Module Name
CN8000 Multi-slot Encryptor
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode and installed, activated, and configured per Security Policy section 8.3
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The CN8000 is a high-speed multi-slot hardware encryption platform that secures data over optical Ethernet and Fibre Channel networks. The CN8000 supports up to 10 high speed encryption slots. Each slot can be configured by the user to support 1-10Gb/s Ethernet or 1-4Gb/s Fibre Channel. The CN8000 module contains removable SFP+ transceivers to provide flexibility in connecting to the physical network. Data privacy is provided by FIPS approved AES CFB and CTR algorithms. GCM is also available for applications that demand authentication.
Approved Algorithms
| AES |
Certs. #4010, #4414, #4416 and #4554 |
| CKG |
vendor affirmed |
| CVL |
Cert. #1234 |
| DRBG |
Cert. #1504 |
| ECDSA |
Cert. #1109 |
| HMAC |
Cert. #3008 |
| KAS |
Cert. #124 |
| KTS |
vendor affirmed |
| KTS |
AES Cert. #4554 and HMAC Cert. #3008; key establishment methodology provides between 128 and 256 bits of encryption strength |
| RSA |
Cert. #2481 |
| SHS |
Cert. #3732 |
| Triple-DES |
Cert. #2425 |
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1234, key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1234, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
A8003-01, A8003-02, A8003-03, A8003-04, A8003-05, A8003-06, A8003-07, A8003-08, A8003-09 and A8003-10
