Senetas Corp. Ltd. / SafeNet Inc.
Version 1.32
Page 31 of 43
CN6000 Series Non-Proprietary Security Policy
6.2
Key and CSP zeroization
Zeroization of cryptographic Keys and CSPs is a critical module function that can be initiated by a
Crypto Officer or under defined conditions, carried out automatically. Zeroization is achieved using the
"Zeroization sequence" defined in section 6.2.1 below.
Crypto Officer initiated zeroization will occur immediately when the:
1.
Module Erase command issued from the CLI or remote management application
2.
Front Panel key press Erase sequence is selected
3.
Concealed front panel "Emergency" Erase button is depressed
Automatic zeroization will occur immediately when the module is:
1.
Switched from an Approved to non-Approved mode of operation
2.
Switched from an non-Approved to Approved mode of operation
3.
Physically tampered
The following sections describe the specific events that occur when zeroization initiated. Note
zeroization behaviour is the same whether the module is configured to run in FIPS-Approved or non-
Approved mode.
6.2.1
Zeroization sequence
One initiated the module Zeroization sequence immediately carries out the following:
·
Sets each session (CI) to DISCARD, before zeroizing the DEKs
·
Zeroizes the System Master Key rendering the RSA Private Key, User table (including
authentication passwords) and other CSPs (Certificates, RSA keys) indecipherable
·
Deletes all Certificate information
·
Deletes RSA Private and Public keys, module Configuration and User table
2
·
Automatically REBOOTs the module destroying KEKs, Privacy and Diffie Hellman keys
residing in volatile system memory
6.2.2
Erase command and key press sequence
A Crypto officer can initiate a module Erase remotely using the remote management application or
when physically in the presence of the module using the management console CLI interface or Front
Panel key press Erase sequence.
Zeroization of the module Keys and CSPs and is achieved using the zeroization sequence as defined
in section 6.2.1.
6.2.3
Approved mode of operation
Switching the module to and from the FIPS Approved mode of operation will automatically initiate an
Zeroization sequence to as defined in section 6.2.1 above.
2 The RSA Private and Public keys, Configuration details and User table are encrypted by the System
Master Key which, during an Erase, is the first CSP to be zeroized. Deleting the aforementioned
CSPs is deemed good practise.