Specifications
64
FIPS certificate #1448 (APs 1131, 1142, 1242, 1252, 1262, 3502e and 3502i)
FIPS certificate #1888 (AP 1552)
FIPS certificate #1909 (WiSM2)
FIPS certificate #1875 (WiSM)
FIPS certificate #1853 (Controllers 4402, and 4404)
FIPS certificate #1829 (Controller 5508)
FCS_CKM.1(1)
The following values are generated by FIPS 140-2 evaluated cryptographic modules.
Generated by AP: DTLS pre-master secret
Generated by Controller: TLS pre-master secret, Infrastructure MFP MIC Key, EAP-
FAST Server Key and EAP-FAST PAC-Key
All of these values are generated using FIPS 140-2 approved and certified RNGs. SP 800-57
compliant key integrity protection is provided by the physical protection of a certified
cryptographic module.
FCS_CKM.1(2)
DSA and RSA keys are generated according to FIPS 186-3, using a FIPS approved RNG. Key
validity is assured by the means of a pairwise integrity test when the keys are generated. Key
integrity protection is provided by the physical protection of a certified cryptographic module.
FCS_CKM.2
Electronic key distribution methods used in the WLAN Access System include RSA key
wrapping as part of the DTLS protocol that underlies CAPWAP and AES Key Wrap for
distribution of the 802.11i Pairwise Temporal Key. The AES Key Wrap Key is entered via the
Controller GUI rather than generated in the TOE, to comply with SP 800-57 Section 8.1.5 the
source of the key should be approved by the U.S. Government for the protection of national
security information. The RSA key wrap keys are generated in FIPS 140-2 validated
cryptographic modules. Once in the system both types of keys are protected in accordance with
section 6 of SP 800.57 (as per FCS_CKM.1(1) and FCS_CKM.1(2)).
When the ACS/ISE distributes the PMK to the Controller it performs AES key wrapping on the
PMK. Key wrapping protects the confidentiality and integrity of Pairwise Master Keys (PMK)
under FIPS 140-2 validation when the keys are in transit. From the Controller to the AP, the
PMK is protected via the FIPS 140-2 validated assured channel with AES-CBC encryption.
Keys are distributed to the APs from the Controller/WiSM over a CAPWAP control session.
During a CAPWAP session, the APs first authenticate to the Controller/WiSM using an RSA
key pair. After a successful authentication, the CAPWAP session key generated in the
Controller/WiSM is transported to the AP wrapped with AP’s RSA key.
Discrete logarithm cryptography is not used for key distribution in the TOE.
FCS_CKM_(EXT).2
All keys transmission techniques used by the TOE include integrity mechanisms to detect errors.
Private keys on the AP and Controller are stored in PKCS#12 files that are AES encrypted.
Private keys on the ACS/ISE are stored encrypted in NSS tokens or in an encrypted database.
The Controller administrator may configure the length of time that an inactive session may exist
before it is terminated, when that occurs non-persistent cryptographic keys are zeroized.
The TOE does not support archiving of private keys.
FCS_CKM.4
Key destruction (zeroization) for the AP and Controller modules is a onetime operation for
hardware, factory burned certificates. The Controller FIPS 140-2 Security Policy stipulates that
zeroization should take place over the Controller CLI, which will take the TOE out of the
evaluated configuration. Once the zeroization operation is performed for hardware certificates
the TOE components will be non-communicative.
Intermediate key values are zeroized by the Controller and AP, and all transient key values such
as session keys are zeroized when their associated sessions are complete.