Module Name
Juniper OpenSSL Cryptographic Module
Historical Reason
SP 800-56Arev3 transition - replaced by certificate #4509
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
Embodiment
Multi-Chip Stand Alone
Description
The Juniper OpenSSL Cryptographic Module is a set of software libraries implementing the Transport Layer Security (TLS) protocol v1.0, v1.1 and v1.2 and Datagram Transport Layer Security (DTLS) protocol v1.0 and v1.2, as well as general purpose cryptographic algorithms.
Tested Configuration(s)
- Junos OS Evolved version 19.4R2 running on Juniper Networks Packet Transport Router Model PTX10003-80C with Intel Xeon E5-2628Lv4 with PAA
- Junos OS Evolved version 19.4R2 running on Juniper Networks Packet Transport Router Model PTX10003-80C with Intel Xeon E5-2628Lv4 without PAA(single-user mode)
Approved Algorithms
AES |
Certs. #A650, #A653 and #A2017 |
CVL |
Cert. #A650 |
DRBG |
Cert. #A650 |
DSA |
Cert. #A650 |
ECDSA |
Cert. #A650 |
HMAC |
Cert. #A650 |
KTS |
AES Certs. #A650 and #A2017; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
AES Certs. #A650, #A653 and #A2017; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Certs. #A650 and #A2017 and HMAC Cert. #A650; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
Triple-DES Cert. #A650 and HMAC Cert. #A650; key establishment methodology provides 112 bits of encryption strength |
RSA |
Cert. #A650 |
SHS |
Certs. #A650 and #A2017 |
Triple-DES |
Cert. #A650 |
Allowed Algorithms
Diffie-Hellman (CVL Cert. #A650 with CVL Cert. #A650, key agreement; key establishment methodology provides between 112 and 219 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #A650 with CVL Cert. #A650, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)