Cisco IPS4345 Manual de usuario descargar pdf (Pagina 31)

Cisco Intrusion Prevention System Security Target

5.2.2.3 FCS_COP.1(1) Cryptographic Operation (for data encryption/decryption)

FCS_COP.1.1(1) Refinement: The TSF shall perform [encryption and decryption] in

accordance with a specified cryptographic algorithm [AES operating in [CBC mode]] and

cryptographic key sizes 128-bits, 256-bits, and no other key sizes that meets the following:

 FIPS PUB 197, “Advanced Encryption Standard (AES)”

 NIST SP 800-38A

5.2.2.4 FCS_COP.1(2) Cryptographic Operation (for cryptographic signature)

FCS_COP.1.1(2) Refinement: The TSF shall perform cryptographic signature services in

accordance with a:

RSA Digital Signature Algorithm (rDSA) with a key size (modulus) of 2048 bits or greater,

that meets the following:

Case: RSA Digital Signature Algorithm

 FIPS PUB 186-2 or FIPS PUB 186-3, “Digital Signature Standard”

5.2.2.5 FCS_COP.1(3) Cryptographic Operation (for cryptographic hashing)

FCS_COP.1.1(3) Refinement: The TSF shall perform [cryptographic hashing services] in

accordance with a specified cryptographic algorithm SHA-1 and message digest sizes 160 bits

that meet the following: FIPS Pub 180-3, “Secure Hash Standard.”

5.2.2.6 FCS_COP.1(4) Cryptographic Operation (for keyed-hash message authentication)

FCS_COP.1.1(4) Refinement: The TSF shall perform [keyed-hash message authentication] in

accordance with a specified cryptographic algorithm HMAC-[ SHA-1], key size [160-bits], and

message digest sizes [160] bits that meet the following: [FIPS Pub 198-1, "The Keyed-Hash

Message Authentication Code, and FIPS Pub 180-3, “Secure Hash Standard.”]

5.2.2.7 FCS_HTTPS_EXT.1 Explicit: HTTPS

FCS_HTTPS_EXT.1.1 The TSF shall implement the HTTPS protocol that complies with RFC

2818.

1 2 ... 26 27 28 29 30 31 32 33 34 35 36 ... 60 61

Sin comentarios

Cisco IPS4345 Manual de usuario Pagina 31