Ruckus FastIron ICX™ 7150/7250 Series Switch/Router Firmware Version: IronWare OS 09.0.10 FIPS 140-3 Non-Proprietary Security Policy Document Version: 1.5 Last Update Date: 10-07-2024 Prepared by: Ruckus Wireless LLC Salarpuria Supreme, #137, Marathahalli Bangalore, Karnataka 560037 India www.commscope.com 1. General..............................................................................................................................1 2. Cryptographic Module Specification................................................................................1 3. Cryptographic Module Interfaces...................................................................................17 4. Roles, Services, and Authentication...............................................................................18 5. Software/Firmware Security...........................................................................................23 6. Operational Environment ...............................................................................................24 7. Physical Security ............................................................................................................24 8. Non-Invasive Security ....................................................................................................24 9. Sensitive Security Parameter Management ....................................................................24 10. Self-Tests........................................................................................................................29 11. Life-Cycle Assurance .....................................................................................................31 12. Mitigation of Other Attacks............................................................................................32 I. Terms and Definitions ....................................................................................................33 1 1. General This is a non-proprietary cryptographic module security policy for Ruckus FastIron ICX™ 7150/7250 Series Switch/Router (hereinafter referred to as the module). The firmware version running on each module is IronWare OS 09.0.10. This security policy describes how the module meets the FIPS 140-3 Level 1 security requirements, and how to operate the module in an approved mode. This security policy may be freely distributed. FIPS 140-3 (Federal Information Processing Standards Publication 140-3 — Security Requirements for Cryptographic Modules) details the U.S. Government requirements for cryptographic modules. More information about the FIPS 140-3 standard and validation program is available on the NIST website at https://csrc.nist.gov/projects/cryptographic-module-validation-program. The table below indicates the actual security levels for each area of the module. ISO/IEC 24759 Section 6. [Number Below] FIPS 140-3 Section Title Security Level 1 General 1 2 Cryptographic module specification 1 3 Cryptographic module interfaces 1 4 Roles, services, and authentication 2 5 Software/Firmware security 1 6 Operational environment 1 7 Physical security 1 8 Non-invasive security N/A 9 Sensitive security parameter management 1 10 Self-tests 1 11 Life-cycle assurance 1 12 Mitigation of other attacks N/A Table 1 - Security Levels The module is designed to meet an overall security level 1. 2. Cryptographic Module Specification Cryptographic Boundary The module is a hardware, multi-chip standalone cryptographic module. The cryptographic boundary is defined as the module’s chassis unit encompassing the "top," "front," "left," "right," “rear” and "bottom" surfaces of the case representing the module’s physical perimeter. This section illustrates the module hardware with the help of photographs. Ruckus ICX-7150 Series Figure 1 ICX7150-24 2 Figure 2 ICX7150-24F Figure 3 ICX7150-24P Figure 4 ICX7150-48 Figure 5 ICX7150-48P Figure 6 ICX7150-48PF Figure 7 ICX7150-48ZP 3 Figure 8 ICX7150-C10ZP Figure 9 ICX7150-C12P Figure 10 ICX7150-C08P Figure 11 ICX7150-C08PT Please note that each Ruckus ICX 7150 model also offers a single integrated power supply, one RJ- 45 Ethernet port for out-of-band network management, one USB Type-C port for console management, one RJ-45 port for serial console management. Ruckus ICX-7250 Series Figure 12 ICX7250-24 4 Figure 13 ICX7250-24P Figure 14 ICX7250-48 Figure 15 ICX7250-48P Please note that each Ruckus ICX 7250 model also offers a single integrated power supply, one RJ- 45 Ethernet port for out-of-band network management, one USB Type-C port for console management, one RJ-45 port for serial console management. Table 2 below lists the models and firmware version included in this validation. Please note that “- RMT3” is referred to “with Three Years Remote Support”, and “-A” is referred to Trade Agreements Act (TAA) Compliant. Hardware Model Hardware [Part Numbers and Versions] Firmware Version Distinguishing Features ICX7150-24 ICX7150-24-4X1G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE RJ-45 Ethernet ports • 2x 1GbE R-J45 Ethernet ports • 4x 1GbE SFP ports See Cryptographic Module Interfaces section for more information ICX7150-24-2X10G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE RJ-45 Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 2x 1GbE SFP ports • 2x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-24-4X10GR IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port 5 Hardware Model Hardware [Part Numbers and Versions] Firmware Version Distinguishing Features • 1x USB Type-C console port • 24x 1GbE RJ-45 Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-24- 4X10GR-RMT3 IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE RJ-45 Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-24- 4X10GR-A IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE RJ-45 Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-24F ICX7150-24F-4X1G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE SFP ports • 2x 1GbE RJ-45 Ethernet ports • 4x 1GbE SFP stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-24F-2X10G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE SFP ports • 2x 1GbE RJ-45 Ethernet ports • 2x 1GbE SFP ports • 2x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-24F- 4X10GR IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE SFP ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-24F- 4X10GR-RMT3 IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port 6 Hardware Model Hardware [Part Numbers and Versions] Firmware Version Distinguishing Features • 1x USB Type-C console port • 24x 1GbE SFP ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-24F- 4X10GR-A IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE SFP ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-24P ICX7150-24P-4X1G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE R-J45 Ethernet ports • 4x 1GbE SFP ports See Cryptographic Module Interfaces section for more information ICX7150-24P-2X10G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 2x 1GbE SFP ports • 2x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-24P- 4X10GR IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-24P- 4X10GR-RMT3 IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-24P- 4X10GR-A IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port 7 Hardware Model Hardware [Part Numbers and Versions] Firmware Version Distinguishing Features • 1x USB Type-C console port • 24x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-48 ICX7150-48-4X1G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48x 1GbE RJ-45 Ethernet ports • 2x 1GbE R-J45 Ethernet ports • 4x 1GbE SFP ports See Cryptographic Module Interfaces section for more information ICX7150-48-2X10G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48x 1GbE RJ-45 Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 2x 1GbE SFP ports • 2x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-48-4X10GR IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE RJ-45 Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-48- 4X10GR-RMT3 IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE RJ-45 Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-48- 4X10GR-A IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24x 1GbE RJ-45 Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-48P ICX7150-48P-4X1G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port 8 Hardware Model Hardware [Part Numbers and Versions] Firmware Version Distinguishing Features • 1x USB Type-C console port • 48x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE R-J45 Ethernet ports • 4x 1GbE SFP ports See Cryptographic Module Interfaces section for more information (Note: 370 W PoE is available on ICX7150-48P) ICX7150-48P-2X10G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 2x 1GbE SFP ports • 2x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information (Note: 370 W PoE is available on ICX7150-48P) ICX7150-48P- 4X10GR IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information (Note: 370 W PoE is available on ICX7150-48P) ICX7150-48P- 4X10GR-RMT3 IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information (Note: 370 W PoE is available on ICX7150-48P) ICX7150-48P- 4X10GR-A IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information (Note: 370 W PoE is available on ICX7150-48P) ICX7150-48PF ICX7150-48PF-4X1G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE R-J45 Ethernet ports • 4x 1GbE SFP ports 9 Hardware Model Hardware [Part Numbers and Versions] Firmware Version Distinguishing Features See Cryptographic Module Interfaces section for more information (Note: 740 W PoE is available on ICX7150-48PF) ICX7150-48PF- 2X10G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 2x 1GbE SFP ports • 2x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information (Note: 740 W PoE is available on ICX7150-48PF) ICX7150-48PF- 4X10GR IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information (Note: 740 W PoE is available on ICX7150-48PF) ICX7150-48PF- 4X10GR-RMT3 IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information (Note: 740 W PoE is available on ICX7150-48PF) ICX7150-48PF- 4X10GR-A IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48x 1GbE RJ-45 POE+ Ethernet ports • 2x 1GbE RJ-45 Ethernet ports • 4x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information (Note: 740 W PoE is available on ICX7150-48PF) ICX7150-48ZP ICX7150-48ZP- E2X10G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 16x 1GbE RJ-45 POE Ethernet ports • 32x 1GbE RJ-45 POE+ Ethernet ports • 6x 1GbE SFP ports • 2x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information 10 Hardware Model Hardware [Part Numbers and Versions] Firmware Version Distinguishing Features ICX7150-48ZP- E8X10GR IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 16x 1GbE RJ-45 POE Ethernet ports • 32x 1GbE RJ-45 POE+ Ethernet ports • 8x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-48ZP- E8X10GR-RMT3 IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 16x 1GbE RJ-45 POE Ethernet ports • 32x 1GbE RJ-45 POE+ Ethernet ports • 8x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-48ZP- E8X10GR2-A IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 16x 1GbE RJ-45 POE Ethernet ports • 32x 1GbE RJ-45 POE+ Ethernet ports • 8x 10GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-C08P ICX7150-C08P-2X1G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 8x 1Gbe RJ-45 POE+ Ethernet ports • 2x 1G SFP ports See Cryptographic Module Interfaces section for more information ICX7150-C08P- 2X1G-RMT3 IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 8x 1Gbe RJ-45 POE+ Ethernet ports • 2x 1G SFP ports See Cryptographic Module Interfaces section for more information ICX7150-C08PT ICX7150-C08PT- 2X1G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 8x 1Gbe RJ-45 POE+ Ethernet ports • 2x 1G SFP ports See Cryptographic Module Interfaces section for more information ICX7150-C08PT- 2X1G-RMT3 IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 8x 1Gbe RJ-45 POE+ Ethernet ports 11 Hardware Model Hardware [Part Numbers and Versions] Firmware Version Distinguishing Features • 2x 1G SFP ports See Cryptographic Module Interfaces section for more information ICX7150-C10ZP ICX7150-C10ZP- 2X10GR IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 2x 1G/2.5/5/10G POE Ethernet ports • 2x 1G/2.5G POE Ethernet ports • 6x 1G/2.5G PoE+ Ethernet ports • 2x 10G SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-C10ZP- 2X10GR-A IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 2x 1G/2.5/5/10G POE Ethernet ports • 2x 1G/2.5G POE Ethernet ports • 6x 1G/2.5G PoE+ Ethernet ports • 2x 10G SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-C10ZP- 2X10GR-RMT3 IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 2x 1G/2.5/5/10G POE Ethernet ports • 2x 1G/2.5G POE Ethernet ports • 6x 1G/2.5G PoE+ ports, • 2x 10G SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-C12P ICX7150-C12P-2X1G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 12× 1 GbE PoE+ Ethernet ports • 2×1 GbE RJ45 uplink-ports • 2×1 GbE SFP uplink-ports See Cryptographic Module Interfaces section for more information ICX7150-C12P- 2X10GR IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 12×1 GbE PoE+ Ethernet ports • 2×1 GbE RJ45 Ethernet ports • 2×10 GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-C12P- 2X10GR-RMT3 IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port 12 Hardware Model Hardware [Part Numbers and Versions] Firmware Version Distinguishing Features • 12×1 GbE PoE+ ports • 2×1 GbE RJ45 Ethernet ports • 2×10 GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7150-C12P- 2X10GR-A IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 12×1 GbE PoE+ ports • 2×1 GbE RJ45 Ethernet ports • 2×10 GbE SFP+ stacking/uplink ports See Cryptographic Module Interfaces section for more information ICX7250-24 ICX7250-24 IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24×1 GbE RJ-45 Ethernet ports • 8×1 GbE SFP See Cryptographic Module Interfaces section for more information ICX7250-24-2X10G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24×1 GbE RJ-45 Ethernet ports • 6×1 GbE SFP • 2×10 GbE SFP+ uplink/stacking ports See Cryptographic Module Interfaces section for more information ICX7250-24P ICX7250-24P IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24×1 GbE RJ-45 POE+ Ethernet ports • 8×1 GbE SFP ports See Cryptographic Module Interfaces section for more information ICX7250-24P-2X10G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 24×1 GbE RJ-45 POE+ Ethernet ports • 6×1 GbE SFP • 2×10 GbE SFP+ uplink/stacking ports See Cryptographic Module Interfaces section for more information ICX7250-48 ICX7250-48 IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48×1 GbE RJ-45 Ethernet ports • 8×1 GbE SFP 13 Hardware Model Hardware [Part Numbers and Versions] Firmware Version Distinguishing Features See Cryptographic Module Interfaces section for more information ICX7250-48-2X10G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48×1 GbE RJ-45 Ethernet ports • 6×1 GbE SFP • 2×10 GbE SFP+ uplink/stacking ports See Cryptographic Module Interfaces section for more information ICX7250-48P ICX7250-48P IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48×1 GbE RJ-45 POE+ Ethernet ports • 8×1 GbE SFP ports See Cryptographic Module Interfaces section for more information ICX7250-48P-2X10G IronWare OS 09.0.10 • 1x RJ-45 Ethernet Mgmt port • 1x RJ-45 serial console port • 1x USB Type-C console port • 48×1 GbE RJ-45 POE+ Ethernet ports • 6×1 GbE SFP • 2×10 GbE SFP+ uplink/stacking ports See Cryptographic Module Interfaces section for more information Table 2 – Tested Operational Environments Modes of Operation By default, the module is delivered with a non-Approved mode of operation but supports an Approved mode of operation. Once the module is configured to operate in the Approved mode of operation by following the steps in section "Secure Operation" of this document by the Crypto Officer, the module can only operate in the Approved mode. The module does not claim implementation of a degraded mode of operation. Table 3 below lists all Approved or Vendor-affirmed security functions of the module, including specific key size(s) (in bits unless noted otherwise) employed for Approved services, and implemented modes of operation. Approved Security Functions The module implements the following approved cryptographic algorithms that have been CAVP certificated. CAVP Cert Algorithm and Standard Mode/Method Description / Key Size(s) / Key Strength(s) Use / Function /Notes #A2345 AES • FIPS197 • SP800-38A AES-ECB 128 and 256 bits Data Encryption/Decryption #A2345 AES • FIPS197 AES-CBC 128 and 256 bits Data Encryption/Decryption 14 CAVP Cert Algorithm and Standard Mode/Method Description / Key Size(s) / Key Strength(s) Use / Function /Notes • SP800-38A #A2345 AES • FIPS197 • SP800-38A AES-CFB128 128 and 256 bits Data Encryption/Decryption #A2345 AES • FIPS197 • SP800-38A AES-CTR 128 and 256 bits Data Encryption/Decryption #A2345 AES • FIPS197 • SP 800-38D AES-GCM 128 and 256 bits Authenticated Encryption/Decryption #A2345 KDF SSH (CVL) • SP800-135rev1 SSHv2 KDF N/A SP800-135Rev1 Compliant Key Derivation Function (KDF) for SSHv2 #A2345 KDF TLS (CVL) • SP800-135rev1 TLSv1.1/1.2 KDF N/A SP800-135rev1 Compliant Key Derivation Function (KDF) for TLSv1.1/1.2 #A2345 KDF SNMP (CVL) • SP800-135rev1 SNMPv3 KDF N/A SP800-135rev1 Compliant Key Derivation Function (KDF) for SNMPv3 #A2345 DRBG • SP800-90Arev1 CTR_DRBG (AES-256 bits) N/A Deterministic Random Bit Generation #A2345 ECDSA • FIPS186-4 ECDSA KeyGen, Curves: P-256, P-384 ECDSA Key Generation #A2345 ECDSA • FIPS186-4 ECDSA SigGen Curves: P-256, P-384 ECDSA Digital Signature Generation #A2345 ECDSA • FIPS186-4 ECDSA SigVer Curves: P-256, P-384 ECDSA Digital Signature Verification #A2345 KAS-ECC-SSC • SP800-56Arev3 KAS-ECC-SSC Scheme: Ephemeral Unified KAS-ECC-SSC with Curves P-256, P-384, P-521 KAS-ECC Shared Secret Computation #A2345 KAS • SP800-56Arev3 KAS (ECC) Scheme: ephemeralUnified KAS Role: initiator, responderP KAS (KAS-SSC Cert. #A2345, CVL Cert. #A2345) KAS-ECC with Curves P-256, P-384, P-521; Key establishment methodology provides between 128 and 256 bits of encryption strength Key Agreement Scheme per SP800-56Arev3 with key derivation function (SP800-135rev1) Note: The module’s KAS (ECC) implementation is FIPS140-3 IG D.F Scenario 2 (path 2) compliant 15 CAVP Cert Algorithm and Standard Mode/Method Description / Key Size(s) / Key Strength(s) Use / Function /Notes #A2345 KAS-FFC-SSC • SP800-56Arev3 KAS-FFC-SSC Scheme: dhEphem MODP-2048, MODP- 4096, MODP-8192 KAS-FFC Shared Secret Computation #A2345 KAS • SP800-56Arev3 KAS (FFC) Scheme: dhEphem KAS (KAS-SSC Cert. #A2345, CVL Cert. #A2345) KAS-FFC with MODP- 2048, MODP-4096, MODP-8192 Key establishment methodology provides between 112 and 200 bits of encryption strength Key Agreement Scheme per SP800-56Arev3 with key derivation function (SP800-135rev1) Note: The module’s KAS (ECC) implementation is FIPS140-3 IG D.F Scenario 2 (path 2) compliant #A2345 KTS (SSH) • SP800-38F KTS (AES Cert. #A2345 and HMAC Cert. #A2345) Key establishment methodology provides 128 or 256 bits of encryption strength Key Transport using AES and HMAC in SSH #A2345 KTS (TLS) • SP800-38F KTS (AES Cert. #A2345 and HMAC Cert. #A2345) Key establishment methodology provides 128 or 256 bits of encryption strength Key Transport using AES and HMAC in TLS #A2345 KTS (TLS) • SP800-38F KTS (AES-GCM Cert. #A2345) Key establishment methodology provides 128 or 256 bits of encryption strength Key Transport using AES-GCM in TLS #A2345 SHS • FIPS180-4 SHA-1 Message Length: 0-51200 Increment 8 N/A Secure hashing Note: SHA-1 is not used for digital signature generation #A2345 SHS • FIPS180-4 SHA2-256 Message Length: 0-51200 Increment 8 N/A Secure hashing #A2345 SHS • FIPS180-4 SHA2-384 Message Length: 0-51200 Increment 8 N/A Secure hashing #A2345 HMAC • FIPS198-1 HMAC-SHA-1 160, 256, 384 bits Hash based message authenticate code generation and verification #A2345 HMAC • FIPS198-1 HMAC-SHA2- 256 160, 256, 384 bits Hash based message authenticate code generation and verification #A2345 HMAC • FIPS198-1 HMAC-SHA2- 384 160, 256, 384 bits Hash based message authenticate code 16 CAVP Cert Algorithm and Standard Mode/Method Description / Key Size(s) / Key Strength(s) Use / Function /Notes generation and verification #A2345 RSA • FIPS186-4 RSA KeyGen Mode: B.3.3 Modulus: 2048 bits Key Generation #A2345 RSA • FIPS186-4 RSA SigGen (PKCS 1.5) Modulus: 2048 bits Signature Generation #A2345 RSA • FIPS186-4 RSA Sigver (PKCS 1.5) Modulus: 2048 bits Signature Verification #A2345 Safe Primes Key Generation • SP800-56Arev3 N/A Safe Prime Groups: MODP-2048, MODP- 4096, MODP-8192 KAS-FFC Keypair domain parameters generation Vendor Affirmed CKG • SP800-133rev2 N/A N/A Vendor Affirmed Cryptographic Key Generation (CKG) compliant with SP800- 133rev2 and IG D.H The cryptographic module performs Cryptographic Key Generation (CKG) for asymmetric keys as per sections 4 and 5 in SP800-133rev2 (vendor affirmed). A seed (i.e., the random value) used in asymmetric key generation is a direct output from SP800- 90Arev1 CTR_DRBG Table 3 - Approved Algorithms Notes: ● There are some algorithm modes that were tested but not implemented by the module. Only the algorithms, modes, and key sizes that are implemented by the module are shown in this table. ● The module’s AES-GCM implementation conforms to IG C.H scenario #1 following RFC 5288 for TLS. The module is compatible with TLSv1.2 and provides support for the acceptable GCM cipher suites from SP 800-52 Rev1, Section 3.3.1. The operations of one of the two parties involved in the TLS key establishment scheme were performed entirely within the cryptographic boundary of the module being validated. The counter portion of the IV is set by the module within its cryptographic boundary. When the IV exhausts the maximum number of possible values for a given session key, the first party, client or server, to encounter this condition will trigger a handshake to establish a new encryption key. In case the module’s power is lost and then restored, a new key for use with the AES GCM encryption/decryption shall be established. 17 ● No parts of the SSH, TLS and SNMP protocols, other than the KDFs, have been tested by the CAVP and CMVP. As the module can only be operated in the Approved mode of operation, and any algorithms not listed in the table 3 above will be rejected by the module while in the approved mode. The tables defined in SP800-140B for the following categories are missing from this document. ● Non-Approved Algorithms Allowed in Approved Mode of Operation ● Non-Approved Algorithms Allowed in Approved Mode of Operation with No Security Claimed ● Non-Approved Algorithms Not Allowed in Approved Mode of Operation 3. Cryptographic Module Interfaces The module provides a number of physical and logical interfaces to the device, and the physical interfaces provided by the module are mapped to the following FIPS 140-3 defined logical interfaces: Data Input, Data Output, Control Input, Control Output (N/A) and Status Output. The logical interfaces and their mapping are described in Tables 4 and 5. Please note that the module doesn’t support Control Output logical interface. Physical port Logical interface Data that passes over port/interface Console port, Mgmt Port, RJ-45/RJ-45 PoE+ Ethernet Ports, uplink/stacking SPF/SFP+ ports Data Input SSH, TLS and SNMPv3 traffic Console port, Mgmt Port, RJ-45/RJ-45 PoE+ Ethernet Ports, uplink/stacking SPF/SFP+ ports Data Output SSH, TLS and SNMPv3traffic Console port, Mgmt Port, RJ-45/RJ-45 PoE+ Ethernet Ports, uplink/stacking SPF/SFP+ ports Control Input Control Input Console port, Mgmt Port, RJ-45/RJ-45 PoE+ Ethernet Ports, uplink/stacking SPF/SFP+ ports, LED Status Output Status information N/A Control Output NA Power N/A Provides the power supply to the module Table 4 – Ports and Interfaces for ICX7150 Series Physical port Logical interface Data that passes over port/interface Console port, Mgmt Port, RJ-45/RJ-45 PoE+ Ethernet Ports, uplink/stacking SPF/SFP+ ports Data Input SSH, TLS and SNMPv3 traffic Console port, Mgmt Port, RJ-45/RJ-45 PoE+ Ethernet Ports, uplink/stacking SPF/SFP+ ports Data Output SSH, TLS and SNMPv3traffic Console port, Mgmt Port, RJ-45/RJ-45 PoE+ Ethernet Ports, uplink/stacking SPF/SFP+ ports Control Input Control Input 18 Console port, Mgmt Port, RJ-45/RJ-45 PoE+ Ethernet Ports, uplink/stacking SPF/SFP+ ports, and LEDs Status Output Status information N/A Control Output NA Power N/A Provides the power supply to the module Table 5 – Ports and Interfaces for ICX7250 Series 4. Roles, Services, and Authentication The module supports role-based authentication. In approved mode, the cryptographic module supports the following roles: 1. Crypto Officer Role: The Crypto Officer role has complete access to the system. The Crypto Officer is the only role that can perform firmware loading, security functions configuration (SSHv2, TLSv1.1/1.2 and SNMPv3) and account management. A crypto officer can create additional accounts thereby creating additional crypto officers. 2. Port Config Admin Role: The Port Config Admin role has read and write access for configuring specific ports but not for global (system‐wide) parameters. 3. User Role: The User role on the device has read-only privileges and no configuration mode access. The module does not support the maintenance role. The services for someone without an authorized role are to view the status output from the module’s LEDs and to cycle power the module. For all other services, an operator must authenticate to the module as described in Tables 6-8 below. The module provides services for remote communication (SSHv2, SNMPv3 and Console) for management and configuration of cryptographic functions. The following subsections describe services available to operators based on role. Role Service Input Output Crypto Officer Perform Self-test Command to trigger self-test The self-tests completion status information. Crypto Officer Perform Zeroization Command to zeroize the module The zeroization completion status information Crypto Officer Update Firmware Command to upload a new validated firmware The firmware update completion status information Crypto Officer CO Authentication CO role authentication request Status of the CO role authentication Crypto Officer Configuration Management Commands to configure the module Status of the completion of network related configuration Crypto Officer Configure RADIUS Server Commands to configure RADIUS Server Status of the completion of RADIUS Server configuration Crypto Officer Configure SSHv2 Function Commands to configure SSHv2 function Status of the completion of SSHv2 configuration Crypto Officer Configure SSL over TLSv1.1/1.2 Function Commands to configure SSL over TLSv1.1/2 function Status of the completion of SSL over TLSv1.1/1.2 configuration Crypto Officer Configure SNMPv3 Function Commands to configure SNMPv3 function Status of the completion of SNMPv3 configuration Crypto Officer Account management Command to create user account The status of the new user accounts 19 Role Service Input Output Crypto Officer Show Version Command to show version Module’s name and versioning information Crypto Officer Show Status Command to get the status of the module Module’s current status information Crypto Officer Port Configuration Management Commands to configure the port parameters of switch/router Port configuration completion status information Crypto Officer Run SSHv2 Function Initiate SSHv2 tunnel establishment request Status of SSHv2 tunnel establishment Crypto Officer Run SSL over TLSv1.1/1.2 Function Initiate SSL over TLSv1.1/1.2 tunnel establishment request Status of TLSv1.1/1.2 tunnel establishment Crypto Officer Run SNMPv3 Function Initiate SNMPv3 tunnel establishment request Status of SNMPv3 tunnel establishment Table 6 - Roles, Service Commands, Input and Output (Crypto Officer role) Role Service Input Output User Show Version Command to show version Module’s name and versioning information User Show Status Command to get the status of the module Module’s current status information User User Authentication User role authentication request Status of the User role authentication User Run SSHv2 Function Initiate SSHv2 tunnel establishment request Status of SSHv2 tunnel establishment Table 7 - Roles, Service Commands, Input and Output (User role) Role Service Input Output Port Config Admin Show Version Command to show version Module’s name and versioning information Port Config Admin Show Status Command to get the status of the module Module’s current status information Port Config Admin Port Config Admin Authentication Port Config Admin role authentication request Status of the Port Config Admin role authentication Port Config Admin Port Configuration Management Commands to configure the port parameters of switch/router Port configuration completion status information Port Config Admin Run SSHv2 Function Initiate SSHv2 tunnel establishment request Status of SSHv2 tunnel establishment Table 8 - Roles, Service Commands, Input and Output (Port Config Admin role) Role Authentication Method Authentication Strength Crypto Officer, User, Port Config Admin Password-based authentication The minimum length is eight (8) characters (94 possible characters). The probability that a random attempt will succeed or a false acceptance will occur is 1/(948 ) which is less than 1/1,000,000. The probability of successfully authenticating to the module within one minute is 10/(948 ), which is less than 1/100,000. The configuration supports at most ten failed attempts to authenticate in a one-minute period. This calculation is based on the assumption that the typical standard American QWERTY computer keyboard has 10 Integer digits, 52 alphabetic characters, and 32 special characters providing 94 characters to choose from in total Crypto Officer, User, Port Config Admin RSA-based authentication RSA key pair has modulus size of 2048 bits, thus providing 112 bits of strength, which means an attacker would have a 1 in 2112 chance of randomly obtaining the key, which is much stronger than the one in a million chances required by FIPS 140-3. To exceed a one in 100,000 probability of a successful random key guess in one minute, an attacker would have to be capable of approximately 20 8.65x10^31 (2112 /60 = 8.65 x 1031) attempts per second, which is less than 1/100,000 Crypto Officer, User, Port Config Admin ECDSA-based authentication When configuring the smallest curve P-256, the probability that a random attempt will succeed, or a false acceptance will occur is 1/2^128, which is less than 1/1,000,000. 256 attempts are allowed in a one-minute period. Therefore, the probability of a random success in a one-minute period is 256/2^128, which is less than 1/100,000 Table 9 – Roles and Authentication Service Description Approved Security Functions Keys and/or SSPs Roles Access rights to Keys and/or SSPs Indicator Perform Self- test The module runs pre-operational self-tests and conditional algorithm Self- tests (CASTs) N/A N/A Crypto Officer N/A Self-test completion message Perform Zeroization Zeroize service destroys all SSPs in the module N/A ALL Crypto Officer Z Zeroize completion message Update Firmware The module’s firmware is updated to a new version RSA SigVer Firmware Load Test Key Crypto Officer E Global indicator and Firmware update completion message Show Status Provide module’s name and current status information N/A N/A Crypto Officer, User R N/A Show Version Provide modules version information N/A N/A Crypto Officer, User R N/A CO Authentication CO role authentication N/A Crypto Officer Password Crypto Officer G, R, W, E N/A User Authentication User role authentication N/A User Password User G, R, W, E N/A Port Config Admin Authentication Port Config Admin role authentication N/A Port Config Admin Password Port Config Admin G, R, W, E N/A Configure SSHv2 Function Configure SSHv2 Function AES-CBC, AES-CTR, CKG, CTR_DRBG, KDF SSH, HMAC-SHA- 1, HMAC- SHA2-256 KAS-ECC- SSC, KAS (ECC), KAS-FFC- SSC, KAS (FFC), KTS, DRBG Entropy Input, DRBG Seed, DRBG Internal State V value, DRBG Key, SSH ECDSA Private Key, SSH ECDSA Public Key, SSH RSA Private Key, SSH RSA Public Key, SSH DH Private Key, SSH DH Public Key, SSH DH Shared Secret Key, SSH ECDH Private Key, SSH ECDH Public Key, SSH ECDH Shared Secret Key, Crypto Officer R, W, G Global indicator and SSH connection success log message 21 Service Description Approved Security Functions Keys and/or SSPs Roles Access rights to Keys and/or SSPs Indicator ECDSA KeyGen, ECDSA SigGen, ECDSA SigVer, RSA KeyGen, RSA SigGen, RSA SigVer, Safe Primes KeyGen SSH Session Encryption Key, SSH Session Integrity Key Configure SSL over TLSv1.1/1.2 Function Configure TLSv1.1/1.2 Function AES-ECB, AES-CBC, AES-GCM, CKG, CTR_DRBG, KDF TLS, HMAC-SHA- 1, HMAC- SHA2-256, HMAC- SHA2-384, KAS-ECC- SSC, KAS (ECC), KAS-FFC- SSC, KAS (FFC), KTS, ECDSA KeyGen, ECDSA SigGen, ECDSA SigVer, RSA KeyGen, RSA SigGen, RSA SigVer, Safe Primes KeyGen DRBG Entropy Input, DRBG Seed, DRBG Internal State V value, DRBG Key, TLS ECDSA Private Key, TLS ECDSA Public Key, TLS RSA Private Key, TLS RSA Public Key, TLS DH Private Key, TLS DH Public key, TLS DH Shared Secret, TLS ECDH Private Key, TLS ECDH Public key, TLS ECDH Shared Secret, TLS Pre-Master Secret, TLS Master Secret, TLS Session Encryption Key, TLS Session Integrity Key Crypto Officer R, W, G Global indicator and TLS connection success log message Configure SNMPv3 Function Configure SNMPv3 Function AES- CFB128, KDF SNMP, HMAC-SHA- 1, HMAC- SHA2-256, HMAC- SHA2-384 SNMPv3 User Authentication Secret, SNMPv3 Session Encryption Key, SNMPv3 Session Integrity Key Crypto Officer R, W, G Global indicator and SNMPv3 connection success log message Port Configuration Management Perform Port Configuration N/A Crypto Officer Password, Port Config Admin Password Crypto Officer, Port Config Admin R, E N/A Account management Account Creation N/A Crypto Officer Password, User Password, Crypto Officer W N/A 22 Service Description Approved Security Functions Keys and/or SSPs Roles Access rights to Keys and/or SSPs Indicator Port Config Admin Password Run SSHv2 Function Negotiation and encrypted data transport via SSH AES-CBC, AES-CTR, CKG, CTR_DRBG, KDF SSH, HMAC-SHA- 1, HMAC- SHA2-256, KAS-ECC- SSC, KAS (ECC), KAS-FFC- SSC, KAS (FFC), KTS, ECDSA KeyGen, ECDSA SigGen, ECDSA SigVer, RSA KeyGen, RSA SigGen, RSA SigVer, Safe Primes KeyGen DRBG Entropy Input, DRBG Seed, DRBG Internal State V value, DRBG Key, SSH ECDSA Private Key, SSH ECDSA Public Key, SSH RSA Private Key, SSH RSA Public Key, SSH DH Private Key, SSH DH Public Key, SSH DH Shared Secret Key, SSH ECDH Private Key, SSH ECDH Public Key, SSH ECDH Shared Secret Key, SSH Session Encryption Key, SSH Session Integrity Key Crypto Officer, User, Port Config Admin R, E Global indicator and SSH connection success log message Run SSL over TLSv1.1/1.2 Function Negotiation and encrypted data transport via SSL (TLSv1.1/1.2) AES-ECB, AES-CBC, AES-GCM, CKG, CTR_DRBG, KDF TLS, HMAC-SHA- 1, HMAC- SHA2-256, HMAC- SHA2-384, KAS-ECC- SSC, KAS (ECC), KAS-FFC- SSC, KAS (FFC), KTS, ECDSA KeyGen, ECDSA SigGen, ECDSA SigVer, RSA KeyGen, RSA SigGen, DRBG Entropy Input, DRBG Seed, DRBG Internal State V value, DRBG Key, TLS ECDSA Private Key, TLS ECDSA Public Key, TLS RSA Private Key, TLS RSA Public Key, TLS DH Private Key, TLS DH Public key, TLS DH Shared Secret, TLS ECDH Private Key, TLS ECDH Public key, TLS ECDH Shared Secret, TLS Pre-Master Secret, TLS Master Secret, TLS Session Encryption Key, TLS Session Integrity Key Crypto Officer R, E Global indicator and TLS connection success log message 23 Service Description Approved Security Functions Keys and/or SSPs Roles Access rights to Keys and/or SSPs Indicator RSA SigVer, Safe Primes KeyGen Run SNMPv3 Function Negotiation and encrypted data transport via SNMPv3 AES- CFB128, KDF SNMP, HMAC-SHA- 1, HMAC- SHA2-256, HMAC- SHA2-384 SNMPv3 User, Authentication Secret, SNMPv3 Session Encryption Key, SNMPv3 Session Integrity Key Crypto Officer R, E Global indicator and SNMPv3 connection success log message Table 10 - Approved Services G = Generate: The module generates or derives the SSP R = Read: The SSP is read from the module (e.g. the SSP is output) W = Write: The SSP is updated, imported, or written to the module E = Execute: The module uses the SSP in performing a cryptographic operation Z = Zeroise: The module zeroises the SSP 5. Software/Firmware Security Integrity Techniques The module performs the Firmware Integrity tests by using CRC-32 during the Pre-Operational Self-Test. At Module’s initialization, the integrity of the runtime executable binary file is verified using the following two integrity check mechanisms to ensure that the module has not been tampered: • Bootloader Integrity Test (CRC-32) • Firmware Integrity Test (CRC-32) If at the load time the CRC-32 value does not match the stored, known CRC-32 value, the module would enter to an Error state with all crypto functionality inhibited. In addition, the module also supports the firmware load test by using RSA 2048 bits with SHA2- 256 (RSA Cert. #A2345) for the new validated firmware to be uploaded into the module. A Firmware Load Test Key was preloaded to the module’s binary at the binary the factory and used for firmware load test. In order to load new firmware, the Crypto Officer must authenticate into the module before loading any firmware. This ensures that unauthorized access and use of the module is not performed. The module will load the new update upon reboot. The update attempt will be rejected if the verification fails. Integrity Test On-Demand Integrity test is performed as part of the Pre-Operational Self-Tests. It is automatically executed at power-on. The operator can power-cycle or reboot the module to initiate the firmware integrity test 24 on-demand. This automatically performs the integrity test of all firmware components included within the boundary of the module. 6. Operational Environment The module is a hardware module. The module’s operational environment is limited as the modules include a firmware load service to support necessary updates. New firmware versions within the scope of this validation must be FIPS 140-3 validated through the CMVP. Any other firmware loaded into these modules is out of the scope of this validation and requires a separate FIPS 140-3 validation. The module’s firmware version running on each model is IronWare OS 09.0.10. 7. Physical Security The module is a multi-chip standalone hardware cryptographic module. The module meets the FIPS 140-3 Level 1 security requirements as production grade equipment. 8. Non-Invasive Security No approved non-invasive attack mitigation test metrics are defined at this time. 9. Sensitive Security Parameter Management Key/SSP Name/Type Strength Security Function and Cert Number Generation Import/ Export Establis hment Storage Zeroization Use & related Keys DRBG Entropy Input 384 bits N/A Generated from noise source Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used to seed the DRBG DRBG Seed 256 bits DRBG Cert. #A2345 Internally Derived from entropy input string as defined by SP800-90Arev1 Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used DRBG generation DRBG Internal State V value 256 bits DRBG Cert. #A2345 Internally Derived from entropy input string as defined by SP800-90Arev1 Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used DRBG generation DRBG Key 256 bits DRBG Cert. #A2345 Internally Derived from entropy input string as defined by SP800-90Arev1 Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used DRBG generation Port Config Admin Password 8 to 60 Characters N/A N/A Import: Encrypted by SSH session key Export: No MD/EE Flash (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for Port Config Admin authentication Crypto Officer Password 8 to 60 Characters N/A N/A Import: Encrypted by SSH session key MD/EE Flash (plaintext) Zeroized by SSP (CSP/PSP) Used for Crypto Officer authentication 25 Key/SSP Name/Type Strength Security Function and Cert Number Generation Import/ Export Establis hment Storage Zeroization Use & related Keys Export: No Zeroization Command User Password 8 to 60 Characters N/A N/A Import: Encrypted by SSH session key Export: No MD/EE Flash (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for User authentication RADIUS Secret 8 to 64 Characters N/A N/A Import: Encrypted by SSH session key Export: No MD/EE Flash (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for RADIUS Server authentication SSH ECDSA Private Key P-256, P- 384 CKG, DRBG, ECDSA KeyGen, ECDSA SigGen Cert. #A2345 Internally generated conformant to SP800-133r2 (CKG) using FIPS 186-4 ECDSA key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG Import: No Export: No N/A Flash (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for SSH authentication SSH ECDSA Public Key P-256, P- 384 ECDSA SigVer Cert #A2345 Internally derived per the FIPS 186-4 ECDSA key generation method Import: No Export: to SSH peer application N/A Flash (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for SSH authentication SSH RSA Private Key 2048 bits CKG, DRBG, RSA KeyGen, RSA SigGen Cert. #A2345 Internally generated conformant to SP800-133r2 (CKG) using FIPS 186-4 RSA key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG Import: No Export: No N/A Flash (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for SSH authentication SSH RSA Public Key 2048 bits RSA SigVer Cert #A2345 Internally derived per the FIPS 186-4 RSA key generation method Import: No Export: to SSH peer application N/A Flash (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for SSH authentication SSH DH Private Key MODP- 2048, MODP- 4096, MODP- 8192 CKG, DRBG, KAS-FFC-SSC Cert. #A2345 Internally generated. conformant to SP800-133r2 (CKG) using SP800-56Arev3 Diffie-Hellman key generation method, and the random value used in key generation is generated using SP800-90Arev1 Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used to derive SSH DH Shared secret 26 Key/SSP Name/Type Strength Security Function and Cert Number Generation Import/ Export Establis hment Storage Zeroization Use & related Keys DRBG SSH DH Public Key MODP- 2048, MODP- 4096, MODP- 8192 KAS-FFC-SSC Cert. #A2345 Internally derived internally per the Diffie-Hellman key agreement (SP800-56Arev3) Import: No Export: to SSH peer application N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used to derive SSH DH Shared secret SSH DH Shared Secret MODP- 2048, MODP- 4096, MODP- 8192 KAS-FFC-SSC Cert. #A2345 Internally derived using SP800-56A rev3 EC Diffie-Hellman shared secret computation Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used to derive SSH Session Encryption Key, SSH Session Integrity Key SSH ECDH Private Key P-256, P-384, P-521 CKG, DRBG, KAS-ECC-SSC Cert. #A2345 Internally generated. conformant to SP800-133r2 (CKG) using SP800-56Arev3 EC Diffie-Hellman key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used to derive SSH ECDH Shared secret SSH ECDH Public Key P-256, P-384, P-521 KAS-ECC-SSC Cert. #A2345 Internally derived internally per the EC Diffie-Hellman key agreement (SP800-56Arev3) Import: No Export: to SSH peer application N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used to derive SSH ECDH Shared secret SSH ECDH Shared Secret P-256, P-384, P-521 KAS-ECC-SSC Cert. #A2345 Internally derived using SP800-56A rev3 EC Diffie-Hellman shared secret computation Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used to derive SSH Session Encryption Key SSH Session Integrity Key SSH Session Encryption Key 128, 256 bits AES-CTR, KDF SSH, KTS Cert. #A2345 Internally derived via key derivation function defined in SP800-135rev1 KDF (SSHv2) Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for SSH session confidentiality protection SSH Session Integrity Key At least 160 bits HMAC-SHA-1, HMAC-SHA2- 256, KDF SSH Cert. #A2345 Internally derived via key derivation function defined in SP800-135rev1 KDF (SSHv2) Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for SSH session integrity protection SNMPv3 User Authenticati on Secret 8 to 20 characters N/A Please see Establishment Import: Encrypted by SSH session key Export: No MD/EE Flash (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command SNMPv3 User Authentication SNMPv3 Session Encryption Key 128 bits AES-CFB128, KDF SNMP Cert. #A2345 Internally derived via key derivation function defined in SP800-135rev1 KDF (SNMPv3) Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for SNMPV3 session confidentiality protection 27 Key/SSP Name/Type Strength Security Function and Cert Number Generation Import/ Export Establis hment Storage Zeroization Use & related Keys SNMPv3 Session Integrity Key At least 160 bits HMAC-SHA-1, KDF SNMP Cert. #A2345 Internally derived via key derivation function defined in SP800-135rev1 KDF (SNMPv3) Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for SNMPv3 session integrity protection TLS ECDSA Private Key P-256, P- 384 CKG, DRBG, ECDSA KeyGen, ECDSA SigGen Cert. #A2345 Internally generated conformant to SP800-133r2 (CKG) using FIPS 186-4 ECDSA key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG Import: No Export: No N/A Flash (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for TLS authentication TLS ECDSA Public Key P-256, P- 384 ECDSA SigVer Cert. #A2345 Internally derived per the FIPS 186-4 ECDSA key generation method Import: No Export: to TLS peer application N/A Flash (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for TLS authentication TLS RSA Private Key 2048 bits CKG, DRBG, RSA KeyGen, RSA SigGen Cert. #A2345 Internally generated conformant to SP800-133r2 (CKG) using FIPS 186-4 RSA key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG Import: No Export: No N/A Flash (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for TLS authentication TLS RSA Public Key 2048 bits RSA SigVer Cert. #A2345 Internally derived per the FIPS 186-4 RSA key generation method Import: No Export: to TLS peer application N/A Flash (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for TLS authentication TLS DH Private Key MODP- 2048 CKG, DRBG, KAS-FFC-SSC Cert. #A2345 Internally generated. conformant to SP800-133r2 (CKG) using SP800-56Arev3 Diffie-Hellman key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used to derive TLS DH Shared secret TLS DH Public Key MODP- 2048 KAS-FFC-SSC Cert. #A2345 Internally derived internally per the Import: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Used to derive TLS DH Shared secret 28 Key/SSP Name/Type Strength Security Function and Cert Number Generation Import/ Export Establis hment Storage Zeroization Use & related Keys Diffie-Hellman key agreement (SP800-56Arev3) Export: to TLS peer application Zeroization Command TLS DH Shared Secret MODP- 2048 KAS-FFC-SSC Cert. #A2345 Internally derived using SP800-56A rev3 Diffie-Hellman shared secret computation Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used to derive TLS Session Encryption Key, TLS Session Integrity Key TLS ECDH Private Key P-256, P- 384 CKG, DRBG, KAS-ECC-SSC Cert. #A2345 Internally generated. conformant to SP800-133r2 (CKG) using SP800-56Arev3 EC Diffie-Hellman key generation method, and the random value used in key generation is generated using SP800-90Arev1 DRBG Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used to derive TLS ECDH Shared Secret TLS ECDH Public key P-256, P- 384 KAS-ECC-SSC Cert. #A2345 Internally derived internally per the EC Diffie-Hellman key agreement (SP800-56Arev3) Import: No Export: to TLS peer application N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used to derive TLS ECDH Shared secret TLS ECDH Shared Secret P-256, P- 384 KAS-ECC-SSC Cert. #A2345 Internally derived using SP800-56A rev3 EC Diffie-Hellman shared secret computation Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used to derive TLS Session Encryption Key, TLS Session Integrity Key TLS Pre- Master Secret 256 bits N/A Internally derived via key derivation function defined in SP800-135rev1 KDF (TLSv1.1/1.2) Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used to derive TLS Session Encryption Key, TLS Session Integrity Key TLS Master Secret 48 bytes N/A Internally derived via key derivation function defined in SP800-135rev1 KDF (TLSv1.1/1.2) Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command TLS pre master secret, TLS Encryption Key TLS Session Integrity Key TLS Session Encryption Key 128 or 256 bits AES-ECB, AES-CBC, AES-GCM, KDF TLS, KTS Cert. #A2345 Internally derived via key derivation function defined in SP800-135 rev1 KDF TLSv1.1/1.2 KDF Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for TLS session confidentiality protection TLS Session Integrity Key At least 160 bits KDF TLS HMAC-SHA2- 256, HMAC-SHA2- 384 Cert. #A2345 Internally derived via key derivation function defined in SP800-135 rev1 KDF TLSv1.1/1.2 Import: No Export: No N/A DRAM (plaintext) Zeroized by SSP (CSP/PSP) Zeroization Command Used for TLS session integrity protection 29 Key/SSP Name/Type Strength Security Function and Cert Number Generation Import/ Export Establis hment Storage Zeroization Use & related Keys Firmware Load Test Key 2048 bits RSA SigVer, SHA2-256 Cert. #A2345 Pre-loaded at the factory (in the module’s executable binary) N/A N/A Flash (Plaintext) N/A User for Firmware load test Table 11 - SSPs Notes: 1. The module uses procedural zeroization to explicitly zeroize all SSPs listed in Table 11. 2. The zeroization operations shall be performed under the control of the CO role by using the CLI command “fips zeroize all”. 3. To initiate zeroization, see Section End of Life / Sanitization in this document for more details. 4. The zeroized SSPs cannot be retrieved or reused. Once the command is initiated, the SSPs are overwritten with 0s. RBG Entropy Source Entropy sources Minimum number of bits of entropy Details ENT (NP) Periodic sampling of the high- precision CPU clock within the ARM CPU is the only single entropy source used to seed the SP800-90Arev1 DRBG (DRBG Cert. #A2345) 256 bits The system tick clock/register as the single entropy source to provide the sufficient entropy to seed the SP800-90Arev1 DRBG (DRBG Cert. #A2345). The entropy source was directly used to seed the DRBG without the entropy conditioning process. Please refer to entropy report for details Table 12 – Non-Deterministic Random Number Generation Specification 10. Self-Tests The modules perform the following self-tests, including the pre-operational self-tests and conditional self-tests. The module runs all self-tests without operator intervention. In the event that a self-test fails, the module will enter an error state, output an error message and follow up with a module reboot. The module permits operators to initiate the pre-operational or conditional self-tests on demand for periodic testing of the module by rebooting the system (i.e., power-cycling). Pre-Operational Self-Tests • Pre-Operational Firmware Integrity Tests ▪ BootLoader Integrity Test (CRC-32) ▪ Firmware Integrity Test (CRC-32) • No Pre-Operational Bypass Test • No Pre-Operational Critical Functions Test 30 Conditional Self-Tests • Conditional Cryptographic Algorithm Tests o AES-CBC 128 bits encryption KAT o AES-CBC 128 bits decryption KAT o AES-GCM 128 bits authenticated encryption KAT o AES-GCM 128 bits authenticated decryption KAT o CTR_DRBG Instantiate KAT o CTR_DRBG Generate KAT o CTR_DRBG Reseed KAT Note: DRBG Health Tests as specified in SP800-90Arev1 Section 11.3 are performed o ECDSA P-256 with SHA2-256 SigGen KAT o ECDSA P-256 with SHA2-256 SigVer KAT o HMAC-SHA-1 KAT o HMAC-SHA2-256 KAT o HMAC-SHA2-384 KAT o KAS-FFC-SSC Primitive KAT o KAS-ECC-SSC Primitive KAT o RSA 2048 bits modulus with SHA2-256 SigGen KAT o RSA 2048 bits modulus with SHA2-256 SigVer KAT o SHA-1 KAT o SHA2-256 KAT o SHA2-384 KAT o KDF SSH KAT o KDF SNMP KAT o KDF TLS KAT o SP800-90B Entropy Source start-up health tests: ▪ Repetition Count Test (RCT) ▪ Adaptive Proportion Test (APT) o SP800-90B Entropy Source Continuous Health Tests: ▪ Repetition Count Test (RCT) ▪ Adaptive Proportion Test (APT) • Conditional Pair-Wise Consistency Tests o RSA PCT o ECDSA PCT o KAS (ECC) PCT o KAS (FFC) PCT • Conditional Firmware Load Test o Firmware Load Test (RSA 2048 bits modulus with SHA2-256) • No Conditional Manual Entry Test • No Conditional Bypass Test • No Conditional Critical Function Test 31 Error Handling If any of the above-mentioned self-tests fail, the module reports the cause of the error and enters an error state. In the Error State, no cryptographic services are provided, and data output is prohibited. The only method to recover from the error state is to reboot the module and reperforming the self- tests, including the pre-operational software integrity test and the conditional CASTs. The module will only enter into the operational state after successfully passing the pre-operational firmware integrity test and the conditional CASTs. The table below shows the different causes that lead to the Error State and the status indicators reported. Cause of Error Error State Indicator Pre-operational Firmware Integrity Test Fails FIPS: Crypto module POST Failed Conditional CAST Fails FIPS Fatal Cryptographic Module Failure. Reason: Conditional PCT Fails Pairwise consistency check failed Firmware Load Test Fails FIPS: Firmware Integrity Test: Package Checksum Verification: FAIL Table 13 – Error State Indicators Periodic Self-Tests The module permits operators to initiate the pre-operational or conditional self-tests on demand for periodic testing of the module by rebooting the system (i.e., power-cycling). The full suite of self- tests is then executed. The same procedure may be employed by the operator to perform periodic self-tests. In addition, the Crypto Officer shall perform the periodic test on demand no more than 10 days to ensure all components are functioning correctly. 11. Life-Cycle Assurance The module is designed to handle the various stages of a module’s life-cycle. The sections below highlight the details for each stage. Secure Operation The module meets all the Level 1 requirements for FIPS 140-3. Follow the secure operations provided below to place the module in approved mode. Operating this module without maintaining the following settings will remove the module from the approved mode of operation. The module runs firmware version IronWare OS 09.0.10. This is the only allowable firmware image for this current approved mode of operation. The Crypto Officer shall load the FIPS 140-3 validated firmware only to maintain validation. The module is initiated into the approved mode of operation via the following procedures through the Command Line interface (CLI). 1. The Crypto Officer must login by using the default login password. 32 2. The Crypto Officer shall replace the default login password with a new one upon the first- time authentication. 3. The Crypto Officer shall create the account for Port Config Admin role and User role respectively. 4. Enter into the configuration mode by using ‘conf t’ command. 5. Configure SSH, TLS, and SNMPv3 services by using only approved algorithms listed in Table 3 and 4 above. 6. If using RADIUS server for roles authentication, please configure a secure TLS tunnel to secure traffic between the module and the RADIUS server. The RADIUS shared secret must be at least 8 characters long 7. Disable the TFTP server. 8. Ensure that installed digital certificates are signed using approved algorithms. 9. Save the configuration. 10. Reload the module. 11. Verify the approved mode by using command ‘fips show’ (This command outputs the module’s status. After the approved mode was enabled, the output would be “approved mode: Administrative status ON”). 12. The Crypto Officer shall load the FIPS 140-3 validated firmware only to maintain validation. Once the module has completed initialization into the approved mode of operation, it would reject any non-approved algorithms or security functions automatically, and output an error message accordingly. End of Life / Sanitization Crypto Officers should follow the procedure below for the secure destruction of their module. 1. Access the module via SSH with Crypto Officer 2. Authenticate using proper credentials 3. Execute command: “fips zeroize all” a. Confirm command 4. Module will begin zeroization process and wipe all security parameters and configurations Please note that this process will cause the module to no longer function after it has wiped all configurations and keys. 12. Mitigation of Other Attacks This module is not designed to mitigate against any other attacks outside of the FIPS 140-3 scope. 33 I. Terms and Definitions Term Meaning FIPS Federal Information Processing Standard Approved mode Device actively running in FIPS 140-3 compliant manner CC Common Criteria HMAC Keyed-Hash Message Authentication Code (RFC2104) JITC Joint Interoperability Test Command POST Power-on Self-Test PKI Public Key Infrastructure PSK Pre-shared Key RSA Rivest, Shamir and Aldeman Public/Private Key RNG Random Number Generator SSL Secure SocKey Layer, used in HTTPS protocol for payload encryption TLS Transport Layer Security, successor to SSL, used in HTTPS protocol for payload encryption KAT Known Answer Test DSS Digital Signature Standard DSA Digital Signature Algorithm, proposed by NIST in 1991 for FIPS 186-x DES Data Encryption Standard (single DES should not be used see TDEA) NDPP Network Devices Protection Profile DRBG Deterministic Random Bits Generator CAVS Cryptographic Algorithm Validation System ACVP Automated Cryptographic Validation Program NDcPP Network Device collaborative protection profile JITC Joint Interoperability Test Command