Dependency Rationale

SFR Dependencies Support of the Dependencies

FCS_CKM.1/SM [FCS_CKM.2 Cryptographic key distribution or FCS_COP.1 Cryptographic operation], FCS_CKM.4 Cryptographic key destruction

FCS_CKM.4, FCS_COP.1/Sym and FCS_COP.1/MAC

FCS_CKM.4 [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or FCS_CKM.1 Cryptographic key generation]

FCS_CKM.1

FCS_COP.1/Hash [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or FCS_CKM.1 Cryptographic key generation], FCS_CKM.4 Cryptographic key destruction

justification The cryptographic algorithm for hashing does not use any cryptographic key. Therefore none of the listed SFR are needed to be defined for this specific instantiation of FCS_COP.1. for non-satisfied dependencies

FCS_COP.1/CCA_SIGN [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or FCS_CKM.1 Cryptographic key generation], FCS_CKM.4 Cryptographic key

FCS_COP.1/Asym_DEC use keys which are loaded or generated during the personalisation and are not updated or deleted over the life time of the TOE. Therefore none of the listed SFR are needed to be defined for this specific instantiations of FCS_COP.1. for non-satisfied dependencies

FCS_COP.1/CCA_VERIF [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or FCS_CKM.1 Cryptographic key generation], FCS_CKM.4 Cryptographic key

FCS_COP.1/Asym_DEC use keys which are loaded or generated during the personalisation and are not updated or deleted over the life time of the TOE. Therefore none of the listed SFR are needed to be defined for this specific instantiations of FCS_COP.1. for non-satisfied dependencies

FCS_COP.1/CSA [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with

justification The SFR

FCS_COP.1/CCA_SIGN,

SFR Dependencies Support of the Dependencies

security attributes or FCS_CKM.1 Cryptographic key generation], FCS_CKM.4 Cryptographic key destruction

FCS_COP.1/CCA_VERIF,

FCS_COP.1/CSA and

FCS_COP.1/Asym_DEC use keys which are loaded or generated during the personalisation and are not updated or deleted over the life time of the TOE. Therefore none of the listed SFR are needed to be defined for this specific instantiations of FCS_COP.1. for non-satisfied dependencies

FCS_COP.1/Asym_DEC [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or FCS_CKM.1 Cryptographic key generation], FCS_CKM.4 Cryptographic key

FCS_COP.1/Asym_DEC use keys which are loaded or generated during the personalisation and are not updated or deleted over the life time of the TOE. Therefore none of the listed SFR are needed to be defined for this specific instantiations of FCS_COP.1. for non-satisfied dependencies

FCS_COP.1/Sym [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or FCS_CKM.1 Cryptographic key generation], FCS_CKM.4 Cryptographic key destruction

FCS_CKM.1, FCS_CKM.4

FCS_COP.1/MAC [FDP_ITC.1 Import of user data without security attributes or FDP_ITC.2 Import of user data with security attributes or FCS_CKM.1 Cryptographic key generation], FCS_CKM.4 Cryptographic key destruction

FCS_CKM.1, FCS_CKM.4

FCS_RND.1 -

-FIA_AFL.1/PIN FIA_UAU.1 Timing of authentication fulfilled

FIA_AFL.1/PUC FIA_UAU.1 Timing of authentication fulfilled

FIA_ATD.1 -

-FIA_UID.1 -

-SFR Dependencies Support of the Dependencies

FIA_UAU.4 -

-FDP_ACC.2 FDP_ACF.1 Security attribute based access control

fulfilled

FDP_ACF.1 FDP_ACC.1 Subset access control, FMT_MSA.3

Static attribute initialization

FDP_ACC.2, justification The access control TSF according to FDP_ACF.1 access control, or FDP_IFC.1 Subset information flow control]

Fulfilled by FTP_ITC.1 and FDP_ACC.2

FDP_UIT.1 [FTP_ITC.1 Inter-TSF trusted channel, or FTP_TRP.1 Trusted path], [FDP_ACC.1 Subset access control, or FDP_IFC.1 Subset information flow control]

Fulfilled by FTP_ITC.1 and FDP_ACC.2

FTP_ITC.1 -

-FMT_SMF.1 -

-FMT_SMR.1 FIA_UID.1 Timing of identification fulfilled

FMT_LIM.1 FMT_LIM.2 fulfilled

FMT_LIM.2 FMT_LIM.1 fulfilled

FMT_MTD.1/Ini FMT_SMF.1 Specification of management functions, FMT_SMR.1 Security roles

fulfilled

FMT_MTD.1/PIN FMT_SMF.1 Specification of management functions, FMT_SMR.1 Security roles

fulfilled

FMT_MTD.1/Pers FMT_SMF.1 Specification of management functions, FMT_SMR.1 Security roles

fulfilled

FMT_MTD.1/CMS FMT_SMF.1 Specification of management fulfilled

SFR Dependencies Support of the Dependencies

functions, FMT_SMR.1 Security roles

FMT_MTD.1/KEY_MOD FMT_SMF.1 Specification of management functions, FMT_SMR.1 Security roles

fulfilled

FPT_EMSEC.1 -

-FPT_FLS.1 -

-FPT_PHP.3 -

-FPT_TST.1 -

-Table 7: Dependency rationale overview Justification for non-satisfied dependencies:

No. 1: The cryptographic algorithm for hashing does not use any cryptographic key.

Therefore none of the listed SFR are needed to be defined for this specific instantiation of FCS_COP.1.

No. 2: The SFR FCS_COP.1/CCA_SIGN, FCS_COP.1/CCA_VERIF,

FCS_COP.1/CSA and FCS_COP.1/Asym_DEC use keys which are loaded or generated during the personalisation and are not updated or deleted over the life time of the TOE. Therefore none of the listed SFR are needed to be defined for this specific instantiations of FCS_COP.1.

No. 3: The access control TSF according to FDP_ACF.1 uses security attributes which are defined during the personalization and are fixed over the whole life time of the TOE. No management of these security attribute (i.e. SFR FMT_MSA.3) is necessary here.

573 574

575

576