2 key storage, 3 key entry and output, 4 key distribution – Nortel Networks NN46120-104 User Manual

10.0 Key Management

249

that the generated keys will be random and that the process used for their
construction will be compatible with FIPS 140-1 requirements. Continuous
random number testing is performed on the output of the hardware RNG
(in the Fastmap chip) as well as on the output of the FIPS-approved ANSI
X9.17 PRNG which is seeded by the RNG. For both continuous tests, the
block size of 64 bits.

10.2 Key Storage

Private keys, symmetric keys and other critical security parameters
will be stored in plaintext within the security envelope in RAM. Private
and symmetric keys may also be stored in Flash, but only when first
3DES3KEY encrypted with the Master Key (MK) of the board. BBRAM is
used to store the Master Key.

10.3 Key Entry and Output

When in the FIPS 140-1 mode, private keys and symmetric keys can
only cross the cryptographic boundary when 3DES3KEY encrypted with
a Key-Wrapping-Key. The Key-Wrapping-Key is generated when the "
Generate Key" command is received by the HSM. The command that is
used to encrypt and output a private or symmetric key is the "Wrap Key"
command. The command that is used to enter and decrypt a private or
symmetric key is the "Unwrap Key" command.

10.4 Key Distribution

To distribute a Key-Wrapping-Key between devices, it is split into two
parts. The two parts, when exclusively ORed together, generate the
Key-Wrapping-Key. The key splitting occurs when the "Write Key Split"
command is first issued by the Security Officer. This command will cause
one of the key parts to be written to an iKey controlled by the Security
Officer. The second key part is written to an iKey controlled by the User.
The Security Officer must logout and the User must login before the
second "Write Key Split" can be performed. The two iKey tokens used
for carrying key parts are labeled with the word "CODE". The two key
parts are then physically carried by separate trusted individuals to another
device. If this device is also an HSM, the two parts may loaded into it
using the "Read Key Split" command. Similarly, this command must be
issued twice, once for the Security Officer and once for the User. Separate
authentications are required for each "Read Key Split" command. After
the second "Read Key Split " command has been successfully completed
the destination device will contain the same Key-Wrapping-Key as the
originating device. Once two or more devices that contain the same
Key-Wrapping-Key, they are said to be in the same family. Devices in
the same family may share other secrets. Secrets are moved between
devices under the control of a Rainbow Technologies key management
utility. The key management utility runs on the host, and uses "Wrap Key"
and "Unwrap" commands to move wrapped keys between devices in the
same family.

Nortel VPN Gateway

User Guide

NN46120-104

02.01

Standard

14 April 2008

Copyright © 2007-2008 Nortel Networks

.