Module Name
Juniper Kernel Crypto Cryptographic Module
Caveat
When operated in FIPS mode with bound module Juniper OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #4131 operating in FIPS mode. The module generates random strings whose strengths are modified by available entropy
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Juniper Kernel Cryptographic Module is a software module running as part of the operating system kernel that provides general purpose cryptographic services.
Tested Configuration(s)
- Junos OS Evolved version 19.4R2 running on Juniper Networks Packet Transport Router Model PTX10003-80C with Intel Xeon E5-2628Lv4 with PAA
- Junos OS Evolved version 19.4R2 running on Juniper Networks Packet Transport Router Model PTX10003-80C with Intel Xeon E5-2628Lv4 without PAA(single-user mode)
Approved Algorithms
AES |
Certs. #A2409, #A2410, #A2411, #C1883, #C1890 and #C1891 |
DRBG |
Cert. #C1883 |
HMAC |
Certs. #A650, #A2409 and #C1883 |
KTS |
AES Certs. #A2409, #A2410, #A2411, #C1883, #C1890 and #C1891; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
AES Certs. #A2409 and #C1883 and HMAC Certs. #A2409 and #C1883; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
Triple-DES Certs. #A2409 and #C1883 and HMAC Certs. #A2409 and #C1883; key establishment methodology provides 112 bits of encryption strength |
RSA |
Cert. #C1883 |
SHS |
Certs. #A2409 and #C1883 |
Triple-DES |
Certs. #A2409 and #C1883 |
Allowed Algorithms
NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)