1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Server
  5. SSG5
  6. Manual

Critical Security Parameter (Csp) Definitions; Public Key Definitions; Matrix Creation Of Critical Security Parameter (Csp) Versus The Services (Roles & Identity) - Juniper SSG 5 Manual

Hide thumbs Also See for SSG 5:
Table of Contents

Advertisement

Critical Security Parameter (CSP) Definitions

Below is a list of Critical Security Parameter (CSP) definitions:
IPSEC HMAC SHA-1 Key: Used by IPsec for data integrity.
IPSEC ESP Key: Triple-DES, and AES for user traffic encryption.
IKE Pre-Shared Key: Used during the IKE protocol to establish cryptographic keys to be
used by IKE.
IKE Encryption Key: Triple-DES, and AES for peer-to-peer IKE message encryption.
IKE HMAC SHA-1 Key: Used by IKE for data integrity.
Password: Crypto-Officer and User passwords.
SSH Server/Host DSA Private Key: Used to create digital signatures.
SSH Encryption Key: Triple-DES encryption key to encrypt telnet commands.
SSH HMAC SHA-1 Key: Used by SSH for data integrity.
HA Key: AES Encryption key for HA data.
IKE RSA/DSA/ECDSA Private Key: RSA/DSA/ECDSA key used in IKE identity
authentication.
Diffie Hellman Private Key Components: Used during the DH key agreement protocol.
PRNG Seed and Seed Key: Used during the ANSI X9.31 generation of pseudo random
numbers.
RADIUS Secret Key: Used to authenticate exchanges with the RADIUS server

Public Key Definitions

Below is a list of the public keys utilized by the module:
Firmware Authentication Key: Used by the device to verify DSA signatures over
firmware images.
CA DSA/RSA Public Key: Used by IKE to authenticate a peer's certificate.
Local DSA/RSA/ECDSA Public Key: Used by the IKE peer to verify digital signatures.
SSH Server/Host DSA Public Key: Used by the SSH client to verify digital signatures.
SSH Client DSA Public Key: Used by the device to verify digital signatures.
Diffie Hellman Public Key Components: Used by the DH Key Agreement protocol.
Matrix Creation of Critical Security Parameter (CSP) versus the
Services (Roles & Identity)
The following matrices define the set of services to the CSP of the module, providing information on
generation, destruction and usage. They also correlate the User roles and the Crypto-Officer roles to
the set of services to which they have privileges.
The matrices use the following convention:
G: Generate
D: Delete
Juniper Networks SSG 5 and SSG 20 Security Policy
17
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Juniper SSG 5

Related Content for Juniper SSG 5

This manual is also suitable for:

Ssg 20

Table of Contents