Sun Microsystems Sun Cryptographic Accelerator 4000 Firmware Version 2.0 and 2.0.1 FIPS 140-2 Non-Proprietary Security Policy Level 3 Validation September 14, 2005 © Copyright 2004 SUN MICROSYSTEMS This document may be freely reproduced and distributed whole and intact including this Copyright Notice. Table of Contents INTRODUCTION............................................................................................................. 3 PURPOSE ....................................................................................................................... 3 REFERENCES ................................................................................................................. 3 DOCUMENT ORGANIZATION ............................................................................................. 3 SUN CRYPTOGRAPHIC ACCELERATOR 4000 ........................................................... 4 OVERVIEW ..................................................................................................................... 4 MODULE INTERFACES ..................................................................................................... 4 ROLES AND SERVICES ..................................................................................................... 5 Crypto Officer Role.................................................................................................... 5 User Role .................................................................................................................. 6 Driver Role ................................................................................................................ 8 Admin Secure Channel ........................................................................................... 10 Unauthenticated Services ....................................................................................... 12 PHYSICAL SECURITY ..................................................................................................... 13 CRYPTOGRAPHIC KEY MANAGEMENT ............................................................................. 13 Random Number Generator .................................................................................... 17 Key Zeroization ....................................................................................................... 17 EMI/EMC.................................................................................................................... 17 SELF-TESTS ................................................................................................................. 17 DESIGN ASSURANCE ..................................................................................................... 18 SECURE OPERATION ................................................................................................. 19 CRYPTO OFFICER GUIDANCE ......................................................................................... 19 Initialization ............................................................................................................. 19 Termination ............................................................................................................. 19 USER GUIDANCE .......................................................................................................... 20 ACRONYMS ................................................................................................................. 21 © Copyright 2004 SUN MICROSYSTEMS Page 2 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. Introduction Purpose This is a non-proprietary Cryptographic Module Security Policy for the Sun Cryptographic Accelerator 4000 from Sun Microsystems. This security policy describes how the Sun Cryptographic Accelerator 4000 meets the security requirements of FIPS 140-2 and how to run the module in a secure FIPS 140-2 mode. This policy was prepared as part of the Level 3 FIPS 140-2 validation of the module. FIPS 140-2 (Federal Information Processing Standards Publication 140-2 -- Security Requirements for Cryptographic Modules) details the U.S. Government requirements for cryptographic modules. More information about the FIPS 140-2 standard and validation program is available on the NIST website at http://csrc.nist.gov/cryptval/. References This document deals only with operations and capabilities of the module in the technical terms of a FIPS 140-2 cryptographic module security policy. More information is available on the module from the following sources: · The Sun Microsystems website (http://www.sun.com/) contains information on the full line of products from Sun Microsystems. · The NIST Validated Modules website (http://csrc.ncsl.nist.gov/cryptval/) contains contact information for answers to technical or sales-related questions for the module. Document Organization The Security Policy document is one document in a FIPS 140-2 Submission Package. In addition to this document, the Submission Package contains: Sun Microsystems Vendor Evidence document Finite State Machine Other supporting documentation as additional references This Security Policy and the other validation submission documentation were produced by Corsec Security, Inc. under contract to Sun Microsystems. With the exception of this Non-Proprietary Security Policy, the FIPS 140-2 Validation Documentation is proprietary to Sun Microsystems and is releasable only under appropriate non-disclosure agreements. For access to these documents, please contact Sun Microsystems. © Copyright 2004 SUN MICROSYSTEMS Page 3 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. SUN CRYPTOGRAPHIC ACCELERATOR 4000 Overview The Sun Cryptographic Accelerator 4000 (SCA 4000) is designed to provide the highest level of security to customers. The Sun Cryptographic Accelerator 4000 and secure key store is not defined to be secure as an afterthought, security has been incorporated into the Sun Cryptographic Accelerator 4000 since product inception. The SCA 4000 comes with either a copper or Fiber interface to provide networking services. The hardware version numbers of the module are 501-6040-02 and 501-6040-03 (Fiber), 501-6039-05 and 501-6039-06 (UTP/Copper) In order to achieve such a high level of security, the Sun Cryptographic Accelerator 4000 product design, development, test and production has satisfied the requirements to ensure a secure product. Security has been the focus of the development team from the outset, and the Sun Cryptographic Accelerator 4000 product has been designed from the ground up to incorporate security in all design and development steps. The Sun Cryptographic Accelerator 4000 integrates a 1Gb Ethernet performance with hardware cryptographic functionality. The card enhances server network performance by off-loading computer intensive cryptographic calculations (asymmetric and symmetric) from the server's CPU, accelerating both IPsec and SSL/TLS processing. The SCA 4000 also provides a secure remote administration capability. It is tightly integrated with Sun's server hardware and software. Module Interfaces The cryptographic boundary of the Sun Cryptographic Accelerator 4000 is defined by the perimeter of the PCI card itself. The networking components and interfaces, LED indicators and jumper pins are excluded from the security requirements of FIPS 140-2. The module is accessible only through well-defined interfaces, and these interfaces include a PCI slot, LEDs, and a jumper. All of these physical interfaces are separated into logical interfaces defined by FIPS 140-2, as described in the following table: Module Physical Interface FIPS 140-2 Logical Interface PCI, UTP/fiber interface Data Input Interface PCI, UTP/fiber interface Data Output Interface PCI, Jumper Control Input Interface PCI, LEDs Status Output Interface PCI Power Interface Table 1 ­ FIPS 140-2 Logical Interfaces © Copyright 2004 SUN MICROSYSTEMS Page 4 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. Roles and Services The module supports identity based authentication. There are three main roles in the module (as required by FIPS 140-2) that operators may assume: a Crypto Officer role (or Security Officer role as defined in SCA 4000 documents), User role, and a Driver. There is also an additional set of unauthenticated services which are not security relevant to the Sun Cryptographic Accelerator 4000 card. The CO (Crypto Officer) accesses the module using a command line interface (CLI) over the PCI port using the administration tool, vcaadm, on the host machine. The Crypto Officer authenticates with a password and is able to configure the module. When vcaadm is executing in interactive mode, a sub- shell style interface is supplied that allows the Crypto Officer to interact with the interface. Commands may be entered one at a time, and the output from the commands is sent to standard output device. There are 4 registers that execute the CO administration at the PCI interface level. There are 2 command buffers that perform data input from the card to the host machine and 2 command buffers that receive a response from the host machine. All administrative commands from the application level are sent encrypted with AES session keys using these 4 registers. To issue a command, the host driver uses these registers to define a command block on the host and generates an interrupt to the SCA 4000 firmware via the command bit of the SCA 4000 IRQ register. When the firmware has finished processing the command, it will notify the host via command complete bit of the Host IRQ register. Crypto Officer Role The Crypto Officer role has the ability to perform all the management and the administration of the board. Descriptions of the services available to the Crypto Officer role are provided in the table below. Service Description Input Output Backup Backup master key* Command and path Status of command over secure admin channel Connect Begin admin session w/ firmware Command Login prompt Create Creates users and CO accounts Command and user Status of command over name secure admin channel Delete Delete users and CO accounts1 Command and user Status of command over name secure admin channel Diagnostics Runs diagnostics for the card Command Status of command over secure admin channel 1 Deleting a multi-admin CO requires multi-admin authentication and authorization in multi-admin mode © Copyright 2004 SUN MICROSYSTEMS Page 5 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. Service Description Input Output Disable Disable a user Command and user Status of command over name secure admin channel Disable multiadmin mode Command Status of command over secure admin channel Disable CO as a Multiadmin CO* Command and CO Status of command over name secure admin channel Enable Enable a user Command and user Status of command over name secure admin channel Enable multiadmin mode Command, M value and Status of command over timeout value secure admin channel Enable CO as a Multiadmin CO* Command and CO Status of command over name secure admin channel Exit Exit vcaadm Command Status of command over secure admin channel Loadfw Load new firmware Command and path Status of command over secure admin channel Logout Logout current session Command Exit command line Quit Exit vcaadm Command Status of command over secure admin channel Rekey Generate new master key or Command and select Status of command over remote access key option secure admin channel Reset Reset the hardware Command Hardware is reset Set Change password for crypto Command and select Options to change officer, set password strength option password or set password strength Set minimum number of CO Command and M value Status of command over logins required (M) to authorize secure admin channel a multiadmin command* Set multiadmin timeout* Command and timeout Status of command over value secure admin channel Show Show system settings Command and select Status of command over option secure admin channel Zeroize Delete all keys and reset board Command INIT led is off Restore Restore backup file* Command and backup Status of command over file, password secure admin channel Approve/Reject Approve/reject multiadmin Command Status of command over command secure admin channel Cancel Cancel multiadmin command* Command Status of command over secure admin channel Table 2 ­ Crypto Officer Services, Descriptions, Inputs and Outputs * These services require multi-admin authentication and authorization in multi-admin mode User Role The User role can perform cryptographic operations such as owning and accessing keying material within the key store. Users can also perform bulk © Copyright 2004 SUN MICROSYSTEMS Page 6 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. encryption, asymmetric cryptographic functions, and object management services for cryptographic acceleration. Service descriptions and inputs/outputs are listed in the following tables: Service Description Input Output 3DES Encryption Raw 3DES encryption Plaintext data Ciphertext data 3DES Decryption Raw 3DES decryption Ciphertext data Plaintext data AES Encryption Raw AES encryption Plaintext data Ciphertext data AES Decryption Raw AES decryption Ciphertext data Plaintext data HMAC-SHA-1 HMAC-SHA-1 processing Ciphertext data Hashed data MD5 HMAC MD5 HMAC processing Ciphertext data Hashed data MD5 MD5 hashing Plaintext/ciphertext data Perform MD5 hashing SHA-1 SHA-1 hashing Plaintext/ciphertext data Perform SHA-1 hashing Diagnostics Perform diagnostics on the Command Blinking of LED SCA 4000 card Display Display public key information Command Displaying the public key and the public key fingerprint used by the Cryptographic Accelerator 4000 board for securing administration sessions. Status Displays status of keystore Command Output is a colon- information separated list of the following pieces of information: device, internal function, keystore name, keystore serial number, and keystore reference count. You can use this command to determine the association between devices and keystores. Reset Reset the SCA 4000 card Command This function resets the SCA 4000 firmware and initiates all the POSTs. Zeroize Zeroizing all CSPs Command All CSPs and Keys on the card are zeroized. The Cryptographic Accelerator 4000 is returned to its factory state. Table 3a ­ User Services-Bulk Encryption, Descriptions, Inputs and Outputs Service Description Input Output DSA Sign DSA signing operation Plaintext/ciphertext data Digital Signature Verify DSA DSA verification operation Signed data Verify response © Copyright 2004 SUN MICROSYSTEMS Page 7 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. Service Description Input Output signature Access RNG Direct access to the RNG Random data Calls FIPS PRNG to use random data RNG SHA-1 RNG output processed by Random data Calls FIPS PRNG to SHA-1 use random data RSA encrypt RSA_PKCS#1 encrypt Plaintext data Ciphertext data RSA decrypt RSA_PKCS#1 decrypt Ciphertext data Plaintext data RSA Sign RSA_PKCS#1 sign Plaintext/ciphertext data Digital Signature Verify RSA RSA_PKCS#1 verify Signed data Verify response signature Table 3b ­ User Services-Asymmetric cryptographic functions, Descriptions, Inputs and Outputs Service Description Input Output Login User login User's login information Login successful/failed Setpass User change password Command New password Enumerate key Enumerate user's keys Command List of keys Retrieve key Retrieve a key Command Obtain user key Delete key Delete a key Command Key is deleted Create key Create a key Command New key Change key Change key attribute Command Updated key attribute attribute Generate DES Generate DES key Command New DES key key Generate DES2 Generate DES 2-key Command New DES 2 key key Generate DES3 Generate DES 3-key Command New DES 3 key key Generate AES Generate AES key Command New AES key key Generate RSA Generate RSA keypair Command New RSA keypair keypair Generate DSA Generate DSA keypair Command New DSA keypair keypair Wrap Key Wrap an asymmetric key using Command Wrapped key the given key Unwrap Key Unwrap a wrapped key using Command Unwrapped key the given key (encrypted with KTK in FIPS mode) Copy Object Copy a key object Command Copy of key Table 3c ­ User Services-Object Management, Descriptions, Inputs and Outputs Driver Role The Driver role authenticates with a hardcoded login and password in the driver to authenticate its identity to the SCA 4000. The driver can perform similar services as the user role such as bulk encryption and asymmetric cryptographic function, but cannot perform object management services. Service Description Input Output © Copyright 2004 SUN MICROSYSTEMS Page 8 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. Service Description Input Output 3DES Encryption Raw 3DES encryption Plaintext data Ciphertext data 3DES Decryption Raw 3DES decryption Ciphertext data Plaintext data AES Encryption Raw AES encryption Plaintext data Ciphertext data AES Decryption Raw AES decryption Ciphertext data Plaintext data HMAC-SHA-1 HMAC-SHA-1 processing Ciphertext data Hashed data MD5 HMAC MD5 HMAC processing Input data Signed data MD5 MD5 hashing Plaintext/ciphertext data Hashed data SHA-1 SHA-1 hashing Plaintext/ciphertext data Hashed data Load KTK Authenticate to card and Load Data structure Authentication and KTK Key Transport Key (KTK) containing encrypted decryption result Function KTK, driver username and password Diagnostics Perform diagnostics on the Command Blinking of LED SCA 4000 card Display Display public key information Command Displaying the public key and the public key fingerprint used by the Cryptographic Accelerator 4000 board for securing administration sessions. Status Displays status of keystore Command Output is a colon- information separated list of the following pieces of information: device, internal function, keystore name, keystore serial number, and keystore reference count. You can use this command to determine the association between devices and keystores. Reset Reset the SCA 4000 card Command This function resets the SCA 4000 firmware and initiates all the POSTs. Zeroize Zeroizing all CSPs Command All CSPs and Keys on the card are zeroized. The Cryptographic Accelerator 4000 is returned to its factory state. IPSec DES IPSec DES encryption Plaintext data Ciphertext data Encryption IPSec DES IPSec DES Decryption Ciphertext data Plaintext data Decryption IPSec 3DES IPSec 3DES encryption Plaintext data Ciphertext data Encryption IPSec 3DES IPSec 3DES Decryption Ciphertext data Plaintext data Decryption IPSec MD5 IPSec MD5 HMAC processing Input data Hashed data HMAC © Copyright 2004 SUN MICROSYSTEMS Page 9 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. Service Description Input Output IPSec SHA1 IPSec HMAC-SHA-1 Ciphertext data Hashed data HMAC processing IPSec add SA Adds an IPSec SA to the SA data Return code to indicate SADB success or failure IPSec delete SA Deletes an IPSec SA from the SA data, identifier for Return code to indicate SADB SA to be deleted success or failure IPSec set SA Updates or adds an IPSec SA SA data Return code to indicate to the SADB success or failure IPSec update SA Updates an IPSec SA in the SA data Return code to indicate SADB success or failure IPSec flush Removes all IPSec SAs of the The type of SA (AH or Return code to indicate SADB specified type from the SADB ESP) to be deleted success or failure IPSec SA Checks a SA out of the SADB Type pf SA (AH or ESP) Return code to indicate checkout to checkout, identifier success or failure for SA, structure to hold SA IPSec SA checkin Checks a SA back into the SA data Return code to indicate SADB success or failure Table 4a ­ Driver Services-Bulk Encryption, Descriptions, Inputs and Outputs Service Description Input Output DSA Sign DSA signing operation Plaintext/ciphertext data Digital Signature Verify DSA DSA verification operation Signed data Verify response signature Access RNG Direct access to the RNG Random data Calls FIPS PRNG to use random data RNG SHA-1 RNG output processed by Random data Calls FIPS PRNG to SHA-1 use random data RSA encrypt RSA_PKCS#1 encrypt Plaintext data CipherText data RSA decrypt RSA_PKCS#1 decrypt Ciphertext data Plaintext data RSA Sign RSA_PKCS#1 sign Plaintext/ciphertext data Digital Signature Verify RSA RSA_PKCS#1 verify Signed data Verify response signature Table 4b ­ Driver Services-Asymmetric cryptographic function, Descriptions, Inputs and Outputs Admin Secure Channel The Crypto Officer authentication takes place within a secure admin channel using a TLS-like negotiation using RSA for key establishment. The algorithm used is always AES-128 bit session keys and the MAC algorithm is always HMAC-SHA-1. The public key exchange protocol begins with the Sun Cryptographic Accelerator 4000 providing a public RSA key to the host machine (where the admin application is running from) along with the hardware Ethernet address. A pre master secret is generated by the host machine, encrypted using the SCA 4000 public RSA key, and than sent to the firmware. At this point, both the host machine and the SCA 4000 derive the master secret, and the 2 AES keys, 2 Message Authentication Code (MAC) keys, and 2 Initialization Vectors (IVs). The MAC keys are 20-byte keys that will be used with HMAC-SHA-1. The © Copyright 2004 SUN MICROSYSTEMS Page 10 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. SCA 4000 will verify the value using TLS. The host machine will compute its own verify on the messages and compare them to the SCA 4000 before this exchange is completed. A CO is identified using a username. When a command requiring multi-admin authentication is issued in multi-admin mode the card goes into a polling mode and waits for COs belonging to multi-admin group to login to the card. A separate secure session is established for each CO. Assuming the CO login and password are correct, one of following three things happens: · If the authenticated CO does not belong to the multi-admin group, no services can be invoked by that CO. The CO is given a message indicating that the board is in the middle of authorizing a Multi-Admin command and the CO cannot administer the board. · If the CO belongs to the multi-admin group (and is not the initiator of the multi-admin command), the CO has the option to either authorize or reject the multi-admin command. In case the CO has authorized the command already a message indicating that the CO has already approved this is given. · If the initiating CO authenticates to the card, the CO has the option to cancel the ongoing multi-admin command. A total of M COs of the multi-admin group must login and authorize the command. If M COs do not authorize the command within the timeout period the multi-admin command is terminated. At the end of the command, control is transferred back to the initiating CO. The module allows multiple CO logins only in multi-admin mode. The module uses passwords to authenticate an operator in the Crypto Officer, User and Driver role. The following table shows the strength of authentication used by the module: Authentication Type Strength Password The SCA 4000 accepts 93 different characters for a password and the probability that a random access will succeed with a 6 digit password is 1 in 646,990,183,449 with repetition of characters. Table 5 ­ Estimated Strength of Authentication Mechanisms © Copyright 2004 SUN MICROSYSTEMS Page 11 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. Unauthenticated Services3 The module has unauthenticated services that provide no security relevant functionality, and these services are available to all roles. The LEDs on the rear of the module provide status information. Service Description Input Output Diagnostics Perform diagnostics on the Command Blinking of LED SCA 4000 card Display Display public key Command Displaying the public key and the public information key fingerprint used by the Cryptographic Accelerator 4000 board for securing administration sessions. Status Displays status of keystore Command Output is a colon-separated list of the information following pieces of information: device, internal function, keystore name, keystore serial number, and keystore reference count. You can use this command to determine the association between devices and keystores. Reset Reset the SCA 4000 card Command This function resets the SCA 4000 firmware and initiates all the POSTs. Zeroize Zeroizing all CSPs Command All CSPs and Keys on the card are zeroized. The Cryptographic Accelerator 4000 is returned to its factory state. Debug Services debugInfo Displays the registered None List of debug routines callable from the debug routines callable host. from vcadebug4 vexInfo Display all exception None Exception headers stored in FLASH headers currently on the card vexShow Displays segments (data Exception Information relating to a specific blocks) associated with an number and exception and segment exception segment number vexProcInfo Lists additional processes None List of processes in the process list added to the exception dump vexSegInfo Displays individual segment Exception List of segments in the segment list data for a given exception number vce_mii_dump Displays all the Cassini MII None Contents of all Cassini MII registers registers vce_mii_reg_d Displays a specified Cassini Register value Contents of specified register ump MII register vce_dump_rin Dumps the network None Contents of the network descriptor rings gs descriptor rings for debug vcfCfg Displays the core firmware None Contents of the card configuration configuration register registers 3 These services are only available to the root user on the host Solaris system 4 Vcadebug is a host application provided by Sun to invoke the firmware debug interface commands © Copyright 2004 SUN MICROSYSTEMS Page 12 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. Service Description Input Output vcfCsrs Displays the core firmware None Contents of the card control/status control/status registers registers cfgDump Displays the firmware None Firmware configuration data configuration data ksDump Displays high level None Information about on-card keystore information about the module keystore partDisplayAll Displays memory partition None Memory partition data data (if debug messages enabled) vSadbDump Displays high level None High level information about the card information about the card SADB SADB Table 6 ­ Unauthenticated Services Physical Security The SCA 4000 card is a multi-chip embedded cryptographic module. The SCA 4000 card is completely enclosed in a hard epoxy coating with only specific interfaces providing access to the module. Cryptographic Key Management The implementations of the FIPS-approved algorithms have following FIPS algorithm certifications: · SHA-1 (firmware certificate #171) as per NIST's FIPS PUB 180-1 · SHA-1 (hardware certificate #172) as per NIST's FIPS PUB 180-1 · DES CBC (certificate #225) as per NIST's FIPS PUB 46-3 · 3DES CBC (certificate #190) as per NIST's FIPS PUB 46-3 · AES (certificate #79) as per NIST's FIPS PUB 197 · DSA (certificate #92) as per NIST's FIPS PUB 186-2 · HMAC-SHA-1 (hardware certificate #34) as per NIST's FIPS PUB 198 · HMAC-SHA-1 (firmware certificate #88) as per NIST's FIPS PUB 198 · RNG (certificate #108) as per NIST FIPS PUB 186-2 Appendix 3.1 · RSA (Cert. #95) as per PKCS #1 v1.5 © Copyright 2004 SUN MICROSYSTEMS Page 13 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. 3DES and AES are the recommended algorithms to be used for encryption and decryption. DES is only to be used in legacy systems. The Sun Cryptographic Accelerator 4000 also performs RSA encrypt/decrypt functions for the User Role. RSA encryption/decryption must be used only for performing key transport such as in SSL/TLS protocols in a FIPS mode of operation. The module also performs RSA digital signature generation/verification The follow algorithms are not supported when the SCA 4000 card is operating in FIPS mode: · MD5 · HMAC-MD5 · RC2 (ECB, CBC modes) The module supports the following critical security parameters listed below: Key Key type Generation Storage Use Factory Remote RSA 1024-bit FIPS approved Plaintext read-only Initiate the secure Access Key Public/Private PRNG Flash memory tunnel for the first Keys connection to the SCA 4000 card Remote Access RSA 1024-bit FIPS approved Plaintext in flash Authenticate the Key (RAK) Public/Private PRNG memory administration Keys application with the SCA 4000, Allows driver to send the KTK to the device encrypted Key Transport AES Key 128-bit Generated Plaintext in flash Wraps CSPs Key (KTK) outside the memory crossing the FIPS crypto Runs for a given boundary b/w the boundary boot cycle SCA 4000 firmware and the Solaris host Master Keys AES Key 128-bit FIPS approved Plaintext in flash Encrypt keystore PRNG memory data User Keys RSA FIPS approved Plaintext in Performing Crypto Public/Private PRNG SDRAM functions Keypairs, DSA Public/Private Keypairs, © Copyright 2004 SUN MICROSYSTEMS Page 14 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. DES/3DES and AES Keys Session Keys AES Keys 128-bit FIPS approved Plaintext in Encrypts/decrypts (Crypto Officer) PRNG SDRAM admin commands and responses Session keys DES/3DES Keys FIPS approved Plaintext in They are symmetric (User) PRNG SDRAM keys (DES/TDES) used for symmetric key operations. They may be used in SSL/TLS/IPSec by the application that generates them. Driver Password Password Generated Plaintext in flash Authenticate driver outside the memory to module crypto boundary User Password Password User entered Plaintext in Authenticate user SDRAM to the module Crypto Officer Password Crypto Officer Plaintext in Authenticate Crypto Password entered SDRAM Officer to the module IPSec session DES/3DES keys Generated Plaintext in Used during IPSec keys and/or HMAC- outside the SDRAM negotiations to SHA-1 key crypto encrypt/decrypt and boundary authenticate data packets AES shares key AES Key 128-bit FIPS approved Plaintext in Used to encrypt the PRNG SDRAM key shares calculated from the backup data Key shares Share values Shamir's Plaintext in Used to re-create calculated from secret sharing SDRAM the backup the backup scheme based configuration data configuration data on once M COs have interpolation of been authenticated polynomials Table 7 ­ Description of the Keys used on the SCA 4000 A default Remote Access Key (RAK) is shipped with the SCA 4000 card from the factory. This Factory Remote Access Key is an RSA public/private keypair that is used to establish secure administration channels when the device is not initialized. The Factory Remote Access Public Key is used to encrypt the Key Transport Key and host machine driver login/password information, and sent down to the module. Once the driver is authenticated, the driver can send encrypted commands with the KTK securely to the module. © Copyright 2004 SUN MICROSYSTEMS Page 15 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. Once the card has been initialized, the module generates a new Remote Access Keypair. The RAK is used to negotiate two AES session keys for a single secure tunnel encryption session that are used for Crypto Officer and card communication. These AES session keys will be negotiated at the time a Crypto Officer selects a keystore, and will terminate when the Crypto Officer terminates the session with the module. Each subsequent session will renegotiate new AES session keys, using the Remote Access Key. These CO session keys are generated by a key agreement using TLS master secret derivation TLS session. 32 bytes of a pre-master secret enter the module encrypted by the public Remote Access Key. There are two different CO session keys generated to create sessions; one session key to receive data and one session key to send out data. These keys are used to encrypt/decrypt admin commands and encrypt/decrypt responses from the administration application tool. The Remote Access Key also allows the host machine driver to send the Key Transport Key to the device encrypted with an RSA public key. RAKs are generated using a FIPS approved PRNG and the RSA private keys are never output from the module except for backup purposes. When the SCA 4000 card is operating in FIPS mode, the Key Transport Key is used when transporting passwords or session keys crossing the FIPS boundary between the SCA 4000 firmware and the Solaris host. This transport key is created when the module is powered up after the host machine authenticates to the SCA 4000 card. The KTK is generated outside the FIPS boundary and are input into the card at startup using the public Remote Access Key; the KTK is never output from the module. Master Keys on the module are used to wrap all User and Crypto Officer account information and keying material associated with the SCA 4000 device. When the system and the card powers-up, the Solaris host reads the Master Key wrapped data from an encrypted file on the host file system. This data is sent down to the SCA 4000 card in the wrapped form. When the module receives this encrypted data, the card unwraps the data using the Master Key. The unwrapped data is then used to populate the user account information, and user owned data stores holding User Keys. Master Keys are generated using a FIPS approved PRNG and are only output when they are backed up as part of the device backup command. The Crypto Officer session key encrypts the Master Key to be stored on the host machine's filesystem. User Keys are used to perform cryptographic operations and are created on demand by the User. However, prior storage of a user application keying material within the SCA 4000 keystore, a number of steps must have already taken place: · SCA 4000 device must be initialized · A keystore must be created © Copyright 2004 SUN MICROSYSTEMS Page 16 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. · A user account must be created within the keystore The creation of a SCA 4000 keystore establishes a name space for the creation of users within the keystore. The creation of a user account establishes data for enforcing ownership and access rights to the keying material based on password based authentication. The User Keys are generated using a FIPS approved RNG and are stored outside of the module encrypted with the Master Key. Random Number Generator The SCA 4000 card uses the FIPS-approved RNG specified in FIPS 186-2 DSA- RNG using SHA-1 for generation of cryptographic keys. Key Zeroization There are three ways to zeroize all the keying material on the SCA 4000 card: 1) A jumper located on the board will zeroize all keying material, and all updated firmware, taking the device back to factory state, when it is next powered up. The jumper must be subsequently removed to use the device again. 2) An operator with access to the root login on the host machine can present the correct commands to initiate a zeroization of all the keys on the SCA 4000 card taking the device back to the initial Factory Remote Access Key. This application can be performed when an operator is unauthenticated to the module. 3) The Crypto Officer can zeroize all the keys and updated Remote Access Key via a remote channel (protected under a session key generated using the Remote Access Key) after the operator has properly authenticated. EMI/EMC The module conforms to FCC Part 15 Class B requirements for home use. Self-Tests The SCA 4000 card performs self-tests to monitor the proper functioning of the module. These self-tests are divided into two categories, those run during power- up and those run upon certain conditions. The module consists of the following Power-up Tests: · DES CBC Known Answer Test · 3DES CBC Known Answer Test © Copyright 2004 SUN MICROSYSTEMS Page 17 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. · AES CBC Known Answer Test · DSA Known Answer Test · PRNG Known Answer Test · HMAC-SHA-1 KAT · RSA Sign/Verify Known Answer Test · CRC-32 Firmware Integrity Check The module consists of the following Conditional Tests: · Continuous Random Number Test · RSA Pair-wise Consistency Check · Firmware Load Test · DSA Pairwise Consistency Test Design Assurance Hardware builds are controlled by a build release process. Each hardware build is named, e.g.: P0, P0.1, P1.0, P1.1, P2.0, etc. The hardware version is contained in a PROM part on the device which is accessible by software. User documentation is versioned like source. Each release of the documentation is stored in a separate repository named by release number. Manual pages, and other miscellaneous documentation delivered with the software packages are stored and controlled in the software gates. The source code and firmware version control is done using Source Code Control System © Copyright 2004 SUN MICROSYSTEMS Page 18 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. SECURE OPERATION The Sun Microsystems SCA 4000 meets Level 3 requirements for FIPS 140-2. The sections below describe how to place and keep the module in FIPS- approved mode of operation. Crypto Officer Guidance The Crypto-Officer is responsible for initialization of the module, configuration and management of the module, and termination of the module. Detailed information for the Crypto-Officer can be found in the Sun Microsystems SCA 4000 Installation and User Guide. The module should be checked regularly for signs of tamper-evidence (scratches, holes in the epoxy, etc.). Initialization The Crypto-Officer receives the module from Sun Microsystems via a secure delivery mechanism. The Crypto-Officer can either pick the module up directly from a Sun Microsystems facility, or the module can be shipped to the Crypto- Officer. Before the initial configuration of the module, there is no access control provided by the module. The Crypto-Officer must maintain control of the module and restrict any access to the module. The Crypto-Officer must follow the Sun Microsystems instructions for setting up the module. The Crypto Officer first installs the card, installs the host software packages and uses the administration interface from the host machine to configure the card. The Factory Remote Access Key is used to authenticate to the card and initiate a secure login. Once the card has been initialized with a keystore, the "INIT" led is lit. Additional steps include setting the access control password for users and configuring the module's network settings. The Crypto Officer must also select FIPS mode during the SCA 4000 card configuration. The FIPS led indicator will be lit when the module is operating in a FIPS mode of operation. After this process is complete, the Crypto-Officer is able to begin managing the module through the host machine's vcaadm application and can generate new Users. Additionally, while in a FIPS mode, the module only supports FIPS-approved algorithms (DSA, SHA-1, HMAC-SHA-1, DES Triple-DES and AES) and algorithms permitted for use in a FIPS mode of operation (RSA encryption/decryption for key transport). Termination © Copyright 2004 SUN MICROSYSTEMS Page 19 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. When a module's usage has been completed, the module should be zeroized by the Crypto-Officer in order to wipe all sensitive data. The module should than be stored in a secure location. User Guidance The User is able to use the module as defined above in the description of the User role. The User must be careful not to provide session keys and secret keys to other parties. The User must also not provide the User password to anyone. © Copyright 2004 SUN MICROSYSTEMS Page 20 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice. ACRONYMS Term Definition AES Advanced Encryption Standard ANSI American National Standards Institute CBC Cipher Block Chaining CLI Command Line Interface CMVP Cryptographic Module Validation Program CO Crypto Officer CRC Cyclic Redundancy Checksum CSE Communications Security Establishment CSP Critical Security Parameter DES Data Encryption Standard DSA Digital Signature Algorithm EDC Error Detection Code EMC Electromagnetic Compatibility EMI Electromagnetic Interference FCC Federal Communication Commission FIPS Federal Information Processing Standard HMAC Hashing for Message Authentication Code IPSec Internet Protocol Security IRQ Interrupt Request Line KAT Known Answer Test KTK Key Transport Key LAN Local Area Network LED Light Emitting Diode MAC Message Authentication Code NIC Network Interface Card NIST National Institute of Standards and Technology PCI Peripheral Component Interconnect PKCS Public Key Cryptographic Standard POST Power On Self Test PROM Programmable Read Only Memory RAK Remote Access Key RAM Random Access Memory RNG Random Number Generator ROM Read Only Memory RSA Rivest Shamir and Adleman SA Security Association SADB Security Association Database SHA Secure Hash Algorithm SSL Secure Socket Layer TLS Transport Layer Security Table 8 ­ Terms and Definitions © Copyright 2004 SUN MICROSYSTEMS Page 21 of 21 This document may be freely reproduced and distributed whole and intact including this Copyright Notice.