HP FIPS 140-2 User Manual

HP StorageWorks Secure Key Manager

(Hardware P/N AJ087B, Version 1.1; Firmware Version:1.1)

FIPS 140-2

Security Policy

Level 2 Validation

Document Version 0.7

December 4, 2008

This document may be freely reproduced in its original entirety.

Security Policy, version 1.0 January 31, 2008

Table of Contents

1 INTRODUCTION...............................................................................................................................................5

1.1 PURPOSE.........................................................................................................................................................5

1.2 REFERENCES...................................................................................................................................................5

2 HP STORAGEWORKS SECURE KEY MANAGER.....................................................................................6

2.1 OVERVIEW......................................................................................................................................................6

2.2 CRYPTOGRAPHIC MODULE SPECIFICATION....................................................................................................6

2.3 MODULE INTERFACES ....................................................................................................................................8

2.4 ROLES, SERVICES, AND AUTHENTICATION ...................................................................................................11

2.4.1 Crypto Officer Role..............................................................................................................................11

2.4.2 User Role.............................................................................................................................................12

2.4.3 HP User Role.......................................................................................................................................13

2.4.4 Cluster Member Role...........................................................................................................................14

2.4.5 Authentication......................................................................................................................................14

2.4.6 Unauthenticated Services ....................................................................................................................15

2.5 PHYSICAL SECURITY ....................................................................................................................................15

2.6 OPERATIONAL ENVIRONMENT......................................................................................................................15

2.7 CRYPTOGRAPHIC KEY MANAGEMENT..........................................................................................................15

2.7.1 Keys and CSPs.....................................................................................................................................15

2.7.2 Key Generation....................................................................................................................................19

2.7.3 Key/CSP Zeroization............................................................................................................................19

2.8 SELF-TESTS ..................................................................................................................................................19

2.9 MITIGATION OF OTHER ATTACKS.................................................................................................................20

3 SECURE OPERATION....................................................................................................................................21

3.1 INITIAL SETUP ..............................................................................................................................................21

3.2 INITIALIZATION AND CONFIGURATION .........................................................................................................21

3.2.1 First-Time Initialization.......................................................................................................................21

3.2.2 FIPS Mode Configuration ...................................................................................................................21

3.3 PHYSICAL SECURITY ASSURANCE ................................................................................................................22

3.4 KEY AND CSP ZEROIZATION ........................................................................................................................24

3.5 ERROR STATE...............................................................................................................................................24

ACRONYMS..............................................................................................................................................................25

HP StorageWorks Secure Key Manager

This document may be freely reproduced in its original entirety.

Page 2 of 26

Security Policy, version 1.0 January 31, 2008

Table of Figures

FIGURE 1 – DEPLOYMENT ARCHITECTURE OF THE HP STORAGEWORKS SECURE KEY MANAGER ................................6

FIGURE 2 – BLOCK DIAGRAM OF SKM...........................................................................................................................7

FIGURE 3 – FRONT PANEL LEDS....................................................................................................................................9

FIGURE 4 – REAR PANEL COMPONENTS .......................................................................................................................10

FIGURE 5 – REAR PANEL LEDS.................................................................................................................................... 10

FIGURE 6 – FIPS COMPLIANCE IN CLI .........................................................................................................................22

FIGURE 7 – FIPS COMPLIANCE IN WEB ADMINISTRATION INTERFACE.........................................................................22

FIGURE 8 – TAMPER-EVIDENCE LABELS ......................................................................................................................23

FIGURE 9 – TAMPER-EVIDENCE LABEL S OVER POWER SUPPLIES.................................................................................23

HP StorageWorks Secure Key Manager

This document may be freely reproduced in its original entirety.

Page 3 of 26

Security Policy, version 1.0 January 31, 2008

Table of Tables

TABLE 1 – SECURITY LEVEL PER FIPS 140-2 SECTION...................................................................................................6

TABLE 2 – LOGICAL INTERFACE AND PHYSICAL PORTS MAPPING..................................................................................8

TABLE 3 – FRONT PANEL LED DEFINITIONS ..................................................................................................................9

TABLE 4 – REAR PANEL COMPONENTS DESCRIPTIONS.................................................................................................10

TABLE 5 – REAR PANEL LED DEFINITIONS..................................................................................................................11

TABLE 6 – CRYPTO OFFICER SERVICES ........................................................................................................................11

TABLE 7 – USER SERVICES...........................................................................................................................................13

TABLE 8 – HP USER SERVICES .....................................................................................................................................13

TABLE 9 – CLUSTER MEMBER SERVICES......................................................................................................................14

TABLE 10 – ROLES AND AUTHENTICATIONS ................................................................................................................14

TABLE 11 – LIST OF CRYPTOGRAPHIC KEYS, CRYPTOGRAPHIC KEY COMPONENTS, AND CSPS FOR SSH....................15

TABLE 12 – LIST OF CRYPTOGRAPHIC KEYS, CRYPTOGRAPHIC KEY COMPONENTS, AND CSPS FOR TLS....................16

TABLE 13 – CIPHER SUITES SUPPORTED BY THE MODULE’S TLS IMPLEMENTATION IN FIPS MODE ...........................17

TABLE 14 – OTHER CRYPTOGRAPHIC KEYS, CRYPTOGRAPHIC KEY COMPONENTS, AND CSPS ...................................17

TABLE 15 – ACRONYMS ...............................................................................................................................................25

HP StorageWorks Secure Key Manager

This document may be freely reproduced in its original entirety.

Page 4 of 26

Security Policy, version 1.0 January 31, 2008

1 Introduction

1.1 Purpose

This document is a non-proprietary Cryptographic Module Security Policy for the HP StorageW orks Secure Key Manager (SKM) from Hewlett-Packard Company. Federal Information Processing Standards (FIPS) 140-2, Security Requirements for Cryptographic Modules, specifies the U.S. and Canadian Governments’ requirements for cryptographic modules. The following pages describe how HP’s SKM meets these requirements and how to use the SKM in a mode of operation compliant with FIPS 140-2. This policy was prepared as part of the Level 2 FIPS 140-2 validation of the HP StorageWorks Secure Key Manager.

More information about FIPS 140-2 and the Cryptographic Module Validation Program (CMVP) is available at the website of the National Institute of Standards and Technology (NIST):

http://csrc.nist.gov/groups/STM/cmvp/index.html

In this document, the HP StorageWorks Secure Key Manager is referred to as the SKM, the module, or the device.

1.2 References

This document deals only with the operations and capabilities of the module in the techn ical terms of a FIPS 140-2 cryptographic module security policy. More information is available on the module from the following sources:

• The HP website (http://www.hp.com

) contains information on the full line of products from HP.

• The CMVP website (http://csrc.nist.gov/groups/STM/cmvp/index.html

answers to technical or sales-related questions for the module.

) contains contact information for

HP StorageWorks Secure Key Manager

This document may be freely reproduced in its original entirety.

Page 5 of 26

Security Policy, version 1.0 January 31, 2008

2 HP StorageWorks Secure Key Manager

2.1 Overview

HP provides a range of security products for banking, the Internet, and enterprise security applications. These products use encryption technology—often embedded in hardware—to safeguard sensitive data, such as financial transactions over private and public networks and to offload security processing from the server.

The HP StorageWorks Secure Key Manager is a hardened serv er that provides secur ity policy and key management services to encrypting client devices and applications. After enrollment, clients, such as storage systems, application servers and databases, make requests to the SKM for creation and management of cryptographic keys and related metadata.

Client applications can access the SKM via its Key Management Service (KMS) server. Configuration and management can be performed via web administration, Secure Shell (SSH), or serial console. Status-monitoring interfaces include a dedicated FIPS status interface, a health check interface, and Simple Network Management Protocol (SNMP).

The deployment architecture of the HP StorageWorks Secure Key Manager is shown in Figure 1 below.

Web Server Application Server Database Storage System

HP StorageWorks Secure Key Manager

Figure 1 – Deployment Architecture of the HP StorageWorks Secure Key Manager

2.2 Cryptographic Module Specification

The HP StorageWorks Secure Key Manager is validated at FIPS 140-2 section levels shown in Table 1 – Security Level per FIPS 140-2 Section.

Table 1 – Security Level per FIPS 140-2 Section

Section Section Title Level

1 Cryptographic Module Specification 3 2 Cryptographic Module Ports and Interfaces 2 3 Roles, Services, and Authentication 3 4 Finite State Model 2 5 Physical Security 2 6 Operational Environment N/A 7 Cryptographic Key Management 2 8 EMI/EMC 2 9 Self-Tests 2

HP StorageWorks Secure Key Manager

This document may be freely reproduced in its original entirety.

Page 6 of 26

Security Policy, version 1.0 January 31, 2008

Section Section Title Level

10 Design Assurance 2 11 Mitigation of Other Attacks N/A

The block diagram of the module is given in Figure 2 – Block Diagram of SKM. The cryptographic boundary is clearly shown in the figure.

Figure 2 – Block Diagram of SKM

In the FIPS mode of operation, the module implements the following Approved algorithms:

• Advanced Encryption Standard (AES) encryption and decryption: 128, 192, and 256 bits, in Electronic

Codebook (ECB) and Cipher Block Chaining (CBC) modes (certificate # 653)

• Triple Data Encryption Standard (3DES) encryption and decryption: 112 and 168 bits, in ECB and CBC

modes (certificate # 604)

• Secure Hash Algorithm (SHA)-1, SHA-256, SHA- 38 4, SH A-512 (certificate # 847)

• Keyed-Hash Message Authentication Code (HMAC) SHA-1 and HMAC SHA-256 (certificate # 470)

• Rivest, Shamir, and Adleman (RSA) American National Standard Institute (ANSI) X9.31 key generation,

signature generation, and signature verification: 1024 and 2048 bits (certificate # 302)

HP StorageWorks Secure Key Manager

This document may be freely reproduced in its original entirety.

Page 7 of 26

Security Policy, version 1.0 January 31, 2008

• Digital Signature Algorithm (DSA) PQG generation, key generation, signature generation, and signature

verification: 1024 bits (certificate # 244)

• ANSI X9.31 Appendix A.2.4 with 2-key 3DES Deterministic Random Number Generator (DRNG)

(certificate # 375)

• Diffie-Hellman key agreement (SP 800-56A, vendor affirmed; key establish ment methodology provides 80

bits of encryption strength)

In the FIPS mode of operation, the module implements the following non-approved algorithms:

• A non-approved Random Number Generator (RNG) to seed the ANSI X9.31 DRNG

• The following commercially-available protocols for key establishment:

o Transport Layer Security (TLS) 1.0/ Secure Socket Layer (SSL) 3.1 protocol using RSA 1024 and

2048 bits for key transport. Caveat: The RSA 1024- and 2048-bit key wrapping and key establishment provide 80 and 112 bits of encryption strength, respectively.

In the non-FIPS mode of operation, the module also implements DES, MD5, RC4, and 512- and 768-bit RSA for signature generation and verification, and key establishment.

2.3 Module Interfaces

FIPS 140-2 defines four logical interfaces:

• Data Input

• Data Output

• Control Input

• Status Output

The module features the following physical ports and LEDs:

• Serial port (RS232 DB9)

• Ethernet 10/100/1000 RJ-45 ports (Network Interface Card [NIC], quantity: 2)

• Mouse port (PS/2)

• Keyboard port (PS/2)

• Monitor port (VGA DB15)

• Power input (115VAC)

• LEDs (six on the front panel and seven on the rear panel)

The logical interfaces and their physical port mappings are described in Table 2 – Logical Interface and Physical Ports Mapping.

Table 2 – Logical Interface and Physical Ports Mapping

Logical Interface Physical Ports

Data Input Keyboard, serial, Ethernet Data Output Monitor, serial, Ethernet Control Input Keyboard, mouse, serial, Ethernet Status Output Monitor, serial, Ethernet, LEDs

There are no buttons or ports on the front panel. There are six LEDs on the front panel. See Figure 3 – Front Panel LEDs.

HP StorageWorks Secure Key Manager

This document may be freely reproduced in its original entirety.

Page 8 of 26

+ 18 hidden pages