the xirrus wi fi array xn4, xn8, xn12, xn16 security policy · page 3 1. module overview the xirrus...
TRANSCRIPT
Page1
TheXirrusWi‐FiArrayXN4,XN8,XN12,XN16
SecurityPolicyDocumentVersion1.0
Xirrus,Inc.
February15,2011
Copyright©Xirrus,Inc.2011.Maybereproducedonlyinitsoriginalentirety[withoutrevision].
Page2
TABLEOFCONTENTS
1.MODULEOVERVIEW .............................................................................................................................. 3
2.SECURITYLEVEL ..................................................................................................................................... 4
3.MODESOFOPERATION .......................................................................................................................... 4
4.IMPLEMENTINGFIPSSECURITY .......................................................................................................... 6
TOIMPLEMENTFIPS140‐2,LEVEL2USINGWMI(5.0VERSION) ................................................................... 6 TOCHECKIFANARRAYISINFIPSMODE: ....................................................................................................... 8 TOIMPLEMENTFIPS140‐2,LEVEL2USINGCLI(4.1AND5.0VERSION): ........................................................ 8
5.PORTSANDINTERFACES ...................................................................................................................... 9
6.IDENTIFICATIONANDAUTHENTICATIONPOLICY .......................................................................... 9
7.ACCESSCONTROLPOLICY ................................................................................................................... 10
ROLESANDSERVICES .................................................................................................................................. 10 DEFINITIONOFCRITICALSECURITYPARAMETERS(CSPS) ............................................................................. 11
8.OPERATIONALENVIRONMENT .......................................................................................................... 13
9.SECURITYRULES .................................................................................................................................. 13
10.PHYSICALSECURITYPOLICY ............................................................................................................ 15
PHYSICALSECURITYMECHANISMS ............................................................................................................... 15 OPERATORREQUIREDACTIONS ................................................................................................................... 15 OPERATORREQUIREDACTIONS ................................................................................................................... 15
11.MITIGATIONOFOTHERATTACKSPOLICY .................................................................................... 17
12.DEFINITIONSANDACRONYMS ........................................................................................................ 18
Page3
1.ModuleOverviewTheXirrusWi‐FiArray(ModelsXN4,XN8,XN12andXN16)aremulti‐chipstandalonecryptographicmodules.TheprimarypurposeforthisdeviceistoprovidedatasecurityforwirelessInternetProtocol(IP)traffic.
Figure1–ImageoftheXirrusWi‐FiArray
TheXirrusWi‐FiArraysallusethesamebasicdesign.Therearetwoformfactors,asmallonefor4radioarraysandalargeroneforeighttosixteenradioarrays.TheXN16modelsuse16radios,theXN12modelsuse12radios,theXN8modelsuse8radiosandtheXN4modelsuse4radios.TheXN8,XN12andXN16allusethesamePCB’swithdifferentbuildoptionsfornumberofradios.Thesamefirmwareisusedinallmodels.
Table1–PartNumberTable
Model PartNumber Version FirmwareXN16 190‐0111‐001 D 4.1and5.0XN12 190‐0128‐001 D 4.1and5.0XN8 190‐0110‐002 B 4.1and5.0XN4 190‐0109‐001 D 4.1and5.0
Page4
2.SecurityLevelThecryptographicmodulemeetstheoverallrequirementsapplicabletoLevel2securityofFIPS‐140‐2.
Table2‐ModuleSecurityLevelSpecification
SecurityRequirementsSection LevelCryptographicModuleSpecification 2ModulePortsandInterfaces 2Roles,ServicesandAuthentication 2FiniteStateModel 2PhysicalSecurity 2OperationalEnvironment N/ACryptographicKeyManagement 2EMI/EMC 2Self‐Tests 2DesignAssurance 2MitigationofOtherAttacks N/A
3.ModesofOperationApprovedmodeofoperation
InFIPSmode,thecryptographicmoduleonlysupportsFIPSApprovedalgorithmsasfollows:
AES(Cert.#1508;ECBandCBC128‐bit;encryption) AES(Cert.#1508;CCMmode) AES(Cert.#1515;CBC128and256bit) TDES(Cert.#1009) HMAC‐SHA‐1(Cert.#860) SHA‐1(Cert.#1325) RSA(Cert.#715) RNGbasedonANSIX9.31AppendixA.2.4usingAESAlgorithm(Cert.#800)
ThemoduleimplementsthefollowingNon‐ApprovedalgorithmsallowedforuseintheFIPSApprovedModeofOperation:
Non‐ApprovedRNG(/dev/urandom) MD5forTLSsessionkeyderivation RSA for key establishment (Key wrapping; Key establishment
methodologyprovides80bitsofencryptionstrength) Diffie‐Hellman for SSH key establishment (Key agreement; key
establishmentmethodologyprovides80bitsor112bitsofencryptionstrength)
Page5
RC4(consideredplaintext)
Non‐FIPSmodeofoperation
Innon‐FIPSmode,thecryptographicmoduleprovidesnon‐FIPSApprovedalgorithmsasfollows:
RC4forencryption/decryptioninTKIPandWEP
MD5
SoftwareRNG(/dev/urandom)
Page6
4.ImplementingFIPSSecurityWi‐FiArraysmaybeconfiguredtosatisfytherequirementsforLevel2ofFederalInformationProcessingStandard(FIPS)Publication140‐2.TheprocedureinthissectionlistssimplestepsthatmustbefollowedexactlytoimplementFIPS140‐2,Level2.Theprocedureincludesphysicalactions,andparametersthatmustbesetinWebManagementInterface(WMI)windowsintheSecuritysectionandinothersections.ToimplementFIPS140‐2,Level2usingWMI(5.0version)1. EnableHTTPSusingtheCLIifitisnotalreadyenabled,usingthefollowingcommand:
Xirrus_Wi‐Fi_Array(config)#httpson
ThisallowstheWebManagementInterfacetobeusedfortherestofthisprocedure.HTTPSisenabledonArraysbydefault.
2. SelecttheManagementControlfromtheSecuritywindow.
Figure10–SecurityManagementControlWindow
3. SetFIPS140‐2,Level2SecuritytoOn(Figure11).ClickApplyandthenOK
Page7
Figure11–SettingFIPsmodeOn
4. ClickSavethenOK.
Page8
Figure12–Saveconfiguration
TocheckifanArrayisinFIPSmode:
YoumaydeterminewhetherornottheArrayisrunninginFIPSmodebyverifyingthatthesettingsdescribedinthepreviousprocedureareineffect.ToimplementFIPS140‐2,Level2usingCLI(4.1and5.0version):
1. ThefollowingCLIcommandwillperformallofthesettingsrequiredtoputtheArrayinFIPSmode:
Xirrus_Wi‐Fi_Array(config)#fipson
ThiscommandremembersyourprevioussettingsforFIPS‐relatedattributes.Theywillberestoredifyouusethefipsoffcommand.Usethesavecommandtosavethesechangestoflashmemory.
2. UsethefipsoffcommandifyouwouldliketoreverttheFIPSsettingsbacktothevaluestheyhadbeforeyouenteredthefipsoncommand.
Xirrus_Wi‐Fi_Array(config)#fipsoff
Usethesavecommandtosavethesechangestoflashmemory.
Xirrus Xirrus Wi-Fi Array Security Policy Version 1.0 January 28, 2011
Page9
5.PortsandInterfacesThecryptographicmoduleprovidesthefollowingphysicalportsandlogicalinterfaces:
10/100EthernetPort:datainput,dataoutput,controlinput,statusoutputGigabitEthernetPort:datainput,dataoutput,controlinput,statusoutputSerialPort(RS232):datainput,dataoutput,controlinput,statusoutputTX/RXRadioPort:datainput,dataoutputLEDs:statusoutput(Ethernetstatus,Integratedaccesspointstatus,Arraystatus)Power:PowerInputPower:PowerprovidedbyPOE
6.IdentificationandAuthenticationPolicyAssumptionofroles
Thecryptographicmoduleshallsupporttwodistinctoperatorroles(UserandCryptoOfficer).TheCryptoOfficerroleshallbeperformedbytheAdministratormanagingthedevice,andtheUserroleshallbeperformedbythewirelessclientusingthedevicetosendandreceivedata.
Table3‐RolesandRequiredIdentificationandAuthentication
Role TypeofAuthentication AuthenticationDataCryptoOfficer Identity‐basedoperator
authenticationUsernameandPassword
User Rolebasedoperatorauthentication PSK
Model 10/100EthernetPort
GigabitEthernetPort
SerialPort(RS232)
TX/RXRadioPort
StatusLEDs
XN16 1 2 1 16 20XN12 1 2 1 12 16XN12 1 2 1 8 12XN4 N/A 1 1 4 6
Xirrus Xirrus Wi-Fi Array Security Policy Version 1.0 January 28, 2011
Page10
Table4–StrengthsofAuthenticationMechanisms
AuthenticationMechanism StrengthofMechanismUsernameandPassword Passwordsareatleast5characterslong,
with94charactersavailable.Therefore,theprobabilitythatarandomattemptwillsucceedorafalseacceptancewilloccuris1/7,339,040,224whichislessthan1/1,000,000.Toexceed1in100,000probabilityofasuccessfulrandomattemptduringa1‐minuteperiod,73391(1233persecond)attemptswouldhavetobeexecuted.Thisisnotfeasiblefromastandpointofdevicecapabilities.
PSK 802.11iPre‐SharedKey(PSK)is32bytes(256bits)long,thereforethereare2256possibilitiesforaPSK.Thismeansthatexceeding1in100,000probabilityofasuccessfulrandomattemptduringa1‐minuteperiodisnotfeasiblefromadevicecapabilitiesstandpoint.
7.AccessControlPolicyRolesandServices
Table5–ServicesAuthorizedforRoles
Role AuthorizedServicesUser:ThisroleshallprovidealloftheservicesnecessaryforthesecuretransportofdataoverWi‐Fi.
802.11iwithPSK:Thisserviceallowsausertoauthenticateandsend/receivedatainasecuremannerusing802.11iPSKmode.
CryptoOfficer(CO):ThisrolemanagesthecryptographicmoduleinasecurefashionovertheCLIorWMI.
ManageConfiguration:ThisserviceallowsanadministratortochangeconfigurationsettingswithinthemodulesuchasestablishingSSIDs,modifyingusageofpower,turningradioson/off,andaddingnewusers.Additionally,itallowsanadministratortoperformthezeroizationprocess,toloadnewfirmwareintothe
Xirrus Xirrus Wi-Fi Array Security Policy Version 1.0 January 28, 2011
Page11
moduleandtodisplaythemodule’scurrentconfigurationandstatus.
UnauthenticatedRole(UA)
ReadLEDstatus:StatusisprovidedbytheLEDsforinterpretation.
Initiateself‐test:Performedbypowercyclingthearray.
Table6‐SpecificationofServiceInputs&Outputs
Service ControlInput DataInput DataOutput StatusOutput802.11iwithPSK
Headerinfo. Data Data None
LEDStatus None None None RadioandArraypowerandconditionstatus
ManageConfiguration
Instructions ConfigurationData ConfigurationData
ConfigurationStatus
InitiateSelf‐Tests
Power None None Success/failFailurewillcausereboot
DefinitionofCriticalSecurityParameters(CSPs)
CSP DescriptionCryptoOfficerPassword Thisisanoperatordefinedpassword(atleast5characterslong)that
allowsanadministratortologintothemodule.ThepasswordisstoredonEEPROMasMD5one‐wayhash.Destroyedviamanageconfigurationservice.
802.11iPre‐SharedKey(PSK)andDerivedAESSessionKey:
Thesearekeysusedfor802.11iencryptionandintegrityaswellasUserauthentication.ThePSKisentereddirectlybyoperatorviaSSHorHTTPSandisstoredonEEPROMinRC4encryptedform(consideredplaintext).Destroyedviamanageconfigurationservice.
TLSSessionKeys TheseareAES(128or256bits)orTDES(128bits)keysandHMAC‐SHA‐1keysusedtosupportHTTPS.ThesearederivedfromthePre‐MasterSecret.Destroyedviamanageconfigurationservice.
TLSPre‐MasterSecret ThisKeyisusedtoderiveTLSSessionkeys.ItisestablishedbyRSAtransportduringtheTLShandshake.Destroyedviamanageconfigurationservice.
TLSPrivateKey RSAprivatekeyisusedtodecryptTLSpre‐MasterSecret.Destroyedviamanageconfigurationservice.
SSH2SessionKeys TheseareAES(128or256bits)orTDES(128bits)keysandHMAC‐SHA‐1keysusedtosupportSSH2Sessions.Thesearederivedfromthe
Xirrus Xirrus Wi-Fi Array Security Policy Version 1.0 January 28, 2011
Page12
SSH2SharedSecret.Destroyedviamanageconfigurationservice.
SSH2SharedSecret ThisKeyisusedtoderiveSSH2Sessionkeys.ItisestablishedbyDiffie‐HellmanKeyAgreementduringtheSSH2negotiation.Destroyedviamanageconfigurationservice.
SSH2PrivateKey EphemeralDiffieHellmanprivatekeysusedtoestablishtheSSH2SharedSecret.Destroyedviamanageconfigurationservice.
RNGState Randomnumbergeneratorseedandseedkey.Destroyedviamanageconfigurationservice.
PublicKeys Description
SSH2PublicKeys EphemeralDiffie‐HellmanpublickeysusedtoestablishtheSSH2SharedSecret.
RSAPublickey PublickeyusedtoestablishTLSsession.
Xirrus Xirrus Wi-Fi Array Security Policy Version 1.0 January 28, 2011
Page13
Table7–CSPAccessRightswithinRoles&Services
Roles Service CryptographicKeysandCSPsAccess
CO User UA
X 802.11iwithPSK Derive802.11iAESSessionKeyusing802.11iPSK.Encrypt/decryptdatatrafficusing802.11iAESSessionKey.
X ManageConfiguration LoginusingCryptoOfficer'spassword
Enter802.11iPSK
Enter/ChangeCryptoOfficerpasswordvalues.
'Zeroize'allplaintextCSPs.
UseTLSPrivateKey,Pre‐MasterSecretandSessionKeys
UseSSH2PrivateKey,SharedSecretandSessionKeys
X InitiateSelf‐tests None
X LEDStatus None
8.OperationalEnvironmentTheFIPS140‐2Area6OperationalEnvironmentrequirementsarenotapplicablebecausetheXirrusAccessPointdoesnotcontainamodifiableoperationalenvironment.
9.SecurityRulesTheXirrusAccessPoint’sdesigncorrespondstothecryptographicmodule’ssecurityrules.ThissectiondocumentsthesecurityrulesenforcedbythecryptographicmoduletoimplementthesecurityrequirementsofthisFIPS140‐2Level2module.
1. Thecryptographicmoduleshallprovidetwodistinctoperatorroles.ThesearetheUserroleandtheCryptoOfficerrole.
2. Thecryptographicmoduleshallproviderole‐basedauthentication.
3. Whenthemodulehasnotbeenplacedinavalidrole,theoperatorshallnothaveaccesstoanycryptographicservices.
4. Thecryptographicmoduleshallencrypt/decryptdatausingtheAESalgorithm.
Xirrus Xirrus Wi-Fi Array Security Policy Version 1.0 January 28, 2011
Page14
5. Thecryptographicmoduleshallperformthefollowingtests:
A. PowerupSelf‐Tests:
1. Cryptographicalgorithmtests:
i. AESKnownAnswerTest
ii. TDESKnownAnswerTests
iii. RSAKnownAnswerTest
iv. RNGKnownAnswerTest
2. FirmwareIntegrityTest(HMAC‐SHA1)
B. ConditionalSelf‐Tests:i. ContinuoustestsforRNGandNon‐ApprovedRNG.ii. FirmwareLoadTest(HMAC‐SHA1)
6. Uponsuccessfulcompletionofselfteststhesystemstatusledwillbelitsolidgreen.IfaSelf‐testshouldfail,themoduleshallenteranerrorstateandprovideastatusoutputviathesystemLEDblinkingredandsystemmessaging.
7. Atanytimethecryptographicmoduleisinanidlestate,theoperatorshallbecapableofcommandingthemoduletoperformthepower‐upself‐test.
8. AllDataoutputshallbeinhibitedduringpower‐upselftestsanderrorstates.
9. StatusinformationshallnotcontainCSPsorsensitivedatathatifmisusedcouldleadtoacompromiseofthemodule.
10. ThemoduleshallsupporttheuseofApprovedandspecificallyAllowedalgorithmsintheApprovedmodeofoperation.
11. ThemoduleshallnotshareCSPsbetweenmodesofoperation.CSPsshallnotbemaintainedwhenenteringandexitingtheFIPSApprovedModeofOperation.
12. ThefollowingshallnotbesupportedintheFIPSApprovedModeofOperation
i. ManagementoverIAPsii. SNMPv1,v2andv3iii. SSH1iv. SSL2.0and3.0v. RADIUS(Internalandexternal)vi. Telnetvii. FTP,TFTPviii. HTTPix. WEPx. WPATKIPxi. WPAEAPxii. EntryofPSKaspassphrase
13. ThemoduleshallbeconfiguredasdefinedinthePhysicalsecuritysectionofthis
SecurityPolicy.Thetamperevidentsealsandsecuritystrapshallbeinstalledforthe
Xirrus Xirrus Wi-Fi Array Security Policy Version 1.0 January 28, 2011
Page15
moduletooperateinaFIPSApprovedmodeofoperation.
10.PhysicalSecurityPolicyPhysicalSecurityMechanisms
Themulti‐chipstandalonecryptographicmoduleincludesthefollowingphysicalsecuritymechanisms:
Production‐gradecomponentsandproduction‐gradeopaqueenclosure
Tamperevidentseals.
OperatorRequiredActions
Theoperatorisrecommendedtoperiodicallyinspecttamperevidentseals.
Table8–Inspection/TestingofPhysicalSecurityMechanisms
PhysicalSecurityMechanisms
RecommendedFrequencyofInspection/Test
Inspection/TestGuidanceDetails
TamperEvidentSeals 1months Instructionsfortherecommendedinspectionsarelocatedintheoperator’smanual.
OperatorRequiredActions
TheCryptographicOfficerisrequiredtoconfigureandperiodicallyinspectthecryptographicmodule.TamperevidentsealsandsecuritystrapsshallbeincontroloftheCryptographicOfficeratalltimes.
1. Applytwoseals,oneoneithersideoftheArrayabout180°apartfromeachother,as
indicatedinthefiguresbelow.
IMPORTANT: Beforeyouapplythetamper‐evidentseal,cleanthesurfaceareaofany
grease,dirt,oroil.Werecommendusingalcohol‐basedcleaningpadsforthis.EachsealmustbeappliedtostraddlebothsidesofanopeningsothatitwillshowifanattempthasbeenmadetoopentheArray.
Makesurethateachsealstraddlesaseam.
Xirrus Xirrus Wi-Fi Array Security Policy Version 1.0 January 28, 2011
Page16
XN8,XN12,XN16–Eight(8)totalseals
XN8,XN12,XN16–Eight(8)totalseals
XN4–Two(2)totalsealsFigure7–Tamper‐evidentseallocations.
Locationindicatedbyarrowsandcoloredblocks
Tamperseallocationonseams.Two(2)seals,placedonoppositesides.
Tamperseallocationonseams.Two(2)seals,placedonoppositesides.
Tamperseallocationcoveringmountingplateopenings.
Tamperseallocationcoveringmountingplateopenings.Six(6)sealsplaced,Three(3)acrosseachopening.Placelabelsonmountingplatepriortomountingarraybody.
Xirrus Xirrus Wi-Fi Array Security Policy Version 1.0 January 28, 2011
Page17
XN4andXN8,XN12,XN16‐seamlocation XN8,XN12,XN16Mountingplateopenings
Figure8–Tamper‐evidentsealappearance
2. Applythesuppliedtamper‐evidentsecuritystraptotheunitasindicatedinthefigurebelow.Eachmountingplateandarraybodycontainsasinglelockingtab.TheArraybodyismountedtothemountingplateandrotateduntilthemountingplateclicksintoplaceandthelockingtabsarealigned.Thesecuritystrapisthreadedthroughthealignedlockingtabsandthenpulledthroughthestraplockuntilfirmlyaffixed.Thesecuritystrapshouldbepulledtighttodisallowturningofthemountingplate.Tamperevidencemaybeindicatedbyabrokenstraporcrackedlockingtab.
XN4 XN8,XN12,XN16Figure9–Applythesecuritystrapasshownthroughlockingtab
11.MitigationofOtherAttacksPolicyThemodulehasnotbeendesignedtomitigateattacksthatareoutsideofthescopeofFIPS140‐2.
Table9–MitigationofOtherAttacks
OtherAttacks MitigationMechanism SpecificLimitationsN/A N/A N/A
StrapLock
LockingTab
Xirrus Xirrus Wi-Fi Array Security Policy Version 1.0 January 28, 2011
Page18
12.DefinitionsandAcronymsAES AdvancedEncryptionStandardCBC CipherBlockChainingCCM CounterwithCBC‐MACCRC CyclicRedundancyCheckECB ElectronicCode‐BookFIPS FederalInformationProcessingStandardsHMAC Hash‐basedMessageAuthenticationCodeHTTP HypertextTransferProtocolIAP IntegratedAccessPointsLED LightEmittingDiodeMAC MessageAuthenticationCodeMD5 Message‐Digest#5PSK Pre‐SharedKeyRADIUS RemoteAuthenticationDialInUserServiceRC4 ARCFOURRNG RandomNumberGeneratorSHA SecureHashAlgorithmSNMP SimpleNetworkManagementProtocolSSH SecureShellSSL SecureSocketsLayerTDES Triple–DataEncryptionStandardTKIP TemporalKeyIntegrityProtocolTLS TransportLayerSecurityTX/RX Transmit/ReceiveWEP WiredEquivalentPrivacyWi‐Fi IEEE802.11WirelessNetworksWMI WebManagementInterfaceWPA Wi‐FiProtectedAccess