Key Storage; Key Zeroization - Enterasys X-Pedition XSR-1805 Owner's Manual

If the master encryption key is generated within the module, the module
outputs the key to the console as soon as the key is generated in order for
the Crypto Officer to note down and store the key securely outside of the
module. This is required, since the Crypto Officer must enter the current
key before changing or removing it. The master secret key can only be
configured through the serial console or over an SSH tunnel.

Key Storage

The three-key Triple-DES key encryption key used to encrypt the master
encryption key is hard-coded in plaintext form. The master encryption key
is stored encrypted in the extended NVRAM of the Real Time Clock chip.
This 3-key Triple-DES key is used to encrypt the user data, certificates,
and host key database files (user.dat, cert.dat and hostkey.dat) stored in
Flash. Hostkey.dat contains the DSA host key pair, cert.dat contains the
certificates (including the module's RSA key pair), and user.dat contains
all other CSPs set for the users (pre-shared keys and passwords).
The master encryption key is also used to encrypt the load test HMAC
SHA-1 key, which is also stored in the NVRAM of the Real Time Clock
chip.
The CLI passwords are stored in plaintext form in the startup-config file in
Flash. The SNMP passwords are stored in plaintext form in the private-
config file in Flash. The Bootrom password is stored in NVRAM of the
Real Time Clock.
Session keys are stored in plaintext form in RAM.

Key Zeroization

The CSPs contained within the database files and the load test HMAC
SHA-1 key do not need to be zeroized, since they are encrypted with the
master encryption key. The master encryption key can be zeroized by
either overwriting the key with a new one, removing it through the CLI, or
by pressing the default configuration button (XSR-18xx only) or entering
the bootrom password incorrectly five times (XSR-3250). Pressing this
button reboots the module and enforces default configuration. The hard-
coded key encryption key used to encrypt the master encryption key can
be zeroized by formatting the Flash file system or CompactFlash card.
Passwords can be zeroized by overwriting them with new ones or by
pressing the default configuration button (XSR-18xx only).
Session keys can be zeroized by rebooting the module.
Enterasys Networks
© Copyright 2003
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Page 19 of 25