Class fcs: cryptographic support – Nortel Networks Nortel Network VPN Router and Client Workstation 7.05 User Manual
Page 24
Security Target, Version 3.9
March 18, 2008
Nortel VPN Router v7.05 and Client Workstation v7.11
Page 24 of 67
© 2008 Nortel Networks
5.1.2 Class FCS: Cryptographic Support
FCS_CKM.1(a)
Cryptographic key generation (Diffie-Hellman)
Hierarchical to: No other components.
FCS_CKM.1.1(a)
The TSF shall generate cryptographic keys in accordance with a specified cryptographic key generation
algorithm [Diffie-Hellman] and specified cryptographic key sizes [1024, 1536 bit keys] that meet the
following: [RFC 2631].
Dependencies: [FCS_CKM.2 Cryptographic key distribution, or
FCS_COP.1 Cryptographic operation]
FCS_CKM.4 Cryptographic key destruction
FMT_MSA.2 Secure security attributes
FCS_CKM.1(b)
Cryptographic key generation (RSA)
Hierarchical to: No other components.
FCS_CKM.1.1(b)
The TSF shall generate cryptographic keys in accordance with a specified cryptographic key generation
algorithm [RSA] and specified cryptographic key sizes [1024, 2048 bits] that meet the following: [RFC
3447].
Dependencies: [FCS_CKM.2 Cryptographic key distribution, or
FCS_COP.1 Cryptographic operation]
FCS_CKM.4 Cryptographic key destruction
FMT_MSA.2 Secure security attributes
FCS_CKM.4 Cryptographic key destruction
Hierarchical to: No other components.
FCS_CKM.4.1
The TSF shall destroy cryptographic keys in accordance with a specified cryptographic key destruction
method [zeroization] that meets the following: [FIPS 140-2].
Dependencies: [FDP_ITC.1 Import of user data without security attributes, or
FDP_ITC.2 Import of user data with security attributes, or
FCS_CKM.1 Cryptographic key generation]
FMT_MSA.2 Secure security attributes
FCS_COP.1(a)
Cryptographic operation (encryption and decryption)
Hierarchical to: No other components.