Understanding FIPS Mode of Operation Terminology and Supported Cryptographic Algorithms
Use the definitions of FIPS terms and supported algorithms to help you understand Junos OS in FIPS mode of operation.
Supported Cryptographic Algorithms
Each implementation of an algorithm is checked by a series of known answer test (KAT) self-tests. Any self-test failure results in a FIPS error state.
For FIPS 140-2 compliance, use only FIPS-approved cryptographic algorithms in Junos OS in FIPS mode of operation.
The following cryptographic algorithms are supported in FIPS mode of operation. Symmetric methods use the same key for encryption and decryption, while asymmetric methods (preferred) use different keys for encryption and decryption.
Disallowed Algorithms and Protocols
The non-approved algorithms and protocols are disabled when the module is operated in an approved mode of operation. The non-approved algorithms and protocols are listed below:
DSA (SigGen, SigVer; non-compliant)