HP A-Series Spezifikationen PDF herunterladen (Seite 45)

Security Target Version 1.02, 08/16/2013

45

Identifier

Name

Generation/

Algorithm

Purpose

Storage Location

Zeroization Summary

CSP6

SSH Session

Keys

ANSI X9.31 /

3DES-AES

SSH keys

RAM (plain text)

Keys in RAM will be

zeroized upon resetting or

rebooting the security

appliance.

CSP7

IPsec

authentication

Keys

ANSI X9.31 /

3DES-AES / DH

Exchanged using the IKE

protocol and the

public/private key pairs.

These are 3DES or AES

keys.

RAM (plain text)

Keys in RAM will be

zeroized upon resetting or

rebooting the security

appliance.

CSP8

IPsec traffic

Keys

ANSI X9.31 /

3DES-AES / DH

Exchanged using the IKE

protocol and the

public/private key pairs.

These are 3DES or AES

keys.

RAM (plain text)

Keys in RAM will be

zeroized upon resetting or

rebooting the security

appliance.

CSP9

IPsec

authentication

Keys

3DES-AES

3DES or AES Keys are

manually configured for

IPsec security associations.

FLASH (cipher text) and

RAM (plain text)

IPsec keys exist in a FLASH

start-up configuration file

and are added, deleted, or

changed when that file is

edited by an authorized

administrator.

Keys in RAM will be

zeroized upon resetting or

rebooting the security

appliance.

CSP10

IPsec traffic

Keys

3DES-AES

3DES or AES Keys are

manually configured for

IPsec security associations.

FLASH (cipher text) and

RAM (plain text)

IPsec keys exist in a FLASH

start-up configuration file

and are added, deleted, or

changed when that file is

edited by an authorized

administrator.

Keys in RAM will be

zeroized upon resetting or

rebooting the security

appliance.

CSP11

IKE pre-shared

Keys

Shared Secret

Entered by the Crypto-

Officer in plain text form

and used for authentication

during IKE

FLASH (cipher text) and

RAM (plain text)

IKE keys exist in a FLASH

start-up configuration file

and are added, deleted, or

changed when that file is

edited by an authorized

administrator.

Alternately, the keys will be

overwritten once with zeroes

when a clear FLASH

command is issued.

Keys in RAM will be

zeroized upon resetting or

rebooting the security

appliance.

CSP12

IKE

Authentication

Key

Generated using

IKE

(X9.31+HMAC-

SHA1+DH).

Algorithms:

3DES, AES,

SHA-1

Used to encrypt and

authenticate IKE

negotiations

RAM (plain text)

Keys in RAM will be

zeroized upon resetting or

rebooting the security

appliance.

1 2 ... 40 41 42 43 44 45 46 47 48 49 50 ... 65 66

Kommentare zu diesen Handbüchern

Keine Kommentare