Motorola S2500 用户手册
MNR S2500 Security Policy
Version 1.3, Revision Date: 1/13/2009
Page
4
2. Security Level
The cryptographic module meets the overall requirements applicable to Level 1 security of
FIPS 140-2.
FIPS 140-2.
Security Requirements Section
Level
Cryptographic Module Specification
1
Module Ports and Interfaces
1
Roles, Services and Authentication
1
Finite State Model
1
Physical Security
1
Operational Environment
N/A
Cryptographic Key Management
1
EMI/EMC 3
Self-Tests 1
Design Assurance
1
Mitigation of Other Attacks
N/A
Table 2 – Module Security Level Specification
3. Modes of Operation
Approved mode of operation
In FIPS mode, the cryptographic module supports the following FIPS-Approved algorithms as
follows:
follows:
Hardware Implementations
a. Triple-DES– CBC mode (112 or 168 bit) for IPsec and FRF.17 encryption (Cert. #588)
b. AES - CBC mode(128, 192, 256 bit) for IPsec and FRF.17 encryption (Cert. #625)
c. HMAC-SHA-1 for IPsec and FRF.17 authentication (Cert. #342)
d. SHA-1 for message hash (Cert. #693)