Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Critical Security Parameters in FIPS Mode

Critical Security Parameters

Critical security parameters (CSPs) are vital pieces of information or data for the security of cryptographic systems. CSPs include any information that requires protection to ensure the confidentiality, integrity, and authenticity of cryptographic operations.

Disclosing or modifying the CSPs can compromise the security of the cryptographic module and the information that protects.

Zeroization of your device erases all traces of CSPs in preparation for operating the device or Routing Engine as a cryptographic module.

Table 1 lists and describes the CSPs on your device.

Table 1: Critical Security Parameters

CSP

Description

Zeroize

Use

SSHv2 private host key

An ECDSA or RSA key used to identify the host, generated the first time SSH is configured.

Zeroize command

Identifies the host

SSHv2 session keys

Session keys used with SSHv2 and as a Diffie-Hellman private keys.

Encryption: AES-128, AES-256.

MAC: HMAC-SHA-1, HMAC-SHA-2-256, HMAC-SHA2-512.

Key exchange: ECDH-sha2-nistp256, ECDH-sha2-nistp384, and ECDH-sha2-nistp521.

Power cycle and session termination

Symmetric key used to encrypt data between host and client.

User authentication key

Hash of the user’s password: SHA256 and SHA512

Zeroize command

Authenticates a user to the cryptographic module.

Security Administrator authentication key

Hash of the Security Administrator’s password: SHA256, SHA512.

Zeroize command

Authenticates the Security Administrator to the cryptographic module.

HMAC DRBG seed

Seed for deterministic random bit generator (DRBG).

Seed is not stored by the cryptographic module

A seed for DRBG.

HMAC DRBG V value

The value (V) of output block length (outlen) in bits, which is updated each time another outlen bits of output is produced.

Power cycle

A critical value of the internal state of DRBG.

HMAC DRBG key value

The current value of the outlen-bit key, which is updated at least once each time that the DRBG mechanism generates pseudorandom bits.

Power cycle

A critical value of the internal state of DRBG.

NDRNG entropy

The NDRNG provides 448 bits of entropy collected per NIST SP 800-90B.

The NDRNG provides 448 bits of entropy collected per NIST SP 800-90B from the Junos kernel software entropy source to seed the DRBG. The entropy is conditioned using a vetted conditioning component (SHA-512) and reseeds the DRBG whenever an additional 448 bits of entropy are collected.

Power cycle

A critical value of the internal state of DRBG.

In FIPS mode, all CSPs must enter and exit the cryptographic module in encrypted form. Any CSP encrypted with a non-approved algorithm is considered plain text by FIPS.

The system hashes the local passwords with the SHA256 or SHA512 algorithm. Password recovery is not possible in FIPS mode, and you cannot boot into single-user mode without the correct root password.