Caveat
The tamper evident seals are installed as indicated in the Security Policy. This module contains the embedded module NPCT6XX TPM 2.0 validated to FIPS 140-2 under Cert. #2627 operating in FIPS mode.
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Maxar AEDS is a network based ground to spacecraft AES GCM & CTR mode encryption/decryption appliance hosted on a 1U network security server. It can support multiple channels simultaneously on up to 6 different subnets with speeds over 75 Mbit/s. There is a web based Crypto Operator interface for easy set-up and configuration. The User interfaces are TCP/IP socket based and follow a straightforward ICD. Both are protected with TLS 1.2.
Approved Algorithms
AES |
Cert. #A2061 |
CKG |
vendor affirmed |
CVL |
Certs. #2178 and #C585 |
DRBG |
Cert. #A2061 |
HMAC |
Cert. #A2061 |
KAS |
KAS-SSC Cert. #A2062, CVL Cert. #C585 |
KAS-SSC |
Cert. #A2062 |
KTS |
AES Cert. #A2061; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Cert. #A2061 and HMAC Cert. #A2061; key establishment methodology provides 128 or 256 bits of encryption strength |
RSA |
Certs. #A2061 and #A2090 |
SHS |
Cert. #A2061 |
Allowed Algorithms
RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); NDRNG
Hardware Versions
Revision 1
Firmware Versions
1.0.6.1558.2958