Security Target: Samsung_SDS_SPass_NX_V1.0_ST_Lite(En)

Security Target: Samsung_SDS_SPass_NX_V1.0_ST_Lite(En)
od
SPass NX V1.0
on S3CT9KW/S3CT9KC/S3CT9K9
Security Target
Public version
Samsung SDS
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
REVISION STATUS
Revision
Date
Author
1.00
2012.05.04
JH Lee
Description of Change
ST final release
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 2 of 94
Contents
CONTENTS ........................................................................................................................................................ 3
LIST OF FIGURES ............................................................................................................................................ 5
LIST OF TABLES .............................................................................................................................................. 6
1
ST INTRODUCTION ................................................................................................................................ 7
1.1
ST REFERENCE..................................................................................................................................... 7
1.2
TOE REFERENCE ................................................................................................................................. 7
1.3
TOE OVERVIEW ................................................................................................................................... 7
1.3.1 TOE Type ........................................................................................................................................ 7
1.3.2 MRTD System.................................................................................................................................. 8
1.3.3 Life Cycle and Environment of the TOE ....................................................................................... 10
1.3.4 TOE Security Characteristics ....................................................................................................... 11
1.4
TOE DESCRIPTION ............................................................................................................................. 14
1.4.1 Physical Scope of the TOE ............................................................................................................ 14
1.4.2 Logical Scope of the TOE ............................................................................................................. 17
1.5
CONVENTIONS.................................................................................................................................... 20
1.6
ST ORGANIZATION............................................................................................................................. 20
2
CONFORMANCE CLAIM ..................................................................................................................... 21
2.1
COMMON CRITERIA CONFORMANCE .................................................................................................. 21
2.2
PROTECTION PROFILE CONFORMANCE ............................................................................................... 21
2.3
PACKAGE CONFORMANCE.................................................................................................................. 21
2.4
CONFORMANCE CLAIM RATIONALE ................................................................................................... 22
2.4.1 The Consistency of the TOE Type ................................................................................................. 22
2.4.2 The Consistency of the Security Problem Definition..................................................................... 22
2.4.3 Security Objectives Rationale ....................................................................................................... 24
2.4.4 The Rationale for the Consistency of Security Function Requirements ........................................ 25
2.4.5 The Consistency of the Security Assurance Requirements ............................................................ 29
3
SECURITY PROBLEM DEFINITION ................................................................................................. 31
3.1
3.2
3.3
4
THREATS ............................................................................................................................................ 31
ORGANISATIONAL SECURITY POLICIES .............................................................................................. 33
ASSUMPTION ...................................................................................................................................... 36
SECURITY OBJECTIVES ..................................................................................................................... 39
4.1
SECURITY OBJECTIVES FOR THE TOE ................................................................................................ 39
4.2
SECURITY OBJECTIVES FOR THE ENVIRONMENT ................................................................................ 41
4.3
SECURITY OBJECTIVES RATIONALE ................................................................................................... 43
4.3.1 Security Objective Rationale for the TOE ..................................................................................... 45
4.3.2 Security Objective Rationale for Operating Environment ............................................................ 49
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 3 of 94
5
DEFINITION OF EXTENDED COMPONENT ................................................................................... 52
6
SECURITY REQUIREMENTS ............................................................................................................. 53
6.1
TERMS AND DEFINITIONS ................................................................................................................... 54
6.2
TOE SECURITY FUNCTIONAL REQUIREMENTS ................................................................................... 54
6.3
TOE SECURITY ASSURANCE REQUIREMENTS .................................................................................... 73
6.4
SECURITY REQUIREMENTS RATIONALE ............................................................................................. 74
6.4.1 Security Functional Requirements Rationale ................................................................................ 75
6.4.2 Security Assurance Requirements Rationale................................................................................. 76
6.4.3 Rationale of Dependency .............................................................................................................. 77
7
TOE SUMMARY SPECIFICATION .................................................................................................... 80
7.1
TOE SECURITY FUNCTIONALITY ....................................................................................................... 80
7.1.1 Initialization/Personalization Agent Authentication and Generation of Authentication
Key/Session Key of Each Mechanism......................................................................................................... 81
7.1.2 Identification of MRTD Application (AID : A0000002471001) ................................................... 81
7.1.3 Management of TOE Initialization and Operational Mode .......................................................... 81
7.1.4 Personalization of MRTD User Data and TSF Data .................................................................... 82
7.1.5 BAC and MRTD Access ................................................................................................................ 82
7.1.6 AA ................................................................................................................................................. 82
7.1.7 EAC-CA ........................................................................................................................................ 82
7.1.8 EAC-TA ......................................................................................................................................... 82
7.1.9 Secure Messaging after Personalization Agent Authentication, BAC or EAC-CA ....................... 83
7.1.10
Secure Start-up and Use of IC chip’s Security Features .......................................................... 83
7.1.11
Assurance of TSF Secure Operation ......................................................................................... 83
7.2
ASSURANCE MEASURES ..................................................................................................................... 85
8
REFERENCES ......................................................................................................................................... 86
8.1
8.2
9
EXTERNEL REFERENCES..................................................................................................................... 86
INTERNEL REFERENCES...................................................................................................................... 86
TERMS AND ABBREVIATION ............................................................................................................ 87
9.1
9.2
TERMS................................................................................................................................................ 87
ABBREVIATIONS................................................................................................................................. 91
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 4 of 94
List of Figures
Figure 1. Overall Configuration of the MRTD System ........................................................................... 8
Figure 2. TOE Operational Environment ............................................................................................. 11
Figure 3. Physical Scope of the TOE .................................................................................................. 15
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 5 of 94
List of Tables
Table 1. Types of Certificates ................................................................................................................ 9
Table 2. TOE Life Cycle ...................................................................................................................... 10
Table 3. The MRTD Security Mechanisms.......................................................................................... 13
Table 4. TOE and TOE Component Identification ............................................................................... 16
Table 5. TOE Assets ........................................................................................................................... 17
Table 6. Contents of the LDS in which the User Data are Stored ....................................................... 18
Table 7. List of the Re-establishment of the Security Problem Definition ........................................... 22
Table 8. List of Augmentation to the Security Problem Definition ....................................................... 23
Table 9. List of Re-establishment of the Security Objectives .............................................................. 24
Table 10. List of the Augmentation to the Security Objectives............................................................ 24
Table 11. List of Re-establishment of the SFR ................................................................................... 25
Table 12. List of the Additional SFR .................................................................................................... 28
Table 13. MRTD Access Control Policy .............................................................................................. 35
Table 14. The mapping between Security Problem Definition and Security Objectives ..................... 43
Table 15. Definition of Subject, Object, related Security Attributes and Operation ............................ 53
Table 16 Terms and Definitions Relevant to SFR ............................................................................... 54
Table 17 Cryptographic Key Distribution Standard and Method ......................................................... 56
Table 18 Cryptographic Key Distribution Standard and Method ......................................................... 56
Table 19 Symmetric Key Cryptographic Standards and Specifications .............................................. 57
Table 20 MAC Standards and Specifications ...................................................................................... 58
Table 21. Details of Digital Signature in the EAC Specifications ........................................................ 59
Table 22. Details of Digital Signature in the AA Specifications ........................................................... 59
Table 23. Subject-relevant Security Attributes .................................................................................... 61
Table 24. Object-relavant Security Attributes ...................................................................................... 61
Table 25. Authentication Failure Handling for Authentication Mechanism .......................................... 64
Table 26. Authentication Failure Handling for Authentication Mechanism (2) .................................... 65
Table 27. TSF Data Operations for Each Authorized Role ................................................................. 69
Table 28. Security Assurance Requirements ...................................................................................... 74
Table 29. Mappings between Security Objectives and Security Functional Requirements ................ 75
Table 30. Dependency of TOE Functional Components ..................................................................... 77
Table 31 Dependency of the Augmented Assurance Component ...................................................... 79
Table 32 TSF of IC chip used in the TOE ........................................................................................... 80
Table 33. TOE Assurance Measures .................................................................................................. 85
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 6 of 94
1 ST Introduction
This document is the Security Target (hereafter, ‘ST‘) of SAMSUNG SDS SPass NX V1.0 on
S3CT9KW /S3CT9KC/S3CT9K9 which shall be embedded in SPNX10 product and developed by
SAMSUNG SDS.
This section identifies the ST and the TOE and provides summary of ST and the evaluation criteria
that TOE conforms to.
1.1 ST Reference

Title : SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target (Public Version)

Version : V1.00

Release date : 4 of May, 2012

Author : SAMSUNG SDS Co., Ltd.

Evaluation criteria : Common Criteria for Information Technology Security Evaluation
V3.1r3 [CC_PAS]

Evaluation assurance level : EAL4+ (ADV_IMP.2, ALC_DVS.2, ALC_CMS.5, ALC_TAT.2,
ATE_DPT.2, AVA_VAN.5)

PP compliance : ePassport Protection Profile V2.1[PP]

PP certification number : KECS-PP-0163a-2009
th
1.2 TOE Reference

Developer : SAMSUNG SDS Co., Ltd

TOE name : SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9
(hereafter ‘S3CT9KW/S3CT9KC/S3CT9K9‘ is abbreviated to ‘S3CT9Kx‘)


TOE element
-
SPass NX V1.0
-
S3CT9Kx : Samsung S3CT9KW/S3CT9KC/S3CT9K9 16-bit RISC Microcontroller for
Smart Card, Revision 0 with optional Secure RSA/ECC V1.0 Library including specific
IC Dedicated Software
-
User Manual (SPNX-AGD-001, SPNX-AGD-002, SPNX-AGD-003)
TOE version : Release 2
1.3 TOE Overview
1.3.1 TOE Type
The TOE that defined in this ST is IC chip operating system (COS), the application of machine
readable travel documents (MRTD application) and hardware elements of the IC chip of machine
readable travel documents (S3CT9Kx). S3CT9Kx has separately achieved Common Criteria
certification from BSI as follows and since the IC chip operating system with MRTD application is
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 7 of 94
embedded on that, the TOE is the composition TOE that follows CCDB-2007-09-001. The TSF of IC
chip used by the TOE is described in the section 7.1.
PP compliance
BSI-PP-0035-2007
Certified TOE name
S3CT9Kx 16-bit RISC Microcontroller for Smart Card,
Revision 0 with optional secure RSA/ECC V1.0 Library
including specific IC Dedicated Software
Certification number
BSI-DSZ-CC-0639-2010, BSI-DSZ-CC-0639-2010-MA-01
Certified cryptographic
library version
Secure RSA/ECC Library v1.0, TRNG Library v1.0, DRNG
Library v1.0
Evaluation Assurance
Level
EAL5+ (ALC_DVS.2, AVA_VAN.5)
The MRTD application satisfies the ICAO’s Machine Readable Travel Documents, DOC 9303 Part 1
Volume 2[DOC9303] and the BSI’s Advanced Security Mechanisms Machine Readable Travel
Documents – Extended Access Control V1.11 2008.02 [EAC].
The MRTD is the passport embedded the contactless IC chip in which identity and other data of the
MRTD holder stored according to the International Civil Aviation Organization (ICAO) and the
International Standard Organization (ISO). The contactless IC chip used in the MRTD is referred to
as MRTD chip. The MRTD chip is loaded with the MRTD application and IC chip operating system
(COS) to support IT and information security technology for electronic storage, processing and
handling of the MRTD identity data.
1.3.2 MRTD System
The Figure 1 shows the overall configuration of the MRTD system.
Figure 1. Overall Configuration of the MRTD System
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 8 of 94
The MRTD holder requests for issuing of the MRTD and receives the MRTD issued according to the
Issuing Policy of the MRTD. The MRTD holder presents the MRTD to an immigration officer so that
the MRTD is inspected at immigration control. For immigration control, the MRTD is verified by an
immigration officer or an automatic Inspection System according to the MRTD immigration control
policy for each country.
The Reception organization collects personal and biometric data of the MRTD holder, checks identity
of the MRTD holder through cooperation with the related organizations, such as National Police
Agency, and sends to the personalization agent for issuing of the MRTD with these data collected.
The Personalization agent generates document security object(‘SOD’ hereafter) by digital signature
on the user data (identity and authentication data) and records it in the MRTD chip with the MRTD
identity data sent from the reception organization. Also, after recording the TSF data in secure
memory, the personalization agent manufactures and issues the MRTD embedded the MRTD chip
to the passport. Details of data recorded in the MRTD will be described in 1.4.2 Logical Scope of the
TOE.
The Personalization agent generates digital signature key for verifying of forgery and corruption of
the user data stored in the MRTD chip. Then, in accordance with the Certification Practice
Statement(CPS) of the MRTD PKI System the personalization agent generates, issues and manages
CSCA certificate and DS certificate. According to the Issuing Policy of the MRTD, the personalization
agent generates digital signature key to verifying access-rights to the biometric data of the MRTD
holder in case of supporting EAC security mechanism. Then, the personalization agent generates,
issues and manages CVCA certificate, CVCA link certificate and DV certificate. For details related to
of the MRTD PKI System and certification practice, such as certification server, key generation
devices and the physical procedural security measures, etc., it depends on the Issuing Policy of the
MRTD.
The Document verifier generates IS certificate by using CVCA and DV certificates, then provides
these certificates to Inspection System.
Types of certificates used in the MRTD system are as shown in Table 1 below.
Table 1. Types of Certificates
Usage
MRTD PKI
Subject
Certificate
CSCA
CSCA certificate
Personalization agent
DS certificate
System
To verify forgery and
corruption of the user
PA‐PKI
data
To verify the access‐right
CVCA certificate
EAC‐PKI
CVCA
of the biometric data of
CVCA link certificate
the MRTD holder
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 9 of 94
Document verifier
DV certificate
EAC supporting
IS certificate
Inspection System
1.3.3 Life Cycle and Environment of the TOE
The ST identifies the life cycle of of the TOE and the operational environment of the TOE as follows.
<Life Cycle of the TOE>
Table 2 shows the life cycle of the MRTD chip and the TOE. The transmission process in Table 2
has been omitted. In the life cycle shown in [Table 2], TOE development process corresponds to
phase 1 (Development) and phase 2 (Manufacturing), while TOE operational environment
corresponds to phase 3 (Personalization) and phase 4 (Operational Use).
Table 2. TOE Life Cycle
Phase
Phase 1
Life Cycle of the IC Chip
Life Cycle of the Embedded S/W
① The IC chip developer to
design the IC chip and to
develop the IC chip Dedic
ated S/W
(Development)
② The S/W developer to develop the TOE (COS,
MRTD application) by using the IC chip and the
Dedicated S/W
③ The IC chip manufacture
r to mask the TOE in the
ROM, to record the IC c
hip identifier and to prod
uce the IC chip
④ The MRTD manufacturer to create user data
Phase 2
storage space according to the LDS format or the
(Manufacturing)
ICAO document and to record it in EEPROM
⑤ The MRTD manufacturer to record identification
and authentication information of the MRTD
Personalization agent in the EEPROM
⑥ The MRTD manufacturer to embed the IC chip i
n the passport book
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 10 of 94
⑦ The Personalization agent to create SOD by a
digital signature on the MRTD identity data
Phase 3
(Personalization)
⑧ The Personalization agent to record the MRTD i
dentity data, the authentication data (including S
OD) and the TSF data in the TOE
Phase 4
⑨ The Inspection System to verify the MRTD and t
o check identity of the MRTD holder by communi
cating with the TOE
(Operational
Use)
The initialization of the TOE can be conducted after both manufacturing the inlay sheet and manufacturing the cover sheet depending on the personalization agent’s policy.
The life cycle of the TOE is subdivided for Embedded S/W with 3 steps of Kernel Mode and 3 steps
of Application Mode that is activated only in Operational Use mode of the kernel. Here manufacturer
means the TOE developer or an MRTD manufacturer delegated by the TOE developer.
<TOE Operational Environment>
Figure 2 shows the operational environment of the TOE in the phases of the MRTD
Personalization and Operational Use through the relationship with major security functions
of TOE and external entities (the Personalization agent, the Inspection System) that interact
with TOE.
Figure 2. TOE Operational Environment
1.3.4 TOE Security Characteristics
<Security Mechanism>
The TOE provides security characteristics such as the confidentiality, the integrity, the access control
and the authentication, in order to protect the TSF data and the user data of the MRTD identity data
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 11 of 94
and the MRTD authentication data, etc. These security characteristics are implemented with the BAC
mechanism of the ICAO document and the EAC mechanism of the EAC specifications. Also, the
TOE provides the SOD to the BIS and the EIS and the Inspection System detects forgery and corruption of the user data through the verification of the digital signature of the SOD.
BAC
The BAC (basic access control) is to provide the confidentiality and the integrity for the personal data
of the MRTD holder by secure messaging when controlling access to the personal data of the MRTD
holder stored in the TOE and transmitting it to the Inspection System with read-rights. The BAC includes the BAC mutual authentication, the BAC key distribution and the BAC secure messaging.
The TOE generate random values by either generate the BAC authentication key from the MRZ data
of DG1 or using the stored BAC authentication key and the BAC-supporting Inspection System by
using BAC authentication key generated from reading optically the MRZ. Then, the TOE and the
Inspection System perform encryption the generated random number and exchange them. The TOE
and the BAC-supporting Inspection System execute the BAC mutual authentication by checking the
exchanged random number. The session is ended in case of the mutual authentication failure.
The TOE, in order to secure transmission of the personal data of the MRTD holder after checking the
read-rights of the Inspection System for the personal data of the MRTD holder through the BAC mutual authentication, establishes the BAC secure messaging by encrypting with the BAC session key
shared through the BAC key distribution and generating the MAC.
EAC
The EAC (extended access control) is to provide the confidentiality and the integrity for the biometric
data of the MRTD holder by secure messaging when controlling access to the biometric data of the
MRTD holder stored in the TOE and transmitting it to the Inspection System with read-rights. The
EAC includes the EAC-CA, the EAC secure messaging and the EAC-TA.
The EAC-CA is to implement the ephemeral-static DH key distribution protocol for the EAC session
key distribution and the chip authentication. The TOE transmits the EAC chip authentication public
key so that the Inspection System authenticates itself and executes key distribution protocol by using
temporary public key received from the Inspection System. The session is ended in case of the EACCA failure. In case of the successful EAC-CA, the TOE establishes the EAC secure messaging by
using the EAC session key.
The EAC-TA is for the TOE to implement challenge-response authentication protocol based on the
digital signature in order to authenticate the EAC-supporting Inspection System. The TOE authenticates the Inspection System, verifying the value of the digital signature by the Inspection System in
temporary public key used for the EAC-CA, by using the IS certificate. The TOE, when receiving the
CVCA link certificate, the DV certificate and the IS certificate from the EAC-supporting Inspection
System, verifies the CVCA link certificate by using the CVCA digital signature verification key in secure memory. Then, by checking valid date of the CVCA link certificate, the TOE updates the CVCA
digital signature verification key and the current date if necessary. After verifying the IS certificate
and checking that it is a suitable certificate, the TOE allows access of the EAC-supporting Inspection
System to read the biometric data of the MRTD holder and transmits the data through the EAC secure messaging.
AA
AA(active authentication) is to provide the capability to generate evidence that can be used as a
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 12 of 94
guarantee of the valid binding between MRTD IC chip and the stored user data by the mechanism
that the Inspection System verifies the digital signature signed by the TOE including the random
number sent by the Inspection System. The AA private key of the TOE used as the signing key is
stored in the secure memory that are not accessiable via external interfaces, the Inspection System
requests TOE to generate digital signature and verifies it using AA public key in the DG15 after
establishing BAC secure communication channel TOE.
The Inspection System can deny the MRTD holder to pass the border in case verification of the
digital signature comes to fail.
Table 3 summarized the MRTD security mechanisms.
Table 3. The MRTD Security Mechanisms
The MRTD Security Mechanisms
Cryptographic
Key/Certificate
Type
Security
Security
cryptography
Mechanism characteristic
PA
AA
BAC
User Data
Authentication
N/A
N/A
IT Security characteristic of the TOE
Access control to the SOD
‐ Read‐rights: BIS, EIS
‐Write‐rights: Personalization agent
AA Private Key
TOE generates a digital signature to
(used to generate
card nonce and terminal nonce and
digital signature)
Inspection System verifies it to ensure
AA Public Key
that the IC chip is genuine
(used by BIS, EIS)
The TOE verifies if the Inspection
Symmetric key‐
System
has
access‐rights,
by
based entity
BAC
decryption and MAC operation for the
authentication
BAC Mutual
Authentication Key transmitted value of the Inspection
protocol
authentication
(encryption key, System.
TDES‐CBC
MAC key)
The TOE transmits the value to the
SHA
Inspection System after encryption
MAC
and MAC operation for authentication.
IC chip genuineness Verification
Asymmetric
Key Digital
Signature
RSASSA
SHA
Symmetric key‐
based key
BAC
distribution BAC Session Key
Key
protocol
(encryption key,
Distribution
MAC key)
TDES‐CBC
SHA
MAC
BAC
Secure
messaging
Secure
Messaging
Generating BAC session key by using
KDF from the exchanged key‐sharing
random number on the basis of the
TDES‐based key distribution protocol
Transmitting messages by creating
the MAC after encryption with the BAC
BAC Session Key
session key
(encryption key,
Receiving messages by decryption it
MAC key)
after verifying the MAC with the BAC
session key
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 13 of 94
EAC‐CA
DH key
distribution
protocol
ECDH key
distribution
protocol
EAC Secure
messaging
Secure
messaging
EAC‐TA
RSAPSS
ECDSA
EAC
EAC Chip
Authentication
Public Key
EAC Chip
Authentication
Private Key
The TOE executes the ephemeral‐
static DH key distribution protocol
EAC Session Key
Secure messaging by using the EAC
(cryptographic key,
session key shared in the EAC‐CA
MAC key)
CVCA certificate Verifying the IS certificate by using the
CVCA link
certificate chain and the link certificate
certificate
Verifying the digital signature for
DV certificate transmitted messages of the EIS for
IS certificate
the EIS authentication
<TOE Access Control and Security Management>
The TOE provides access control rules and management functions for the MRTD application data
based on security attributes of the user in the phases of the Personalization and the Operational Use.
The TOE provides only the authorized personalization agent to writing function on the user data and
TSF data in the Personalization phase. Also, the TOE provides the access control function on the
read-rights of the user data based on the access-rights of the Inspection System given through execution of security mechanisms in the Operational Use phase.
The TOE allows only the authorized personalization agent to manage the security attributes of user,
user data and TSF data in the phases of the Personalization and the Operational Use and defines it
as security role. Also, the TSF executes itself some security management functions, such as updating the CVCA certificate and the current date and initializing the identifier for secure messaging, etc.
<Other TOE Protection>
The TOE executes the functions to detect and handle for modification of the TSF data transmitted
and run self-testing to verify the integrity of the stored TSF data and TSF. Also, if detecting failures
through self-testing or abnormal operation in the IC chip, the TOE preserves a secure state so that to
prevent the types of failures in the TSF(malfunction).
The TOE ensures not to obtain the cryptographic-related data by exploiting physical phenomena of
the cryptographic operation (change of current, voltage and electromagnetic, etc.).
1.4 TOE Description
1.4.1 Physical Scope of the TOE
The physical scope of the TOE is defined as Figure 3 in the ST.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 14 of 94
Figure 3. Physical Scope of the TOE
The MRTD refers to the passport book and the MRTD chip and the antenna embedded in the cover
1
of the passport book . The MRTD chip includes the IC chip operating system, the MRTD application,
the MRTD application data and the IC chip elements. The IC chip elements consist of CPU, coprocessor, I/O port, memory (RAM, ROM, EEPROM) and contactless interface, etc.
In this ST, TOE is defined with the IC chip operating system (COS), the MRTD application, the
MRTD application data and the IC chip hardware elements. TOE is Samsung Electronics Secure IC
chip S3CT9Kx that contains proprietary IC chip operating system(Embedded S/W) including an
MRTD application, where S3CT9Kx includes CPU that conducts TOE execution code, TDES
accelerator and Tornado coprocessor. In particular, RSA and ECC are provided as a cryptographic
library of Tornado and in the scope of the IC chip TOE.
The COS provides functions for execution of MRTD application and management of the MRTD
application data, such as commands processing and files management, etc. defined in ISO/ IEC
7816-4, 8 and 9. In this protection profile accepts both opened or closed IC chip operating systems.
The MRTD chip application is IC chip application that implements the function to store and process
the MRTD identity data according to LDS(Logical Data Structure) format defined in the ICAO
document and security mechanism to securely protect the function. Also, the MRTD application is
added the EAC security mechanism by the EAC specifications, because the biometric data of the
MRTD holder is included in the MRTD identity data.
The MRTD application data consists of the user data, such as the MRTD identity data, etc., and the
TSF data required in the security mechanism
The IC chip S3CT9Kx as a component of the TOE where Embedded S/W is contained achieved a
separate common criteria certificate from BSI and its cryptographic library provides security functions
as follows.

Symmetric key cryptographic operation
1
TOE carrier can be the cover of the passport as well as various form factors like ID-1 and ID-3 defined in the
ISO/IEC 7816 depending on the policy of the personalization agent and is combined with antenna inlay.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 15 of 94
The IC chip provides AES and TDES accelerator and relevant control register in order that
the TOE can perform operations such as (1)112 bit TDES message encryption and
decryption for BAC, (2)Retail MAC calculation based on 112 bit TDES for BAC and EAC,
(3)128 bit AES message encryption and decryption for initialization authentication and
personalization agent authentication and (4)112 bit AES-CMAC calculation for Secure
Messaging according to initialization authentication and personalization agent authentication.

Asymmetric key cryptographic operation
TM
The IC chip provides crypto-processor (Tornado ) and relevant cryptographic library
capable of 2048-bit modulus RSA and 512-bit ECC operations in order that the TOE can
perform operations such as (1)key exchange and agreement based on DH or ECDH,
(2)digital signature verification based on RSA or ECDSA for EAC-TA, (3)digital signature
generation based on RSA or ECDSA for AA.

One-way hash functions
The IC chip’s cryptographic library provides on-way hash functions of SHA-1, SHA-224,
SHA-256, SHA-384, SHA-512 in order that the TOE can perform operations such as (1)KDF
calculation which derives symmetric key used to perform Secure Messaging of BAC/EAC,
(2)digital signature generation and verification based on RSA/ECDSA, (3)KDF calculation
which derives symmetric key used to perform Secure Messaging of initialization or
personalization.

Random number generation
TRNG (TRNG Library v1.0) evaluated under AIS31 standard class P2 level and DRNG
(DRNG Library v1.0) evaluated under AIS20 enables TOE to create unpredictable and
irreproducible random number to be used in preventing replay attacks. TOE uses only
TRNG.

Countermeasures against side channel attacks
The IC chip provides hardware-based countermeasures such as Random Current
Generator, Random Wait-state Generator, Virtual DES/TDE against disclosing information
from the changes of current, voltage, electro-magnetic or such kind of physical phenomenon
during symmetric or asymmetric key cryptographic operations and also provides
cryptographic library where countermeasures against DPA or SPA are implemented.
Meanwhile, the IC chip provides Abnormal Condition Detector that shall reset the IC chip
itself when detecting abnormal frequency, voltage, temperature, light, removal of insulating
shield, and power glitch, as well as Data Bus Scrambling function that enables EEPROM
and RAM data bus to be scrambled. The relevant control register for each function is
provided in order for TOE to use with ease.
TOE and TOE components are identified in the following Table 4.
Table 4. TOE and TOE Component Identification
Category
(Form)
Name
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 16 of 94
Explanation
Product (MRTD IC chip in the
form of COB or wafer)
SPNX
Physical products of the TOE delivered to
customers in the form of wafer or COB
package containing TOE
TOE
SPass NX V1.0 on
S3CT9Kx
Combination of COS, MRTD application
and IC chip
TOE Component (HW)
S3CT9Kx
Revision 0
TOE Component (SW)
SPass NX V1.0
SPass NX V1.0 Release 2
TOE Component (Document)
User Guidance
Inspection System Guidance
Initialization Guidance
Personalization Guidance
1.4.2 Logical Scope of the TOE
TOE consists of 13 subsystems operating on the underlying IC chip.
The TOE communicates with the Inspection System according to the transmission protocol defined in
ISO/IEC 14443-4. The TOE implements the security mechanism defined in the ICAO document and
the EAC specifications and provides access control and security management functions. Also, the
TOE provides functions of the TSF protection, such as the TSF self-testing, preservation of a secure
state, etc.
<Asset>
In order to protect the TOE assets of Table 5, the TOE provides security functions, such as the
confidentiality, the integrity, the authentication and the access control, etc.
Table 5. TOE Assets
Category
MRTD
Identity
Data
User
Data
TSF
Data
Description
Personal Data of the
MRTD holder
Data stored in EF.DG1, EF.DG2, EF.DG5~EF.DG13 and
EF.DG16
Biometric Data of the
MRTD holder
Data stored in EF.DG3 and EF.DG4
MRTD Authentication Data
SOD, EAC chip authentication public key, etc.
EF.CVCA
In EAC‐TA, CVCA digital signature verification key identifier
list used by the TOE to authenticate the Inspection System
EF.COM
LDS version info., tag list of DG used, etc.
EAC Chip Authentication Private
Key
In EAC‐CA, Chip Private key used by the TOE to
demonstrate Not forged MRTD chip
AA Private Key
In AA, AA Private Key used by the TOE to generate digital
signature to show it’s genuine
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 17 of 94
CVCA Certificate
In personalization phase, Root CA Certificate issued in EAC‐
PKI
CVCA Digital Signature
Verification Key
After personalization phase, CVCA certificate Public key
newly created by certificate update
Current Date
In personalization phase, Date of issuing the MRTD is
recorded. However, In operational use phase, the TOE
internally updates it as the latest date among issuing dates of
CVCA link certificate, DV certificate or Issuing State IS
certificate.
BAC Authentication Key
BAC authentication encryption key,
BAC authentication MAC key
Initialization authentication encryption key,
Initialization Key
Personalization Key
Initialization authentication MAC key,
Personalization agent authentication encryption key,
Personalization agent authentication MAC key,
Operational Mode
TOE operational mode indicating credential
MRTD Access Condition
Attributes assigned by personalization agent to allow up to
BAC or up to EAC after MRTD personalization phase
Initialization Data
TSF data credentials set by initialization (including
Personalization Key, Operational Mode, MRTD Access
Condition)
BAC Session Key
BAC session encryption key,
BAC session MAC key
EAC Session Key
EAC session encryption key,
EAC session MAC key
Initialization Session Key
Initialization session encryption key,
Initialization session MAC key
Personalization Session Key
Personalization session encryption key,
Personalization session MAC key
Application Notes : In order to support the EAC, the Personalization agent generates the EAC chip
authentication public and private key and records them in the TOE. The CVCA digital signature
verification key is updated through the CVCA link certificate according to the EAC specifications.
However, the first CVCA digital signature verification key for verifying the CVCA link certificate shall
be recorded in secure memory of the MRTD chip in the personalization phase. When The CVCA
digital signature verification key is updated, the invalidation or deleting the existing CVCA digital
signature verification key depends on the Issuing policy of the MRTD.
The LDS in which the user data are stored defines MF, DF and EF file structure. Table 6 shows the
content of EF.DG1~EF.DG16 in which parts of the user data are stored.
Table 6. Contents of the LDS in which the User Data are Stored
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 18 of 94
Category
DG
Content
Document Type
Issuing State
Name (of Holder)
Document Number
Check Digit – Doc Number
Detail(s)
Recorded
Nationality
DG1
in MRZ
Date of Birth
Check Digit - DOB
Sex
Data of Expiry or Valid Until Date
Check Digit DOE/VUD
Composite Check Digit
Encoded
Identification
Features
DG2
Encoded face
DG3
Encoded finger(s)
DG4
Encoded Eye(s)
DG5
Displayed Portrait
DG6
‐
DG7
Displayed Signature
DG8
‐
DG9
‐
DG10 ‐
Others
DG11 Additional Personal Detail(s)
DG12 Additional Document Detail(s)
DG13 ‐
DG14
EAC Chip Authentication Public
Key
DG15
AA Digital Signature Verification
Key (optional)
DG16 Person(s) to Notify
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 19 of 94
LDS Structure
1.5 Conventions
ST uses some English terms and abbreviations to present clear meaning. The notation, formatting
and conventions used in this ST are consistent with the Common Criteria for Information Technology
Security Evaluation (hereafter referred to as “CC”).
The CC allows several operations to be performed on functional requirements: assignment, iteration,
refinement and selection. Each of these operations is used in this ST.
Iteration
It is used when a component is repeated with varying operations. The result of iteration is
marked by iteration number in parenthesis following the component identifier, i.e., (Iteration No.).
Selection
It is used to select one or more items from a list provided by the CC in stating a requirement.
The result of selection is shown as underlined and italicized.
Refinement
It is used to add detail to a requirement, and thus further restricts a requirement. The result of
refinement is shown in bold text.
Assignment
It is used to assign specific values to unspecified parameters (e.g. : password length). The result
of assignment is indicated in square brackets, i.e., [ assignment_Value ].
“Application Notes” are provided to help to clarify the intent of a requirement, identify implementation
choices or to define "Pass/Fail" criteria for a requirement. Application Notes will follow relevant requirements where appropriate.
1.6 ST Organization
Section 1 provides introductory material required for the ST and PP references and the summary of
TOE.
Section 2 provides the conformance claim that declares conformance for common criteria, protection
profile, and packages, and describes rationale of conformance claim and conformance statement.
Section 3 describes the TOE security problem definition and includes security problems of the TOE
and its IT environment from such as threats, organizational security policies and assumptions.
Section 4 defines the security objectives for the TOE, its IT environment and rationale of security
objectives to counter to identified threats, perform organizational security policies, and support the
assumptions.
Section 5 defines extended components that are not based on common criteria part 2 and part 3.
Section 6 contains the IT security requirements including the functional and assurance requirements
and rationale of security requirements intended to satisfy security objectives.
Section 7 shows TOE summary specification explaining TOE security functionality and assurance
measures.
Section 8 contains the materials referenced in this ST.
Section 9 defines the terms and abbreviations used in this ST.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 20 of 94
2 Conformance Claim
Conformance claim describes how this ST conforms to the common criteria, the protection profile
and the package.
2.1 Common Criteria Conformance
The common criteria which this ST conforms to is identified as follows.
<Common Criteria Identification>

Common Criteria for Information Technology, Part 1: Introduction and general model, version 3.1r3, 2009.7, CCMB-2009-07-001[CC1]

Common Criteria for Information Technology, Part 2: Security functional components version 3.1r3, 2009.7, CCMB-2009-07-002[CC2]

Common Criteria for Information Technology, Part 3: Security assurance components, version 3.1r3, 2009.7, CCMB-2009-07-003[CC3]
<Common Criteria Conformance>

Common Criteria for Information Technology, Part 2 expanded

Common Criteria for Information Technology, Part 3 conformant
2.2 Protection Profile Conformance
This ST conforms to the following PP.

Title : ePassport Protection Profile

Protection Profile Version : V2.1

Certification Number : KECS-PP-0163a-2009

Assurance Package : EAL4 augmented with(ADV_IMP.2, ATE_DPT.2, AVA_VAN.4)

Type of conformance : demonstrable conformance
One of the TOE components, IC chip S3CT9Kx, claims Security IC Platform PP[PP_IC] and is certified as follows. ST lite, cetification report, maintenance reports of the S3CT9Kx can be found in the
CCRA web site.
PP Conformance
BSI-PP-0035-2007
Ceritifcate Number
BSI-DSZ-CC-0639-2010, BSI-DSZ-CC-0639-2010-ma-01
Evaluation
Assurance Level
EAL5+ (ALC_DVS.2, AVA_VAN.5)
2.3 Package Conformance
This ST conforms to the following package.

Assurance package : EAL4+(ADV_IMP.2, ALC_DVS.2, ALC_CMS.5, ALC_TAT.2,
ATE_DPT.2, AVA_VAN.5)
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 21 of 94
2.4 Conformance Claim Rationale
The conformance claim rationale shall demonstrate that the TOE type is consistent with the TOE
type, the security problem definition and the statement of security objectives and the statement of
security requirement in the ePassport Protection Profile V2.1(hereafter ‚PP‘).
2.4.1 The Consistency of the TOE Type
The type of TOE in the PP is the software including IC chip operating system (COS) and the application of machine readable travel documents (MRTD application) with the exception of hardware elements of the chip of machine readable travel documents (MRTD chip). The MRTD application includes the MRTD security mechanisms such as BAC, EAC and the MRTD access controls.
The type of TOE in this ST is the composition of the Embedded S/W which executes chip operating
system with MRTD application and the IC chip hardware elements which claims [PP_IC]. The chip
operating system implements the MRTD security mechanisms such as BAC, EAC and MRTD access
control as well as AA and the personalization agent authentication.
Therefore the type of TOE in this ST includes that in the PP and thus has consistency.
2.4.2 The Consistency of the Security Problem Definition
<The Re-establishment of the Security Problem Definition>
The following table shows that the security problem definition of this ST is equivalent to that of the PP
and maintains the consistency.
Table 7. List of the Re-establishment of the Security Problem Definition
PP
ST
Description of
reestablishment
T.BAC_Authenti
cation_Key_Disclos
e
T.BAC_Authenti
cation_Key_Disclos
e
The BAC authentication
key is generated by the
personaliza-tion
agent
and is stored in the secure memory in the Personalization phase.
Selected the method that The Personalization Agent generates and stores the BAC
authentication key out of the 2 methods
proposed in the PP. Revised the application note according to this change.
”BAC authentication key”
removed
BAC Authentication Key is stored in the
secure memory and is not stored in the
temporary memory. Thus it is not a residual
information.
T.Residual_Info
P.Application_In
stall
T.Residual_Info
P.Application_In
stall
“Initialization authentication key, Initialization
session key, personalization authentication key,
personalization session
key” added
Application notes modified
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 22 of 94
Rationale
Keys are added according to the authentication mechanism of initialization and personalization. This is more restrictive thus it
satisfies “demonstrable conformance”.
TOE is not an ‘open platform’ type thus it is
described that initialization of application
means install of application and subjects
are also described. This is more restrictive
thus it satisfies “demonstrable conformance”
PP
A.Inspection_Sy
stem
ST
A.Inspection_Sy
stem
A.IC_Chip
P.IC_Chip
A.MRZ_Entropy
A.MRZ_Entropy
Description of
reestablishment
Rationale
Modified to make the inspection system
support AA because the TOE provides AA
security mechanism.
Added AA support
This is more restrictive thus it satisfies
“demonstrable conformance”.
IC chip is changed from
TOE underlying platform
to TOE component
Changed from Assumption to Organizational
Security Policy
TOE is a composite TOE meaning IC chip
is included in the scope of the TOE thus IC
chip is changed to TOE component and
PP requires IC chip with appropriate level
certificate shall be used in terms of policy
thus OSP replaces Assumption.
Application notes modified
Raised the threat agent from moderatelevel to high-level thus more restrictive.
<The Augmentation to the Security Problem Definition>
The following table proves that the security problem definition in this ST is more restrictive than that
of the PP which is claimed to be conformed and thus it is consistent.
Table 8. List of Augmentation to the Security Problem Definition
Augmentation
Rationale
T.IC_Chip_Forgery
Adding a threat of IC chip forgery attack augments security object thus enhances the
security attributes and restricts the security problem definition in the PP.
P.The_Issuing_Policy_
of_the_MRTD
Additional OSPs for applying the MRTD personalization policy such as disabling EAC
and secure communication channel do not weaken the security attributes in the PP
thus the security problem is equivalent.
A.Process-Sec-IC
Accepted Assumption from the ST of the underlying IC chip assumes IC hip shall be
delivered and protected in a secure manner during manufacturing phase and personaization phase, thus restricts the security problem definition in the PP
A.Plat-Appl
Accepted Assumption from the ST of the underlying IC chip assumes Embedded S/W
shall be designed under the certified guidance of the IC chip, thus restricts the security problem definition in the PP
A.Resp-Appl
Accepted Assumption from the ST of the underlying IC chip assumes Embedded S/W
shall maintain self application data in a secure manner, thus the security problem is
equivalent.
A.Key-Function
Accepted Assumption from the ST of the underlying IC chip assumes the functionality
relevant to cryptographic keys implemented in the Embedded S/W shall not allow
information leakage attack, thus the security problem is equivalent.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 23 of 94
2.4.3 Security Objectives Rationale
<The Re-establishment of the Security Objectives>
The following table shows the security objectives in this ST is equivalent to those in the PP thus is
consistent.
Table 9. List of Re-establishment of the Security Objectives
PP security
objectives
ST security
objectives
Reestablishment
Rationale
O.Management
Augmented TOE management including
initialization during the
manufactruing phase
TOE management methods including initialization in the manufacturing phase are
additionally defined. This is more restrictive
thus it satisfies “demonstrable conformance”.
O.Session_Manag
ement
Maintain EAC communica-tion channel
instead of session
termination even if the
EAC-TA fails Change
the name
O.Secure_messa
ging
Augmented secure
messaging in the personalization phase
O.Replay_Preve
ntion
O.Replay_Prevent
ion
Modified the application
note, additional authentica-tion data which
requires a random
number
O.Security_Mec
hanism_Applicat
ion_Procedures
O.Security_Cecha
nism_Application_
Procedures
Augmented AA
AA is augmented according to ICAO/EAC
specifications. This is more restrictive thus
it satisfies “demonstrable conformance”.
O.Handling_Info
_Leakage
O.Handling_Infor_
Leakage
Modified application
note according to the
intention of the composite evaluation
Countermeasures are described in the
application note. This is more restrictive
thus it satisfies “demonstrable conformance”.
O.IC_Chip
Change to security
objectives for the TOE
As a composite TOE, IC chip is included in
the TOE scope thus security characteristics
of IC chip should be changed to security
objectives for the TOE.
O.Management
O.Session_Term
ination
O.Secure_Messa
ging
OE.IC_Chip
EAC specification mandates maintaining
the EAC secure messaging channel generated by successful EAC-CA to protect
the transmission data even if the EAC-TA
fails.
Augmenting a purpose in order to add a
function for the policy to protect the transmission data to enhance security in the
manufacturing phase and in the personalization phase
The coverage of authentication data
whichrequires replay prevention is widened
for AA and personalization agent authentication are added.
<The Augmentation to the Security Objectives>
The following table proves that the security objectives in this ST are more restrictive than those in the
PP and are consistent.
Table 10. List of the Augmentation to the Security Objectives
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 24 of 94
Augmentation
Rationale
O.Personalization_Age
nt_Authentication
Augmenting the relevant objective in order to provide authentication method of MRTD
personalization agent and thus restricts the security objectives in the PP
O.Initialization_Authent
ication
Augmenting the relevant objective in order to provide authentication method of TOE
initialization and thus restricts the security objective in the PP
O.AA
Augmenting the security attribute of the TOE for verification of genuineness enhances
the security properties of the PP and thus conforms more restrictively.
2.4.4 The Rationale for the Consistency of Security Function Requirements
<The Re-establishment of the SFR>
The following table shows that the SFR in this ST is equivalent to the SFR in the PP and thus maintains its consistency.
Table 11. List of Re-establishment of the SFR
SFR
Operation performed
in this ST
-
iteration
Renamed to FCS_CKM.1(1)
dependencies
refinement
FCS_CKM.2, FCS_COP.1 refinement
FCS_CKM.1.1
refinement
TSF generates keys on behalf of manufacturers & personalization agents, refinement
on the application notes
dependencies
refinement
FCS_CKM.1 refinement
FCS_CKM.2.1
selection, selection
applied operations to meet the security objectives
dependencies
refinement
FCS_CKM.1 refinement
FCS_CKM.2.1
selection, selection, refinement
refinement on the application notes
dependencies
refinement
FCS_CKM.1 refinement
FCS_CKM.4.1
assignment, assignment
applied operations to meet the security objectives
dependencies
refinement
FCS_CKM.1 refinement
FCS_COP.1.1
(selection+assignment),
(selection+assignment),
(selection+assignment),
refinement
applied operations to meet the security objectives, refinement on the application notes
dependencies
refinement
FCS_CKM.1 refinement
FCS_COP.1.1
(selection+assignment),
(selection+assignment),
(selection+assignment),
refinement
applied operations to meet the security objectives, refinement on the application notes
FCS_COP.1.1
selection,
(selection+assignment)
applied operations to meet the security objectives, refinement on the application notes
FCS_CKM.1
FCS_CKM.2(1)
FCS_CKM.2(2)
FCS_CKM.4
FCS_COP.1(1)
FCS_COP.1(2)
FCS_COP.1(3)
Description on re-establishment
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 25 of 94
SFR
Operation performed
in this ST
Description on re-establishment
dependencies
refinement
FCS_CKM.1 refinement
FCS_COP.1.1
selection,
(selection+assignment),
assignment, assignment
applied operations to meet the security objectives, refinement on the application notes
FDP_ACC.1.1
assignment, assignment,
assignment
applied operations to meet the security objectives
FDP_ACF.1.1
assignment
applied operations to meet the security objectives
FDP_ACF.1.2
assignment
applied operations to meet the security objectives
FDP_ACF.1.3
assignment
applied operations to meet the security objectives
FDP_ACF.1.4
assignment
applied operations to meet the security objectives
FDP_RIP.1
FDP_RIP.1.1
deletion,
assignment,
selection, refinement
deleted BAC authentication key from the
objectives list, refinement on the application
notes
FDP_UCT.1
FDP_UCT.1.1
refinement
refinement on the application notes
FDP_UIT.1.1
selection
applied operations to meet the security objectives
FDP_UIT.1.2
selection, refinement
applied operations to meet the security objectives, refinement on the application notes
-
iteration
Renamed to FIA_AFL.1(1)
dependencies
refinement
FIA_UAU.1 refinement
FIA_AFL.1.1
assignment,
(selection+assignment)
applied operations to meet the security objectives
FIA_AFL.1.2
selection, refinement
applied operations to meet the security objectives, refinement on the method of handling authentication fails
dependencies
refinement
FIA_UID.1 refinement
FIA_UAU.1.1
refinement, assignment
refinement on timing/objective of security
function execution, applied operations to
meet the security objectives
FIA_UAU.1.2
refinement
user refinement
FIA_UAU.1.1
refinement, assignment
refinement on timing/objective of security
function execution, applied operations to
meet the security objectives
FIA_UAU.1.2
refinement
user refinement
FIA_UAU.4
FIA_UAU.4.1
assignment
applied operations to meet the security objectives
FIA_UAU.5
FIA_UAU.5.1
assignment
applied operations to meet the security ob-
FCS_COP.1(4)
FDP_ACC.1
FDP_ACF.1
FDP_UIT.1
FIA_AFL.1
FIA_UAU.1(1)
FIA_UAU.1(2)
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 26 of 94
SFR
Operation performed
in this ST
Description on re-establishment
jectives
FIA_UAU.5.2
refinement, assignment
refinement including AA security mechanism,
applied operations to meet the security objectives
-
iteration
Renamed to FIA_UID.1(1)
FIA_UID.1.2
refinement
refinement on the application notes
-
iteration
Renamed to FMT_MOF.1(1)
FMT_MOF.1.1
refinement
refinement to MRTD Personalization Agent
FMT_MSA.3.2
refinement
refinement to TSF on behalf of Personalization Agent, refinement on the application
notes
component
name
refinement
changed identification information of iteration
component to ‘the certificate verification
information and the authentication key’
FMT_MTD.1.1
assignment, refinement
applied operations to meet the security objectives, augmented application notes
dependencies
refinement
FMT_MTD.1 refinement
assignment, refinement
applied operations to meet the security objectives, refinement to the high-level attack
potential
FMT_SMF.1.1
refinement, assignment
refinement on security management functions in the manufacturing, personalization
and operational use phase, applied operations to meet the security objectives
dependencies
refinement
FIA_UID.1 refinement
FMT_SMR.1.1
assignment
applied operations to meet the security objectives
FPR_UNO.1
FPR_UNO.1.1
assignment, assignment,
refinement
applied operations to meet the security objectives, refinement on the application notes
FPT_FLS.1
FPT_FLS.1.1
assignment
applied operations to meet the security objectives
FPT_ITI.1
FPT_ITI.1.2
assignment, refinement
applied operations to meet the security objectives, refinement on the application notes
FPT_TST.1.1
selection,
selection
applied operations to meet the security objectives
FPT_TST.1.2
selection, assignment
applied operations to meet the security objectives
FPT_TST.1.3
selection
applied operations to meet the security objectives
FIA_UID.1
FMT_MOF.1
FMT_MSA.3
FMT_MTD.1(1)
FMT_MTD.3
FMT_SMF.1
FMT_SMR.1
FPT_TST.1
FMT_MTD.3.1
assignment,
FCS_CKM.1(1), FDP_RIP.1 and FMT_MSA.3 are restrictively refined to reflect that TSF generates
BAC authentication keys on behalf of MRTD Personalization Agent after writing DG1 in the personal-
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 27 of 94
ization phase and writes them in the secure memory of EEPROM and do not write in the volatile
memory during the BAC mutual authentication procedure.
Application notes of FDP_UCT.1 and FDP_UIT.1 are refined to reflect the function that can select
Secure Messaging during transceiving MRTD user data by the Personalization Agent.
FIA_AFL.1(1) is changed because the EAC specification mandates maintaining the secure messaging channel instead of terminating the session to protect the transmitted data when the EAC-TA fails.
At this point, the equivalent level of security to that of terminating the session is assured since the
security of transmitted data is maintained and the access to DG3/DG4 is denied.
FDP_ACF.1, FIA_UAU.1(1), FIA_UAU.1(2) are refined to reflect the distinguishable characteristics of
the implementation of the TOE according to the modes of operation. FIA_UAU.5 is restrictively refined to reflect the characteristic of the TOE that supports AA security mechanism to enhance security.
The security management functions of the MRTD’s operational use phase in FMT_SMF.1 and the
application notes on FCS_CKM.2(2), FIA_UID.1(1), FPT_ITI.1 are refined to reflect the implementational characteristic of the TOE.
<The Augmentation to the Security Functional Requirement>
The following table shows that the SFR in this ST is more restrictive and is consistent with the SFR in
the PP by accepting them with additional SFR.
Table 12. List of the Additional SFR
Additional
SFR
Rationale
FCS_CKM.1(2)
Augmented to generate the key used for the authentication mechanism of intiailization and
personalization agent because each authentication mechanism is augmented.
FCS_CKM.2(3)
Defined additional SFR on distribution method of KDF Seed values to generate the session
keys used for initialization and personalization according to each authentication mechanism
FCS_COP.1(5)
This SFR if added to reflect AA mechanism to prove genuineness of the TOE because AA
mechanism is augmented.
FCS_RNG.1
This SFR is added because it is relevant to meet O.IC_Chip under composite TOE evaluation.
This SFR is added since the AA security mechanism is added to the security objective.
FDP_DAU.1
FIA_AFL.1(2)
FIA_UAU.1(3)
The MRTD personalization agent provides the function to detect the forged IC chip thus the
SFR in this ST accepts the PP restrictively
This SFR is augmented to provide counteractions to the failures of initialization and personalization agent authentication as these are augmented. This accepts the PP restrictively because the counteractions are stronger than those to BAC authentication failure.
This SFR is added for the requirement of the method to authenticate a user as the personalization agent to connect and maintain the security role of the personalization agent to user
and grant the subject right to the user.
This accepts the PP restrictively because it augments personalization agent authentication.
FIA_UAU.1(4)
This SFR is added for the requirement of the method to authenticate a user as the manufacturer to connect and maintain the security role of the manufacturer to user and grant the
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 28 of 94
Additional
SFR
Rationale
subject right to the user.
This accepts the PP restrictively because it augments initialization authentication.
FIA_UID.1(2)
This SFR is added to allow various communication protocol without limiting communication
protocols when manufacturers are identified.
EAC is unnecessary and disabled when DG3/DG4 are not available according to the policy of
the personalization agent.
FMT_MOF.1(2)
The level of security is equivalent to that of the PP since disabling the EAC is only applicable
when DG3/DG4 are not available and the access to DG3/DG4 are explicitly denied when the
EAC is disabled so the MRTD access control policy is conformed.
The PP does not require the secure messaging in personalization phase, but this ST added
this SFR in order to provide the secure messaging and disable it if the personalization environment is secure and does not require the secure messaging.
FMT_MTD.1(3)
This SFR is added since the TOE distinguishes the personalization phase and the operational use phase to manage the MRTD more securely and defines modes of operation and provides management functions in order to implement the command access control according to
the phases. This SFR is also added to reflect the function that writes initialization data to the
secure memory to initialize TSF in the manufacturing phase.
This enhances the security and thus accepts the PP restrictively.
FMT_MTD.1(4)
This SFR is added since the TOE is selected as a subject generates the BAC authentication
key among the two options in the PP and the TSF generates and stores the BAC authentication key automatically after the DG1 is written successfully.
FPT_ITC.1
This SFR is added to provide optional function that enhances the security of transmitted data
in the manufacturing and personalization phase
FPT_PHP.3
This SFR is added because it is relevant to meet O.IC_Chip under composite TOE evaluation.
2.4.5 The Consistency of the Security Assurance Requirements
This ST specifies CC EAL4 augmented with (ADV_IMP.2, ALC_DVS.2, ALC_CMS.5, ALC_TAT.2,
ATE_DPT.2, AVA_VAN.5) to assure the secure operation of the TOE is not compromised and counter the high-level threat agent. This assurance package maintains “demonstrable conformance” of
the security assurance requirements of the PP since this is a superset includes the assurance package of the PP - EAL 4 augmented with(ADV_IMP.2, ATE_DPT.2, AVA_VAN.4) – and ALC_DVS.2
ALC_CMS.5, ALC_TAT.2 and AVA_VAN.5 in this assurance package are hierarachical to each of
ALC_DVS.1, ALC_CMS.4, ALC_TAT.1 and AVA_VAN.4 in the EAL4 assurance package and thus
maintain “demonstrable conformance” of the security assurance requirements of the PP.
<Additional Security Assurance Requirements>
The PP augments the following security assurance requirements (SAR) to the EAL4 assurance
package.

ADV_IMP.2 “Complete mapping of the implementation representation of the TSF”

ATE_DPT.2 “Testing: Security-enforcing modules”

AVA_VAN.4 “Methodical vulnerability analysis”
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 29 of 94
The ST augments again the following security assurance requirements (SAR) to the PP. This augmentation is in accordance with the CC.

ALC_DVS.2
“Sufficiency of security measures”

ALC_CMS.5
“Development tools CM coverage”

ALC_TAT.2
“Compliance with implementation standards”

AVA_VAN.5
“Advanced methodical vulnerability analysis”
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 30 of 94
3 Security Problem Definition
Security Problem Definition defines threats, organizational policy and assumptions that intended to
be processed by TOE and TOE environment.
3.1 Threats
The MRTD is used by possession of individuals without physically controlled devices, therefore both
logical and physical threats is occurred. The threat agent is an external entity that attempts illegal
access to assets protected by the TOE, by using the physical or logical method outside the TOE.
In this ST, the TOE consists of the Embedded S/W and the IC chip. Therefore, the threat agent has
high-level expertise, resources, motivation.
<Threats to the TOE in the Personalization Phase>
T. TSF_Data_Modification
The threat agent may attempt access to the stored TSF data by using the external interface through
the Inspection System.
<BAC-relevant Threats to the TOE in the Operational Use Phase>
T. Eavesdropping
In order to find out the personal data of the MRTD holder, the threat agent may eavesdrop the
transmitted data by using the terminal capable of the RF communication.
T. Forgery_Corruption_Personal_Data
In order to forge and corrupt the personal data of the MRTD holder stored in the MRTD chip, the
threat agent may attempt access to read the user data by using the unauthorized Inspection System.
T. BAC_Authentication_Key_Disclose
In order to find out the personal data of the MRTD holder, the threat agent may obtain the read-rights
of the BAC authentication key located inside the TOE and disclose the related information.
Application Notes : The BAC authentication key may be generated by Personalization Agent in the
Personalization phase or by the TOE in the Operational Use phase. The TOE uses the former method. Therefore the TOE considers the threat of disclose of the BAC authentication key stored in secure memory of the MRTD chip. The BAC authentication key is removed from the T.Residual_Info
because it shall never be stored in the temporary memory.
T. BAC_ReplayAttack
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 31 of 94
The threat agent may bypass the BAC mutual authentication by replay after intercepting data
transmitted by the TOE and the Inspection System in the initial phase of the BAC mutual
authentication.
Application Notes : The TOE delivers the random number of plaintext to Inspection System according
to ‘get_challenge’ instruction of the Inspection System in the BAC. Therefore, the threat agent can
bypass the BAC mutual authentication by intercepting the random number and response value of the
Inspection System and re‐transmitting the response value of the Inspection System to the next session. Also, the threat agent may find the transmission data as threat agent can generate the BAC
session key after obtaining the BAC authentication key by T.BAC_Authentication_Key_Disclose.
<EAC‐related Threats in the Operational Use Phase>
T. Damage_to_Biometric_Data
The threat agent may disclose, forge and corrupt the biometric data of the MRTD holder by using
terminal capable of the unauthorized RF communication, etc.
Application Notes : Only the EIS that succeeded the EAC‐TA can access the read‐rights the biometric data of the MRTD holder. Therefore, the threat agent may attempt to obtain the biometric data
by using the unauthorized Inspection System and BIS, etc.
T. EAC-CA_Bypass
The threat agent may bypass the authentication of the Inspection System so that to go through EACCA by using the threat agent generated EAC chip authentication public key.
T. IS_Certificate_Forgery
In order to obtain the access-rights the biometric data of the MRTD holder, the threat agent may attempt to bypass the EAC-TA by forging the CVCA link certificate, DV certificate and IS certificate and
requesting verification of the certificates to the TOE.
<BAC and EAC‐related Threats in the Operational Use Phase>
T. SessionData_Reuse
In order to find out the transmitted data through the secure messaging, the threat agent may derive
session keys from a number of cryptographic communication texts collected by using the terminal
capable of wide-ranging RF communication.
Application Notes : When the TOE and Inspection System use the BAC authentication key as the
BAC session key, they are vulnerable to ciphertext only attack as the same session key is used in
each BAC session. When the BAC session key is generated with the same random number used in
the BAC mutual authentication, critical information necessary in deriving the session key may be
provided to an attacker as the first random number of the TOE is transmitted as plaintext. In case the
EIS transmits temporary public key in the EAC‐CA and random number in the EAC‐TA to other ses-
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 32 of 94
sions in the same way and the TOE continues to use them, they may be vulnerable to ciphertext only
attack.
T. Skimming
The threat agent may read information stored in the IC chip by communicating with the MRTD Chip
through the unauthorized RF communication terminal without the MRTD holder realizing it.
<Threats related to IC Chip Support>
T. Malfunction
In order to bypass security functions or to damage the TSF and TSF data stored in the TOE, threat
agent may occur malfunction of the TOE in the environmental stress outside the normal operating
conditions.
<Other Threats in the Operational Use Phase>
T. Leakage_CryptographicKey_Info
By using electric power and wave analysis devices, the threat agent may obtain key information used
in cryptographic technique applied to the MRTD security mechanism by analyzing information of
electric power and wave emitted in the course of the TOE operation.
T. MRTD_Reproduction
The threat agent may masquerade as the MRTD holder by reproduction the MRTD application data
stored in the TOE and forgery identity information page of the MRTD.
T. Residual_Info
The threat agent may disclose to critical information by using residual information remaining while the
TSF data, such as initialization authentication key, initialization session key, personalization authentication key, personalization agent session key, BAC session key, EAC session key, DV certificate and
IS certificate, etc., are recorded and used in temporary memory.
T. IC_Chip_Forgery
The threat agent may make an forged MRTD by obtaining the MRTD’s personal information including
the SOD and loading them on a new IC chip.
3.2 Organisational Security Policies
The TOE shall comply with the following Organisational Security Policies (OSP) as security rules,
procedures, practices, or guidelines imposed by an organisation upon its operations.
P. International_Compatibility
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 33 of 94
The Personalization Agent shall ensure compatibility between security mechanisms of the MRTD and
security mechanism of the Inspection System for immigration.
Application Notes : The international compatibility shall be ensured according to the ICAO document
and EAC specifications.
P. Security_Mechanism_Application_Procedures
The TOE shall ensure the order of security mechanism application according to the type of the Inspection System so that not to violate the MRTD access control policies of the Personalization Agent.
Application Notes : The operation flow of the TOE differs according to the type of security mechanisms supported by the Inspection System. The basic operation flow depends on 2.1.1 Standard
MRTD Inspection Procedure and 2.1.2 Advanced MRTD Procedure of the EAC specifications.
P. Application_Program_Install
The Personalization agent shall approve application program installing after checking that application
programs loaded in the MRTD chip does not affect the secure TOE.
Application Notes : The application program installing is implemented during initialization in the TOE
which can be conducted by the manufacturer.
P. Personalization_Agent
The Personalization Agent shall issue the MRTD in the secure manner so that to confirm that the
issuing subject has not been changed and shall deliver the TOE to the Operational Use phase after
verifying that the data inside MRTD chip are operating normally after issuing. The Personalization
Agent shall deactivate the writing function before the TOE delivery to the Operational Use phase.
P. MRTD_Perso_Policy
The TOE shall deactivate the EAC if the Personalization_agent does not store the biometric data into
the MRTD.
The TOE shall provide the way to deactivate the secure communication channel if it is not required
because the issuing environment is insulated from the outside so that the security of transmission
data is assured.
P. MRTD_Access_Control
The Personalization Agent and TOE shall build the MRTD access control policies in order to protect
the MRTD application data. Also, the TOE shall regulate the roles of user.
Application Notes : The TOE shall build access control policies as of the following according to the
ICAO document and EAC specifications.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 34 of 94
Table 13. MRTD Access Control Policy
P. PKI
The Issuing State of the MRTD shall execute certification practice to securely generate · manage a
digital signature key and to generate · issue · operate · destroy certificates according to the CPS by
implementing the PA-PKI and EAC-PKI according to the MRTD PKI System.
Also, The Issuing State of the MRTD shall update certificates according to the policies to manage
valid date of certificates, therefore securely deliver them to the Verifying State and Inspection System.
When the EAC-TA provides the TOE with CVCA link certificate, DV certificate and IS certificate after
the Inspection System obtaining information from EF.CVCA stored in the TOE, the TOE shall internally update certificates by verifying validity of the certificates.
P. Range_RF_Communication
The RF communication distance between the MRTD chip and Inspection System shall be less than
5cm and the RF communication channel shall not be established if the page of the MRTD attached
with IC chip is not opened.
P. IC_Chip
The IC chip, a component of the TOE, provides the random number generation and cryptographic
operation to support security functions of the TOE. It also detects the TOE’s malfunction outside the
normal operating conditions and provides functions of the physical protection to protect the TOE from
physical attacks using the probing and reverse engineering analysis.
Application Notes : To ensure the secure TOE environment, the IC chip shall be a certified product of
CCRA EAL4+(SOF-high) or higher level. The cryptographic operation supported by the IC chip may
be provided in the co-processor of the IC chip or cryptographic libraries loaded in the IC chip.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 35 of 94
P. Application Authentication
The TOE shall install/execute/remove an applications if and only if the application satisfies the
security properties those set by the MCD Issuer and is provided by the application provider who have
the certificate issued by the MCD Issuer .
3.3 Assumption
The assumptions describe the security aspects of the environment in which the TOE will be used or
is intended to be used in order to limit the scope of security consideration.
A. Certificate_Verification
The Inspection System, such as the BIS and the EIS, verifies the SOD after verifying validity of the
certificate chain for the PA (CSCA certificate → DS certificate) in order to verify for forgery and corruption of the MRTD identity data recorded in the TOE. For this, the DS certificate and CRL shall be
verified periodically.
The EIS shall securely hold the digital signature generation key that corresponds to the IS certificate
and shall provide the TOE with the CVCA link certificate, the DV certificate and the IS certificate in
the EAC-TA.
Application Notes : The methods of the Inspection System to verify the certificate chain for the PA
and to distribute the IS certificate and the digital signature generation key may depend on the Issuing
policy of the MRTD. Therefore, the ST author can define security environment according to the
Issuing policy of the MRTD.
A. Inspection_System
The Inspection System shall implement security mechanisms of the PA, the BAC and the EAC according to the ICAO document and EAC specifications on the basis of the verifying policy of the
MRTD for the MRTD holder.
Also, after session ends, the BIS and the EIS shall securely destroy all information used in communication and the TOE, such as the BAC session key, the EAC session key and session information, etc.
Application Notes : The TOE denies the request to access EF.SOD by the Inspection System that
failed the BAC mutual authentication.
As the BIS supports the BAC and PA security mechanisms, it obtains the read‐rights for the personal
and authentication data of the MRTD holder if the BAC mutual authentication using the BAC authentication key succeeds. Then, by establishing the BAC secure messaging with the BAC session key, it
ensures the confidentiality and integrity of all transmitted data. The BIS verifies the SOD by executing
the PA after the BAC. Then, by calculating and comparing a hash value for the personal and authentication data of the MRTD holder, it verifies the forgery and corruption for the personal and authentication data of the MRTD holder. If the BIS supports the AA security mechanism as an option, it verifies the forgery and corruption for the personal and authentication data of the MRTD holder explicitly
by performing the AA and verifying the digital signature which is generated by the TOE.
As the EIS supports the BAC, EAC and PA security mechanisms, it obtains the read‐rights for the
personal, authentication and biometric data of the MRTD holder. The EIS, when the BAC mutual
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 36 of 94
authentication and secure messaging succeed, executes the EAC‐CA by using the EAC chip authentication public key read in the BAC to verify the genuine TOE. Then, it executes the PA in order to
verify the EAC chip authentication public key. When the EAC‐CA is succeeded, the BAC secure
messaging is ended and the EAC secure messaging with the EAC session key is started, and the
EAC‐TA that the TOE authenticates the Inspection System is executed. When the EAC‐TA is succeeded, the EIS obtains the read‐rights for the biometric data of the MRTD holder. Therefore, the EIS
is provided the biometric data of the MRTD holder from the TOE. If the EIS supports the AA security
mechanism as an option, it verifies the forgery and corruption for the personal and authentication
data of the MRTD holder explicitly by performing the AA and verifying the digital signature which is
generated by the TOE after performing the EAC-CA and the PA.
A. MRZ_Entropy
The BAC authentication key seed takes the MRZ entropy to ensure the secure BAC authentication
key.
Application Notes : In order to be resistant to the high‐level threat agent, the entropy for the passport
number, date of birth, data of expiry or valid until date and check digit used as BAC authentication
key seed among the MRZ in the current technological level shall be enough level.
<Assumptions from the ST of IC chip>
The followings are augmented using the assumptions applied in the [ST_IC1], [ST_IC2].
A.Process-Sec-IC (Protection during Packaging, Finishing and Personalisation)
It is assumed that security procedures are used after delivery of the TOE by the TOE Manufacturer
up to delivery to the end-consumer to maintain confidentiality and integrity of the TOE and of its
manufacturing and test data (to prevent any possible copy, modification, retention, theft or
unauthorised use). This means that the Phases after TOE Delivery are assumed to be protected
appropriately.
A.Plat-Appl (Usage of Hardware Platform)
The Security IC Embedded Software is designed so that the requirements from the following
documents are met: (i) TOE guidance documents (refer to the Common Criteria assurance class
AGD) such as the hardware data sheet, and the hardware application notes, and (ii) findings of the
TOE evaluation reports relevant for the Security IC Embedded Software as documented in the
certification report.
A.Resp-Appl (Treatment of User Data)
All User Data are owned by Security IC Embedded Software. Therefore, it must be assumed that
security relevant User Data (especially cryptographic keys) are treated by the Security IC Embedded
Software as defined for its specific application context.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 37 of 94
A.Key-Function (Usage of Key-dependent Functions)
Key-dependent functions (if any) shall be implemented in the Smartcard Embedded Software in a
way that they are not susceptible to leakage attacks.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 38 of 94
4 Security Objectives
This Security Target defines security objectives by categorizing them into the TOE and the
environment. The security objectives for the TOE are directly handled by the TOE. The security
objectives for the environment are handled by technical/process-relevant means supported from IT
environment in order to provide TOE security functionality accurately.
4.1 Security Objectives for the TOE
The followings are security objectives to be directly handled by the TOE
O. Management
The TOE shall provide the means to manage the MRTD application initialization data in the
manufacturing phase to the authorized Manufacturer.
Application Notes : In the Personallization phase, the Personalization Agent shall deactivate the
writing function after recording the MRTD application data.
O.Personalization_Agent_Authentication
The TOE shall provide the authentication means, which have the equivalent level to BAC, to connect
only the authorized Personalization Agent to issuing management role and subject security attributes.
However, it shall provide stronger level of countermeasure to authentication failures than BAC’s. It
shall also generate personalization session keys to be used for creating a secure channel in the
personalization phase.
O.Initialization _Authentication
The TOE shall provide the authentication means, which have the equivalent level to BAC, to allow
only the authorized Manufacturer to initialize. However, it shall provide stronger level of
countermeasure to authentication failures than BAC’s. It shall also generate initiallization session
keys to be used for creating a secure channel in the manufacturing phase.
O.Security_Mechanism_Application_Procedures
The TOE shall ensure instruction flow according to MRTD inspection precedures of the EAC
specification.
Application Notes : The TOE shall ensure that the application order of PA, AA, BAC, and EAC
security mechanisms conforms to 2.1.1 Standard MRTD Inspection Precedure and 2.1.2 Advanced
MRTD Precedure of the EAC specifications and shall not allow requests from the Inspection System
that do not correspond to the security mechanism application order. In case of implementation
different from procedures of the EAC specifications, the ST author shall ensure reliability and secure
operation that conforms to the EAC specifications.
O.Session_Management
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 39 of 94
The TOE shall terminate the session in case of failure of the BAC mutual authentication or detecting
modification in the transmitted TSF data. Also, the TOE shall preserve EAC secure channel in case
of failure of the EAC-TA.
O.Secure_Messaging
The TOE shall ensure confidentiality and integrity to protect the transmitted user and TSF data. Also,
the TOE shall assure secure channel with manufacture in the manufacturing phase and be able to
handle that The Personalization Agent requests the secure messaging in Personalization phase.
O.Certificate_Verification
The TOE shall automatically update the certificate and current date by checking valid date on the
basic of the CVCA link certificate provided by the Inspection System.
O.Secure_State
The TOE shall preserve secure state from attempt of modification of TSF and data at start-up.
O.Deleting_Residual_Info
When allocating resouces, the TOE shall provide means to ensure that previous security-relevant
information (Ex. BAC session key, EAC session key, etc.) is not included.
O.Replay_Prevention
The TOE shall ensure generation and use of different random number per session for the secure
cryptographic-relevant information used in security mechanisms.
Application Notes : The TOE shall generate the transmitted data to the Inspection System in the BAC
mutual authentication and EAC-TA to be different per session and shall not use the BAC
authentication key as the BAC session key. Also, the TOE shall not provide critical information
necessary to derive session key by generating the BAC session key with the same random number
used in the BAC mutual authentication. The transmitted value to Inspection System shall be different
for each session during initialization authentication or personalization agent authentication, and
authenticaiton keys or random numbers used to generate them for each mechanism shall not be
used when generating session keys so as not to provide information indicating them. The random
number generated in the active authentication and the random number used in Persionalization
agent authentication shall be differenctly generated per session.
O.Access_Control
The TOE shall provide the access control functionality so that access to the MRTD application data is
allowed only to external entities granted with access-rights according to the MRTD access control
policies of the Personalization Agent.
Application Notes : Only the authorized Personalization Agent in Personalization phase can update
the Personalization key and can record the MRTD application data. Also, access control policies for
the read-rights according to the type of the Inspection System shall be built in Operational Use phase.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 40 of 94
O.Handling_Info_Leakage
The TOE shall implement countermeasures to prevent exploiting of leakage information during
cryptographic operation for the TSF.
Application Notes : As the co-processor of the IC chip or cryptographic libraries loaded in the IC chip
provide countermeasures to satisfy this security objective, the ST specifies it as a security objective
for the TOE.
O.AA
The TOE shall be able to verify its own genuineness for the Inspection System to detect the forgery
of MRTD chip.
O.BAC
The TOE executes the BAC mutual authentication of the Inspection System with the TOE by
implementing the BAC security mechanism in order to allow the read-rights for the personal data of
the MRTD holder only to the authorized Inspection System. Also, the TOE generates the BAC session key to be used for the BAC secure messaging.
O.EAC
The TOE authenticates the Inspection System by implementing the EAC security mechanism (EACCA and EAC-TA) in order to allow the read-rights for the biometric data of the MRTD holder only to
the authorized Inspection System. Also, the TOE generates the EAC session key to be used for the
EAC secure messaging.
O.IC_Chip
The IC chip, the component of the TOE, provides the random number generation and cryptographic
operation to support security functions of the TOE. It also detects the TOE’s malfunction outside the
normal operating conditions and provides functions of the physical protection to protect the TOE from
physical attacks using the probing and reverse engineering analysis.
4.2 Security Objectives for the Environment
The following are security objectives handled by technical/procedure-relevant means supported from
IT environment in order to provide TOE security functionality accurately.
OE.MRTD_Manufacturing_Security
Physical security measures(security printing, etc.) for the MRTD shall be prepared to detect
reproduction of the MRTD chip and attack attempt of the Grandmaster chess, replacement of the
portrait and modification of the MRZ data, etc.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 41 of 94
OE. Procedures_of_MRTD_Holder_Check
The Immigration officer shall prepare for procedures to check identity of the MRTD holder against the
printed identity information page of the MRTD.
OE.Application_Program_Install
The Personalization agent shall approve application program loading after checking that application
programs loaded in the MRTD chip does not affect the secure TOE.
OE.Certificate_Verification
The Inspection System, such as the BIS and the EIS, verifies the SOD after verifying validity of the
certificate chain for the PA (CSCA certificate → DS certificate) in order to verify for forgery and
corruption of the MRTD identity data recorded in the TOE. For this, the DS certificate and CRL shall
be verified periodically.
The EIS shall securely hold the digital signature generation key that corresponds to the IS certificate
and shall provide the TOE with the CVCA link certificate, the DV certificate and the IS certificate in
the EAC-TA
OE.Personalization_Agent
The Personalization Agent shall issue the MRTD in the secure manner so that to confirm that the
issuing subject has not been changed and shall deliver the TOE to the Operational Use phase after
verifying the normal operation and compatibility of the MRTD. The personalization agent shall deactivate the writing function before the TOE delivery to the Operational Use phase.
OE.Inspection_System
The Inspection System shall implement security mechanisms according to the type of the Inspection
System and ensure the order of application so that not to violate the MRTD access control policies of
the personalization agent. Also, the Inspection System shall securely destroy all information used in
communication with the TOE after the session termination.
OE.MRZ_Entropy
The personalization agent shall ensure the MRZ entropy to ensure the secure BAC authentication
key.
OE.PKI
The Issuing State of the MRTD shall execute certification practice to securely generate and manage
a digital signature key and to generate, issue, operate, or destroy certificates according to the CPS
by implementing the PA-PKI and EAC-PKI according to the MRTD PKI System.
Also, the Issuing State of the MRTD shall update certificates according to the policies to manage
valid date of certificates, therefore securely deliver them to the Verifying State and Inspection System.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 42 of 94
OE.Range_RF_Communication
The RF communication distance between the MRTD chip and Inspection System shall be less than
5cm and the RF communication channel shall not be established if the page of the MRTD attached
with the MRTD chip is not opened.
<Security Objectives for environment from the ST of the IC chip>
The followings are augmented using Security Objectives for environment applied in the [ST_IC1],
[ST_IC2].
OE. Plat-Appl (Usage of Hardware Platform)
To ensure that the TOE is used in a secure manner the Security IC Embedded Software shall be
designed so that the requirements from the following documents are met: (i) hardware data sheet for
the TOE, (ii) data sheet of the IC Dedicated Software of the TOE, (iii) TOE application notes, other
guidance documents, and (iv) findings for the TOE evaluation reports relevant for the Security IC
Embedded Software as referenced in the certification report.
OE.Resp-Appl (Treatment of User Data)
Security relevant User Data (especially cryptographic keys) are treated by the Smartcard Embedded
Software as required by the security needs of the specific application context. For example, the
Smartcard Embedded Software will not disclose security relevant user data to unauthorised users or
processes when communicating with a terminal.
OE.Process-Sec-IC (Protection during composite product manufacturing)
Security procedures shall be used after TOE delivery up to delivery to the “consumer“ to maintain
confidentiality and integrity of the TOE and of its manufacturing and test data (to prevent any
possible copy, modification, retention, theft or unauthorised use). This means that Phases after TOE
Delivery up to the end of Phase 6 must be protected appropriately.
4.3 Security Objectives Rationale
Security Objectives Rationale demonstrates that the specified security objectives are appropriate,
sufficient to trace security problems and are essential, rather than excessive.
The rationale of security objectives demonstrates the following:

Each assumption, threat or organizational security policy has at least one security objective
tracing to it.

Each security objective traces to at least one assumption, threat or organizational security
policy.
Table 14 shows the mapping between Security Problem Definition and Security Objectives.
Table 14. The mapping between Security Problem Definition and Security Objectives
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 43 of 94
Security Objectives for
the Environment
TOE Security Objectives
OE. Range_RF_Communication
OE.PKI
OE.MRZ_Entropy
OE.Inspection_System
OE.Personalization_Agent
OE.Certificate_Verification
OE.Application_Program_Install
X
X
X
X
X
X
X
X
X X
X
X
X
X
X
X
X
X
X X
X
T.Malfunction
T.Leakage_CryptographicKey_
Info
T. MRTD_Reproduction
X
X
X
X
X X
X
T.Residual_Info
X
T.IC_Chip_Forgery
P.MRTD_Access_Control
X
X
T. Skimming
P.MRTD_Perso_Policy
OE.Procedures_of_MRTD_Holder_Check
X
T. SessionData_Reuse
P.Personalization_Agent
X
X
T. EAC-CA_Bypass
P.International_Compatibility
P.Security_Mechanism_Applic
ation_Procedures
P.Application_Program_Install
OE.MRTD_Manufacturing_Security
X
O.IC_Chip
X
O.EAC
X
O.BAC
X
O.AA
X
O.Handling_Info_Leakage
O.Access_Control
O.Replay_Prevention
O.Deleting_Residua_Info
O.Secure_State
X X
X
X X X
T.Damage_to_Biometric_Data
T. IS_Certificate_Forgery
O.Certificate_Verification
X
O.Secure_Messaging
X X
O.Session_Management
T.TSF_Data_ Modification
T.Eavesdropping
T.Fogery_Corruption_Personal
Data
T.BAC_Authentication_Key_Di
sclose
T.BAC_ReplayAttack
O Security_Mechanism_Application_Procedures
O.Initialization_Authentication
Security
Problem
Definition
O.Personalization _Authentication
O.Management
Security
Objectives
X
X
X
X
X X
X X
X
X
X
X
X
X
X
X X
X X
X
P. PKI
X
X
P.Range_RF_Communication
X
P.IC_Chip
X X
A.Certificate_Verification
X
X
A.Inspection System
X
A.MRZ_Entropy
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 44 of 94
The following table shows the mapping between Security Problem Definition and Security Objectives
coming from [IC_ST1] and [IC_ST2]
Security Problem Definition
Security Objectives
from the IC chip
from the IC chip
A.Process-Sec-IC
OE.Process-Sec-IC
A.Plat-Appl
OE.Plat-Appl
A.Resp-Appl
OE.Resp-Appl
A.Key-Function
OE.Plat-Appl, OE.Resp-Appl
4.3.1 Security Objective Rationale for the TOE
<MRTD-relevant Security Objectives>
O.Management
This security objective ensures that the TOE provides the means to write user data in EF domain and
the means to write TSF data in secure memory only to the authorized personalization agent in the
Personalization phase and prevents unauthorized access using external interface by deactivating the
LDS application data writing function of the personalization agent in the Operational Use phase.
Therefore, this security objective is required to counter the threats of T.TSF_Data_Modification and
T.BAC_Authentication_Key_Disclose and to enforce the organizational security policies of
P.MRTD_Access_Control and P.Personalization_Agent.
Also, this security objective provides the manufacturer with the means to manage TOE including
initialization of MRTD application in the Initialization phase, therefore is required to counter the OSP
of P.Application_Program_Install, and this security objective provides the personalization agent with
the means to record CVCA certificate in secure memory in the Personalization phase, therefore is
required to counter the threat of T.IS_Certificate_Forgery.
This security objective provides the means to manage EAC disablement when personalizing MRTD
excluding MRTD biometric information according to the issuing policy, therefore contributes to enforce the organizational security policy of P.MRTD_Personalization_Policy.
O.Personalization_Agent_Authentication
This security objective ensure that the TOE provides the means to authorize user as personalization
agent for granting write-rights of TSF data in the Personalization phase, therefore is required to counter the threat of T.TSF_Data_Modification.
Since personalization agent authentication is conducted before performing the security role to write
information relevant to CVCA certificate, a user without the security role shall not be able to write
forged CVCA certificate. Therefore, forged IS certificate transmitted from outside shall be detected
and this is required to counter the threat of T.I_Certificate_Forgery.
This security objective ensures that the TOE provides the means to authorize personalization agent
to confirm that personalization subject is not changed, therefore contributes to enforce the organizational security policy of P.Personalization_Agent and P.MRTD_Access_Control.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 45 of 94
O.Initialization_Authentication
This security objective ensure that the TOE provides the means to authorize user as manufacturer
for granting management to select options, initialize function talbes and initialize EEPROM, etc.,
therefore is required to counter the OSP of P.Application_Program_Install.
Since personalization agent authentication is conducted before performing the security role to write
information relevant to CVCA certificate, a user without the security role shall not be able to write
forged CVCA certificate. Therefore, forged IS certificate transmitted from outside shall be detected
and this is required to counter the threat of T.I_Certificate_Forgery.
This security objective ensures that the TOE provides the means to authorize personalization agent
to confirm that personalization subject is not changed, therefore contributes to enforce the organizational security policy of P.Personalization_Agent and P.MRTD_Access_Control.
O.Security_Mechanism_Application_Procedures
This security objective is required to enforce the organizational security policy of
P.Security_Mechanism_Application_Procedures since the TOE ensures that the application order of
the PA, BAC and EAC security mechanisms according to 2.1.1 Standard MRTD Inspection Procedure and 2.1.2 Advanced MRTD Procedure of the EAC specifications and by not allowing requests
from the Inspection System that do not correspond to the security mechanism application order.
Also, this security objective is required to counter the threat of T.EAC-CA Bypass by eliminating the
cases of demonstrating the genuine TOE to the unauthorized Inspection System as it ensures the
application order of security mechanisms so that to enable the EAC-CA execution by only the Inspection System with access-rights for the EAC chip authentication public key through the BAC execution.
O.Session_Management
This security objective ensures that the TOE prevents authentication attempts of authentication in
order for access to forge and corrupt the personal data of the MRTD holder and terminates session
in case modification for the transmitted TSF data is detected. Therefore, this security objective is
required to counter the threat of T.Forgery_Corruption_Personal_Data.
Also, this security objective ensures that the TOE detects the EAC-TA failure of whom attempts access to read, maintains the EAC secure channel, and reduces attack chances, therefore is required
to counter the threat of T.Damage_to_Biometric_Data.
O.Secure_Messaging
This security objective ensures that the TOE establishes the BAC or EAC secure messaging for secure transmission of the personal and biometric data of the MRTD holder to the Inspection System,
and provides the confidentiality and integrity for the transmitted personal and biometric data of the
MRTD holder. Therefore, this security objective is required to counter the threats of
T.Damage_to_Biometric_Data and T.Eavesdropping. Also, this security objective ensures that the
TOE establishes the secure messaging when the authorized Personalization Agent wirtes TSF data,
and provides integrity of TSF data. Therefore, this security objective is required to counter the threat
of T.TSF_Data_Modification.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 46 of 94
Also, this security objective ensures that if The Personalization Agent requests the secure messaging
the TOE handles it, and that if The Personalization Agent does not request it, the TOE deactives the
secure messaging. Therefore, this security objective contributes to enforce the organizational
security policy of P.MRTD_Personalization_Policy.
O.Certificate_Verification
This security objective is required to enforce the organizational security policy of P. PKI as it ensures
for the TOE to check the valid date on the basis of the CVCA link certificate provided by the
Inspection System, therefore to automatically update the certificate and the current date.
This security objective is required to counter the threats of T.Damage_to_Biometric_Data and
T.IS_Certificate_Forgery by determining the status of forgery as the TOE verifies validity of the
CVCA link certificate, DV certificate and IS certificate in the EAC-TA.
O.Secure_State
This security objective is required to counter the threat of T.Malfunction as the TOE detects
modification of the TSF and data through self-testing, and protects the TOE itself by preserving a
secure state so that malfunction of TSF do not occur.
O.Deleting_Residual_Info
This security objective is required to counter the threat of T.Residual_Infoby deleting all of the previous security-related information (BAC session key and EAC session key, etc.) so that it is not included when the TOE collects memory resources, therefore ensuring that information is not available.
O.Replay_Prevention
This security objective is required to counter the threat of T.BAC_ReplayAttack by ensuring that the
TOE generates different values per session that are transmitted to the Inspection System in the BAC
mutual authentication. Also, this security objective is required to counter the threat of
T.SessionData_Reuse by ensuring that different random numbers are generated and used per each
session of security mechanism because the TOE ensures that the BAC authentication key is not
used as the BAC session key in the BAC mutual authentication and the BAC session key is not generated with the same random number used in the BAC mutual authentication and checks the status
of replay of random number transmitted by the EIS in the EAC.
O.Access_Control
This security objective is required to counter the threats of T. Forgery_Corruption_Personal Data,
T.Damage_to_Biometric_Data and T.Skimming and enforce the organizational security policy of
P.MRTD_Access_Control by implementing the rules of allowing or denying of Inspection System to
read user data in accordance with the MRTD access control policies by the personalization agent.
This security objective is required to counter the threats of T.TSF_Data_Modification and
T.BAC_Authentication_Key_Disclose as it allows the authorized personalization agent has the writerights of the MRTD application data in the Personalization phase and denies the access by personalization agent in the Operational Use phase.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 47 of 94
O.Handling_Info_Leakage
This security objective is required to counter the threat of T.Leakage_CryptographicKey_Info as the
TOE provides the means to prevent analyzing the leakage information (electric power and wave, etc.)
during cryptographic operation, and obtaining of key information.
O.AA
This security objective is required to counter the threat of T.IC_Chip_Forgery as the personalization
agent provides the Inspection System with the verification data for genuineness to detect the forged
MRTD chip .
O.BAC
This security objective is required to enforce the organizational security policy of
P.MRTD_Access_Control as the TOE implements the BAC security mechanism to control access to
the personal data of the MRTD holder, therefore grants the read-rights for the personal data of the
MRTD holder only to the authorized Inspection System of which the BAC mutual authentication is
successfully completed.
This security objective is required to counter the threats of T. Forgery_Corruption_Personal Data and
T.Skimming as the TOE allows the read-rights for the personal data of the MRTD holder only to the
authorized Inspection System by generating the BAC session key during the BAC mutual authentication and denies access by the Inspection System that does not have the read-rights.
O.EAC
This security objective is required to enforce the organizational security policy of
P.MRTD_Access_Control as the TOE implements the EAC-CA and EAC-TA to control access to the
biometric data of the MRTD holder, therefore grants the read-rights for the biometric data of the
MRTD holder only to the authorized Inspection System of which the EAC-TA is successfully completed.
This security objective is required to counter the threats of T.Damage_to_Biometric_Data and
T.Skimming as the TOE allows the read-rights for the biometric data of the MRTD holder only to the
authorized Inspection System through the EAC-TA by generating the EAC session key during the
EAC-CA and denies access by the Inspection System that does not have the read-rights.
O.IC_Chip
This security objective is required to support the assumption of A.IC_Chip as it uses EAL4+(SOFhigh) IC chip as a TOE component that generates random number and provides cryptographic operation in order to support security functions of the TOE and provides the malfunction detection and
physical protection, etc. Therefore, it is required to counter OSP P.IC_Chip.
Also, this security objective is required to counter the threat of T.Malfunction as the IC chip detects
malfunction outside the normal operating conditions, and this security objective is required to counter
the threat of T.Leakage_CryptographicKey_Info as it uses EAL5+ IC Chip that is assured.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 48 of 94
4.3.2 Security Objective Rationale for Operating Environment
OE.MRTD_Manufacturing_Security
This security objective for environment is required to counter the threat of T.MRTD_Reproduction by
ensuring that Physical security measures(security printing, etc.) for the MRTD are prepared to detect
reproduction of the MRTD chip and attack attempt of the Grandmaster chess, replacement of the
portrait and modification of the MRZ data, etc.
OE.Procedures_of_MRTD_Holder_Check
This security objective for environment is required to counter the threats of T.MRTD_Reproduction,
T.BAC_Authentication_Key_Disclose and T.EAC-CA_Bypass by implementing procedural security
measures in immigration process, such as procedures to check the printed identify information page
of the MRTD and to determine the forgery status of the MRTD book, etc.
OE.Application_Program_Install
This security objective for environment is required to enforce the organizational security policies of
P.Application_Program_Install by ensuring that only the application programs are loaded to the
MRTD chip in a secure manner by the Personalization agent.
OE.Certificate_Verification
This security objective for environment verifies the SOD after verifying regularly the DS certificate
and CRL in order for the Inspection System, such as the BIS and EIS, to verify for forgery and corruption of the MRTD identity data recorded in the TOE. Also, this security objective for environment
ensures for the EIS to securely maintain digital signature generation key that corresponds to the IS
certificate and to provide the TOE with the CVCA link certificate, DV certificate and IS certificate in
the EAC-TA. Therefore, this security objective for environment is required to counter the threats of
T.Damage_to_Biometric_Data, T. EAC-CA Bypass and T.IS_Certificate_Forgery and support the
assumption of A.Certificate_Verification.
OE.Personalization_Agent
This security objective for environment is required to enforce the organizational security policies of
P.International_Compatibility and P.Personalization_Agent by ensuring that the TOE is delivered to
the Operational Use phase after securely issuing the MRTD so that the personalization agent can
check that the issuing subject has not been changed, verifying normal operation and compatibility of
the MRTD in the Personalization phase and deactivating writing function. This security objective for
environment also is required to enforce the organizational security policy of
P.MRTD_Access_Control as it defines the role of the personalization agent. Also, this security objective for environment is required to support the assumption of A.Certificate_Verification because the
personalization agent makes certificates necessary in the PA and EAC support available to the Inspection System.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 49 of 94
This security objective for environment is required to counter the threat of T.TSF_Data_Modification
because the personalization agent deactivates writing function in the Operational Use phase, therefore disables the writing function for modification of the TSF data.
OE.Inspection_System
This security objective for environment is required to support the assumption of A.Inspection System
and enforce the organizational security policies of P.Security_Mechanism_Application_Procedures
and P.MRTD_Access_Control as the Inspection System implements and ensures application order of
security mechanisms in accordance with the type of the Inspection System so that not to violate the
MRTD access control policies of the personalization agent and by ensuring that information used in
communication with the TOE is securely destroyed after session termination.
This security objective for environment is required to counter the threat of T.Eavesdropping as the
confidentiality and integrity of the transmitted data are ensured by establishing the BAC secure messaging after generating the BAC session key through the BAC key distribution when the Inspection
System communicates with the TOE.
This security objective for environment is required to counter the threats of T. Forgery_Corruption_Personal Data, T.Damage_to_Biometric_Data, T.Skimming and T.EAC-CA_Bypass
as the Inspection System supports the BAC mutual authentication, EAC and PA.
This security objective for environment is required to counter the threat of T.SessionData_Reuse as
the Inspection System generates different temporary public key per session to be transmitted to the
TOE in the EAC-CA.
OE.MRZ_Entropy
This security objective for environment is required to support the assumption of A.MRZ_Entropy by
providing MRZ entropy necessary for the personalization agent to ensure the secure BAC authentication key.
OE.PKI
This security objective for environment is required to enforce the organizational security policy of P.
PKI and supports the assumption of A.Certificate_Verification by implementing and operating the
MRTD PKI System that executes certification practice according to CPS, such as to generate digital
signature key and to generate, issue, and distribute of certificates necessary in supporting PA and
EAC security mechanisms. Also, this security objective for environment is required to counter the
threat of T.Damage_to_Biometric_Data by generating, issuing and distributing certificates necessary
in the EAC through implementation of the EAC-PKI.
OE.Range_RF_Communication
This security objective for environment is required to counter the threat of T.Skimming and enforce
the organizational security policy of P.Range_RF_Communication by ensuring that RF communication distance between the MRTD chip and the Inspection System is less than 5cm and that RF communication channel is not established if the page of the MRTD attached with the IC chip is not
opened.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 50 of 94
<Rationale of the Security Objects for environment from the ST of the IC Chip>
OE. Plat-Appl (Usage of Hardware Platform)
This security objective for environment supports the assumption of A.Plat-Appl and A.Key-Function
by requiring Embedded S/W developer to implement while satisfying TOE guidance documents and
findings of IC chip evaluation report.
OE.Resp-Appl (Treatment of User Data)
This security objective for environment supports the assumption of A.Resp-Appl and A.Key-Function
by requiring Embedded S/W developer to handle sensitive application data such as cryptographic
keys in accordance with the security requirement considering the context of application program.
OE.Process-Sec-IC (Protection during composite product manufacturing)
This security objective for environment is required to counter the assumption of A.Process-Sec-IC by
requiring Composite Product Manufacturer to apply security procedure to maintain confidentiality and
integrity of the TOE through delivery to the end customer.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 51 of 94
5 Definition of Extended Component
ST defines FCS_RNG as follows that is declared in the ST of the IC chip.
FCS_RNG Generation of random numbers
Family behaviour
This family defines quality requirements for the generation of random numbers which are intended to
be used for cryptographic purpose.
Component levelling:
FCS_RNG Generatioin of random numbers
FCS_RNG.1
1
Generation of random numbers requires that random numbers meet a defined quality
metric.
Management: FCS_RNG.1
There are no management activities foreseen.
Audit:
FCS_RNG.1
There are no actions defined to be auditable.
FCS_RNG.1
Random number generation
Hierarchical to: No other components.
Dependencies: No dependencies.
FCS_RNG.1.1 The TSF shall provide a [selection: physical, non-physical true, deterministic, hybrid]
random number generator that implements: [assignment: list of security capabilities].
FCS_RNG.1.2 The TSF shall provide random numbers that meet [assignment: a defined quality
metric].
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 52 of 94
6 Security Requirements
Security requirements specify security functional requirements that must be satisfied by the TOE that
is specified in this ST and security functional and assurance requirements that must be satisfied
under the operational environment.
ST follows external entities such as the Personalization agent, BIS, EIS, MRTD IC Chip are specified
in PP.
This ST defines all subjects, objects, operation, security attributes employed in security requirements
as Table 15 as does in the PP. Also, it defines SSC(Send Sequence Counter) with session security
attributes related to establishing secure messaging.
Table 15. Definition of Subject, Object, related Security Attributes and Operation
Subject
Subject
Security
Attributes
Object
Object Security Attributes
Security attributes
Objects
Security
attributes
S bje ts
Security
attributes
of object’s
operation
BIS
BAC
authorization
Read-rights
EIS
BAC
authorization,
EAC
authorization
Personalization
Personalization
agent issuing
agent
authorization
Personal data of
the MRTD holder
the MRTD holder
MRTD
authentication data
Security attributes of
object’s access-rights
BAC authorization,
Write-rights
Personalization agent
issuing authorization
Read-rights
EAC authorization
Write-rights
Personalization agent
issuing authorization
Read-rights
BAC authorization,
EAC authorization
Write-rights
Read-rights
Personalization agent
issuing authorization
BAC authorization,
EAC authorization
EF.CVCA
Write-rights
Read-rights
Personalization agent
issuing authorization
BAC authorization,
EAC authorization
EF.COM
Write-rights
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 53 of 94
- Read
- Write
EAC authorization
Biometric data of
Operation
Personalization agent
issuing authorization
6.1 Terms and Definitions
In the security requirements, terms which are not defined clearly in chapter 9 are defined like below.
Table 16 Terms and Definitions Relevant to SFR
Terms
Initialization authentication key
Definitions
Symmetric keys such as encryption key and MAC key for initialization authentication that are used for the manufacturer to acquire initialization-right and to
conduct initialization of TSF data in a secure manner
Initialization session key
Symmetric keys such as encryption key and MAC key generated in accordance
with KDF using random number generated during initialization authentication
for initialization session that are used for each session by the authorized manufacturer to generate secure messaging in the manufacturing phase
Personalization
authentication key
Symmetric keys such as encryption key and MAC key personalization agent
authentication that are used for the personalization agent to acquire personalization-right and to conduct TSF data writing in a secure manner
Personalization
session key
Symmetric keys such as encryption key and MAC key generated in accordance
with KDF using random number generated during personalization agent authentication for personalization session that are used for each session by the
personalization agent to generate secure messaging in a secure manner
AA private key
The private key stored in the TOE seucre memory and used to generate digital
signature for AA security mechanism
AA public key
The public key read from the DG15 in the TOE and used to verify digital
signature for AA security mechanism
.
6.2 TOE Security Functional Requirements
The security functional requirements specified in this ST select and use the relevant functional components from Part2 of the CC to satisfy Security Objectives for the TOE in chapter 4.
<Cryptographic Support>
FCS_CKM.1(1) Cryptographic Key Generation (Key Derivation Mechanism)
Hierarchical to: No other components.
Dependencies: [FCS_CKM.2(1) Cryptographic key distribution (KDF Seed Distribution for BAC session key generation) and
FCS_CKM.2(2) Cryptographic key distribution (KDF Seed Distribution for EAC session key generation) or
FCS_COP.1 Cryptographic operation(One-way hash function)]
FCS_CKM.4 Cryptographic key destruction
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 54 of 94
FCS_CKM.1.1 The TSF shall generate encryption keys and MAC keys in accordance with a specified cryptographic key generation algorithm [Appendix 5.1 Key Derivation Mechanism] and specified
cryptographic key sizes [ 112 bit ] that meet the following: [ the ICAO specification ].
Application Notes : The personalization agent writes DG1 file and generate BAC authentication key
into the TOE , which generates the BAC session key and EAC session key by using key derivation
mechanism.
FCS_CKM.1(2) Cryptographic Key Generation (Initialization and Personalization Key Derivation Mechanism)
Hierarchical to: No other components.
Dependencies: [FCS_CKM.2(3) Cryptographic key distribution (KDF Seed Distribution for initialization and personalization session key generation) or
FCS_COP.1(3) Cryptographic operation(One-way hash function)]
FCS_CKM.4 Cryptographic key destruction
FCS_CKM.1.1 The TSF shall generate initialization session key of Manufacturer and personalization session key of Personalization agent in accordance with a specified cryptographic key
generation algorithm [Appendix 5.1 Key Derivation Mechanism] and specified cryptographic key sizes [ 128 bit ] that meet the following: [the ICAO specification].
FCS_CKM.2(1) Cryptographic Key Distribution(KDF Seed Distribution for BAC Session Key
Generation)
Hierarchical to: No other components
Dependencies : [FDP_ITC.1 Import of user data without security attributes, or
FDP_ITC.2 Import of user data with security attributes, or
FCS_CKM.1(1) Cryptographic key generation(Key Derivation Mechanism)]
FCS_CKM.4 Cryptographic key destruction
FCS_CKM.2.1 The TSF shall distribute KDF Seed for the BAC session key generation in accordance with a specified cryptographic key distribution method [ Key Establishment Mechanism 6 ]that
meets the following : [ ISO/IEC 11770-2 ]
Application Notes : The TOE uses TDES accelerator and SHA-1 cryptographic library are supported
by IC chip, for KDF Seed for the BAC session key
FCS_CKM.2(2) Cryptographic Key Distribution(KDF Seed Distribution for EAC Session Key
Generation)
Hierarchical to: No other components
Dependencies: [FDP_ITC.1 Import of user data without security attributes, or
FDP_ITC.2 Import of user data with security attributes, or
FCS_CKM.1(1) Cryptographic key generation(Key Derivation Mechanism)]
FCS_CKM.4 Cryptographic key destruction
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 55 of 94
FCS_CKM.2.1 The TSF shall distribute KDF Seed for the EAC session key generation in accordance with a specified cryptographic key distribution method [ specified cryptographic key distribution
method in Table 17 ] that meets the following: [ specified standard in Table 17 ]
Table 17 Cryptographic Key Distribution Standard and Method
Standard
Cryptographic Key Distribution Method
PKCS#3
Diffie-Hellman key-agreement protocol
ISO/IEC 15946-3
Elliptic curve Diffie-Hellman key-agreement protocol
Application Notes: The TOE uses DH, ECDH or SHA cryptographic library, supported by IC chip, for
KDF Seed for the EAC session key and supports key length as follows.
Table 18 Cryptographic Key Distribution Standard and Method
Standard
Key Length
DH
1024, 1280, 1536, 2048 bits
ECDH
192, 224, 256, 320, 384, 512 bits
FCS_CKM.2(3) Cryptographic Key Distribution(KDF Seed Distribution for Initialization and
Personalization Session Key Generation)
Hierarchical to: No other components
Dependencies : [FDP_ITC.1 Import of user data without security attributes, or
FDP_ITC.2 Import of user data with security attributes, or
FCS_CKM.1(2) Cryptographic key generation(Initialization and Personalization Key
Derivation Mechanism)]
FCS_CKM.4 Cryptographic key destruction
FCS_CKM.2.1 The TSF shall distribute KDF Seed for the Initialization and Personalization Session Key generation in accordance with a specified cryptographic key distribution method [ Key Establishment Mechanism 6 ]that meets the following : [ ISO/IEC 11770-2 ]
Application Notes : The TOE uses AES accelerator and SHA-256 cryptographic library are supported
by IC chip, for KDF Seed for the Initialization and Personalization session key generation.
FCS_CKM.4 Cryptographic Key Destruction
Hierarchical to: No other components
Dependencies: [FDP_ITC.1 Import of user data without security attributes, or
FDP_ITC.2 Import of user data with security attributes, or
FCS_CKM.1(1) Cryptographic key generation(Key Derivation Mechanism) and
FCS_CKM.1(2) Cryptographic key generation (initialization and personalization Keyderivation mechanism)]
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 56 of 94
FCS_CKM.4.1 The TSF shall destroy encryption keys and MAC keys in accordance with a specified cryptographic key destruction method [ deleting memory data physically by overwriting ] that
meets the following: [none].
FCS_COP.1(1) Cryptographic operation (Symmetric Key Cryptographic Operation)
Hierarchical to: No other components
Dependencies : [FDP_ITC.1 Import of user data without security attributes, or
FDP_ITC.2 Import of user data with security attributes, or
FCS_CKM.1(1) Cryptographic key generation(Key Derivation Mechanism) and
FCS_CKM.1(2) Cryptographic key generation (initialization and personalization Keyderivation mechanism)]
FCS_CKM.4 Cryptographic key destruction
FCS_COP.1.1 The TSF shall perform [ message encryption, decryption operation ] in accordance
with [ [specified cryptographic algorithms in Table 19] ] and cryptographic key sizes [[specified in
Table 19] ] that meet the following: [[ specified standards in Table 19] ].
Table 19 Symmetric Key Cryptographic Standards and Specifications
Standard
Cryptographic
Algorithm
Cryptographic Key
Size
ISO/IEC 18033-3 4.1
TDES
112 bit
ISO/IEC 18033-3 5.1
AES
128 bit
Application Notes : The TOE uses the TDES cryptographic algorithm for the confidentiality protection
of the transmitted data of the BAC or EAC secure messaging, for the BAC mutual authentication and
for the BAC key distribution. The TOE uses the AES cryptographic algorithm for the confidentiality
protection of the transmitted data of the initialization or personalization secure messaging, for the
initialization or personalization agent authentication and for the initialization or personalization authentication key and session key distribution.
FCS_COP.1(2) Cryptographic operation (MAC)
Hierarchical to: No other components
Dependencies : [FDP_ITC.1 Import of user data without security attributes, or
FDP_ITC.2 Import of user data with security attributes, or
FCS_CKM.1(1) Cryptographic key generation(Key Derivation Mechanism) and
FCS_CKM.1(2) Cryptographic key generation (initialization and personalization Keyderivation mechanism)]
FCS_CKM.4 Cryptographic key destruction
FCS_COP.1.1 The TSF shall perform [ MAC operation ] in accordance with [ [specified
cryptographic algorithms in ] ] and cryptographic key sizes [[specified in Table 20] ] that meet the
following: [[ specified standards in Table 20] ].
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 57 of 94
Table 20 MAC Standards and Specifications
Standard
Cryptographic
Algorithm
Cryptographic Key
Size
ISO/IEC 9797-1
Retail MAC
112 bit
NIST SP 800-38B
AES-CMAC
128 bit
Application Notes : The TOE uses the Retail MAC algorithm for the integrity protection of the transmitted data of the BAC or EAC secure messaging and for the BAC mutual authentication. The Retail
MAC uses the MAC algorithm 3, the block cipher DES, the sequence message counter and the padding mode 2 defined in ISO/IEC 9797-1. And the TOE uses the AES-CMAC algorithm for the integrity
protection of the transmitted data of the initialization or personalization secure messaging.
FCS_COP.1(3) Cryptographic operation (Hash Function)
Hierarchical to: No other components
Dependencies : [FDP_ITC.1 Import of user data without security attributes, or
FDP_ITC.2 Import of user data with security attributes, or
FCS_CKM.1(1) Cryptographic key generation(Key Derivation Mechanism) and
FCS_CKM.1(2) Cryptographic key generation (initialization and personalization Keyderivation mechanism)]
FCS_CKM.4 Cryptographic key destruction
FCS_COP.1.1 The TSF shall perform [ Hash operation ] in accordance with [ SHA-1,[SHA224,SHA-256, SHA-384, SHA-512] ] and cryptographic key sizes [ None ] that meet the following:
[ ISO/IEC 10118-3 ].
Application Notes : In the key derivation mechanism of the ICAO document, the SHA-1 is used as a
hash function in order to generate the session key used in the BAC or EAC secure messaging. An
the SHA-256 is used as a hash function in order to generate the session key used in the initialization
or personalization secure messaging and to protect the integrity of the transmitted data of the initialization or personalization secure messaging,
FCS_COP.1(4) Cryptographic operation (Digital Signature Verification for Certificates Verification)
Hierarchical to: No other components
Dependencies : [FDP_ITC.1 Import of user data without security attributes, or
FDP_ITC.2 Import of user data with security attributes, or
FCS_CKM.1(1) Cryptographic key generation(Key Derivation Mechanism)]
FCS_CKM.4 Cryptographic key destruction
FCS_COP.1.1 The TSF shall perform [ digital signature verification ] in accordance with [ RSASSAPKCS1-v1.5-SHA-256, RSASSA-PSS-SHA-256, ECDSA-SHA-224, ECDSA-SHA-256, [ RSASSAPKCS1-v1.5-SHA-1, RSASSA-PSS-SHA-1, ECDSA-SHA-1, ECDSA-SHA-384, ECDSA-SH-512] ]
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 58 of 94
and cryptographic key sizes [1024 ~ 2048 bit (RSA), 192 ~ 512 bit (ECDSA) ] that meet the following:
[ PKCS#1, ISO/IEC 15946-2 ].
Application Notes : In Appendix A.3 Terminal Authentication of the EAC specifications, the digital
signature algorithm, hash algorithm and digital signature key sizes are defined as of the following.
The TOE specifies the cryptographic key sizes specified in the following Table so that to counter
attackers possessing high attack potential required by AVA_VAN.5.
Table 21. Details of Digital Signature in the EAC Specifications
Digital Signature Algorithm
Hash Algorithm
Digital Signature Key Sizes
RSASSA-PKCS1-v1.5
SHA-1, SHA-256
1024,1280,1536,2048 bits
RSASSA-PSS
SHA-1, SHA-256
1024,1280,1536,2048 bits
ECDSA
SHA-1, SHA-224 / SHA-256,
SHA-384, SHA-512
192,224,256,320,384,512 bits
FCS_COP.1(5) Cryptographic operation (Digital Signature Generation for AA)
Hierarchical to: No other components
Dependencies : [FDP_ITC.1 Import of user data without security attributes, or
FDP_ITC.2 Import of user data with security attributes, or
FCS_CKM.1 Cryptographic key generation]
FCS_CKM.4 Cryptographic key destruction
FCS_COP.1.1 The TSF shall perform [ digital signature generation ] in accordance with [ RSASSAPKCS1-v1.5-SHA-1, ECDSA-SHA-1, ECDSA-SHA-224, ECDSA-SHA-256, ECDSA-SHA-384,
ECDSA-SHA-512 ] and cryptographic key sizes [ 1024 bit (RSA), 192 ~ 512 bit (ECDSA) ] that meet
the following: [ ISO/IEC 9796-2 Digital Signature scheme 1 ].
Application Notes : Appendix F. Active Authentication with ECDSA in the ICAO document defines
digital signature algorithms, hash algorithms, digital signature key lengths for AA. The TOE specifies
the cryptographic key sizes specified in the following Table so that to counter attackers possessing
high attack potential required by AVA_VAN.5.
Table 22. Details of Digital Signature in the AA Specifications
Digital Signature Algorithm
Hash Algorithm
Digital Signature Key Sizes
RSASSA-PKCS1-v1.5
SHA-1
1024 bits
ECDSA
SHA-1,SHA-224 / SHA-256,
SHA-384,SHA-512
192,224,256,320,384,512 bits
FCS_RNG.1 Random Number Generation
Hierarchical to: No other components
Dependencies : No dependencies
FCS_RNG.1.1 The TSF shall provide a physical random number generator that implements total
failure test of the random source.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 59 of 94
FCS_RNG.1.2 The TSF shall provide random numbers that meet AIS31 version 1 Functional Classes and Evaluation Methodology for Physical Random Number Generators, 25 September 2001, Class P2.
Application Notes: The SFR provided by IC chip is applied as it is.
<User Data Protection>
FDP_ACC.1 Subset Access Control
Hierarchical to: No other components.
Dependencies: FDP_ACF.1 Security attribute based access control
FDP_ACC.1.1 The TSF shall enforce the [ MRTD access control policy ] on [
a)
Subjects
(1) Personalization Agent
(2) BIS
(3) EIS
(4) [None]
b)
Objects
(1) Personal data of the MRTD holder
: EF.DG1, EF.DG2, EF.DG~EF.DG13, EF.DG16
(2) The biometric data of the MRTD holder
: EF.DG3, EF.DG4
(3) MRTD authentication data
: EF.DG14, EF.DG15, EF.SOD
(4) EF.CVCA
(5) EF.COM
(6) [None]
c)
Operations
(1) Read
(2) Write
(3) [None]
].
FDP_ACF.1 Security Attribute Based Access Control
Hierarchical to: No other components.
Dependencies: FDP_ACC.1 Subset access control
FMT_MSA.3 Static attribute initialization
FDP_ACF.1.1 The TSF shall enforce the [ MRTD access control policy ] to objects based on the
following: [ Table 23, Table 24, and [None] ].
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 60 of 94
Table 23. Subject-relevant Security Attributes
Subjects
Security Attributes
BIS
BAC authorization
EIS
BAC authorization, EAC authorization
Personalization Agent
Personalization Agent Issuing authorization
Table 24. Object-relavant Security Attributes
Security attributes
Objects
Security attributes of object’s
operation
Personal data of the MRTD
holder
Biometric data of the MRTD
holder
Security attributes of object’s
access-rights
Read-rights
BAC authorization, EAC authorization
Write-rights
Personalization Agent issuing
authorization
Read-rights
EAC authorization
Write-rights
Personalization Agent issuing
authorization
Read-rights
BAC authorization, EAC authorization
Write-rights
Personalization Agent issuing
authorization
Read-rights
BAC authorization, EAC authorization
Write-rights
Personalization Agent issuing
authorization
Read-rights
BAC authorization, EAC authorization
Write-rights
Personalization Agent issuing
authorization
MRTD authentication data
EF.CVCA
EF.COM
Application Notes: The BAC authorization is the right given to the user identified with the Inspection
System that supports the LDS Application by FIA_UID.1 when the BAC mutual authentication succeeds.
The EAC authorization is the right given when the Inspection System with the BAC authorization
succeeds in the EAC-CA and the EAC-TA and the read-rights of the biometric data is included in all
of CVCA certificate, DV certificate and IS certificate held by that Inspection System. Even when the
EAC-CA and the EAC-TA succeed, the Inspection System has only the BAC authorization if the certificates do not include the read-rights.
The personalization agent issuing authorization is the right given when the personalization agent to
be successfully authenticated in the Personalization phase.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 61 of 94
FDP_ACF.1.2 The TSF shall enforce the following rules to determine if an operation among controlled subjects and controlled objects is allowed: [
a) Execution of the operation is allowed only when security attributes of subjects are included in
security attributes of the object’s access-rights and operations corresponds to security attributes
of the object’s operation.
b) [None]
].
FDP_ACF.1.3. The TSF shall explicitly authorize access of subjects to objects based on the following
additional rules: [When the operational mode is initialized, personalization agent has permission for
delete of entity in the Personalization phase].
FDP_ACF.1.4. The TSF shall explicitly deny access of subjects to objects based on the [the following
rules].
a) Explicitly deny access of subjects to objects if instructions order of the Inspection System is
not correct in order to ensure the application order of security mechanisms according to 2.1 Inspection Procedures of the EAC specifications
b) Explicitly deny read of subjects to biometric data if there is no the read-rights of biometric data
in IS certificate of the EIS that has the EAC authorization
c) Explicitly deny access(read, write, etc.) of the unauthorized Inspection System to all objects
d) Explicitly deny access of the different operational mode to all objects
FDP_DAU.1 Basic Data Authentication
Hierarchical to: No other components.
Dependencies: No dependencies
FDP_DAU.1.1 The TSF shall provide a capability to generate evidence that can be used as a guarantee of the validity of [Active authentication private key].
FDP_DAU.1.2 The TSF shall provide [ BIS, EIS ] with the ability to verify evidence of the validity of
the indicated information.
Application Notes: TSF provides AA security mechanism up to maximum 2048 bits for RSA or maximum 256 bits for ECDSA.
FDP_RIP.1 Subset Residual Information Protection
Hierarchical to: No other components.
Dependencies: No dependencies
FDP_RIP.1.1 The TSF shall ensure that any previous information content of a resource made unavailable upon the retrieval of the resource from the following objects: [
a) BAC session key
b) EAC session key
c) [Random number
d) Initialization session key
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 62 of 94
e) Personalization session key
f) Active authentication private key]
Application Notes: After a session termination, the TSF shall not remain the BAC session key, the
EAC session key, random numbers, initialization session key, personalization authentication key, and
personalization session key in temporary memory. The BAC session key, the EAC session key, random numbers, initialization session key, personalization authentication key, and personalization session key, etc. can be ensured unavailable by destroying them with the method defined in
FCS_CKM.4.The BAC authentication key is stored into secure memory so it is excluded from the
residual information protection entity.
FDP_UCT.1 Basic Data Exchange Confidentiality
Hierarchical to: No other components.
Dependencies: [FTP_ITC.1 Inter-TSF trusted channel, or
FTP_TRP.1 Trusted path]
[FDP_ACC.1 Subset access control, or
FDP_IFC.1 Subset information flow control]
FDP_UCT.1.1 The TSF shall enforce the [ MRTD access control policy ] to be able to transmit, receive objects in a manner protected from unauthorized disclosure.
Application Notes: When the Inspection System successfully completes the BAC mutual authentication, the TSF protects from disclosure by using the BAC session encryption key. When the EAC-CA
is successfully executed, data transmitted thereafter are protected from disclosure by using the EAC
session encryption key. When the personalization agent is successfully authenticated, MRTD
user data can be protected via encryption with personalization agent session key.
FDP_UIT.1 Data Exchange Integrity
Hierarchical to: No other components.
Dependencies: [FDP_ACC.1 Subset access control, or
FDP_IFC.1 Subset information flow control]
[FTP_ITC.1 Inter-TSF trusted channel, or
FTP_TRP.1 Trusted path]
FDP_UIT.1.1 The TSF shall enforce the [ MRTD access control policy ] to be able to transmit, receive user data in a manner protected from modification, deletion, insertion errors.
FDP_UIT.1.2 The TSF shall be able to determine on receipt of user data, whether modification,
deletion, insertion has occurred.
Application Notes: The TSF protects integrity of the transmitted data by using the MAC key for BAC
session or EAC session. This provides the method of protection against modification, deletion and
insertion of user data. When the personalization agent chooses Secure Messaging after successful personalization agent authentication, MRTD user data can be protected from disclosure using personalization agent session key.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 63 of 94
<Identification and Authentication>
FIA_AFL.1(1) Authentication Failure Handling(Inspection System Authentication Failure)
Hierarchical to: No other components.
Dependencies: FIA_UAU.1(1) Authentication(BAC mutual Authentication), FIA_UAU.1(2) Authentication(EAC-TA)
FIA_AFL.1.1 The TSF shall detect when “[one at a single session given same random number]” unsuccessful authentication attempts occur related to [
a) BAC mutual authentication
b) EAC-TA
c) [None]
].
FIA_AFL.1.2
When the defined number of unsuccessful authentication attempts has been
met or surpassed, the TSF shall perform [the following Table 25].
Table 25. Authentication Failure Handling for Authentication Mechanism
Authentication Mechanism
Authentication Failure Handling
BAC mutual Authentication
User Sessin Termination
EAC-TA
Maintaining EAC Secure Messaging
Application Notes: When there is no separate request from The personalization agent at the EAC-TA
failure, EAC secure channel created from the EAC-CA should be maintained according to EAC
specification.
FIA_AFL.1 (2) Authentication Failure Handling(Initialization Authentication and Personalization agent authentication Failure)
Hierarchical to: No other components.
Dependencies: FIA_UAU.1(3) Timing of Authentication(Personalization agent authentication),
FIA_UAU.1(4) Timing of Authentication(Initialization Authentication)
FIA_AFL.1.1 The TSF shall detect when “[maximum retrial counter specified in below Table]” unsuccessful authentication attempts occur related to [
a) Initialization Authentcation
a) Personalization Authentcation
]
FIA_AFL.1.2
When the defined number of unsuccessful authentication attempts has been
met, the TSF shall [perform the failure handling action specified in below Table]
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 64 of 94
Table 26. Authentication Failure Handling for Authentication Mechanism (2)
Initialization
Authentication
Personalization
Agent
Authentication
Maximum Retrial Counter
Counter Actions to
Authentication Failure
Cumulatively 16, regardless of
the number of sessions
 Change the operational mode of
the kernel to Terminated
Cumulatively 10, regardless of
the number of sessions
 Change the operational mode of
the application to Disabled
 Reset TSF data and user data
to ‘0‘
FIA_UAU.1(1) Timing of Authentication (BAC Mutual Authentication)
Hierarchical to: No other components.
Dependencies to: FIA_UID.1(1) Timing of identification(MRTD user identification)
FIA_UAU.1.1
allow [
When operational mode of the application is Operational Use, the TSF shall
a) indication of the BAC mechanism support
b) [ none ]
] on behalf of the user to be performed before the BIS is authenticated.
FIA_UAU.1.2 The TSF shall require the BIS to be successfully authenticated before allowing any
other TSF-mediated actions on behalf of that user except the actions stipulated in FIA_UAU. 1.1.
Application Notes: BAC mechanism support mark means success of MRTD application selection and
execution.
FIA_UAU.1(2) Timing of Authentication (EAC-TA)
Hierarchical to: No other components.
Dependencies to: FIA_UAU.1(1) Timing of authentication(BAC Mutual Authentication)
FIA_UAU.1.1
allow [
When operational mode of the application is Operational Use, the TSF shall
a) to perform EAC-CA
b) to read user data except the biometric data of the MRTD holder
c) [ to perform AA ]
] on behalf of the user to be performed before the EIS is authenticated.
FIA_UAU.1.2 The TSF shall require the EIS to be successfully authenticated before allowing any
other TSF-mediated actions on behalf of that user except the actions stipulated in FIA_UAU. 1.1.
FIA_UAU.1(3) Timing of Authentication (Personalization agent authentication )
Hierarchical to: No other components.
Dependencies to: FIA_UID.1(1) Timing of identification (MRTD user identification)
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 65 of 94
FIA_UAU.1.1 When operational mode of the kernel is Personalization, the TSF shall allow [to
select and to execute MRTD application ] on behalf of the user to be performed before the MRTD
personalization agent is authenticated.
FIA_UAU.1.2 The TSF shall require the MRTD personalization agent to be successfully authenticated before allowing any other TSF-mediated actions on behalf of that user except the actions specified in FIA_UAU. 1.1.
FIA_UAU.1(4) Timing of Authentication (Initialization Authentication )
Hierarchical to: No other components.
Dependencies to: FIA_UID.1(2) Timing of identification (initialization user identification)
FIA_UAU.1.1 When operational mode of the kernel is Initialization, the TSF shall allow [to select and to execute MRTD application ] on behalf of the user to be performed before the manufacturer is authenticated.
FIA_UAU.1.2 The TSF shall require the manufacturer to be successfully authenticated before
allowing any other TSF-mediated actions on behalf of that user except the actions specified in
FIA_UAU. 1.1.
FIA_UAU.4 Single-Use Authentication Mechanisms
Hierarchical to: No other components.
Dependencies: No dependencies
FIA_UAU.4.1
The TSF shall prevent reuse of authentication data related to [
a) BAC mutual authentication
b) EAC-TA
c) [ Initialization authentication
d) Personalization agent authentication ]
FIA_UAU.5 Multiple Authentication Mechanisms
Hierarchical to: No other components.
Dependencies: No dependencies
FIA_UAU.5.1
The TSF shall provide [
a) BAC mutual authentication
b) EAC-TA
c) [ Initialization authentication
d) Personalization agent authentication ]
FIA_UAU.5.2
The TSF shall authenticate any user’s claimed identity according to the [
a) The BIS or EIS shall succeed the BAC mutual authentication in order to have the
BAC authorization and active authentication in case that Inspection System supports.
b) The EIS, in order to have the EAC authorization, shall succeed the BAC mutual authentication, EAC-CA and EAC-TA and active authentication in case that Inspection System sup-
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 66 of 94
ports and include the read-rights of biometric data in all of the CVCA certificate, DV certificate
and IS certificate. For this, the TSF shall provide the EAC-CA.
c) [To get initialization permission, the manufacturer should authenticate successfully.
d) To get personalization permission, the personalization agent should authenticate successfully]
].
Application Notes: AA authentication is performed according to personalization policy when relevant
TSF data and user data are personalized in the personalization phrase.
FIA_UID.1(1) Timing of Identification(MRTD User Identification)
Hierarchical to: No other components.
Dependencies: No dependencies
FIA_UID.1.1
The TSF shall allow [to establish the communication channel based on ISO/IEC
14443-4 ] on behalf of the user to be performed before the user is identified.
FIA_UID.1.2
The TSF shall require each user to be successfully authenticated before allowing any
other TSF-mediated actions on behalf of that user except the actions stipulated in FIA_UID. 1.1.
Application Notes: When external entities communicated with the TOE request the use of the LDS
Application, the TOE identifies it as the MRTD personalization agent or the Inspection System.
FIA_UID.1(2) Timing of Identification(Initialization User Identification)
Hierarchical to: No other components.
Dependencies: No dependencies
FIA_UID.1.1
The TSF shall allow [ to establish the communication channel based on the user’s
specification ] on behalf of the user to be performed before the user is identified.
FIA_UID.1.2
The TSF shall require each user to be successfully authenticated before allowing any
other TSF-mediated actions on behalf of that user except the actions stipulated in FIA_UID. 1.1.
Application Notes: When external entities communicated with the TOE send commands with regard
to initialization, the TOE identifies it as the Manufacturer.
<Security Management>
FMT_MOF.1(1) Management of Security Functions Behavior(Suspending write function)
Hierarchical to: No other components.
Dependencies: FMT_SMF.1 Specification of Management Functions
FMT_SMR.1 Security roles
FMT_MOF.1.1 The TSF shall restrict the ability to disable the functions [writing] to [personalization
agent in the Personalization phase ].
Application Notes: The personalization agent delivers the MRTD to the Operational Use phase by
deactivating writing function after recording the MRTD Application data in the Personalization phase.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 67 of 94
FMT_MOF.1(2) Management of Security Functions Behavior(Suspending EAC and Secure
Messaging)
Hierarchical to: No other components.
Dependencies: FMT_SMF.1 Specification of Management Functions (MRTD)
FMT_SMR.1 Security roles (Personalization Agent)
FMT_MOF.1.1 The TSF shall restrict the ability to disable the functions [
a) EAC
b) Secure Messaging in the personliazation phase
] to [ the personalization agent in the personalization phase ].
Application Notes: The personalization agent can make EAC function to be disable according to
MRTD perosnalization policy. At this point, DG3 and DG4 are not available in the operational use
phase. When The personalization agent makes and operates physical, personnel and procedural
security measures similar level to Secure Messaging in the Personalization phase, it may not use
Secure Messaging.
FMT_MSA.1 Management of Security Attributes
Hierarchical to: No other components.
Dependencies: [FDP_ACC.1 Subset access control or
FDP_IFC.1 Subset information flow control]
FMT_SMF.1 Specification of Management Functions
FMT_SMR.1 Security roles
FMT_MSA.1.1 The TSF shall enforce the [ MRTD access control policy ] to restrict the ability to
[ initialization ] the security attributes [ security attributes of subjects defined in FDP_ACF.1 ] to
[ TSF ].
Application Notes_: As an action to be taken if the TSF detects modification of the transmitted interTSF data in FPT_ITI.1, the TSF shall reset security attributes of subjects defined in FDP_ACF.1.
FMT_MSA.3 Static Attribute Initialization
Hierarchical to: No other components.
Dependencies: FMT_MSA.1 Management of security attributes
FMT_SMR.1 Security roles
FMT_MSA.3.1 The TSF shall enforce the [ MRTD access control policy ] to provide restrictive default values for security attributes that are used to enforce the SFP.
FMT_MSA.3.2 The TSF shall allow the [ TSF ] to specify alternative initial values to override the
default values when an object or information is created.
Application Notes_: When the TSF generates MRTD user data (EF.DG1~16, EF.SOD, EF.COM,
EF.CVCA) on behalf of The personalization agent in the Personalization phase, it initializes
operation security attributes and access control security attributes as specified in FDP_ACF.1.1.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 68 of 94
FMT_MTD.1(1) Management
Authentication Key)
of
TSF
Data
(Certificate
Verification
Information
and
Hierarchical to: No other components.
Dependencies: FMT_SMF.1 Specification of Management Functions(MRTD Issuing Management)
FMT_SMR.1 Security roles(Personalization Agent)
FMT_MTD.1.1 The TSF shall restrict the ability to [ write in secure memory ] the [
a) EAC chip authentication private key
b) initial current date
c) initial CVCA certificate
d) initial CVCA digital signature verification key
e) [ active authentication private key, personalization authentication key ]
] to [ personalization agent in the Personalization phase ].
Application Notes: The issuing key defined in FIA_UAU.1.(3) for The personalization agent to get
issuing right can be a generated key at the manufacturing phase or updated key in the Personalization phase..
FMT_MTD.1(2) Management of TSF Data (SSC initialization)
Hierarchical to: No other components.
Dependencies: FMT_SMF.1 Specification of Management Functions(MRTD Issuing Management)
FMT_SMR.1 Security roles(Personalization Agent)
FMT_MTD.1.1 The TSF shall restrict the ability to modify the [ SSC(Send Sequence Counter) ] to
[TSF].
Application Notes_: The TSF shall initialize SSC as ‘0’ in order to terminate the BAC secure messaging before establishing the EAC secure messaging after generating the EAC session key.
FMT_MTD.1(3) Management of TSF Data(Operational Mode Management)
Hierarchical to: No other components.
Dependencies: FMT_SMF.1 Specification of Management Functions
FMT_SMR.1 Security roles
FMT_MTD.1.1 The TSF shall restrict the ability to [operate specified below] the [TSF data specified
below ] to [the authroized roles specified below].
Table 27. TSF Data Operations for Each Authorized Role
TSF Data
Operations
Authroized Roles
Operational Mode
Inquiry, Alter
Manufacturer in Manufacturing phase,
Personalization agent in Personalization
phase
Initialization Data
Write in secure memory
Manufacturer in Manufacturing phase
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 69 of 94
Application Notes : Manufacturer in Manufacturing phase means Embedded S/W developer, but can
be an MRTD manufacturer delegated by Embedded S/W developer.
FMT_MTD.1(4) Management of TSF Data (Generating and Storing BAC Authentication Key)
Hierarchical to: No other components.
Dependencies: FMT_SMF.1 Specification of Management Functions
FMT_SMR.1 Security roles
FMT_MTD.1.1 The TSF shall restrict the ability to [generate and store] the [ BAC Authentication
Key ] to [TSF].
Application Notes_: The TSF automatically calculates BAC authentication key using personalized
MRZ and store it after writing DG1 file.
FMT_MTD.3 Secure TSF Data
Hierarchical to: No Other Components.
Dependencies: FMT_MTD.1(1) Management of TSF data(Certificate verification information and
authentication key)
FMT_MTD.3.1 The TSF shall ensure that only secure values are accepted for [ MRTD TSF data].
Application Notes: The TSF shall use only secure value safe as random numbers so as to respond to
high attack potential. The TSF shall preserve secure values by verifying valid data of the CVCA link
certificate, DV certificate and IS certificate provided by the EIS when executing the EAC-TA and internally updating the CVCA certificate, CVCA digital signature verification key, current date and
EF.CVCA if necessary. The TSF shall use only secure value as random numbers in AA security
mechanism.
FMT_SMF.1 Specification of Management Functions
Hierarchical to: No other components.
Dependencies: No dependencies.
FMT_SMF.1.1 The TSF shall be capable of performing the following security management functions:
[
a) Function to write user data and TSF data in the Personalization phase
b) Function to verify and update the CVCA certificate, CVCA digital signature verification key and
current data in the Operational Use phase and TSF data management such as MRTD subject
and object security attribute and SSC initialization
c) [Function to decide to enable EAC in the Personalization phase
d) Halt security function such as writing, EAC and Secure Messaging in the Personalization
phase
e) Managing operational mode
f) Initialization of secure memory area with initialization data in Manufacturing phase
g) BAC authentication key generation and storage in the Personalization
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 70 of 94
].
FMT_SMR.1 Security Roles
Hierarchical to: No other components.
Dependencies: FIA_UID.1(1) Timing of Identification(MRTD User Identification), FIA_UID.1(2)
Timing of Identification(Initialization User Identification)
FMT_SMR.1.1 The TSF shall maintain the roles [
a) Personalization agent
b) [ Manufacturer ]
].
FMT_SMR.1.2 The TSF shall be able to associate users with roles.
Application Notes: In the function to security management defined by FMT_SMF.1, the personalization agent performs a),c),d), Manufacturer performs f), Manufacturer and Personalization agent in Manufacturing phase performs e) and the TSF performs b),g). However the TSF
is not a user thus is not defined as security roles.
<Privacy>
FPR_UNO.1 Unobservability
Hierarchical to: No other components.
Dependencies: No dependencies.
FPR_UNO.1.1 The TSF shall ensure that [ external entity ] are unable to observe the operation [
a) FCS_COP.1(1) Cryptographic operation (Symmetric Key Cryptographic Operation)
b) FCS_COP.1(2) Cryptographic operation (MAC)
c) FCS_COP.1(4) Cryptographic operation (Digital Signature Verification for Certificates
Verification)
d) [FCS_COP.1(5) Cryptographic operation (Digital Signature Generation for AA)]
] on [
a) BAC authentication key
b) BAC session key
c) EAC session key
d) EAC chip authentication private key
e) [AA chip authentication priviate key
f) Initialization authentication key
g) Initialization session key
h) Personalization authentication key
i) Personalization session key]
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 71 of 94
Application Notes: The external entity may find out and exploit the cryptography‐related data from
physical phenomena(change of current, voltage and electromagnetic, etc.) occurred when the TSF
performs cryptographic operations. The TSF provides the means to counter attacks, such as DPA
and SPA, etc.
<TSF Protection>
FPT_ITC.1 Inter-TSF Confidentiality during Transmission
Hierarchical to: No other components.
Dependencies: None
FPT_ITC.1.1 The TSF shall protect all TSF data transmitted from the TSF to another trusted IT
product from unauthorized disclosure during transmission.
Application Notes: Secure Messaging is provided optionally according to the manufacturing environment and Secure Messaging is provided including encryption optionally according to the personalization agent’s policy in the personalization phase.
FPT_ITI.1 Inter-TSF Detection of Modification
Hierarchical to: No other components.
Dependencies: No dependencies
FPT_ITI.1.1
The TSF shall provide the capability to detect modification of all TSF data during
transmission between the TSF and a remote trusted IT product within the following metric: [ strength
of Retail MAC ].
FPT_ITI.1.2
The TSF shall provide the capability to verify the integrity of all TSF data transmitted
between the TSF and a remote trusted IT product and perform [
a) Termination of BAC secure messaging or EAC secure messaging
b) Deletion of BAC session key or EAC session key
c) Management action specified in FMT_MSA.1
d) [Termination of personalization agent communication channel
e) Deletion of Personalization agent session key
f) Termination of initialization communication channel
g) Deletion of Initialization session key]
] if modifications are detected.
Application Notes: The Strength of Retail MAC is equivalent to the secure Retail MAC specified in
FCS_COP.1(2) or more. The TSF shall provide means to protect integrity of initialization data
from alteration, deletion, and insertion using initialization session key. The TSF shall provide
means to protect integrity of TSF data from alteration, deletion, and insertion using personalization session key in Personalization phase according to the personalization agent’s policy.
Secure Messaging shall be conducted in Operational Use phase.
FPT_FLS.1 Failure with Preservation of Secure State
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 72 of 94
Hierarchical to: No other components.
Dependencies: No dependencies
FPT_FLS.1.1
The TSF shall preserve a secure state when the following types of failures occur: [
a) Failure detected at self-testing by FPT_TST.1
b) Conditions outside the normal operating of the TSF detected by the IC chip
c) [None ]
].
FPT_PHP.3 Resistance to physical attack
Hierarchical to: No other components.
Dependencies: No dependencies
FPT_PHP.3.1 The TSF shall resist [physical manipulation and physical probing] to [TSF] by responding automatically such as that the SFRs are always enforced.
Application Notes : The SFR provided by the IC chip is applied as it is.
FPT_TST.1 TSF Testing
Hierarchical to: No other components.
Dependencies: No dependencies
FPT_TST.1.1 The TSF shall run a suite of self tests during operation to demonstrate the correct
operation of the [ function to guarantee secure random numbers defined in FMT_MTD.3 ].
FPT_TST.1.2 The TSF shall provide the personalization agent with the capability to verify the
integrity of [EAC chip authentication private key, active authentication private key, CVCA certificate,
CVCA digital signature verification key, personalization authentication key, MRTD access condition,
current data, BAC authentication key]
FPT_TST.1.3 The TSF shall provide the personalization agent with the capability to verify the
integrity of TSF
6.3 TOE Security Assurance Requirements
Security assurance requirements for this security target document consist of the following components from part 3 of the CC like PP, evaluation level is EAL4+ (ADV_IMP.2, ALC_DVS.2,
ALC_CMS.5, ALC_TAT.2, ATE_DPT.2, AVA_VAN.5). Assurance components are summarized in the
following Table 28.
The assurance components are augmented as follows:
 ADV_IMP.2
“Complete mapping of the implementation representation of the TSF”
 ALC_DVS.2
“Sufficiency of security measures“
 ALC_CMS.5
“Development tools CM coverage“
 ALC_TAT.2
“Compliance with implementation standards “
 ATE_DPT.2
“Testing: security enforcing modules”
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 73 of 94
 AVA_VAN.5
“High formulated vulnerability analysis”
Table 28. Security Assurance Requirements
Assurance
class
Assurance component
ASE_INT.1
ST Introduction
ASE_CCL.1
Conformance claims
ASE_SPD.1
Security problem definition
Security target ASE_OBJ.2
evaluation
ASE_ECD.1
Life cycle
support
Extended components definition
ASE_REQ.2
Derived security requirements
ASE_TSS.1
TOE summary specification
ADV_ARC.1
Security architecture description
ADV_FSP.4
Complete functional specification
ADV_IMP.2
Complete mapping of the implementation representation of the
TSF
ADV_TDS.3
Basic modular design
AGD_OPE.1
Operational user guidance
AGD_PRE.1
Preparative procedures
ALC_CMC.4
Production support, acceptance procedures and automation
ALC_CMS.5
Development tools CM coverage
ALC_DEL.1
Delivery procedures
ALC_DVS.2
Sufficiency of security measures
ALC_LCD.1
Developer defined life-cycle model
ALC_TAT.2
Compliance with implementation standards
ATE_COV.2
Analysis of coverage
ATE_DPT.2
Testing: security enforcing modules
ATE_FUN.1
Functional testing
ATE_IND.2
Independent testing - sample
AVA_VAN.5
Advanced methodical vulnerability analysis
Development
Guidance
documents
Security objectives
Tests
Vulnerability
analysis
6.4 Security Requirements Rationale
The rationale for security requirements demonstrates that the described IT security requirements are
suitable to satisfy security objectives and, as a result, appropriate to address security problems.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 74 of 94
6.4.1 Security Functional Requirements Rationale
The rationale of TOE security functional requirements demonstrates the followings :
- Each TOE security objective has at least one TOE security functional requirement tracing to it.
- Each TOE security functional requirement traces back to at least one TOE security objectives.
Table 29 presents the mapping between the security objectives and the security functional
requirements.
Table 29. Mappings between Security Objectives and Security Functional Requirements
TOE Security Objectives
X
X
O.IC_Chip
O.EAC
X
O.BAC
O.AA
O.Handling_Info_Leakage
O.Access_Control
O.Replay_Prevention
O.Deleting_Residual_Info
O.Secure State
O.Certificate_Verification
O.Secure_Messaging
X
O.Session_Management
X
O.Security_Mechanism_Applicati
on_Procedures
FCS_CKM.1(1)
FCS_CKM.1(2)
FCS_CKM.2(1)
FCS_CKM.2(2)
FCS_CKM.2(3)
FCS_CKM.4
FCS_COP.1(1)
FCS_COP.1(2)
FCS_COP.1(3)
FCS_COP.1(4)
FCS_COP.1(5)
FCS_RNG.1
FDP_ACC.1
FDP_ACF.1
FDP_DAU.1
FDP_RIP.1
FDP_UCT.1
FDP_UIT.1
FIA_AFL.1(1)
FIA_AFL.1(2)
FIA_UAU.1(1)
FIA_UAU.1(2)
FIA_UAU.1(3)
FIA_UAU.1(4)
FIA_UAU.4
FIA_UAU.5
O.Initialization_Authentication
Security
Functional
Requirements
O.Personalization_Agent_Authen
tication
O. Management
Security
Objectives
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 75 of 94
X
X
X
X
X
X
X
X
X
X
X
TOE Security Objectives
O.EAC
X
X
O.IC_Chip
O.BAC
X
O.AA
O.Handling_Info_Leakage
O.Access_Control
O.Replay_Prevention
O.Deleting_Residual_Info
O.Secure State
O.Certificate_Verification
O.Secure_Messaging
O.Session_Management
O.Security_Mechanism_Applicati
on_Procedures
FIA_UID.1(1)
FIA_UID.1(2)
FMT_MOF.1(1)
FMT_MOF.1(2)
FMT_MSA.1
FMT_MSA.3
FMT_MTD.1(1)
FMT_MTD.1(2)
FMT_MTD.1(3)
FMT_MTD.1(4)
FMT_MTD.3
FMT_SMF.1
FMT_SMR.1
FPR_UNO.1
FPT_ITC.1
FPT_ITI.1
FPT_FLS.1
FPT_PHP.3
FPT_TST.1
O.Initialization_Authentication
Security
Functional
Requirements
O.Personalization_Agent_Authen
tication
O. Management
Security
Objectives
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
6.4.2 Security Assurance Requirements Rationale
The security assurance level of this ST is selected as EAL4+( ADV_IMP.2, ALC_DVS.2, ALC_CMS.5,
ALC_TAT.2, ATE_DPT.2, AVA_VAN.5) considering the asset value and threat level which TOE protects.
EAL4 permits a developer to gain maximum assurance from positive security engineering based on
good commercial development practices which, though rigorous, do not require substantial specialist
knowledge, skills, and other resources. EAL4 is the highest level at which it is likely to be economically feasible to retrofit to an existing product line.
EAL4 is therefore applicable in those circumstances where developers or users require a moderate
to high level of independently assured security in conventional commodity TOEs and are prepared to
incur additional security‐specific engineering costs.
ST augmented assurance components partially higher than EAL4 as follows.

ADV_IMP.2
“Complete mapping of the implementation representation of the TSF”
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 76 of 94

ALC_DVS.2
“Sufficiency of security measures“

ALC_CMS.5
“Development tools CM coverage“

ALC_TAT.2
“Compliance with implementation standards “

ATE_DPT.2
“Testing: security enforcing modules”

AVA_VAN.5
“High formulated vulnerability analysis”
6.4.3 Rationale of Dependency
<Dependency of TOE Security Functional Requirements>
Table 30 shows dependency of TOE functional components.
Table 30. Dependency of TOE Functional Components
No.
SFR of ST
1
FCS_CKM.1(1)
2
FCS_CKM.1(2)
3
FCS_CKM.2(1)
4
Dependency as specified by CC Part 2
Dependency of ST
(Refer to Column 1)
[FCS_CKM.2 or FCS_COP.1]
FCS.CKM.4
[FCS_CKM.2 or FCS_COP.1]
FCS.CKM.4
[FDP_ITC.1 or FDP_ITC.2 or FCS_CKM.1]
FMT_CKM.4
3,4
6
5
6
1
6
FCS_CKM.2(2)
[FDP_ITC.1 or FDP_ITC.2 or FCS_CKM.1]
FMT_CKM.4
1
6
5
FCS_CKM.2(3)
[FDP_ITC.1 or FDP_ITC.2 or FCS_CKM.1]
FMT_CKM.4
2
6
6
FCS_CKM.4
[FDP_ITC.1 or FDP_ITC.2 or FCS_CKM.1]
1,2
7
FCS_COP.1(1)
[FDP_ITC.1 or FDP_ITC.2 or FCS_CKM.1]
FCS_CKM.4
1,2
6
8
FCS_COP.1(2)
[FDP_ITC.1 or FDP_ITC.2 or FCS_CKM.1]
FCS_CKM.4
1,2
6
9
FCS_COP.1(3)
[FDP_ITC.1 or FDP_ITC.2 or FCS_CKM.1]
FCS_CKM.4
None
6
10
FCS_COP.1(4)
[FDP_ITC.1 or FDP_ITC.2 or FCS_CKM.1]
FCS_CKM.4
1
6
11
FCS_COP.1(5)
[FDP_ITC.1 or FDP_ITC.2 or FCS_CKM.1]
FCS_CKM.4
None
6
12
13
FCS_RNG.1
FDP_ACC.1
14
FDP_ACF.1
15
16
FDP_DAU.1
FDP_RIP.1
FDP_ACF.1
FDP_ACC.1
FMT_MSA.3
-
14
13
32
-
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 77 of 94
No.
SFR of ST
Dependency as specified by CC Part 2
[FTP_ITC.1 or FTP_TRP.1]
[FDP_ACC.1 or FDP_IFC.1]
[FDP_ACC.1 or FDP_IFC.1]
[FTP_ITC.1 or FTP_TRP.1]
Dependency of ST
(Refer to Column 1)
None
13
13
None
17
FDP_UCT.1
18
FDP_UIT.1
19
FIA_AFL.1(1)
FIA_UAU.1
21,22
20
FIA_AFL.1(2)
FIA_UAU.1
23,24
21
FIA_UAU.1(1)
FIA_UID.1
27
22
FIA_UAU.1(2)
FIA_UAU.1(1)
21
23
FIA_UAU.1(3)
FIA_UID.1
27
24
FIA_UAU.1(4)
FIA_UID.1
28
25
FIA_UAU.4
-
-
26
FIA_UAU.5
-
-
27
FIA_UID.1(1)
-
-
28
FIA_UID.1(2)
-
-
29
FMT_MOF.1(1)
30
FMT_MOF.1(2)
31
FMT_MSA.1
32
FMT_MSA.3
33
FMT_MTD.1(1)
34
FMT_MTD.1(2)
35
FMT_MTD.1(3)
36
FMT_MTD.1(4)
37
38
39
40
FMT_MTD.3
FMT_SMF.1
FMT_SMR.1
FPR_UNO.1
41
42
43
44
45
FPT_FLS.1
FPT_ITC.1
FPT_ITI.1
FPT_PHP.3
FPT_TST.1
FMT_SMF.1
FMT_SMR.1
FMT_SMF.1
FMT_SMR.1
[FDP_ACC.1 or FDP_IFC.1]
FMT_SMF.1
FMT_SMR.1
FMT_MSA.1
FMT_SMR.1
FMT_SMF.1
FMT_SMR.1
FMT_SMF.1
FMT_SMR.1
FMT_SMF.1
FMT_SMR.1
FMT_SMF.1
FMT_SMR.1
FMT_MTD.1
FIA_UID.1
38
39
38
39
13
38
39
31
39
38
39
38
39
38
39
38
39
33
27
-
-
-
-
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 78 of 94
<Dependency of TOE Security Assurance Requirements>
The dependency of EAL4 provided in Common Criteria is already satisfied. Therefore, the rationale
for this is omitted. The dependency of the augmented security assurance requirements is as shown
in Table 31.
AVA_VAN.5 has dependency with ADV_IMP.1 and ATE_DPT.1. This is satisfied by ADV_IMP.2 and
ATE_DPT.2 with hierarchical relationship. There are no dependencies about ALC_CMS.5 and
ALC_DVS.2
Table 31 Dependency of the Augmented Assurance Component
No
Assurance Component
Dependency
Ref. No.
1
ADV_IMP.2
ADV_TDS.3
ALC_TAT.1
ALC_CMC.5
2
ALC_CMS.5
None
-
3
ALC_DVS.2
None
-
4
ALC_TAT.2
ADV_IMP.1
EAL4
5
ATE_DPT.2
ADV_ARC.1
ADV_TDS.3
ATE_FUN.1
EAL4
EAL4
EAL4
AVA_VAN.5
ADV_ARC.1
ADV_FSP.4
ADV_TDS.3
ADV_IMP.1
AGD_OPE.1
AGD_PRE.1
ATE_DPT.1
EAL4
EAL4
EAL4
1
EAL4
EAL4
5
6
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 79 of 94
EAL4
EAL4
None
7 TOE Summary Specification
This section shows TOE security functionality to satisfy TOE security functional requirements, and
defines TOE assurance measures to satisfy TOE assurance requirements. Detailed contents of TSF
will be described in TOE specification.
7.1 TOE Security Functionality
<TSF of IC chip used in the TOE>
Among TSFs of the IC chip specified in [ST_IC1] and [ST_IC2], the following security functions are
used in the TOE. The security function, de-synchronization and signal-to-noise ratio reduction mechanisms, provided by the IC chip is used when 3DES, AES, RSA, DH, ECDSA, ECDH provided by the
IC chip are used in accordance with the guidance of [SAN].
Table 32 TSF of IC chip used in the TOE
TSF of the IC chip
Relevant
SFR of the
IC chip
TOE’s Detectors
FPT_FLS.1
Active Shield
FPT_PHP.3
FDP_ITT.1
FPT_ITT.1
Memory Encryption
De-synchronization and
signal-to-noise ratio
reduction mechanisms
FDP_IFC.1
FDP_ITT.1
FPT_ITT.1
TSF of the IC chip summary
Relevant TOE security
functionality
Security detector functions that detect
and perform counter actions to
abnormal conditions such as abnormal
frequency, abnormal voltage, abnormal
temperature, light, inner insulation
removal, active shield removal, power
glitch which can compromise the secure
state of the IC chip.
7.1.11
Unbypassable shielding functions that
prevent physical penetration attacks
from being realized
7.1.11
Security functions that prevent data
stored in the IC chip secure memory
and transmitted internally from being
analyzed.
7.1.11
Security functions such as Internal
Variable Clock, Random Current
Generator, Random Wait Generator
that make probing attacks and sidechannel attacks more difficult.
7.1.4, 7.1.5, 7.1.6, 7.1.7,
7.1.8, 7.1.9
7.1.1, 7.1.5, 7.1.6, 7.1.8,
7.1.10
TRNG
FCS_RNG.1
AIS31 Class
provision
P2-compliant
3DES
FCS_COP.1
Secure 3DES cryptographic operation
provision
7.1.5, 7.1.9
AES
FCS_COP.1
Secure AES cryptographic operation
provision
7.1.1, 7.1.11
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 80 of 94
TRNG
RSA (DH)
FCS_COP.1
Secure RSA (DH)
operation provision
cryptographic
ECDSA
FCS_COP.1
Secure ECDSA cryptographic operation
provision
7.1.4, 7.1.6, 7.1.8
ECDH
FCS_COP.1
Secure ECDH cryptographic operation
provision
7.1.7
SHA
FCS_COP.1
Secure SHA cryptographic operation
provision
7.1.1, 7.1.4, 7.1.5, 7.1.6,
7.1.7, 7.1.11
7.1.4, 7.1.6, 7.1.7, 7.1.8
7.1.1 Initialization/Personalization Agent Authentication and Generation of
Authentication Key/Session Key of Each Mechanism
CS shall perform initialization authentication mechanism and IA shall perform personalization
agent authentication mechanism applying authentication rule to identify users. CS and SS shall
check authentication failure retrial counter before each authentication is performed, and stop
each authentication procedure and initialize in case the retrial counter exceeds the maximum
counter. In case initialization or personalization agent authentication fail, initialization session
keys or personalization authentciation and session keys are destructed with assistance of CS or
IA for each.
7.1.2 Identification of MRTD Application (AID : A0000002471001)
COS application containing MRTD Application ID shall be activated by Select File command and
thereafter receive commands following APDU handling by CR. MRTD Application shall interprete
the receiving commands via ER and process them.
7.1.3 Management of TOE Initialization and Operational Mode
Only when Manufacturer acquires initialization permission via initialization authentication in the
manufacturing phase, CS shall receive initialization data following initialization request of
Manufacturer and install MRTD TSF data such as MRTD operational mode, MRTD access
conditions and personalization authentication keys while initializing MRTD application. CS shall
change the operational mode of the Kernel to Operational Use and that of the application to
Personalization where MRTD application can be personalized via the request of Manufacturer
SS shall change the operational mode of the MRTD application. The mode of the MRTD
application can be changed only when personalization permission is acquired through
personalization agent authentication of IA and consists of 3 modes. Change to Operational Use
shall be conducted after user data are assured to be personalized and in case of change to
Disabled, user data and MRTD TSF data shall be deleted with assistance of HW.
ER shall check the operational mode of the MRTD application and control updates on MRTD
user data and MRTD TSF data.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 81 of 94
7.1.4 Personalization of MRTD User Data and TSF Data
SS shall be able to change MRTD access condition to ‘EAC disabled‘ according to
personalization agnet’s request, and call CF to verify certificate for CVCA public key before
writing it in the nonvolatile memory. SS shall write information required to verify certificate chain
such as CVCA public key in the nonvlatile memory with assistance of HW.
SS shall write AA priate key, EAC-CA private key and personalization authentication keys in the
nonvolatile memory with assistance of HW. When DG1 is written in the nonvolatile memory,
MRZ shall be generated from DG1 and BAC authentication keys are generated with the
assistance of CF to be written permanently with assistance of CF
SS shall perform to personalize of MRTD user data and TSF data and MRTD access condition
after checking personalization permission is acquired.
7.1.5 BAC and MRTD Access
ER shall call IA applying authentication rule in order that BAC is performed to authenticate BIS
via user identification. IA shall authenticate BIS via implementing BAC in accordance with ICAO
specifications with assistance of CF. After successful authentication, the BIS subject right shall
be set to BAC right with assistance of HW and BAC session keys shall be generated for BAC
secure messaging.
All the intermediate values calculated during operation shall be disappeared when a session is
terminated or power is not supplied, or destructed in a secure manner when authentication fails.
After successful BAC authentication, BIS shall be able to access every data group except DG3
and DG 4 via secure messaging within the relevant session.
7.1.6 AA
After credentials from Internal Authenticate command with secure messaging are received by
the TOE securely, IA shall assemble the message F using RND.IFD received through IO and CR
to be signed in accordance with Apendix A6.1.3 Active Authentication procedure of the ICAO
document and sign using AA private key.
The digital signature shall be transmitted to the inspection system via IO as the data of the
response message and used to check genuineness of the IC chip in accordance with Apendix
A6.1.3 Active Authentication procedure of the ICAO document.
When AA fails, the session shall be terminated and the residual information shall be destructed.
7.1.7 EAC-CA
IA shall generate EAC session keys required for EAC secure messaging with assistance of CF
and initialize SSC. SSC shall be set to ‘0‘ after derivation of the session keys using the shared
secret key as KDF seed value.
7.1.8 EAC-TA
ER shall call IA applying authentication rule in order that EAC is performed to authenticate EIS
via user identification.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 82 of 94
IA shall assign CVCA or DV public key to verify certificate chain after parsing the certificate with
assistance of US. IA shall verify the certificate using the assigned public keys with assistance of
CF. IA shall check the cerficiate structure received by CR with assistance of UF and verify the
cerificate using the assigned public keys with assistance of CF.
After successful EAC authentication, IA shall assign EIS subject right to EAC right with
assistance of HW. After EAC fails, subject right shall be initialized to prevent accessing
DG3/DG4 but the EAC secure messaging shall be maintained.
SS shall search the requested file from the file table in order to allow EIS to read MRTD holder’s
sensitive biometric data, and check if EAC authentication succeeded and access permission to
DG3/DG4 is included in the certificate. In case EAC permission is matched, the requested length
of DG3/DG4 data shall be transmitted outside via IO.
7.1.9 Secure Messaging after Personalization Agent Authentication, BAC or EAC-CA
TOE shall implement secure messaging using session keys and SSC in order to protect command/response APDU and data exchanged in the communication channel after BAC or EAC-CA.
ER shall protect residual information by destructing BAC or EAC session keys and SSC via filling with ‘0’ with assistance of IA. ER shall request SM to check secure messaging. SM shall
check the structure of the received commands with assistance of, increase SSC with assistance
of IA, and verify the received MAC using functions of CF. BAC or EAC session keys and SSC
shall be destructed via filling with ‘0’ with assistance of IA and BAC or EAC permission of the inspection system shall be initialized.
Secure messaging shall be implemented using personalization session key and SSC after successful personalization agent authentication in the Personalization phase. ER shall verify secure
messaging with assistance of SM, and initialize session information including personalization
permission of the personalization agent in case of the verification failure.
7.1.10 Secure Start-up and Use of IC chip’s Security Features
BL shall check the previous state of termination upon power supply and stop continuing in case
abnormal termination is detected. IO shall assign registers values required to use the IC chip security features such as UART considering the communicaiton type (e.g. ISO/IEC 14443A) when
initializing modules required to create the communication channel, and perform to assign the
communicationi speed and to transmit the initial response.
BL shall use the statistic test provided by the IC chip to check randomness of the manipulated
random numbers provided by the IC chip per every power-up to keep the security of the random
numbers to be used in the MRTD security mechanisms. A separate randomness test shall be
peformed using the library provided by the IC chip per every generation of the random numbers
by HW.
7.1.11 Assurance of TSF Secure Operation
SS and CF shall provide means to check integrity on the TSF via ‘Check Data’ command process. CS in the manufacturing phase and SS in the personalization phase shall provide means
to check integrity on the TSF via secure messaing where AES and SHA provided by the IC chip
shall be used.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 83 of 94
BL shall test randomness of the random numbers per each power-up or each generation via HW
and shall stop TSF execution to maintain the secure state in case the test fails.
SS shall stop TSF execution to maintain the secure state in case the integrity check of the TSF
data via secure messaing fails.
HW shall stop TSF execution to maintain the secure state in case abnormal conditions are detected using the security functions such as active shield and security detector provided by the IC
chip.
TSF shall maintain the secure operation against the observation attacks such as SPA and DPA
using countermeasures provided by the IC chip.
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 84 of 94
7.2 Assurance Measures
This section defines assurance measures which is required in accordance with EAL4+ TOE security
assurance requirement. The augmented assurance requirements are ADV_IMP.2, ALC_DVS.2,
ALC_CMS.5, ALC_TAT.2, ATE_DPT.2, and AVA_VAN.5.
The assurance measures will be provided as specified in the following table.
Table 33. TOE Assurance Measures
Assurance
Class
Assurance
Component
Assurance Measure
ASE_INT.1
SPNX-ASE-001
ASE_CCL.1
SPNX-ASE-001
Security
ASE_SPD.1
Target
Specifica- ASE_OBJ.2
tions EvaluASE_ECD.1
ation
ASE_REQ.2
SPNX-ASE-001
ASE_TSS.1
SPNX-ASE-001
ADV_ARC.1
SPNX-ADV-001 & attached
ADV_FSP.4
SPNX-ADV-011, SPNX-ADV-012, SPNX-ADV-013
ADV_IMP.2
SPNX-ADV-021
ADV_TDS.3
SPNX-ADV-031, SPNX-ADV-032, SPNX-ADV-033
Development
AGD_OPE.1
Guidance
Documents AGD_PRE.1
Lifecycle
Support
SPNX-ASE-001
SPNX-ASE-001
SPNX-ASE-001
SPNX-AGD-001, SPNX-AGD-002, SPNX-AGD-003
SPNX-AGD-001, SPNX-AGD-002, SPNX-AGD-003,
SPNX-ALC-001 & attached
ALC_CMC.4
SPNX-ALC-001, SPNX-ALC-002 & attached
ALC_CMS.5
SPNX-ALC-001, SPNX-ALC-002 & attached
ALC_DEL.1
SPNX-ALC-001, SPNX-ALC-002 & attached
ALC_DVS.2
SPNX-ALC-001, SPNX-ALC-002 & attached
ALC_LCD.1
SPNX-ALC-001, SPNX-ALC-002 & attached
ALC_TAT.2
SPNX-ALC-001, SPNX-ALC-002 & attached
ATE_COV.2
SPNX-ATE-001 & attached
ATE_DPT.2
SPNX-ATE-001 & attached
ATE_FUN.1
SPNX-ATE-001 & attached
ATE_IND.2
MRTD samples, Emulation board, Test Tool(HW, SW)
Tests
Vulnerability
AVA_VAN.5
Assessment
MRTD samples, Emulation board, Test Tool (HW, SW)
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 85 of 94
8 References
8.1 Externel References
CC1
Common Criteria for Information Technology Seuciryt Evaluation, Part 1 : Introduction and general model, Version 3.1r3, July 2009, CCMB-2009-07-001
CC2
Common Criteria for Information Technology Seuciryt Evaluation, Part 2 : Security
functional components, Version 3.1r3, July 2009, CCMB-2009-07-002
CC3
Common Criteria for Information Technology Seuciryt Evaluation, Part 3 : Security
assurance components, Version 3.1r3, July 2009, CCMB-2009-07-003
CC4
CCDB-2007-09-001
PP
MRTD Protection Profile V2.1, National Intelligence Service, KECS-PP-0163a2009, 2010-06-10
PP_IC
Security IC Platform Protection Profile Version 1.0, BSI-PP-0035-2007, 2007-0615
CC_PAS
Common Criteria for Information Protection System, Ministry of Public Administration and Security, 2009-52
CC_GUIDE
Evaluation and Certification Guidance for Information Protection System, Ministry
of Public Administration and Security, 2009-9-1
ISO7816
ISO/IEC 7816 Identification cards – Integrated circuit(s) cards with contacts
ISO14443
ISO/IEC 14443 Identification cards – Contactless ICCs - Proximity cards
DOC9303
ICAO Doc 9303 Machine Readable Travel Documents Part 1 Machine Readable
Passports, 6th edition, 2006
ISO_SUP
ISO/IEC JTC1/SC17 Supplement to Doc 9303, Release 10, ICAO, 2007-9-21
EAC
BSI Technical Guideline TR-03110, Advanced Security Mechnisms for MRTD –
Extended Access Control, Ver 1.11, 2008. 02. 21
ST_IC1
Security Target Lite of Samsung S3CT9KW 16-bit RISC Microcontroller for Smart
Card with optional Secure RSA and ECC Librry including specific IC Dedicated
Software, Version 1.0, 2010. 03. 31
ST_IC2
Security Target Lite of Samsung S3CT9KC/S3CT9K9 16-bit RISC Microcontroller
for Smart Card with optional Secure RSA and ECC Librry including specific IC
Dedicated Software, Version 1.0, 2010. 09. 03
NIST_CMAC
NIST Special Publication 800-38B
8.2 Internel References
IC_TOR
TORNADO-2Mx2 RSA/ECC Library API Manual v1.3, 2009-08-17
SEC-ICC
S3CT9Kx 16-bit Microcontrollers for SmartCard User’s Manual, July 2009
SAN
S3CT9Kx Security Application Note
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 86 of 94
9 Terms and Abbreviation
9.1 Terms
The terms that are used in this document and defined in the CC as well are to have the same
meaning as in the CC.
Terms
Definitions
The security mechanism with which the MRTD chip demonstrates
its genuine to the IS by signing random number transmitted from
AA (Active Authentication)
the IS and the IS verifies genuine of the MRTD chip through
verification with the signed values
BAC (Basic Access
Control)
BAC authentication key
The security mechanism that implements the symmetric key‐based
entity authentication protocol for mutual authentication of the
MRTD chip and the IS and the symmetric key‐based key
distribution protocol to generate the session keys necessary in
establishing the secure messaging for the MRTD chip and the IS
The BAC authentication encryption key and the BAC
authentication MAC key generated by using the KDM from the
MRZ (passport No., passport No. check digit, date of birth, date of
birth check digit, valid date, valid date check digit) for mutual
authentication of the MRTD chip and the IS
The mutual authentication of the MRTD chip and the IS according
BAC Mutual authentication to the ISO 9798‐2 symmetric key‐based entity authentication
protocol
The communication channel to provide the confidentiality and the
integrity of transmitted data by encryption the transmitted data with
BAC Secure messaging the BAC session encryption key and generating, therefore
transmitting after generating message authentication value with
the BAC session MAC key
BAC Session Key
The BAC session encryption key and the BAC session MAC key
for generated by using the KDM from random numbers for
generating session keys shared in the BAC mutual authentication
Biometric data of the MRTD Fingerprint and/ or iris data of MRTD holder stored in the MRTD
chip in the LDS structure
holder
BIS
The IS implemented with the BAC and the PA security
(BAC Inspection System) mechanisms
Certificate
The electronic data by a digital signature on the digital signature
verification key by the CA in order to check and demonstrate that
the digital signature generation key belongs only to the person who
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 87 of 94
holds the key
Ciphertext Only Attack
CSCA (Country Signing
Certification Authority)
CSCA Certificate
Attack by the threat agent to attempt decryption based on the
collected ciphertext
The root CA that generates and issues the CSCA certificate and
the DV certificate by securely generating the digital signature key
in the PA‐PKI to support the PA security mechanisms
The certificate to demonstrate validity of the digital signature
verification key for the digital signature generation key of the PA‐
PKI root CA by signature on the digital signature verification key
with digital signature generation key of the PA‐PKI root CA
The root CA that generates and issues the CVCA certificate, the
CVCA (Country Verifying CVCA link certificate and the DV certificate by securely generating
Certification Authority) digital signature key in the EAC‐PKI to support the EAC security
mechanisms
CVCA Certificate
The certificate that includes digital signature value by the EAC‐PKI
root CA with digital signature generation key of the EAC‐PKI root
CA on the digital signature verification key in order to demonstrate
validity of the CVCA link certificate and the DV certificate
CVCA Link Certificate
The certificate that includes digital signature value that the EAC‐
PKI root CA with the digital signature generation key that
corresponds to the previous CVCA certificate after generating a
new CVCA certificate before expiring the valid date of the CVCA
certificate
DS (Document Signer)
Certificate
DV
(Document Verifier)
DV Certificate
EAC‐CA (EAC‐chip
Authentication)
The certificate of the Personalization agent signed with the digital
signature generation key of the PA‐PKI root CA used by the IS to
verify the SOD of the PA security mechanism
The CA(Certification Authority) that generates and issues the IS
certificate
The certificate that includes digital signature value on the digital
signature verification key of the IS with the digital signature
generation key of the DV in order to demonstrate validity of the
digital signature verification key of the IS
The security mechanism to implement the Ephemeral‐Static DH
key distribution protocol (PKCS#3, ANSI X.42, etc.) to enable the
MRTD chip authentication by the EIS through key checking for the
EAC chip authentication public key and private key of the MRTD
chip and temporary public key and private key of the EIS
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 88 of 94
EAC‐TA (EAC‐terminal
Authentication)
EAC (Extended Access
Control)
The security mechanism that The EIS transmits values digital
signature with the digital signature generation key of its own to the
temporary public key used in the EAC‐CA and the MRTD chip by
using the IS certificate, verifies the digital signature. This security
mechanism
implements challenge‐response authentication
protocol based on digital signature through which the MRTD chip
authenticates the EIS.
The security mechanisms consisted with the EAC‐CA for chip
authentication and the EAC‐TA for the IS authentication in order to
enable only the EAC supporting Inspection System (EIS) to read
the biometric data of the MRTD holder for access control to the
biometric data of the MRTD holder stored in the MRTD chip
EAC Chip Authentication Set of the DH keys used by the MRTD chip to authenticate itself to
Public Key and EAC Chip the EAC supporting IS in the EAC‐CA that contain data recorded
Authentication Private key by the Personalization agent in the Personalization phase.
EAC Inspection System
(EIS: EAC Inspection
System)
EAC Session Key
The IS to implement the BAC, the PA and the EAC security
mechanisms and the AA as an option
The session key used to establishing secure messaging to protect
transmission of the biometric data of the MRTD holder that consist
of the EAC session encryption key and the EAC session MAC key
generated by using the KDF of which keys shared with the EIS
through the Ephemeral‐Static DH key distribution protocol in the
EAC‐CA are used as Seed
EF.COM
Including the LDS version info. Data Groups tag information
EF.CVCA
The EF format file to specify the read‐right and the list of the CVCA
digital signature verification key identifier necessary in verification
of the CVCA certificate validity in the EAC‐TA
Encryption Key
Key used in the symmetric cryptographic algorithm for data
encryption in order to prevent the data disclosure
MRTD
The passport embedded the contactless IC chip in which identity
and other data of the MRTD holder stored according to the
International Civil Aviation Organization (ICAO) and the
International Standard Organization (ISO).
The data stored in the MRTD chip with the LDS format to support
MRTD security mechanisms that includes the PA SOD, the EAC
MRTD authentication data
chip authentication public key and the AA chip authentication
public key, etc.
MRTD identity data
Including personal data of the MRTD holder and biometric data of
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 89 of 94
the MRTD holder
MRTD PKI
Unique data signed on the MRTD by the Personalization agent
with digital signature generation key issued in the MRTD PKI
System in order to issuance and check of the electronically
processed passport
MRTD PKI System
System to provide certification practice, such as issuance of
certificates necessary in passport’s digital signature and
management of certification‐related records, etc.
Attack by masquerading as the MRTD chip using the IC chip to
Grandmaster Chess Attack hookup the communication channel between the MRTD chip and
the IS
ICAO‐PKD
The DS certificate storage operated and managed by the ICAO
that online distributes in case the domestic/ overseas IS requests
the DS certificate of the corresponding country
Inspection
Procedure in which immigration office checks identity of the MRTD
holder by inspecting the MRTD chip presented by the MRTD
holder, therefore verifying genuine of the MRTD chip
IS (Inspection System)
As an information system that implements optical MRZ reading
function and the security mechanisms (PA, BAC, EAC and AA,
etc.) to support the MRTD inspection, the IS consists with a
terminal that establishes the RF communication with the MRTD
chip and the system that transmits commands to the MRTD chip
through this terminal and processes responses for the commands.
IS Certificate
Certificate used by the MRTD chip to verify the digital signature
transmitted by the IS in the EAC‐TA. The DV performs a digital
signature on the digital signature verification key of the EIS with
the digital signature generation key.
KDF (Key Derivation
Function)
KDM (Key Derivation
Mechanism)
LDS (Logical Data
Structure)
The function to generate the encryption key and the MAC key by
using hash algorithm from the Seed
The mechanism to generate the encryption key and the MAC key
by using hash algorithm from the Seed
Logical data structure defined in the ICAO document in order to
store the user data in the MRTD chip
MAC Key (Key for Message Key used by symmetric cryptographic algorithm according to
ISO9797 to generate the message authentication code in order to
Authentic Code)
prevent data forgery and corruption
MRTD
Machine Readable Travel Document, e.g. passport, visa or official
document of identity accepted for travel purposes
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 90 of 94
MRTD Application
MRTD Application Data
Program for loaded in the MRTD chip that is programmed by the
LDS of the ICAO document and provides security mechanisms of
BAC, PA and EAC, etc.
Including user data and TSF data of the MRTD
The contactless IC chip that includes the MRTD application and
the IC chip operating system necessary in operation of the MRTD
application and that supports communications protocol by ISO/IEC
14443
MRTD Chip
PA (Passive
Authentication)
The security mechanism to demonstrate that identity data recorded
in the MRTD has not been forgery and corruption as the IS with
the DS certificate verifies the digital signature in the SOD and hash
value of user data according to read‐right of the MRTD access
control policy.
Personal data of the MRTD Visually identifiable data printed on identity information page of the
of MRTD and other identity data stored in the MRTD chip in the
holder
LDS structure
Personalization agent
Probing
The agent receives the MRTD identity data from the Reception
organization and generates the SOD by digital signature on the
data. After recording them in the MRTD chip, the personalization
agent generates TSF data and stores it in the secure memory of
the MRTD chip. The agent also operates PA‐PKI and/ or EAC‐PKI.
Attack to search data by inserting probing pin in the IC chip
Reverse Engineering
To identify and reproduce the basic design concept and applied
technologies of product through detailed analysis of the completed
product
The SOD refers to the MRTD identity data and the MRTD
authentication data recorded in the Personalization phase by the
SOD
Personalization agent that is signed by the Personalization agent
(Document Security Object) with the digital signature generation key. The SOD is an object
implemented with signed data type of ‘RFC 3369 cryptographic
message syntax, 2002.8’ and encoded with DER method.
TSF Data
User Data
The data stored in the secure memory of the MRTD chip to
support MRTD security mechanisms
Including the MRTD identity data and the MRTD authentication
data
9.2 Abbreviations
AA
ABEND
Active Authentication
Abnormal End (of MEL application execution)
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 91 of 94
AM
ATR
BAC
BIS
CA
CBC
CC
CCMB
CCRA
CLK
COS
Abstract Machine (Software Module)
Answer To Reset
Basic Access Control
Basic Inspection System
Chip Authentication
Cipher Block Chaining
Common Criteria
Common Criteria Maintenance Board
Common Criteria Recognition Arrangement
Clock (input to smartcard)
Card Operating System
CPU
CRC
CRT
CSCA
CVCA
DES
DF
DG
DH
DPA
DS
DV
EAC
EAL
Central Processing Unit
Cyclic Redundancy Check
Chinese Remainder Theorem (algorithm)
Country Signing Certification Authority
Country Verifying Certification Authority
Data Encryption Standard
Dedicated File
Data Group
Diffie-Hellman
Differential Power Analysis
Document Signer
Document Verifier
Extended Access Control
Evaluation Assurance Level
EBC
ECC
ECDH
EEPROM
EIS
HW
IC
Electronic Code Book
Elliptic Curve Cryptography
Elliptic Curve Diffie-Hellman
Electrically Erasable Programmable Read-Only Memory
Extended Inspection System
Hardware
Integrated Circuit
ICAO
IFD
IO
IS
ISO
IT
International Civil Aviation Organization
Interface Device
Input/Output
Inspection System
International Organization for Standardization
Information Technology
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 92 of 94
KDF
KDM
LDS
MAC
MF
MRTD
MRZ
OTP
PA
PCD
PICC
Key Derivation Function
Key Derivation Mechanism
Logical Data Structure
Message Authentication Code
Master File
Machine Readable Travel Document
Machine Readable Zone
One-Time Programmable (memory)
Passive Authentication
Proximity Coupling Device
Proximity Card
PKI
PP
PPS
RAM
RF
ROM
RSA
RST
SFI
SFP
SFR
SOD
SOF
SPA
Public Key Infrastructure
Protection Profile
Protocol and Parameters Selection (ref ISO7816)
Random Access Memory
Radio Frequency
Read-Only Memory
Rivest-Shamir-Aldeman (algorithm)
Reset (input to smartcard)
Short File ID
Security Function Policy
Security Function Requirement
Security Object of Document
Strength of Function
Simple Power Analysis
SSC
ST
TA
TDES
TOE
TSC
TSF
Send Sequence Counter
Security Target
Terminal Authentiation
Triple-DES
Target of Evaluation
TSF Scope of Control
TOE Security Functions
TSFI
TSP
TSS
TSF Interface
TOE Security Policy
TOE Subsystem, TSF Subsystem
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 93 of 94
END OF DOCUMENT
Phone: +82-2-3429-2114
E-mail: [email protected]
http://www.sds.samsung.com
SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Security Target
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved
Page 94 of 94
Copyright ⓒ 2012 Samsung SDS Co., Ltd. All rights reserved | Confidential
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement