beautypg.com

3 module interfaces – HP FIPS 140-2 User Manual

Page 8

background image

Security Policy, version 1.0

January 31, 2008

HP StorageWorks Secure Key Manager

Page 8 of 26

© 2008 Hewlett-Packard Company

This document may be freely reproduced in its original entirety.

• Digital Signature Algorithm (DSA) PQG generation, key generation, signature generation, and signature

verification: 1024 bits (certificate # 244)

• ANSI X9.31 Appendix A.2.4 with 2-key 3DES Deterministic Random Number Generator (DRNG)

(certificate # 375)

• Diffie-Hellman key agreement (SP 800-56A, vendor affirmed; key establishment methodology provides 80

bits of encryption strength)

In the FIPS mode of operation, the module implements the following non-approved algorithms:

• A non-approved Random Number Generator (RNG) to seed the ANSI X9.31 DRNG

• The following commercially-available protocols for key establishment:

o

Transport Layer Security (TLS) 1.0/ Secure Socket Layer (SSL) 3.1 protocol using RSA 1024 and

2048 bits for key transport. Caveat: The RSA 1024- and 2048-bit key wrapping and key
establishment provide 80 and 112 bits of encryption strength, respectively.

In the non-FIPS mode of operation, the module also implements DES, MD5, RC4, and 512- and 768-bit RSA for
signature generation and verification, and key establishment.

2.3 Module Interfaces

FIPS 140-2 defines four logical interfaces:

• Data Input

• Data Output

• Control Input

• Status Output

The module features the following physical ports and LEDs:

• Serial port (RS232 DB9)

• Ethernet 10/100/1000 RJ-45 ports (Network Interface Card [NIC], quantity: 2)

• Mouse port (PS/2)

• Keyboard port (PS/2)

• Monitor port (VGA DB15)

• Power input (115VAC)

• LEDs (six on the front panel and seven on the rear panel)

The logical interfaces and their physical port mappings are described in Table 2 – Logical Interface and Physical
Ports Mapping.

Table 2 – Logical Interface and Physical Ports Mapping

Logical Interface

Physical Ports

Data Input

Keyboard, serial, Ethernet

Data Output

Monitor, serial, Ethernet

Control Input

Keyboard, mouse, serial, Ethernet

Status Output

Monitor, serial, Ethernet, LEDs

There are no buttons or ports on the front panel. There are six LEDs on the front panel. See Figure 3 – Front Panel
LEDs.

See also other documents in the category HP Hardware: