Motorola S2500 User Manual

Motorola Network Router (MNR)

S2500

Security

Policy

Document Version 1.3

Revision Date: 1/13/2009

Copyright © Motorola, Inc. 2009. May be reproduced only in its original entirety [without revision].

MNR S2500 Security Policy
Version 1.3, Revision Date: 1/13/2009

TABLE OF CONTENTS

1. MODULE OVERVIEW .........................................................................................................................................3

2. SECURITY LEVEL................................................................................................................................................4

3. MODES OF OPERATION.....................................................................................................................................4

4. PORTS AND INTERFACES .................................................................................................................................8

5. IDENTIFICATION AND AUTHENTICATION POLICY.................................................................................8

6. ACCESS CONTROL POLICY............................................................................................................................10

AUTHENTICATED SERVICES.....................................................................................................................................10

UNAUTHENTICATED SERVICES:...............................................................................................................................10

ROLES AND SERVICES..............................................................................................................................................11

DEFINITION OF CRITICAL SECURITY PARAMETERS (CSPS)......................................................................................12

DEFINITION OF CSPS MODES OF ACCESS ................................................................................................................13

7. OPERATIONAL ENVIRONMENT....................................................................................................................15

8. SECURITY RULES..............................................................................................................................................15

9. CRYPTO OFFICER GUIDANCE.......................................................................................................................16

10. PHYSICAL SECURITY POLICY ....................................................................................................................17

PHYSICAL SECURITY MECHANISMS.........................................................................................................................17

11. MITIGATION OF OTHER ATTACKS POLICY...........................................................................................17

12. DEFINITIONS AND ACRONYMS...................................................................................................................17

Page 2

MNR S2500 Security Policy
Version 1.3, Revision Date: 1/13/2009

1. Module Overview

The MNR S2500 router, also referred to as the S2500, is a multi-chip standalone cryptographic
module encased in a commercial grade metal case made of cold rolled steel. The module
cryptographic boundary is the routers enclosure which includes all components, including the
encryption module which is a separate part. Figure 1 illustrates the cryptographic boundary of
the MNR S2500 router. In the photo, blank plates cover slots that can hold optional network
interface cards. The FIPS validated firmware versions are XS-15.1.0.75, XS-15.1.0.76, XS-

15.2.0.20, and XS-15.4.0.60.

S2500 Base Unit S2500 Encryption Module Configurations

P/N Tanapa

Number

1 ST2500B CLN1713E B ST2516A CLN8262C C XS-15.1.0.75

2 ST2500B CLN1713E B ST2516A CLN8262C C XS-15.1.0.76

3 ST2500B CLN1713E B ST2516A CLN8262C C XS-15.2.0.20

4 ST2500B CLN1713E B ST2516A CLN8262C C XS-15.4.0.60

Revision P/N Tanapa

Number

Revision

FW Version

Table 1. MNR S2500 Router Version Numbers

Optional Interface Cards

(not included in cryptographic module boundary)

Figure 1 – MNR S2500 Router Cryptographic Module Boundary

Page 3

MNR S2500 Security Policy
Version 1.3, Revision Date: 1/13/2009

2. Security Level

The cryptographic module meets the overall requirements applicable to Level 1 security of
FIPS 140-2.

Security Requirements Section Level

Cryptographic Module Specification 1
Module Ports and Interfaces 1
Roles, Services and Authentication 1
Finite State Model 1
Physical Security 1
Operational Environment N/A
Cryptographic Key Management 1
EMI/EMC 3
Self-Tests 1
Design Assurance 1
Mitigation of Other Attacks N/A

Table 2 – Module Security Level Specification

3. Modes of Operation

Approved mode of operation

In FIPS mode, the cryptographic module supports the following FIPS-Approved algorithms as
follows:

Hardware Implementations

a. Triple-DES– CBC mode (112 or 168 bit) for IPsec and FRF.17 encryption (Cert. #588)
b. AES - CBC mode(128, 192, 256 bit) for IPsec and FRF.17 encryption (Cert. #625)
c. HMAC-SHA-1 for IPsec and FRF.17 authentication (Cert. #342)
d. SHA-1 for message hash (Cert. #693)

Page 4

MNR S2500 Security Policy
Version 1.3, Revision Date: 1/13/2009

Firmware Implementations

a. Triple-DES– CBC mode (112 and 168 bit) for IKE and SSHv2 encryption (Cert. #581)
b. AES - CBC (128, 192, 256 bit), ECB (128), and CFB (128) modes for IKE and SSHv2

encryption (Cert. #611)

c. HMAC-SHA-1 for IKE and SSHv2 authentication (Cert. # 322)
d. SHA-1 for message hash (Cert. # 659)
e. RSA v1.5 1024 bit – for public/private key pair generation and digital signatures (Cert.

#283)

f. DSA 1024 bit – for public/private key pair generation and digital signatures (Cert. #237)
g. ANSI X9.31 Deterministic Random Number Generator (DRNG) (Cert .#349)

The MNR S2500 router supports the commercially available IKE and Diffie-Hellman protocols
for key establishment, IPsec (ESP) and FRF.17 protocols to provide data confidentiality using
FIPS-approved encryption and authentication algorithms and SSHv2 for secure remote access.

Allowed Algorithms

• Diffie-Hellman: (allowed for key agreement per Annex D, key agreement methodology

provides 80 to 112 bits of encryption strength)

• Hardware non-deterministic RNG: Provides seed for approved deterministic RNG

• MD5: for hashing (Provides interoperability within supported protocols)

• HMAC-MD5

Non-FIPS approved algorithms

In a Non FIPS mode of operation, the cryptographic module provides non-FIPS Approved
algorithms as follows:

• DES for encryption/decryption

• Non approved SW RNG

• Diffie-Hellman (Group 1 - 768 bit)

Page 5

MNR S2500 Security Policy
Version 1.3, Revision Date: 1/13/2009

Entering FIPS Mode

To enter FIPS mode, the Crypto Officer must follow the procedure outlined in Table 3 below.
For details on individual router commands, use the online help facility or review the Enterprise
OS Software User Guide, version 15.4 and the Enterprise OS Software Reference Guide, version

15.4.

Step Description

Configure the parameters for the IKE negotiations using the IKEProfile command. For FIPS

1.

mode, only the following values are allowed: Diffie-Hellman Group (Group 2 or Group 5),
Encryption Algorithm (AES or 3DES), Hash Algorithm (SHA), and Authentication Method
(PreSharedKey).

Manually establish via the local console port the pre-shared key (PSK) to be used for the IKE

2.

protocol using:

ADD –CRYPTO FipsPreSharedKey <peer_ID> <pre-shared_key> <pre-shared_key>

The PSK must be at least 80 bits in length with at least 80 bits of entropy.
Configure Ipsec and FRF.17 selector lists using the command

3.

ADD –CRYPTO SelectorLIst

For FIPS mode, the selector list must be configured to encrypt all packets on an encrypted port,
e.g. ADD –CRYPTO SelectorLIst s1 1 Include ANY 0.0.0.0/0 0.0.0.0/0

If Ipsec is used, configure Ipsec transform lists using the ADD –CRYPTO TransformLIst

4.

command. For FIPS mode, only the following values are allowed: Encryption Transform (ESP­3DES, or ESP-AES) and Authentication Transform (ESP-SHA).

If FRF.17 is used, configure FRF.17 transform lists using the ADD –CRYPTO

5.

TransformLIst command. For FIPS mode, only the following values are allowed: Encryption
Transform (FRF-3DES, or FRF-AES) and Authentication Transform (FRF-SHA).

For each port for which encrypted is required, bind a dynamic policy to the ports using

6.

ADD [!<portlist>] –CRYPTO DynamicPOLicy <policy_name> <priority>
<mode> <selctrlist_name> <xfrmlist_name> [<pfs>] [<lifetime>] [<preconnect>]

To be in FIPS mode, the selector list and transform list names must be defined as in previous
steps.

For each port for which encryption is required, enable encryption on that port using

7.

SETDefault [!<portlist>] –CRYPTO CONTrol = Enabled

FIPS-140-2 mode achieved

8.

Table 3 – FIPS Approved mode configuration

To review the cryptographic configuration of the router, use the following command:

Page 6