ViaSat, Inc.
EBEM Cryptographic Module Security Policy, 1179470, Rev. 006,
November 12, 2015
14
ViaSat, Inc.
Dissemination restricted as described on cover page
Static IA Private Key: Used to digitally sign the Ephemeral KE public key sent in Key
Transport messages for PKI-authenticated circuit establishment.
Ephemeral KE Private Key: Used to derive the PKI Circuit KEK to encrypt the TEK sent
in Key Transport messages for PKI-authenticated circuit establishment.
Static KE Private Key: Used to derive the PKI Circuit KEK used to decrypt the TEK
received in Key Transport messages for PKI-authenticated circuit establishment.
SMAT Circuit Ephemeral Private Key: Module's private key used for SMAT-based
circuit establishment with peer modem, per NIST SP800-56A C (2e, 0s, ECC CDH).
Key Fill Ephemeral Private Key: Private key used for Key Fill KEK establishment with
LCT, per NIST SP800-56A C (2e, 0s, ECC CDH).
Key Fill KEK: A 256-bit AES key used to encrypt private keys filled into the modem.
ECC CDH Primitive Shared Secret: FIPS SP800-56A C(2e, 0s, ECC CDH) and C(1e, 1s,
ECC CDH), key agreement schemes and used with the Concatenation KDF to establish
key material for SMAT/PKI authenticated circuits and private key fill.
Bypass Flag: Determines if a circuit is processed as plaintext or `encryption enabled.'
Crypto Compatibility Mode: When enabled, uses SHA-1 instead of SHA-512 for the
HMAC and the KDF for backward compatibility with modules that did not have SHA-
512 implemented. This is part of our transition plan to eventually eliminate SHA-1
support while maintaining backward compatibility with older SW/FW versions.
CO Password: 8-character minimum, 20-character maximum, chosen from upper and
lowercase letters, 10 digits, and 10 special characters; used to authenticate CO and will
lockout after 3 to 5 (configurable by CO) failed attempts.
Administrator Password(s): 8-character minimum, 20-character maximum, chosen from
upper and lowercase letters, 10 digits, and 10 special characters; used to authenticate the
Administrator and will lockout after 3 to 5 (configurable by CO) failed attempts.
Operator Password(s): 8-character minimum, 20-character maximum, chosen from upper
and lowercase letters, 10 digits, and 10 special characters; used to authenticate the
Operator and will lockout after 3 to 5 (configurable by CO) failed attempts.
Local Unique Key (LUK): A 256-bit AES key used to encrypt CSPs so they can be stored
on the RAM or flash file system.
Definition of Public Keys:
The following are the public keys contained in the module.
Firmware/Feature Trust Anchor FIPS 186-4 ECDSA Public Key: Used to validate the
authenticity of signed code images and/or feature files
ESEM Configuration File Trust Anchor FIPS 186-2 ECDSA Public Key: Used to
validate the authenticity of ESEM configuration files
SMAT Circuit Ephemeral Public Key: Module's public key used for SMAT-
authenticated circuit establishment with peer modem, per NIST SP800-56A C (2e, 1s,
ECC CDH).
SMAT Circuit Remote Modem's Ephemeral Public Key: Peer Modem's public key used
for circuit establishment, per NIST SP800-56A C (2e, 1s, ECC CDH).
PKI Circuit Trust Anchor ECDSA Public Key: Used to validate ECDSA signatures of