Reference Guide
36
7
RNG seed key
FIPS 186-2 RNG Seed
key (512 bits)
Derived using NON-
FIPS approved HW
RNG
Stored in plaintext in
volatile memory.
Zeroized on reboot.
Seed 186-2 General
purpose (x-change
Notice); SHA-1 RNG
8
Diffie-Hellman
private key
Diffie-Hellman private
key (224 bits)
Generated internally
during Diffie-Hellman
Exchange
Stored in the volatile
memory. Zeroized
after the session is
closed.
Used in establishing
the session key for an
IPSec session
9
Diffie-Hellman public
key
Diffie-Hellman public
key (2048 bits)
Note: Key size of DH
Group 1 (768 bits) and
Group 2 (1024 bits) are
not allowed in FIPS
mode.
Generated internally
during Diffie-Hellman
Exchange
Stored in the volatile
memory. Zeroized
after the session is
closed.
Used in establishing
the session key for an
IPSec session
10
Diffie-Hellman shared
secret
Diffie-Hellman shared
secret (2048 bits)
Established during
Diffie-Hellman
Exchange
Stored in plain text in
volatile memory,
Zeroized when session
is closed.
Used in establishing
the session key for an
IPSec session
11
EC Diffie-Hellman
private key
Elliptic Curve Diffie-
Hellman (P-256 and P-
384).
Generated internally
during EC Diffie-
Hellman Exchange
Stored in the volatile
memory. Zeroized
after the session is
closed.
Used in establishing
the session key for an
IPSec session
12
EC Diffie-Hellman
public key
Elliptic Curve Diffie-
Hellman (P-256 and P-
384).
Generated internally
during EC Diffie-
Hellman Exchange
Stored in the volatile
memory. Zeroized
after the session is
closed.
Used in establishing
the session key for an
IPSec session
13
EC Diffie-Hellman
shared secret
Elliptic Curve Diffie-
Hellman ( P-256 and P-
384)
Established during EC
Diffie-Hellman
Exchange
Stored in plaintext in
volatile memory.
Zeroized when session
is closed.
Key agreement in
IKEv1/IKEv2