ON THIS PAGE
Understanding FIPS Terminology and Supported Cryptographic Algorithms
Use the definitions of FIPS terms, and supported algorithms to help you understand Junos OS in FIPS mode.
Terminology
Common Criteria—Common Criteria for information technology is an international
agreement signed by 30 countries that permits the evaluation of security
products against a common set of standards.
Critical security parameter (CSP)—Security-related information—for example, secret and private
cryptographic keys and authentication data such as passwords and personal
identification numbers (PINs)—whose disclosure or modification
can compromise the security of a cryptographic module or the information
it protects. For details, see Understanding the Operational Environment for Junos OS in FIPS Mode.
Cryptographic
module—The set of hardware, software, and firmware that implements
approved security functions (including cryptographic algorithms and
key generation) and is contained within the cryptographic boundary.
MX204 and EX9251 devices are certified at FIPS 140-2 Level 1.
For fixed-configuration devices, the cryptographic module is the device
case. For modular devices, the cryptographic module is the Routing
Engine.
ESP—Encapsulating Security Payload (ESP) protocol. The part of the
IPsec protocol that guarantees the confidentiality of packets through
encryption. The protocol ensures that if an ESP packet is successfully
decrypted, and no other party knows the secret key the peers share,
the packet was not wiretapped in transit.
FIPS—Federal Information Processing Standards. FIPS 140-2 specifies
requirements for security and cryptographic modules. Junos OS in FIPS
mode complies with FIPS 140-2 Level 1.
FIPS maintenance role—The role the Security Administrator assumes to perform physical
maintenance or logical maintenance services such as hardware or software
diagnostics. For FIPS 140-2 compliance, the Security Administrator
zeroizes the Routing Engine on entry to and exit from the FIPS maintenance
role to erase all plain-text secret and private keys and unprotected
CSPs.
The FIPS maintenance role is not supported on Junos OS in FIPS mode.
Hashing—A message authentication method that applies a cryptographic
technique iteratively to a message of arbitrary length and produces
a hash message digest or signature of fixed length that is appended to the message when sent.
IKE—The Internet Key Exchange (IKE) is part of IPsec and provides
ways to securely negotiate the shared private keys that the authentication
header (AH) and ESP portions of IPsec need to function properly. IKE
employs Diffie-Hellman key-exchange methods and is optional in IPsec.
(The shared keys can be entered manually at the endpoints.)
KATs—Known answer tests. System self-tests that validate the output
of cryptographic algorithms approved for FIPS and test the integrity
of some Junos OS modules. For details, see Understanding FIPS Self-Tests.
NDcPPv2.1—Collaborative Protection Profile for Network Devices.
SA—Security association (SA). A connection between hosts that allows
them to communicate securely by defining, for example, how they exchange
private keys. As Security Administrator, you must manually configure
an internal SA on devices running Junos OS in FIPS mode. All values,
including the keys, must be statically specified in the configuration.
On devices with more than one Routing Engine, the configuration must
match on both ends of the connection between the Routing Engines.
For communication to take place, each Routing Engine must have the
same configured options, which need no negotiation and do not expire.
Security Administrator—For Common Criteria, user accounts in the TOE have the following
attributes: user identity (user name), authentication data (password),
and role (privilege). The Security Administrator is associated with
the defined login class “security-admin”, which has the
necessary permission set to permit the administrator to perform all
tasks necessary to manage the Junos OS.
SPI—Security parameter index (SPI). A numeric identifier used with
the destination address and security protocol in IPsec to identify
an SA. Because you manually configure the SA for Junos OS in FIPS
mode, the SPI must be entered as a parameter rather than derived randomly.
SSH—A protocol that uses strong authentication and encryption for
remote access across a nonsecure network. SSH provides remote login,
remote program execution, file copy, and other functions. It is intended
as a secure replacement for rlogin, rsh, and rcp in a UNIX environment. To secure the information sent over
administrative connections, use SSHv2 for CLI configuration. In Junos
OS, SSHv2 is enabled by default, and SSHv1, which is not considered
secure, is disabled.
Zeroization—Erasure of all CSPs and other user-created data on a device
before its operation as a FIPS cryptographic module—or in preparation
for repurposing the devices for non-FIPS operation. The Security Administrator
can zeroize the system with a CLI operational command.
Supported Cryptographic Algorithms
For FIPS 140-2 compliance, use only FIPS-approved cryptographic algorithms In Junos OS in FIPS mode.
The following cryptographic algorithms are supported in FIPS mode. Symmetric methods use the same key for encryption and decryption, while asymmetric methods use different keys for encryption and decryption.
AES—The Advanced Encryption Standard (AES), defined in FIPS PUB
197. The AES algorithm uses keys of 128, 192, or 256 bits to encrypt
and decrypt data in blocks of 128 bits.
ECDH—Elliptic Curve Diffie-Hellman. A variant of the Diffie-Hellman
key exchange algorithm that uses cryptography based on the algebraic
structure of elliptic curves over finite fields. ECDH allows two parties,
each having an elliptic curve public-private key pair, to establish
a shared secret over an insecure channel. The shared secret can be
used either as a key or to derive another key for encrypting subsequent
communications using a symmetric key cipher.
ECDSA—Elliptic Curve Digital Signature Algorithm. A variant of the
Digital Signature Algorithm (DSA) that uses cryptography based on
the algebraic structure of elliptic curves over finite fields. The
bit size of the elliptic curve determines the difficulty of decrypting
the key. The public key believed to be needed for ECDSA is about twice
the size of the security level, in bits. ECDSA using the P-256, P-384,
and P-521 curves can be configured under OpenSSH.
HMAC—Defined as “Keyed-Hashing for Message Authentication”
in RFC 2104, HMAC combines hashing algorithms with cryptographic keys
for message authentication. For Junos OS in FIPS mode, HMAC uses the
iterated cryptographic hash functions SHA-1, SHA-256, and SHA-512
along with a secret key.
SHA-256 and SHA-512—Secure hash algorithms (SHA) belonging to the SHA-2 standard
defined in FIPS PUB 180-2. Developed by NIST, SHA-256 produces a 256-bit
hash digest, and SHA-512 produces a 512-bit hash digest.
3DES (3des-cbc)—Encryption standard based on the original Data Encryption Standard
(DES) from the 1970s that used a 56-bit key and was cracked in 1997.
The more secure 3DES is DES enhanced with three multiple stages and
effective key lengths of about 112 bits. For Junos OS in FIPS mode,
3DES is implemented with cipher block chaining (CBC).
3DES is supported only in FIPS.