOE’s trust store (aka 'root store', ' trusted CA Key Store', or similar) as a trust anchor prior to use (e.g. offline verification). [OE.TRUSTED_ADMIN] Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 26 3.3.5 A.REGULAR_UPDATES The network device firmware and software is assumed to be updated by an Administrator on a regular basis in response to the release of product updates due to known vulnerabilities. [OE.UPDATES] 3.3.6 A.ADMIN_CREDENTIALS_SECURE The Administrator’s credentials (private key) used to access the network device are protected by the platform on which they reside. [OE.ADMIN_CREDENTIALS_SECURE] 3.3.7 A.RESIDUAL_INFORMATION The Administrator must ensure that there is no unauthorized access possible for sensitive residual information (e.g. cryptographic keys, keying material, passwords etc.) on networking equipment when the equipment is discarded or removed from its operational environment. [OE.RESIDUAL_INFORMATION] 3.4 Organizational Security Policies An organizational security policy is a set of rules, practices, and procedures imposed by an organization to address its security needs. 3.4.1 P.ACCESS_BANNER The TOE shall display an initial banner describing restrictions of use, legal agreements, or any other appropriate information to which users consent by accessing the TOE. SFR Rationale: An advisory notice and consent warning message is required to be displayed by FTA_TAB.1 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 27 4 Security Objectives 4.1 Security Objectives for the Operational Environment The following subsections describe objectives for the Operational Environment. 4.1.1 OE. PHYSICAL Physical security, commensurate with the value of the TOE and the data it contains, is provided by the environment. 4.1.2 OE. NO_GENERAL_PURPOSE There are no general-purpose computing capabilities (e.g. compilers or user applications) available on the TOE, other than those services necessary for the operation, administration and support of the TOE. 4.1.3 OE. NO_THRU_TRAFFIC_PROTECTION The TOE does not provide any protection of traffic that traverses it. It is assumed that protection of this traffic will be covered by other security and assurance measures in the operational environment. 4.1.4 OE. TRUSTED_ADMIN TOE Administrators are trusted to follow and apply all guidance documentation in a trusted manner. 4.1.5 OE. UPDATES The TOE firmware and software is updated by an administrator on a regular basis in response to the release of product updates due to known vulnerabilities. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 28 4.1.6 OE. ADMIN_CREDENTIALS_SECURE The administrator’s credentials (private key) used to access the TOE must be protected on any other platform on which they reside. 4.1.7 OE. RESIDUAL_INFORMATION The Security Administrator ensures that there is no unauthorized access possible for sensitive residual information (e.g. cryptographic keys, keying material, PINs, passwords etc.) on networking equipment when the equipment is discarded or removed from its operational environment. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 29 5 Extended Components Definition The extended components used in this ST are defined in [CPP_ND]. The following table provide a chapter specific reference in which chapter of [CPP_ND] each of the extended components is defined. Table 4 Definition of Extended Components - references to [CPP_ND] Extended Component Defined in [CPP_ND] chap. Mandatory Requirements () FAU_STG_EXT.1 C.1.2.1 FCS_RBG_EXT.1 C.2.1.1 FIA_PMG_EXT.1 C.3.1.1 FIA_UIA_EXT.1 C.3.2.1 FIA_UAU_EXT.2 C.3.3.1 FPT_SKP_EXT.1 C.4.1.1 FPT_APW_EXT.1 C.4.2.1 FPT_TST_EXT.1 C.4.3.1 FPT_TUD_EXT.1 C.4.4.1 FPT_STM_EXT.1 C.4.5.1 FTA_SSL_EXT.1 C.5.1.1 Optional Requirements () None None. Selection-Based Requirements () FCS_SSHS_EXT.1 C.2.2.7 FCS_TLSC_EXT.2 C2.2.8 FIA_X509_EXT.1/Rev C.3.4.1 FIA_X509_EXT.2 C.3.4.2 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 30 6 Security Functional Requirements 6.1 Conventions The conventions used in descriptions of the SFRs are as follows: ● Unaltered SFRs are stated in the form used in [CC2] or their extended component definition (ECD); ● Refinement made in the cPP: the refinement text is indicated with bold text and strikethroughs; ● Selection wholly or partially completed in the cPP: the selection values (i.e. the selection values adopted in the cPP or the remaining selection values available for the ST) are indicated with underlined text e.g. “[selection: disclosure, modification, loss of use]” in [CC2] or an ECD might become “disclosure” (completion) or “[selection: disclosure, modification]” (partial completion) in the PP; ● Assignment wholly or partially completed in the cPP: indicated with italicized text; ● Assignment completed within a selection in the cPP: the completed assignment text is indicated with italicized and underlined text e.g. “[selection: change_default, query, modify, delete, [assignment: other operations]]” in [CC2] or an ECD might become “change_default, select_tag” (completion of both selection and assignment) or “[selection: change_default, select_tag, select_value]” (partial completion of selection, and completion of assignment) in the PP; ● Iteration: indicated by adding a string starting with “/” (e.g. “FCS_COP.1/Hash”) ● Application Notes added by the ST author are called 'Additional Application Note' which are enumerated as 'a', 'b', ... and are formatted with underline such as “Additional Application Note a”; [CPP_ND] distinguishes mandatory requirements from optional requirements and selection-based requirements. This ST will mark mandatory requirements by , optional requirements by and selection-based requirements by . Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 31 6.2 SFR Architecture 6.2.1 Security Audit (FAU) 6.2.1.1 FAU_GEN.1 Audit data generation FAU_GEN.1.1 The TSF shall be able to generate an audit record of the following auditable events: a) Start-up and shut-down of the audit functions; b) All auditable events for the not specified level of audit; and c) All administrative actions comprising: Administrative login and logout (name of user account shall be logged if individual user accounts are required for administrators). Changes to TSF data related to configuration changes (in addition to the information that a change occurred it shall be logged what has been changed). Generating/import of, changing, or deleting of cryptographic keys (in addition to the action itself a unique key name or key reference shall be logged). Resetting passwords (name of related user account shall be logged). Starting and stopping services. d) Specifically defined auditable events listed in Table 5 . Additional Application Note: Audit functionality is enabled by default. The auditing functionality cannot be disabled. FAU_GEN.1.2 The TSF shall record within each audit record at least the following information: a) Date and time of the event, type of event, subject identity, and the outcome (success or failure) of the event; and b) For each audit event type, based on the auditable event definitions of the functional components included in the PP/ST, information specified in column three of Table 5 . Table 5 Security Functional Requirements and Auditable Events Requirement Auditable Events Additional Audit Record Contents Mandatory Requirements () FAU_GEN.1 None. None. FAU_GEN.2 None. None. FAU_STG_EXT.1 None. None. FCS_CKM.1 None. None. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 32 Requirement Auditable Events Additional Audit Record Contents FCS_CKM.2 None. None. FCS_CKM.4 None. None. FCS_COP.1/DataEncryption None. None. FCS_COP.1/SigGen None. None. FCS_COP.1/Hash None. None. FCS_COP.1/KeyedHash None. None. FCS_RBG_EXT.1 None. None. FIA_AFL.1 Unsuccessful login attempts limit is met or exceeded. Origin of the attempt (e.g., IP address). FIA_PMG_EXT.1 None. None. FIA_UIA_EXT.1 All use of the identification and authentication mechanism. Origin of the attempt (e.g., IP address). FIA_UAU_EXT.2 All use of the identification and authentication mechanism. Origin of the attempt (e.g. IP address). FIA_UAU.7 None. None. FMT_MOF.1/ManualUpdate Any attempt to initiate a manual update None. FMT_MTD.1/CoreData All management activities of TSF data. None. FMT_SMF.1 None. None. FMT_SMR.2 None. None. FPT_SKP_EXT.1 None. None. FPT_APW_EXT.1 None. None. FPT_TST_EXT.1 None. None FPT_TUD_EXT.1 Initiation of update; result of the update attempt (success or failure). None FPT_STM_EXT.1 Discontinuous changes to time - either Administrator actuated or changed via an automated process. (Note that no continuous changes to time need to be logged.) For discontinuous changes to time: The old and new values for the time. Origin of the attempt to change time for success and failure (e.g. IP address). FTA_SSL_EXT.1 The termination of a local None. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 33 Requirement Auditable Events Additional Audit Record Contents session by the session locking mechanism. FTA_SSL.3 The termination of a remote session by the session locking mechanism. None. FTA_SSL.4 The termination of an interactive session. None FTA_TAB.1 None. None. FTP_ITC.1 Initiation of the trusted channel. Termination of the trusted channel. Failure of the trusted channel functions. Identification of the initiator and target of failed trusted channels establishment attempt. FTP_TRP.1/Admin Initiation of the trusted path. Termination of the trusted path. Failures of the trusted path functions. None Optional Requirements () FAU_STG.1 None. None. FAU_STG.3/LocSpace Low storage space for audit events. None. Selection-Based Requirements () FCS_SSHS_EXT.1 Failure to establish an SSH session. Reason for failure. FCS_TLSC_EXT.2 Failure to establish a TLS Session. Reason for failure. FIA_X509_EXT.1/Rev Unsuccessful attempt to validate a certificate. Any addition, replacement or removal of trust anchors in the TOE’s trust store Reason for failure of certification validation. Identification of certificates added, replaced or removed as trust anchor in the TOE’s trust store. FIA_X509_EXT.2 None. None. FMT_MOF.1/Services Starting and stopping of services. None. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 34 Requirement Auditable Events Additional Audit Record Contents FMT_MTD.1/CryptoKeys Management of cryptographic keys. None. 6.2.1.2 FAU_GEN.2 User identity association FAU_GEN.2.1 For audit events resulting from actions of identified users, the TSF shall be able to associate each auditable event with the identity of the user that caused the event. 6.2.1.3 FAU_STG_EXT.1 Protected Audit Event Storage FAU_STG_EXT.1.1 The TSF shall be able to transmit the generated audit data to an external IT entity using a trusted channel according to FTP_ITC.1. FAU_STG_EXT.1.2 The TSF shall be able to store generated audit data on the TOE itself. TOE shall consist of a single standalone component that stores audit data locally. FAU_STG_EXT.1.3 The TSF shall overwrite previous audit records according to the following rule: overwrite the oldest log information always when the local storage space for audit data is full. 6.2.1.4 FAU_STG.3/LocSpace Action in case of possible audit data loss < O > FAU_STG.3.1/LocSpace The TSF shall generate a warning to inform the Administrator if the audit trail exceeds the local audit trail storage capacity. Additional Application Note: The local storage that store audit data is Internal flash. 6.2.1.5 FAU_STG.1 Protected audit trail storage FAU_STG.1.1 The TSF shall protect the stored audit records in the audit trail from unauthorized deletion. FAU_STG.1.2 The TSF shall be able to prevent unauthorized modifications to the stored audit records in the audit trail. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 35 6.2.2 Cryptographic Support (FCS) 6.2.2.1 FCS_CKM.1 Cryptographic Key Generation (Refinement) FCS_CKM.1.1 The TSF shall generate asymmetric cryptographic keys in accordance with a specified cryptographic key generation algorithm: ● FFC Schemes using Diffie-Hellman group 14 that meet the following: RFC 3526, Section 3; and specified cryptographic key sizes [assignment: cryptographic key sizes] that meet the following: [assignment: list of standards]. 6.2.2.2 FCS_CKM.2 Cryptographic Key Establishment (Refinement) FCS_CKM.2.1 The TSF shall perform cryptographic key establishment in accordance with a specified cryptographic key establishment method: ● Key establishment scheme using Diffie-Hellman group 14 that meets the following: RFC 3526, Section 3; ] that meets the following: [assignment: list of standards]. 6.2.2.3 FCS_CKM.4 Cryptographic Key Destruction FCS_CKM.4.1 The TSF shall destroy cryptographic keys in accordance with a specified cryptographic key destruction method For plaintext keys in volatile storage, the destruction shall be executed by a destruction of reference to the key directly followed by a request for garbage collection; For plaintext keys in non-volatile storage, the destruction shall be executed by the invocation of an interface provided by a part of the TSF that that meets the following: No Standard. Additional Application Note: The TOE do not store plaintext keys in non-volatile memory. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 36 6.2.2.4 FCS_COP.1/DataEncryption Cryptographic Operation (AES Data Encryption/ Decryption) FCS_COP.1.1/DataEncryption The TSF shall perform encryption/decryption in accordance with a specified cryptographic algorithm AES used in CTR, GCM mode and cryptographic key sizes: 128 bits, 256 bits that meet the following: AES as specified in ISO 18033-3, CTR as specified in ISO 10116, GCM as specified in ISO 19772. 6.2.2.5 FCS_COP.1/SigGen Cryptographic Operation (Signature Generation and Verification) FCS_COP.1.1/SigGen The TSF shall perform cryptographic signature services (generation and verification) in accordance with a specified cryptographic algorithm: ● RSA Digital Signature Algorithm and cryptographic key sizes (modulus): 3072 bits and 4096 bits, that meet the following: ● For RSA schemes: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Section 5.5, using PKCS #1 v2.1 Signature Schemes RSASSA-PSS and/or RSASSA-PKCS1v1_5; ISO/IEC 9796-2, Digital signature scheme 2 or Digital Signature scheme 3, 6.2.2.6 FCS_COP.1/Hash Cryptographic Operation (Hash Algorithm) FCS_COP.1.1/Hash The TSF shall perform cryptographic hashing services in accordance with a specified cryptographic algorithm: SHA-256, SHA-384 and cryptographic key sizes assignment: cryptographic key sizes and message digest sizes 256, 384 bits that meet the following: ISO/IEC 10118-3:2004. 6.2.2.7 FCS_COP.1/KeyedHash Cryptographic Operation (Keyed Hash Algorithm) FCS_COP.1.1/KeyedHash The TSF shall perform keyed-hash message authentication in accordance with a specified cryptographic algorithm: HMAC-SHA-256 and cryptographic key sizes: 256 bits for HMAC-SHA-256 and message digest sizes: 256 bits that meet the following: ISO/IEC 9797-2:2011, Section 7 “MAC Algorithm 2”. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 37 6.2.2.8 FCS_RBG_EXT.1 Random Bit Generation FCS_RBG_EXT.1.1 The TSF shall perform all deterministic random bit generation services in accordance with ISO/IEC 18031:2011 using Hash_DRBG (any). FCS_RBG_EXT.1.2 The deterministic RBG shall be seeded by at least one entropy source that accumulates entropy from 1 hardware-based noise source with a minimum of 256 bits of entropy at least equal to the greatest security strength, according to ISO/IEC 18031:2011 Table C.1 “Security Strength Table for Hash Functions”,of the keys and CSPs that it will generate. 6.2.2.9 FCS_SSHS_EXT.1 SSH Server Protocol FCS_SSHS_EXT.1.1 The TSF shall implement the SSH protocol that complies with RFC(s) 4251, 4252, 4253, 4254, 6668. FCS_SSHS_EXT.1.2 The TSF shall ensure that the SSH protocol implementation supports the following authentication methods as described in RFC 4252: public key-based, password-based. FCS_SSHS_EXT.1.3 The TSF shall ensure that, as described in RFC 4253, packets greater than 262144 bytes and smaller than 5 bytes in an SSH transport connection are dropped. FCS_SSHS_EXT.1.4 The TSF shall ensure that the SSH transport implementation uses the following encryption algorithms and rejects all other encryption algorithms: AES_128_CTR, AES_256_CTR. FCS_SSHS_EXT.1.5 The TSF shall ensure that the SSH public-key based authentication implementation uses ssh-rsa as its public key algorithm(s) and rejects all other public key algorithms. FCS_SSHS_EXT.1.6 The TSF shall ensure that the SSH transport implementation uses hmac-sha2-256 as its MAC algorithm(s) and rejects all other MAC algorithm(s). FCS_SSHS_EXT.1.7 The TSF shall ensure that diffie-hellman-group-15-sha512, diffie-hellman-group14-sha1 and diffie-hellman-group-14-sha256 are the only allowed key exchange methods used for the SSH protocol. FCS_SSHS_EXT.1.8 The TSF shall ensure that within SSH connections the same session keys are used for a threshold of no longer than one hour. After the threshold is reached, a rekey needs will to be performed. 6.2.2.10 FCS_TLSC_EXT.2 TLS Client Protocol with Authentication FCS_TLSC_EXT.2.1 The TSF shall implement TLS 1.2 (RFC 5246), TLS 1.1 (RFC 4346) and reject all other TLS and SSL versions. The TLS implementation will support the following ciphersuites: Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 38 ● TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 as defined in RFC 5289 FCS_TLSC_EXT.2.2 The TSF shall verify that the presented identifier matches the reference identifier per RFC 6125 section 6. FCS_TLSC_EXT.2.3 The TSF shall only establish a trusted channel if the server certificate is valid. The TSF shall also not implement any administrator override mechanism. FCS_TLSC_EXT.2.4 The TSF shall present the Supported Elliptic Curves Extension with the following NIST curves: secp256r1, secp384r1, secp521r1 and no other curves in the Client Hello. FCS_TLSC_EXT.2.5 The TSF shall support mutual authentication using X.509v3 certificates. 6.2.3 Identification and Authentication (FIA) 6.2.3.1 FIA_AFL.1 Authentication Failure Management (Refinement) FIA_AFL.1.1 The TSF shall detect when an Administrator configurable positive integer within 3 to 5 unsuccessful authentication attempts occur related to Administrators attempting to authenticate remotely. FIA_AFL.1.2 When the defined number of unsuccessful authentication attempts has been met, the TSF shall prevent the offending remote Administrator from successfully authenticating until unlock is taken by a local Administrator; prevent the offending remote Administrator from successfully authenticating until an Administrator defined time period has elapsed. 6.2.3.2 FIA_PMG_EXT.1 Password Management FIA_PMG_EXT.1.1 The TSF shall provide the following password management capabilities for administrative passwords: a) Passwords shall be able to be composed of any combination of upper and lower case letters, numbers, and the following special characters: “!”, “@”, “#”, “$”, “%”, “^”, “&”, “*”, “(“, “)”, “-“, “+”, “=”, “[“, “]”, “{“, “}”, “|”, “\”, “,”, “.”, “/”, “<”, “>”, “;”, “’”, “:”, “””; b) Minimum password length shall be configurable to between 8 and 128 characters. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 39 6.2.3.3 FIA_UIA_EXT.1 User Identification and Authentication FIA_UIA_EXT.1.1 The TSF shall allow the following actions prior to requiring the non-TOE entity to initiate the identification and authentication process: ● Display the warning banner in accordance with FTA_TAB.1; ● no other actions. FIA_UIA_EXT.1.2 The TSF shall require each administrative user to be successfully identified and authenticated before allowing any other TSF-mediated actions on behalf of that administrative user. 6.2.3.4 FIA_UAU_EXT.2 Password-based Authentication Mechanism FIA_UAU_EXT.2.1 The TSF shall provide a local password-based authentication mechanism, no other authentication mechanism to perform local administrative user authentication. 6.2.3.5 FIA_UAU.7 Protected Authentication Feedback FIA_UAU.7.1 The TSF shall provide only obscured feedback to the administrative user while the authentication is in progress at the local console. 6.2.3.6 FIA_X509_EXT.1/Rev X.509 Certificate Validation FIA_X509_EXT.1.1/Rev The TSF shall validate certificates in accordance with the following rules: ● RFC 5280 certificate validation and certificate path validation supporting a minimum path length of three certificates. ● The certificate path must terminate with a trusted CA certificate designated as a trust anchor. ● The TSF shall validate a certificate path by ensuring that all CA certificates in the certification path contain the basicConstraints extension with the CA flag set to TRUE. ● The TSF shall validate the revocation status of the certificate using a Certificate Revocation List (CRL) as specified in RFC 5280 Section 6.3. ● The TSF shall validate the extendedKeyUsage field according to the following rules: ● Certificates used for trusted updates and executable code integrity verification shall have the Code Signing purpose (id-kp 3 with OID Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 40 1.3.6.1.5.5.7.3.3) in the extendedKeyUsage field. ● Server certificates presented for TLS shall have the Server Authentication purpose (id-kp 1 with OID 1.3.6.1.5.5.7.3.1) in the extendedKeyUsage field. ● Client certificates presented for TLS shall have the Client Authentication purpose (id-kp 2 with OID 1.3.6.1.5.5.7.3.2) in the extendedKeyUsage field. ● OCSP certificates presented for OCSP responses shall have the OCSP Signing purpose (id-kp 9 with OID 1.3.6.1.5.5.7.3.9) in the extendedKeyUsage field. FIA_X509_EXT.1.2/Rev The TSF shall only treat a certificate as a CA certificate if the basicConstraints extension is present and the CA flag is set to TRUE. 6.2.3.7 FIA_X509_EXT.2 X.509 Certificate Authentication FIA_X509_EXT.2.1 The TSF shall use X.509v3 certificates as defined by RFC 5280 to support authentication for TLS and no additional uses. FIA_X509_EXT.2.2 When the TSF cannot establish a connection to determine the validity of a certificate; the TSF shall not accept the certificate. 6.2.4 Security Management (FMT) 6.2.4.1 FMT_MOF.1/ManualUpdate Management of security functions behaviour FMT_MOF.1.1/ManualUpdate The TSF shall restrict the ability to enable the functions to perform manual updates to Security Administrators. 6.2.4.2 FMT_MOF.1/Services Management of security functions behaviour FMT_MOF.1.1/Services The TSF shall restrict the ability to start and stop the functions services to Security Administrators. 6.2.4.3 FMT_MTD.1/CoreData Management of TSF Data FMT_MTD.1.1/CoreData The TSF shall restrict the ability to manage the TSF data to Security Administrators. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 41 6.2.4.4 FMT_MTD.1/CryptoKeys Management of TSF data FMT_MTD.1.1/CryptoKeys The TSF shall restrict the ability to manage the cryptographic keys to Security Administrators. 6.2.4.5 FMT_SMF.1 Specification of Management Functions FMT_SMF.1.1 The TSF shall be capable of performing the following management functions: ● Ability to administer the TOE locally and remotely; ● Ability to configure the access banner; ● Ability to configure the session inactivity time before session termination or locking; ● Ability to update the TOE, and to verify the updates using digital signature capability prior to installing those updates; ● Ability to configure the authentication failure parameters for FIA_AFL.1; ● Ability to start and stop services. ● Ability to configure audit behavior; ● Ability to manage the cryptographic keys; ● Ability to configure thresholds for SSH rekeying; 6.2.4.6 FMT_SMR.2 Restrictions on security roles FMT_SMR.2.1 The TSF shall maintain the roles: ● Security Administrator. FMT_SMR.2.2 The TSF shall be able to associate users with roles. FMT_SMR.2.3 The TSF shall ensure that the conditions: ● The Security Administrator role shall be able to administer the TOE locally; ● The Security Administrator role shall be able to administer the TOE remotely; are satisfied. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 42 6.2.5 Protection of the TSF (FPT) 6.2.5.1 FPT_SKP_EXT.1 Protection of TSF Data (for reading of all pre-shared, symmetric and private keys) FPT_SKP_EXT.1.1 The TSF shall prevent reading of all pre-shared keys, symmetric keys, and private keys. 6.2.5.2 FPT_APW_EXT.1 Protection of Administrator Passwords FPT_APW_EXT.1.1 The TSF shall store passwords in non-plaintext form. FPT_APW_EXT.1.2 The TSF shall prevent the reading of plaintext passwords. 6.2.5.3 FPT_TST_EXT.1 TSF Testing (Extended) FPT_TST_EXT.1.1 The TSF shall run a suite of the following self-tests during initial start-up (on power on), to demonstrate the correct operation of the TSF: integrity of the firmware and software (software integrity check), the correct operation of cryptographic functions. Additional Application Note: Certificates are not used by the self-test mechanism, therefore FPT_TST_EXT.2 is not included in the ST. 6.2.5.4 FPT_TUD_EXT.1 Trusted Update FPT_TUD_EXT.1.1 The TSF shall provide Security Administrators the ability to query the currently executing version of the TOE firmware/software and the most recently installed version of the TOE firmware/software. FPT_TUD_EXT.1.2 The TSF shall provide Security Administrators the ability to manually initiate updates to TOE firmware/software and no other update mechanism. FPT_TUD_EXT.1.3 The TSF shall provide means to authenticate firmware/software updates to the TOE using a digital signature mechanism prior to installing those updates. Additional Application Note: Certificates are not used by the update verification mechanism, therefore, FPT_TUD_EXT.2 is not included in the ST. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 43 6.2.5.5 FPT_STM.EXT.1 Reliable Time Stamps FPT_STM_EXT.1.1 The TSF shall be able to provide reliable time stamps for its own use. FPT_STM_EXT.1.2 The TSF shall allow the Security Administrator to set the time. 6.2.6 TOE Access (FTA) 6.2.6.1 FTA_SSL_EXT.1 TSF-initiated Session Locking FTA_SSL_EXT.1.1 The TSF shall, for local interactive sessions, ● terminate the session after a Security Administrator-specified time period of inactivity. 6.2.6.2 FTA_SSL.3 TSF-initiated Termination (Refinement) FTA_SSL.3.1: The TSF shall terminate a remote interactive session after a Security Administrator-configurable time interval of session inactivity. 6.2.6.3 FTA_SSL.4 User-initiated Termination (Refinement) FTA_SSL.4.1 The TSF shall allow Administrator-initiated termination of the Administrator’s own interactive session. 6.2.6.4 FTA_TAB.1 Default TOE Access Banners (Refinement) FTA_TAB.1.1: Before establishing an administrative user session the TSF shall display a Security Administrator-specified advisory notice and consent warning message regarding use of the TOE. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 44 6.2.7 Trusted path/channels (FTP) 6.2.7.1 FTP_ITC.1 Inter-TSF trusted channel (Refined) FTP_ITC.1.1 The TSF shall be capable of using TLS to provide a trusted communication channel between itself and authorized IT entities supporting the following capabilities: audit server, no other capabilities that is logically distinct from other communication channels and provides assured identification of its end points and protection of the channel data from disclosure and detection of modification of the channel data. FTP_ITC.1.2 The TSF shall permit the TSF or the authorized IT entities to initiate communication via the trusted channel. FTP_ITC.1.3 The TSF shall initiate communication via the trusted channel for audit service. 6.2.7.2 FTP_TRP.1/Admin Trusted Path (Refinement) FTP_TRP.1.1/Admin The TSF shall be capable of using SSH to provide a communication path between itself and authorized remote administrators that is logically distinct from other communication paths and provides assured identification of its end points and protection of the communicated data from disclosure and provides detection of modification of the channel data. FTP_TRP.1.2/Admin The TSF shall permit remote Administrators to initiate communication via the trusted path. FTP_TRP.1.3/Admin The TSF shall require the use of the trusted path for initial administrator authentication and all remote administration actions. 6.3 Assurance Security Requirements The development and the evaluation of the TOE shall be done in accordance to the following security assurance requirements: Table 6 Security Assurance Requirements Assurance Class Assurance Components Security Target (ASE) Conformance claims (ASE_CCL.1) Extended components definition (ASE_ECD.1) ST introduction (ASE_INT.1) Security objectives for the operational environment (ASE_OBJ.1) Stated security requirements (ASE_REQ.1) Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 45 Assurance Class Assurance Components Security Problem Definition (ASE_SPD.1) TOE summary specification (ASE_TSS.1) Development (ADV) Basic functional specification (ADV_FSP.1) Guidance documents (AGD) Operational user guidance (AGD_OPE.1) Preparative procedures (AGD_PRE.1) Life cycle support (ALC) Labeling of the TOE (ALC_CMC.1) TOE CM coverage (ALC_CMS.1) Tests (ATE) Independent testing – sample (ATE_IND.1) Vulnerability assessment (AVA) Vulnerability survey (AVA_VAN.1) This security target claims conformance with [CPP_ND]. In addition to [CEM], the evaluation activities for [CPP_ND] are completed in [SD_ND]. 6.4 SFR Rationale The following table lists all SFRs contained in [CPP_ND] together with the classification whether they are mandatory, optional or selection-based, indicates which are included in this ST and provides a dependency rationale. Justifications for any unsupported dependencies will be given in the table as well. Table 7 Dependency rationale for SFRs Requirement from [CPP_ND] Dependencies Satisfied by Mandatory Requirements () FAU_GEN.1 FPT_STM.1 FPT_STM_EXT.1 included (which is hierarchic to FPT_STM.1) FAU_GEN.2 FAU_GEN.1; FIA_UID.1 FAU_GEN.1; Satisfied by FIA_UIA_EXT.1, which specifies the relevant Administrator identification timing FAU_STG_EXT.1 FAU_GEN.1; FTP_ITC.1 FAU_GEN.1; FTP_ITC.1 FCS_CKM.1 FCS_CKM.2 or FCS_COP.1; FCS_CKM.4 FCS_CKM.2; FCS_CKM.4 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 46 Requirement from [CPP_ND] Dependencies Satisfied by FCS_CKM.2 FTP_ITC.1 or FTP_ITC.2 or FCS_CKM.1; FCS_CKM.4 FCS_CKM.1; FCS_CKM.4 FCS_CKM.4 FTP_ITC.1 or FTP_ITC.2 or FCS_CKM.1 FCS_CKM.1 FCS_COP.1/DataEncryption FTP_ITC.1 or FTP_ITC.2 or FCS_CKM.1; FCS_CKM.4 FCS_CKM.1; FCS_CKM.4 FCS_COP.1/SigGen FTP_ITC.1 or FTP_ITC.2 or FCS_CKM.1; FCS_CKM.4 FCS_CKM.1; FCS_CKM.4 FCS_COP.1/Hash FTP_ITC.1 or FTP_ITC.2 or FCS_CKM.1; FCS_CKM.4 Unsupported Dependencies: This SFR specifies keyless hashing operations, so initialisation and destruction of keys are not relevant FCS_COP.1/KeyedHash FTP_ITC.1 or FTP_ITC.2 or FCS_CKM.1; FCS_CKM.4 FCS_CKM.1; FCS_CKM.4 FCS_RBG_EXT.1 None N/A FIA_AFL.1 FIA_UAU.1 Satisfied by FIA_UIA_EXT.1, which specifies the relevant Administrator authentication FIA_PMG_EXT.1 None N/A FIA_UIA_EXT.1 FTA_TAB.1 FTA_TAB.1 FIA_UAU_EXT.2 None N/A FIA_UAU.7 FIA_UAU.1 Satisfied by FIA_UIA_EXT.1, which specifies the relevant Administrator authentication FMT_MOF.1/ManualUpdate FMT_SMR.1; FMT_SMF.1 FMT_SMR.2; FMT_SMF.1 FMT_MTD.1/CoreData FMT_SMR.1; FMT_SMF.1 FMT_SMR.2; FMT_SMF.1 FMT_SMF.1 None N/A FMT_SMR.2 FIA_UID.1 Satisfied by FIA_UIA_EXT.1, which specifies the relevant Administrator identification FPT_SKP_EXT.1 None N/A FPT_APW_EXT.1 None N/A Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 47 Requirement from [CPP_ND] Dependencies Satisfied by FPT_TST_EXT.1 None N/A FPT_TUD_EXT.1 FCS_COP.1/SigGen or FCS_COP.1/Hash FCS_COP.1/SigGen and FCS_COP.1/Hash FPT_STM_EXT.1 None N/A FTA_SSL_EXT.1 FIA_UAU.1 Satisfied by FIA_UIA_EXT.1, which specifies the relevant Administrator identification FTA_SSL.3 None N/A FTA_SSL.4 None N/A FTA_TAB.1 None N/A FTP_ITC.1 None N/A FTP_TRP.1/Admin None N/A Optional Requirements () FAU_STG.1 FAU_STG.3 FAU_STG.3/LocSpace FAU_STG.3/LocSpace FAU_STG.1 FAU_STG.1 Selection-Based Requirements () FCS_SSHS_EXT.1 FCS_CKM.1; FCS_CKM.2; FCS_COP.1/DataEncryption; FCS_COP.1/SigGen; FCS_COP.1/Hash; FCS_COP.1/KeyedHash; FCS_RBG_EXT.1: FCS_CKM.1; FCS_CKM.2; FCS_COP.1/DataEncryption; FCS_COP.1/SigGen; FCS_COP.1/Hash; FCS_COP.1/KeyedHash; FCS_RBG_EXT.1: FCS_TLSC_EXT.2 FCS_CKM.1; FCS_CKM.2; FCS_COP.1/DataEncryption; FCS_COP.1/SigGen; FCS_COP.1/Hash; FCS_COP.1/KeyedHash; FCS_RBG_EXT.1: FCS_CKM.1; FCS_CKM.2; FCS_COP.1/DataEncryption; FCS_COP.1/SigGen; FCS_COP.1/Hash; FCS_COP.1/KeyedHash; FCS_RBG_EXT.1: FIA_X509_EXT.1/Rev FIA_X509_EXT.2; FIA_X509_EXT.2; FIA_X509_EXT.2 FIA_X509_EXT.1; FIA_X509_EXT.1/Rev; FMT_MOF.1/Services FMT_SMR.1; FMT_SMF.1 FMT_SMR.2; FMT_SMF.1 FMT_MTD.1/CryptoKeys FMT_SMR.1; FMT_SMF.1 FMT_SMR.2; FMT_SMF.1 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 48 7 TOE Summary Specification 7.1 Security Audit (FAU) 7.1.1 FAU_GEN.1 Audit data generation The TOE generates an audit record whenever an audited event occurs. The types of events that cause audit records to be generated include identification and authentication related events, and administrative events (the specific events and the contents of each audit record are listed in the table within the FAU_GEN.1 SFR, “Table 5 Auditable Events”). Each of the events specified in the audit record is in enough detail to identify the user for which the event is associated (e.g. user identity, MAC address, IP address), when the event occurred, where the event occurred, the outcome of the event (if the operation has been carried out successfully, the log records the audit associated to the operation, otherwise there is no audit) and the type of event that occurred. The audit trail consists of the individual audit records; one audit record for each event that occurred. The audit record contains a lot of information, such as the type of event that occurred, and two percent sign (%%), which follows the device name. As noted above, the information includes at least all of the required information. Additional information can be configured and included if desired. For the administrative task of generating/import, changing, or deleting of cryptographic keys the TOE logs the key name and the specified DER/OPENSSH/PEM format for an RSA public key through the execution of CLI commands. 7.1.2 FAU_GEN.2 User identity association Each auditable event is associated with the user that triggered the event and as a result, Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 49 they are traceable to a specific user. For example, a human user, user identity or related session ID would be included in the audit record. For an IT entity or device, the IP address, MAC address, host name, or other configured identification is presented. The security log of user account management should include user name. Other types of security log have other rules about the information. 7.1.3 FAU_STG.1 Protected audit trail storage Only the authorized administrators can monitor the logfile record, and operate the log files. The unauthorized users have no access to do those actions and therefore, records are protected against unauthorized modification or deletion. And the actions of the authorized administrators will be logged. The amount of audit data that are stored locally and how these records are protected against unauthorized modification or deletion are described in the following section. 7.1.4 FAU_STG_EXT.1 Protected audit event storage The TOE supports to export syslog records to a specified, external syslog server. The TOE protects communications with an external syslog server via TLS. The TOE stores audit records on CF card whenever it is connected with syslog server or not. The transmission of audit information to an external syslog server can be done in real-time. The log information generated by the switch is recorded in the log buffer and then saved to a log file automatically or manually. When a log file exceeds the specified size, the system compresses it into a zip file and name the zip file date.log.zip and date.dblg.zip, for example, 2013-08-14.04-55-23.log.zip and 2013-09-05.05-15-23.dblg.zip. By default, a log file is compressed when it exceeds 8 MB. To configure the log file size, run the info-center logfile size command. The logs are saved to flash memory (internal CF card) so records can’t lost in case of failures or restarts. The log buffer is circular, so newer messages overwrite older messages after the buffer is full. Administrators are instructed to monitor the log buffer using the show logging privileged CLI command to view the audit records. The first message displayed is the oldest message in the buffer. There are other associated commands to clear the buffer, to reset log buffer, etc. When the local audit data store in CF card exceeds the maximum allowed size of log file storage, the system deletes oldest compressed files to save the latest log file. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 50 Only the authorized administrators can monitor the logfile record, and operate the log files. An administrator cannot alter audit records but can delete audit records as a whole. The unauthorized users have no access to do those actions. And the actions of the authorized administrators will be logged. 7.1.5 FAU_STG.3/LocSpace Action in case of possible audit data loss If the log file size is less than 20MB, of the total audit storage in Internal flash, or delete the old log files after saving them to the other storage device, an event will be generated and sent to management server to notice the clients of the warning information. If the number of recorded compressed files reach the maximum number that the security administrator has configured, or the storage with audit events reach the configured storage size, another event will be generated to notice net-manager. 7.2 Cryptographic Support (FCS) 7.2.1 FCS_CKM.1 Cryptographic Key Generation The TOE generate asymmetric cryptographic keys in accordance with (FFC Schemes using Diffie-Hellman group 14 that meet the following: RFC 3526, Section 3) using the following keys: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 as defined in RFC 5289 for TLS and hmac-sha2-256 data integrity algorithm for SSH client. 7.2.2 FCS_CKM.2 Cryptographic Key Establishment The TOE supports Diffie-Hellman group 14 key establishment. The Hash DRBG is used for every random bits generation from the TOE in the key establishment process. DH Keys are generated using DH group14 parameters from RFC3526, Section.3. [RFC3526, Section.3] 3. 2048-bit MODP Group This group is assigned id 14. This prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 } Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 51 Its hexadecimal value is: FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510 15728E5A 8AACAA68 FFFFFFFF FFFFFFFF The generator is: 2. 7.2.3 FCS_CKM.4 Cryptographic Key Destruction Table 8 Key Destructions Name Description of Key Method of storage Storage SSH/TLS session key The key is used for encrypting/decrypting the traffic in a secure connection. plaintext Memory Diffie-Hellman Shared Secret This is the private exponent used as part of the DiffieHellman key exchange. plaintext Memory Diffie-Hellman private exponent The key is used for encrypting/decrypting the traffic in a secure connection. plaintext Memory TLS private key The key is used for signature and authentication. (AES256 cipher) Memory RSA key pair The key pair is used for digital signature and key establishment. plaintext Memory Destruction method: Allocating blocks of pages tends to fragment memory with larger Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 52 blocks of free pages being broken down into smaller ones. The page deallocation code recombines pages into larger blocks of free pages whenever it can. In fact the page block size is important as it allows for easy combination of blocks into larger blocks. Whenever a block of pages is freed, the adjacent or buddy block of the same size is checked to see if it is free. If it is, then it is combined with the newly freed block of pages to form a new free block of pages for the next size block of pages. Each time two blocks of pages are recombined into a bigger block of free pages the page deallocation code attempts to recombine that block into a yet larger one. In this way the blocks of free pages are as large as memory usage will allow. 7.2.4 FCS_COP.1/DataEncryption Cryptographic Operation (AES Data Encryption/ Decryption) The TOE provides symmetric encryption and decryption capabilities using AES algorithm with key size 128 bits, 256 bits in GCM mode as specified in ISO 19772 and in CTR mode as specified in ISO 10116. ● AES128 CTR, AES256 CTR are supported by SSH. ● AES128 GCM, AES256 GCM are supported by TLS. 7.2.5 FCS_COP.1/SigGen Cryptographic Operation (Signature Generation and Verification) The TOE provides cryptographic signature services using RSA with key sizes between 2048 and 4096 bits as specified in FIPS PUB 186-4 “Digital Signature Standard (DSS)”. ● The RSA with key size 3072 is used for signature generation and verification of SSH. ● The RSA with key size of 2048 to 4096 is used for signature generation and verification of TLS. 7.2.6 FCS_COP.1/Hash Cryptographic Operation (Hash Algorithm) The TOE provides cryptographic hashing services using SHA-256, and SHA-384 as specified in FIPS Pub 180-3 “Secure Hash Standard.”, it also meet the ISO/IEC 10118-3:2004. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 53 The association of the hash function with other TSF cryptographic functions: Table 9 Usage of Hash Algorithm Cryptographic Functions Hash Function HMAC-SHA2-256 SHA-256 TLS Digital signature verification SHA-384 SSH Digital signature verification SHA-256 Hash_DRBG SHA-256 7.2.7 FCS_COP.1/KeyedHash Cryptographic Operation (Keyed Hash Algorithm) The TOE provides cryptographic keyed hash services using HMAC-SHA2-256 according to RFC2104: HMAC, it also complies with the ISO/IEC 9797-2:2011, Section 7 “MAC Algorithm 2”. Table 10 Specification of Keyed Hash Algorithm HMAC function Key length (bits) Hash function Block size (bits) Output MAC length (bits) HMAC-SHA2-256 256 SHA-256 512 256 7.2.8 FCS_RBG_EXT.1 Extended: Cryptographic Operation (Random Bit Generation) The TOE implements a deterministic random bit generator (DRBG) which is conformant to [ISO18031] using the DRBG mechanism Hash_DRBG as specified in [SP800-90A], chap. 10.1.1. The entropy source is based on hardware (set of Free Running Oscillators). Random numbers from the internal noise source are only used for seeding the DRBG. The TOE set new seed using at least 256 bits entropy before generate random bits as cryptographic key. The calculated min-entropy of the TOE is “0.910538”.. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 54 7.2.9 FCS_SSHS_EXT.1 SSH Server 7.2.9.1 FCS_SSHS_EXT.1.1 The TOE implements the SSH protocol that complies with RFCs 4251, 4252, 4253, 4254 and 6668. 7.2.9.2 FCS_SSHS_EXT.1.2 Both public key and password authentication modes are supported by SSH server function. The TOE implements the public key algorithms of ssh-rsa. SSH users can be authenticated in eight modes: RSA, password, password-RSA, and All (any authentication mode of RSA or password is allowed with “ALL” mode). The SSH user that created by administrators shall configured one of mode. Then the external SSH client can login SSH server successfully via the configured SSH user and authentication mode. 7.2.9.3 FCS_SSHS_EXT.1.3 The max packet length that SSH client can process is 262144 bytes, as defined in RFC 4253. If the packet is larger than 262144 bytes, SSH server function will drop this packet and close the current session. 7.2.9.4 FCS_SSHS_EXT.1.4 SSH server function supports the encryption algorithms of AES_128_CTR and AES_256_CTR. When SSH Client establishes a connection, it will send a list of encryption algorithms to SSH server. SSH Server will check each algorithm in the list one by one. If it finds one algorithm in the list that is also supported by it, this algorithm will be chosen as the encryption algorithm between client and server. If no algorithm in the list is supported by SSH server, the connection will be terminated. After the encryption algorithm is selected, Server and Client will create a random number and exchange. Client and Server will use own random number to create an encryption key. Then SSH server will use its own encryption key to encrypt packet, and use SSH client’s Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 55 encryption key to decrypt packet. 7.2.9.5 FCS_SSHS_EXT.1.5 SSH server function supports the public key algorithm of ssh-rsa. Before SSH Client and SSH Server build a connection, they both need to configure a Local Key-pair what is used for authentication. In Huawei device, this local key-pair is used for SSH server and SSH client. When Client authenticates Server, first step is to consult public key algorithms. Client will send a list of public key algorithms to SSH server. SSH Server will check each algorithm in the list one by one. If it finds one algorithm in the list that is also supported by it, this algorithm will be chosen as the public key algorithm between client and server. If no algorithm in the list is supported by SSH server, the connection will be terminated. 7.2.9.6 FCS_SSHS_EXT.1.6 SSH server supports the data integrity algorithms of hmac-sha2-256. 7.2.9.7 FCS_SSHS_EXT.1.7 SSH server supports the following key exchange algorithms: diffie-hellman-group-14-sha256, diffie-hellman-group-15-sha512 and diffie-hellman-group14-sha1. 7.2.9.8 FCS_SSHS_EXT.1.8 The SSH connection will be rekeyed after one hour of session time or one gigabyte of transmitted data using that key which ever goes first. The SSH allows either side to force another run of the key-exchange phase, changing the encryption and integrity keys for the session. The idea is to do this periodically, after one hour of session time or one gigabyte of transmitted data using that key which ever goes first. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 56 7.2.10 FCS_TLSC_EXT.2 TLS Client Protocol with Authentication 7.2.10.1 FCS_TLSC_EXT.2.1 The TLS client supports the following ciphersuite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 as defined in RFC 5289 7.2.10.2 FCS_TLSC_EXT.2.2 The TOE supports configuring reference identifier and matching this identifier with server certificate. 7.2.10.3 FCS_TLSC_EXT.2.3 When establishing a trusted channel, by default the TSF shall not establish a trusted channel if the server certificate is invalid. The TSF shall also not implement any administrator override mechanism. 7.2.10.4 FCS_TLSC_EXT.2.4 The syslog TLS client will transmit the Supported Elliptic Curves extension in the Client Hello message by default with support for the following NIST curves: secp256r1, secp384r1, and secp521r1. The non-TOE server can choose to negotiate the elliptic curve from this set for any of the mutually negotiable elliptic curve ciphersuites no additional configuration is required. The TOE also supports key agreement using the server’s RSA public key or DHG14 (2048 bits). 7.2.10.5 FCS_TLSC_EXT.2.5 The TOE uses client-side certificates for TLS mutual authentication. 7.3 Identification and Authentication (FIA) 7.3.1 FIA_AFL.1 Authentication Failure Management The TOE can be configured within 3 to 5 unsuccessful authentication attempts by Administrators. When the defined number of unsuccessful authentication attempts has Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 57 been met, the TOE will prevent the offending remote Administrator from successfully authenticating until unlock is taken by a local Administrator or prevent the offending remote Administrator from successfully authenticating until an Administrator defined time period has elapsed. 7.3.2 FIA_PMG_EXT.1 Password Management The TOE supports the local definition of users with corresponding passwords which are used for security administrators’ authentication of local or remote administration connections. The passwords can be composed of any combination of upper and lower case letters, numbers, and special characters (: “!”, “@”, “#”, “$”, “%”, “^”, “&”, “*”, “(“, “)”, “-“, “+”, “=”, “[“, “]”, “{“, “}”, “|”, “\”, “,”, “.”, “/”, “<”, “>”, “;”, “’”, “:”, “””;)”. Minimum password length is settable by the Administrator, and support passwords from 8 characters to 128. Password composition rules specifying the types and number of required characters: that comprise the password are settable by the Administrator. Passwords have a maximum lifetime, configurable by the Administrator. 7.3.3 FIA_UIA_EXT.1 User Identification and Authentication The TOE requires all users to be successfully identified and authenticated before allowing execution of any TSF mediated action except display of the banner. The TOE supports user login over console or remote interface. Any login method need authentication before successfully logon. Local access is achieved by console port. Local authentications supports password-based authentication. Remote access is achieved by SSH. It also supports associated identity authentication of password and public-key. Users can also login with any of the identity authentication modes of password, and RSA when their login mode are configured to be ‘ALL’. 7.3.4 FIA_UAU_EXT.2 Password-based Authentication Mechanism The TOE can be configured to require local authentication or remote authentication as defined in the authentication policy for interactive (human) users. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 58 The policy for interactive (human) users (Administrators) can be authenticated to the local user database, or have redirection to a remote authentication server. Interfaces can be configured to try one or more remote authentication servers, and then fail back to the local user database if the remote authentication servers are inaccessible. If the interactive (human) users (Administrators) password is expired, the user is required to create a new password after correctly entering the expired password. 7.3.5 FIA_UAU.7 Protected Authentication Feedback When a user inputs their password at the local console, the console will not display the input so that the user password is obscured. For remote session authentication, the TOE does not echo any characters as they are entered. The TOE does not provide any additional information to the user that would give any indication about the authentication data. 7.3.6 FIA_X509_EXT.1/Rev X.509 Certificate Validation The TOE supports to verify the certificate and the certificate path by the rules specified in [RFC 5280], using algorithm RSA. The TOE supports to verify the revocation status by CRLs as specified in [RFC 5280]. The TOE validate the certificate by steps as below: 1. Validate basic certificate fields and the extendedKeyUsage field. 2. Validate the revocation status using CRL as specified in [RFC 5759]. 3. Validate certificate path as specified in [RFC 5280], do step 1 and 2 for every certificate in the certificate chain. 4. Validate the end of the certificate chain, it should be trusted root certificate. 7.3.7 FIA_X509_EXT.2 X.509 Certificate Authentication The certificate used by TLS authentication is sent by TLS server. The CRL should be loaded for certificate validation. The TOE will send a security log when a connection cannot be established during the validity check of a certificate used in establishing a trusted channel. TLS only supports RSA certificate. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 59 The check of validity of the certificates takes place at authentication of TLS connection and verification of code signing for system software updates. When the certificate is valid, we can trust the peer identity and use the certificate to verify the integrity of the message. TOE chooses certificate which was configured by CLI for services (such as Syslog). When the TSF cannot establish a connection to determine the validity of a certificate; the TSF shall not accept the certificate. 7.4 Security management (FMT) 7.4.1 FMT_MOF.1/ManualUpdate The TSF shall restrict the ability to enable the functions to perform manual updates to Security Administrators. Only administrators have the right to create or delete local user. While changing the local user privilege level, the configured new level of the local user cannot be higher than that of the login-in user. In this way no user except administrators can change another user to be at the privilege level of administrator. And only administrators have the ability to perform manual update. So the manual update is restricted to administrators. The TOE uses groups to organize users. Different kinds of users are in different group and every group has a specific level that identity its roles and scope of rights. 7.4.2 FMT_MOF.1/Services Only administrators have ability to enable and disable the functions and services, the other users are disallowed to do it. 7.4.3 FMT_MTD.1/CoreData Management of TSF Data Only administrators have privilege to manage the TSF data, the other users are disallowed to do it. The TOE provides the ability for authorized administrators to access TOE data, such as audit data, configuration data. Each of the predefined and administratively configured user has different right to access the TOE data. The access control mechanisms of the TOE are based on hierarchical access levels where Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 60 a user level is associated with every user and terminal on the one hand and a command level is associated with every command. Only if the user level is equal or higher to a specific command, the user is authorized to execute this command. Management of security function is realized through commands. So for every management function sufficient user level is required for the user to be able to execute the corresponding command. The administrative functions are described in section 7.4.5 of the present document. In order to perform these administrative functions, the administrator shall be log-in. The TOE stores X.509v3 certificates in Flash, and all pre-shared keys, symmetric keys, and private keys in the file system in Flash that can’t be read, copy or extract by administrators; hence no interface access is available. 7.4.4 FMT_MTD.1/CryptoKeys Management of TSF data Only administrators have the right to delete, generate, import the cryptographic keys, the other users are disallowed to do this. 7.4.5 FMT_SMF.1 Specification of Management Functions The TOE provides all the capabilities necessary to securely manage the TOE. The administrative user can connect to the TOE using the CLI to perform these functions via SSH encrypted session. The management functionality provided by the TOE includes the following administrative functions: ● Ability to administer the TOE locally and remotely; ● Ability to configure the access banner; ● Ability to configure the session inactivity time before session termination or locking; ● Ability to update the TOE, and to verify the updates using digital signature capability prior to installing those updates; ● Ability to configure the authentication failure parameters for FIA_AFL.1; ● Ability to start and stop services. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 61 ● Ability to configure audit behavior; ● Ability to manage the cryptographic keys; ● Ability to configure thresholds for SSH rekeying; 7.4.6 FMT_SMR.2 Restrictions on security roles A Security Administrator is able to administer the TOE through the local console or through a remote SSH mechanism. An administrator can create, delete and modify the other users and endow them with a proper right according to the users’ roles. The TOE uses groups to organize users. Different kinds of users are in different group and every group has a specific level that identity its roles and scope of rights. Every user in one group has the same scope of rights that the group owns. The TOE has 4 default user groups: manage-ug, system-ug, monitor-ug, and visitor-ug. 7.5 Protection of the TSF (FPT) 7.5.1 FPT_SKP_EXT.1 Protection of TSF Data (for reading of all symmetric keys) The TOE stores all pre-shared keys, symmetric keys, and private keys in the file system in Flash that can’t be read, copy or extract by administrators; hence no interface access. 7.5.2 FPT_APW_EXT.1 Protection of Administrator Passwords The administrator passwords are stored to configuration file in cryptographic form hashed with salt by SHA256, including username passwords, authentication passwords, console and virtual terminal line access passwords. In this manner, the TOE ensures that plaintext user passwords will not be disclosed to anyone through normal interfaces including administrators. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 62 7.5.3 FPT_TST_EXT.1 TSF testing The TSF run a suite of self-tests during initial start-up to demonstrate the correct operation of the TSF, including software integration verification by integrity check and the correct operation of cryptographic functions. During initial power on start-up, software integrity is checked at first. If integrity check is failed, the start-up procedure will stop. After VRP gain control, it tests the correct operation of cryptographic functions with known-answer test. If this testing fail, the start-up procedure will also stop. 7.5.4 FPT_TUD_EXT.1 Trusted Update Only authenticated administrators have the ability to manually initiate an update to TOE firmware/software. During the updating procedure, digital signature as defined at FCS_COP.1/SigGen will be verified by the TOE at first. The administrators can query the currently executing version of the TOE firmware/software as well as the most recently installed version by the “display startup” command. The currently executing patches and most recently installed patches can also be checked out. The validation of the firmware/software integrity is always performed before the process of replacing a non-volatile, system resident software component with another is started. All discrete software components (e.g. applications, drivers, kernel, and firmware) of the TSF are archived together into a whole package and the single package is digitally signed. RSA as specified in FCS_COP.1/SigGen can be used for firmware/software digital signature mechanism to authenticate it prior to installation and that installation fails if the verification fails. When digital signature is verified correct, the new software will be installed successfully and become active when the TOE reboot. 7.5.5 FPT_STM_EXT.1 Reliable Time Stamps Only administrators have the ability to modify the time of TOE, and all modification about time will be recorded. The security functions that make use of time include: Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 63 1) With this information the real time for all audit data can be calculated. 2) The validation period of the certificate can be calculated. The Network Time Protocol (NTP) is supported by TOE. NTP synchronizes clocks of all devices on a network so that the devices can implement applications based on the uniform time. NTP is applied in the following situations where all the clocks of hosts or switches in a network need to be consistent: ● Network management: Analysis on logs or debugging information collected from different switches must be performed based on time. ● Charging system: Requires the clocks of all devices to be consistent. ● Completing certain functions: For example, timing restart of all the switches in a network requires the clocks of all the switches to be consistent. 7.6 TOE Access (FTA) 7.6.1 FTA_SSL_EXT.1 TSF-initiated Session Locking An administrator can configure maximum inactivity times for both local and remote administrative sessions. When a session is inactive (i.e., not session input) for the configured period of time the TOE will terminate the session, flush the screen, and no further activity is allowed requiring the administrator to log in (be successfully identified and authenticated) again to establish a new session. The allowable range is from 0 minute 0 second to 35791 minutes 59 seconds. 7.6.2 FTA_SSL.3 TSF-initiated Termination When the remote session is inactive (i.e., not session input) for the configured period of time the TOE will terminate the session. 7.6.3 FTA_SSL.4 User-initiated Termination When the initiated administrator or local session is inactive (i.e., not session input) for the configured period of time the TOE will terminate the session. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 64 7.6.4 FTA_TAB.1 Default TOE Access Banners To provide some prompts or alarms to users, Administrator can use the header command to configure a title on the router. If a user logs in to the router, the title is displayed. Administrator can specify the title information, or specify the title information by using the contents of a file. The title displayed is the same for both local and remote users. When a terminal (remote or local) connection is activated and attempt to log in, the terminal displays the contents of the title that is set by using the header login command. After the successful login, the terminal displays the contents of the title that is configured by using the header shell command. 7.7 Trusted path/channels (FTP) 7.7.1 FTP_ITC.1 Inter-TSF trusted channel The TOE protects communications between a TOE and its connected Audit server with TLS v1.2. TLS/SSH protects the data from disclosure by encryption defined at 6.2.2.6 and ensure that the data has not been modified by MAC defined by 6.2.2.7. 7.7.2 FTP_TRP.1/Admin Trusted Path All remote administrative communications take place over a secure encrypted SSH session. The remote users are able to initiate SSH communications with the TOE. The TOE protects communications between a TOE and authorized remote administrator with SSH. Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 65 8 Crypto Disclaimer The following cryptographic algorithms are used by AR6000&AR600 Series to enforce its security policy: # Purpose Cryptographic Mechanism Standard of Implementation Key Size in Bits Standard of Application Comments 1 Key Generation Elliptic curve- Diffie Hellman FFC Schemes using Diffie-Hellman group 14 that meet the following: RFC 3526, Section 3 2048-bit or greater NIST Special Publication 800-56B FCS_CKM.1 2 Key Establishment Elliptic curve-based key establishment schemes Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography 2048-bit or greater NIST Special Publication 800-56B FCS_CKM.2 3 Confidentiality AES in CTR mode 128 bits or 256 bits AES as specified in ISO 18033-3, CTR as specified in ISO 10116 FCS_COP.1/ DataEncryption 4 Authentication RSA signature RSA: PKCS#1_V2.1, RSASSA-PKCS2v 1_5 3072 bits FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Section 5.5 FCS_COP.1/ SigGen Digital signature scheme 2 or Digital Signature scheme 3 3072 bits ISO/IEC 9796-2, Digital signature scheme 2 or Digital Signature scheme 3 FCS_COP.1/ SigGen Integrity HMAC-SHA-25 6 - 256 bits ISO/IEC 9797-2:2011, Section 7 “MAC Algorithm 2” FCS_COP.1/Hash 5 Cryptographic Primitive SHA-256, SHA-384, - 256 bits, and 384 bits, ISO/IEC 10118-3:2004 FCS_COP.1/ KeyedHash 6 Random Bit Generation Hash_DRBG (any); DRG.2 acc. to AIS20 - 256 bits AIS20 ISO/IEC 18031:2011 Table C.1 “Security FCS_RBG.1 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 66 # Purpose Cryptographic Mechanism Standard of Implementation Key Size in Bits Standard of Application Comments Strength Table for Hash Functions” 7 Trusted Channel SSH V2.0 RFC 4251 RFC 4252 RFC 4253 RFC 4254 RFC 5656 RFC 6668 - - FTP_TRP.1/ Admin TLS1.1 RFC 3268 RFC 4346 RFC 5246 RFC 6125 - - FTP_ITC.1 TLS1.2 RFC 3268 RFC 5246 RFC 6125 - - FTP_ITC.1 8 Cryptographic Primitive Generation of prime numbers for RSA None Miller-Rabin-Test is used as primality test. Referenced Documents AIS20 W. Killmann, W. Schindler; A proposal for: Functionality classes for random number generators, Version 2.0, September 18th 2011. FIPS 186-4 National Institute of Standards and Technology, Digital Signature Standard (DSS), Federal Information Processing Standards Publication FIPS PUB 186-4, July 2013 PKCS#1 RSA Cryptography Specifications Version 2.1(RFC3447) PKCS#3 A cryptographic protocol that allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. FIPS 198-1The Keyed-Hash Message Authentication Code (HMAC)--2008 July RFC 4251The Secure Shell (SSH) Protocol Architecture, January 2006 RFC 4252The Secure Shell (SSH) Authentication Protocol, January 2006 RFC 4253The Secure Shell (SSH) Transport Layer Protocol, January 2006 RFC 4254The Secure Shell (SSH) Connection Protocol, January 2006 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 67 RFC 6668SHA-2 Data Integrity Verification for the Secure Shell (SSH) Transport Layer Protocol RFC 3268Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS) RFC 4346The Transport Layer Security (TLS) Protocol Version 1.1 RFC 5246The Transport Layer Security (TLS) Protocol Version 1.2 RFC 6125Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS) ANSI X9.31NIST-Recommended Random Number Generator Based on ANSI X9.31 Appendix A.2.4 Using the 3-Key Triple DES and AES Algorithms NIST SP 800-56ANational Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, May 2013 NIST SP 800-56BNational Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography August 2009 ISO/IEC 18031:2011 Information technology -- Security techniques -- Random bit generation ISO 18033-3 Information technology — Security techniques — Encryption algorithms ISO/IEC 9796-2Information technology -- Security techniques -- Digital signature schemes giving message recovery ISO/IEC 9797-2Information technology -- Security techniques -- Message Authentication Codes (MACs) ISO/IEC 10118-3Information technology -- Security techniques -- Hash-functions ISO/IEC 14888-3 Information technology -- Security techniques -- Digital signatures with appendix Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 68 9 Abbreviations Terminology and References 9.1 Abbreviations Name Explanation AAA Authentication Authorization Accounting CA Certificate Authority CC Common Criteria CEM Common Evaluation Methodology for Information Technology Security CLI Command Line Interface EAL Evaluation Assurance Level EXEC Execute Command GUI Graphical User Interface IC Information Center IP Internet Protocol IPC Inter-Process Communication LMT Local Maintenance Terminal LPU Line Process Unit MAN Metropolitan Area Network MCU Main Control Unit Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 69 Name Explanation MPU Main Processing Unit NDcPP collaborative Protection Profile for Network Device NMS Network Management Server NTP Network Tiem Protocal PP Protection Profile RMT Remote Maintenance Terminal SFR Security Functional Requirement SFU Switching Fabric Unit SPU Service Process Unit SRU Switch Router Unit SSH Secure Shell SSL Secure Sockets Layer ST Security Target STP Spanning-Tree Protocol TLS Transport Layer Security TOE Target of Evaluation TSF TOE Security Functions VRP Versatile Routing Platform SIC Service Interface Card Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 70 9.2 Terminology This section contains definitions of technical terms that are used with a meaning specific to this document. Terms defined in the CC are not reiterated here, unless stated otherwise. Terminology Explanation Administrator: An administrator is a user of the TOE who may have been assigned specific administrative privileges within the TOE. This ST may use the term administrator occasionally in an informal context, and not in order to refer to a specific role definition – from the TOE’s point of view, an administrator is simply a user who is authorized to perform certain administrative actions on the TOE and the objects managed by the TOE. Since all user levels are assigned to commands and users and users can only execute a command if their associated level is equal or higher compared to the level assigned to a command, a user might have certain administrative privileges but lacking some other administrative privileges. So the decision whether a user is also an administrator or not might change with the context (e.g. might be able to change audit settings but cannot perform user management). Operator: See User. User: A user is a human or a product/application using the TOE which is able to authenticate successfully to the TOE. A user is therefore different to a subject which is just sending traffic through the device without any authentication. 9.3 References Name Description AIS20 W. Killmann, W. Schindler; A proposal for: Functionality classes for random number generators, Version 2.0, September 18th 2011. [CC] Common Criteria for Information Technology Security Evaluation. Part 1-3 September 2012 Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 71 Name Description Version 3.1 Revision 5 [CC1] Common Criteria (CC) Part 1: Introduction and general model September 2012 Version 3.1 Revision 5 [CC2] Part 2: Security functional components September 2012 Version 3.1 Revision 5 [CC3] Part 3: Security assurance components September 2012 Version 3.1 Revision 5 [CEM] Common Methodology for Information Technology Security Evaluation Evaluation methodology September 2012 Version 3.1 Revision 5 [CPP_ND] collaborative Protection Profile for Network Devices, Version 2.1, 24-Sep-2018 [ISO18031] Information technology — Security techniques — Random bit generation Second edition 2011-11-15 [RFC 3526] This document defines new Modular Exponential (MODP) Groups for the Internet Key Exchange (IKE) protocol. It documents the well known and used 1536 bit group 5, and also defines new 2048, 3072, 4096, 6144, and 8192 bit Diffie-Hellman groups numbered starting at 14. Please refer to the following link: http://www.rfc-editor.org/info/rfc3526 [RFC 4251] This document describes the architecture of the SSH protocol, as well as the notation and terminology used in SSH protocol documents. It also discusses the SSH algorithm Huawei AR6000&AR600 Series Routers running VRP software V300R019C11SPC200 Security Target Issue 1.7 (2022-03-30) Copyright © Huawei Technologies Co., Ltd. 72 Name Description naming system that allows local extensions. Please refer to the following link: http://www.rfc-editor.org/info/rfc4251 [RFC 5280] This memo profiles the X.509 v3 certificate and X.509 v2 certificate revocation list (CRL) for use in the Internet. Please refer to the following link: http://www.rfc-editor.org/info/rfc5280 [RFC 5759] This document specifies a base profile for X.509 v3 Certificates and X.509 v2 Certificate Revocation Lists (CRLs) for use with the United States National Security Agency's Suite B Cryptography. Please refer to the following link: http://www.rfc-editor.org/info/rfc5759 [SD_ND] Supporting Document Mandatory Technical Document PP-Evaluation Activities for Network Device cPP, Version 2.1. [SP800-56A] Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography Revision 2 May 2013 [SP800-56B] Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography Revision 1 September 2014 [SP800-90A] Recommendation for Random Number Generation Using Deterministic Random Bit Generators Revision 1 June 2015