Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Juniper Networks product information about Dual_EC_DRBG

0

0

Article ID: KB28205 KB Last Updated: 05 Mar 2017Version: 7.0
Summary:
Juniper will use this document to comment on whether Dual Elliptic Curve Deterministic Random Bit Generator (aka Dual_EC_DRBG) is used by any Juniper Networks products.
Solution:

Due to recent statements (top of page #2) by the US National Institute of Standards and Technology (NIST) concerning the security of the Dual_EC_DRBG cryptographic algorithm, Juniper Networks would like to make the following statements:

The following product families do not utilize Dual_EC_DRBG:
  1. Junos - Any product running Junos OS
  2. Junos Pulse Secure Access Service (SSL-VPN / IVE OS)
  3. Junos Pulse Access Control Service (UAC)
  4. Junos Pulse
  5. Junos Space
  6. JunosE
  7. CTP/CTPView
The following product families do utilize Dual_EC_DRBG, but do not use the pre-defined points cited by NIST:
  1. ScreenOS*
* ScreenOS does make use of the Dual_EC_DRBG standard, but not in a way that should be vulnerable to the possible issues described by NIST. Instead of using the NIST recommended curve points, ScreenOS uses self-generated basis points.
Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search