FIPS 140-2 Non-Proprietary Security Policy for Aruba AP-120 Series and Dell W-AP120 Series Wireless Access Points Version 1.4 February 2012 Aruba Networks™ 1322 Crossman Ave.
1 2 INTRODUCTION ..................................................................................................................................5 1.1 ARUBA DELL RELATIONSHIP ............................................................................................................. 5 1.2 ACRONYMS AND ABBREVIATIONS ..................................................................................................... 5 PRODUCT OVERVIEW .................................................................
.2.2 User Services ............................................................................................................................27 4.2.3 Wireless Client Services ............................................................................................................28 4.2.4 Unauthenticated Services..........................................................................................................29 5 CRYPTOGRAPHIC ALGORITHMS...................................................
1 Introduction This document constitutes the non-proprietary Cryptographic Module Security Policy for the AP-120 series Wireless Access Points with FIPS 140-2 Level 2 validation from Aruba Networks. This security policy describes how the AP meets the security requirements of FIPS 140-2 Level 2, and how to place and maintain the AP in a secure FIPS 140-2 mode. This policy was prepared as part of the FIPS 140-2 Level 2 validation of the product.
LAN LED SHA SNMP SPOE TEL TFTP WLAN Local Area Network Light Emitting Diode Secure Hash Algorithm Simple Network Management Protocol Serial & Power Over Ethernet Tamper-Evident Label Trivial File Transfer Protocol Wireless Local Area Network 6
2 Product Overview This section introduces the various Aruba Wireless Access Points, providing a brief overview and summary of the physical features of each model covered by this FIPS 140-2 security policy. 2.1 Aruba AP-120 Series This section introduces the Aruba AP-120 series Wireless Access Points (APs) with FIPS 140-2 Level 2 validation. It describes the purpose of the AP, its physical attributes, and its interfaces.
2.1.1.1 Dimensions/Weight The AP has the following physical dimensions: 4.9” x 5.13” x 2.0” (124mm x 130mm x 51mm) 15oz (0.42 Kgs) 2.1.1.
Label WLAN 5Ghz Function 5GHz Radio Status Action Status Flashing 2.4GHz Air monitor Off 5GHz radio disabled On - Amber 5GHz radio enabled in WLAN mode On – Green 5GHz radio enabled in 802.11n mode Flashing 2.
3 Module Objectives This section describes the assurance levels for each of the areas described in the FIPS 140-2 Standard. In addition, it provides information on placing the module in a FIPS 140-2 approved configuration. 3.
3.2.2 Aruba AP-124 TEL Placement This section displays all the TEL locations on the Aruba AP-124. The AP124 requires a minimum of 3 TELs to be applied as follows: 3.2.2.1 1. 2. 3.2.2.2 3.
Figure 2: AP-124 Back view Figure 3: AP-124 Left view Figure 4: AP-124 Right view Figure 5: AP-124 Top view 12
Figure 6: AP-124 Bottom view 3.2.3 Aruba AP-125 TEL Placement This section displays all the TEL locations on the Aruba AP-125. The AP125 requires a minimum of 3 TELs to be applied as follows: 3.2.3.1 To detect opening of the chassis cover: 1. 2. 3.2.3.2 Spanning the top and bottom covers on the left side Spanning the top and bottom covers on the right To detect access to restricted ports 3.
Figure 7: AP-125 Front view Figure 8: AP-125 Back view Figure 9: AP-125 Left view 14
Figure 10: AP-125 Right view Figure 11: AP-125 Top view 15
Figure 12: AP-125 Bottom view 3.2.4 Inspection/Testing of Physical Security Mechanisms Physical Security Mechanism Recommended Test Frequency Guidance Tamper-evident labels (TELs) Once per month Examine for any sign of removal, replacement, tearing, etc. See images above for locations of TELs Opaque module enclosure Once per month Examine module enclosure for any evidence of new openings or other access to the module internals.
3.3 Modes of Operation The module has the following FIPS approved modes of operations: • Remote AP (RAP) FIPS mode – When the module is configured as a Remote AP, it is intended to be deployed in a remote location (relative to the Mobility Controller). The module provides cryptographic processing in the form of IPSec for all traffic to and from the Mobility Controller.
5. Enable FIPS mode on the AP. This accomplished by going to the Configuration > Wireless > AP Configuration > AP Group page. There, you click the Edit button for the appropriate AP group, and then select AP > AP System Profile. Then, check the “Fips Enable” box, check “Apply”, and save the configuration. 6.
6. If the staging controller does not provide PoE, either ensure the presence of a PoE injector for the LAN connection between the module and the controller, or ensure the presence of a DC power supply appropriate to the particular model of the module 7. Connect the module via an Ethernet cable to the staging controller; note that this should be a direct connection, with no intervening network or devices; if PoE is being supplied by an injector, this represents the only exception.
represents the only exception. That is, nothing other than a PoE injector should be present between the module and the staging controller. 8. 9. Once the module is connected to the controller by the Ethernet cable, navigate to the Configuration > Wireless > AP Installation page, where you should see an entry for the AP. Select that AP, click the “Provision” button, which will open the provisioning window. Now provision the AP as Remote Mesh Portal by filling in the form appropriately.
select AP > AP System Profile. configuration. Then, check the “Fips Enable” box, check “Apply”, and save the 6. If the staging controller does not provide PoE, either ensure the presence of a PoE injector for the LAN connection between the module and the controller, or ensure the presence of a DC power supply appropriate to the particular model of the module. 7.
Linux implementation is not provided directly. Only Aruba-provided Crypto Officer interfaces are used. There is no user interface provided. 3.5 Logical Interfaces The physical interfaces are divided into logical interfaces defined by FIPS 140-2 as described in the following table. Table 2 - FIPS 140-2 Logical Interfaces FIPS 140-2 Logical Interface Module Physical Interface Data Input Interface 10/100/1000 Ethernet Ports 802.
4 Roles, Authentication and Services 4.1 Roles The module supports the roles of Crypto Officer, User, and Wireless Client; no additional roles (e.g., Maintenance) are supported. Administrative operations carried out by the Aruba Mobility Controller map to the Crypto Officer role. The Crypto Officer has the ability to configure, manage, and monitor the module, including the configuration, loading, and zeroization of CSPs.
4.1.2 User Authentication Authentication for the User role depends on the module configuration. When the module is configured as a Mesh AP, the User role is authenticated via the WPA2 preshared key. When the module is configured as a Remote AP, the User role is authenticated via the same IKE pre-shared key/RSA key pair that is used by the Crypto Officer. In CPSec AP mode, User authentication is accomplished via same RSA key pair that is used by the Crypto Officer. 4.1.
Authentication Mechanism Mechanism Strength Wireless Client WPA2-PSK (Wireless Client Role) For WPA2-PSK there are at least 95^16 (=4.4 x 10^31) possible combinations. In order to test a guessed key, the attacker must complete the 4-way handshake with the AP. Prior to completing the 4-way handshake, the attacker must complete the 802.11 association process.
4.2 Services The module provides various services depending on role. These are described below. 4.2.1 Crypto Officer Services The CO role in each of FIPS modes defined in section 3.3 has the same services. Service Description CSPs Accessed (see section 6 below for complete description of CSPs) FIPS mode enable/disable The CO selects/de-selects FIPS mode as a configuration option. None.
CSPs Accessed (see section 6 below for complete description of CSPs) Service Description Creation/use of secure management session between module and CO The module supports use of IPSec for securing the management channel. Creation/use of secure mesh channel System Status The module requires secure connections between mesh points using 802.
Service Use of WPA preshared key for establishment of IEEE 802.11i keys CSPs Accessed (see section 6 below for complete description of CSPs) Description When the module is in mesh configuration, the inter-module mesh links are secured with 802.11i. This is authenticated with a shared secret 802.11i AES-CCM key 802.11i GMK 802.11i GTK WPA2 PSK 4.2.3 Wireless Client Services The following module services are provided for the Wireless Client role in each of FIPS approved modes.
4.2.4 Unauthenticated Services The module provides the following unauthenticated services, which are available regardless of role. No CSPs are accessed by these services. System status – SYSLOG and module LEDs 802.11 a/b/g/n FTP TFTP NTP GRE tunneling of 802.
5 Cryptographic Algorithms FIPS-approved cryptographic algorithms have been implemented in hardware and firmware. The firmware supports the following cryptographic implementations. ArubaOS OpenSSL AP Module implements the following FIPS-approved algorithms: o AES (Cert. #1851) o HMAC (Cert. #1099) o RNG (Cert. #970) o RSA (Cert. #934) o SHS (Cert. #1628) o Triple-DES (Cert. #1199) ArubaOS Module implements the following FIPS-approved algorithms: o AES (Cert. #1850) o HMAC (Cert.
6 Critical Security Parameters The following Critical Security Parameters (CSPs) are used by the module: STORAGE CSP CSP TYPE GENERATION And USE ZEROIZATI ON Key Encryption (KEK) Key Triple-DES 168-bits key Hard-coded Stored in flash, zeroized by the ‘ap wipe out flash’ command.
STORAGE CSP CSP TYPE GENERATION And USE ZEROIZATI ON IKEv1/IKEv2 DiffieHellman Private key 1024-bit DiffieHellman private key Generated internally during IKEv1/IKEv2 negotiation Stored in plaintext in volatile memory; zeroized when session is closed or system is powered off Used in establishing the session key for IPSec IKEv1/IKEv2 DiffieHellman shared secret 128 bit Octet Generated internally during IKEv1/IKEv2 negotiation Stored in plaintext in volatile memory; zeroized when session is closed
STORAGE CSP CSP TYPE GENERATION And USE ZEROIZATI ON WPA2 PSK 16-64 character shared secret used to authenticate mesh connections and in remote AP advanced configuration 802.11i Pairwise Master Key (PMK) 512-bit shared secret used to derive 802.11i session keys 802.11i Pairwise Transient Key (PTK) 512-bit shared secret from which Temporal Keys (TKs) are derived 802.11i Encrypted in flash using the KEK; zeroized by updating through administrative interface, or by the ‘ap wipe out flash’ command.
STORAGE CSP CSP TYPE GENERATION And USE ZEROIZATI ON 802.11i Group Master Key (GMK) 256-bit secret used to derive GTK Generated from approved RNG Stored in plaintext in volatile memory; zeroized on reboot Used to derive Group Transient Key (GTK) 802.
7 Self Tests The module performs the following Self Tests after being configured into either Remote AP mode or Remote Mesh Portal mode. The module performs both power-up and conditional self-tests. In the event any self-test fails, the module enters an error state, logs the error, and reboots automatically.
For an ArubaOS OpenSSL AP module and ArubaOS cryptographic module KAT failure: AP rebooted [DATE][TIME] : Restarting System, SW FIPS KAT failed For an AES Cavium hardware POST failure: Starting HW SHA1 KAT ...Completed HW SHA1 AT Starting HW HMAC-SHA1 KAT ...Completed HW HMAC-SHA1 KAT Starting HW DES KAT ...Completed HW DES KAT Starting HW AES KAT ...Restarting system.
