PCMCIA and Compact Flash Interface for MC9328MX1 and MC9328MXL
SEL-3044 Security Policy - CSRC · 3.3 Security Modes of 4.1 FIPS Ap ... ..... 19 ..... 20 ... 44...
Transcript of SEL-3044 Security Policy - CSRC · 3.3 Security Modes of 4.1 FIPS Ap ... ..... 19 ..... 20 ... 44...
SEL-3044 Security Policy
Schweitzer Engineering Laboratories, Inc. Version: 2.0
Copyright 2009-2013 Schweitzer Engineering Laboratories, Inc. May be reproduced only in its original entirety [without revision].
SE
C1 2 3
4
5
6
7
8 9 10
11
EL-3044 Sec
ontentsDefinitionReferenceModule O
3.1 SEP ......3.2 SEAP....3.3 Security
Modes of4.1 FIPS Ap4.2 Approv
Ports and5.1 Physica5.2 Logical
Identifica6.1 Assump
Access Co7.1 Roles a7.2 Definiti7.3 Definiti7.4 Definiti
OperationSecurity R
0 Physical S10.1 Phys10.2 Ope
1 Mitigatio
curity Policy
ns and Acronyes .................Overview ....................................................y Level ............f Operation ..pproved Mode ved and Allowed Interfaces ..al Ports ...........Ports .............
ation and Authption of Roles .ontrol Policy .nd Services ....ion of Critical Sion of Public Keion of CSPs Monal EnvironmRules ............Security Policysical Security Mrator Requiredn of Other At
y
yms ..................................................................................................................................................of Operation ..d Algorithms .....................................................................hentication P...................................................................Security Parameys ..................odes of Access .ent ....................................y ...................Mechanisms ....d Actions .........ttacks Policy .
.....................
.....................
.....................
.......................
.......................
.......................
.....................
.......................
.......................
.....................
.......................
.......................Policy ................................................................................
meters (CSPs) ....................................................................................................................................................................................
......................
......................
......................
........................
........................
........................
......................
........................
........................
......................
........................
........................
......................
........................
......................
........................
........................
........................
........................
......................
......................
......................
........................
........................
......................
.....................
.....................
.....................
.......................
.......................
.......................
.....................
.......................
.......................
.....................
.......................
.......................
.....................
.......................
.....................
.......................
.......................
.......................
.......................
.....................
.....................
.....................
.......................
.......................
.....................
SEL-30
.....................
.....................
.....................
.......................
.......................
.......................
.....................
.......................
.......................
.....................
.......................
.......................
.....................
.......................
.....................
.......................
.......................
.......................
.......................
.....................
.....................
.....................
.......................
.......................
.....................
044 Security
Page
......................
......................
........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
y Policy
2 of 20
.......... 4
.......... 4
.......... 4 ........... 6 ........... 6 ........... 6 .......... 7 ........... 7 ........... 7 .......... 8 ........... 8 ........... 9 ........ 12 ......... 12 ........ 14 ......... 14 ......... 15 ......... 16 ......... 16 ........ 18 ........ 18 ........ 19 ......... 19 ......... 20 ........ 20
SE
TTaTaTaTaTaTaTaTaTaTaTaTaTa
FFiFiFiFi
EL-3044 Sec
Tablesable 1: Moduable 2: FIPS Aable 3: FIPS Aable 4: Non‐Cable 5: Physicable 6: Logicaable 7: Geminable 8: Roles .able 9: Identitable 10: Rolesable 11: CSPs able 12: Publiable 13: CSP A
iguresgure 1: Imagegure 2: Pointgure 3: Pointgure 4: Modu
curity Policy
le Security LeApproved AlgoAllowed AlgorCallable Functcal Ports ........al Ports .........ni Pins and FIP.....................ty Authenticas and Service ....................ic Keys ..........Access Rights
e of the Cryptto Point Netwto Multipoinule Block Diag
y
evel Specificatorithms Used ithms Used intions Present ..........................................PS 140‐2 Port.....................ation MechanMatrix ................................................... within Roles
tographic Mowork ............nt Network ....gram .............
tion...............in Current Mn Current Moin Current M..........................................ts and Interfa.....................nism ............................................................................. & Services ...
odule ............................................................................
......................Module ...........dule ..............odule .......................................................ces....................................................................................................................................................
......................
......................
......................
......................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
SEL-30
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
.....................
044 Security
Page
......................
......................
......................
......................
......................
......................
......................
......................
......................
......................
......................
......................
......................
......................
......................
......................
......................
y Policy
3 of 20
.......... 6
.......... 7
.......... 8
.......... 8
.......... 9
.......... 9
........ 10
........ 12
........ 13
........ 14
........ 15
........ 16
........ 16
.......... 5
.......... 5
.......... 6
.......... 9
SE
1A
SC
SE
SE
U
2“S
3Thmcacr
Thdapr
ThelTmprchco
Th
H
Fi
EL-3044 Sec
DefiniABI – Asynch
CADA - Sup
EAP – SEL
EP – SEL En
USB – Unive
2 RefereSEL Encrypt
3 Moduhe Schweitz
multi-chip staase. The crryptographic
he module iata on a parotect the da
he SEL-304lectric poweerminal Uni
malicious attrotection (e.hannel (e.g. ommunicate
he configura
Hardware: v1
irmware: R1
curity Policy
itions anhronous Bus
pervisory Co
Encryption
ncryption Pr
rsal Serial B
ences tion Protoco
le Overvzer Engineerandalone cryryptographicc boundary.
is a cryptograrticular comata in transit.
44 is designer revenue its (RTU), aack. The mg. the SCADa modem cwith a remo
ation of hard
.0
101, R103
y
nd Acrons Interface
ontrol And D
and Authent
rotocol
Bus
ol Specificati
view ring Labora
yptographic m boundary
raphic protocmmunication
ned to protemeters, proand SCADA
module proviDA unit, RTonnected to
ote module t
dware and fir
nyms
Data Acquisi
tication Prot
ion”
atories, Inc. module encais the entir
col daughtern network. T
ct devices ttective relay
A equipmentides a plainTU, or a co a leased pho provide a s
rmware for t
ition
tocol
SEL-3044 (ased in a harre module.
r card designThe SEL-30
that send anys, Programt from unauntext port tomputer). Th
hone line or secure chann
this validatio
(hereafter rerd, opaque, No compo
ned to resid044 implem
nd receive cmming Logiuthorized aco connect the cryptotexr network conel over an i
on is:
SEL-30
eferred to astamper evid
onents are e
de in a host dments the SE
critical, sensic Controllecess, contro
to a device xt port conneonnection deinsecure netw
044 Security
Page
s the moduldent PCMCIAexcluded fro
device to secEP specifica
sitive data srs (PLC), R
ol, monitorinthat require
ects to a disevice) wherework.
y Policy
4 of 20
le) is a A style om the
cure its ation to
such as Remote ng, and es data strusted e it can
SE
EL-3044 Seccurity Policyy
Figure
Clie
e 1: Image of t
SEL-3044Local
SER
ent
Figure 2: Poin
he Cryptogra
EL-3044Remote
M
Modem
nt to Point Ne
aphic Module
Modem
m
etwork
SEL-30
044 Security
Page
y Policy
5 of 20
SE
3.Thsyesthmusan
3.
ThauCnacodupaprprtr
3.Th
EL-3044 Sec
.1 SEP he SEL Encymmetric kestablished whe session ke
message withsing AES CTnd create uni
.2 SEAP
he SEAP prouthentication
CSPs) and vieame, and pasonfidentialityuring the sesassword are rivileges. Serovide confidansported en
.3 Securityhe cryptogra
curity Policy
ryption Proty cryptograp
with a remoteeys. Under a hin a SEP fraTR mode. Aiqueness for
otocol securn. SEAP alloew status. Eassword. They during the ssion negotiasecurely pro
ession encrypdentiality anncrypted usin
y Level aphic modul
y
Client
SEL-3044Remote
Fig
tocol (SEP) sphy. The mo module usinsession, fram
ame. The ses sequence nu
r each frame
res the operaows operatorach operatorse parametesession neg
ation processovided to theption and autnd authenticing AES CBC
e meets the oTable
Security Re
Distruste
SEL-3044Local
gure 3: Point t
secures seriaodule uses SEng the AES mes within tsion key of tumber, contawithin the s
ator communrs to securelyr has a static rs uniquely i
gotiation procs. During thee module to athentication ity of each frC and the op
overall requ1: Module Se
equirements
ed Network
SEL-Rem
to Multipoint
al control sysEP to commkey wrap methe network the messageained in the
session.
nication chany log into theAES encrypidentify eachcess. The aue session negauthenticatekeys are tra
rame for the perator’s AE
irements appecurity Level S
s Section
-3044mote
Network
stem commumunicate with
ethod and a are secured
e recipient is header, prot
nnel with stre module to ption key, Hh operator. T
uthenticationgotiation pro
e the operatoansported by
remainder oES encryption
plicable to LSpecification
Lev
SEL-30
SEL-3044Remote
unication thrh remote mostatic systemby encapsulused to encr
tect against m
ong messageinput configMAC authen
The encryptin key provideocess, the usr and assignthe module
of the sessionn key.
Level 2 secur
vel
044 Security
Page
rough the usdules. Sessio
m key to tranlating the orirypt the paymessage rep
e encryptionguration itemntication keyion key proves authenticaser name andn appropriate
and are usedn. These key
rity of FIPS
y Policy
6 of 20
e of ons are nsport iginal load lays
n and ms (e.g. y, user
vides ation d e access d to ys are
140-2.
SE
44.Ththinnuinve
4.Th
EL-3044 Sec
4 Modes.1 FIPS Ahe module o
his documennitialization. umber matchnspect the mersions listed
.2 Approvhe cryptogra
FIPS ApAES Modes: E
SHS Modes: SDSA Modes: SRNG Modes: FHMAC Modes: S
curity Policy
s of OpeApproved Moonly provident. The moThe view st
hes one of thmodule label d in this docu
ed and Allowaphic modul
T
pproved Alg
ECB, CBC,
SHA-1, SHA
Signature Ve
FIPS 186-2 G
SHA1, SHA-
y
CryptographModule PortRoles, ServiFinite State Physical SecOperational CryptographEMI/EMC Self-Tests Design AssuMitigation o
eration ode of Operaes a FIPS Aodule will tatus commahe FIPS appr
to verify thument.
wed Algorithe supports th
Table 2: FIPS
gorithm
CTR (Key S
A-256
erification (M
General Purp
-256 (Key S
hic Module Sts and Interfices and AutModel curity Environmen
hic Key Man
urance of Other Atta
ation Approved mo
enter FIPSand can be uroved firmwhe hardware
hms he followingApproved Alg
Sizes: 128/25
Mod 1024, S
pose ( x-Orig
izes: KS<BS
Specificationfaces thentication
nt nagement
acks
ode of operaS Approvedused by an o
ware versionse version ma
g FIPS Approgorithms Used
56 bits)
SHA-1)
ginal, SHA-1
S)
n 32322
N/A2323
N/A
ation, comprd mode foloperator to vs listed in thiatches on of
oved algoritd in Current M
Validati1272
1170
412
1) 710
739
SEL-30
A A
rising all serlowing suc
verify that this documentf the FIPS a
thms. Module
ion Number
044 Security
Page
rvices descrcessful pow
he firmware vt. The operatapproved ha
r
y Policy
7 of 20
ribed in wer up version tor may ardware
SE
Thfo
Th
Thca
55.Fish
EL-3044 Sec
he cryptograor use in FIP
FIPS An NAES (provid
he cryptogra
FIPS ApAES Modes: ESHS Modes: SDSA Modes: SRNG Modes: FHMAC Modes: S
he cryptograllable and n
5 Ports .1 Physicaigure 4 dephown in red.
curity Policy
aphic modulPS mode.
Allowed AlDRNG is us(key transpodes 128 or 2
aphic modulT
pproved Alg
ECB, CBC,
SHA-1, SHA
Signature Ve
FIPS 186-2 G
SHA1, SHA-
aphic modunon-callable.
and Inteal Ports
icts a block
y
le supports
Table 3: FIPS
lgorithm sed to generaort) (Cert. #1256 bits of en
e does not suTable 4: Non-
gorithm
CTR (Key S
A-256
erification (M
General Purp
-256 (Key S
ule performs
erfaces
k diagram o
the followin
S Allowed Alg
ate a 512-bit1272, key wrncryption str
upport any n-Callable Func
Sizes: 128/25
Mod 1024, S
pose ( x-Orig
izes: KS<BS
a start-up
f the modul
ng non-FIPS
orithms Used
t seed key forapping; keyrength).
non-Approvections Present
56 bits)
SHA-1)
ginal, SHA-1
S)
KAT on all
le’s physica
S Approved
in Current M
or input into y establishme
ed algorithmt in Current M
Validati1279
1171,11
413
1) 714
744,745
l algorithms
al ports, wit
SEL-30
algorithms
Module
the RNG. ent methodo
ms. Module
ion Number
172
s present on
th the crypto
044 Security
Page
which are a
ology
r
n the modul
ographic bo
y Policy
8 of 20
allowed
e; both
oundary
SE
PU
AB
P
IR
St
Al
Cr
5.
LDa
EL-3044 Sec
ort DSB
BI
ower
RIG
tatus
larm
rypto Reset
.2 Logical
Logical Interata Input
curity Policy
Description • The U
such as
• The U
• The Aembedto prov
• The pothe US
• The IRsynchr
• The St
• The Aloccurr
• The po
l Ports
rface DD
y
Pow
er
F
USB port provis PCs. Virtual
SB port can be
ABI port provdded host devicvide the service
ort is the primaSB interface.
RIG port is uronization with
tatus port indic
larm port indicing during ope
ort is used for m
Description Data input cons
SELU
SB
AB
I
Figure 4: Mod
Table 5:
des a standardlogical ports e
e used as an alt
ides a 16-bit ces over their mes of the modu
ary power sup
used to receivh other devices
cates the health
cates alarm coneration.
module zeroiza
Table 6:
sists of:
L-3045
IRIG
dule Block Dia
Physical Port
dized device sixist on this phy
ternate method
memory mapmemory interfaule.
pply to the dev
ve time codesand time stam
h and state of th
nditions due to
ation.
: Logical Ports
5
Sta
tus
Ala
rmagram
ts
ide interface foysical port to p
d for supplying
pped register iace. Virtual log
vice. Alternativ
s from a valimping log event
he module.
the module en
s
SEL-30
Cry
pto
Res
et
for communicaprovide the serv
power to the m
interface for gical ports exi
vely the device
d IRIG sourcts.
ntering a failed
044 Security
Page
ation with hostvices of the mo
module.
interfacing wist on this phys
e can be power
ce for the pur
d state or system
y Policy
9 of 20
t devices odule.
ith other sical port
red from
rpose of
m events
SE
Da
C
St
Po
M
EL-3044 Sec
ata Output
Control Input
tatus Output
ower Input
Module servic
curity Policy
D
C
S
P
ces are descr
Pin GND
VCC
y
• Plainteby the
• Cryptoproces
Data output con
• Plainteby the
• Cryptoby the
Control input co
• Cryptocontrol
• A singany sec
• Input relevan
• Input d
• Input d
Status output co
• Cryptostatus o
• Status health
• A singconditioperati
• Syslogprovid
• Two stdevice
Power input con
• Power
• Power
ribed in SectTable 7: Gem
ext network daSEP service an
otext network sed by the SEP
nsists of:
ext network daSEP service fr
otext network dSEP service fr
onsists of:
otext control dal and configure
gle control inpucurity relevant
data entering nt data.
data entering on
data entering on
onsists of:
otext data exitiof the control a
data exiting oof the module.
gle status outpuion if the modion.
g data exiting odes logging info
tatus outputs e.
nsists of:
supplied on th
supplied on th
tion 7 belowmini Pins and
PhysicaGround
Power
ata entering on nd encoded int
data enteringP service and d
ata output on erom decoded C
data output on rom encoded P
ata entering one the module.
ut entering on tt data.
on the ABI p
n the IRIG por
n the ABI port
ing on eitherand configurati
on the Status .
ut exiting on thdule has entere
on the either Uormation of eve
exiting on the
he Power port.
he USB port.
w. FIPS 140-2 Po
al Port Asso
either the USBto Cryptotext.
g on either thdecoded into Pl
either the USBCryptotext.
either the USBPlaintext.
n either the US
the Crypto Res
port is used to
rt is used to syn
t is used to cha
the USB or Aion the module
port. This dat
he Alarm port. ed a failed stat
USB or ABI poents occurring
Status port allo
orts and Inter
ociation DG
Po
SEL-30
B or ABI port.
he USB or Alaintext.
B or ABI port.
B or ABI port.
SB or ABI por
set port is used
o zeroize all C
nchronize the c
ange the clock.
ABI port. Thise..
ta is used to i
This data is uste or a system
ort. This data isduring operati
ow the card to
rfaces
Description Ground
ower (3.3 V)
044 Security
Page 1
This data is p
ABI port. This
This data is g
This data is g
rt. This data is
d to zeroize all
CSP and any
clock.
s data is used
indicate the st
sed to indicate event occurre
s Syslog formaion.
o be detected b
y Policy
10 of 20
processed
s data is
generated
generated
s used to
CSP and
security
to show
tatus and
an alarm ed during
atted and
by a host
SE
EL-3044 Seccurity Policy
D0
D1
D2
D3
D4
D5
D6
D7
D8
D9
D10
D11
D12
D13
D14
D15
A0
A1
A2
A3
A4
A5
A6
A7
A8
A9
A10
/CS
/OE
y
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
ABI
D
D
D
D
D
D
D
D
D
D
D
D
D
D
D
D
A
A
A
A
A
A
A
A
A
A
A
Ch
O
SEL-30
Data
Data
Data
Data
Data
Data
Data
Data
Data
Data
Data
Data
Data
Data
Data
Data
Address
Address
Address
Address
Address
Address
Address
Address
Address
Address
Address
hip select
Output enable
044 Security
Page 1
y Policy
11 of 20
SE
66.Thuske
RAd
Cr
U
N
EL-3044 Sec
6 Identif.1 Assumphe module sing identityey(s) and a u
Role dministrator
ryptographic O
ser
etwork
curity Policy
/WE
/IRQ
/CRST
Alarm
VCC
IRIG B
Status
CD1
CD2
RESET
USB VBUS
USB VBUS
USB D+
USB D-
fication ption of Rolesupports fou
y-based authunique opera
DTcfi
Officer Acth
Ak
AmN
y
S
S
and Aues ur distinct rentication.
ator ID.
Description The module suontrol the conirmware of the
An operator asonfiguration (ihe module.
An operator asskey and CSP da
A Network rolemodule and theNetwork roles a
ABI
ABI
Crypto Rese
Alarm
Power
IRIG
Status
Ground
Ground
N/A
USB / Powe
USB / Grou
USB
USB
thentica
oles. The crAll operator
Tab
upports a singnfiguration (inc
module.
ssigned the roincluding key
signed the roleata), monitor th
e is any remoe ability to deassigned in a m
et
er
und
ation Po
ryptographicrs are identif
le 8: Roles
gle Administracluding key an
ole of Cryptogand CSP data)
of User has thhat status, and u
te module thaecode SEP pacmodule.
W
In
Ze
A
Po
IR
C
C
C
H
Po
G
D
D
olicy
c module enfied through
ator role. The nd CSP data),
graphic Office), monitor that
he privilege to upgrade the fir
at has the privckets from this
SEL-30
Write Enable
nterrupt
eroization
Alarm
ower
RIG
ard status
ard detection
ard detection
HW reset
ower (5 V)
Ground
Data
Data
nforces the h knowledge
Administratormonitor that s
er has the prt status, and up
control the cormware of the m
vilege to encods module. The
044 Security
Page 1
separation oe of the appr
r has the privstatus, and upg
rivilege to conpgrade the firm
onfiguration (emodule.
de SEP packetere can be up
y Policy
12 of 20
of roles ropriate
vilege to grade the
ntrol the mware of
xcluding
ts to this to 1500
SE
RAd
CrO
U
N
EL-3044 Sec
Role Administrator T
idcaAdob
ryptographic fficer
Te
ser Te
etwork Tidcuum
curity Policy
AuthenticatiThe authenticatdentity based a
comprised of anauthentication kA unique name distinguish this operators and isbe ‘Administrat
The authenticatequivalent to th
The authenticatequivalent to th
The authenticatdentity based a
comprised of anunique 16-bit adused to distingumodules assum
y
Table
ion Mechantion mechanismauthentication n encryption kekey, and passwis used to role from the o
s hard-configurtor’.
tion mechanismhe Administrato
tion mechanismhe Administrato
tion mechanismauthentication n encryption keddress identifieuish between reing this role.
9: Identity Au
nism Authem is an
ey, word.
other red to
KnowleencryptauthentSHA-2printab
m is or’s.
The autequival
m is or’s.
The autequival
m is an
ey. A er is emote
KnowleEncryp
uthentication
entication Dedge of the admtion key (256-btication key (2556 key) and pale ASCII chara
thentication dalent to the Adm
thentication dalent to the Adm
edge of a uniqution Key (256-
Mechanism
Data ministrator’s bit AES key), 56-bit HMAC assword (6-80 acters).
ata is ministrator’s.
ata is ministrator’s.
ue Network -bit AES key)
SEL-30
Strength oIn order to auoperator underole an attackvalues of the parameters (Cthe Administrencryption keauthenticationpassword).
Assuming thaindependent, length, eight the probabilitattempt will sacceptance w1/(2^256*2^2170 which is 1,000,000.
Assuming thaprocess 1 guemodule has afor incorrect probability ofauthenticatingone minute is8.72 E -169 win 100,000.
The strength equivalent to
The strength equivalent to
An attacker mthe unique NeKey. The proattempt will sor 8.636 E-78one in 1,000,
The module iperforming apauthenticationThis results inauthentication60000 attempprobability ofauthenticating
044 Security
Page 1
of Authenticuthenticate as aer the Adminisker must know cryptographic
CSPs) associaterator (256 bit ey, the 256 bit n key, and the
at all parameteand that a minbyte passwordty that a randomsucceed or a fa
will occur is 256*92^8) or less than one i
at the module cess per second a one second loattempts), the f successfully g to the moduls 1.45 E -170 *which is less th
of the authentithe Administr
of the authentithe Administr
must know the etwork Encryp
obability that a succeed is 1/ (28 which is less 000.
is capable of pproximately on every .001 sen a maximum n processing rapts per minute.f successfully g to the modul
y Policy
13 of 20
cation an strator the security
ed with
ers are nimum-d is used, m
alse
1.45 E -in
can (the
ockout
le within * 60 or han one
ication is rator’s.
ication is rator’s.
value of ption random
2^256) than
one econds.
ate of The
le within
SE
77.
EL-3044 Sec
7 Acces.1 Roles a
Service Create a mfor the condevice and
Close a m
Change noconfiguratdata that iCSP (e.g. collection
Change culog-in creassociatedkeys)
Change CThis is anconfiguratconsideredpasswords
View statu
Clear statu
Upgrade fzeroize Fikeys
Encode plinto SEP m
Create SE
Decode Splaintext m
FIPS self-diagnostic
View statuas health aindicators
curity Policy
ss Contrand Services
management senfiguration of d status monito
management ses
on-CSP tion. This is anis not considereevent log
n configuration
urrent operatordentials (e.g.
d password and
CSP configuratiny available tion data this isd a CSP (keys,s, etc.).
us and event lo
us and event lo
firmware and irmware Upgra
laintext messagmessages
EP sessions
EP messages inmessages
-tests and cs
us indicators suand alarm outps.
y
rol Polic
T
Adminiession the oring
●
ssion ●
ny ed a
)
●
r’s
d
●
ion.
s ,
●
ogs ●ogs ●
ade ●
ges
nto
uch put
cy
Table 10: Role
istrator Cryp
●
●
●
●
●
●
●
●
s and Service
ptographic Of
●
●
●
●
●
●
●
●
Matrix
fficer User N
●
●
●
●
●
SEL-30
one minute isor 5.18 E-73 in 100,000.
Network Un-
●
●
●
044 Security
Page 1
s 2.938 E-39 * which is less th
-Authenticated
●
●
y Policy
14 of 20
60000 han one
d
SE
7.Th
NAdK
AdAu
Ad
Op
OpK
Op
OpEn
OpAu
DR
DR
FWK
ReSy
ReSe
EL-3044 Sec
Zeroize thservice refrom NV Firmwarereturns thefactory de
Change T
Output Sy
.2 Definitihe module c
Name dministrator Eey
dministrator uthentication K
dministrator Pa
perator[s] Encr
perator[s] Authey
perator Passwo
perator Sessionncryption Key
perator Sessionuthentication K
RNG State
RNG Seed Key
W Upgrade Eney
emote Networkystem Key[s]
emote Networkession Encrypt
curity Policy
he device. Thismoves all CSPmemory (exce Upgrade keyse device to its efault state.
Time
yslog event log
ion of Criticcontains the f
Dncryption A
crth
Key Aau
assword Aau
ryption Key Eak
hentication Eo
ord[s] Ea
n Afr
n Key
Aaum
A
y A
ncryption A
k Device AwNd
k Device ion Key[s]
Ac
y
s P data ept the s) and
gs
cal Security Pfollowing C
Description A 256-bit AES reation messaghe Operator Se
A 256-bit HMAuthenticate ses
An 8 to 80 charuthenticate the
Equivalent to thssuming the ro
keys. There can
Equivalent to thperator assumi
Equivalent to thssuming the ro
A 256-bit AES rames travellin
A 256-bit autheuthenticate all
management se
A 512-bit state
A 512-bit key u
A 256-bit AES
A 256-bit AES with a remote dNetwork Devicedevices (and co
A 256-bit AES an be up to 150
Parameters SPs:
Tabl
key used duringes that create aession Encrypti
AC (SHA-256) ssion creation m
racter passworde operator.
he Administratoole of a Cryptogn be up to 32 op
he Administratoing the role of
he Administratoole of a Cryptog
key generated ng to and from
entication key gframes travellission.
maintained by
used to seed the
key used to de
key used durindevice. This keye Session Encrnsequently up
key used to en00 remote devi
(CSPs)
le 11: CSPs
ng the manageman operator sesion Key and Op
used during thmessages that c
d used during t
or Encryption Kgraphic Officeperators.
or Authenticatia Cryptograph
or Password. Tgraphic Office
during the manthe manageme
generated durining to and from
the FIPS 186-
e FIPS 186-2 D
ecrypt received
ng the SEP keyy is used with tryption and Deto 1500 keys).
ncode the data sices (and conse
ment session crssion. This keyperator Session
he during the mcreate an opera
the during the m
Key. This key er or User and p
ion Key. This hic Officer or U
This key is useder or User. Ther
anagement sessent interface da
ng the managemm the managem
-2 DRNG.
DRNG.
d FW upgrades
y exchange hanthe AES key w
ecryption Key. .
sent under a SEequently up to
SEL-30
reation to encry is used to encn Authenticatio
management seator session.
management se
is used to authprotect the tran
key is used to User. There can
d to authenticare can be up to
sion creation anata during a ma
ment session cment interface d
.
ndshake to estawrap algorithm
There can be u
EP session to a1500 keys).
044 Security
Page 1
●
● ●
rypt the sessioncrypt the transpon Key.
ession creation
ession creation
henticate an opnsport of the se
authenticate ann be up to 32 op
ate an operator o 32 operators.
nd used to encranagement sess
creation and usdata during a
ablish a SEP sem to wrap the R
up to 1500 rem
a remote device
y Policy
15 of 20
n port of
to
n to
perator ession
n perators.
rypt all sion.
ed to
ession emote
mote
e. There
SE
ReSe
7.Th
NFWK
7.
Thro
•
•
•
•
A
A
A
O
O
EL-3044 Sec
emote Networkession Decrypt
.3 Definitihe module c
Name W Upgrade Auey
.4 Definiti
he below taboles. The mo
G = Gene
R = Readuses the C
W = Writimported CSP.
Z = Zeroi
Administrator
Administrator
Administrator
Operator Encry
Operator Auth
curity Policy
k Device tion Key[s]
Ad
ion of Publicontains the f
Duthentication 1
so
ion of CSPs
ble defines todes of acce
erate: The m
d: The moduCSP.
te: The mointo the mo
ze: The mod
Na
Encryption Ke
Authentication
Password
yption Key[s]
hentication Key
y
A 256-bit AES device. There ca
ic Keys following pu
Description 024-bit DSA kource.
Modes of A
the relationshess shown in
module gener
ule reads the
odule writes odule, or the
dule zeroizeTable 13:
ame
ey
n Key
y[s]
key used to dean be up to 150
ublic keys: Table 12
key used to ver
Access
hip betweenthe table are
rates the CSP
e CSP. The
the CSP. Te module ge
es the CSP. CSP Access R
ecode the data r00 remote devi
2: Public Keys
rify a received
n access to Ce defined as:
P.
read access
The write accenerates a C
Rights within R
Access
received underices (and conse
s
firmware imag
CSPs and the:
s is typically
cess is typicCSP, or the m
Roles & Servi
s Control R
W
Z
R
W
Z
R
W
Z
R
W
Z
R
W
SEL-30
r a SEP sessionequently up to
ge was signed b
e different m
y performed
cally performmodule ove
ces
Create a ma
Change CSP
Zeroize
Create a ma
Change CSP
Zeroize
Create mana
Change CSP
Zeroize
Create a ma
Change CSP
Zeroize
Create a ma
Change CSP
044 Security
Page 1
n from a remot1500 keys).
by an authentic
module servic
before the m
med after a rwrites an e
Service anagement sess
P configuration
anagement sess
P configuration
agement sessio
P configuration
anagement sess
P configuration
anagement sess
P configuration
y Policy
16 of 20
e
cated
ces and
module
CSP is existing
sion
n
sion
n
on
n
sion
n
sion
n
SE
O
O
O
D
D
F
R
R
EL-3044 Sec
Operator Passw
Operator Sessi
Operator Sessi
DRNG State
DRNG Seed K
FW Upgrade E
Remote Netwo
Remote Netwo
curity Policy
word[s]
ion Encryption
ion Authentica
Key
Encryption Key
ork Device Sys
ork Device Ses
y
n Key
ation Key
y
stem Key[s]
ssion Encryptioon Key[s]
Z
R
W
Z
G
R
Z
G
R
Z
G
Z
G
Z
R
W
Z
W
R
Z
G
R
SEL-30
Zeroize
Create a ma
Change CSP
Zeroize
Create a ma
Change non
View non C
Change CSP
View status
Clear status
Upgrade firm
Zeroize
Close manag
Create a ma
Change non
View non C
Change CSP
View status
Clear status
Upgrade firm
Zeroize
Close manag
N/A
N/A
N/A
N/A
Upgrade firm
Upgrade firm
Upgrade firm
Change CSP
Create SEP
Zeroize
Create SEP
Encode plai
044 Security
Page 1
anagement sess
P configuration
anagement sess
n-CSP configur
CSP configurati
P configuration
and event logs
and event logs
mware
gement session
anagement sess
n-CSP configur
CSP configurati
P configuration
and event logs
and event logs
mware
gement session
mware
mware
mware
P configuration
session
session
intext message
y Policy
17 of 20
sion
n
sion
ration
ion
n
s
s
n
sion
ration
ion
n
s
s
n
n
s
SE
R
F
8Thdo
9Thse
1.
2.
3.
4.
5.
EL-3044 Sec
Remote Netwo
FW Upgrade A
8 Operahe FIPS 140oes not conta
9 Securhis section ecurity requi
. The cryptUser, and
. The crypt
. The crypt
. When thecryptograp
. The crypt
A. Power
1. Fait w
2. Thby
3. Cra. b. c. d. e. f. g.
4. Fira.
B. Critica
curity Policy
ork Device Ses
Authentication
ational E0-2 Area 6 Oain a modifi
rity Ruledocuments
irements of t
tographic mothe Cryptog
ographic mo
ographic mo
e module haphic service
ographic mo
r up Self-Tes
ailure of anywill be unreshe operator sy cycling powryptographic
DSA VerifSHA-1 KnSHA-256 KHMAC-SHHMAC-SHRNG KnowAES Encry
rmware InteA 32-bit Cnot match
al Functions
y
ssion Decryptio
Key
EnvironmOperational able operatio
es the security
this FIPS 14
odule shall pgraphic Offic
odule shall p
odule shall c
as not been ps.
odule shall p
sts
of the self tsponsive andshall be capawer or resettc algorithm tfy Known Anown AnsweKnown AnswHA-1 KnownHA-256 Known Answer ypt and Decrgrity Test
CRC is calcuthe value in
Tests
on Key[s]
ment Environmen
onal environ
y rules enfo0-2 Level 2
provide fourcer, and Netw
provide ident
lear previou
placed in a
perform the f
tests listed hd cease all crable of comming the modests
Answer Tester Test wer Test n Answer Teown AnswerTest rypt Known
ulated over tNV memory
nt requiremenment.
rced by themodule.
r distinct opwork roles.
tity-based au
us authentica
valid role,
following tes
here will cauryptographicmanding the
dule.
est Test
Answer Tes
the program y, the modul
Z
G
R
Z
R
W
Z
ents are not
e cryptograp
erator roles.
uthentication
ations on pow
the operator
sts
use the moduc functions. e module to
st
image. If tle declares a
SEL-30
Zeroize
Create SEP
Decode SEP
Zeroize
Upgrade firm
Upgrade firm
Upgrade firm
applicable
phic module
. These are
n.
wer cycle.
r shall not h
ule to enter a perform the
the calculatea failure and
044 Security
Page 1
session
P messages
mware
mware
mware
because SEL
e to implem
the Admini
have access
a failed state
e power-up s
ed CRC valudisables itse
y Policy
18 of 20
L-3044
ment the
istrator,
to any
e where
self-test
ue does elf.
SE
6.
7.
8.
9.
10
11
12
13
14
15
16
17
110Th
EL-3044 Sec
1. Fawh
2. Rua.
3. Sea.
C. Condi
1. Coa.
b.
2. Fira. b.
. Power-up
. Data outp
. Status infcompromi
. The modu
0. There are
1. The modu
2. The modu
3. The modu
4. The modu
5. The modu
6. The modu
7. The modu
0 Physi0.1 Physicahe cryptogra• Produ
curity Policy
ailure of anyhere it will buntime volat
Read and memory afailure and
ettings integrA 32-bit Cnot match
itional Self-T
ontinuous RaOne test coutput. If A second output. If
rmware LoaThe deviceThe modul
self tests do
ut shall be in
formation dise of the mo
ule ensures th
no restrictio
ule does not
ule does not
ule does not
ule does not
ule shall not
ule does not
ule does not
cal Secual Security Maphic modulction-grade
y
y of the critibe unresponstile memory
write tests address spacd disables itsrity test CRC is calcuthe value in
Tests
andom Numcompares ththe two valutest comparthe two valu
ad Test e will reject le verifies a o not require
nhibited dur
does not conodule.
hat the seed
ons on which
support conc
support a ma
support man
have any ex
support a by
enter or outp
output interm
urity PoMechanismse includes thcomponents
ical tests lissive and ceastests are perform
e during runelf.
ulated over tNV memory
mber Generathe last 32 bues are equalres the last ues are equal
the potentialDSA digital any operato
ing key gene
ntain CSPs
and seed ke
h keys or CS
current oper
aintenance in
nual key entr
ternal input/
ypass capabi
put plaintext
mediate key
licy s he followings
ted here wilse all cryptog
med on the ntime. If a
the settings y, the device
or Tests bit NDRNG l the module512 bit RN
l the module
l firmware ifl signature wor action.
eration, self-
or sensitiv
y inputs to th
SPs are zeroi
rators.
nterface or r
ry.
/output devic
ility.
t CSPs.
values.
g physical se
ll cause the graphic func
memory. an error is d
image. If te declares a
output withe declares a fNG output we declares a f
f the firmwawhen loading
-tests, zeroiz
ve data that
the Approved
ized by the z
role.
ces used for
curity mech
SEL-30
module to ctions.
This contindetected, the
the calculatefailure and d
h the currenfailure and dwith the curfailure and d
are load test g firmware.
zation, and e
t if misused
d RNG are n
zeroization s
entry/outpu
hanisms:
044 Security
Page 1
enter a faile
nuously chece device dec
ed CRC valudisables itsel
nt 32 bit Ndisables itselrrent 512 bidisables itsel
fails.
error states.
d could lea
not equal.
ervice.
ut of data.
y Policy
19 of 20
ed state
cks the clares a
ue does lf.
NDRNG lf. it RNG lf.
ad to a
SE
10
ThThst
1.2.3.
1Th
EL-3044 Sec
• Hard ppenetr
• Hard m
0.2 Operato
he operator he operator teps:
. Inspect to
. Inspect to
. Inspect to
1 Mitigahe module h
curity Policy
potting materation attempmetallic com
or Required is required tis required t
o make sure o make sure o make sure
ation of Ohas not been
y
erial encapspts causing s
mposite enclo
d Actions o periodicallto verify that
the shipmenthe tamper-ethe module
Other Adesigned to
sulation of mserious damaosure compr
ly inspect tht the module
nt packagingevident caseon first pow
ttacks Pmitigate any
multiple chipage ises the cryp
he enclosure e was deliver
g and seals hae of the moduwer up is in th
Policy y attacks out
p circuitry e
ptographic b
for tamper ered in a secu
ave not beenule has not bhe default st
tside of the s
SEL-30
enclosure w
boundary
evidence. ure manner u
n broken. been broken.tate.
scope of FIP
044 Security
Page 2
ith removal
using the fol
.
PS 140-2.
y Policy
20 of 20
and/or
llowing