Module Name
Hughes Crypto Kernel
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode
Security Level Exceptions
- Tested: Hughes 7700S Satellite Router running VxWorks 5.4
Embodiment
Multi-chip standalone
Description
The Hughes Crypto Kernel (HCK) is a FIPS 140-2 Level 1 cryptographic module available for the Hughes HN and HX systems. The HCK enables the use of end-to-end bidirectional encryption between a remote site and the enterprise data center, while still enabling the use of all Hughes satellite acceleration features, as well as Hughes' advanced routing, prioritization and access control capabilities. The HCK uses AES 128 bit encryption to encrypt user traffic, uses IKE to dynamically generate session keys used for encryption, and ensures message authentication and integrity using HMAC-SHA-1.
Approved Algorithms
AES |
Cert. #616 |
DSA |
Cert. #239 |
HMAC |
Cert. #319 |
RNG |
Cert. #351 |
SHS |
Cert. #664 |
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength; non-compliant)