Brocade MLXe® and NetIron® Family Devices with Multi-Service IronWare R05.7.00
Security Target Version 1., July 15, 2014
Page 42 of 50
6.2 Cryptographic support
The TOE includes a FIPS 140 certified crypto module providing supporting cryptographic functions. The evaluated
configuration requires that the TOE be configured in Common Criteria mode to ensure FIPS certified functions are
used.
The following functions have been FIPS certified in accordance with the identified standards.
• AES CBC (128 and 256 bits)
FIPS Pub 197
NIST SP 800-38A
Cryptographic signature services
• RSA Digital Signature Algorithm
(rDSA) (modulus 2048)
• SHA-1, SHA-256, SHA-384, and
SHA-512 (digest sizes 160, 256,
Keyed-hash message authentication
• HMAC-SHA-1(digest size 160)
FIPS Pub 198-1
FIPS Pub 180-3
• CTR_DRBG with sw & hw based
noise sources with a minimum of
256 bits of non-determinism
Table 5 Cryptographic Functions
While the TOE generally fulfills all of the NIST SP 800-56B requirements without extensions, the following table
specifically identifies the “should”, “should not”, and “shall not” conditions from the publication along with an
indication of how the TOE conforms to those conditions.
NIST SP800-56B
Section Reference
“should”, “should not”, or
“shall not”
Implemented? Rationale for deviation
shall not (first occurrence)
shall not (second occurrence)
should (first occurrence)
should (second occurrence)
should (third occurrence)
should (fourth occurrence)
shall not (first occurrence)
shall not (second occurrence)
Comments to this Manuals