FIPS 1402 Level 3 NonProprietary Security Policy NITROXIII CNN35XXNFBE HSM Family Document number: CNN35xxNFBESPDL3 Document Version: Version 1.1 Revision Date: 11242015 © Copyright 2015 Cavium Inc. ALL RIGHTS RESERVED This document may be reproduced only in its original entirety [without revision]. NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy Revision History Revision Date Author Description of Change 1.0 08/26/2015 Phanikumar Initial CMVP Submission Kancharla 1.1 11/24/2015 Phanikumar Addressed CMVP comments Kancharla Cavium Inc. 2 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy Table of Contents 1 Module Overview ................................................................................................................................. 6 2 Security Level ....................................................................................................................................... 9 3 Modes of Operation ........................................................................................................................... 10 3.1 FIPS Approved Mode of Operation ................................................................................................................ 0 1 3.2 NonFIPS Mode of Operation ........................................................................................................................ 0 . 1 3.3 Partitions ....................................................................................................................................................... 0 1 3.3.1 HSM Master Partition .......................................................................................................................... 0 1 3.3.2 HSM Partition ...................................................................................................................................... 1 . 1 4 Supported Cryptographic Algorithms ................................................................................................ 12 4.1 Approved and Allowed Algorithms ................................................................................................................ 2 1 4.2 NonApproved, NonAllowed Algorithms ...................................................................................................... 3 1 4.3 LED Error Pattern for FIPS failure .................................................................................................................. 4 1 5 Ports and Interfaces ........................................................................................................................... 15 6 Identification and Authentication Policy ............................................................................................ 18 6.1 Assumption of Roles ...................................................................................................................................... 8 1 6.1.1 Manufacturer Role ............................................................................................................................... 8 1 6.1.2 Master Partition Roles ......................................................................................................................... 8 1 6.1.3 NonMaster Partition Roles ................................................................................................................. 8 1 6.1.4 Appliance User ..................................................................................................................................... 8 1 6.2 Strength of Authentication ............................................................................................................................ 9 1 6.3 Roles, Services, and CSP Access ..................................................................................................................... 0 2 7 Keys and Certificates .......................................................................................................................... 28 7.1 Definition of Critical Security Parameters (CSPs) ........................................................................................... 8 2 7.2 Definition of Public Keys ................................................................................................................................ 9 2 7.3 Definition of Session Key ............................................................................................................................... 9 2 8 Operational Environment ................................................................................................................... 31 9 Security Rules ..................................................................................................................................... 31 10 Physical Security Policy ...................................................................................................................... 32 10.1 Physical Security Mechanisms .................................................................................................................. 2 3 11 Mitigation of Other Attacks Policy ..................................................................................................... 32 12 References .......................................................................................................................................... 32 13 Definitions and Acronyms .................................................................................................................. 33 14 Appendix A: Supported ECC curves for SigVerify .............................................................................. 33 15 Appendix B: Supported ECC curves for KeyGen and SigGen ........................................................... 33 Cavium Inc. 3 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy List of Tables Table 1 ­ LED Description ............................................................................................................................. 7 Table 2 ­ Hardware Part Numbers................................................................................................................ 7 Table 3 ­ Module Security Level Specification.............................................................................................. 9 Table 4 ­ FIPS Approved Algorithms Used in the Module .......................................................................... 12 Table 5 ­ FIPS Allowed Algorithms Used in the Module ............................................................................. 13 Table 6 ­ NonApproved, NonAllowed Algorithms Used in the Module .................................................. 13 . Table 7 ­ LED Flash Pattern for Errors ........................................................................................................ 14 Table 8 ­ Cavium HSM Ports and Interfaces ............................................................................................... 17 Table 9 ­ Roles and Required Identification and Authentication ............................................................... 19 Table 10 ­ Strength of Authentication Mechanism .................................................................................... 19 Table 11 ­ Roles, Services and CSPs ............................................................................................................ 20 Table 12 ­ Private Keys and CSPs ................................................................................................................ 28 Table 13 ­ Public Keys ................................................................................................................................. 29 Cavium Inc. 4 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy List of Figures Figure 1 ­ Top View of Cryptographic Module ............................................................................................. 6 Figure 2 ­ Block Diagram .............................................................................................................................. 8 Cavium Inc. 5 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy 1 Module Overview The Cavium Inc. NITROXIII CNN35XXNFBE HSM Family (hereafter referred to as the module or HSM) is a high performance purpose built security solution for crypto acceleration. The module provides a FIPS 140 2 overall Level 3 security solution. The module is deployed in a PCIe slot to provide crypto and TLS 1.0/1.1/1.2 acceleration in a secure manner to the system host. It is typically deployed in a server or an appliance to provide crypto offload. The module's functions are accessed over the PCIe interface via an API defined by the module. The module is a hardware/firmware multichip embedded cryptographic module. The module provides cryptographic primitives to accelerate approved and allowed algorithms for TLS 1.0/1.1/1.2 and SSH. The cryptographic functionality includes modular exponentiation, random number generation, and hash processing, along with protocol specific complex instructions to support TLS 1.0/1.1/1.2 security protocols using the embedded NITROXIII chip. The module implements password based single factor authentication at FIPS 1402 Level 3 security. The physical boundary of the module is the outer perimeter of the card itself. Figure 1 ­ Top View of Cryptographic Module Cavium Inc. 6 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy Table 1 ­ LED Description LED Location LED Description D6 ­ Red Power Fail indication D6 ­ Green Power OK ­ All voltages rails are at nominal D13 ­ Red See Table 7 D13 ­ Green See Table 7 D10 ­Multicolor See Table 7 D12 Multicolor See Table 7 D14 Multicolor See Table 7 The configuration of hardware and firmware for this validation is: Table 2 ­ Hardware Part Numbers Part Number LiquidSecurity Cores Enabled Key Store Size Max Partitions Appliance CNL3560PNFBEG Yes 64 100K 64 CNL3560NFBEG Yes 64 100K 32 CNL3530NFBEG Yes 32 25K 24 CNL3510NFBEG Yes 24 10K 24 CNL3510PNFBEG Yes 32 50K 32 CNN3560PNFBEG No 64 100K 64 CNN3560NFBEG No 64 50K 32 CNN3530NFBEG No 32 25K 24 CNN3510NFBEG No 16 25K 16 CNN3510NFBEG Firmware: CNN35XXNFBEFW1.0 build 35 The module supports different performance options as listed above in the hardware identifier. The physical hardware and firmware are identical across all options. The underlying hardware has multiple identical cryptographic engines which are enabled or disabled using an option parameter set at manufacturing time. Also Manufacturer can configure the HSM adapter to work only with Cavium's LiquidSecurity HSM appliances, these parts are identified with CNL prefix. CNN cards can work with non Cavium appliances. The major blocks of the module are: General purpose MIPS based control processor, crypto processors, RAM memory, NOR and eMMC flash for persistent storage, USB interfaces, and PCIe gen2 x8 interfaces. Cavium Inc. 7 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy Figure 2 ­ Block Diagram Cavium Inc. 8 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy 2 Security Level The cryptographic module meets the overall requirements applicable to Level 3 security of FIPS 1402. Table 3 ­ Module Security Level Specification Security Requirements Section Level Cryptographic Module Specification 3 Module Ports and Interfaces 3 Roles, Services and Authentication 3 Finite State Model 3 Physical Security 3 Operational Environment N/A Cryptographic Key Management 3 EMI/EMC 3 Power on SelfTests 3 Design Assurance 3 Mitigation of Other Attacks N/A Cavium Inc. 9 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy 3 Modes of Operation The module supports the following modes of operation: 1) NonFIPS mode of operation 2) FIPS Approved Level 3 mode of operation The module is initialized into one of the modes specified above during the module initialization period. The value of the parameter fipsState passed into the call specifies the mode. The following are the allowed values for fipsState parameters: 0 NonFIPS mode 2 FIPS Approved mode with single factor authentication mechanism 3 FIPS Approved mode with certificate based dual factor authentication mechanism The indicator of Approved mode is obtained by using the Get Status service. The fipsState field of Get Status service indicates the mode. 3.1 FIPS Approved Mode of Operation The module provides a FIPS Approved mode of operation, comprising all services described in Section 6.3 below. In this mode, the module allows only FIPS Approved or allowed algorithms. Request for any non Approved/allowed algorithm is rejected. 3.2 NonFIPS Mode of Operation The Module supports a NonFIPS mode implementing the nonFIPS Approved algorithms listed in Table 6. 3.3 Partitions N3FIPS adapter is a sriov enabled intelligent PCIe adapter with 1 physical function and 128 virtual functions. In addition to the crypto offloads, this adapter can provide secure key storage with up to 64 partitions, including master partition. Each partition will have its own users to manage the partition and own configuration policies and hence each partition can be treated as a virtual HSM. HSM always has one default partition called HSM Master partition and this contains configuration of the complete HSM and default configuration of any additional partitions that are created. Only one HSM partition can be assigned to one sriov virtual function of HSM adapter and viceversa. Keys belonging to one partition are not accessible from other partition, this is achieved through a secure binding between partition and the PCIe virtual function. 3.3.1 HSM Master Partition This is the default partition with only one user, called the Master Crypto Officer (MCO). This partition represents the operating state of the whole HSM adapter. I.e. initialization of HSM is nothing but initializing this partition with required configuration and MCO credentials. Zeroizing this partition will erase all HSM partitions in the adapter. The HSM has to be initialized and the MCO should already be logged in to create more partitions on the adapter. The MCO can backup and restore complete partition including user data, partition configuration and user keys. All the backup data is encrypted with Backup keys. Cavium Inc. 10 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy 3.3.2 HSM Partition Each partition will have a different set of users to manage it and a dedicated key storage and crypto resources associated. A partition will have a default configuration supplied by the master partition and can be changed (within limits) during the partition initialization. When a partition is created by the MCO, it will be in zeroized state and has to be initialized to do any keystore management or crypto function offloads. Partition initialization will create the Partition Crypto Officer (PCO). The PCO can later create up to 6 Partition Crypto Users (PCUs) on demand. Each user will have a unique user name to identify the users. The User has to login to the partition/vHSM to issue any authorized commands. Users are authenticated using passwords submitted during the user creation. Cavium Inc. 11 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy 4 Supported Cryptographic Algorithms This section provides the list of supported cryptographic algorithms segregated based on the operating mode. 4.1 Approved and Allowed Algorithms The cryptographic module supports the following FIPS Approved algorithms. Table 4 ­ FIPS Approved Algorithms Used in the Module FIPS Approved Algorithm Usage Certificate AES: Data encryption and decryption 2033 - ECB mode: Encrypt/Decrypt; 128, 192 and 256bit - CTR mode: 128, 192 and 256bit AES: Data encryption and decryption 2034 - ECB mode: Encrypt/Decrypt; 128, 192 and 256bit - CBC mode: Encrypt/Decrypt; 128, 192 and 256bit AES: Data encryption and decryption 2035 - GCM: Encrypt/Decrypt; 128, 192 and 256bit TripleDES: Data encryption and decryption 1311 - TECB mode; 3key - TCBC mode; 3key SHA: 1, 224, 256, 384 and 512 Data hashing 1780 HMAC: SHA1, 224, 256, 384 and 512 MAC generation 1233 AES: DRBG and Keywrap 3205 - ECB mode: Encrypt/Decrypt; 128, 192 and 256bit - CTR mode: 256bit SHA: 1, 224, 256, 384, and 512 Signature generation, 2652 verification, HMAC. SHA1 in only verify. HMACSHA1,224, 256, 384, 512 MAC generation and KAS 2019 SP 80090A DRBG: AESCTR 256bit Key generation 680 SP 80056A ECC KAS: P521, SHA512, and HMAC Shared key generation 53 (KAS) TLSKDF TLS handshake 167 (CVL) SP 800108 HMACSHA256 KDF KBK generation 65 (KBKDF) SP 80038F AES Key Wrap, AES 256bit Key backup/restore 3206 (AES) RSA: Key generation, Sign, Verify 1634 - KeyGen: 2048 and 3072bit - PKCS #1 1.5 SigGen: 2048 and 3072bit (SHA224, 256, 384, 512) - PKCS #1 1.5 SigVer: 1024, 2048 and 3072bit (SHA1, 224, 256, 384, 512) Cavium Inc. 12 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy FIPS Approved Algorithm Usage Certificate DSA: Key generation, Sign, Verify 916 - PQG Gen: 2048 and 3072bit (SHA256) - PQG Ver: 1024bit (SHA1); 2048 and 3072bit (SHA256) - Key Gen: 2048 and 3072bit - Sig Gen: 2048bit (SHA224, 256, 384, 512) - SigVer: 1024, 2048 and 3072bit (SHA1, 224, 256, 384, 512) ECDSA: Key generation, Sign and Verify 589 - PKG: P224, P256, P384, P521, K233, K283, K409, K 571, B233, B283, B409, and B571 - PKV: All P, K and B curves - Sig Gen: P224, P256, P384, P521, K233, K283, K409, K571, B233, B283, B409, and B571 (SHA224, 256, 384, 512) - SigVer: All P, K and B curves (SHA1, 224, 256, 384, 512) SP 80056A ECC CDH: P224 and P256 with SHA256, P384 ECDH compute and SSL suite B 563 (CVL) and P521 with SHA512 key exchange SP 80056B RSA/IFP based KAS using 2048bit key size Key agreement N/A: Vendor affirmed The cryptographic module supports the following nonFIPS Approved algorithms which are allowed for use in FIPS mode. Table 5 ­ FIPS Allowed Algorithms Used in the Module Algorithm Usage Hardware RNG (NDRNG) Seed, seed key generation RSA PKCS#1 of modulus size 2048 and 3072 bits (key wrapping; key establishment CSP Encrypt/Decrypt methodology provides 112 or 128 bits of encryption strength) MD5 Hashing within TLS The support of TLS 1.0/1.1/1.2 protocol by the module is restricted to the TLS Key Derivation Function and the crypto operation. This functionality of the module is used by the user of the module as part of TLS protocol negotiation. The TLS protocol has not been reviewed or tested by the CAVP or CMVP. 4.2 NonApproved, NonAllowed Algorithms The cryptographic module supports the following nonApproved algorithms available only in nonFIPS mode. Table 6 ­ NonApproved, NonAllowed Algorithms Used in the Module Algorithm Usage Keys/CSPs RC4 Encryption/Decryption RC4 key of 128 bits PBE Key generation Password Cavium Inc. 13 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy 4.3 LED Error Pattern for FIPS Failure On successful completion of the FIPS tests, the LED remains in the "ON" state. Blinking indicates failures on the HSM. If the LED remains in the permanent glow, the card's state is fine. All blinks are 200ms ON and 200ms OFF. Blink delay time gap is 1000ms. Table 7 ­ LED Flash Pattern for Errors FIPS Test LED Pattern LED No. Color Red Green Blue Blinks N3 AESCBC Encrypt/Decrypt D12 Red Y N N 1 N3 AESECB Encrypt/Decrypt D12 Blue N N Y 1 N3 AESGCM Encrypt/Decrypt D12 Blue N N Y 6 N3 TripleDESCBC Encrypt/Decrypt D12 Red Y N N 2 N3 SHA D12 Red Y N N 3 N3 HMAC D12 Blue N N Y 2 N3 KDF D12 Blue N N Y 7 Octeon AES ECB Encrypt/Decrypt D12 Green N Y N 9 Octeon DRBG D12 Green Y N N 4 Octeon RSA Sign/Verify D12 Red Y N N 4 Octeon/N3 Key Gen D12 Red Y N N 5 Octeon DSA Sign Gen/Verify D12 Red Y N N 7 Octeon PQG Gen/Verify D12 Red Y N N 8 Octeon ECDSA Sig/Verify D12 Green N Y N 7 Octeon ECDSA PKV D12 Green N Y N 6 Octeon SHA D12 Green N Y N 2 Octeon HMAC D12 Green N Y N 3 Octeon KAS D12 Green N Y N 8 Octeon AES Key Wrap D12 Blue N N Y 10 ECDSA pair wise consistency test D12 Blue N N Y 4 RSA pair wise consistency test D12 Blue N N Y 5 DSA pair wise consistency test D12 Green N Y N 1 ECDH Test D12 Red Y N N 10 Octeon KDF D12 Red Y N N 11 Firmware Poweron Tests Nitrox device file creation D14 Red Y N N 1 Nitrox driver load fails D14 Red Y N N 2 Nitrox micro code load fails D14 Red Y N N 3 Nitrox pot test failures D14 Red Y N N 4 Database creation fails D14 Red Y N N 5 Cavium Inc. 14 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy FIPS Test LED Pattern LED No. Color Red Green Blue Blinks Mgmt daemon has not started D14 Red Y N N 6 successfully HW RNG for firmware D12 Blue N N Y 3 Other Firmware States HSM Boot stage 1 D10 Red Y N N No blink HSM Boot stage 2 D10 Red Y N N Blink (definite) HSM Boot stage 3(SEAPP initialized D10 Violet Y N N No blink Linux handshake not done) HSM Linux handshake done, host D10 Violet Y N N Infinite driver handshake not done HSM PF driver handshake complete D10 Blue Y N N Infinite HSM admin driver handshake done D10 Green Y N No blink FS recovery: All fine D13 N N NA Does not flash anything FS recovery: Log partn corrupted D13 Green N Y NA No blink FS recovery: main partn corrupted D13 Red Y N NA No blink FS recovery: more than 1 partn D13 Y Y NA No blink corrupted/recovery fails FS recovery: NAND flash corrupted D13 Y Y NA Blink 4.4 TLS 1.0/1.1/1.2 Cipher Suites The module supports the following cipher suites using FIPS Approved and allowed algorithms and key sizes: TLS_RSA_AES256GCMSHA384 TLS_RSA_AES128GCMSHA256 TLS_RSA_AES256SHA256 TLS_RSA_AES256SHA TLS_RSA_DESCBC3SHA TLS_RSA_AES128SHA256 TLS_RSA_AES128SHA TLS_ECDH_RSA_ AES_128_CBC_SHA256 TLS_ECDH_RSA_ AES_256_CBC_SHA384 TLS_ECDH_RSA_ AES_128_GCM_SHA256 TLS_ECDH_RSA_ AES_256_GCM_SHA384 TLS_ECDH_ECDSA_ AES_128_CBC_SHA256 TLS_ECDH_ECDSA_ AES_256_CBC_SHA384 TLS_ECDH_ECDSA_ AES_128_GCM_SHA256 TLS_ECDH_ECDSA_ AES_256_GCM_SHA384 Cavium Inc. 15 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy TLS_ECDHE_RSA_ AES_128_CBC_SHA256 TLS_ECDHE_RSA_ AES_256_CBC_SHA384 TLS_ECDHE_RSA_ AES_128_GCM_SHA256 TLS_ECDHE_RSA_ AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_ AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_ AES_256_CBC_SHA384 TLS_ECDHE_ECDSA_ AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_ AES_256_GCM_SHA384 For cipher suites using GCM, the IV is generated per RFC 5288. The module supports GCM cipher suites compatible with SP 80052. Cavium Inc. 16 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy 5 Ports and Interfaces The module ports and interfaces are described in the below table. Table 8 ­ Cavium HSM Ports and Interfaces Physical Pins Used FIPS 1402 Name and Description Ports/Interfaces Designation USB Interface USB Interface Power USB Interface USB0_DP, USB0_DM No functionality Not used in FIPS mode in FIPS mode Serial Interface 3 Pin serial interface GND, Tx, Rx N/A Disabled at the hardware level No functionality during the firmware load in FIPS mode process. PCIe Interface PCIE x8 Interface Data Input PCIe Interface Lane 0 Control Input - Primary interface to Transmit Side B (14, 15) communicate with the Data Output Receive Side A (16, 17) module Lane 1 Status Output Power - Provides APIs for the Transmit Side B (19, 20) software on the host to Receive Side A (21, 22) communicate with the Lane 2 module Transmit Side B (23, 24) Receive Side A (25, 26) Lane 3 Transmit Side B (27, 28) Receive Side A (29, 30) Lane 4 Transmit Side B (33, 34) Receive Side A (35, 36) Lane 5 Transmit Side B (37, 38) Receive Side A (39, 40) Lane 6 Transmit Side B (41, 42) Receive Side A (43, 44) Lane 7 Transmit Side B (45, 46) Receive Side A (47, 48) LED LED interface (7 LEDs, 13 pins) Status output Visual status indicator Tamper PIN Tamper pin GPIO Control Input Tamper pin is used to zeroize the card by zeroizing the master key stored in EEPROM Power Connector 6 PIN power connector Power In External power connector. Cavium Inc. 17 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy 6 Identification and Authentication Policy 6.1 Assumption of Roles The Cryptographic Hardware Security Module enforces identitybased authentication. A role is explicitly selected at authentication; the MCO role is associated with the Master Partition and the PCO and PCU roles are associated with user partitions. The module allows one identity per role. 6.1.1 Manufacturer Role During the manufacturing stage, each HSM goes through the following process: An RSA key pair called the HSM FIPS Master Authentication Key (FMAK) is generated on HSM. CSR is requested out of HSM and signed by the Manufacturer Authentication Root Certificate (MARC). The generated certificate is called the HSM FIPS Master Authentication Certificate (FMAC). A 256bit MKBK encrypted with the FMAK public key is loaded into the HSM. Program Performance settings and Appliance Compatibility mode Program Serial Number and Max Operating Temperature The same above steps are followed by the manufacturer once the HSM is moved to manufacturer reset after manufacturer zeroize. 6.1.2 Master Partition Roles Master partition supports only Cryptographic Officer role, referred to as the Master Crypto Officer (MCO). The Username and password are encrypted with an AES 256 bit key. 6.1.3 NonMaster Partition Roles Each NonMaster Partition supports two distinct operator roles, Partition Crypto User (PCU) and Partition Crypto Officer (PCO). The module enforces the separation of roles using identitybased authentication. Reauthentication is required to change roles. Concurrent operators are allowed; however, only one operator is allowed per login session. The Username is used as the identification for identitybased authentication. The username and password encrypted with an AES 256 bit key is passed during the Login service. Each nonmaster partition will have one PCO and one PCU. 6.1.4 Appliance User Authenticated using a username and password which is encrypted with an AES 256 bit key on entry. For audit logs and offloading Appliance secure channel crypto operations. Cavium Inc. 18 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy 6.2 Strength of Authentication Table 9 ­ Roles and Required Identification and Authentication Role Description Authentication Type Authentication Data Manufacturer This role sets the identity, Manufacturer License RSA 2048 bit signature on the serial number, performance certificate based provided data. settings and max operating authentication temperature MCO This role has access to Identitybased operator Case InSensitive Username and administrative services authentication 7 to 32 character encrypted offered by the module or HSM password. PCO This role has access to Identitybased operator Case InSensitive Username and administrative services of the authentication 7 to 32 character encrypted partition password. PCU This role has access to all Identitybased operator Case InSensitive Username and crypto services offered by the authentication 7 to 32 character encrypted partition password. Appliance User This role has access to Identitybased operator Case InSensitive Username and partition audit logs and authentication 7 to 32 character encrypted Appliance secure channel key. password or RSA 2048 bit signature on the provided data. Table 10 ­ Strength of Authentication Mechanism Authentication Mechanism Strength of Mechanism Authentication using password This mode provides a false acceptance rate of 1/78,364,164,096 less than based scheme* 1/1,000,000), determined by the password. Password is minimum 7 characters, alphanumeric so it is (26+10)^7 To exceed 1 in 100,000 probability of a successful random attempt during a 1 minute period, 7350919 (122515 per second) attempts would have to be executed. The module limits the number of Login tries to a user configured value "login_fail_count" during module initialization. This configuration value cannot exceed 20. If the user exceeds the configured value for maximum consecutive failed login attempts then the corresponding user is blocked from login service. A PCO can reset passwords and unblock PCU of his own partition. Authentication using RSA Authentication is performed using SHA256 based RSA 2048bit PKCS#1v1.5 Signatures signatures (provides 112 bits of strength). Corresponding public key is part of FW image. The probability that a random attempt will succeed or a false acceptance will occur is approximately 1/2^112.The fastest the module can process signature verifications is 4,000 per second. Based on this maximum rate, the probability that a random attempt will succeed in a one minute period is approximately 4,000/2^112. *Note: The Module supports dual factor authentication where the first factor is a user name and password as described above and the second factor is a digital signature. Cavium Inc. 19 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy 6.3 Roles, Services, and CSP Access G = Generate: The module generates the CSP. R = Read: The module reads the CSP out of the module. W = Write: The module writes the CSP. The write access is typically performed after a CSP is imported into the module, or the module generates a CSP, or the module overwrites an existing CSP. Z = Zeroize: The module zeroizes the CSP. E = Execute: The module executes or uses the CSP. Table 11 ­ Roles, Services and CSPs Unauthenticated Appliance User Manufacturer Service Description Commands Cryptographic Keys/CSPs MCO PCO PCU X X X X X X HSM Zeroize Zeroize: All nonMfr CN_ZEROIZE G: N/A specific keys/data E: N/A R: N/A W: N/A Z: Partial X X X X X X Partition Zeroize: All non Mfr CN_ZEROIZE G: N/A Zeroize specific keys/data of E: N/A partition R: N/A W: N/A Z: Partial X Vendor/ Zeroize: all data CN_VENDOR_ G: N/A ZEROIZE Manufacture E: N/A Zeroize HSM R: N/A W: N/A Z: All X X X X X X Session Management CN_APP_INITIALIZE G: N/A Management services for open, CN_APP_FINALIZE E: N/A status of sessions. CN_OPEN_SESSION CN_CLOSE_SESSION R: N/A CN_GET_SESSION_ W: N/A NFO Z: N/A X X X X X X Session Management CN_CLOSE_ALL_ G: N/A SESSIONS Management services for closing all E: N/A Close sessions. R: N/A W: N/A Z: N/A Cavium Inc. 20 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy Unauthenticated Appliance User Manufacturer Service Description Commands Cryptographic Keys/CSPs MCO PCO PCU X X Partition Close sessions of all CN_CLOSE_ G: N/A PARTITION_ Application Applications tied to a SESSIONS E: N/A Session Close Partition R: N/A (All) W: N/A Z: N/A X X X X X X Basic HSM Info Obtain basic CN_TOKEN_INFO G: N/A information of the CN_PARTITION_INFO E: N/A HSM. CN_GET_HSM_LABEL CN_ALL_PARTITION_ R: N/A INFO W: N/A Z: N/A X X X Read Firmware Obtain firmware CN_GET_VERSION G: N/A Version String version E: N/A R: N/A W: N/A Z: N/A X X X X X X Login to a Allows login to a CN_LOGIN G: N/A Session session. Public key is E: PswdEncKey used to verify user R: Password and TwoFactor signatures, optionally Authentication Public Key in 2factor W: N/A authentication. Z: N/A X X X X Logout of a Allows logout of a CN_LOGOUT G: N/A Session session E: N/A R: N/A W: N/A Z: N/A X X X X Change User Requires user to be CN_CHANGE_PSWD G: N/A Password logged in. Updates E: PswdEncKey Passwords and Public R: N/A key for 2factor W: new password, new public authentication key Z: Old password X X Manufacturer Manufacturer CN_MASTER_CONFIG G: FMAK, MFDEK Settings Controlled Settings CN_CERT_AUTH_ GET_CERT_REQ E: Manufacturer License run by manufacturer Validation Key CN_CERT_AUTH_ for the first time and STORE_CERT R: CSR of FMAK MCO can do it later. CN_STORE_VENDOR W: MARC, FMAC, MFKBK _PRE_SHARED_ KEY Z: N/A Cavium Inc. 21 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy Unauthenticated Appliance User Manufacturer Service Description Commands Cryptographic Keys/CSPs MCO PCO PCU X Initialize HSM Commands and CN_INIT_TOKEN G: HSM PswdEncKey RSA key services to initialize CN_GEN_PSWD_ pair, PswdEncKey, ENC_KEY the module. E: PswdEncKey, MFDEK CN_CREATE_CO CN_INIT_DONE R: CSR for FMAK CN_CERT_AUTH_ W: Host PswdEncKey Public STORE_CERT Key, AOAC, Password, CN_CERT_AUTH_ TwoFactor Authentication GET_CERT_REQ CN_CERT_AUTH_ Public key, AOTAC STORE_CERT Z: N/A CN_STORE_USER_ PRE_SHARED_ KEY X Secure Boot Commands to CN_CERT_AUTH_ G: N/A GET_CERT identify the hosts are E: MARC to validate HOST_ID CN_CERT_AUTH_ of Cavium RECV_PEER_CER cert, HOST_ID cert to T validate signature on CN_CERT_AUTH_ challenge SECURE_BOOT R: FMAC W: N/A Z: N/A X Firmware Updates adapter with CN_FW_UPDATE_ G: N/A BEGIN Update Cavium signed E: Manufacturer Firmware CN_FW_UPDATE firmware images. Validation Key CN_FW_UPDATE_ Adapter has to be END R: N/A rebooted to use the W: Manufacturer Firmware new firmware. Validation Key, Manufacturer License Validation Key Z: N/A X Other MCO Misc. MCO CN_SLAVE_CONFIG G: N/A Operations Operations CN_INVOKE_FIPS E: N/A R: N/A W: N/A Z: N/A X Partition Commands and CN_CREATE_ G: PAK key pair, FMEK PARTITION Management services to manage E: FMAK CN_DELETE_ partitions PARTITION R: N/A CN_RESIZE_ W: PAC PARTITION CN_GET_PARTITION_ Z: All partition keys COUNT CN_ALL_PARTITION_ INFO Cavium Inc. 22 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy Unauthenticated Appliance User Manufacturer Service Description Commands Cryptographic Keys/CSPs MCO PCO PCU X MCO Backup Allows MCO to take CN_BACKUP_BEGIN G: KBK, User passwords and and Restore back up using KBK CN_BACKUP_CONFIG TwoFactor Authentication derived from pre CN_BACKUP_USERS Public Keys, All user keys loaded MKBK, OKBK. CN_BACKUP_KEY E: MFKBK, OKBK, KBK CN_BACKUP_END MCO uses find key in R: POTAC, All keys NIST AES CN_RESTORE_BEGIN to get the key wrapped with KBK CN_RESTORE_CONFI handles in a partition G W: All keys NIST AES wrapped CN_RESTORE_USERS with KBK, new POTAC CN_RESTORE_KEY verify the owner ship CN_RESTORE_END Z: N/A X PCO Backup PCO uses find key in CN_BACKUP_BEGIN G: User passwords and Two and Restore to get the key CN_CREATE_OBJECT Factor Authentication handles in a partition CN_WRAP_KBK Public Keys, All user keys, (Modes: KBK_WRAP_WIT KBK Wrapping RSA key H_KEK, pair, POKBK KBK_WRAP_WIT E: KLK or KBK Wrap RSA public H_CERT_AUTH_ DERIVED_KEY, key or CertAuthTokenKey, KBK_WRAP_WIT Partition KBK, H_RSA) R: wrapped Partition KBK, CN_BACKUP_CONFIG CN_BACKUP_USERS W: KBK wrap public key, All CN_BACKUP_KEY keys NIST AES wrapped CN_BACKUP_END with KBK CN_RESTORE_BEGIN Z: N/A CN_GENERATE_KEY_ PAIR CN_UNWRAP_KBK (Modes: KBK_WRAP_WIT H_KEK, KBK_WRAP_WIT H_CERT_AUTH_ DERIVED_KEY, KBK_WRAP_WIT H_RSA) CN_RESTORE_CONFI G CN_RESTORE_USERS CN_RESTORE_KEY CN_RESTORE_END X MCO Partition Commands to CN_PARTN_ G: N/A STORAGE_ Data manage Unclassified UPDATE E: N/A Management data storage mainly CN_PARTN_ R: N/A used to maintain STORAGE_GET W: N/A network IP addresses CN_PARTN_ STORAGE_ Z: N/A DELETE Cavium Inc. 23 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy Unauthenticated Appliance User Manufacturer Service Description Commands Cryptographic Keys/CSPs MCO PCO PCU X Partition Commands to CN_INIT_TOKEN G: Partition PswdEncKey key Initialization initialize the partition CN_GEN_PSWD_ pair, PswdEncKey, ENC_KEY and claim ownership E: PswdEncKey, FMAK CN_CREATE_CO of the partition R: CSR for PAK CN_INIT_DONE CN_CERT_AUTH_ W: Host PswdEncKey Public GET_CERT_REQ Key, Password, TwoFactor CN_CERT_AUTH_ Authentication Public key, STORE_CERT CN_STORE_USER_ POAC, POTAC, POKBK PRE_SHARED_ Z: N/A KEY X PCO User Commands to CN_CREATE_USER G: N/A Management manage users in the CN_DELETE_USER E: PswdEncKey to decrypt and partition CN_LIST_USERS store, PMEK to encrypt the CN_GET_LOGIN_ FAILURE_CNT password and store it in database R: N/A W: password and new Public key Z: all session keys X X SecureAuth Commands used for CN_CERT_AUTH_ G: N/A GET_CERT based on mutual E: POTAC to verify peer POAC, CN_CERT_AUTH_ Certificates authentication and GET_SOURCE_ MARC to verify peer PAC key agreement RANDOM and FMAC, peer PAC to between two CN_CERT_AUTH_ verify peer signature, local partitions/entities of VALIDATE_PEER_ PAK to sign responder's CERTS same Partition owner challenge, local PAK to sign CN_CERT_AUTH_ on Cavium HSM. GET_CERT initiator's challenge CN_CERT_AUTH_ R: FMAC, PAC, POAC, VALIDATE_PEER_ CERTS W: Peers FMAC, PAC, POAC, CN_CERT_AUTH_ Z: N/A SOURCE_KEY_ EXCHANGE Cavium Inc. 24 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy Unauthenticated Appliance User Manufacturer Service Description Commands Cryptographic Keys/CSPs MCO PCO PCU X Cloning Cloning: Clone CN_CLONE_SOURCE_ G: Partition's Masking Key, KAS INIT Protocol Masking of a key pair, Z and KAS keying CN_CLONE_SOURCE_ Partition to a STAGE1 material, Partition's different Partition of CN_CLONE_TARGET_ Cloning Private Key the same owner. INIT E: KAS keying material for CN_CLONE_TARGET_ masking key encryption STAGE1 and mac tag generation and peer mac tag verification, KAS keying material for presumed data encryption and mac tag generation, KAS keying material to decrypt the masking key, validate MAC tag. R: Partition Cloning/KLK Initiator Public Key, Partition Cloning/KLK Responder Public Key W: Partition Cloning/KLK Initiator Public Key, Partition Cloning/KLK Responder Public Key Z: Z and KAS keying material X Key A SP 80056 A/B CN_GEN_KEY_ENC_ G: Partition KLK RSA/ECC key KEY Transportation protocol to generate pair, KLK a shared KLK on host E: N/A and Partition. R: N/A W: Host RSA/ECC KLK Public Key Z: N/A Cavium Inc. 25 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy Unauthenticated Appliance User Manufacturer Service Description Commands Cryptographic Keys/CSPs MCO PCO PCU X PCU Key CN_EXTRACT_ G: General Purpose User CSPs, MASKED_OBJEC Management T General Purpose User CN_INSERT_ Public Keys MASKED_OBJEC E: Masking Key, KLK or user T provided wrapping Key, CN_DESTROY_OBJEC PEK specified user key, all T user keys, CN_GET_ATTRIBUTE _ R: General Purpose User CSPs, VALUE General Purpose User CN_GET_ATTRIBUTE Public Keys _ SIZE W: Imported keys CN_MODIFY_OBJECT Z: General Purpose User CSPs, CN_FIND_OBJECTS General Purpose User CN_FIND_OBJECTS_ Public FROM_INDEX CN_GENERATE_KEY CN_GENERATE_KEY_ PAIR CN_GENERATE_PBE_ KEY CN_EXPORT_PUB_ KEY X X X X Find Key Users can find key CN_FIND_OBJECTS G: N/A handles handles based on CN_FIND_OBJECTS_ FROM_INDEX E: N/A search criteria like R: All user keys key type or label. W: N/A MCO/PCO use it as part of backup Z: N/A service X PCU Key Unwrap only RSA Key G: N/A Management CN_UNWRAP_KEY E: KLK ­ Special CN_FIND_OBJECT R: Asymmetric Private Key CN_DELETE_OBJECT (RSA only) W: Asymmetric Private Key (RSA only) Z: Asymmetric Private Key (RSA only) Cavium Inc. 26 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy Unauthenticated Appliance User Manufacturer Service Description Commands Cryptographic Keys/CSPs MCO PCO PCU X X PCU Crypto CN_ME_PKCS and CN_SIGN G: N/A Offload CN_ME_PKCS_LARGE CN_VERIFY E: specified user key are RSA 2K and 3K CN_ECC_DH CN_NIST_AES_WRAP R: N/A operations. CN_ALLOC_SSL_CTX W: N/A CN_FREE_SSL_CTX Z: N/A Appliance user is CN_GEN_PMK allowed to use the CN_FIPS_RAND imported RSA key. CN_ME_PKCS_LARGE CN_ME_PKCS CN_FECC CN_HASH CN_HMAC CN_ENCRYPT_DECRY PT X X Audit Logs ­ CN_PARTN_GET_ G: N/A AUDIT_DETAILS PCO / E: PAK, FMAK CN_PARTN_GET_ Appliance AUDIT_LOGS R: N/A CN_PARTN_GET_ W: N/A AUDIT_SIGN Z: N/A X Audit Logs ­ CN_ADMIN_GET_ G: N/A PARTN_AUDIT_ MCO DETAILS E: FMAK CN_ADMIN_GET_ R: N/A PARTN_AUDIT_ LOGS W: N/A CN_ADMIN_GET_ Z: N/A PARTN_AUDIT_ SIGN X SSL Protocol These API can MAJOR_OP_RSASER G: N/A VER_LARGE Packet understand the E: TLS Session Symmetric Key MAJOR_OP_RSASER Processing SSL/TLS protocol VER Set and TLS Session HMAC semantics and MAJOR_OP_HANDSH key part of SSL Context optimized to do AKE R: N/A multiple sequential MAJOR_OP_OTHER W: N/A crypto operations on MAJOR_OP_FINISHE the given input data. D Z: N/A For example: MAJOR_OP_RESUME Encrypt/decrypt MAJOR_OP_ENCRYP T_DECRYPT_REC record will do HMAC ORD comparison in MAJOR_OP_ECDH addition to the symmetric crypto operation. Cavium Inc. 27 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy 7 Keys and Certificates 7.1 Definition of Critical Security Parameters (CSPs) The Manufacturer FIPS Data Encryption Key (MFDEK) and HSM Master Partition Master Encryption Key are stored in plaintext form in the EEPROM. The Partition Master Encryption Key (PMEK) is stored encrypted under the HSM Master Partition Master Encryption Key. All other keys and CSPs stored in the persistent memory are encrypted by the MFDEK, HSM Master Partition Master Encryption Key, or PMEK. Note: The module generates cryptographic keys whose strengths are modified by available entropy. The estimated minentropy rate is 24 bits of minentropy per 64bit sample from the RNG. Table 12 ­ Private Keys and CSPs Name Description and Usage HSM CSPs DRBG Entropy The entropy material for the FIPS Approved DRBG. CTR_DRBG Internal State The internal state for the FIPS Approved DRBG. Manufacturer FIPS Data AES 256bit key used to encrypt manufacturer keys stored in persistent storage of the Encryption Key (MFDEK) HSM. HSM Master Partition AES 256bit key used to encrypt Master Partition CSPs and authentication data stored Master Encryption Key in persistent storage of the HSM. Partition Master AES 256bit key used to encrypt partition CSPs and authentication data stored in Encryption Key (PMEK) persistent storage of the HSM. HSM FIPS Master A unique 2048bit RSA private key. Used to identify the HSM when in the FIPS Authentication Key operating mode (FMAK) Partition Authentication A unique 2048bit RSA private key used to identify the HSM Partition Key (PAK) Authentication CSP PswdEncKey RSA Private 2048bit RSA Private Key, used in SP 80056B KAS to generate PswdEncKey Key PswdEncKey AES256 key, for encrypting User passwords during user creation and authentication Login Passwords String of 7 to 32 alphanumeric characters Key Loading CSPs Partition's KeyLoading ECC 512bit or RSA 2048bit key used in SP 80056A C(0,2,ECC DH) or SP 80056B Private Key KAS2 to agree on Z during key loading Partition's KeyLoading Shared secret Z for SP 80056A C(0,2,ECC DH) or SP 80056B KAS2 Shared Secret (Z) Partition's Key Loading Key A 256bit AES key derived from Z, used to decrypt the imported CSPs (KLK) Backup and Restore Keys Manufacturer FIPS Key AES 256bit key used to derive KBK Backup Key (MFKBK) HSM Owner KBK (OKBK) AES 256bit key used to derive KBK Partition Owner KBK AES 256bit key used to derive KBK (POKBK) HSM Key Backup Key (KBK) Key used to encrypt/decrypt the Backup Session Key Backup Session Key Key used to backup and restore partition data Cavium Inc. 28 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy Name Description and Usage Cloning Keys Partition's Cloning Private ECC 512bit or RSA 2048bit Static Private Key used in SP 80056A C(0,2,ECC DH) or SP Key 800 56B KAS2 bilateral confirmation key agreement to generate shared secret Z. At HSM Partition level, used to establish secure channel for cloning process (to export Masking Key). Partition's Cloning Shared Shared secret Z for SP 80056A C(0,2,ECC DH) or SP 80056B KAS2 bilateral Secret (Z) confirmation scheme. Partition's Cloning Session AES 256 key for encryption and decryption of Masking Key. Key Partition's Cloning Session HMAC SHA256 key used for key confirmation during SP 80056A key agreement MAC Key Partition's Masking Key AES256 key, for key wrapping. Used to import/export CSPs and masked objects. General Purpose User CSPs Asymmetric Private Keys RSA/DSA/ECDSA/ECDH general purpose keys Asymmetric Private RSA/DSA/ECDSA/ECDH general purpose session keys Session Keys Symmetric Keys TripleDES or AES general purpose keys Symmetric Session Keys TripleDES or AES general purpose session keys HMAC Keys HMAC general purpose keys (minimum key size of 160 bits) HMAC Session Keys HMAC session general purpose keys (minimum key size of 160 bits) TLS Session Symmetric Key AES 128, 192, 256 or TripleDES keys used for encrypting TLS sessions Set TLS Session HMAC key HMAC key used in SSL session (minimum key size of 160 bits) EAPFASTPAC EAPFAST authentication Info 7.2 Definition of Public Keys The module contains the following public keys: Table 13 ­ Public Keys Name Description and Usage HSM Keys Manufacturer Firmware RSA 2048bit public key used to authenticate SW images loaded into the module. The Validation Key SW image is signed by the manufacturer using a RSA private key and the signature is verified before upgrading to the new image using the public key. Manufacturer License RSA 2048bit public key used to authenticate the manufacturer role Validation Key Manufacturer RSA 2048bit public key certificate, used to issue FMAC certificates Authentication Root Cert. (MARC) HSM FIPS Master RSA 2048bit public key certificate of FMAK. Used to identify the HSM FIPS operating Authentication Certificate mode. (FMAC) SecureBootAuth Public RSA 2048bit public key used to verify authenticity of the host system Key Cavium Inc. 29 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy Name Description and Usage Administrative Keys HSM/Adapter Owner Trust RSA 2048bit public key certificate used as trust anchor of MCO Anchor Certificate (AOTAC) HSM/Adapter Owner RSA 2048bit public key certificate of FMAK. Used to identify the HSM owner. Authentication Certificate (AOAC) Partition Authentication RSA 2048bit public key certificate of PAK. Used to identify the Partition. Certificate (PAC) Partition Owner Trust RSA 2048bit public key certificate used as trust anchor of PCO. Anchor Certificate (POTAC) Partition Owner RSA 2048bit public key certificate of PAK. Used to identify the Partition owner. Authentication Certificate (POAC) Key Backup/Cloning Keys Partition Cloning/KLK ECC 512bit static public key used in SP 80056A C(0,2,ECC DH) key agreement or RSA Initiator Public Key 2048bit static public key used in SP 80056B KAS2 bilateral confirmation key agreement to generate shared secret Z. Partition Cloning/KLK ECC 512bit static public key used in SP 80056A C(0,2,ECC DH) key agreement or RSA Responder Public Key 2048bit static public key used in SP 80056B KAS2 bilateral confirmation key agreement to generate shared secret Z. Partition Cloning ECC Set EE per SP 80056A Table 2 Domain Parameter Set Authentication Keys Partition PswdEncKey RSA 2048bit public key generated by the partition to be used in SP 80056B key Public Key agreement to generate PswdEncKey. Host PswdEncKey Public RSA 2048bit public key loaded by the host to be used SP 80056B key agreement to Key generate PswdEncKey. TwoFactor Authentication RSA 2048bit public key used to verify signature on encrypted passwords during user Public Key creation and login General Purpose Keys User Public Keys RSA/DSA/ECDSA/ECDH public keys User Public Session Keys RSA/DSA/ECDSA/ECDH public session keys 7.3 Definition of Session Keys The cryptographic module supports the generation/import/export of user keys which are bound to a session and are termed as session keys. Following points apply to the session keys: Session keys are stored in RAM and are lost across reboots. Session key access is restricted to an application in which it is created. Every session in an application will have access to the keys created by every other session in the same application. When a session is closed, the session keys created by that session get destroyed. Cavium Inc. 30 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy 8 Operational Environment The module implements a limited operational environment. FIPS 1402 Area 6 Operational Environment requirements do not apply to the module in this validation. 9 Security Rules This section documents the security rules enforced by the cryptographic module to implement the security requirements of this FIPS 1402 Level3 module. 1. The cryptographic module clears previous authentications on power cycle. 2. When the module has not been placed in a valid role, the operator shall not have access to any cryptographic services. 3. The cryptographic module shall perform the following power up, continuous and conditional self tests: A. PowerUp Tests AES (CBC and ECB) Encrypt & Decrypt KATs (NitroxIII, Cert. #2034) AES (GCM) Encrypt & Decrypt KATs (NitroxIII, Cert. #2035) AES (ECB) Encrypt & Decrypt KATs (NitroxIII, Cert. #2033) HMAC SHA1, 224, 256, 384, 512b KATs (NitroxIII, Cert. #1233) TLS 1.0/1.1/1.2 KDF KAT (NitroxIII, CVL Cert. #167) SHA1, 224, 256, 384, 512b KATs (NitroxIII, Cert. #1780) TripleDES (TECB and TCBC) Encrypt & Decrypt KATs (NitroxIII, Cert. #1311) AES (ECB) Encrypt & Decrypt KATs for DRBG, Key wrap (Firmware, Cert. #3205) AES Key Wrap Encrypt & Decrypt KATs (Firmware, Cert. #3206) SP 80090A CTR_DRBG KAT (Firmware, Cert. #680) DSA Sig Gen, Sig Ver, PQG Gen, PQG Ver, and Key Gen KATs (Firmware, Cert. #916) ECDSA Sig Gen and Sig Ver KATs (Firmware, Cert. #589) ECDSA Key Gen and PKV KATs (Firmware, Cert. #589) HMACSHA1, 224, 256, 384, 512 KATs (Firmware, Cert. #2019) KAS KAT per IG 9.6 (Q=dG and KDF) (Cert. #53) RSA Sig Gen, Sig Ver and Key Gen KATs (Firmware, Cert. #1634) SHA1, 224, 256, 384, 512 KATs (Firmware, Cert. #2652) RSA Encrypt & Decrypt KAT Firmware integrity test (CRC16) ECDH KAT (NitroxIII, CVL Cert. #563) B. Conditional SelfTests ECDSA Pairwise Consistency Test RSA Pairwise Consistency Test DSA Pairwise Consistency Test SP 80090A CTR_DRBG Continuous number test HW RNG Continuous Number Test Firmware load test (RSA Signature Verification) DRBG, SP80090A health tests. 4. Critical Functions Tests: The module runs the following Critical Functions Tests which are required to ensure the correct functioning of the device. a. Power On Memory Test Cavium Inc. 31 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy b. EEPROM Test c. NOR Flash Test d. Nitrox Chips Tests 5. The operator shall be capable of commanding the module to perform the power up selftest by cycling power or resetting the module. 6. Power up selftests do not require any operator action. 7. Data output shall be inhibited during selftests, zeroization, and error states. 8. Status information does not contain CSPs or sensitive data that if misused could lead to a compromise of the module. 9. There are no restrictions on which keys or CSPs are zeroized by the zeroization service. 10. The module does not support a maintenance interface or role. 11. The module does not support bypass capabilities. 12. The module does not support manual key entry. 13. The module has no CSP feedback to operators. 14. The module does not enter or output plaintext CSPs 15. The module does not output intermediate key values. 16. The module shall be configured for FIPS operation by following the firsttime initialization procedure described in User Manual and CAPI Specification (CN16xxNFBEAPI0.9). 10 Physical Security Policy 10.1 Physical Security Mechanisms The module's cryptographic boundary is defined to be the outer perimeter of the hard epoxy enclosure containing the hardware and firmware components. The module is opaque and completely conceals the internal components of the cryptographic module. The epoxy enclosure of the module prevents physical access to any of the internal components without having to destroy the module. There are no operator required actions. Note: The module's hardness testing was only performed at ambient temperature (23°C); no assurance is provided for Level 3 hardness conformance at any other temperature. 11 Mitigation of Other Attacks Policy No mitigation of other attacks is implemented by the module. 12 References 1. NIST AES Key Wrap Specification, SP 80038F, December 2012 2. NIST Special Publication 80056A, March, 2007. 3. NIST Special Publication 80056B, August, 2009. 4. NIST Special Publication 80057 Part1, May 2006. 5. FIPS PUB 1864, Digital Signature Standard (DSS), July, 2013 6. FIPS PUB 1402, FIPS Publication 1402 Security Requirements for Cryptographic Modules 7. Implementation Guidance for FIPS PUB 1402 and the Cryptographic Module Validation Program 8. NIST Special Publication 800131A, January, 2011. Cavium Inc. 32 NITROXIII CNN35XXNFBE HSM Family Version 1.1 Security Policy 13 Definitions and Acronyms MCO ­ Master Crypto Officer PCO ­ Partition Crypto Officer PCU ­ Partition Crypto User HSM ­ Hardware Security Module KBK ­ Key Backup Key KLK ­ Key Loading Key KAT ­ Known Answer Test KAS ­ Key Agreement Scheme 14 Appendix A: Supported ECC curves for SigVerify Curves over prime number fields: P192, P224, P256, P384, P521. Koblitz curves over 2^m fields: K163, K233, K283, K409, K571. Curves over 2^m fields: B163, B233, B283, B409, B571. 15 Appendix B: Supported ECC curves for KeyGen and SigGen Curves over prime number fields: P224, P256, P384, P521. Koblitz curves over 2^m fields: K233, K283, K409, K571. Curves over 2^m fields: B233, B283, B409, B571. Cavium Inc. 33