Specifications
Brocade MLXe® and NetIron® Family Devices with Multi-Service IronWare R05.8.00
Security Target Version 0.4, March 31, 2015
Page 43 of 49
Key or CSP:
Zeroized upon:
Stored in:
Zeroized by:
DRBG Constant C
Every 100ms
RAM
Overwritten with new value
Table 7 Keys and CSPs
The TOE stores all persistent secret and private keys in FLASH and store all ephemeral keys in RAM (as
indicated in the above table). Additionally, the TOE is designed to zeroize secret and private keys when
they are no longer required by the TOE as detailed below. The TOE’s zeroization has been subjected to
FIPS 140 validation. Note that zeroization occurs as follows: 1) when deleted from FLASH, the previous
value is overwritten once with zeroes; 2) when added or changed in FLASH, any old value is overwritten
completely with the new value; and, 3) the zeroization of values in RAM is achieved by overwriting once
with zeroes.
The TOE supports the following different zeroization methods for its secret keys, private keys and CSPs (note that
no public keys appear in this list; they are public and thus need not be zeroizeable). For any given CSP in the table
above, there may be multiple zeroization methods available.
command: fips zeroize all - The device zeros out the shared secrets use by various networking protocols
including host access passwords, SSH host keys, and HTTPS host keys with the digital signature.
• command: no fips enable or no fips enable common-criteria - Zeroizes shared secrets, SSH and HTTPS
host keys, and the HTTPS certificate based on the configured FIPS policy. Either of these commands will
take the TOE out of its evaluated configuration and zeroize the secrets assuming a default FIPS policy. An
administrator can use the prior command, fips zeroize all, to conclusively zeroize all CSPs, secret, and
private keys, irrespective of the configured FIPS policy.
• The SSH session key is transient. It zeroized at the end of a session and recreated at the beginning of a new
session.
• The TLS pre-master secret is generated during the TLS handshake. It is destroyed after it is used.
• The TLS session key is generated for every HTTPS session. The TLS session key is deleted after the
session is closed.
• The DRBG seed is recomputed periodically on 100 millisecond intervals.
• The DH private exponent is generated at the beginning of DH KEX. A new random number overwrites the
memory location used to store the value each time a new session is initiated.
• For SSH, the RSA private key is stored in a locally generated file on flash during the key generation
process. The file is removed during zeroization. The crypto key zeroize command removes the keys.
• For TLS, the RSA private key is stored in a locally generated file on flash during the key generation
process. The private and public key data is overwritten with space characters during zeroization. The
crypto-ssl zeroize command zeroes out the RSA key pair.
These supporting cryptographic functions are included to support the SSHv2 (compliant with RFCs 4251, 4252,
4253, and 4254) and TLSv1.0 (compliant with RFC 2246)/HTTPS (compliant with RFC 2818) secure
communication protocols.
The TOE supports TLSv1.0, TLS 1.1,and TLS 1.2 with AES (CBC) 128 or 256 bit ciphers, in conjunction with
SHA-1, and RSA. The following cipher suites are implemented by the TOE:
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, and
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384.
The TOE supports SSHv2 with AES (CBC) 128 or 256 bit ciphers, in conjunction with HMAC-SHA-1, and RSA
(with diffie-hellman-group14-sha1 for the key exchange method). While other ciphers and hashes are implemented
in the product, they are disabled while the TOE is operating in Common Criteria or FIPS mode.