Brocade Communications Systems NetIron CER Series Specifications download pdf (Page 42)

Brocade MLXe® and NetIron® Family Devices with Multi-Service IronWare R05.7.00

Security Target Version 1., July 15, 2014

Page 42 of 50

6.2 Cryptographic support

The TOE includes a FIPS 140 certified crypto module providing supporting cryptographic functions. The evaluated

configuration requires that the TOE be configured in Common Criteria mode to ensure FIPS certified functions are

used.

The following functions have been FIPS certified in accordance with the identified standards.

Functions

Standards

Cert

MLXe MR2

MLXe MR

CER 2000

CES 2000

Encryption/Decryption

• AES CBC (128 and 256 bits)

FIPS Pub 197

NIST SP 800-38A

2717

2716

2715

Cryptographic signature services

• RSA Digital Signature Algorithm

(rDSA) (modulus 2048)

FIPS Pub 186-2

1413

1412

1411

Cryptographic hashing

• SHA-1, SHA-256, SHA-384, and

SHA-512 (digest sizes 160, 256,

384, and 512 bits)

FIPS Pub 180-3

2282

2281

2280

Keyed-hash message authentication

• HMAC-SHA-1(digest size 160)

FIPS Pub 198-1

FIPS Pub 180-3

1696

1695

1694

Random bit generation

• CTR_DRBG with sw & hw based

noise sources with a minimum of

256 bits of non-determinism

NIST SP 800-90

454

453

452

Key Derivation Functions

• TLS and SSH

NIST SP 800-135

175

174

173

Table 5 Cryptographic Functions

While the TOE generally fulfills all of the NIST SP 800-56B requirements without extensions, the following table

specifically identifies the “should”, “should not”, and “shall not” conditions from the publication along with an

indication of how the TOE conforms to those conditions.

NIST SP800-56B

Section Reference

“should”, “should not”, or

“shall not”

Implemented? Rationale for deviation

5.6

Should

Yes

Not applicable

5.8

shall not

Not applicable

5.9

shall not (first occurrence)

Not applicable

5.9

shall not (second occurrence)

Not applicable

6.1

should not

Not applicable

6.1

should (first occurrence)

Yes

Not applicable

6.1

should (second occurrence)

Yes

Not applicable

6.1

should (third occurrence)

Yes

Not applicable

6.1

should (fourth occurrence)

Yes

Not applicable

6.1

shall not (first occurrence)

Not applicable

6.1

shall not (second occurrence)

Not applicable

6.2.3

Should

Yes

Not applicable

6.5.1

Should

Yes

Not applicable

1 2 ... 37 38 39 40 41 42 43 44 45 46 47 48 49 50

Comments to this Manuals

No comments

Brocade Communications Systems NetIron CER Series Specifications Page 42

Comments to this Manuals

Related products and manuals for Network switches Brocade Communications Systems NetIron CER Series