Understanding FIPS Mode Terminology and Supported Cryptographic Algorithms
Use the definitions of FIPS terms and supported algorithms to help you understand Junos OS in FIPS mode.
The FIPS maintenance role is not supported on Junos OS in FIPS mode.
Supported Cryptographic Algorithms
Table 1 summarizes the high level protocol algorithm support.
Table 1: Protocols Allowed in FIPS Mode
IKEv1/v2 with optional:
Each implementation of an algorithm is checked by a series of known answer test (KAT) self-tests. Any self-test failure results in a FIPS error state.
For FIPS 140-2 compliance, use only FIPS-approved cryptographic algorithms in Junos OS in FIPS mode.
The following cryptographic algorithms are supported in FIPS mode. Symmetric methods use the same key for encryption and decryption, while asymmetric methods (preferred) use different keys for encryption and decryption.