Cryptographic support (FCS)

60 The TOE shall meet the requirement “Cryptographic key generation (FCS_CKM.1)” as specified below (Common Criteria Part 2).

61 FCS_CKM.1/SM Cryptographic key generation – Secure Messaging Keys Hierarchical to: No other components.

FCS_CKM.1.1/

SM

The TSF shall generate cryptographic keys in accordance with a specified cryptographic key generation algorithm card-to-card authentication with secure messaging⁹ and specified cryptographic key sizes 112 bit¹⁰ that meet the following: [6], Sections 3.6, 3.7 ¹¹.

Dependencies: [FCS_CKM.2 Cryptographic key distribution or FCS_COP.1 Cryptographic operation]

FCS_CKM.4 Cryptographic key destruction FMT_MSA.2 Secure security attributes

62 Application note 11: The Key Generation is done during a mutual authentication with trusted channel establishment according to section 3.6 or 3.7 of the eHC specification, part 2 ([6]). The Authentication Protocol produces agreed parameters to generate the Triple-DES encryption key and the Retail-MAC message authentication keys for secure messaging. The algorithm uses random numbers generated by the TSF as required by FCS_RND.1.

63 The TOE shall meet the requirement “Cryptographic key destruction (FCS_CKM.4)” as specified below (Common Criteria Part 2).

64 FCS_CKM.4 Cryptographic key destruction Hierarchical to: No other components.

FCS_CKM.4.1 The TSF shall destroy cryptographic keys in accordance with a specified cryptographic key destruction method [assignment: cryptographic key destruction method] that meets the following: [assignment: list of standards].

9 [assignment: cryptographic key generation algorithm]

10 [assignment: cryptographic key sizes]

11 [assignment: list of standards]

Dependencies: [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or FCS_CKM.1 Cryptographic key generation]

FMT_MSA.2 Secure security attributes

65 Application note 12: The TOE shall destroy the Triple-DES encryption session key and the Retail-MAC message authentication session keys for secure messaging after reset or termination of secure messaging session or reaching fail secure state according to FPT_FLS.1.

66 The TOE shall meet the requirement “Cryptographic operation (FCS_COP.1)” as specified below (Common Criteria Part 2). The iterations are caused by different cryptographic algorithms to be implemented by the TOE.

67 FCS_COP.1/SHA Cryptographic operation – Hash Algorithm Hierarchical to: No other components.

FCS_COP.1.1/

SHA

The TSF shall perform hashing¹² in accordance with a specified cryptographic algorithm SHA-1 ¹³ and cryptographic key sizes none ¹⁴ that meet the following: FIPS 180-2 ¹⁵.

Dependencies: [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or

FCS_CKM.1 Cryptographic key generation]

FCS_CKM.4 Cryptographic key destruction FMT_MSA.2 Secure security attributes

Application note 13: This SFR requires the TOE to implement the hash function SHA-1.

Application note 14: Depending on the publication of the RegTP on algorithms suitable for electronic signatures [14], additional hash functions may be specified by the author of a Security Target.

68 FCS_COP.1/CCA_SIGN Cryptographic operation – Digital Signature-Creation for Card-to-Card Authentication

Hierarchical to: No other components.

12 [assignment: list of cryptographic operations]

13 [assignment: cryptographic algorithm]

14 [assignment: cryptographic key sizes]

15 [assignment: list of standards]

FCS_COP.1.1/

CCA_SIGN

The TSF shall perform digital signature-creation ¹⁶ in accordance with a specified cryptographic algorithm RSA ¹⁷ and cryptographic key sizes [assignment: cryptographic key sizes] that meet the following: ISO/IEC9796-2 (DS scheme 1) ¹⁸.

Dependencies: [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or

FCS_CKM.1 Cryptographic key generation]

FCS_CKM.4 Cryptographic key destruction FMT_MSA.2 Secure security attributes

Application note 15: This SFR requires the TOE to implement the RSA for the cryptographic primitive of the digital signature-creation for the card-to-card authentication mechanism according the eHC specification, part 2 ([6]).

69 FCS_COP.1/CCA_VERIF Cryptographic operation – Digital Signature-Verification for Card-to-Card Authentication

Hierarchical to: No other components.

FCS_COP.1.1/

CCA_VERIF

The TSF shall perform digital signature-verification ¹⁹ in accordance with a specified cryptographic algorithm RSA ²⁰ and cryptographic key sizes [assignment: cryptographic key sizes] that meet the following: ISO/IEC9796-2 (DS scheme 1) ²¹.

Dependencies: [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or

FCS_CKM.1 Cryptographic key generation]

FCS_CKM.4 Cryptographic key destruction FMT_MSA.2 Secure security attributes

70 Application note 16: This SFR requires the TOE to implement the RSA for the cryptographic primitive of the digital signature-verification for the card-to-card authentication mechanism according to eHC specification, part 2 ([6]).

16 [assignment: list of cryptographic operations]

17 [assignment: cryptographic algorithm]

18 [assignment: list of standards]

19 [assignment: list of cryptographic operations]

20 [assignment: cryptographic algorithm]

21 [assignment: list of standards]

71 FCS_COP.1/CSA Cryptographic operation – Digital Signature-Creation for Client-Server Authentication

Hierarchical to: No other components.

FCS_COP.1.1/

CSA

The TSF shall perform digital signature-creation ²² in accordance with a specified cryptographic algorithm RSA ²³ and cryptographic key sizes [assignment: cryptographic key sizes] that meet the following: PKCS#1 [19] ²⁴.

Dependencies: [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or

FCS_CKM.1 Cryptographic key generation]

FCS_CKM.4 Cryptographic key destruction FMT_MSA.2 Secure security attributes

72 Application note 17: This SFR requires the TOE to implement the RSA for the cryptographic primitive of the digital signature-creation for the client-server authentication mechanism according to eHC specification, Part 2 [6].

73 FCS_COP.1/RSA_DEC Cryptographic operation – RSA Decryption Hierarchical to: No other components.

FCS_COP.1.1/

RSA_DEC

The TSF shall perform decryption ²⁵ in accordance with a specified cryptographic algorithm RSA ²⁶ and cryptographic key sizes [assignment: cryptographic key sizes] that meet the following:

PKCS#1, [19] ²⁷.

Dependencies: [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or

FCS_CKM.1 Cryptographic key generation]

FCS_CKM.4 Cryptographic key destruction FMT_MSA.2 Secure security attributes

74 Application note 18: This SFR requires the TOE to implement the RSA for the cryptographic primitive of the RSA decryption.

22 [assignment: list of cryptographic operations]

23 [assignment: cryptographic algorithm]

24 [assignment: list of standards]

25 [assignment: list of cryptographic operations]

26 [assignment: cryptographic algorithm]

27 [assignment: list of standards]

75 FCS_COP.1/TDES Cryptographic operation – TDES Encryption / Decryption Hierarchical to: No other components.

FCS_COP.1.1/

TDES

The TSF shall perform encryption and decryption ²⁸ in accordance with a specified cryptographic algorithm Triple-DES in CBC mode ²⁹ and cryptographic key sizes 112 bit ³⁰ that meet the following: FIPS 46-3 [16] ³¹.

Dependencies: [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or

FCS_CKM.1 Cryptographic key generation]

FCS_CKM.4 Cryptographic key destruction FMT_MSA.2 Secure security attributes

76 Application note 19: This SFR requires the TOE to implement the cryptographic primitive for secure messaging and for possible other uses of TDES.

77 FCS_COP.1/MAC Cryptographic operation – Retail MAC Hierarchical to: No other components.

FCS_COP.1.1/

MAC

The TSF shall perform generation and verification of message authentication code ³² in accordance with a specified cryptographic algorithm Retail MAC ³³ and cryptographic key sizes 112 bit ³⁴ that meet the following: ANSI X9.19 with DES³⁵.

Dependencies: [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or

FCS_CKM.1 Cryptographic key generation]

FCS_CKM.4 Cryptographic key destruction FMT_MSA.2 Secure security attributes

78 Application note 20: This SFR requires the TOE to implement the cryptographic primitive for secure messaging.

28 [assignment: list of cryptographic operations]

29 [assignment: cryptographic algorithm]

30 [assignment: cryptographic key sizes]

31 [assignment: list of standards]

32 [assignment: list of cryptographic operations]

33 [assignment: cryptographic algorithm]

34 [assignment: cryptographic key sizes]

35 [assignment: list of standards]

79 The TOE shall meet the requirement “Quality metric for random numbers (FCS_RND.1)” as specified below (Common Criteria Part 2 extended).

80 FCS_RND.1 Quality metric for random numbers Hierarchical to: No other components.

FCS_RND.1.1 The TSF shall provide a mechanism to generate random numbers that meet [assignment: a defined quality metric].

Dependencies: No dependencies.

81 Application note 21: This SFR requires the TOE to generate random numbers used for (i) the authentication protocols as required by FIA_UAU.4, and (ii) the key agreement FCS_CKM.1/SM for secure messaging. The quality metric shall be chosen to ensure the strength of function high.