Manualshelf

Specifications

ManualsBrandsAruba ManualsComputer equipment620
61626364656667686970
Security Target Version 1.0 9/29/2014
67
EC Diffie-
Hellman shared
secret
Elliptic Curve
Diffie-Hellman (
P-256 and P-384)
Established during EC
Diffie-Hellman
Exchange
Stored in plaintext in
volatile memory.
Zeroized when
session is closed.
Key agreement in
IKEv1/IKEv2
RADIUS server
shared secret
8-128 character
shared secret
CO configured Stored encrypted in
Flash with the KEK.
Zeroized by changing
(updating) the pre-
shared key through
the User interface.
Module and RADIUS
server authentication
Enable secret 8-64 character
password
CO configured Store in ciphertext in
flash. Zeroized by
changing (updating)
through the user
interface.
Administrator
authentication
User Passwords 8-64 character
password
CO configured Stored encrypted in
Flash with KEK.
Zeroized by either
deleting the password
configuration file or
by overwriting the
password with a new
one.
Authentication for
accessing the
management
interfaces, RADIUS
authentication
IKEv1/IKEv2 Pre-
shared key
64 character pre-
shared key
CO configured Stored encrypted in
Flash with the KEK.
Zeroized by changing
(updating) the pre-
shared key through
the User interface.
User and module
authentication during
IKEv1, IKEv2
skeyid HMAC-SHA-
1/256/384
(160/256/384 bits)
Established during
IKEv1 negotiation
Stored in plaintext in
volatile memory.
Zeroized when
session is closed.
Key agreement in
IKEv1
skeyid_d HMAC-SHA-
1/256/384
(160/256/384 bits)
Established during
IKEv1 negotiation
Stored in plaintext in
volatile memory.
Zeroized when
session is closed.
Key agreement in
IKEv1
IKEv1/IKEv2
session
authentication key
HMAC-SHA-
1/256/384 (160 /
256 / 384 bits)
Established as a result
of IKEv1/IKEv2
service
implementation.
Stored in plaintext in
volatile memory.
Zeroized when
session is closed.
IKEv1/IKEv2 payload
integrity verification
IKEv1/IKEv2
session encryption
key
Triple-DES (168
bits/AES
(128/196/256 bits)
Established as a result
of IKEv1/IKEv2
service
implementation.
Stored in plaintext in
volatile memory.
Zeroized when
session is closed.
IKEv1/IKEv2 payload
encryption