Dependency Rationale

SFR Dependencies Support of the

Dependencies

FCS_RNG.1 No dependencies n. a.

FCS_COP.1/SHA [FDP_ITC.1 Import of user data without security attributes, or FDP_ITC.2 Import of user data with security attributes, or not use any cryptographic key. Therefore none of the listed SFRs are needed to be defined for this specific instantiation of

FCS_COP.1/SHA.

FCS_COP.1/CCA_SIGN [FDP_ITC.1 Import of user data without security attributes, or FDP_ITC.2 Import of user data with security attributes, or is used for authentication of the TOE to other entities and therefore the key is TSF-data. The private key is written during

initialisation (cf.

OE.Pers_CAMS).

FCS_COP.1/CCA_VERIF [FDP_ITC.1 Import of user data without security attributes, or FDP_ITC.2 Import of user data with

FCS_CKM.4,

FCS_COP.1/CCA_VERIF is used for authentication

SFR Dependencies Support of the

and therefore the keys are TSF-data. The root public key is written during initialization (cf.

OE.Pers_CAMS) and the other public keys are imported according to FPT_TDC.1.

FCS_COP.1/3TDES [FDP_ITC.1 Import of user data without security attributes, or FDP_ITC.2 Import of user data with security attributes, or according to the used authentication method, FCS_CKM.4

FCS_COP.1/RMAC [FDP_ITC.1 Import of user data without security attributes, or FDP_ITC.2 Import of user data with security attributes, or according to the used authentication method,

SFR Dependencies Support of the

Generated keys are used for FCS_COP.1/3TDES and FCS_COP.1/RMAC in case of SM keys and FCS_CKM.1/Sym_Auth in case of introduction keys.

FCS_CKM.4

FCS_CKM.4 [FDP_ITC.1 Import of

user data without security attributes or FCS_CKM.1 Cryptographic key

generation]

FCS_CKM.1

FCS_COP.1/Sign [FDP_ITC.1 Import of user data without security attributes, or FDP_ITC.2 Import of user data with security attributes, or

FCS_COP.1/CSA [FDP_ITC.1 Import of user data without security attributes, or

FCS_CKM.1/AKP, FCS_CKM.4

SFR Dependencies Support of the Dependencies FDP_ITC.2 Import of

user data with security attributes, or

FCS_COP.1/RSA_DEC [FDP_ITC.1 Import of user data without security attributes, or FDP_ITC.2 Import of user data with security attributes, or uses keys, which are loaded or generated during the personalisation and not updated or deleted over the life time of the TOE.

Therefore none of the listed SFRs needed to be defined for this specific instantiations of

FCS_COP.1.

FCS_COP.1/RSA_TRANS [FDP_ITC.1 Import of user data without security attributes, or FDP_ITC.2 Import of user data with security attributes, or uses private keys, which are loaded or generated during the personalisation and not updated or deleted over the lifetime of the TOE. Therefore none of the listed SFRs needed to be defined for this specific instantiations of

FCS_COP.1. The public key is imported according to FDP_ITC.1.

FIA_AFL.1/CH FIA_UAU.1 Timing of authentication

fulfilled

SFR Dependencies Support of the Dependencies FIA_AFL.1/CH_PUK FIA_UAU.1 Timing of

authentication

fulfilled

FIA_AFL.1/QES FIA_UAU.1 Timing of authentication

fulfilled

FIA_AFL.1/QES_PUK FIA_UAU.1 Timing of authentication

fulfilled

FIA_SOS.1 No dependencies n. a.

FIA_ATD.1 No dependencies n. a.

FIA_UID.1 No dependencies n. a.

FIA_UAU.1 FIA_UID.1 Timing of

identification

fulfilled

FIA_UAU.4 No dependencies n. a.

FIA_UAU.5 No dependencies n. a.

FIA_UAU.6 No dependencies n. a.

FIA_API.1 No dependencies n. a.

FDP_ACC.1/Sign FDP_ACF.1 Security attribute based access control

FDP_ACF.1/Sign

FDP_ACF.1/Sign FDP_ACC.1 Subset access control, FMT_MSA.3 Static attribute initialization

FDP_ACC.1/Sign, FMT_MSA.3

FDP_ACC.1/CH FDP_ACF.1 Security attribute based access control

FDP_ACF.1/CH

FDP_ACF.1/CH FDP_ACC.1 Subset

access control, FMT_MSA.3 Static attribute initialisation

FDP_ACC.1/CH, FMT_MSA.3

FDP_UCT.1 [FTP_ITC.1 Inter-TSF

trusted channel, or

SFR Dependencies Support of the Dependencies information flow control]

FDP_UIT.1 [FTP_ITC.1 Inter-TSF

trusted channel, or

FDP_ITC.1 [FDP_ACC.1 Subset

access control, or

FDP_ETC.1 [FDP_ACC.1 Subset

access control, or FDP_IFC.1 Subset

information flow control]

FDP_ACC.1/Sign and FDP_ACC.1/CH

FDP_RIP.1 No dependencies n. a.

FDP_SDI.2 No dependencies n. a.

FMT_SMF.1 No dependencies n. a.

FMT_SMR.1 FIA_UID.1 Timing of

identification

fulfilled

FMT_LIM.1 FMT_LIM.2 fulfilled

FMT_LIM.2 FMT_LIM.1 fulfilled

FMT_MSA.1 [FDP_ACC.1 Subset

access control, or

FMT_MSA.2 [FDP_ACC.1 Subset FDP_ACC.1/CH,

SFR Dependencies Support of the

SFR Dependencies Support of the Dependencies FMT_SMR.1 Security

roles

FMT_MTD.1/RPK_MOD FMT_SMF.1 Specification of

Management Functions, FMT_SMR.1 Security roles

fulfilled

FMT_MTD.1/PIN FMT_SMF.1

Specification of

Management Functions, FMT_SMR.1 Security roles

fulfilled

FPT_EMSEC.1 No dependencies n. a.

FPT_FLS.1 No dependencies n. a.

FPT_PHP.1 No dependencies n. a.

FPT_PHP.3 No dependencies n. a.

FPT_TDC.1 No dependencies n. a.

FPT_TST.1 No dependencies n. a.

FTP_ITC.1 No dependencies n. a.

Table 8: Dependency rationale overview