ON THIS PAGE
Overview of FIPS Terminology and Supported Cryptographic Algorithms
Use the definitions of FIPS terms, and supported algorithms to help you understand Junos OS in FIPS mode.
Terminology
Critical security parameter (CSP) | Security-related information—for example, secret and private cryptographic keys and authentication data such as passwords and personal identification numbers (PINs)—whose disclosure or modification can compromise the security of a cryptographic module or the information it protects. For details, see Overview of the Operational Environment for Junos OS in FIPS Mode. |
Cryptographic module | The set of hardware, software, and firmware that implements approved security functions (including cryptographic algorithms and key generation) and is contained within the cryptographic boundary. |
Security Administrator |
Person with appropriate permissions who is responsible for securely enabling, configuring, monitoring, and maintaining Junos OS in FIPS mode of operation on a device. For details, see Overview of Junos OS in FIPS Mode. |
FIPS | Federal Information Processing Standards. FIPS 140-3 specifies requirements for security and cryptographic modules. Junos OS in FIPS mode complies with FIPS 140-3 Level 1. |
FIPS maintenance role | The role the Crypto Officer assumes to perform physical maintenance or logical maintenance services such as hardware or software diagnostics. For FIPS 140-3 compliance, the Crypto Officer zeroizes the Routing Engine on entry to and exit from the FIPS maintenance role to erase all plain-text secret and private keys and unprotected CSPs. Note:
The FIPS maintenance role is not supported on Junos OS in FIPS mode. |
Hashing | A message authentication method that applies a cryptographic technique iteratively to a message of arbitrary length and produces a hash message digest or signature of fixed length that is appended to the message when sent. |
KATs | Known answer tests. System self-tests that validate the output of cryptographic algorithms approved for FIPS and test the integrity of some Junos OS modules. For details, see FIPS Self-Tests Overview. |
NDcPPv2.2e | Collaborative Protection Profile for Network Devices. |
SSH | A protocol that uses strong authentication and encryption for remote access across a non-secure
network. SSH provides remote login, remote program execution, file copy, and other
functions. It is intended as a secure replacement for |
Zeroization | Erasure of all CSPs and other user-created data on a device before its operation as a FIPS cryptographic module—or in preparation for repurposing the devices for non-FIPS operation. The Crypto Officer can zeroize the system with a CLI operational command. |
Supported Cryptographic Algorithms
Table 1 summarizes the high level protocol algorithm support.
Protocol |
Key Exchange |
Authentication |
Cipher |
Integrity |
---|---|---|---|---|
SSHv2 |
|
Host (module):
Client (user):
|
|
|
The following cryptographic algorithms are supported in FIPS mode. Symmetric methods use the same key for encryption and decryption, while asymmetric methods use different keys for encryption and decryption.
AES | The Advanced Encryption Standard (AES), defined in FIPS PUB 197. The AES algorithm uses keys of 128 or 256 bits to encrypt and decrypt data in blocks of 128 bits. |
ECDH | Elliptic Curve Diffie-Hellman. A variant of the Diffie-Hellman key exchange algorithm that uses cryptography based on the algebraic structure of elliptic curves over finite fields. ECDH allows two parties, each having an elliptic curve public-private key pair, to establish a shared secret over an insecure channel. The shared secret can be used either as a key or to derive another key for encrypting subsequent communications using a symmetric key cipher. |
ECDSA | Elliptic Curve Digital Signature Algorithm. A variant of the Digital Signature Algorithm (DSA) that uses cryptography based on the algebraic structure of elliptic curves over finite fields. The bit size of the elliptic curve determines the difficulty of decrypting the key. The public key believed to be needed for ECDSA is about twice the size of the security level, in bits. ECDSA using the P-256, P-384, and P-521 curves can be configured under OpenSSH. |
HMAC | Defined as “Keyed-Hashing for Message Authentication” in RFC 2104, HMAC combines hashing algorithms with cryptographic keys for message authentication. For Junos OS in FIPS mode, HMAC uses the iterated cryptographic hash functions SHA-1, SHA-256, and SHA-512 along with a secret key. |
SHA-256 and SHA-512 | Secure hash algorithms (SHA) belonging to the SHA-2 standard defined in FIPS PUB 180-2. Developed by NIST, SHA-256 produces a 256-bit hash digest, and SHA-512 produces a 512-bit hash digest. |