Specifications
Cisco Aggregation Services Router (ASR) 901 Series Security Target
Page 42 of 50
TOE SFRs
How the SFR is Met
The TOE supports configuration lifetimes of both Phase 1 SAs and Phase 2 SAs
The TOE supports Diffie-Hellman Group 14 (2048-bit keys)
Peer authentication uses rDSA (RSA), and can be configured to use pre-shared
keys. Pre-shared keys include a combination of upper and lower case letters,
numbers, and special characters and can be 22 characters or longer. Pre-shared
keys are generated and applied to the TOE by the TOE administrator in
coordination with the administrator of the remote IPsec endpoint (e.g. AAA
server, syslog server, NTP server, or VPN Gateway located between the TOE and
those remote servers).
FCS_SSH_EXT.1
The TOE implementation of SSHv2 supports the following:
Compliance with RFCs 4251, 4252, 4253, and 4254;
Dropping packets greater than 65,535 bytes, as such packets would violate
the IP packet size limitations;
Encryption algorithms AES-CBC-128, and AES-CBC-256 to ensure
confidentiality of the session;
Use of the SSH_RSA public key algorithms for authentication
Password based authentication
Hashing algorithm hmac-sha1 and hamc-sha1-96to ensure the integrity of
the session and
Enforcement of DH Group 14 (diffie-hellman-group-14-sha1) as the only
allowed key exchange method.
FCS_RBG_EXT.1
The TOE implements a NIST-approved AES-CTR Deterministic Random Bit
Generator (DRBG), as specified in SP 800-90.
The entropy source used to seed the Deterministic Random Bit Generator (e.g.
based on SP 800-90A/B/C) is a random set of bits or bytes that are regularly
supplied to the DRBG by randomly poll the General Purpose Registers and
capture entropy from it.
This solution is available in the 15.4(4)S or later FIPS/CC approved releases of the
IOS images relating to the platforms mentioned above.
All RNG entropy source samplings are continuously health tested by the NIST
DRBG as per SP 900-90A before using them as a seed. Though related to this, the
tests are part of the FIPS validation procedures for the DBRG and are part of the
NIST validations for FIPS 140-2 for the products. Any initialization or system
errors during bring-up or processing of this system causes a reboot as necessary to
be FIPS compliant. Finally, the system will be zeroizing any entropy seeding
bytes, which will not be available after the current collection.
FDP_RIP.2
The TOE ensures that packets transmitted from the TOE do not contain residual
information from previous packets. Packets that are not the required length use
zeros for padding. Residual data is never transmitted from the TOE. Once packet
handling is completed its content is overwritten before memory buffer which
previously contained the packet is reused. This applies to both data plane traffic and
administrative session traffic.
FIA_PMG_EXT.1
The TOE supports the local definition of users with corresponding passwords. The
passwords can be composed of any combination of upper and lower case letters,