Module Name
PL-2000M, PL-2000AD and PL-2000ADS
Historical Reason
SP 800-56Arev3 transition
Caveat
When installed, initialized and configured as specified in the Security Policy Section 10 and operated in FIPS mode
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
PacketLight's PL-2000M, PL-2000AD and PL-2000ADS Layer-1 encryption solutions ensure the confidentiality and integrity of data, based on GCM-AES-256 encryption standards, supporting Diffie-Hellman (DH) key exchange up to every 1-minute. In addition, the solutions support multiple protocols including 10G/40G/100G Ethernet, 8G/16G/32G Fibre Channel, OTU2/OTU2e/OTU3/OTU4 and STM-64/OC-192
Approved Algorithms
|
|
AES |
Certs. #C221 and #C416 |
CKG |
vendor affirmed |
CVL |
Cert. #C416 |
DRBG |
Cert. #C416 |
HMAC |
Cert. #C416 |
KTS |
AES Cert. #C221 |
KTS |
AES Cert. #C416; key establishment methodology provides between 128 and 256 bits of encryption strength |
RSA |
Cert. #C416 |
SHS |
Cert. #C416 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #C 416, key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #C 416, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG
Hardware Versions
PL-2000M, PL-2000AD, PL-2000ADS