Hardware manual
Version 1.1, 03/31/2015
GSS CCT Evaluation Technical Report Page 18 of 56 © 2015 Gossamer Security Solutions, Inc.
Document: AAR-BrocadeNetIron5.8 All rights reserved.
2. When they are zeroized: The paragraph following the list identified above indicates they are destroyed
when no longer needed and that is followed up with more detail in some cases.
3. Type of zeroization procedure: The paragraph following the list identified above indicates that in FLASH
values are either overwritten once with zeros or overwritten with a new value. In RAM values are
overwritten once with zeroes.
The description in the TSS indicates that the TOE stores persistent keys in Flash and ephemeral keys in RAM.
Guidance Assurance Activities: None Defined
Testing Assurance Activities: None Defined
2.2.3 CRYPTOGRAPHIC OPERATION (FOR DATA ENCRYPTION/DECRYPTION) (FCS_COP.1(1))
2.2.3.1 FCS_COP.1(1).1
TSS Assurance Activities: None Defined
Guidance Assurance Activities: None Defined
Testing Assurance Activities: The evaluator shall use tests appropriate to the modes selected in the above
requirement from 'The Advanced Encryption Standard Algorithm Validation Suite (AESAVS)', 'The XTS-AES
Validation System (XTSVS)', 'The CMAC Validation System (CMACVS)', 'The Counter with Cipher Block Chaining-
Message Authentication Code (CCM) Validation System (CCMVS)', and 'The Galois/Counter Mode (GCM) and
GMAC Validation System (GCMVS)' (these documents are available from
http://csrc.nist.gov/groups/STM/cavp/index.html) as a guide in testing the requirement above. This will require
that the evaluator have a reference implementation of the algorithms known to be good that can produce test
vectors that are verifiable during the test.
The TOE has been FIPS approved. The AES certificate numbers are 2717 and 2715.