Manualshelf

Specifications

ManualsBrandsAruba ManualsComputer equipment620
61626364656667686970
Security Target Version 1.0 9/29/2014
68
IPSec session
encryption keys
Triple-DES (168
bits / AES
(128/196/256 bits)
Established during the
IPSec service
implementation
Stored in plaintext in
volatile memory.
Zeroized when the
session is closed.
Secure IPSec traffic
IPSec session
authentication
keys
HMAC-SHA-1
(160 bits)
Established during the
IPSec service
implementation
Stored in plaintext in
volatile memory.
Zeroized when the
session is closed.
User authentication
SSHv2 session
keys
AES
(128/196/256 bits)
Established during the
SSHv2 key exchange
Stored in plaintext in
volatile memory.
Zeroized when the
session is closed.
Secure SSHv2 traffic
SSHv2 session
authentication key
HMAC-SHA-1
(160-bit)
Established during the
SSHv2 key exchange
Stored in plaintext in
volatile memory.
Zeroized when the
session is closed.
Secure SSHv2 traffic
TLS pre-master
secret
48 byte secret Externally generated Stored in plaintext in
volatile memory.
Zeroized when the
session is closed.
TLS key agreement
TLS session
encryption key
AES 128/192/256
bits
Generated in the
module during the
TLS service
implementation
Stored in plaintext in
volatile memory.
Zeroized when the
session is closed.
TLS session
encryption
TLS session
authentication key
HMAC-SHA-
1/256/384
(160/256/384 bits)
Generated in the
module during the
TLS service
implementation
Stored in plaintext in
volatile memory.
Zeroized when the
session is closed.
TLS session
authentication
RSA Private Key RSA 1024/2048
bit private key
Generated in the
module
Stored in flash
memory encrypted
with KEK. Zeroized
by the CO command
write erase all.
Used by TLS and
EAP-TLS/PEAP
protocols during the
handshake, used for
signing OCSP
responses, and used by
IKEv1/IKEv2 for
device authentication
and for signing
certificates
RSA public key RSA 1024/2048
bit public key
Generated in the
module
Stored in flash
memory encrypted
with KEK. Zeroized
by the CO command
write erase all.
Used by TLS and
EAP-TLS/PEAP
protocols during the
handshake, used for
signing OCSP
responses, and used by
IKEv1/IKEv2 for
device authentication
and for signing
certificates