Motorola Network Router (MNR)
S2500
Security Policy
Document Version 1.3
Revision Date: 1/13/2009
Copyright © Motorola, Inc. 2009. May be reproduced only in its original entirety [without revision].
|
MNR S2500 Security Policy |
|
Version 1.3, Revision Date: 1/13/2009 |
TABLE OF CONTENTS |
|
1. MODULE OVERVIEW ......................................................................................................................................... |
3 |
2. SECURITY LEVEL................................................................................................................................................ |
4 |
3. MODES OF OPERATION..................................................................................................................................... |
4 |
4. PORTS AND INTERFACES ................................................................................................................................. |
8 |
5. IDENTIFICATION AND AUTHENTICATION POLICY................................................................................. |
8 |
6. ACCESS CONTROL POLICY............................................................................................................................ |
10 |
AUTHENTICATED SERVICES..................................................................................................................................... |
10 |
UNAUTHENTICATED SERVICES: ............................................................................................................................... |
10 |
ROLES AND SERVICES.............................................................................................................................................. |
11 |
DEFINITION OF CRITICAL SECURITY PARAMETERS (CSPS)...................................................................................... |
12 |
DEFINITION OF CSPS MODES OF ACCESS ................................................................................................................ |
13 |
7. OPERATIONAL ENVIRONMENT.................................................................................................................... |
15 |
8. SECURITY RULES .............................................................................................................................................. |
15 |
9. CRYPTO OFFICER GUIDANCE....................................................................................................................... |
16 |
10. PHYSICAL SECURITY POLICY .................................................................................................................... |
17 |
PHYSICAL SECURITY MECHANISMS ......................................................................................................................... |
17 |
11. MITIGATION OF OTHER ATTACKS POLICY........................................................................................... |
17 |
12. DEFINITIONS AND ACRONYMS................................................................................................................... |
17 |
Page 2
MNR S2500 Security Policy
Version 1.3, Revision Date: 1/13/2009
1. Module Overview
The MNR S2500 router, also referred to as the S2500, is a multi-chip standalone cryptographic module encased in a commercial grade metal case made of cold rolled steel. The module cryptographic boundary is the routers enclosure which includes all components, including the encryption module which is a separate part. Figure 1 illustrates the cryptographic boundary of the MNR S2500 router. In the photo, blank plates cover slots that can hold optional network interface cards. The FIPS validated firmware versions are XS-15.1.0.75, XS-15.1.0.76, XS15.2.0.20, and XS-15.4.0.60.
Configurations |
S2500 Base Unit |
|
S2500 Encryption Module |
|
FW Version |
||
|
|
|
|
|
|
|
|
|
P/N |
Tanapa |
Revision |
P/N |
Tanapa |
Revision |
|
|
|
Number |
|
|
Number |
|
|
|
|
|
|
|
|
|
|
1 |
ST2500B |
CLN1713E |
B |
ST2516A |
CLN8262C |
C |
XS-15.1.0.75 |
|
|
|
|
|
|
|
|
2 |
ST2500B |
CLN1713E |
B |
ST2516A |
CLN8262C |
C |
XS-15.1.0.76 |
|
|
|
|
|
|
|
|
3 |
ST2500B |
CLN1713E |
B |
ST2516A |
CLN8262C |
C |
XS-15.2.0.20 |
|
|
|
|
|
|
|
|
4 |
ST2500B |
CLN1713E |
B |
ST2516A |
CLN8262C |
C |
XS-15.4.0.60 |
|
|
|
|
|
|
|
|
Table 1. MNR S2500 Router Version Numbers
Optional Interface Cards
(not included in cryptographic module boundary)
Figure 1 – MNR S2500 Router Cryptographic Module Boundary
Page 3
MNR S2500 Security Policy
Version 1.3, Revision Date: 1/13/2009
2. Security Level
The cryptographic module meets the overall requirements applicable to Level 1 security of FIPS 140-2.
Security Requirements Section |
Level |
|
|
Cryptographic Module Specification |
1 |
|
|
Module Ports and Interfaces |
1 |
|
|
Roles, Services and Authentication |
1 |
|
|
Finite State Model |
1 |
|
|
Physical Security |
1 |
|
|
Operational Environment |
N/A |
|
|
Cryptographic Key Management |
1 |
|
|
EMI/EMC |
3 |
|
|
Self-Tests |
1 |
|
|
Design Assurance |
1 |
|
|
Mitigation of Other Attacks |
N/A |
|
|
Table 2 – Module Security Level Specification
3. Modes of Operation
Approved mode of operation
In FIPS mode, the cryptographic module supports the following FIPS-Approved algorithms as follows:
Hardware Implementations
a.Triple-DES– CBC mode (112 or 168 bit) for IPsec and FRF.17 encryption (Cert. #588)
b.AES - CBC mode(128, 192, 256 bit) for IPsec and FRF.17 encryption (Cert. #625)
c.HMAC-SHA-1 for IPsec and FRF.17 authentication (Cert. #342)
d.SHA-1 for message hash (Cert. #693)
Page 4
MNR S2500 Security Policy
Version 1.3, Revision Date: 1/13/2009
Firmware Implementations
a.Triple-DES– CBC mode (112 and 168 bit) for IKE and SSHv2 encryption (Cert. #581)
b.AES - CBC (128, 192, 256 bit), ECB (128), and CFB (128) modes for IKE and SSHv2 encryption (Cert. #611)
c.HMAC-SHA-1 for IKE and SSHv2 authentication (Cert. # 322)
d.SHA-1 for message hash (Cert. # 659)
e.RSA v1.5 1024 bit – for public/private key pair generation and digital signatures (Cert. #283)
f.DSA 1024 bit – for public/private key pair generation and digital signatures (Cert. #237)
g.ANSI X9.31 Deterministic Random Number Generator (DRNG) (Cert .#349)
The MNR S2500 router supports the commercially available IKE and Diffie-Hellman protocols for key establishment, IPsec (ESP) and FRF.17 protocols to provide data confidentiality using FIPS-approved encryption and authentication algorithms and SSHv2 for secure remote access.
Allowed Algorithms
•Diffie-Hellman: (allowed for key agreement per Annex D, key agreement methodology provides 80 to 112 bits of encryption strength)
•Hardware non-deterministic RNG: Provides seed for approved deterministic RNG
•MD5: for hashing (Provides interoperability within supported protocols)
•HMAC-MD5
Non-FIPS approved algorithms
In a Non FIPS mode of operation, the cryptographic module provides non-FIPS Approved algorithms as follows:
•DES for encryption/decryption
•Non approved SW RNG
•Diffie-Hellman (Group 1 - 768 bit)
Page 5
MNR S2500 Security Policy
Version 1.3, Revision Date: 1/13/2009
Entering FIPS Mode
To enter FIPS mode, the Crypto Officer must follow the procedure outlined in Table 3 below. For details on individual router commands, use the online help facility or review the Enterprise OS Software User Guide, version 15.4 and the Enterprise OS Software Reference Guide, version 15.4.
Step |
Description |
|
|
1. |
Configure the parameters for the IKE negotiations using the IKEProfile command. For FIPS |
|
mode, only the following values are allowed: Diffie-Hellman Group (Group 2 or Group 5), |
|
Encryption Algorithm (AES or 3DES), Hash Algorithm (SHA), and Authentication Method |
|
(PreSharedKey). |
|
|
2. |
Manually establish via the local console port the pre-shared key (PSK) to be used for the IKE |
|
protocol using: |
|
ADD –CRYPTO FipsPreSharedKey <peer_ID> <pre-shared_key> <pre-shared_key> |
|
The PSK must be at least 80 bits in length with at least 80 bits of entropy. |
|
|
3. |
Configure Ipsec and FRF.17 selector lists using the command |
|
ADD –CRYPTO SelectorLIst |
|
For FIPS mode, the selector list must be configured to encrypt all packets on an encrypted port, |
|
e.g. ADD –CRYPTO SelectorLIst s1 1 Include ANY 0.0.0.0/0 0.0.0.0/0 |
|
|
4. |
If Ipsec is used, configure Ipsec transform lists using the ADD –CRYPTO TransformLIst |
|
command. For FIPS mode, only the following values are allowed: Encryption Transform (ESP- |
|
3DES, or ESP-AES) and Authentication Transform (ESP-SHA). |
|
|
5. |
If FRF.17 is used, configure FRF.17 transform lists using the ADD –CRYPTO |
|
TransformLIst command. For FIPS mode, only the following values are allowed: Encryption |
|
Transform (FRF-3DES, or FRF-AES) and Authentication Transform (FRF-SHA). |
|
|
6. |
For each port for which encrypted is required, bind a dynamic policy to the ports using |
|
ADD [!<portlist>] –CRYPTO DynamicPOLicy <policy_name> <priority> |
|
<mode> <selctrlist_name> <xfrmlist_name> [<pfs>] [<lifetime>] [<preconnect>] |
|
To be in FIPS mode, the selector list and transform list names must be defined as in previous |
|
steps. |
|
|
7. |
For each port for which encryption is required, enable encryption on that port using |
|
SETDefault [!<portlist>] –CRYPTO CONTrol = Enabled |
|
|
8. |
FIPS-140-2 mode achieved |
|
|
|
Table 3 – FIPS Approved mode configuration |
To review the cryptographic configuration of the router, use the following command:
Page 6