Dell W-AP92 Bedienungsanleitung PDF herunterladen (Seite 40)

6 Critical Security Parameters

The following Critical Security Parameters (CSPs) are used by the module:

CSP

CSP TYPE

GENERATION

STORAGE

And

ZEROIZATI

USE

Key Encryption Key

(KEK)

Triple-DES

168-bits key

Hard-coded

Stored in flash,

zeroized by the

‘ap wipe out

flash’

command.

Encrypts

IKEv1/IKEv2

preshared keys

and

configuration

parameters

IKEv1/IKEv2 Pre-shared

secret

64 character

preshared

key

CO configured

Encrypted in

flash using the

KEK; zeroized

by updating

through

administrative

interface, or by

the ‘ap wipe

out flash’

command.

Module and

crypto officer

authentication

during

IKEv1/IKEv2;

entered into

the module in

plaintext

during

initialization

and encrypted

over the IPSec

session

subsequently.

IPSec session encryption

keys

168-bit

Triple-DES,

128/192/256

bit AES

keys;

Established during

Diffie-Hellman key

agreement

Stored in

plaintext in

volatile

memory;

zeroized when

session is

closed or

system powers

off

Secure IPSec

traffic

IPSec session

authentication keys

HMAC

SHA-1 keys