P R E M I E R M I N I S T R E Secrétariat général de la défense nationale Paris, 7 April 2003 872 /SGDN/DCSSI/SDR Reference : SIG/P/01.1 Direction centrale de la sécurité des systèmes d’information
PROCEDURE
C
ERTIFICATION OF THE CONFORMITY OF ELECTRONIC SIGNATURE CREATION DEVICESSubject
: Certification of the conformity of electronic signature creation devices
Application :
From 7 April 2003Circulation : Public
Modifications
Version
Date
Modifications
TABLE OF CONTENTS
1. PURPOSE OF THE PROCEDURE ... 4
2. CONTEXT ... 4
2.1. Legal context... 4
2.2. The Two Levels for Electronic Signatures... 4
2.2.1. The “Simple” Electronic Signature ... 4
2.2.2. The “Presumed Reliable” Electronic Signature ... 4
2.3. The European Context... 5
3. PROCEDURE FOR AWARDING A CERTIFICATE OF CONFORMITY ... 5
3.1. Requirements Concerning the Secure Electronic Signature Creation Device... 5
3.2. Insertion in the French Certification Scheme... 5
3.3. Format of the Certificate of Conformity ... 5
3.4. Conditions for Awarding a Certificate of Conformity ... 6
3.5. Organisms Awarding the Certificate of Conformity ... 6
3.6. Validity of the Certificate of Conformity... 6
4. DCSSI’S RECOMMENDATIONS... 7
4.1. Recommendations Concerning Protection Profiles... 7
4.2. Recommendation Concerning Cryptographic Algorithms... 7
4.3. Requirements Concerning Other Protection Profiles or Security Targets... 7
4.4. Use of Other Certification Standards ... 7
APPENDIX A TABLE SHOWING RECOMMENDED PROTECTION PROFILES ... 8
APPENDIX B ABBREVIATIONS ... 9
1.
Purpose of the Procedure
This procedure defines the procedure for awarding a certificate of conformity to the requirements of article 3.I of French decree no. 2001-272 of 30 March 2001, relating to electronic signatures, for secure electronic signature creation devices.
2.
Context
2.1.
Legal context
The European directive of 13 December 1999 on a European framework for electronic signatures was transposed by French law no. 2000-230 of 13 March 2000 and application decree no. 2001-272 of 30 March 2001.
French law no. 2000-230 defines two levels of electronic signature processes recognised by the law, presented in paragraph 2.2 :
• “simple” electronic signatures,
• “presumed reliable” electronic signatures.
French decree no. 2001-272 states the conditions required for an electronic signature to be presumed reliable. One of these conditions is that the secure signature creation device (SSCD) be certified as conforming to the requirements laid down in appendix III of the European Directive and reiterated in art. 3.I of decree no. 2001-272.
2.2.
The Two Levels for Electronic Signatures
2.2.1.
The “Simple” Electronic Signature
Article 4 of French law no. 2000-230 of 13 March 2000 defines an electronic signature in the following terms (courtesy translation):
“If it [the signature] is electronic, it consists in using a reliable means of identification guaranteeing its link with the action to which it is attached.”
At this level, the electronic signature process is not presumed reliable but the text thus signed in electronic form may not be refused as evidence in court if the process makes it possible to identify the signatory and guarantee the link with the action signed. In the event of a dispute, it is up to the signatory to prove the reliability of the electronic signature process used.
2.2.2.
The “Presumed Reliable” Electronic Signature
Article 4 of French law no. 2000-230 of 13 March 2000 specifies that the burden of proof may be inversed in the event of a dispute under certain conditions defined by decree (courtesy translation):
“This process is presumed reliable, until proven to the contrary, if the electronic signature is created, the identity of the signatory assured and the integrity of the action guaranteed, under terms fixed by order with obligatory consultation of the Council of State.”
Article 2 of the French decree of 30 March 2001 defines the conditions under which the electronic signature process is considered reliable:
• the electronic signature is secure,
• the signature creation device used to establish the electronic signature is secure,
• verification of the electronic signature is based on use of a qualified electronic certificate. This procedure shall only address the condition stated in the second point.
In order for a signature creation device to be recognised as secure, it must fulfil a certain number of requirements described in art. 3.I of decree no. 2001-272 (cf. § 3.1) and be certified as conforming to these requirements.
The purpose of this document is to describe the procedure by which the DCSSI awards certificates of conformity.
2.3.
The European Context
The DCSSI bases its work on that of the EESSI (European Electronic Signature Standardization Initiative), a European standardization initiative launched by the European Commission following European Directive 1999/93/EC. The EESSI has produced several documents, some of which have been applied by the DCSSI. In accordance with Directive 1999/93/EC, the European Commission should have published standards in the Official Journal of the European Union, after consultation of the Committee created in article 9 of the directive and composed of Member State representatives. Devices certified as conforming to these standards will be presumed to conform to the requirements the directive. The European Commission has to date not, however, published any decision on this subject.
In accordance with article 3.II.2 of decree no. 2001-272 (transposition of article 3.4 of the European directive), this certificate of conformity is recognised in each Member State.
3.
Procedure for Awarding a Certificate of Conformity
3.1.
Requirements Concerning the Secure Electronic Signature Creation Device
Article 3.I of French decree no. 2001-272 lays down the requirements that the secure electronic signature creation device must fulfil (courtesy translation):
“A secure electronic signature creation device must:
1. Guarantee via technical means and appropriate procedures that the electronic signature creation data:
a. Cannot be established more that once and that its confidentiality is ensured;
b. Cannot be discovered by deduction and that the electronic signature is protected against any forgery;
c. Can be adequately protected by the signatory against any use by a third party.
2. Not entail any alteration of the content to be signed or prevent the signatory from having full knowledge thereof before signing.”
The requirements listed above shall hereinafter be referred to as the “requirements of the decree”.
The SSCD shall be considered as consisting of the module making it possible to create the electronic signature creation and verification data and generate the electronic signature. We therefore exclude from the scope of the SSCD the application piloting the afore-mentioned module, the operating system on which the application is installed as well as all devices found in the SSCD’s environment. On the other hand, the transmission channel between the SSCD and the electronic signature application must be secure, i.e. the integrity of the data to sign transmitted by the application to the SSCD must be protected, unless the SSCD is in a protected environment (with the service provider’s premises). This requirement is only verified during the evaluation of the SSCD if the latter is to be used in an open environment (with the final user).
3.2.
Insertion in the French Certification Scheme
In the framework of French decree no. 2002-535, the evaluation of the device must take place in a DCSSI-licensed evaluation facility. These evaluation facilities conduct evaluations following standardised criteria: either the ITSEC (used less and less) or the ISO/IEC 15408 standard (also called “Common Criteria” (CC)). The evaluation ensures that a product conforms to a security target, which itself may conform to a protection profile.
The evaluation is conducted prior to the awarding of a certificate of conformity to the decree and must be based on a security target which covers fully the requirements of the decree and which offers an acceptable level of assurance according to the chosen environment.
3.3.
Format of the Certificate of Conformity
The certificate of conformity awarded by the DCSSI is in the form of a separate document in addition to the CC or ITSEC certificate awarded for the product itself.
The certificate of conformity mentions the functions for which it is awarded and the certification report relating to the CC or ITSEC certification on which it is based.
If the sponsor only has part of the device evaluated (electronic signature creation data generation function or electronic signature creation function), it will be awarded a certificate mentioning the function covered by the device. The device must be used with another device that has also obtained a certificate of conformity mentioning the other, complementary function.
3.4.
Conditions for Awarding a Certificate of Conformity
The evaluation of the module may give rise to two scenarios:
• The security target, drawn up by the evaluation sponsor, conforms to one of the protection profiles recommended by the DCSSI. In this case, the security target is presumed to conform to the requirements of the decree, and the certificate of conformity may be attributed after the evaluation and certification of the device based on this security target;
• The sponsor may propose a security target which does not conform to one of the protection profiles recommended by the DCSSI. In this case, it must prove that the target fulfils the requirements of decree no. 2001-272. The DCSSI awards the conformity certificate if this proof is supplied and if the device is certified based on this security target.
In addition, the certificate of conformity to the decree is only awarded after the DCSSI accepts the algorithms used. Cryptographic analysis is obligatory and is carried out by the DCSSI according to an application note on cryptology for the scheme.
If the device has been awarded a CC or ITSEC certificate by another country, the DCSSI reserves the right to conduct an analysis of the algorithms used before awarding the certificate of conformity to decree no. 2001-272.
3.5.
Organisms Awarding the Certificate of Conformity
Article 3.II of French decree no. 2001-272 specifies the terms according to which the electronic signature creation device is certified as conforming to the requirements of the decree, as follows (courtesy translation):
“A secure electronic signature creation device must be certified as conforming to the requirements defined in I:
1. Either by the Prime Minister, under the terms set forth in decree no. 2002-535 of 18 April 2002 relating to evaluation and certification of security provided by information technology products and systems. The awarding of the certificate of conformity is made public.
2. Or by a body appointed to this effect by an EC Member State.”
Decree no. 2002-535 appoints the DCSSI to this effect.
3.6.
Validity of the Certificate of Conformity
The certificate of conformity to the decree is linked to the CC or ITSEC certificate. However, the state of the art with regard to attacks, for which the CC or ITSEC certificate is awarded, can evolve very quickly.
As a result of this, the CC or ITSEC certificate, on the basis of which the certificate of conformity is awarded, must be subject to a monitoring process which is defined in a procedure under the certification scheme. The DCSSI can, therefore, at any time demand an additional evaluation of the device if it considers that the state of the art has significantly changed.
The certificate of conformity is revoked in the event of a failure in the monitoring process or of any fact brought to the attention of the DCSSI calling into question the module’s conformance to the requirements laid down by the decree.
4.
DCSSI’s Recommendations
4.1.
Recommendations Concerning Protection Profiles
The DCSSI recommends protection profiles, set forth in the table in Appendix A, taking into account the environment in which the target is used and the functions for which they have been written.
There are two types of environment: • The environment of the final user,
• The environment of the certification service provider (CSP).
On the other hand, a complete secure electronic signature creation device must ensure at least the following functions:
• Generation of electronic signature creation data (security key) and verification data (public key), • Electronic signature creation data.
Each of these functions can be executed by a separate module and give rise to a certificate of conformity (cf. § 3.3).
4.2.
Recommendation Concerning Cryptographic Algorithms
The DCSSI encourages using the document produced by the EESSI on algorithms recommended for electronic signatures entitled “Algorithms and Parameters for Secure Electronic Signatures”. This guide:
• Lists existing acceptable algorithms for electronic signatures and the minimum size of keys to use for these algorithms,
• States the length of validity of the recommended algorithms.
For each request for a certificate of conformity to the decree, the DCSSI demands a cryptographic analysis (cf § 3.4), which must attain level “high”.
4.3.
Requirements Concerning Other Protection Profiles or Security Targets
In the event that the sponsor proposes a target which does not conform to one of the protection profiles recommended by the DCSSI, the proposed security target must observe the following minimum requirements:
• The security objectives of the target must cover the requirements laid down by the decree; • The assurance requirements of the security target must correspond to level EAL 4+.
Depending on the environment of the SSCD under evaluation, Level EAL 4 must be supplemented by at least:
• In an open environment: AVA_MSU.3 , AVA_VLA.4,
• In a protected environment: ADV_IMP.2, AVA_CCA.1, AVA_VLA.4.
For an evaluation according to the ITSEC, the assurance level must be “E3 high” and the assurance components required must be examined on a case-by-case basis through cooperation between the evaluation sponsor and the DCSSI.
4.4.
Use of Other Certification Standards
If the device concerned has already been certified according to a standard other than the ITSEC or the CC, the DCSSI examines the additional evaluations needed in order to award the certificate of conformity on a case-by-case basis, and the sponsor must supply the DCSSI with all documents necessary in order to carry out this examination, such as the evaluation report.
The DCSSI examines situations not covered by this procedure on a case-by-case basis.
On the other hand, any dispute or disagreement concerning the awarding of the certificate of conformity to the decree shall be brought to the attention of the certification management board.
Appendix A
Table Showing Recommended Protection Profiles
Protection profile used EESSI standard no. Environment concerned Electronic signature creation and verification data generation function (1) Electronic signature creation function (2) Conformance to French decree no. 2001-272 (art. 3.I) PP SSCD type1 Secure Signature Creation Device type1 CWA 14169 Appendix AUser Yes No Conformance
for the function (1) PP SSCD type2 Secure Signature Creation Device type2 CWA 14169 Appendix B
User No Yes Conformance
for the function (2) PP SSCD type3 Secure Signature Creation Device type3 CWA 14169 Appendix C
User Yes Yes Conformance
PP MCSO Cryptographic Module for CSP Key Generation Services CWA 14167-2 Certification service provider
Yes Yes Conformance
PP CMCKG Crytographic Module for CSP Key Generation Services CWA 14167-3 (pending) Certification service provider Yes No Conformance
for the function (1)
Appendix B
Abbreviations
CC
Common Criteria
CEM
Common Evaluation Methodology
CMCKG
Cryptographic Module for CSP Key Generation Services
COFRAC
Comité Français d’Accréditation / French accreditation board
DCSSI
Direction Centrale de la Sécurité des Systèmes d’Information / Central
Directorate for Information Systems Security
IT
Instruction Technique / Technical Instruction
ITSEC
Information Technology Security Evaluation Criteria
ITSEM
Information Technology Security Evaluation Methodology
MCSO
Module for CSP Signing Operation
PSC / CSP
Prestataire de Service de Certification / Certification Service Provider
SSCD
Secure Signature Creation Device / Dispositif sécurisé de création de
Appendix C
References
Directive 1999/93/CE
of the European Parliament and Council of 13 December 1999 on a Community framework for electronic signatures.
French law
2000-230 of 13 March
2000
Defining the adaptation of the law of proof to information technologies and relating to electronic signatures.
French decree
2001-272 of 30
March 2001
Enacted to implement article 1316-4 of the French Civil Code relating to electronic signatures, modified by article 20 of decree 2002-535.
French decree 2002-535 of 18 April 2002
Relating to evaluation and certification of security provided by information technology products and systems.
CWA 14169 European Committee for Standardization CEN/ISS : Security Requirements of
Secure Signature Creation Devices (SSCD) – SSCD-PP
CWA 14167-2 European Committee for Standardization CEN/ISS : Security Requirements of
Cryptographic Module for CSP Signing Operations – MCSO-PP
CWA 14167-3 European Committee for Standardization CEN/ISS : Security Requirements of
Cryptographic Module for CSP Key Generation Services – CMCKG-PP
ITSEC Information technology security evaluation criteria (ITSEC), version 1.2, June
1991.
ISO/IEC 15408 Information technology — Security techniques — Evaluation criteria for IT
security :
ISO/IEC 15408-1:1999(E) : Part 1 : Introduction and general model ; ISO/IEC 15408-2:1999(E) : Part 2 : Security functional requirements ; ISO/IEC 15408-3:1999(E) : Part 3 : Security assurance requirements.
CC Common Criteria for Information Technology Security Evaluation : Part 1 : Introduction and general model, version 2.1, August 1999 ; Part 2 : Security functional requirements, version 2.1, August 1999 ; Part 3 : Security assurance requirements, version 2.1, August 1999.