Security Target: 0821b_pdf

Security Target: 0821b_pdf
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET LITE
Version 1.3
Status: 26. September 2014.
September 2014
ST_AKDeID Evaluation documentation
Page 1 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
1.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Scope
The aim of this document is to describe the Security Target (ST) for the AKD eID Card 1.0,
which is a smart card, intended to be used as Secure Signature Creation Device (SSCD).
2.
References
Short Reference
[The Directive]
[CEN/TS 15480-2]
[EN 14890-1]
[TR 03116-2]
[CC_P1]
[CC_P2]
[CC_P3]
[PP_SSCD_O]
[PP_SSCD_KG]
[PP_SSCD_KI]
[PP_SSCD_KG_TCCGA]
[PP_SSCD_KG_TCSCA]
[PP_SSCD_KI_TCSCA]
[CAdES]
Document Title – Reference
Directive 1999/93/EC of the European parliament and of the council of 13
December 1999 on a Community framework for electronic signatures
PD CEN/TS 15480-2:2012 Identification card systems - European Citizen Card
Part 2: Logical data structures and security services
BS EN 14890-1:2008 Application Interface for smart cards used as Secure
Signature Creation Devices - Part 1: Basic requirements, 31 January 2009
Technische Richtlinie TR-03116-2, eCard-Projekte der Bundesregierung, Teil 2
– Hoheitliche Ausweisdokumente, BSI, 21.03.2013
Common Criteria for Information Technology Security Evaluation, Part 1:
Introduction and general model, September 2012, Version 3.1, Revision 4,
CCMB-2012-09-001
Common Criteria for Information Technology Security Evaluation, Part 2:
Security functional components, September 2012, Version 3.1, Revision 4,
CCMB-2012-09-002
Common Criteria for Information Technology Security Evaluation,
Part 3: Security assurance components,
September 2012, Version 3.1, Revision 4, CCMB-2012-09-003
1
EN 419211-1:2011 Protection profiles for Secure signature creation device Part 1: Overview
2
EN 419211-2:2013 Protection profiles for secure signature creation device Part 2: Device with Key Generation, Version 2.0.1., 2013, registered and
certified under the reference BSI-CC-PP-0059-2009-MA-01
EN 419211-3:2013 Protection profiles for secure signature creation device Part 3: Device with key import, Version 1.0.2, 2012-07-24, registered and
certified under the reference BSI-CC-PP-0075-2012
EN 419211-4:2013 Protection profiles for secure signature creation device Part 4: Extension for device with key generation and trusted channel to
certificate generation application, Version 1.0.1, 2013-11-27, registered and
certified under the reference BSI-CC-PP-0071-2012
EN 419211-5:2013 Protection profiles for secure signature creation device Part 5: Extension for device with key generation and trusted channel to
signature creation application, Version 1.0.1, 2012-11-14, registered and
certified under the reference BSI-CC-PP-0072-2012
EN 419211-6:2013 Protection profiles for secure signature creation device Part 6: Extension for device with key import and trusted channel to signature
creation application, Version 1.0.4, registered and certified under the
reference BSI-CC-PP-0076-2013
ETSI TS 101 733 Electronic Signatures and Infrastructures (ESI); CMS Advanced
Electronic Signatures (CAdES)
1 To be published.
2 This document was submitted to the enquiry procedure under the reference prEN 14169-2, Protection profiles for
secure signature creation device — Part 2: Device with key generation, Version: 2, 2012-01.
September 2014
ST_AKDeID Evaluation documentation
Page 2 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
[XAdES]
[PAdES]
[JCOP_ST]
[JCOP 2.4.2 R3]
[CL v2.7/v2.9]
[NXP_HW]
[FIPS 180-3]
[FIPS 46-3]
[ISO 9797-1]
[PKCS#1 v2.1]
[PKCS#3]
[SP 800-38B]
[NXP SSCC]
Doc ID: DP-I-101
Version: 1.3/2014-09-26
ETSI TS 101 903 Electronic Signatures and Infrastructures (ESI);
XML Advanced Electronic Signatures (XAdES)
ETSI TS 102 778 Electronic Signatures and Infrastructures (ESI); PDF Advanced
Electronic Signature Profiles (PAdES)
NXP J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66,
J3E016_M64, J3E041_M64 Secure Smart Card Controller Revision 3, Rev. 01.03
2014-08-07
NXP J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66,
J3E016_M64, and J3E041_M64 Secure Smart Card Controller Revision 3,
NSCIB-CC-13-37761-CR2, August 2014
Crypto Library V2.7/V2.9 on SmartMX P5CD016/021/041/051 and P5Cx081
V1A/ V1A(s), BSI-DSZ-CC-0633-V2-2014, 16 July 2014
NXP Secure Smart Card Controllers P5CD016/021/041/051 and P5Cx081 V1A/
V1A(s), BSI-DSZ-CC-0857-2013, 2013
FIPS PUB 180-3, Secure Hash Standard, Federal Information Processing
Standards Publication, October 2008, US Department of Commerce/National
Institute of Standards and Technology
FIPS PUB 46-3: Federal Information Processing Standards Publication, Data
Encryption Standard (DES), Reaffirmed 1999 October 25, U.S. Department of
Commerce/National Institute of Standards and Technology
ISO/IEC 9797-1:1999: Information technology - Security techniques - Message
Authentication Codes (MACs) - Part 1: Mechanisms using a block cipher
PKCS1 v2.1: RSA Cryptography Standard, RSA Laboratories, June 2002
PKCS #3: Diffie-Hellman Key-Agreement Standard, RSA Laboratories Technical
Note Version 1.4, Revised November 1, 1993
NIST Special Publication 800-38B, Recommendation for Block Cipher Modes of
Operation: The CMAC Mode for Authentication, Computer Security Division
Information Technology Laboratory National Institute of Standards and
Technology Gaithersburg, MD 20899-8930, May 2005
NXP Secure Smart Card Controllers P5CD016/021/041/051 and
P5Cx081V1A/V1A(s) Security Target Lite, Rev. 1.9, 03.06.2013, registered and
certified under the reference BSI-DSZ-CC-0857-2013
3.
Conventions and terminology
3.1.
Terms and definitions
For the purposes of this document, terms and definitions given in [PP_SSCD_O] apply.
The Directive - Directive 1999/93/EC of the European Parliament and of the Council of 13
December 1999 on “a Community framework for electronic signatures” [The Directive]
NOTE References in this document to a specific article and paragraph of Directive 1999/93/EC
are of the form “[The Directive: n.m]”.
Annex - one of the annexes, Annex I, Annex II or Annex III of [The Directive]
Administrator - user who performs TOE initialisation, TOE personalisation, or other TOE
administrative functions
Advanced electronic signature - digital signature which meets specific requirements in [The
Directive: 2.2]
NOTE According to [The Directive] a digital signature qualifies as an advanced electronic
signature if it:
- is uniquely linked to the signatory;
September 2014
ST_AKDeID Evaluation documentation
Page 3 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
-
is capable of identifying the signatory;
is created using means that the signatory can maintain under his sole control, and
is linked to the data to which it relates in such a manner that any subsequent change
of the data is detectable.
Authentication data - information used to verify the claimed identity of a user
Certificate - digital signature used as electronic attestation binding signature-verification data
to a person confirming the identity of that person as legitimate signer [The Directive: 2.9]
Certificate info - information associated with a SCD/SVD pair that may be stored in a secure
signature creation device
NOTE 1 Certificate info is either:
- a signer's public key certificate or,
- one or more hash values of a signer's public key certificate together with an identifier
of the hash function used to compute the hash values.
NOTE 2 Certificate info may contain information to allow the user to distinguish between
several certificates.
Certificate-generation application CGA - collection of application components that receive the
SVD from the SSCD to generate a certificate obtaining data to be included in the certificate and
to create a digital signature of the certificate
Certification service provider CSP - entity that issues certificates or provides other services
related to electronic signatures [The Directive: 2.11]
Data to be signed DTBS - all of the electronic data to be signed including a user message and
signature attributes
Data to be signed or its unique representation DTBS/R - data received by a secure signature
creation device as input in a single signature-creation operation NOTE DTBS/R is either:
- a hash-value of the data to be signed (DTBS), or
- an intermediate hash-value of a first part of the DTBS complemented with a remaining
part of the DTBS, or
- the DTBS.
Legitimate user - user of a secure signature creation device who gains possession of it from an
SSCD-provisioning service provider and who can be authenticated by the SSCD as its signatory
Qualified certificate - public key certificate that meets the requirements laid down in Annex I
and that is provided by a CSP that fulfils the requirements laid down in Annex II [The Directive:
2.10]
Qualified electronic signature - advanced electronic signature that has been created with an
SSCD with a key with a qualified certificate
NOTE See [The Directive: 5.1].
Reference authentication data RAD - data persistently stored by the TOE for to authenticate a
user as authorised for a particular role
Secure signature-creation device SSCD - personalized device that meets the requirements laid
down in Annex III by being evaluated according to a security target conforming to a PP in this
series of European Standards [The Directive: 2.5 and 2.6]
Signatory - legitimate user of an SSCD associated with it in the certificate of the signatureverification data and who is authorized by the SSCD to operate the signature-creation function
[The Directive: 2.3]
Signature attributes - additional information that is signed together with a user message
September 2014
ST_AKDeID Evaluation documentation
Page 4 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Signature-creation application SCA - application complementing an SSCD with a user interface
with the purpose to create an electronic signature
NOTE A signature creation application is software consisting of a collection of application
components configured to:
- present the data to be signed (DTBS) for review by the signatory,
- obtain prior to the signature process a decision by the signatory,
- if the signatory indicates by specific unambiguous input or action its intent to sign send
a DTBS/R to the TOE
- process the electronic signature generated by the SSCD as appropriate, e.g. as
attachment to the DTBS.
Signature-creation data SCD - private cryptographic key stored in the SSCD under exclusive
control by the signatory to create an electronic signature [The Directive: 2.4]
Signature-creation system SCS - complete system that creates an electronic signature
consisting of an SCA and an SSCD
Signature-verification data SVD - public cryptographic key that can be used to verify an
electronic signature [The Directive: 2.7]
SSCD-provisioning service - service to prepare and provide an SSCD to a subscriber and to
support the signatory with certification of generated keys and administrative functions of the
SSCD
User - entity (human user or external IT entity) outside the TOE that interacts with the TOE
User Message - data determined by the signatory as the correct input for signing
Verification authentication data VAD - data provided as input to a secure signature creation
device for authentication by cognition or by data derived from a user’s biometric
characteristics
September 2014
ST_AKDeID Evaluation documentation
Page 5 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
3.2.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Abbreviated terms
The used abbreviated terms are:
API
CC
CA
CGA
CSP
DES
DTBS
DTBS/R
EAL
HID
EEPROM
IC
ICC
IFD
IT
MAC
PKI
PIN
PUK
PP
PAN
RAD
ROM
RSA
RSA CRT
SHA
SSPS
SSCD
SSMA
SCA
SCD
SCS
SDO
SFP
SPS
ST
TSF
TOE
VAD
September 2014
Application Programming Interface
Common Criteria
Certificate Authority
Certification generation application
Certification-service-provider
Data Encryption Standard
Data to be signed
Data to be signed or its unique representation
Evaluation Assurance Level
Human Interface Device
Electrically Erasable Programmable Read-Only Memory
Integrated Chip
Integrated Chip Card
Interface Device
Information Technology
Message Authentication Code
Public key infrastructure
Personal Identification Number
Personal Unblocking Key
Protection Profile
Primary Account Number
Reference authentication data
Read-only memory
Rivest, Shamir and Adleman
Rivest, Shamir and Adleman - Chinese Remainder Theorem
Secure Hash Algorithm
SSCD Provisioning Service Provide
Secure signature-creation device
Signatory SSCD Management Application
Signature-creation application
Signature-creation data
Signature-creation system
Signed data object
Security Function Policy
SSCD Provisioning Service
Security Target
TOE Security Functionality
Target of evaluation
Verification authentication data
ST_AKDeID Evaluation documentation
Page 6 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
4.
ST Introduction
4.1.
ST and TOE reference
Document Id
Document Title
Document Reference
Document Version
Document Date
Document Author
TOE reference
TOE Product Type
TOE Developer
TOE Platform
Certification Id
Evaluation assurance level
4.2.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
DP-I-101
AKD Electronic Identity Card Security Target Lite
ST_AKDeID
1.3
2014-09-26
AKD, Agencija za komercijalnu djelatnost d.o.o
AKD eID Card 1.0
Secure Signature Creation Device (SSCD)
AKD, Agencija za komercijalnu djelatnost d.o.o
NXP J2E081_M64 Secure Smart Card Controller Revision 3 [JCOP 2.4.2 R3]
BSI-DSZ-CC-0821-2014
EAL4 augmented with AVA_VAN.5 and ALC_DVS.2 (EAL 4+)
TOE Overview
The target of evaluation (TOE) is the AKD eID Card 1.0, which is multifunctional smartcard
product, intended for use as a secure signature creation device (SSCD) in accordance with the
European Directive 1999/93/EC of the European parliament and of the council of 13 December
1999 on a community framework for electronic signatures [The Directive] and its possible
revision.
For an electronic signature product that has been evaluated according to Common Criteria
(version 3.1) as conforming to a Security Target (ST) that is compliant with one or more of EN
419 211 Protection Profiles (PP) this European Standard implies that European Union Member
States shall presume compliance with the requirements in Annex III of [The Directive] for that
product. This Security Target (ST) is strictly conformant to the Protection Profiles:
- EN 419211-2:2013 Protection profiles for secure signature creation device - Part 2:
Device with Key Generation, Version 2.0.1., 2013, submitted to the enquiry procedure
under the reference prEN 14169-2, registered and certified under the reference BSICC-PP-0059-2009-MA-01 [PP_SSCD_KG],
- EN 419211-3:2013 Protection profiles for secure signature creation device - Part 3:
Device with key import, Version 1.0.2, 2012-07-24, registered and certified under the
reference BSI-CC-PP-0075-2012 [PP_SSCD_KI] and
- EN 419211-4:2013 Protection profiles for secure signature creation device - Part 4:
Extension for device with key generation and trusted channel to certificate generation
application, Version 1.0.1, 2013-11-27, registered and certified under the reference
BSI-CC-PP-0071-2012 [PP_SSCD_KG_TCCGA],
The product can be operated in other environments providing functionalities based on the
following two Protection Profiles, but these functionalities are out of the certified scope of this
evaluation:
- EN 419211-5:2013 Protection profiles for secure signature creation device - Part 5:
Extension for device with key generation and trusted channel to signature creation
September 2014
ST_AKDeID Evaluation documentation
Page 7 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
application, Version 1.0.1, 2012-11-14, registered and certified under the reference
BSI-CC-PP-0072-2012 [PP_SSCD_KG_TCSCA] and
- EN 419211-6:2013 Protection profiles for secure signature creation device - Part 6:
Extension for device with key import and trusted channel to signature creation
application [PP_SSCD_KI_TCSCA], registered and certified under the reference BSI-CCPP-0076-2013
The basis of this composite evaluation is the composite evaluation of the platform:
- NXP J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66,
J3E016_M64, J3E041_M64 Secure Smart Card Controller Revision 3 [JCOP_ST], NSCIBCC-13-37761-CR2, August 2014
which consist of the hardware and the cryptographic library:
- NXP Secure Smart Card Controllers P5CD016/021/041/051 and P5Cx081V1A/V1A(s)
[NXP_HW], BSI-DSZ-CC-0857-2013, 2013 and
- Crypto Library V2.7/V2.9 on SmartMX P5CD016/021/041/051 and P5Cx081 V1A/
V1A(s) [CL v2.7/v2.9], BSI-DSZ-CC-0633-V2-2014, 16 July 2014
The TOE specifies a SSCD that may generate signing keys internally or externally, export the
public key in protected manner and communicate with the signature creation application in
protected manner. When operated in a secure environment a signatory may use the TOE to
create an advanced electronic signature or a qualified electronic signature to conform to the
specifications in ETSI TS 101 733 [CAdES], ETSI TS 101 903 [XAdES] and ETSI 102 778 [PAdES].
The TOE combined security features of the mentioned protection profiles using the platform
cryptographic operations and security features. All that enables the following product
functionalities:
• On chip and external key generation
• Advanced or qualified digital signature
• Certificate information application
• Knowledge based user authentication with two PINs and one PUK
• Secure Messaging
• Symmetric or asymmetric device authentication
• Administrator role authentication and post issuance management of the card
• Signature Generation for SSL Client/Server Authentication
• Encryption key decipherment
• Certificate verification
• Self protection
The TOE comprises the all mandatory features for the European Citizen Card according to
[CEN/TS 15480-2], which makes it suitable for implementing national e-ID card combining eservices and national e-ID applications. In order to enable interoperability and usage of the
TOE on a national or European level, the application interfaces to the TOE are implemented as
is specified in [EN 14890-1].
The AKD eID Card 1.0 may be used for various applications (electronic identification card,
electronic health card, electronic signature application requiring qualified signature, electronic
service card…) and purpose (digital signature, client server authentication, data encryption and
certificate verification...).
The assurance level for the TOE is CC EAL4+.
September 2014
ST_AKDeID Evaluation documentation
Page 8 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
4.3.
TOE Description
4.3.1.
Overview for this section
Doc ID: DP-I-101
Version: 1.3/2014-09-26
The term “PPs” is used instead of listing [PP_SSCD_KG], [PP_SSCD_KI] and
[PP_SSCD_KG_TCCGA], and the term “core PPs” is used instead of listing [PP_SSCD_KG] and
[PP_SSCD_KI].
This section is based on the TOE overview of PPs and has only been extended by the product
specific details.
4.3.2.
Operation of the TOE
Figure 1 shows this TOE, its operational environments and the interaction with the
environment.
Signing
Environment
Preparation
Environment
SVD
SCD
Key Generation
VAD
User Authentication
Signature Creation Application
Key Export
SCD
Key Import
Personalization
RAD
SSCD-Provisioning Service
Provider
SSCD Issuing Application
VAD
Signatory Mangement
Service Provider
Management
Issuer SSCD
Management Application
Signatory SSCS Management Application
Signature Creation
Service Provider
Authentication
Human interface for signatory
DTBS/R
signature
Certificate
Generating
Application
TOE
Certifivation Service
Provider
DTBS
Management
Environment
Management
Environment
Figure 1: The TOE and operational environments
The key generation and key import functions of the TOE can be performed in the preparation
environment as well as in signing or management environment.
This section presents a functional overview of the TOE in its distinct operational environments:
- The preparation environment,
September 2014
ST_AKDeID Evaluation documentation
Page 9 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
•
where it interacts with a certification service provider through a certificate
generation application (CGA) to obtain a certificate for the signature validation
data (SVD) corresponding with the SCD the TOE has generated.
The TOE exports the SVD through a trusted channel allowing the CGA to check the
authenticity of the SVD.
•
where the TOE interacts with a certification service provider (CSP) through a
SCD/SVD generation application to import the signature creation data (SCD) and a
certificate generation application (CGA) to obtain a certificate for the signature
validation data (SVD) corresponding to the SCD the certification service provider
has generated. The SCD/SVD generation application transmits the SVD to the CGA.
•
-
The initialization environment interacts further with the TOE to personalize it with
the initial value of the reference authentication data (RAD),
The signing environment
•
where it interacts with a signer through a signature creation application (SCA) to
sign data after authenticating the signer as its signatory. The signature creation
application provides the data to be signed (DTBS), or a unique representation
thereof (DTBS/R) as input to the TOE signature creation function and obtains the
resulting digital signature.
•
-
The TOE and the SCA communicate through a trusted channel to ensure the
integrity of the DTBS respective DTBS/R
The management environments
•
where it interacts with the user or an SSCD-provisioning service provider to
perform management operations, e.g. for the signatory to reset a blocked RAD. A
single device, e.g. a smart card terminal, may provide the required secure
environment for management and signing.
The signing environment, the management environment and the preparation environment are
secure and protect data exchanged with the TOE.
The TOE stores signature creation data and reference authentication data. The TOE may store
multiple instances of SCD. The TOE provides a function to identify each SCD and the SCA can
provide an interface to the signer to select an SCD for use in the signature creation function of
the SSCD. The TOE protects the confidentiality and integrity of the SCD and restricts its use in
signature creation to its signatory. The digital signature created by the TOE may be used to
create an advanced electronic signature as defined in Article 5.1 of [The Directive] if the
certificate for the SVD is a qualified certificate (Annex I). Determining the state of the
certificate as qualified is beyond the scope of this standard.
The signature creation application is assumed to protect the integrity of the input it provides
to the TOE signature creation function as being consistent with the user data authorized for
signing by the signatory. Unless implicitly known to the TOE, the SCA indicates the kind of the
signing input (as DTBS/R) it provides and computes any hash values required. The TOE may
augment the DTBS/R with signature parameters it stores and then computes a hash value over
the input as needed by the kind of input and the used cryptographic algorithm.
The TOE stores signatory reference authentication data to authenticate a user as its signatory.
The RAD is a password e.g. PIN, a biometric template or a combination of these. The TOE
protects the confidentiality and integrity of the RAD. The TOE may provide a user interface to
directly receive verification authentication data (VAD) from the user, alternatively, the TOE
receive the VAD from the signature creation application. If the signature creation application
September 2014
ST_AKDeID Evaluation documentation
Page 10 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
handles, is requesting or obtaining a VAD from the user, it is assumed to protect the
confidentiality and integrity of this data.
A certification service provider and a SSCD-provisioning service provider interact with the TOE
in the secure preparation environment to perform any preparation function of the TOE
required before control of the TOE is given to the legitimate user. These functions may include:
- initialising the RAD,
- generating a key pair,
- storing personal information of the legitimate user,
The TOE is a smart card. A smart-card terminal shall be deployed that provides the required
secure environment to handle a request for signatory authorization. A signature can be
obtained on a document prepared by a signature creation application component running on
personal computer connected to the card terminal. The signature creation application, after
presenting the document to the user and after obtaining the authorization PIN initiates the
digital signature creation function of the smart card through the terminal.
4.3.3.
Security features
Security functionalities provided by the TOE map the general requirements of the EU directive
to asymmetric techniques [The Directive] as required by the EN419211 Protection Profiles for
Secure Signature Creation Device (SSCD) and cover additional services, useful in its
operational-use stage.
To accomplish the required security as claimed in the PPs, the TOE security functionalities
cover the signing function, key generation and key import, storage of certificates, the related
user verification, establishment and use of trusted path and channel as well as the allocation
and format of resources required for the execution of those functions and related
cryptographic token information.
The self protect function and all cryptographic functions including those based on the same
technology as key decipherment, client server authentication and signature verification are
provided by the NXP JCOP platform.
4.3.3.1.
Main functions
The TOE is a combination of hardware and software configured to securely create, import, use
and manage signature creation data (SCD). The SSCD protects the SCD during its whole
lifecycle as to be used in a signature creation process solely by its signatory.
The TOE comprises all IT security functionality necessary to ensure the secrecy of the SCD and
the security of the electronic signature.
(1) to generate or to import signature-creation data (SCD) and the correspondent
signature-verification data (SVD),
(2) to export the SVD for certification through a trusted channel to the CGA,
(3) to, optionally, receive and store certificate info,
(4) to switch the SSCD from a non-operational state to an operational state, and
(5) if in an operational state, to create digital signatures for data with the following steps:
a) select an SCD if multiple are present in the SSCD,
b) authenticate the signatory and determine its intent to sign,
c) receive data to be signed or a unique representation thereof (DTBS/R) through
a trusted channel with SCA,
September 2014
ST_AKDeID Evaluation documentation
Page 11 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
d) apply an appropriate cryptographic signature-creation function using the
selected SCD to the DTBS/R.
The TOE may implement its function for digital signature creation to conform to the
specifications in ETSI TS 101 733 (CAdES), ETSI TS 101 903 (XAdES) and ETSI TS 101 903
(PAdES).
The TOE may properly for the signatory's use by
(1) generating or import at least one SCD/SVD pair, and
(2) personalising for the signatory by storing in the TOE:
a) the signatory’s reference authentication data (RAD)
b) optionally, certificate info for at least one SCD in the TOE.
After preparation the SCD shall be in a non-operational state. Upon receiving the TOE the
signatory shall verify that its non-operational state and change the SCD state to operational.
After preparation the intended, legitimate user should be informed of the signatory’s
verification authentication data (VAD) required for use of the TOE in signing. If the VAD is a
password or PIN, the means of providing this information is expected to protect the
confidentiality and the integrity of the corresponding RAD.
If the use of an SCD is no longer required, then it shall be destroyed (e.g. by erasing it from
memory) as well as the associated certificate info, if any exists.
4.3.3.2.
Identification and user authentication
The TOE contains a Primary Account Number (PAN) in accordance with ISO/IEC 7812-1, which
enables identification of the card issuer and the cardholder.
The user authentication is knowledge based, i.e. submission of a PIN/password. This
authentication scheme enables to authenticate the user role Signatory.
The TOE provides functions to enable the user to:
a) Verify PIN
b) Change the value of a PIN and
c) Unblock all PINs using the PUK value.
The TOE has two PINs and one PUK value. One PIN is intended for digital signature
authentication exclusively. Another PIN is used for authentication in all other sensitive
operations as well as for privacy protection of the certain data in the card. The same PUK value
is used to unblock both PINs.
4.3.3.3.
Device authentication
Device authentication aims at authenticating both entities willing to communicate and
securing the communication between the card and a remote entity. Remote entity might be
SCA and CGA in the signing environment or Signatory SSCD Management Application and
Issuer SSCD Management Application in the management environment.
The TOE implements the following device authentication protocols:
a) symmetric authentication using 3DES keys,
b) asymmetric authentication using Card Verifiable (CV) certificates and device
authentication with privacy protection protocol
The terminal shall implement listed protocols and adapt authentication according to the
security level required by the resource it wishes to access.
September 2014
ST_AKDeID Evaluation documentation
Page 12 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
4.3.3.4.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Secure messaging
Secure messaging session establishment begins with device authentication when secure
messaging session keys are computed.
Secure messaging should ensure that communication between the TOE and the IFD is
protected. The secure messaging constantly performs checks and the session is aborted in case
of any errors.
The secure message provides functions to establish a trusted, cryptographically protected
communication to remote IT entities, such as:
a) A certificate-generation application (CGA)
b) An SVD-generating application, if it is not part of CGA application
c) A signature-creation application (SCA)
d) Human interface device (HID)
e) Management application
4.3.3.5.
Role authentication
The Role authentication is used by the external entity to present a specific authorization to the
TOE. The TOE establishes the security context by setting a respective value in its security
environment and enforces usage of the correct security policy. The TOE requires
authentication for a specific operation and for privacy protection because certain data in the
card (or data secured by the card) can only be accessed after authentication. Prior to any
operation the application checks the requested access rights to resources and to operations
performed on those resources. If security conditions are fulfilled, access is granted.
The TOE maintains the roles for Signatory and Administrator to grant different access rights.
Signatory and Administrator may:
a) Generate an SCD or install an SCD, generated outside the device in a trusted
environment and communicated over a secure communication link),
b) Disabling an SCD it holds, e.g. by erasing it from memory,
c) Create, extend or modify certificate info stored in the device,
d) Create SVD for an SCD stored and export it for certification by a certificate generating
application protected by trusted communication,
Only Signatory may:
a) Switch the TOE from a non-operational state to an operational state, and thereby
change initial PIN and set the PUK value,
b) Change value of the PIN/PUK,
c) Unblock the PIN using PUK value while the SSCD is in operational state,
d) Only the Signatory is allowed to create digital signatures and only if the TOE is in
operational state.
Only Administrator may:
a) Define minimum length of an alphanumeric value of PIN/PUK
b) Initialize the PIN for the signatory while card is in non-operational state,
c) Import personal user data
d) Change symmetric or asymmetric keys for device authentication
e) Change personal information of the legitimate user
f) Switch blocked SSCD to a non-operational state and unblock the PIN and PUK resetting
the remaining tries counter to the predefined maximum error counter
September 2014
ST_AKDeID Evaluation documentation
Page 13 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
The Administrator is not allowed to create digital signatures in any environment. Generally, it
is not allowed to create digital signature in the card preparation phase nor is digital signature
creation allowed in operational use stage if the TOE is not in operational state.
4.3.3.6.
Cryptographic functions
All cryptographic functionality of the TOE is provided by the platform, i.e. either by the
cryptographic library or by the operating system.
The TOE uses the JCOP platform functions and allows the card to be used as a crypto token,
which provides the following cryptographic operation:
(1) Digital Signature
The TOE enables the Signatory to digital sign documents. The signature may be advanced
or qualified.
(2) Client/server authentication
The TOE computes a signature for the computer the cardholder uses to access remote
services. The computer is authenticated with the signature computed by the card using an
asymmetric cryptographic scheme.
(3) Encryption key decipherment
Encryption key decipherment enables the cardholder to store secret data on an electronic
vault. The RSA private key needed to decipher the symmetric key encrypting these data is
securely stored in the TOE. The remote entity sends by the RSA public key encrypted
symmetric encryption key to the TOE to get the plain symmetric encryption key.
Encryption key decipherment is also used in SSL session establishment when connecting to
web services. The purpose is to send data enciphered by a remote server to a computer a
person uses to access web services in a secure manner. The TOE receives the symmetric
key to use (for decipherment) within a cryptogram.
(4) Certificate verification
This feature enables the TOE to verify a certificate issued by a certificate authority the TOE
trust. The trust is established by the transfer to the TOE of a public RSA key of an authority
certified by an authority whose public key is present in the TOE.
4.3.3.7.
Self protection
The JCOP platform provides functionality such as a monitoring the auditable events and
indicate a potential violation, a secure management of TOE resources, control of operating
conditions, protection against physical manipulation, logical protection, protection of mode
control, memory access control and register access control.
4.3.4.
TOE platform
The TOE comprises of:
(1) The TOE platform NXP J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66,
J3E016_M66, J3E016_M64, and J3E041_M64 Secure Smart Card Controller Revision 3,
NSCIB-CC-13-37761-CR2, August 2014 [JCOP 2.4.2 R3], according to the Common
Criteria for evaluation assurance level 5+.
(2) The Java Card applet the AKD eID Card 1.0 on the application layer containing the SSCD
functionality
September 2014
ST_AKDeID Evaluation documentation
Page 14 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
(3) The associated guidance documentation, which is subject of the evaluation according
to the assurance guidance documents (AGD) class. The exact version of the guidance
document is given in the certification report.
(4) The personalization key
The evaluated NXP platform includes the cryptographic library and the hardware:
- Crypto Library V2.7/V2.9 on SmartMX P5CD016/021/041/051 and P5Cx081 V1A/
V1A(s), BSI-DSZ-CC-0633-V2-2014, 16 July 2014 [CL v2.7/v2.9]
- NXP Secure Smart Card Controllers P5CD016/021/041/051 and P5Cx081 V1A/ V1A(s),
BSI-DSZ-CC-0857-2013, 2013 [NXP_HW]
The NXP platform consists of:
- Smart card platform (SCP) (parts of the hardware platform and hardware abstraction
layer)
- Embedded software (Java Card Virtual Machine, Runtime Environment, Java Card API,
Card Manager)
- Native MIFARE application (physically always present but logical availability depends
on configuration)
The Smart Card Platform (SCP) consists of the Hardware Abstraction Layer (HAL) and the
Hardware Platform. The cryptographic library (Crypto Library) is part of the Hardware
Abstraction Layer (HAL).
The TOE limits are shown schematically in Figure 2. The Platform is bordered with green
dashed line and the TOE is bordered with red dashed line.
Java Card aplet AKD eID Card 1.0
Java Card API
3.0.1
Java Card
Runtime
Environment
3.0.1
Global Platform
Open Platform
Card Manager
2.2.1
Java Card Virtual Machine
3.0.1
MIFARE
Hardware apstraction layer (HAL)
Hardware platform
TOE
JCOP 2.4.2 R3 Secure Platform
Figure 2: The TOE limits
The TOE is available on the P5CC081V1A hardware in which MIFARE interface is disabled.
For the TOE relevant is only NXP J2E081_M64 Secure Smart Card Controller Revision 3, which
is based on Java Card 3.0.1 and Global Platform 2.2.1 industry standards. It implements high
security mechanisms and supports various protocols, cryptographic algorithms.
September 2014
ST_AKDeID Evaluation documentation
Page 15 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
4.3.5.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
The TOE life cycle
4.3.5.1.
General
The TOE lifecycle distinguishes stages for development production, preparation and
operational use.
The development phase comprises the development and production of the TOE. The
development phase is subject of the evaluation according to the assurance lifecycle (ALC) class.
The development phase ends with the delivery of the TOE to the SSCD-provisioning service.
The operational usage of the TOE comprises the preparation stage and the operational use
stage. The TOE operational use stage begins when the signatory has obtained both the VAD
and the TOE.
Figure 3 shows an example of the lifecycle where an SCD/SVD pair is generated on the TOE
before delivery to the signatory. The lifecycle allow generation of SCD or SCD/SVD key pairs
after delivery to the signatory as well.
Development Phase
Phase 1
SSCD development
IC development
Product development
Phase 2
SSCD production
IC manufacturing
Product manufacturing
Applet install
Delivery to SSCDProvisioning
Service Provider
Usage Phase
CSP
Phase 3 – SSCD preparation
CSD/SVD GA
SCD/SVD generation
SCD export
SVD export
SCD (key import)
Installation of SCD
SVD
•
•
•
CGA
•
•
SVD (key generation)
Certificate generation
Directory service
- SCD/SVD generation
- SVD export
- SCD/SVD import
- import of certificate info*
Personalisation for the
signatory
- RAD installation
- VAD definition
- storing personal information*
- storing keys for trusted chennels*
Delivery to Signatory
CSP
Phase 4 – SSCD operational use
CSD/SVD GA
SCD/SVD generation
SCD export
SVD export
•
•
Certificate generation
Directory service
Operational usage
SCD (key import)
Installation of SCD
SVD
•
•
•
CGA
SVD (key generation)
- SCD/SVD generation
- SVD export
- SCD/SVD import
- import of certificate info*
- Signature creation
- Management operations
Destruction of SCD
- destruction of SCD
- deletion of certificate info*
The asterisks * marks the optional import of the SVD and certificate info during TOE preparation and certificate info
deletion when SCD is destroyed.
Figure 3: TOE life cycle
4.3.5.2.
Development stage
The subject manufacturer acts in the development phase. They are the IC Manufacturer and
the Product Manufacturer.
IC Manufacturer provides the following activities:
September 2014
ST_AKDeID Evaluation documentation
Page 16 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
(1) during phase 1 designs and develop IC and the embedded software
(2) during phase 2
a) manufactures the IC and the embedded software,
b) optionally, loads the applet if applet shall be present in the ROM and provides
card pre personalization and initialization
c) performs IC testing and packaging
Product Manufacturer provides following activities:
(1) during phase 1 designs and develops the product and the applet software,
(2) during phase 2
a) manufactures the product performing card printing and IC embedding
activities,
b) optional, loads applet if applet shall be present in the EEPROM and provides
card pre personalization and initialization
c) performs product testing and packaging
For this product, the AKD eID Card 1.0, the IC Manufacturer is NXP and the Product
Manufacturer is AKD.
Applet of the AKD eID Card 1.0 can be loaded into the ROM or the EEPROM. This is the only
applet present on the card. There are no other applets on the card and post-issuance loading
of applets cannot be done.
4.3.5.3.
Preparation stage
Regarding [PP_SSCD_KG] an SSCD-provisioning service provider may ensure the following
tasks:
An SSCD-provisioning service provider having accepted the TOE from a manufacturer prepares
the TOE for use and delivers it to its legitimate user. The preparation phase ends when the
legitimate user has received the TOE from the SSCD-provisioning service and any SCD it might
already hold have been enabled for use in signing.
During preparation of the TOE, as specified above, an SSCD-provisioning service provider
performs the following tasks:
(1) Obtain information on the intended recipient of the device as required for the
preparation process and for identification as a legitimate user of the TOE.
(2) Generate a PIN of the legitimate user, store this data as RAD in the TOE and prepare
information about the VAD for delivery to the legitimate user.
(3) Generate a certificate for at least one SCD either by:
a) The TOE generating an SCD/SVD pair and obtaining a certificate for the SVD
exported from the TOE, or
b) Initializing security functions in the TOE for protected export of the SVD and
obtaining a certificate for the SVD after receiving a protected request from the
TOE,
(4) Optionally, present certificate info to the SSCD.
(5) Deliver the TOE and the accompanying VAD info to the legitimate user.
The SVD certification task (third item listed above) of an SSCD-provisioning service provider as
specified in this ST supports a centralised, pre-issuing key generation process, with at least one
key generated and certified, before delivery to the legitimate user. Alternatively, or
additionally, that task supports key generation by the signatory after delivery and outside the
secure preparation environment. A TOE may support both key generation processes, for
September 2014
ST_AKDeID Evaluation documentation
Page 17 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
example with a first key generated centrally and additional keys generated by the signatory in
the operational use stage.
Data required for inclusion in the SVD certificate at least includes (cf. [The Directive], Annex II)
a) the SVD which correspond to SCD under the control of the signatory;
b) the name of the signatory or a pseudonym, which is to be identified as such;
c) an indication of the beginning and end of the period of validity of the
certificate.
The data included in the certificate may have been stored in the SSCD during personalization.
Before initiating the actual certificate signature the certificate generation application verifies
the SVD received from the TOE by:
(1) establishing the sender as genuine SSCD
(2) establishing the integrity of the SVD to be certified as sent by the originating SSCD,
(3) establishing that the originating SSCD has been personalized for the legitimate user,
(4) establishing correspondence between SCD and SVD, and
(5) an assertion that the signing algorithm and key size for the SVD are approved and
appropriate for the type of certificate.
The proof of correspondence between an SCD stored in the TOE and an SVD may be implicit in
the security mechanisms applied by the CGA. Optionally, the TOE may support a function to
provide an explicit proof of correspondence between an SCD it stores and an SVD realized by
self-certification. Such a function may be performed implicitly in the SVD export function and
may be invoked in the preparation environment without explicit consent of the signatory.
Security requirements to protect the SVD export function and the certification data if the SVD
is generated by the signatory and then exported from the SSCD to the CGA are specified in a
[PP_SSCD_KG_TCCGA].
Prior to generating the certificate the certification service provider asserts the identity of the
signatory specified in the certification request as the legitimate user of the TOE.
Regarding [PP_SSCD_KI] an SSCD-provisioning service provider may ensure the following tasks:
The preparation phase of the TOE lifecycle is processing the TOE from the customer's
acceptance of the delivered TOE to a state ready for operation by the signatory. The customer
receiving the TOE from the manufacturer is the SSCD-provisioning service that prepares and
provides the SSCD to subscribers. The preparation includes
(1) The personalization of the TOE for use by the signatory, i.e. the installation of the RAD
in the TOE and handover of VAD to the signatory.
(2) The initialization of the TOE, i.e. the CSP generates the SCD/SVD pair by means of a
SCD/SVD generation device, loads the SCD to the TOE, and sends the SVD to the CGA.
The TOE may import and store the SCD/SVD pair.
(3) The generation of the (qualified) certificate containing among others (cf. [The
Directive], Annex II)
(a) the SVD which correspond to SCD under the control of the signatory;
(b) the name of the signatory or a pseudonym, which is to be identified as such,
(c) an indication of the beginning and end of the period of validity of the
certificate.
(4) The preparation may include optional loading of the certificate info into the SSCD for
signatory convenience.
The CSP generates a SCD/SVD pair and imports SCD, and optionally also SVD, into the SSCD.
The CSP ensures
(a) the correspondence between SCD and SVD,
(b) that algorithm and key size for the SVD are appropriate.
September 2014
ST_AKDeID Evaluation documentation
Page 18 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Please take note that verifying whether the claimed identity of the signer originates from that
given SSCD has to be done by the CSP operating the CGA.
If the TOE is used for creation of advanced electronic signatures, the certificate links the
signature verification data to the person (i.e. the signatory) and confirms the identity of that
person (cf. [The Directive], article 2, clause 9).
The TOE provides mechanisms for import of SCD, implementation of the SCD and
personalization. The environment is assumed to protect all other processes for TOE
preparation like SCD transfer between the SCD/SVD generation device and the TOE, and SVD
transfer between the SCD/SVD generation device and the CGA. The CSP may export the SVD to
the TOE for internal use by the TOE (e.g., self-test).
Before generating a (qualified) certificate, the CSP is expected to first store the SCD in a SSCD.
A secure channel with the TOE may be used to support this, by ensuring integrity of the SCD
during transmission to the TOE.
Regarding [PP_SSCD_KG_TCCGA] an SSCD-provisioning service provider may ensure the
following tasks:
•
•
In the preparation stage of the usage phase, the SSCD-provisioning provider
additionally initializes the security functions in the TOE for the identification as SSCD,
for the proof of this SSCD identity to external entities, and for the protected export of
the SVD.
In the preparation stage of the usage phase, the SSCD-provisioning provider
additionally links the identity of the TOE as SSCD and the identity of the legitimate user
as potential applicant for certificates for SVD generated by the TOE.
4.3.5.4.
Operational use stage
Regarding [PP_SSCD_KG] and [PP_SSCD_KI]:
In this lifecycle stage the signatory can use the TOE to create advanced electronic signatures.
The TOE operational use stage begins when the signatory has obtained both the VAD and the
TOE. Enabling the TOE for signing requires at least one set of SCD stored in its memory.
The signatory can also interact with the SSCD to perform management tasks, e.g. reset a RAD
value or use counter if the password/PIN in the reference data has been lost or blocked. Such
management tasks require a secure environment.
The signatory can render an SCD in the TOE permanently unusable. Rendering the last SCD in
the TOE permanently unusable ends the life of the TOE as SSCD.
The TOE may support functions to generate additional signing keys. If the TOE supports these
functions it will support further functions to securely obtain certificates for the new keys. For
an additional key the signatory may be allowed to choose the kind of certificate (qualified, or
not) to obtain for the SVD of the new key. The signatory may also be allowed to choose some
of the data in the certificate request for instance to use a pseudonym instead of the legal
name in the certificate. If the conditions to obtain a qualified certificate are met the new key
can also be used to create advanced electronic signatures. The optional TOE functions for
additional key generation and certification may require additional security functions in the TOE
and an interaction with the SSCD-provisioning service provider in an environment that is
secure.
The TOE life cycle as SSCD ends when all set of SCD stored in the TOE are destructed. This may
include deletion of the corresponding certificates.
Regarding [PP_SSCD_KG_TCCGA]:
September 2014
ST_AKDeID Evaluation documentation
Page 19 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
•
•
Doc ID: DP-I-101
Version: 1.3/2014-09-26
In the usage phase, SCD/SVD generation by the TOE and SVD export from the TOE may
take place in the preparation stage and/or in the operational use stage. The TOE then
provides a trusted channel to the CGA protecting the integrity of the SVD.
In the usage phase, before generating the certificate including the SVD exported from
the TOE, the CGA additionally establishes (1) the identity of the TOE as SSCD, (2) that
the originating SSCD has been personalized for the applicant for the certificate as
legitimate user, and (3) the correspondence between SCD stored in the SSCD and the
received SVD.
5.
Conformance Claims
5.1.
Common Criteria Conformance Claim
This ST claims to be conformant to the Common Criteria Version 3.1, Revision 4, which is
comprised of:
•
[CC_P1] - Common Criteria for Information Technology Security Evaluation (CC),
Part 1: Introduction and general model; September 2012, Version 3.1, Revision 4
•
[CC_P2] - Common Criteria for Information Technology Security Evaluation (CC),
Part 2: Security functional components; September 2012, Version 3.1, Revision 4
•
[CC_P3] - Common Criteria for Information Technology Security Evaluation (CC),Part 3:
Security assurance components; September 2012, Version 3.1, Revision 4
as follows:
- Part 2 extended with
•
FIA_API
Authentication proof of identity
• FPT_EMS
TOE emanation
- Part 3 conformant
Common Methodology for Information Technology Security Evaluation (CEM), Evaluation
Methodology; September 2012, Version 3.1, Revision 4 has been taken into account.
5.2.
Protection Profile Claim
This ST claims to be strict conformant to the Protection Profiles:
- EN 419211-2:2013 Protection profiles for secure signature creation device - Part 2:
Device with Key Generation, Version 2.0.1., 2013, submitted to the enquiry procedure
under the reference prEN 14169-2, registered and certified under the reference BSICC-PP-0059-2009-MA-01 [PP_SSCD_KG],
- EN 419211-3:2013 Protection profiles for secure signature creation device - Part 3:
Device with key import, Version 1.0.2, 2012-07-24, registered and certified under the
reference BSI-CC-PP-0075-2012 [PP_SSCD_KI] and
- EN 419211-4:2013 Protection profiles for secure signature creation device - Part 4:
Extension for device with key generation and trusted channel to certificate generation
application, Version 1.0.1, 2013-11-27, registered and certified under the reference
BSI-CC-PP-0071-2012 [PP_SSCD_KG_TCCGA].
September 2014
ST_AKDeID Evaluation documentation
Page 20 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
5.3.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Package Claim
This security target is package conformant to EAL4 augmented with ALC_DVS.2 and
AVA_VAN.5.
5.4.
Conformance Rationale
5.4.1.
Main aspects
(1)
(2)
(3)
5.4.2.
The TOE Description (sec 4.3) is based on PPs and has been extended by product specific
details.
All definition in the Security problem definition (sec 6), Security objectives (sec 7) and
Security requirements (sec 9) have been included in the ST exactly in the same wording
of the PPs.
The all application notes from the PPs are kept in this ST. The following comment has
been added:
“PP - Information” - if the application note from the PP is repeated in the same
wording as the PP
“PP - Applied” - if the application note from the PP is changed or explained
“ST - Added” - if the additional application note is added by the ST author
Differences between ST and PP
This ST uses possibility of combining the functionalities of the PPs, which is allowed by the
[PP_SSCD_O]. This implies for this ST:
(1) All definitions of the security problem definition (SPD), security objectives and security
functional requirements in this ST have been taken from the PPs.
(2) The SPD in the [PP_SSCD_KI] and [PP_SSCD_KG_TCCGA] include all the SPD of the
[PP_SSCD_KG]. The SPD for the [PP_SSCD_KI] add the additional assumption A.CSP,
which is not present in [PP_SSCD_KG].
(3) The OT.SVD_Auth_Gen of the [PP_SSCD_KG] is correspondent to the OT.SCD/SVD_Gen
in all other PPs.
(4) Security objectives for the TOE in the [PP_SSCD_KG], which are identically stated in the
[PP_SSCD_KI], are OT.Lifecycle_Security, OT.SCD_Secrecy, OT.Sig_Secure, OT.Sigy_SigF,
OT.DTBS_Integrity_TOE, OT.EMSEC_Design, OT.Tamper_ID and OT.Tamper_Resistance
(these are independent from the fact whether SCD are generated by the TOE itself or
imported from the operational environment).
(5) The remaining security objectives for the TOE in the [PP_SSCD_KG]
OT.SCD/SVD_Auth_Gen, OT.SCD_Unique and OT.SCD_SVD_Corresp cover different
aspects of the SCD/SVD generation by the TOE and are not present in [PP_SSCD_KI].
Instead, in [PP_SSCD_KI] the analogous security objectives for the operational
environment OE.SCD/SVD_Auth_Gen, OE.SCD_Unique and OE.SCD_SVD_Corresp are
defined, as with key import the operational environment is responsible for the key
generation.
(6) The remaining security objective for the TOE OT.SCD_Auth_Imp in the [PP_SSCD_KI] is
related to SCD import only and is therefore not present in [PP_SSCD_KG].
September 2014
ST_AKDeID Evaluation documentation
Page 21 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
(7)
(8)
(9)
(10)
(11)
(12)
(13)
Doc ID: DP-I-101
Version: 1.3/2014-09-26
The TOE type of the [PP_SSCD_KG_TCCGA] is the same as the TOE type of the core
[PP_SSCD_KG]: the TOE is a combination of hardware and software configured to
securely create, use and manage signature creation data.
The security problem definition (SPD) of the [PP_SSCD_KG_TCCGA] contains the security
problem definition of the core [PP_SSCD_KG]. The SPD for it is described by the same
threats, organisational security policies and assumptions as for the TOE in core
[PP_SSCD_KG].
The security objectives for the TOE in the [PP_SSCD_KG_TCCGA] include all the security
objectives for the TOE of the core [PP_SSCD_KG] and add the security objective
OT.TOE_SSCD_Auth (Authentication proof as SSCD) and OT.TOE_TC_SVD_Exp (Trusted
channel for SVD).
The security objectives for the operational environment in the [PP_SSCD_KG_TCCGA]
include all security objectives for the operational environment of the core [PP_SSCD_KG]
except
OE.SSCD_Prov_Service.
It
substitutes
OE.SSCD_Prov_Service
by
OE.Dev_Prov_Service and adds OE.CGA_SSCD_Auth and OE.CGA_TC_SVD_Imp in order
to address the extended security functionality of the TOE and methods of use.
The SFRs specified in the [PP_SSCD_KG_TCCGA] includes all security functional
requirements (SFRs) specified in the core [PP_SSCD_KG]. It includes additional SFRs
FIA_API.1, FDP_DAU.2/SVD and FTP_ITC.1/SVD.
The [PP_SSCD_KG_TCCGA] does not provide completion of all operations left to the ST
writer in the core [PP_SSCD_KG]. It provides operation of the SFR FIA_UAU.1 of the core
PP.
The SARs specified in the [PP_SSCD_KG_TCGA] includes all SAR specified in the core
[PP_SSCD_KG]. It does not include additional SAR not included in the core
[PP_SSCD_KG].
6.
Security problem definition
6.1.
Assets, users and threat agents
The Common Criteria define assets as entities that the owner of the TOE presumably places
value upon. The term “asset” is used to describe the threats in the operational environment of
the TOE.
Assets and objects:
1. SCD: private key used to perform an electronic signature operation. The confidentiality,
integrity and signatory’s sole control over the use of the SCD must be maintained.
2. SVD: public key linked to the SCD and used to perform electronic signature verification.
The integrity of the SVD when it is exported must be maintained.
3. DTBS and DTBS/R: set of data, or its representation, which the signatory intends to sign.
Their integrity and the unforgeability of the link to the signatory provided by the electronic
signature must be maintained.
Users and subjects acting for users:
1. User: End user of the TOE who can be identified as administrator or signatory. The subject
S.User may act as S.Admin in the role R.Admin or as S.Sigy in the role R.Sigy.
2. Administrator: User who is in charge to perform the TOE initialisation, TOE personalisation
or other TOE administrative functions. The subject S.Admin is acting in the role R.Admin
for this user after successful authentication as administrator.
September 2014
ST_AKDeID Evaluation documentation
Page 22 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
3. Signatory: User who hold the TOE and use it on their own behalf or on behalf of the
natural or legal person or entity they represent. The subject S.Sigy is acting in the role
R.Sigy for this user after successful authentication as signatory.
Threat agents:
1. Attacker: Human or process acting on their behalf located outside the TOE. The main goal
of the attacker is to access the SCD or to falsify the electronic signature. The attacker has
got a high attack potential and knows no secret.
6.2.
Threats
6.2.1.
T.SCD_Divulg
Storing, copying and releasing of the signature creation data
An attacker stores or copies the SCD outside the TOE. An attacker can obtain the SCD during
generation, storage and use for signature creation in the TOE.
6.2.2.
T.SCD_Derive
Derive the signature creation data
An attacker derives the SCD from publicly known data, such as SVD corresponding to the SCD
or signatures created by means of the SCD or any other data exported outside the TOE, which
is a threat against the secrecy of the SCD.
6.2.3.
T.Hack_Phys
Physical attacks through the TOE interfaces
An attacker interacts physically with the TOE to exploit vulnerabilities, resulting in arbitrary
security compromises. This threat is directed against SCD, SVD and DTBS.
6.2.4.
T.SVD_Forgery
Forgery of the signature verification data
An attacker forges the SVD presented by the CSP to the CGA. This results in loss of SVD
integrity in the certificate of the signatory.
6.2.5.
T.SigF_Misuse
Misuse of the signature creation function of the TOE
An attacker misuses the signature creation function of the TOE to create SDO for data the
signatory has not decided to sign. The TOE is subject to deliberate attacks by experts
possessing a high attack potential with advanced knowledge of security principles and
concepts employed by the TOE.
6.2.6.
T.DTBS_Forgery
Forgery of the DTBS/R
An attacker modifies the DTBS/R sent by the SCA. Thus the DTBS/R used by the TOE for signing
does not match the DTBS the signatory intended to sign.
6.2.7.
T.Sig_Forgery
Forgery of the electronic signature
An attacker forges a signed data object, maybe using an electronic signature which has been
created by the TOE, and the violation of the integrity of the signed data object is not
detectable by the signatory or by third parties. The signature created by the TOE is subject to
September 2014
ST_AKDeID Evaluation documentation
Page 23 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
deliberate attacks by experts possessing a high attack potential with advanced knowledge of
security principles and concepts employed by the TOE.
6.3.
Organisational security policies
6.3.1.
P.CSP_QCert
Qualified certificate
The CSP uses a trustworthy CGA to generate a qualified certificate or non-qualified certificate
(cf. [The Directive], article 2, clause 9, and Annex I) for the SVD. The certificates contain at least
the name of the signatory and the SVD matching the SCD implemented in the TOE under sole
control of the signatory. The CSP ensures that the use of the TOE as SSCD is evident with
signatures through the certificate or other publicly available information.
6.3.2.
P.QSign
Qualified electronic signatures
The signatory uses a signature creation system to sign data with an advanced electronic
signature (cf. [The Directive], article 1, clause 2), which is a qualified electronic signature if it is
based on a valid qualified certificate (according to [The Directive] Annex I). The DTBS are
presented to the signatory and sent by the SCA as DTBS/R to the SSCD. The SSCD creates the
electronic signature created with a SCD implemented in the SSCD that the signatory maintain
under their sole control and is linked to the DTBS/R in such a manner that any subsequent
change of the data is detectable.
6.3.3.
P.Sigy_SSCD
TOE as secure signature creation device
The TOE meets the requirements for an SSCD laid down in Annex III of [The Directive]. This
implies the SCD is used for digital signature creation under sole control of the signatory and
the SCD can practically occur only once.
6.3.4.
P.Sig_Non-Repud
Non-repudiation of signatures
The lifecycle of the SSCD, the SCD and the SVD shall be implemented in a way that the
signatory is not able to deny having signed data if the signature is successfully verified with the
SVD contained in their unrevoked certificate.
6.4.
Assumptions
6.4.1.
A.CGA
Trustworthy certificate generation application
The CGA protects the authenticity of the signatory’s name or pseudonym and the SVD in the
(qualified) certificate by an advanced electronic signature of the CSP.
6.4.2.
A.SCA
Trustworthy signature creation application
The signatory uses only a trustworthy SCA. The SCA generates and sends the DTBS/R of the
data the signatory wishes to sign in a form appropriate for signing by the TOE.
September 2014
ST_AKDeID Evaluation documentation
Page 24 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
6.5.
Further assumption regarding key import
6.5.1.
A.CSP
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Secure SCD/SVD management by CSP
The CSP uses only a trustworthy SCD/SVD generation device and ensures that this device can
be used by authorised user only. The CSP ensures that the SCD generated practically occurs
only once, that generated SCD and SVD actually correspond to each other and that SCD cannot
be derived from the SVD. The CSP ensures the confidentiality of the SCD during generation and
export to the TOE, does not use the SCD for creation of any signature and irreversibly deletes
the SCD in the operational environment after export to the TOE.
7.
Security objectives
This section identifies and defines the security objectives for the TOE and its environment.
Security objectives reflect the stated intent and counter the identified threats, as well as
comply with the identified organizational security policies and assumptions.
7.1.
Security objectives for the TOE
7.1.1.
Security objectives regarding all PPs
7.1.1.1.
OT.Lifecycle_Security
Lifecycle security
The TOE shall detect flaws during the initialisation, personalisation and operational usage. The
TOE shall securely destroy the SCD on demand of the signatory.
Application note 1: [PP_SSCD_KG] (app. note 1) and [PP_SSCD_KI] (app. note 1) - Information
The TOE may contain more than one set of SCD. There is no need to destroy the SCD in case of
repeated SCD generation. The signatory shall be able to destroy the SCD stored in the SSCD
e.g. after the (qualified) certificate for the corresponding SVD has been expired.
7.1.1.2.
OT.SCD_Secrecy
Secrecy of the signature creation data
The secrecy of the SCD (used for signature creation) shall be reasonably assured against
attacks with a high attack potential.
Application note 2: [PP_SSCD_KG] (app. note 2) and [PP_SSCD_KI] (app. note 2) - Information
The TOE shall keep the confidentiality of the SCD at all times, in particular during SCD/SVD
generation, signature creation operation, storage and secure destruction.
7.1.1.3.
OT.Sig_Secure
Cryptographic security of the electronic signature
The TOE shall create digital signatures that cannot be forged without knowledge of the SCD
through robust encryption techniques. The SCD shall not be reconstructable using the digital
signatures or any other data exportable from the TOE. The digital signatures shall be resistant
against these attacks, even when executed with a high attack potential.
September 2014
ST_AKDeID Evaluation documentation
Page 25 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
7.1.1.4.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Signature creation function for the legitimate signatory only
OT.Sigy_SigF
The TOE shall provide the digital signature creation function for the legitimate signatory only
and protects the SCD against the use of others. The TOE shall resist attacks with high attack
potential.
7.1.1.5.
OT.DTBS_Integrity_TOE
DTBS/R integrity inside the TOE
The TOE must not alter the DTBS/R. As by definition of the DTBS/R this may consist of the DTBS
themselves, this objective does not conflict with a signature creation process where the TOE
hashes the provided DTBS (in part or entirely) for signature creation.
7.1.1.6.
OT.EMSEC_Design
Provide physical emanations security
The TOE shall be designed and built in such a way as to control the production of intelligible
emanations within specified limits.
7.1.1.7.
Tamper detection
OT.Tamper_ID
The TOE shall provide system features that detect physical tampering of its components, and
uses those features to limit security breaches.
7.1.1.8.
OT.Tamper_Resistance
Tamper resistance
The TOE shall prevent or resist physical tampering with specified system devices and
components.
7.1.2.
Security objectives regarding the key generation
7.1.2.1.
OT.SCD/SVD_Auth_Gen
Authorized SCD/SVD generation
The TOE shall provide security features to ensure that authorised users only may invoke the
generation of the SCD and the SVD.
7.1.2.2.
OT.SCD_Unique
Uniqueness of the signature creation data
The TOE shall ensure the cryptographic quality of an SCD/SVD pair it creates as suitable for the
advanced or qualified electronic signature. The SCD used for signature creation shall practically
occur only once and shall not be reconstructable from the SVD. In that context ‘practically
occur once’ means that the probability of equal SCDs is negligible.
7.1.2.3.
OT.SCD_SVD_Corresp
Correspondence between SVD and SCD
The TOE shall ensure the correspondence between the SVD and the SCD generated by the TOE.
This includes unambiguous reference of a created SVD/SCD pair for export of the SVD and in
creating an electronic signature creation with the SCD.
September 2014
ST_AKDeID Evaluation documentation
Page 26 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
7.1.3.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Security objectives regarding the key import
7.1.3.1.
OT.SCD_Auth_Imp
Authorized SCD import
The TOE shall provide security features to ensure that authorised users only may invoke the
import of the SCD
7.1.4.
Security objectives regarding the trusted communication with CGA
7.1.4.1.
OT.TOE_SSCD_Auth
Authentication proof as SSCD
The TOE shall hold unique identity and authentication data as SSCD and provide security
mechanisms to identify and to authenticate itself as SSCD.
7.1.4.2.
OT.TOE_TC_SVD_Exp
TOE trusted channel for SVD export
The TOE shall provide a trusted channel to the CGA to protect the integrity of the SVD
exported to the CGA. The TOE shall enable the CGA to detect alteration of the SVD exported by
the TOE.
7.2.
Security objectives for the operational environment
7.2.1.
Security objectives for the operational environment regarding all PPs
7.2.1.1.
OE.SVD_Auth
Authenticity of the SVD
The operational environment shall ensure the integrity of the SVD sent to the CGA of the CSP.
The CGA verifies the correspondence between the SCD in the SSCD of the signatory and the
SVD in the qualified certificate.
7.2.1.2.
OE.CGA_QCert
Generation of qualified certificates
The CGA shall generate a qualified certificate that includes (amongst others)
a) the name of the signatory controlling the TOE,
b) the SVD matching the SCD stored in the TOE and being under sole control of the
signatory,
c) the advanced signature of the CSP.
The CGA shall confirm with the generated qualified certificate that the SCD corresponding to
the SVD is stored in a SSCD.
7.2.1.3.
OE.HID_VAD
Protection of the VAD
If an external device provides the human interface for user authentication, this device shall
ensure confidentiality and integrity of the VAD as needed by the authentication method
employed from import through its human interface until import through the TOE interface. In
particular, if the TOE requires a trusted channel for import of the VAD, the HID shall support
usage of this trusted channel.
September 2014
ST_AKDeID Evaluation documentation
Page 27 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
7.2.1.4.
OE.DTBS_Intend
Doc ID: DP-I-101
Version: 1.3/2014-09-26
SCA sends data intended to be signed
The signatory shall use a trustworthy SCA that
−
generates the DTBS/R of the data that has been presented as DTBS and which the
signatory intends to sign in a form which is appropriate for signing by the TOE,
−
sends the DTBS/R to the TOE and enables verification of the integrity of the DTBS/R by
the TOE,
−
attaches the signature produced by the TOE to the data or provides it separately.
Application note 3: [PP_SSCD_KG] (app. note 3) and [PP_SSCD_KI] (app. note 3) - Information
The SCA should be able to support advanced electronic signatures. Currently, there exist three
formats defined by ETSI recognized as meeting the requirements needed by advanced
electronic signatures: CAdES, XAdES and PAdES. These three formats mandate to include the
hash of the signer's public key certificate in the data to be signed. In order to support for the
mobility of the signer, it is recommended to store the certificate info on the SSCD for use by
SCA and identification of the corresponding SCD if more than one SCD is stored on the SSCD.
7.2.1.5.
OE.DTBS_Protect
SCA protects the data intended to be signed
The operational environment shall ensure that the DTBS/R cannot be altered in transit
between the SCA and the TOE. In particular, if the TOE requires a trusted channel for import of
the DTBS/R, the SCA shall support usage of this trusted channel.
7.2.1.6.
Security obligation of the signatory
OE.Signatory
The signatory shall check that the SCD stored in the SSCD received from SSCD-provisioning
service is in non-operational state. The signatory shall keep their VAD confidential.
7.2.2.
Security objectives for the operational environment regarding key import
7.2.2.1.
OE.SCD/SVD_Auth_Gen
Authorized SCD/SVD generation
The CSP shall provide security features to ensure that authorised users only may invoke the
generation of the SCD and the SVD.
7.2.2.2.
OE.SCD_Secrecy
SCD Secrecy
The CSP shall protect the confidentiality of the SCD during generation and export to the TOE.
The CSP shall not use the SCD for creation of any signature and shall irreversibly delete the SCD
in the operational environment after export to the TOE.
7.2.2.3.
data
OE.SCD_Unique
Uniqueness of the signature creation
The CSP shall ensure the cryptographic quality of the SCD/SVD pair, which is generated in the
environment, for the qualified or advanced electronic signature. The SCD used for signature
creation shall practically occur only once, i.e. the probability of equal SCDs shall be negligible,
and the SCD shall not be reconstructable from the SVD.
September 2014
ST_AKDeID Evaluation documentation
Page 28 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
7.2.2.4.
OE.SCD_SVD_Corresp
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Correspondence between SVD and SCD
The CSP shall ensure the correspondence between the SVD and the SCD generated by the CSP.
This includes the correspondence between the SVD send to the CGA and the SCD exported to
the TOE of the signatory identified in the SVD certificate.
7.2.3.
Security objectives for the operational environment regarding the trusted
communication with CGA
7.2.3.1.
OE.Dev_Prov_Service Authentic SSCD provided by SSCD Provisioning Service
The SSCD Provisioning Service handles authentic devices that implement the TOE, prepares the
TOE for proof as SSCD to external entities, personalises the TOE for the legitimate user as
signatory, links the identity of the TOE as SSCD with the identity of the legitimate user, and
delivers the TOE to the signatory. Note: This objective replaces OE.SSCD_Prov_Service from
the core PP, which is possible as it does not imply any additional requirements for the
operational environment when compared to OE.SSCD_Prov_Service (OE.Dev_Prov_Service is a
subset of OE.SSCD_Prov_Service).
7.2.3.2.
OE.CGA_SSCD_Auth
Pre-initialisation of the TOE for SSCD authentication
The CSP shall check by means of the CGA whether the device presented for application of a
(qualified) certificate holds unique identification as SSCD, successfully proved this identity as
SSCD to the CGA, and whether this identity is linked to the legitimate holder of the device as
applicant for the certificate.
7.2.3.3.
OE.CGA_TC_SVD_Imp
CGA trusted channel for SVD import
The CGA shall detect alteration of the SVD imported from the TOE with the claimed identity of
the SSCD.
The developer prepares the TOE by pre-initialisation for the delivery to the customer (i.e. the
SSCD provisioning service) in the development phase not addressed by a security objective for
the operational environment. The SSCD Provisioning Service performs initialisation and
personalisation as TOE for the legitimate user (i.e. the Device holder). If the TOE is delivered to
the Device holder with SCD the TOE is a SSCD. This situation is addressed by
OE.SSCD_Prov_Service except the additional initialisation of the TOE for proof as SSCD and
trusted channel to the CGA. If the TOE is delivered to the Device holder without a SCD the TOE
will be a SSCD only after generation of the first SCD/SVD pair. Because this SCD/SVD pair
generation is performed by the signatory in the operational use stage the TOE provides
additional security functionality addressed by OT.TOE_SSCD_Auth and OT.TOE_TC_SVD_Exp.
But this security functionality must be initialised by the SSCD Provisioning Service as described
in
OE.Dev_Prov_Service.
Therefore
the
[PP_SSCD_KG_TCCGA]
substitutes
OE.SSCD_Prov_Service by OE.Dev_Prov_Service allowing generation of the first SCD/SVD pair
after delivery of the TOE to the Device holder and requiring initialisation of security
functionality of the TOE. Nevertheless the additional security functionality must be used by the
operational environment as described in OE.CGA_SSCD_Auth and OE.CGA_TC_SVD_Imp. This
approach does not weaken the security objectives of and requirements to the TOE but enforce
September 2014
ST_AKDeID Evaluation documentation
Page 29 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
more security functionality of the TOE for additional method of use. Therefore it does not
conflict with the CC conformance claim to the core [PP_SSCD_KG].
7.3.
Security Objectives Rationale
7.3.1.
Security objectives Coverage
The following tables show how the security objectives for the TOE and the security objectives
for the environment cover the threats, organizational security policies and assumptions.
T.SCD_Divulg
T.SCD_Derive
T.Hack_Phys
T.SVD_Forgery
T.SigF_Misuse
T.DTBS_Forgery
T.Sig_Forgery
P.CSP_QCert
P.QSign
P.Sigy_SSCD
P.Sig_Non-Repud
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
OT.TOE_TC_SVD_Exp
OT.TOE_SSCD_Auth
OT.SCD_Auth_Imp
OT.SCD_SVD_Corresp
OT.SCD_Unique
OT.SCD/SVD_Auth_Gen
OT.Tamper_Resistance
OT.Tamper_ID
OT.EMSEC_Design
OT.DTBS_Integrity_TOE
OT.Sigy_SigF
OT.Sig_Secure
OT.SCD_Secrecy
OT.Lifecycle_Security
Table 1: Mapping of security problem definition to security objectives for the TOE
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
September 2014
OE.CGA_TC_SVD_Imp
OE.CGA_SSCD_Auth
OE.Dev_Prov_Service
X
OE.SCD_SVD_Corresp
X
OE.SCD_Unique
OE.SCD_Secrecy
OE.Signatory
OE.DTBS_Protect
OE.DTBS_Intend
OE.HID_VAD
OE.SCD/SVD_Auth_Gen
T.SCD_Divulg
T.SCD_Derive
T.Hack_Phys
T.SVD_Forgery
T.SigF_Misuse
T.DTBS_Forgery
T.Sig_Forgery
P.CSP_QCert
OE.SVD_Auth
OE.CGA_QCert
Table 2: Mapping of security problem definition to security objectives for the operational
environment
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
ST_AKDeID Evaluation documentation
X
Page 30 of 78
7.3.2.
OE.SCD/SVD_Auth_Gen
OE.SCD_Secrecy
OE.SCD_Unique
OE.SCD_SVD_Corresp
OE.Dev_Prov_Service
OE.CGA_SSCD_Auth
OE.CGA_TC_SVD_Imp
Version: 1.3/2014-09-26
OE.Signatory
X
X
OE.DTBS_Intend
OE.HID_VAD
X
Doc ID: DP-I-101
OE.DTBS_Protect
P.QSign
P.Sigy_SSCD
P.Sig_Non-Repud
A.CGA
A.SCA
A.CSP
OE.SVD_Auth
OE.CGA_QCert
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
Security objectives sufficiency
Countering of threats by security objectives:
T.SCD_Divulg (Storing, copying and releasing of the signature creation data) addresses the
threat against the legal validity of electronic signature due to storage and copying of SCD
outside the TOE, as expressed in recital (18) of [The Directive]. This threat is countered by
- OT.SCD_Secrecy, which assures the secrecy of the SCD during use by the TOE for
signature creation
- OE.SCD_Secrecy, which assures the secrecy of the SCD in the CSP environment
Furthermore, generation and/or import of SCD known by an attacker is countered by
OE.SCD/SVD_Auth_Gen, which ensures that only authorized SCD generation in the
environment is possible, and
OT.SCD_Auth_Imp, which ensures that only authorised SCD import is possible.
T.SCD_Derive (Derive the signature creation data) deals with attacks on the SCD via public
known data produced by the TOE, which are the SVD and the signatures created with the SCD.
OT. SCD_Unique and OE. SCD_Unique counters this threat by implementing cryptographically
secure generation of the SCD/SVD pair. OT.Sig_Secure ensures cryptographically secure
electronic signatures.
T.Hack_Phys (Exploitation of physical vulnerabilities) deals with physical attacks exploiting
physical vulnerabilities of the TOE.
OT.SCD_Secrecy preserves the secrecy of the SCD.
OT.EMSEC_Design counters physical attacks through the TOE interfaces and observation of
TOE emanations.
OT.Tamper_ID and OT.Tamper_Resistance counter the threat T.Hack_Phys by detecting and by
resisting tampering attacks.
T.SVD_Forgery (Forgery of the signature verification data) deals with the forgery of the SVD
exported by the TOE to the CGA for the generation of the certificate. T.SVD_Forgery is
addressed by
September 2014
ST_AKDeID Evaluation documentation
Page 31 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
OT.SCD_SVD_Corresp, which ensures correspondence between SVD and SCD and
unambiguous reference of the SVD/SCD pair for the SVD export and signature
creation with the SCD, and
- OE.SVD_Auth , which ensures the integrity of the SVD exported by the TOE to the
CGA and verification of the correspondence between the SCD in the SSCD of the
signatory and the SVD in the input it provides to the certificate generation function
of the CSP.
Additionally T.SVD_Forgery is addressed by OT.TOE_TC_SVD_Exp, which ensures that the TOE
sends the SVD in a verifiable form through a trusted channel to the CGA, as well as by
OE.CGA_TC_SVD_Imp, which provides verification of SVD authenticity by the CGA.
-
T.SVD_Forgery deals with the forgery of the SVD given to the CGA for certificate
generation. T.SVD_Forgery is addressed by
-
-
OE.SCD_SVD_Corresp, which ensures correspondence between SVD and SCD, and
OE.SVD_Auth, which ensures the authenticity of the SVD given to the CGA of the
CSP.
T.SigF_Misuse (Misuse of the signature creation function of the TOE) addresses the threat of
misuse of the TOE signature creation function to create SDO by others than the signatory to
create an electronic signature on data for which the signatory has not expressed the intent to
sign, as required by paragraph 1(c) of Annex III.
OT.Lifecycle_Security (Lifecycle security) requires the TOE to detect flaws during the
initialisation, personalisation and operational usage including secure destruction of the SCD,
which may be initiated by the signatory.
OT.Sigy_SigF (Signature creation function for the legitimate signatory only) ensures that the
TOE provides the signature creation function for the legitimate signatory only.
OE.DTBS_Intend (Data intended to be signed) ensures that the SCA sends the DTBS/R only for
data the signatory intends to sign and OE.DTBS_Protect counters manipulation of the DTBS
during transmission over the channel between the SCA and the TOE. OT.DTBS_Integrity_TOE
(DTBS/R integrity inside the TOE) prevents the DTBS/R from alteration inside the TOE. If the
SCA provides a human interface for user authentication, OE.HID_VAD (Protection of the VAD)
provides confidentiality and integrity of the VAD as needed by the authentication method
employed.
OE.Signatory (Security obligation of the signatory) ensures that the signatory checks that an
SCD stored in the SSCD when received from an SSCD-provisioning service provider is in nonoperational state, i.e. the SCD cannot be used before the signatory becomes control over the
SSCD. OE.Signatory (Security obligation of the signatory) ensures also that the signatory keeps
their VAD confidential.
T.DTBS_Forgery (Forgery of the DTBS/R) addresses the threat arising from modifications of the
data sent as input to the TOE's signature creation function that does not represent the DTBS as
presented to the signatory and for which the signature has expressed its intent to sign. The
TOE IT environment addresses T.DTBS_Forgery by the means of OE.DTBS_Intend, which
ensures that the trustworthy SCA generates the DTBS/R of the data that has been presented as
DTBS and which the signatory intends to sign in a form appropriate for signing by the TOE, and
by means of OE.DTBS_Protect which ensures that the DTBS/R cannot be altered in transit
between the SCA and the TOE. The TOE counters this threat by the means of
OT.DTBS_Integrity_TOE by ensuring the integrity of the DTBS/R inside the TOE.
September 2014
ST_AKDeID Evaluation documentation
Page 32 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
T.Sig_Forgery (Forgery of the electronic signature) deals with non-detectable forgery of the
electronic signature. OT.Sig_Secure, OT.SCD_Unique, OE.SCD_Unique and OE.CGA_QCert
address this threat in general.
OT.Sig_Secure (Cryptographic security of the electronic signature) ensures by means of robust
cryptographic techniques that the signed data and the electronic signature are securely linked
together.
OT.SCD_Unique and OE.SCD_Unique ensure that the same SCD cannot be generated more
than once and the corresponding SVD cannot be included in another certificate by chance.
OE.CGA_QCert prevents forgery of the certificate for the corresponding SVD, which would
result in false verification decision concerning a forged signature.
Enforcement of OSPs by security objectives:
P.CSP_QCert (CSP generates qualified certificates) establishes the CSP generating qualified
certificate or non-qualified certificate linking the signatory and the SVD implemented
in the SSCD under sole control of this signatory. P.CSP_QCert is addressed by
-
-
-
OT.Lifecycle_Security, which requires the TOE to detect flaws during the initialisation,
personalisation and operational usage,
OE.CGA_QCert for generation of qualified certificates or non-qualified certificates,
which requires the CGA to certify the SVD matching the SCD implemented in the TOE
under sole control of the signatory.
OE.SCD/SVD_Auth_Gen, which ensures that the SCD/SVD generation can be invoked
by authorized users only,
OT.SCD_Auth_Imp which ensures that authorised users only may invoke the import of
the SCD,
OE.SCD_SVD_Corresp, which requires the CSP to ensure the correspondence between
the SVD and the SCD during their generation, and
According to OT.TOE_SSCD_Auth the copies of the TOE will hold unique identity and
authentication data as SSCD and provide security mechanisms enabling the CGA to
identify and to authenticate the TOE as SSCD to prove this identity as SSCD to the CGA.
The OE.CGA_SSCD_Auth ensures that the SP checks the proof of the device presented
of the applicant that it is a SSCD.
The OT.SCD_SVD_Corresp ensures that the SVD exported by the TOE to the CGA
corresponds to the SCD stored in the TOE and used by the signatory.
P.QSign (Qualified electronic signatures) provides that the TOE and the SCA may be employed
to sign data with an advanced electronic signature, which is a qualified electronic signature if
based on a valid qualified certificate.
OT.Sigy_SigF ensures signatory’s sole control of the SCD by requiring the TOE to provide the
signature creation function for the legitimate signatory only and to protect the SCD against the
use of others.
OT.Sig_Secure ensures that the TOE creates electronic signatures, which cannot be forged
without knowledge of the SCD through robust encryption techniques.
September 2014
ST_AKDeID Evaluation documentation
Page 33 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
OE.CGA_QCert addresses the requirement of qualified or non-qualified electronic certificates
building a base for the electronic signature.
OE.DTBS_Intend ensures that the SCA provides only those DTBS to the TOE, which the
signatory intends to sign.
P.Sigy_SSCD (TOE as secure signature creation device) requires the TOE to meet Annex III of
[The Directive]. This is ensured as follows:
- OT.SCD_Unique meets the paragraph 1(a) of Annex III, by the requirements that the
SCD used for signature creation can practically occur only once;
- OT.SCD_Unique, OT.SCD_Secrecy and OT.Sig_Secure meet the requirement in
paragraph 1(a) of Annex III by the requirements to ensure secrecy of the SCD.
- OE.SCD_Unique meets the paragraph 1(a) of the directive [The Directive], Annex III, by
the requirements that the SCD used for signature creation can practically occur only
once.
- OE.SCD_Unique, OT.SCD_Secrecy and OE.SCD_Secrecy meet the paragraph 1(a) of the
directive [The Directive], Annex III, by the requirements to ensure the secrecy of the
SCD.
- OT.EMSEC_Design and OT.Tamper_Resistance address specific objectives to ensure
secrecy of the SCD against specific attacks;
- OT.SCD_Secrecy and OT.Sig_Secure meet the requirement in paragraph 1(b) of
Annex III by the requirements to ensure that the SCD cannot be derived from SVD, the
electronic signatures or any other data exported outside the TOE;
- OT.Sigy_SigF meets the requirement in paragraph 1(c) of Annex III by the requirements
to ensure that the TOE provides the signature creation function for the legitimate
signatory only and protects the SCD against the use of others;
- OT.DTBS_Integrity_TOE meets the requirements in paragraph 2 of Annex III as the TOE
must not alter the DTBS/R.
Paragraph 2 of Annex III, requires that an SSCD does not prevent the data to be signed from
being presented to the signatory prior to the signature process is obviously fulfilled by the
method of TOE usage: the SCA will present the DTBS to the signatory and send it to the SSCD
for signing.
The usage of SCD under sole control of the signatory is ensured by
- OT.Lifecycle_Security requiring the TOE to detect flaws during the initialisation,
personalisation and operational usage,
- OT.Sigy_SigF, which requires the TOE to provide the signature creation function for the
legitimate signatory only and to protect the SCD against the use of others.
- OT.SCD/SVD_Auth_Gen, which limits invocation of the generation of the SCD and the
SVD to authorised users only, and
- OE.SCD/SVD_Auth_Gen, which limits invocation of the generation of the SCD and the
SVD to authorised users only,
- OT.SCD_Auth_Imp, which limits SCD import to authorised users only,
- OE.SCD_Secrecy, which ensures the confidentiality of the SCD during generation and
export to the TOE, and deletes the SCD after export to the TOE. The CSP does not use
the SCD for signature creation.
OE.Dev_Prov_Service ensures that the legitimate user obtains a TOE sample as an authentic,
initialised and personalised TOE from an SSCD Provisioning Service through the TOE delivery
September 2014
ST_AKDeID Evaluation documentation
Page 34 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
procedure. If the TOE implements SCD generated under control of the SSCD Provisioning
Service the legitimate user receives the TOE as SSCD. If the TOE is delivered to the legitimate
user without SCD In the operational phase he or she applies for the (qualified) certificate as
the Device holder and legitimate user of the TOE.
The CSP will use the TOE security feature (addressed by the security objectives
OT.TOE_SSCD_Auth and OT.TOE_TC_SVD_Exp) to check whether the device presented is a
SSCD linked to the applicant as required by OE.CGA_SSCD_Auth and the received SVD is sent
by this SSCD as required by OE.CGA_TC_SVD_Imp. Thus the obligation of the SSCD provision
service for the first SCD/SVD pair is complemented in an appropriate way by the CSP for the
SCD/SVD pair generated outside the secure preparation environment.
P.Sig_Non-Repud (Non-repudiation of signatures) deals with the repudiation of signed data by
the signatory, although the electronic signature is successfully verified with the SVD contained
in their certificate valid at the time of signature creation. This policy is implemented by the
combination of the security objectives for the TOE and its operational environment, that
ensure the aspects of signatory’s sole control over and responsibility for the electronic
signatures generated with the TOE.
OE.Dev_Prov_Service ensures that the signatory uses an authentic TOE, initialised and
personalised for the signatory.
OE.CGA_QCert ensures that the certificate allows to identify the signatory and thus to link the
SVD to the signatory.
OE.SVD_Auth and OE.CGA_QCert require the environment to ensure authenticity of the SVD as
being exported by the TOE and used under sole control of the signatory.
OE.Signatory ensures that the signatory checks that the SCD, stored in the SSCD received from
an SSCD provisioning service is in non-operational state (i.e. the SCD cannot be used before the
signatory becomes into sole control over the SSCD).
OT.Sigy_SigF provides that only the signatory may use the TOE for signature creation. As
prerequisite OE.Signatory ensures that the signatory keeps their VAD confidential.
OE.DTBS_Intend, OE.DTBS_Protect and OT.DTBS_Integrity_TOE ensure that the TOE generates
electronic signatures only for a DTBS/R that the signatory has decided to sign as DTBS.
The robust cryptographic techniques required by OT.Sig_Secure ensure that only this SCD may
generate a valid electronic signature that can be successfully verified with the corresponding
SVD used for signature verification. The security objective for the TOE OT.Lifecycle_Security
(Lifecycle security), OT.SCD_Secrecy (Secrecy of the signature creation data),
OT.EMSEC_Design (Provide physical emanations security), OT.Tamper_ID (Tamper detection)
and OT.Tamper_Resistance (Tamper resistance) protect the SCD against any compromise.
OT.SCD_SVD_Corresp ensures that the SVD exported by the TOE corresponds to the SCD that
is implemented in the TOE.
OT.SCD_Unique provides that the signatory’s SCD can practically occur just once.
OE.SCD/SVD_Auth_Gen, OE.SCD_Secrecy and OE.SCD_Unique ensure the security of the SCD
in the CSP environment.
OE.SCD_Secrecy ensures the confidentiality of the SCD during generation, during and after
export to the TOE. The CSP does not use the SCD for creation of any signature and deletes the
SCD irreversibly after export to the TOE.
OE.SCD_Unique provides that the signatory’s SCD can practically occur just once.
OE.SCD_SVD_Corresp ensures that the SVD in the certificate of the signatory corresponds to
the SCD that is implemented in the copy of the TOE of the signatory.
September 2014
ST_AKDeID Evaluation documentation
Page 35 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
The TOE security feature addressed by the security objectives OT.TOE_SSCD_Auth and
OT.TOE_TC_SVD_Exp supported by OE.Dev_Prov_Service enables the verification whether the
device presented by the applicant is a SSCD as required by OE.CGA_SSCD_Auth and the
received SVD is sent by the device holding the corresponding SCD as required by
OE.CGA_TC_SVD_Imp.
Upkeep of assumptions by security objectives:
A.SCA (Trustworthy signature creation application) establishes the trustworthiness of the SCA
with respect to generation of DTBS/R. This is addressed by OE.DTBS_Intend (Data intended to
be signed) which ensures that the SCA generates the DTBS/R of the data that have been
presented to the signatory as DTBS and which the signatory intends to sign in a form which is
appropriate for being signed by the TOE.
A.CGA (Trustworthy certificate generation application) establishes the protection of the
authenticity of the signatory's name and the SVD in the qualified certificate by the advanced
signature of the CSP by means of the CGA. This is addressed by OE.CGA_QCert (Generation of
qualified certificates), which ensures the generation of qualified certificates, and by
OE.SVD_Auth (Authenticity of the SVD), which ensures the protection of the integrity of the
received SVD and the verification of the correspondence between the SVD and the SCD that is
implemented by the SSCD of the signatory.
A.CSP (Secure SCD/SVD management by CSP) establishes several security aspects concerning
handling of SCD and SVD by the CSP. That the SCD/SVD generation device can only be used by
authorized users is addressed by OE.SCD/SVD_Auth_Gen (Authorized SCD/SVD Generation),
that the generated SCD is unique and cannot be derived by the SVD is addressed by
OE.SCD_Unique (Uniqueness of the signature creation data), that SCD and SVD correspond to
each other is addressed by OE.SCD_SVD_Corresp (Correspondence between SVD and SCD),
and that the SCD are kept confidential, are not used for signature generation in the
environment and are deleted in the environment once exported to the TOE is addressed by
OE.SCD_Secrecy (SCD Secrecy).
8.
Extended Component Definition
8.1.
Definition of the family FPT_EMS
The additional family FPT_EMS (TOE Emanation) of the Class FPT (Protection of the TSF) is
defined here to describe the IT security functional requirements of the TOE. The TOE shall
prevent attacks against the SCD and other secret data where the attack is based on external
observable physical phenomena of the TOE. Examples of such attacks are evaluation of TOE’s
electromagnetic radiation, simple power analysis (SPA), differential power analysis (DPA),
timing attacks, radio emanation etc. This family describes the functional requirements for the
limitation of intelligible emanations. The family FPT_EMS belongs to the Class FPT because it is
the class for TSF protection. Other families within the Class FPT do not cover the TOE
emanation.
The definition of the family FPT_EMS is taken from the [PP_SSCD_KG].
September 2014
ST_AKDeID Evaluation documentation
Page 36 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
8.2.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Definition of the family FIA_API
To describe the IT security functional requirements of the TOE a sensitive family (FIA_API) of
the Class FIA (Identification and authentication) is defined here. This family describes the
functional requirements for the proof of the claimed identity for the authentication
verification by an external entity where the other families of the class FIA address the
verification of the identity of an external entity.
The definition of the FIA_API family is taken from [PP_SSCD_KG_TCCGA].
9.
Security requirements
9.1.
Security Functional Requirements
9.1.1.
Use of requirement specifications
The perform operations (assignment, iteration, selection and refinement) of the SFR are
printed in italicized bold.
Parts copied from the PPs are printed in bold and underline as when operation is already
performed in the PP.
9.1.2.
Cryptographic support (FCS)
Application note 4: [PP_SSCD_KG] (app. note 4)- Information
Member states of the European Union have specified entities as responsible for accreditation
and supervision of the evaluation process for products conforming to this standard and for
determining admissible algorithms and algorithm parameters (the directive: 1.1b and 3.4). The
ST writer shall consult with these entities to learn of admissible algorithms and cryptographic
key sizes and other parameters or applicable standards.
9.1.2.1.
FCS_CKM.4
Hierarchical to:
Dependencies:
FCS_CKM.4.1
Cryptographic key destruction
No other components.
[FDP_ITC.1 Import of user data without security attributes, or
FDP_ITC.2 Import of user data with security attributes, or
FCS_CKM.1 Cryptographic key generation]
The TSF shall destroy cryptographic keys in accordance with a
specified cryptographic key destruction method physically
overwriting the keys with zeros by method (e.g. clearKey) ,
according to sec. 6.1.2.4 of [JCOP_ST] that meets the following:
none.
Application note 5: [PP_SSCD_KG] (app. note 6) - Information
The specified cryptographic key destruction methods include but are not limited to overwriting
the cryptographic key with any fixed or random data e.g. by generation of a new key.
Application note 6: [PP_SSCD_KI] (app. note 4) - Information
September 2014
ST_AKDeID Evaluation documentation
Page 37 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
The cryptographic key SCD will be destroyed on demand of the signatory. The signatory may
want to destruct the SCD stored in the SSCD e.g. after the qualified certificate for the
corresponding SVD is not valid any more.
9.1.2.2.
FCS_COP.1/Signature_Creation
Cryptographic operation
Hierarchical to:
No other components.
Dependencies:
[FDP_ITC.1 Import of user data without security attributes,
or
FDP_ITC.2 Import of user data with security attributes, or
FCS_CKM.1 Cryptographic key generation]
FCS_CKM.4 Cryptographic key destruction
FCS_COP.1.1/
Signature_Creation
The TSF shall perform digital signature creation in accordance with a
specified cryptographic algorithm RSA signature algorithm with
EMSA-PKCS1-v1_5 encoding and SHA-1 and SHA-256 and
cryptographic key sizes 2048 Bit that meet the following: RSASSAPKCS1-v1.5 of [PKCS#1 v2.1], according to FCS_COP.1.1/
RSASignaturePKCS#1 in sec. 6.1.2.5 of [JCOP_ST] .
Application note 7: [PP_SSCD_KG] (app. note 7) - Information
The operations in the element FCS_COP.1.1/Signature_Creation shall be appropriate for the
SCD/SVD pairs generated according to FCS_CKM.1. Note that for some cryptographic algorithm
like RSA padding is important part of the signature creation algorithm.
Application note 8: [PP_SSCD_KI] (app. note 5) - Information
The operations in the element FCS_COP.1.1/Signature_Creation shall be appropriate for the
SCD imported according to FTP_ICT.1/SCD.
Application note 9: ST – Added
The mandatory hash algorithm for digital signature is SHA-256. It is recommended to use SHA256 for all applications, but for compatibility reasons, the TOE also supports SHA-1.
9.1.2.3.
FCS_COP.1/RSACipher
Cryptographic operation
Hierarchical to:
No other components.
Dependencies:
[FDP_ITC.1 Import of user data without security attributes,
or
FDP_ITC.2 Import of user data with security attributes, or
FCS_CKM.1 Cryptographic key generation]
FCS_CKM.4 Cryptographic key destruction
FCS_COP.1.1/
RSAChiper
September 2014
The TSF shall perform encryption and decryption in accordance with
a specified cryptographic algorithm RSA encryption/decryption
algorithm with EME-PKCS1-v1_5 encoding and cryptographic key
sizes 2048 Bit that meet the following: [PKCS#1 v2.1], according to
FCS_COP.1.1/RSACipher, sec. 6.1.2.5 of [JCOP_ST]
ST_AKDeID Evaluation documentation
Page 38 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
9.1.3.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
User data protection (FDP)
The security attributes and related status for the subjects and objects are:
Table 3: Subjects and security attributes for access control
Subject or object the security
attribute is associated with
Security attribute type
Value of the security attribute
S.User
Role
R.Admin, R.Sigy
S.User
SCD/SVD Management
authorised, not authorised
SCD
SCD Operational
no, yes
SCD
SCD identifier
arbitrary value
SVD
(The PP does not define security
attributes for SVD)
(The PP does not define security
attributes for SVD)
9.1.3.1.
FDP_ACC.1/Signature_Creation
Subset access control
Hierarchical to: No other components.
Dependencies: FDP_ACF.1 Security attribute based access control
FDP_ACC.1.1/
Signature_Creation
9.1.3.2.
The TSF shall enforce the Signature Creation SFP on
(1) subjects: S.User,
(2) objects: DTBS/R, SCD,
(3) operations: signature creation.
FDP_ACF.1/Signature creation
Security attribute based access control
Hierarchical to: No other components.
Dependencies: FDP_ACC.1 Subset access control
FMT_MSA.3 Static attribute initialisation
FDP_ACF.1.1/
Signature_Creation
The TSF shall enforce the Signature Creation SFP to objects based on
the following:
(1) the user S.User is associated with the security attribute
“Role” and
(2) the SCD with the security attribute “SCD Operational”.
FDP_ACF.1.2/
Signature_Creation
The TSF shall enforce the following rules to determine if an operation
among controlled subjects and controlled objects is allowed:
R.Sigy is allowed to create electronic signatures for DTBS/R with SCD
which security attribute “SCD operational” is set to “yes”.
The TSF shall explicitly authorise access of subjects to objects based
on the following additional rules: none.
FDP_ACF.1.3/
Signature_Creation
FDP_ACF.1.4/
Signature_Creation
September 2014
The TSF shall explicitly deny access of subjects to objects based on
the following additional rules:
S.User is not allowed to create electronic signatures for DTBS/R with
ST_AKDeID Evaluation documentation
Page 39 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
SCD which security attribute “SCD operational” is set to “no”.
9.1.3.3.
FDP_RIP.1
Subset residual information protection
Hierarchical to: No other components.
Dependencies: No dependencies.
The TSF shall ensure that any previous information content of a
resource is made unavailable upon the de-allocation of the resource
from the following objects: SCD.
The following data persistently stored by the TOE shall have the user data attribute "integrity
checked persistent stored data":
1. SCD
2. SVD (if persistently stored by the TOE).
The DTBS/R temporarily stored by the TOE has the user data attribute "integrity checked
stored data":
FDP_RIP.1.1
9.1.3.4.
FDP_SDI.2/Persistent Stored data integrity monitoring and action
Hierarchical to: FDP_SDI.1 Stored data integrity monitoring.
Dependencies: No dependencies.
FDP_SDI.2.1/ Persistent The TSF shall monitor user data stored in containers controlled by the
TSF for integrity error on all objects, based on the following
attributes: integrity checked stored data.
FDP_SDI.2.2/ Persistent Upon detection of a data integrity error, the TSF shall
(1) prohibit the use of the altered data
(2) inform the S.Sigy about integrity error.
9.1.3.5.
FDP_SDI.2/DTBS
Stored data integrity monitoring and action
Hierarchical to: FDP_SDI.1 Stored data integrity monitoring.
Dependencies: No dependencies.
FDP_SDI.2.1/DTBS
FDP_SDI.2.2/DTBS
The TSF shall monitor user data stored in containers controlled by the
TSF for integrity error on all objects, based on the following
attributes: integrity checked stored DTBS.
Upon detection of a data integrity error, the TSF shall
(1) prohibit the use of the altered data
(2) inform the S.Sigy about integrity error.
Application note 10: [PP_SSCD_KG] (app. note 10) and [PP_SSCD_KI] (app. note 8) Information
The integrity of TSF data like RAD shall be protected to ensure the effectiveness of the user
authentication. This protection is a specific aspect of the security architecture (cf. ADV_ARC.1).
September 2014
ST_AKDeID Evaluation documentation
Page 40 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
9.1.4.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Identification and authentication (FIA)
9.1.4.1.
FIA_UID.1
Timing of identification
Hierarchical to: No other components.
Dependencies: No dependencies.
FIA_UID.1.1
The TSF shall allow
(1) Self-test according to FPT_TST.1,
(2) establishing a trusted channel between the CGA and the TOE by
means of TSF required by FTP_ITC.1/SVD
on behalf of the user to be performed before the user is identified.
The TSF shall require each user to be successfully identified before
allowing any other TSF-mediated actions on behalf of that user.
FIA_UID.1.2
Application note 11: [PP_SSCD_KG] (app. note 11) and [PP_SSCD_KI] (app. note 9) - Applied
The TOE will perform the operation of the bullets (2) and (3) in the element FIA_UID.1.1 by
adding the establishment of a trusted channel to CGA and HID.
The TOE may identify the user by default or by selection of the role, and RAD against the
authentication will be performed.
Identification by default is normally linked to the TOE lifecycle, e.g. the TOE will identify by
default the Administrator before the signatory’s RAD is created and the signatory if signatory’s
RAD exists. The users may identify themselves as Administrator by selection of an
authentication key as Administrator and therefore authentication will be performed by mutual
device authentication.
9.1.4.2.
FIA_UAU.1
Timing of authentication
Hierarchical to: No other components.
Dependencies: FIA_UID.1 Timing of identification.
FIA_UAU.1.1
The TSF shall allow
(1) Self-test according to FPT_TST.1,
(2) Identification of the user by means of TSF required by FIA_UID.1.
(3) establishing a trusted channel between the CGA and the TOE by
means of TSF required by FTP_ITC.1/SVD
on behalf of the user to be performed before the user is
authenticated.
FIA_UAU.1.2
The TSF shall require each user to be successfully authenticated
before allowing any other TSF-mediated actions on behalf of that
user.
Application note 12: [PP_SSCD_KG_TCCGA] (app. note 1) - Information
The [PP_SSCD_KG_TCCGA] performed the operation of the bullet (3) in the element
FIA_UAU.1.1 of the [PP_SSCD_KG] by adding the establishment of a trusted channel to the
CGA.
September 2014
ST_AKDeID Evaluation documentation
Page 41 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
9.1.4.3.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Authentication failure handling
FIA_AFL.1/PIN
Hierarchical to:
Dependencies:
No other components.
FIA_UAU.1 Timing of authentication
FIA_AFL.1.1/PIN
The TSF shall detect when an administrator configurable positive
integer within [1 and 127] unsuccessful authentication attempts
occur related to consecutive failed authentication attempts.
FIA_AFL.1.2/PIN
When the defined number of unsuccessful authentication attempts
has been met, the TSF shall block RAD.
Application note 13: [PP_SSCD_KG] (app. note 13) and [PP_SSCD_KI] (app. note 11) information
The assignment is consistent with the implemented knowledge based authentication
mechanism.
Application note 14: ST – Added
When the defined number of unsuccessful authentication attempts has been met, the TSF
shall block RAD of the PIN. The minimal length of the PIN value is configurable and shall be
defined during the card preparation.
9.1.4.4.
FIA_AFL.1/PUK
Authentication failure handling
Hierarchical to:
Dependencies:
No other components.
FIA_UAU.1 Timing of authentication
FIA_AFL.1.1/PUK
The TSF shall detect when an administrator configurable positive
integer within [1 and 127] unsuccessful authentication attempts
occur related to consecutive failed authentication attempts.
FIA_AFL.1.2/PUK
When the defined number of unsuccessful authentication attempts
has been met, the TSF shall block RAD.
Application note 15: ST – Added
When the defined number of unsuccessful authentication attempts has been met, the TSF
shall block RAD of the PUK.
The minimal length of the PUK value is configurable and shall be defined during the card
preparation.
9.1.5.
Security management (FMT)
9.1.5.1.
Security roles
FMT_SMR.1
Hierarchical to:
Dependencies:
No other components.
FIA_UID.1 Timing of identification.
FMT_SMR.1.1
The TSF shall maintain the roles R.Admin and R.Sigy.
FMT_SMR.1.2
The TSF shall be able to associate users with roles.
September 2014
ST_AKDeID Evaluation documentation
Page 42 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
9.1.5.2.
Hierarchical to:
Dependencies:
9.1.5.3.
No other components.
No dependencies.
The TSF shall be capable of performing the following management
functions:
(1) Creation and modification of RAD,
(2) Enabling the signature creation function,
(3) Modification of the security attribute SCD/SVD management, SCD
operational,
(4) Change the default value of the security attribute SCD Identifier
(5) none
Management of security functions behaviour
FMT_MOF.1
Hierarchical to:
Dependencies:
No other components.
FMT_SMR.1 Security roles
FMT_SMF.1 Specification of Management Functions.
The TSF shall restrict the ability to enable the functions signature
creation function to R.Sigy.
FMT_MOF.1.1
9.1.5.4.
Version: 1.3/2014-09-26
Security management functions
FMT_SMF.1
FMT_SMF.1.1
Doc ID: DP-I-101
FMT_MSA.1/Admin
Hierarchical to:
Dependencies:
Management of security attributes
No other components.
[FDP_ACC.1 Subset access control, or
FDP_IFC.1 Subset information flow control]
FMT_SMR.1 Security roles
FMT_SMF.1 Specification of Management Functions
The TSF shall enforce the SCD/SVD Generation SFP and SCD Import
SFP to restrict the ability to modify the security attributes SCD/SVD
management to R.Admin.
FMT_MSA.1.1/
Admin
Application note 16: ST - Added
This ST combines the assignments SCD/SVD_Generation_SFP from the [PP_SSCD_KG] and
the SCD Import SFP from the [PP_SSCD_KI].
9.1.5.5.
FMT_MSA.1/Signatory Management of security attributes
Hierarchical to:
Dependencies:
No other components.
[FDP_ACC.1 Subset access control, or
FDP_IFC.1 Subset information flow control]
FMT_SMR.1 Security roles
FMT_SMF.1 Specification of Management Functions
FMT_MSA.1.1/Signatory The TSF shall enforce the Signature Creation SFP to restrict the
September 2014
ST_AKDeID Evaluation documentation
Page 43 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
ability to modify the security attributes SCD operational to R.Sigy.
9.1.5.6.
Secure security attributes
FMT_MSA.2
Hierarchical to:
Dependencies:
No other components.
[FDP_ACC.1 Subset access control, or
FDP_IFC.1 Subset information flow control]
FMT_MSA.1 Management of security attributes
FMT_SMR.1 Security roles
The TSF shall ensure that only secure values are accepted
for SCD/SVD Management and SCD operational.
FMT_MSA.2.1
Application note 17: [PP_SSCD_KG] (app. note 15) and [PP_SSCD_KI] (app. note 13) – Applied
The TSF enforce the assignment of the secure value:
- for SCD/SVD Management in the preparation phase in secure environment, the subject
S.Admin is assigned “yes” and of S.Sigy to “no”
- for SCD/SVD Management in the operational use stage and a trusted channel for
export of the SVD to the CGA, the authenticated subjects S.Sigy and the R.Admin are
assigned to “yes”
- for SCD operational in the preparation phase, the subjects S.Sigy and the R.Admin are
assigned to “no”
- for SCD operational in the operational use stage, the authenticated subjects S.Sigy is
assigned to “yes”
9.1.5.7.
Static attribute initialisation
FMT_MSA.3
Hierarchical to:
Dependencies:
No other components.
FMT_MSA.1 Management of security attributes
FMT_SMR.1 Security roles
The TSF shall enforce the SCD/SVD Generation SFP, SVD Transfer SFP ,
SCD Import SFP and Signature Creation SFP to provide restrictive
default values for security attributes that are used to enforce the SFP.
The TSF shall allow the R.Admin to specify alternative initial values to
FMT_MSA.3.2
override the default values when an object or information is created.
Application note 18: ST - Added
This ST combines the assignments CD/SVD Generation SFP, SVD Transfer SFP and Signature
Creation SFP from the [PP_SSCD_KG] and the SCD Import SFP from the [PP_SSCD_KI].
FMT_MSA.3.1
9.1.5.8.
Security attribute value inheritance
FMT_MSA.4
Hierarchical to:
Dependencies:
FMT_MSA.4.1
September 2014
No other components.
[FDP_ACC.1 Subset access control, or
FDP_IFC.1 Subset information flow control]
The TSF shall use the following rules to set the value of security
attributes:
(1) If S.Admin successfully generates an SCD/SVD pair without
ST_AKDeID Evaluation documentation
Page 44 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
S.Sigy being authenticated the security attribute “SCD
operational of the SCD” shall be set to “no” as a single
operation.
(2) If S.Sigy successfully generates an SCD/SVD pair the security
attribute “SCD operational of the SCD” shall be set to “yes”
as a single operation.
(3) If S.Admin imports SCD while S.Sigy is not currently
authenticated, the security attribute “SCD operational” of
the SCD shall be set to “no” after import of the SCD as a
single operation.
(4) If S.Admin imports SCD while S.Sigy is currently
authenticated, the security attribute “SCD operational” of
the SCD shall be set to “yes” after import of the SCD as a
single operation.
Application note 19: [PP_SSCD_KG] (app. note 16) – Applied
The TOE supports the generating an SCD/SVD pair by the administrator and by the signatory
alone and rule (2) is relevant.
Application note 20: ST – Added
The bullet (3) and (4) are added according to [PP_SSCD_KI].
9.1.5.9.
FMT_MTD.1/Admin
Hierarchical to:
Dependencies:
FMT_MTD.1.1/Admin
9.1.5.10.
No other components.
FMT_SMR.1 Security roles
FMT_SMF.1 Specification of Management Functions
The TSF shall restrict the ability to create the RAD to R.Admin.
FMT_MTD.1/Signatory Management of TSF data
Hierarchical to:
Dependencies:
FMT_MTD.1.1/Signatory
9.1.6.
Management of TSF data
No other components.
FMT_SMR.1 Security roles
FMT_SMF.1 Specification of Management Functions
The TSF shall restrict the ability to modify and unblock the RAD
to R.Sigy.
Protection of the TSF (FPT)
9.1.6.1.
TOE Emanation
FPT_EMS.1
Hierarchical to:
Dependencies:
September 2014
No other components.
No dependencies.
ST_AKDeID Evaluation documentation
Page 45 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
The TOE shall not emit variations in power consumption or timing
during command execution in excess of non-useful information
enabling access to RAD and SCD.
The TSF shall ensure attackers are unable to use the following
interface electrical contacts to gain access to RAD and SCD.
FPT_EMS.1.1
FPT_EMS.1.2
Application note 21: [PP_SSCD_KG] (app. note 18) and [PP_SSCD_KI] (app. note 15) Information
The TOE shall prevent attacks against the SCD and other secret data where the attack is based
on external observable physical phenomena of the TOE. Such attacks may be observable at the
interfaces of the TOE, or may origin from internal operation of the TOE or may origin by an
attacker that varies the physical environment under which the TOE operates. The set of
measurable physical phenomena is influenced by the technology employed to implement the
TOE. Examples of measurable phenomena are variations in the power consumption, the timing
of transitions of internal states, electromagnetic radiation due to internal operation, radio
emission.
Due to the heterogeneous nature of the technologies that may cause such emanations,
evaluation against state-of-the-art attacks applicable to the technologies employed by the TOE
is assumed. Examples of such attacks are, but are not limited to, evaluation of TOE’s
electromagnetic radiation, simple power analysis (SPA), differential power analysis (DPA),
timing attacks, etc.
9.1.6.2.
Failure with preservation of secure state
FPT_FLS.1
Hierarchical to:
Dependencies:
FPT_FLS.1.1
No other components.
No dependencies.
The TSF shall preserve a secure state when the following types of
failures occur:
(1) self-test according to FPT_TST fails,
(2) those associated to the potential security violations
described in FAU_ARP.1 of the underlying java card open
platform [JCOP_ST]
(3) inconsistencies in the calculation of the signature.
Application note 22: [PP_SSCD_KG] (app. note 19) and [PP_SSCD_KI] (app. note 16) Information
The assignment (1) addresses failures detected by a failed self-test and requiring appropriate
action to prevent security violation. When the TOE is in a secure state, the TSF shall not
perform any cryptographic operations and all data output interfaces shall be inhibited by the
TSF.
9.1.6.3.
Passive detection of physical attack
FPT_PHP.1
Hierarchical to:
Dependencies:
FPT_PHP.1.1
September 2014
No other components.
No dependencies.
The TSF shall provide unambiguous detection of physical tampering
that might compromise the TSF.
ST_AKDeID Evaluation documentation
Page 46 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Version: 1.3/2014-09-26
The TSF shall provide the capability to determine whether physical
tampering with the TSF’s devices or TSF’s elements has occurred.
FPT_PHP.1.2
9.1.6.4.
Doc ID: DP-I-101
Resistance to physical attack
FPT_PHP.3
Hierarchical to:
Dependencies:
No other components.
No dependencies.
The TSF shall resist physical manipulation and physical probing to
the TSF by responding automatically such that the SFRs are always
enforced.
FPT_PHP.3.1
Application note 23: [PP_SSCD_KG] (app. note 20) and [PP_SSCD_KI] (app. note 17) Information
The TOE will implement appropriate measures to continuously counter physical tampering
which may compromise the SCD. The “automatic response” in the element FPT_PHP.3.1
means (i) assuming that there might be an attack at any time and (ii) countermeasures are
provided at any time. Due to the nature of these attacks the TOE can by no means detect
attacks on all of its elements (e.g. the TOE is destroyed). But physical tampering must not
reveal information of the SCD. E.g. the TOE may be physically tampered in power-off state of
the TOE (e.g. a smart card), which does not allow TSF for overwriting the SCD but leads to
physical destruction of the memory and all information therein about the SCD. In case of
physical tampering the TFS may not provide the intended functions for SCD/SVD pair
generation or signature creation but ensures the confidentiality of the SCD by blocking these
functions. The SFR FPT_PHP.1 requires the TSF to react on physical tampering in a way that the
signatory is able to determine whether the TOE was physical tampered or not. E.g. the TSF may
provide an appropriate message during start-up or the guidance documentation may describe
a failure of TOE start-up as indication of physical tampering.
9.1.6.5.
TSF testing
FPT_TST.1
Hierarchical to:
Dependencies:
FPT_TST.1.1
FPT_TST.1.2
FPT_TST.1.3
No other components.
No dependencies.
The TSF shall run a suite of self tests on start-up, upon detection of
a potential security violation and in fulfillment of FPT_FLS.1 to
demonstrate the correct operation of the TSF.
The TSF shall provide authorised users with the capability to verify
the integrity of TSF data.
The TSF shall provide authorised users with the capability to verify
the integrity of TSF.
Application note 24: [PP_SSCD_KG] (app. note 21) and [PP_SSCD_KI] (app. note 17)Information
The component FPT_TST.1 addresses only the self-test of the TSF. If the TSF relays on security
feature of the hardware platform of part of the TOE, the ST should consider inclusion
FPT_TEE.1 to require the TSF to test these features for correct work of the dependent TSF.
September 2014
ST_AKDeID Evaluation documentation
Page 47 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
9.1.7.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Security functional requirements regarding key generation
9.1.7.1.
FCS_CKM.1
Cryptographic key generation
Hierarchical to: No other components.
Dependencies:
[FCS_CKM.2 Cryptographic key distribution, or
FCS_COP.1 Cryptographic operation]
FCS_CKM.4 Cryptographic key destruction
FCS_CKM.1.1
The TSF shall generate an SCD/SVD pair in accordance with a
specified cryptographic key generation algorithm JCOP RNG and
specified cryptographic key sizes of RSA 2048 Bit that meet the
following: ISO 15946-1-2008, according to sec. 6.1.2.1 of [JCOP_ST] .
Application note 25: [PP_SSCD_KG] (app. note 5)- Information
The refinement in the element FCS_CKM.1.1 substitutes “cryptographic keys” by “SCD/SVD
pairs” because it clearly addresses the SCD/SVD key generation.
9.1.7.2.
FDP_ACC.1/SCD/SVD_Generation
Subset access control
Hierarchical to: No other components.
Dependencies: FDP_ACF.1 Security attribute based access control
FDP_ACC.1.1/
SCD/SVD_Generation
9.1.7.3.
The TSF shall enforce the SCD/SVD Generation SFP on
(1) subjects: S.User,
(2) objects: SCD, SVD,
(3) operations: generation of SCD/SVD pair.
FDP_ACF.1/SCD/SVD_Generation
Security attribute based access control
Hierarchical to: No other components.
Dependencies: FDP_ACC.1 Subset access control
FDP_ACF.1.1/
SCD/SVD_Generation
FDP_ACF.1.2/
SCD/SVD_Generation
FDP_ACF.1.3/
SCD/SVD_Generation
FDP_ACF.1.4/
SCD/SVD_Generation
September 2014
FMT_MSA.3 Static attribute initialisation
The TSF shall enforce the SCD/SVD Generation SFP to objects based
on the following: the user S.User is associated with the security
attribute “SCD/SVD Management“.
The TSF shall enforce the following rules to determine if an operation
among controlled subjects and controlled objects is allowed:
S.User with the security attribute “SCD/SVD Management” set to
“authorised” is allowed to generate SCD/SVD pair.
The TSF shall explicitly authorise access of subjects to objects based
on the following additional rules: none.
The TSF shall explicitly deny access of subjects to objects based on
the following additional rules:
S.User with the security attribute “SCD/SVD management” set to “not
authorised” is not allowed to generate SCD/SVD pair.
ST_AKDeID Evaluation documentation
Page 48 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
9.1.7.4.
FDP_ACC.1/SVD_Transfer
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Subset access control
Hierarchical to: No other components.
Dependencies: FDP_ACF.1 Security attribute based access control
The TSF shall enforce the SVD Transfer SFP on
(1) subjects: S.User,
(2) objects: SVD
(3) operations: export.
FDP_ACC.1.1/
SVD_Transfer
9.1.7.5.
FDP_ACF.1/SVD_Transfer
Security attribute based access control
Hierarchical to: No other components.
Dependencies:
FDP_ACC.1 Subset access control
FMT_MSA.3 Static attribute initialisation
FDP_ACF.1.1/
SVD_Transfer
FDP_ACF.1.3/
SVD_Transfer
The TSF shall enforce the SVD Transfer SFP to objects based on the
following:
(1) the S.User is associated with the security attribute Role,
(2) the SVD.
The TSF shall enforce the following rules to determine if an operation
among controlled subjects and controlled objects is allowed: R.Admin
and R.Sigy is allowed to export SVD.
The TSF shall explicitly authorise access of subjects to objects based
on the following additional rules: none.
FDP_ACF.1.4/
SVD_Transfer
The TSF shall explicitly deny access of subjects to objects based on
the following additional rules: none.
FDP_ACF.1.2/
SVD_Transfer
Application note 26: [PP_SSCD_KG] (app. note 9) - Applied
The following access control rules has been implemented:
The Administrator is authorized to generate the SCD/SVD key pair according to
FDP_ACF.1/SCD/SVD_Generation and to export the SVD before the signatory role
(RAD) is created. This allows identification of a particular instance of the TOE by means
of the SVD;
The Administrator is authorized to generate the SCD/SVD key pair according to
FDP_ACF.1/SCD/SVD_Generation and the signatory is allowed to export the SVD to the
CGA. This allows determination whether the signatory has control over the TOE
instantiation and the certificate may be generated;
The signatory is authorized to generate the SCD/SVD key pair according to
FDP_ACF.1/SCD/SVD_Generation and to export the SVD to the CGA to apply for the
certificate.
According to the [PP_SSCD_KG_TCCGA], the TOE implements additional security functions to
support the export of public keys with integrity and data origin authentication.
September 2014
ST_AKDeID Evaluation documentation
Page 49 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
9.1.8.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Security functional requirements regarding key import
9.1.8.1.
FDP_ACC.1/SCD_Import
Subset access control
Hierarchical to: No other components.
Dependencies: FDP_ACF.1 Security attribute based access control
FDP_ACC.1.1/
The TSF shall enforce the SCD Import SFP on
SCD_Import
1) subjects: S.User,
2) objects: SCD,
3) operations: import of SCD.
9.1.8.2.
Security attribute based access control
FDP_ACF.1/SCD_Import
Hierarchical to: No other components.
Dependencies: FDP_ACC.1 Subset access control
FMT_MSA.3 Static attribute initialisation
FDP_ACF.1.1/
SCD_Import
The TSF shall enforce the SCD Import SFP to objects based on the
following: the S.User is associated with the security attribute
“SCD/SVD Management”.
FDP_ACF.1.2/
SCD_Import
The TSF shall enforce the following rules to determine if an
operation among controlled subjects and controlled objects is
allowed:
S.User with the security attribute “SCD / SVD Management” set to
“authorised” is allowed to import SCD.
FDP_ACF.1.3/
SCD_Import
The TSF shall explicitly authorise access of subjects to objects based
on the following additional rules: none.
FDP_ACF.1.4/
SCD_Import
The TSF shall explicitly deny access of subjects to objects based on
the following additional rules:
S.User with the security attribute “SCD/SVD management” set to
“not authorised” is not allowed to import SCD.
9.1.8.3.
FDP_ITC.1/SCD
Import of user data without security attributes
Hierarchical to: No other components.
Dependencies: [FDP_ACC.1 Subset access control, or
FDP_IFC.1 Subset information flow control]
FMT_MSA.3 Static attribute initialisation
September 2014
ST_AKDeID Evaluation documentation
Page 50 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
FDP_ITC.1.1/SCD
The TSF shall enforce the SCD Import SFP when importing user
data, controlled under the SFP, from outside of the TOE.
FDP_ITC.1.2/SCD
The TSF shall ignore any security attributes associated with the
SCD when imported from outside the TOE.
FDP_ITC.1.3/SCD
The TSF shall enforce the following rules when importing user data
controlled under the SFP from outside the TOE: SCD shall be sent
by an authorized CSP.
9.1.8.4.
Basic data exchange confidentiality
FDP_UCT.1/SCD
Hierarchical to: No other components.
Dependencies: [FTP_ITC.1 Inter-TSF trusted channel, or
FTP_TRP.1 Trusted path]
[FDP_ACC.1 Subset access control, or
FDP_IFC.1 Subset information flow control]
FDP_UCT.1.1/SCD
The TSF shall enforce the SCD Import SFP to receive SCD in a
manner protected from unauthorised disclosure.
Application note 27: [PP_SSCD_KI] (app. note 7) - Information
The component FDP_UCT.1/SCD requires the TSF to ensure the confidentiality of the SCD
during import. The refinement substituting “user data” by “SCD” highlights that confidentiality
of other imported user data like DTBS is not required.
Application note 28: ST – Added
The TOE supports the establishment of a trusted channel with secure messaging and
negotiation of cryptographic keys used for the adequate protection of the communication
data. The secure messaging provided by the TOE is using encryption and decryption with
Triple-DES in CBC mode and cryptographic key size of 112 bit, as well as message
authentication code with Retail MAC and cryptographic key size of 112 bit according to [ISO
9797-1]. For implementation secure messaging, refer to sec. 9 of [EN 14890-1].
9.1.8.5.
FTP_ITC.1/SCD
Inter-TSF trusted channel
Hierarchical to: No other components.
Dependencies: No dependencies.
FTP_ITC.1.1/SCD
The TSF shall provide a communication channel between itself and
another trusted IT product that is logically distinct from other
communication channels and provides assured identification of its
end points and protection of the channel data from modification
or disclosure.
FTP_ITC.1.2/SCD
The TSF shall permit another trusted IT product to initiate
September 2014
ST_AKDeID Evaluation documentation
Page 51 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
communication via the trusted channel.
FTP_ITC.1.3/SCD
The TSF shall initiate communication via the trusted channel for
1) Data exchange integrity according to FDP_UCT.1/SCD.
2) none;
Application note 29: [PP_SSCD_KI] (app. note 19) - Information
The component FTP_ITC.1 requires the TSF to support a trusted channel established to
another trusted IT product generating the SCD/SVD pair for import the SCD as described by
FDP_UCT.1/SCD.
9.1.9.
Security functional requirements regarding trusted communication with CGA
9.1.9.1.
Authentication Proof of Identity
FIA_API.1
Hierarchical to: No other components.
Dependencies: No dependencies.
The TSF shall provide a symmetric or asymmetric device
authentication mechanism to prove the identity of the SSCD.
FIA_API.1.1
Application note 30: [PP_SSCD_KG_TCCGA] (app.note 2) - Information
Via the authentication mechanism to be assigned here the TOE has to be able to authenticate
itself as SSCD to the CGA, using authentication data implemented in the TOE during preinitialisation phase.
Application note 31: ST – Added
The TOE supports device authentication mechanisms, which allows mutual authentication of
the TOE as SSCD and remote entity.
The TOE implements the symmetric authentication scheme based on Triple-DES keys as
defined in sec. 8.8. of [EN 14890-1]. A successfully authentication mandates the both parts
(TOE & IFD) share the same Triple-DES keys.
The TOE also implements the device authentication with privacy protection based on DiffieHellman key exchange and RSA signature generation and verification (RSASSA-PKCS1-v1_5)
using SHA-1 or SHA-256 as defined in sec. 8.5 of [EN 14890-1].
9.1.9.2.
FDP_DAU.2/SVD
Data Authentication with Identity of Guarantor
Hierarchical to: FDP_DAU.1 Basic Data Authentication
Dependencies: FIA_UID.1 Timing of identification
FDP_DAU.2.1/SVD
The TSF shall provide a capability to generate evidence that can be
used as guarantee of the validity of SVD.
FDP_DAU.2.2/SVD
The TSF shall provide CGA with the ability to verify evidence of the
validity of the indicated information and the identity of the user
that generated the evidence.
Application note 32: ST – Added
This SFR is implemented by the device authentication mechanisms, which allows external
authentication of the CGA and internal authentication of the TOE as SSCD. Via the trusted
September 2014
ST_AKDeID Evaluation documentation
Page 52 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
channel, the user can authentically export the public signature key for certification and import
the certificate or certificate information for the public signature key.
In the context of asymmetric device authentication schemes the TOE implements Card
verifiable (CV) certificates to import a public key and related attributes into the TOE. The TOE
support the RSA signature verification of CV certificates using SHA-1 and SHA-256 and
cryptographic key size 2048 Bit that meet the RSASSA-PKCS1-v1.5.
The structure of the supported CV certificates and the card internal verification process as well
as details about possible certification hierarchies can be found in sec. 14.3. of [EN 14890-1].
9.1.9.3.
FTP_ITC.1/SVD
Inter-TSF trusted channel
Hierarchical to: No other components.
Dependencies: No dependencies.
FTP_ITC.1.1/SVD
FTP_ITC.1.2/SVD
FTP_ITC.1.3/SVD
The TSF shall provide a communication channel between itself and
another trusted IT product CGA that is logically distinct from other
communication channels and provides assured identification of its
end points and protection of the channel data from modification
or disclosure.
The TSF shall permit another trusted IT product to initiate
communication via the trusted channel.
The TSF or the CGA shall initiate communication via the trusted
channel for
(1) data Authentication with Identity of Guarantor according to
FIA_API.1 and FDP_DAU.2/SVD.
(2) none
Application note 33: [PP_SSCD_KG_TCCGA] (app. note 4) - Information
The component FTP_ITC.1/SVD requires the TSF to enforce a trusted channel established by
the CGA to export the SVD to the CGA.
Application note 34: [PP_SSCD_KG_TCCGA] (app. note 5) – Applied
The TSF enforces a trusted channel established by the CGA to export the SVD to the CGA.
Application note 35: ST – Added
The TOE supports the establishment of a trusted channel with secure messaging and
negotiation of cryptographic keys used for the adequate protection of the communication
data. The secure messaging provided by the TOE is using encryption and decryption with
Triple-DES in CBC mode and cryptographic key size of 112 bit, as well as message
authentication code with Retail MAC and cryptographic key size of 112 bit according to [ISO
9797-1]. For implementation secure messaging, refer to sec. 9 of [EN 14890-1].
9.2.
Security Assurance Requirements
This ST is conforming to assurance package evaluation assurance level 4 (EAL4) augmented
with AVA_VAN.5 and ALC_DVS.2 defined in [CC_P3].
Augmentation AVA_VAN.5 is required by the protection profile.
Augmentation ALC_DVS.2 introduced in this Security Target is a higher hierarchical assurance
component to EAL4 (only ALC_DVS.1 is found in EAL4).
For the EAL4 augmented (EAL 4+), the relevant assurance classes and assurance components
are listed in the Table 4: Security assurance requirements.
September 2014
ST_AKDeID Evaluation documentation
Page 53 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Table 4: Security assurance requirements: EAL4 augmented with AVA_VAN.5 and ALC_DVS.2
Assurance Class and Components
Description
ADV
ADV_ARC.1
ADV_FSP.4
ADV_IMP.1
ADV_TDS.3
AGD
AGD_OPE.1
AGD_PRE.1
ALC
ALC_CMC.4
ALC_CMS.4
ALC_DEL.1
ALC_DVS.2
ALC_LCD.1
ALC_TAT.1
ASE
ASE_CCL.1
ASE_ECD.1
ASE_INT.1
ASE_OBJ.2
ASE_REQ.2
ASE_SPD.1
ASE_TSS.1
ATE
ATE_COV.2
ATE_DPT.1
ATE_FUN.1
ATE_IND.2
AVA
AVA_VAN.5
Development
Security architecture description
Complete functional specification
Implementation representation the TSF
Basic modular design
Guidance documents
Operational user guidance
Preparative procedures
Life-cycle support
Production support, acceptance procedures and automation
Problem tracking CM coverage
Delivery procedures
Identification of security measures
Developer defined life-cycle model
Well-defined development tools
Security Target evaluation
Conformance claims
Extended components definition
ST introduction
Security objectives
Derived security requirements
Security problem definition
TOE summary specification
Tests
Analysis of coverage
Testing: basic design
Functional testing
Independent testing – sample
Vulnerability assessment
Focused vulnerability analysis
9.3.
Security Requirements Rationale
9.3.1.
Security Requirements Coverage
FCS_CKM.4
FCS_COP.1/Signature_Creation
September 2014
X
X
X
OT.TOE_TC_SVD_Exp
OT.TOE_SSCD_Auth
OT.SCD_Auth_Imp
OT.SCD_SVD_Corresp
OT.SCD_Unique
OT.SCD/SVD_Auth_Gen
OT.Tamper_Resistance
OT.Tamper_ID
OT.EMSEC_Design
OT.DTBS_Integrity_TOE
OT.Sigy_SigF
OT.Sig_Secure
Functional
requirements
OT.SCD_Secrecy
TOE security
objectives
OT.Lifecycle_Security
Table 5: Mapping of functional requirements to security objectives for the TOE
X
ST_AKDeID Evaluation documentation
Page 54 of 78
9.3.2.
X
OT.TOE_TC_SVD_Exp
OT.SCD_SVD_Corresp
OT.SCD_Unique
OT.SCD/SVD_Auth_Gen
OT.Tamper_Resistance
OT.Tamper_ID
OT.EMSEC_Design
OT.DTBS_Integrity_TOE
OT.Sigy_SigF
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
Version: 1.3/2014-09-26
OT.TOE_SSCD_Auth
X
X
X
Doc ID: DP-I-101
OT.SCD_Auth_Imp
FCS_COP.1/RSACipher
FDP_ACC.1/Signature_Creation
FDP_ACF.1/Signature_Creation
FDP_RIP.1
FDP_SDI.2/Persistent
FDP_SDI.2/DTBS
FIA_AFL.1/PIN
FIA_AFL.1/PUK
FIA_UAU.1
FIA_UID.1
FMT_MOF.1
FMT_MSA.1/Admin
FMT_MSA.1/Signatory
FMT_MSA.2
FMT_MSA.3
FMT_MSA.4
FMT_MTD.1/Admin
FMT_MTD.1/Signatory
FMT_SMR.1
FMT_SMF.1
FPT_EMS.1
FPT_FLS.1
FPT_PHP.1
FPT_PHP.3
FPT_TST.1
FCS_CKM.1
FDP_ACC.1/SCD/SVD_Generation
FDP_ACF.1/SCD/SVD_Generation
FDP_ACC.1/SVD_Transfer
FDP_ACF.1/SVD_Transfer
FDP_ACC.1/SCD_Import
FDP_ACF.1/SCD_Import
FDP_ITC.1/SCD
FDP_UCT.1/SCD
FTP_ITC.1/SCD
FDP_DAU.2/SVD
FIA_API.1
FTP_ITC.1/SVD
OT.Sig_Secure
Functional
requirements
OT.SCD_Secrecy
TOE security
objectives
OT.Lifecycle_Security
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
TOE Security Requirements Sufficiency
The rationale in the [PP_SSCD_KG], section 6.1.2, explains how the security functional
requirements cover the common security objectives for the TOE OT.Lifecycle_Security,
OT.SCD_Secrecy, OT.Sig_Secure, OT.Sigy_SigF, OT.DTBS_Integrity_TOE, OT.EMSEC_Design,
OT.Tamper_ID and OT.Tamper_Resistance.
September 2014
ST_AKDeID Evaluation documentation
Page 55 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
It also explains how the security functional requirements cover the security objectives for the
OT.SCD/SVD_Auth_Gen, OT.SCD_Unique, OT.SCD_SVD_Corresp, which are present only in
[PP_SSCD_KG].
The rationale for the security objective OT.SCD_Auth_Imp is from [PP_SSCD_KI] which also
complements OT.Lifecycle_Security and OT.SCD_Secrecy.
The rationale for the security objectives OT.TOE_SSCD_Auth and OT.TOE_TC_SVD_Exp is taken
from [PP_SSCD_KG_TCCGA].
OT.Lifecycle_Security (Lifecycle security) is provided by the SFR as follows:
The secure SCD usage is ensured cryptographically according to FCS_COP.1/Signature_Creation
and FCS_COP.1/RSACipher.
The SFR FCS_CKM.4 ensures a secure SCD destruction.
The SCD usage is ensured by access control FDP_ACC.1/Signature_Creation,
FDP_ACF.1/Signature_Creation which is based on the security attribute secure TSF
management according to FMT_MOF.1, FMT_MSA.1/Admin, FMT_MSA.1/Signatory,
FMT_MSA.2, FMT_MSA.3, FMT_MSA.4, FMT_MTD.1/Admin, FMT_MTD.1/Signatory,
FMT_SMF.1 and FMT_SMR.1.
The test functions FPT_TST.1 provides failure detection throughout the lifecycle.
The FCS_CKM.1 ensures a SCD/SVD generation.
The SCD/SVD generation is controlled by TSF according to FDP_ACC.1/SCD/SVD_Generation
and FDP_ACF.1/SCD/SVD_Generation.
The SVD transfer for certificate generation is controlled by TSF according to
FDP_ACC.1/SVD_Transfer and FDP_ACF.1/SVD_Transfer.
The SCD import is controlled by TSF according to FDP_ACC.1/SCD_Import,
FDP_ACF.1/SCD_Import and FDP_ITC.1/SCD. The confidentiality of the SCD is protected during
import according to FDP_UCT.1/SCD in the trusted channel FTP_ICT.1/SCD.
OT.SCD/SVD_Auth_Gen (Authorized SCD/SVD generation) addresses that generation of a
SCD/SVD pair requires proper user authentication. The TSF specified by FIA_UID.1 and
FIA_UAU.1 provide user identification and user authentication prior to enabling access to
authorised
functions.
The
SFR
FDP_ACC.1/SCD/SVD_Generation
and
FDP_ACF.1/SCD/SVD_Generation provide access control for the SCD/SVD generation.
The security attributes of the authenticated user are provided by FMT_MSA.1/Admin,
FMT_MSA.2, and FMT_MSA.3 for static attribute initialisation. The SFR FMT_MSA.4 defines
rules for inheritance of the security attribute “SCD operational” of the SCD.
OT.SCD_Unique (Uniqueness of the signature creation data) implements the requirement of
practically unique SCD as laid down in Annex III, paragraph 1(a), which is provided by the
cryptographic algorithms specified by FCS_CKM.1.
OT.SCD_SVD_Corresp (Correspondence between SVD and SCD) addresses that the SVD
corresponds to the SCD implemented by the TOE. This is provided by the algorithms specified
by FCS_CKM.1 to generate corresponding SVD/SCD pairs. The security functions specified by
FDP_SDI.2/Persistent ensure that the keys are not modified, so to retain the correspondence.
Moreover, the SCD Identifier allows the environment to identify the SCD and to link it with the
appropriate SVD. The management functions identified by FMT_SMF.1 and by FMT_MSA.4
allow R.Admin to modify the default value of the security attribute SCD Identifier.
OT.SCD_Secrecy (Secrecy of signature creation data) is provided by the security functions
specified by the following SFR.
September 2014
ST_AKDeID Evaluation documentation
Page 56 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
The security functions specified by FDP_RIP.1 and FCS_CKM.4 ensure that residual information
on SCD is destroyed after the SCD has been use for signature creation and that destruction of
SCD leaves no residual information.
The security functions specified by FDP_SDI.2/Persistent ensure that no critical data is
modified which could alter the efficiency of the security functions or leak information of the
SCD.
FPT_TST.1 tests the working conditions of the TOE and FPT_FLS.1 guarantees a secure state
when integrity is violated and thus assures that the specified security functions are
operational.
An example where compromising error conditions are countered by FPT_FLS.1 is fault injection
for differential fault analysis (DFA).
SFR FPT_EMS.1 and FPT_PHP.3 require additional security features of the TOE to ensure the
confidentiality of the SCD.
FCS_CKM.1 ensures the use of secure cryptographic algorithms for SCD/SVD generation.
Cryptographic quality of SCD/SVD pair shall prevent disclosure of SCD by cryptographic attacks
using the publicly known SVD.
FDP_UCT.1/SCD and FTP_ICT.1/SCD ensures the confidentiality for SCD import.
OT.Sig_Secure (Cryptographic security of the electronic signature) is provided by the
cryptographic
algorithms
specified
by
FCS_COP.1/Signature_Creation
and
FCS_COP.1/RSACipher, which ensures the cryptographic robustness of the signature
algorithms. FDP_SDI.2/Persistent corresponds to the integrity of the SCD implemented by the
TOE and FPT_TST.1 ensures self-tests ensuring correct signature creation.
OT.Sigy_SigF (Signature creation function for the legitimate signatory only) is provided by an
SFR for identification authentication and access control.
FIA_UAU.1 and FIA_UID.1 ensure that no signature creation function can be invoked before
the signatory is identified and authenticated.
The security functions specified by FMT_MTD.1/Admin and FMT_MTD.1/Signatory manage the
authentication function. SFR FIA_AFL.1/PIN and FIA_AFL.1/PUK provides protection against a
number of attacks, such as cryptographic extraction of residual information, or brute force
attacks against authentication.
The security function specified by FDP_SDI.2/DTBS ensures the integrity of stored DTBS and
FDP_RIP.1 prevents misuse of any resources containing the SCD after de-allocation (e.g. after
the signature creation process).
The
security
functions
specified
by
FDP_ACC.1/Signature_Creation
and
FDP_ACF.1/Signature_Creation provide access control based on the security attributes
managed according to the SFR FMT_MTD.1/Signatory, FMT_MSA.2, FMT_MSA.3 and
FMT_MSA.4.
The SFR FMT_SMF.1 and FMT_SMR.1 list these management functions and the roles. These
ensure that the signature process is restricted to the signatory.
FMT_MOF.1 restricts the ability to enable the signature creation function to the signatory.
FMT_MSA.1/Signatory restricts the ability to modify the security attributes SCD operational to
the signatory.
OT.DTBS_Integrity_TOE (DTBS/R integrity inside the TOE) ensures that the DTBS/R is not
altered by the TOE. The integrity functions specified by FDP_SDI.2/DTBS require that the
DTBS/R has not been altered by the TOE.
September 2014
ST_AKDeID Evaluation documentation
Page 57 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
OT.EMSEC_Design (Provide physical emanations security) covers that no intelligible
information is emanated. This is provided by FPT_EMS.1.1.
OT.Tamper_ID (Tamper detection) is provided by FPT_PHP.1 by the means of passive detection
of physical attacks.
OT.Tamper_Resistance (Tamper resistance) is provided by FPT_PHP.3 to resist physical
attacks.
OT.SCD_Auth_Imp (Authorized SCD import) is provided by the security functions specified by
the following SFR. FIA_UID.1 and FIA_UAU.1 ensure that the user is identified and
authenticated
before
SCD
can
be
imported.
FDP_ACC.1/SCD_Import
and
FDP_ACF.1/SCD_Import ensure that only authorised users can import SCD.
OT.TOE_SSCD_Auth (Authentication proof as SSCD) requires the TOE to provide security
mechanisms to identify and to authenticate themselves as SSCD, which is directly provided by
FIA_API.1 (Authentication Proof of Identity). The SFR FIA_UAU.1 allows (additionally to the
core [PP_SSCD_KG]) establishment of the trusted channel before (human) user is
authenticated.
OT.TOE_TC_SVD_Exp (TOE trusted channel for SVD export) requires the TOE to provide a
trusted channel to the CGA to protect the integrity of the SVD exported to the CGA, which is
directly provided by
The SVD transfer for certificate generation is controlled by TSF according to
FDP_ACC.1/SVD_Transfer and FDP_ACF.1/SVD_Transfer.
FDP_DAU.2/SVD (Data Authentication with Identity of Guarantor), which requires the TOE
to provide CGA with the ability to verify evidence of the validity of the SVD and the identity
of the user that generated the evidence.
FTP_ITC.1/SVD Inter-TSF trusted channel), which requires the TOE to provide a trusted
channel to the CGA.
9.3.3.
Satisfaction of dependencies of security functional requirements
Table 6: Satisfaction of dependencies of security functional requirements
Functional requirement
Dependencies
Satisfied by
FCS_CKM.1
[FCS_CKM.2 or
FCS_COP.1],
FCS_CKM.4
[FDP_ITC.1 or FDP_ITC.2
or FCS_CKM.1]
[FDP_ITC.1 or FDP_ITC.2
or FCS_CKM.1],
FCS_CKM.4
[FDP_ITC.1 or FDP_ITC.2
or FCS_CKM.1],
FCS_CKM.4
FDP_ACF.1
FDP_ACF.1
FDP_ACF.1
FDP_ACC.1,
FMT_MSA.3
FDP_ACC.1,
FMT_MSA.3
FCS_COP.1,
FCS_CKM.4
FCS_CKM.4
FCS_COP.1/Signature_Creation
FCS_COP.1/RSAChiper
FDP_ACC.1/SCD/SVD_Generation
FDP_ACC.1/Signature_Creation
FDP_ACC.1/SVD_Transfer
FDP_ACF.1/SCD/SVD_Generation
FDP_ACF.1/Signature_Creation
September 2014
FCS_CKM.1
FDP_ITC.1/SCD
FCS_CKM.1,
FCS_CKM.4
FDP_ITC.1/SCD
FCS_CKM.1,
FCS_CKM.4
FDP_ITC.1/SCD
FDP_ACF.1/SCD/SVD_Generation
FDP_ACF.1/Signature_Creation
FDP_ACF.1/SVD_Transfer
FDP_ACC.1/SCD/SVD_Generation,
FMT_MSA.3
FDP_ACC.1/Signature_Creation,
FMT_MSA.3
ST_AKDeID Evaluation documentation
Page 58 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Functional requirement
Dependencies
Satisfied by
FDP_ACF.1/SVD_Transfer
FDP_ACC.1,
FMT_MSA.3
No dependencies
No dependencies
No dependencies
FIA_UAU.1
FIA_UAU.1
No dependencies
FIA_UID.1
FMT_SMR.1,
FMT_SMF.1
[FDP_ACC.1 or FDP_IFC.1],
FMT_SMR.1,
FMT_SMF.1
FDP_ACC.1/SVD_Transfer,
FMT_MSA.3
n/a
n/a
n/a
FIA_UAU.1
FIA_UAU.1
n/a
FIA_UID.1
FMT_SMR.1,
FMT_SMF.1
FDP_ACC.1/SCD/SVD_Generation,
FDP_ACC.1/SCD_Import,
FMT_SMR.1,
FMT_SMF.1
FDP_ACC.1/Signature_Creation,
FMT_SMR.1,
FMT_SMF.1
FDP_ACC.1/SCD/SVD_Generation,
FDP_ACC.1/Signature_Creation,
FDP_ACC.1/SCD_Import,
FMT_MSA.1/Admin,
FMT_MSA.1/Signatory,
FMT_SMR.1
FMT_MSA.1/Admin,
FMT_MSA.1/Signatory,
FMT_SMR.1
FDP_ACC.1/SCD/SVD_Generation,
FDP_ACC.1/SCD_Import,
FDP_ACC.1/ Signature_Creation
FMT_SMR.1,
FMT_SMF.1
FMT_SMR.1,
FMT_SMF.1
n/a
FIA_UID.1
n/a
n/a
n/a
n/a
n/a
FDP_ACF.1/SCD_Import
FDP_ACC.1/SCD_Import,
FMT_MSA.3
FDP_ACC.1/SCD_Import,
FMT_MSA.3
FTP_ITC.1/SCD,
FDP_ACC.1/SCD_Import
n/a
FIA_UID.1
n/a
n/a
FDR_RIP.1
FDP_SDI.2/Persistent
FDP_SDI.2/DTBS
FIA_AFL.1/PIN
FIA_AFL.1/PUK
FIA_UID.1
FIA_UAU.1
FMT_MOF.1
FMT_MSA.1/Admin
FMT_MSA.1/Signatory
FMT_MSA.2
[FDP_ACC.1 or FDP_IFC.1],
FMT_SMR.1,
FMT_SMF.1
[FDP_ACC.1 or FDP_IFC.1],
FMT_MSA.1,
FMT_SMR.1
FMT_MSA.3
FMT_MSA.1,
FMT_MSA.4
FMT_SMR.1
[FDP_ACC.1 or FDP_IFC.1]
FMT_MTD.1/Admin
FMT_MTD.1/Signatory
FMT_SMF.1
FMT_SMR.1
FPT_EMS.1
FPT_FLS.1
FPT_PHP.1
FPT_PHP.3
FPT_TST.1
FDP_ACC.1/SCD_Import
FDP_ACF.1/SCD_Import
FDP_ITC.1/SCD
FDP_UCT.1/SCD
FTP_ITC.1/SCD
FDP_DAU.2/SVD
FIA_API.1
FTP_ITC.1/SVD
September 2014
FMT_SMR.1,
FMT_SMF.1
FMT_SMR.1,
FMT_SMF.1
No dependencies
FIA_UID.1
No dependencies
No dependencies
No dependencies
No dependencies
No dependencies
FDP_ACF.1
FDP_ACC.1,
FMT_MSA.3
[FDP_ACC.1 or FDP_IFC.1]
FMT_MSA.3
[FTP_ITC.1 or FTP_TRP.1],
[FDP_ACC.1 or FDP_IFC.1]
No dependencies
FIA_UID1.
No dependencies
No dependencies
ST_AKDeID Evaluation documentation
Page 59 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Table 7: Satisfaction of dependencies of security assurance requirements
Assurance requirement(s)
Dependencies
Satisfied by
EAL4 package
(dependencies of EAL4
package are not reproduced
here)
ADV_ARC.1,
ADV_FSP.4,
ADV_TDS.3,
ADV_IMP.1,
AGD_OPE.1,
AGD_PRE.1,
ATE_DPT.1
By construction, all dependencies are
satisfied in a CC EAL package
AVA_VAN.5
ALC_DVS.2
9.3.4.
no dependencies
ADV_ARC.1,
ADV_FSP.4,
ADV_TDS.3,
ADV_IMP.1,
AGD_OPE.1,
AGD_PRE.1,
ATE_DPT.1
(all are included in EAL4 package)
n/a
Rationale for chosen security assurance requirements
The assurance level for this ST is EAL4 augmented. EAL4 allows a developer to attain a
reasonably high assurance level without the need for highly specialized processes and
practices. It is considered to be the highest level that could be applied to an existing product
line without undue expense and complexity. As such, EAL4 is appropriate for commercial
products that can be applied to moderate to high security functions. The TOE described in ST is
just such a product.
Augmentation results from the selection of additional assurance requirements are:
• AVA_VAN.5 Advanced methodical vulnerability analysis
The TOE is intended to function in a variety of signature creation systems for qualified
electronic signatures. Due to the nature of its intended application, i.e., the TOE may be issued
to users and may not be directly under the control of trained and dedicated administrators. As
a result, it is imperative that misleading, unreasonable and conflicting guidance is absent from
the guidance documentation, and that secure procedures for all modes of operation have
been addressed. Insecure states should be easy to detect. The TOE shall be shown to be highly
resistant to penetration attacks to meet the security objectives OT.SCD_Secrecy, OT.Sigy_SigF
and OT.Sig_Secure.
• ALC_DVS.2 Sufficiency of security measures
Development security is concerned with physical, procedural, personnel and other technical
measures that may be used in the development environment to protect the TOE.
The EAL4 requires for the development security the assurance component ALC_DVS.1. This
dictates a documentation and check of the security measures in the development
environment. The component ALC_DVS.2 requires additionally a justification, that the
measures provide the necessary level of protection.
10.
TOE Summary Specification
This section provides a description of the security functions and assurance measures of the
TOE that meet the TOE security requirements.
September 2014
ST_AKDeID Evaluation documentation
Page 60 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
10.1.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Security Functionality
Security functionalities provided by the composite TOE are listed the table 8.
Table 8: Security functionalities
Security function
Description
SF.USER
User authentication
SF.DEV
Device authentication
SF.SM
Trusted channel
SF.ACCESS
Role authentication
SF.CRYPTO
Cryptographic functions
SF.PROTECT
Self protection
10.1.1.
SF.USER
User authentication
This TOE security functionality (SF) implements the user authentication mechanism used for
the user role Signatory. It is based on the knowledge of a PIN or a password. The PIN is an
alphanumeric value with a specified minimal length. This minimal length is configurable and is
defined during the card preparation.
The TOE has two PIN values and one PUK value. One PIN is used for digital signature
authentication exclusively. Another PIN is used to authentication the all other operations. The
same PUK value is used for unblock both PINs.
The TOE support:
- The VERIFY command: The Signatory is authenticated by the verification process. After the
PIN is successfully verified, the Signatory is allowed to execute selected crypto operation.
- The CHANGE REFERENCE DATA command: Upon successful command execution, the
reference data inside the card is replaced by the new reference data provided in the
command data field. The initial PIN has to be changed before the TOE is used for the first
time.
- The RESET RETRY COUNTER command: A retry counter and an initial value of the retry
counter are represented by a configurable number from 1 to 127 for each RAD separately.
These values are defined during card preparation. If the verification fails, the retry counter
is decremented by one and an error status that contains the remaining attempts is
returned by the application. When the retry counter equals zero, the RAD is blocked and
can no longer be used. A successful verification of the RAD resets its retry counter to the
initial value. The TOE used the same rules, but separated RAD values for the PIN and for
the PUK value.
Once a PIN is blocked, the Signatory can use a PUK (resetting code) to unblock RAD, i.e. to
reset the corresponding retry counter to its initial value and optionally to set new RAD.
If the PUK verification fails, its tries counter is decremented by one. When all available
tries have failed, the PUK is blocked. The only role Administrator can reset the blocked
PUK.
This SF provides the user authentication for the operation depending on the subject and life
cycle state and according the access control (see SF.ACCESS).
September 2014
ST_AKDeID Evaluation documentation
Page 61 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
10.1.2.
SF.DEV
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Device authentication
This TOE security functionality (SF) implements device authentication mechanisms, which
allows mutual authentication of the TOE as SSCD and remote entity.
The TOE implements:
(1) Symmetric authentication scheme
The TOE implements the mutual authentication scheme using symmetric keys as defined in
sec. 8.8. of [EN 14890-1].
The MUTUAL AUTHENTICATE command is used to:
1. Authenticate the terminal and the card.
2. Generate two temporary session keys that will be further used to compute session
keys for the secure messaging in the subsequent commands.
3. Initialize the Send Sequence Counter (SSC), which is a counter used at each
checksum computation.
The authentication procedure is based on a Symmetric Key Set (KS) that is composed of
two Triple-DES Keys. A successfully authentication mandates the both parts (TOE & IFD)
share the same Triple-DES keys.
(2) Asymmetric authentication scheme
a) Card verifiable certificate verification commands
The TOE implements Card verifiable (CV) certificates in the context of asymmetric device
authentication schemes to import a public key and related attributes into the TOE. These
certificates are non-self descriptive certificates.
The structure of the supported CV certificates and the card internal verification process as
well as details about possible certification hierarchies can be found in sec. 14.3. of [EN
14890-1].
b) Device authentication with privacy protection
The device authentication with privacy protection scheme is based on sec. 8.5 of [EN
14890-1].
To avoid the card disclosing private information, such as identity, a secure channel session
is established before any other operation. To do so, the protocol starts with an
unauthenticated Diffie-Hellman key exchange and then authenticates the IFD before the
ICC.
Five main phases may be distinguished:
1. agreement of session keys and establishment of a secure channel for privacy
protection;
2. transport of the IFD public key to the TOE;
3. external authentication of the IFD;
4. transport of the TOE public key to the IFD;
5. internal authentication of the TOE.
During card preparation, the issuer chooses the authentication scheme and set the keys for
device authentication.
Two kinds of environments shall be distinguished, by considering the device authentication of
the remote entity: the signing and the management environment. Remote entity might be
SCA, CGA or HID in the signing environment or Signatory SSCD Management Application and
Issuer SSCD Management Application in the management environment. During personalisation
phase, the issuer will define the access rules to the application resources for both
environments. The IFD shall adapt the authentication to the environment required by the
resource it wishes to access (see SF.ACCESS).
A successful TOE-IFD mutual authentication with session keys establishment is combined with
secure messaging for all subsequent commands (see SF.SM).
September 2014
ST_AKDeID Evaluation documentation
Page 62 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
The device authentication security functionality provided by the TOE using cryptographic
operations of the platform (see d), e) and h) of sec. 10.1.5 SF.CRYPTO).
10.1.3.
SF.SM
Secure messaging
This TOE security functionality (SF) implements secure messaging protocol, which aims at
ensuring communication between the IFD and the TOE when the TOE is used within an
untrusted environment.
The secure channel is established through a device authentication (see SF.DEV). Session keys
required for the secure messaging protocol are derived during the device authentication
protocol. These keys are derived according to sec. 8.9. of [EN 14890-1].
After successful device authentication, the Send Sequence Counter (SSC) number is initialized.
The secure channel remains open as long as the incoming commands are correctly wrapped
with the secure messaging session keys and the SSC. The SSC is defined, initialised and handled
as specified in sec. 8.10. of [EN 14890-1].
When the secure messaging session is closed or if error detection has occurred, MAC value and
session keys will be erased. For the treatment of secure messaging errors, refer to sec. 9.3 of
[EN 14890-1]. For ending a secure messaging session, refer to sec. 8.12.2 of [EN 14890-1].
The secure messaging security functionality provided by the TOE using cryptographic
operations of the platform (see b) and g) of sec. 10.1.5 SF.CRYPTO).
10.1.4.
SF.ACCESS
Role authentication
The Role authentication security functionality provided by the TOE is used by the external
entity to present a specific authorization to the TOE.
The TOE establishes the security context by setting a respective value in its security
environment and enforces using correct security policy. Prior any operation the application
checks the requested access rights to resources and operations on them. If security conditions
are fulfilled the access is granted.
Once the authentication was successfully performed, its internal status is set to
“authenticated”. The checking of this status allows to the TOE to grant the access condition on
its resources and operations.
The TOE maintains the roles for Signatory and for Administrator by this means, to grant
different access rights, e.g. The TOE require authentication for a specific operation.
When a Signatory wants authenticated to the TOE he has to prove it with a knowledge based
User authentication (SF.USER). The role Signatory exists only in operational phases in signatory
environment.
When an Administrator authenticates to the TOE he has to prove it with a challenge-response
mechanism. This mechanism is based on symmetric or asymmetric keys and realized through
device authentication (SF.DEV) during which both side have authenticated and credentials
have exchanged. The role Administrator exists during the preparation and during operational
phases in management environment to implement management operations on the TOE.
The symmetric role authentication distinguishes two phases:
1) establishment of the security context by setting a respective value in the security
environment of the TOE;
2) external authentication of the IFD.
The asymmetric role authentication distinguishes tree phases:
1) verifying the certificate chain and simultaneously checking the role ID authorization;
September 2014
ST_AKDeID Evaluation documentation
Page 63 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
2) establishment of the security context by setting a respective value in the security
environment of the TOE;
3) external authentication of the IFD.
10.1.5.
SF.CRYPTO
Cryptographic functions
This TOE security functionality (SF) is totally provided by the certified platform, which ensures
secure cryptographic key management and cryptographic operation of the TOE.
The exact formulation can be found in the [JCOP_ST] :
a) SCD/SVD Key pair generation – provide RSA key generation algorithm key size of 2048
Bit based on random numbers according to AIS 20 class DRG.2 or DRG.3 according to
FCS_CKM.1.1 and FCS_RNG.1, sec. 6.1.2.1 and 6.1.14.4 of [JCOP_ST] (see 9.1.7.1
FCS_CKM.1).
b) Session Key generation – provide DES key generation algorithm key size of 112 bit
according to FCS_CKM.1.1 and FCS_RNG.1, sec. 6.1.2.1 and 6.1.14.4 of [JCOP_ST] (see
9.1.8.5 FTP_ITC.1/SCD, 9.1.9.3 FTP_ITC.1/SVD, 9.1.10.2 FTP_ITC.1/VAD and 9.1.10.3
FTP_ITC.1/DTBS).
c) Destruction of cryptographic keys - cryptographic key destruction method by physically
overwriting the keys with zeros by method (e.g. clearKey) according to FCS_CKM.4.1
sec. 6.1.2.4 of [JCOP_ST] (see 9.1.2.1 FCS_CKM.4).
d) Symmetric data encryption and decryption – provide cryptographic algorithm in CBC
Mode with padding method 2 and cryptographic key sizes for 2-key TDES (112 bit)
that meet the ISO 9797-1 padding method 2 [ISO 9797-1] which provides limited side
channel resistance according to FCS_COP.1.1/TripleDES, sec. 6.1.2.5 of [JCOP_ST] (see
9.1.9.1 FIA_API.1, 9.1.9.2 FDP_DAU.2/SVD).
e) Asymmetric data encryption and decryption – provide cryptographic algorithm RSA
encryption/decryption algorithm with EME-PKCS1-v1_5 encoding and cryptographic
key sizes 2048 bits that meet the [PKCS#1 v2.1] according to FCS_COP.1.1/RSACipher,
sec. 6.1.2.5 of [JCOP_ST] (see 9.1.2.3 FCS_COP.1/RSACipher, 9.1.9.1 FIA_API.1 and
9.1.9.2 FDP_DAU.2/SVD).
f) Digital signature generation and verification – provide cryptographic algorithm RSA
signature algorithm with EMSA-PKCS1-v1_5 of [PKCS#1 v2.1] encoding and SHA-1 and
SHA-256 and cryptographic key size 2048 Bit that meet the RSASSA-PKCS1-v1.5.,
according to FCS_COP.1.1/RSASignaturePKCS#1, sec. 6.1.2.5 of [JCOP_ST] (see 9.1.2.2
FCS_COP.1/Signature_Creation).
g) Secure messaging – provide 8 byte MAC generation and verification in accordance with
cryptographic algorithm Triple-DES in outer CBC MAC Mode and cryptographic key
size 112 Bit that meet the MAC Algorithm 3 with padding method 2 (Retail MAC) of
[ISO 9797-1] according to FCS_COP.1.1/DESMAC, sec. 6.1.2.5 of [JCOP_ST] (see
9.1.8.5 FTP_ITC.1/SCD, 9.1.9.3 FTP_ITC.1/SVD, 9.1.10.2 FTP_ITC.1/VAD and 9.1.10.3
FTP_ITC.1/DTBS)
h) Secure hash computation – provide SHA-1 and SHA-256 that meet the [FIPS 180-3]
according to FCS_COP.1.1/SHA-256, sec. 6.1.2.5 of [JCOP_ST]. The mandatory hash
algorithm for digital signature is SHA-256. It is recommended to use SHA-256 for all
applications, but for compatibility reasons, the TOE also supports SHA-1.
All these algorithms taken from the platform and supported by TOE are listed in the [CEN/TS
15480-2] as mandatory algorithms for the European Citizen Card as follows:
- RSA with SHA-256 are mandatory algorithms for digital signature
September 2014
ST_AKDeID Evaluation documentation
Page 64 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
SHA-1 and SHA-256 are mandatory hash algorithms for device authentication and key
derivation
- RSA acc. to [PKCS#1 v2.1] is mandatory algorithm for digital signature and input formats
- RSA with to [PKCS#1 v2.1] is mandatory and conditional algorithm for client/server
authentication and encryption key decipherment
The [EN 14890-1] (chapters 8 and 9) specification, which is required by the [CEN/TS 15480-2],
predicts using 2-key-TDES for symmetrical authentication as well as Retail MAC for secure
messaging.
Also, [TR 03116-2] (chapters 1.2.3 and 1.3.1) explicitly allows 2-Key-TDES for national ID cards.
As the TOE is the SSCD-part of an ID card, the 2-Key-TDES mentioned in [TR 03116-2] is also
valid for this TOE.
-
10.1.6.
SF.PROTECT
Self protection
This TOE security functionality (SF) is totally provided by the certified platform, which ensures
self-protection of the TOE. The exact formulation can be found in the [JCOP_ST] :
a) Subset Residual Information Protection - Ensure that any previous information content
of a resource is made unavailable upon the de-allocation of the resource from the
cryptographic buffer, according to FDP_RIP.1/KEYS, sec. 6.1.2.9 of [JCOP_ST] (see
9.1.3.3 FDP_RIP.1).
b) Stored data integrity monitoring and action - Monitoring user data stored in containers
for integrity errors on cryptographic keys, PIN values and their associated security
attributes, according to FDP_SDI.2.1, sec. 6.1.3.3 of [JCOP_ST] (see 9.1.3.4
FDP_SDI.2/Persistent and 9.1.3.5 FDP_SDI.2/DTBS).
c) TOE Emanation - ensure that unauthorized users are unable to use electrical contacts
to gain access to stored data. The TOE shall not emit variations in power consumption
or timing during command execution in excess of non-useful information enabling
access to stored data according to FPT_EMSEC.1, sec. 6.1.14.6 of [JCOP_ST] (see
9.1.6.1 FPT_EMS.1).
d) Failure with preservation of a Secure State - preserve a secure state when the failures
occur, according to FPT_FLS.1.1/SCP, sec. 6.1.12.1 of [JCOP_ST] (see 9.1.6.2 FPT_FLS.1
and 9.1.6.5 FPT_TST.1).
e) Security Alarms - accumulate or combine in monitoring the auditable events and
indicate a potential violation. The following reactions by the TOE based on indication
of a potential violation of the TSP are possible: throw an exception, terminate the
card, reinitialize the Java Card System, respond automatically in the specified way and
lock the card session, according to FAU_ARP.1, sec. 6.1.3.1 of [JCOP_ST] (see 9.1.6.2
FPT_FLS.1 and 9.1.6.4 FPT_PHP.1).
f) Resistance to physical attack - The TOE will implement appropriate measures to
continuously counter physical manipulation and physical probing. Due to the nature of
these attacks (especially manipulation) the TOE can by no means detect attacks on all
of its elements. Therefore, permanent protection against these attacks is required
ensuring that the TSP could not be violated at any time. Hence, ―automatic response‖
means here (i) assuming that there might be an attack at any time and (ii)
countermeasures are provided at any time, according to FPT_PHP.3/SCP, sec. 6.1.12.3
of [JCOP_ST] (see 9.1.6.4 FPT_PHP.3).
September 2014
ST_AKDeID Evaluation documentation
Page 65 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
10.2.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Security Functionality Rational
FCS_CKM.4
FCS_COP.1/Signature_Creation
FCS_COP.1/RSAChiper
FDP_ACC.1/Signature_Creation
FDP_ACF.1/Signature_Creation
FDP_RIP.1
FDP_SDI.2/Persistent
FDP_SDI.2/DTBS
FIA_AFL.1/PIN
FIA_AFL.1/PUK
FIA_UAU.1
FIA_UID.1
FMT_MOF.1
FMT_MSA.1/Admin
FMT_MSA.1/Signatory
FMT_MSA.2
FMT_MSA.3
FMT_MSA.4
FMT_MTD.1/Admin
FMT_MTD.1/Signatory
FMT_SMR.1
FMT_SMF.1
FPT_EMS.1
FPT_FLS.1
FPT_PHP.1
FPT_PHP.3
FPT_TST.1
FCS_CKM.1
FDP_ACC.1/SCD/SVD_Generation
FDP_ACF.1/ SCD/SVD_Generation
FDP_ACC.1/SVD_Transfer
FDP_ACF.1/SVD_Transfer
FDP_ACC.1/SCD_Import
FDP_ACF.1/SCD_Import
FDP_ITC.1/SCD
FDP_UCT.1/SCD
FTP_ITC.1/SCD
FDP_DAU.2/SVD
FIA_API.1
FTP_ITC.1/SVD
September 2014
SF.PROTECT
SF.CRYPTO
SF.ACCESS
SF.SM
SF. DEV
SF. USER
Table 9: Security Functionality Rational
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
ST_AKDeID Evaluation documentation
Page 66 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
11.
Statement of Compatibility concerning Composite Security Target
11.1.
Separation of the Platform-TSF
This section describes the separation of relevant security functionality described in the ST of
the platform (JCOP v. 2.4.2, Revision 3 [JCOP_ST] ) being used by this ST.
11.1.1.
JCOP-functionality
The security functionality provided by the platform is summarized in [JCOP_ST] , chapter 1.3.1.
The following table confronts the relevant security functionality of the platform with those of
the composite TOE defined in the present ST. The table lists Security functionality of the
platform and of this composite ST with the aim to separate platform functionality.
Table 10: JCOP Functionality
JCOP-functionality
Usage by TOE
Cryptographic algorithms and functionality:
3DES (112 and 168 bit keys) for en-/decryption (CBC and ECB) and
MAC generation and verification (Retail-MAC, CMAC and CBC-MAC)
AES (Advanced Encryption Standard) with key length of 128, 192 and
256 Bit for en-/decryption (CBC and ECB) and MAC generation and
verification (CMAC, CBC-MAC).
RSA and RSA CRT (1976 up to 2048 bits keys) for en-/decryption and
signature generation and verification.
RSA and RSA CRT key generation (1976 up to 2048 bits keys)
SHA-1, SHA-224, and SHA-256 hash algorithm
ECC over GF(p) algorithm that can be used for signature generation
and signature verification (ECDSA) from 128 to 320 bits.
ECC over GF(p) key generation algorithm that can be used to generate
ECC over GF(p) key pairs.
Random number generation according to class DRG.3 and DRG.2 of
AIS 20
Secure point addition for Elliptic Curves over GF(p).
Diffie-Hellman key agreement and EC-DH over GF(p).
Java Card 2.2.2 functionality:
Garbage Collection fully implemented with complete memory
reclamation incl. compactification
Support for Extended Length APDUs
Global Platform 2.2.1 functionality:
CVM Management (Global PIN) fully implemented: all described APDU
and API interfaces for this feature are present
Secure Channel Protocol (SCP01, SCP02, and SCP03) is supported
Card manager
Delegated management
Further platform functionality
Proprietary SM Accelerator Interface, secure massaging API of JCOP
2.4.2 R3. The purpose of this API is to increase the performance of the
secure messaging. It is specially designed for LDS applets which are
used for the electronic passport as defined by ICAO.
September 2014
3DES (112 bit keys) for CBC and
Retail-MAC is used for SF.SM.
Not used
2048 bit key is used for
SF.CRYPTO
Only 2048 bit key is used for
SF.CRYPTO
SHA-1 and SHA-256 is used for
SF.CRYPTO
Not used
Not used
Used for SF.CRYPTO
Not used
Not used
Used for SF.PROTECT
Not used
Not used
Not used
Used for SF.PROTECT
Not used
Used for SF.SM
ST_AKDeID Evaluation documentation
Page 67 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
JCOP-functionality
Usage by TOE
Post-issuance installation and deletion of applets, packages and
objects
Pre-personalization mechanism
A Secure Box concept is implemented within JCOP 2.4.2 R3. The
Secure Box is a construct which allows to run non certified third party
native code and ensures that this code cannot harm, influence or
manipulate the JCOP 2.4.2 R3 operating system or any of the applets
executed by the operating system. The separation of the native code
in the Secure Box from other code and/or data residing on the
hardware is ensured by the Hardware MMU which has been certified
in the hardware evaluation.
MIFARE application accessible via contactless interface and via Java
Card API (availability depends on configuration and hardware)
Not used
11.1.2.
Used for SF.PROTECT
Not used
Not used
JCOP-SFRs used by this composite ST
The following table contains the all platform SFRs that are designated as “not used” or “used”
by this composite ST. The only SFRs whose functionality is directly used to implement the SFRs
of this composite ST are designated as “used”. This limit has been chosen although further
security relevant functionality of the platform is necessary for the security of the whole
composite TOE but the SFRs of this composite TOE are not directly concerned.
Table 11: JCOP SFRs
JCOP-SFRs
6.1.1.
6.1.1.1.
6.1.1.2.
6.1.1.3.
6.1.1.4.
6.1.1.5.
6.1.1.6.
6.1.1.7.
6.1.1.8.
Usage by TOE /
Not used
Firewall Policy
FDP_ACC.2/FIREWALL
Not used
FDP_ACF.1/FIREWALL
Not used
FDP_IFC.1/JCVM
Not used
FDP_IFF.1/JCVM
Not used
FDP_RIP.1/OBJECTS
Not used
FMT_MSA.1/JCRE
Not used
FMT_MSA.1/JCVM
Not used
FMT_MSA.2/FIREWALL_JCV Not used
M
6.1.1.9. FMT_MSA.3/FIREWALL
Not used
6.1.1.10. FMT_MSA.3/JCVM
Not used
6.1.1.11. FMT_SMF.1
Not used
6.1.1.12. FMT_SMR.1
Not used
6.1.2.
Application Programming Interface
6.1.2.1. FCS_CKM.1
Used to implement FCS_CKM.1
6.1.2.2. FCS_CKM.2
Not used
6.1.2.3. FCS_CKM.3
Not used
6.1.2.4. FCS_CKM.4
Used to implement FCS_CKM.4
Used to implement
FCS_COP.1/Signature_Creation:
• FCS_COP.1.1/RSASignaturePKCS#1
Used to implement FDP_UCT.1/SCD, FTP_ITC.1,
6.1.2.5. FCS_COP.1
FDP_DAU.2, FIA_API.1 and FDP_UIT.1:
• FCS_COP.1.1/RSASignaturePKCS#1
• FCS_COP.1.1/TripleDES
• FCS_COP.1.1/DESMAC
September 2014
ST_AKDeID Evaluation documentation
Ref
10.1.5, a, b
10.1.5, c
10.1.5, d-h
Page 68 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
JCOP-SFRs
Version: 1.3/2014-09-26
Usage by TOE /
Not used
• FCS_COP.1.1/SHA-1
• FCS_COP.1.1/SHA-256
Used to implement FCS_COP.1.1/RSACipher:
• FCS_COP.1.1/RSACipher
Not used
Not used
Not used
Used to implement FDP_RIP.1
Not used
Not used
Ref
Used to implement FPT_FLS.1 and FPT_PHP.1
Used to implement FDP_SDI.2/Persistent and
FDP_SDI.2/DTBS
Not used
Used to implement FPT_FLS.1 and FPT_TST.1
Not used
10.1.6, e
10.1.6, b
6.1.2.6.
6.1.2.7.
6.1.2.8.
6.1.2.9.
6.1.2.10.
6.1.2.11.
6.1.3.
6.1.3.1.
6.1.3.2.
FDP_RIP.1/ABORT
FDP_RIP.1/APDU
FDP_RIP.1/bArray
FDP_RIP.1/KEYS
FDP_RIP.1/TRANSIENT
FDP_ROL.1/FIREWALL
Card Security Management
FAU_ARP.1
FDP_SDI.2
6.1.3.3.
6.1.3.4.
6.1.3.5.
6.1.4.
6.1.4.1.
6.1.4.2.
6.1.4.3.
6.1.4.4.
6.1.4.5.
6.1.5.
6.1.5.1.
6.1.5.2.
6.1.5.3.
6.1.5.4.
6.1.6.
6.1.6.1.
6.1.6.2.
6.1.6.3.
6.1.6.4.
6.1.6.5.
6.1.6.6.
6.1.6.7.
6.1.6.8.
6.1.7.
6.1.7.1.
6.1.7.2.
6.1.8.
6.1.8.1.
6.1.8.2.
6.1.9.
6.1.9.1.
6.1.9.2.
6.1.9.3.
6.1.9.4.
6.1.9.5.
6.1.9.6.
6.1.9.7.
FPR_UNO.1
FPT_FLS.1
FPT_TDC.1
Aid Management
FIA_ATD.1/AID
Not used
FIA_UID.2/AID
Not used
FIA_USB.1/AID
Not used
FMT_MTD.1/JCRE
Not used
FMT_MTD.3/JCRE
Not used
INSTG Security Functional Requirements
FDP_ITC.2/Installer
Not used
FMT_SMR.1/Installer
Not used
FPT_FLS.1/Installer
Not used
FPT_RCV.3/Installer
Not used
ADELG Security Functional Requirements
FDP_ACC.2/ADEL
Not used
FDP_ACF.1/ADEL
Not used
FDP_RIP.1/ADEL
Not used
FMT_MSA.1/ADEL
Not used
FMT_MSA.3/ADEL
Not used
FMT_SMF.1/ADEL
Not used
FMT_SMR.1/ADEL
Not used
FPT_FLS.1/ADEL
Not used
RMIG Security Functional Requirements
FDP_ACC.2/JCRMI
Not used
FDP_ACF.1/JCRMI
Not used
ODELG Security Functional Requirements
FDP_RIP.1/ODEL
Not used
FPT_FLS.1/ODEL
Not used
CARG Security Functional Requirements
FCO_NRO.2/CM
Not used
FDP_IFC.2/CM
Not used
FDP_IFF.1/CM
Not used
FDP_UIT.1/CM
Not used
FIA_UID.1/CM
Not used
FMT_MSA.1/CM
Not used
FMT_MSA.3/CM
Not used
September 2014
Doc ID: DP-I-101
ST_AKDeID Evaluation documentation
10.1.6, a
-
10.1.6,d, e
-
Page 69 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
JCOP-SFRs
6.1.9.8.
6.1.9.9.
6.1.9.10.
6.1.10.
6.1.10.1.
6.1.10.2.
6.1.10.3.
6.1.10.4.
6.1.10.5.
6.1.11.
6.1.12.
6.1.12.1.
6.1.12.2.
6.1.12.3.
6.1.12.4.
6.1.12.5.
6.1.12.6.
6.1.13.
6.1.13.1.
6.1.13.2.
6.1.13.3.
6.1.13.4.
6.1.14.
6.1.14.1.
6.1.14.2.
6.1.14.3.
6.1.14.4.
6.1.14.5.
6.1.15.
6.1.15.1.
6.1.15.2.
6.1.15.3.
6.1.15.4.
6.1.15.5.
11.2.
Usage by TOE /
Not used
FMT_SMF.1/CM
Not used
FMT_SMR.1/CM
Not used
FTP_ITC.1/CM
Not used
EMG Security Functional Requirements
FDP_ACC.1/EXT_MEM
Not used
FDP_ACF.1/EXT_MEM
Not used
FMT_MSA.1/EXT_MEM
Not used
FMT_MSA.3/EXT_MEM
Not used
FMT_SMF.1/EXT_MEM
Not used
Further Functional Requirements
SCPG Security Functional Requirements
FPT_FLS.1/SCP
Not used
FRU_FLT.2/SCP
Not used
FPT_PHP.3/SCP
Used to implement FPT_PHP.3
FDP_ACC.1/SCP
Not used
FDP_ACF.1/SCP
Not used
FMT_MSA.3/SCP
Not used
Lifecycle Security Functional Requirements
FDP_ACC.1/LifeCycle
Not used
FDP_ACF.1/LifeCycle
Not used
FMT_MSA.1/LifeCycle
Not used
FMT_MSA.3/LifeCycle
Not used
Further Functional Requirements
FIA_AFL.1/PIN
Used to implement FIA_AFL.1/PIN and
FIA_AFL.1/PUK
FTP_ITC.1/LifeCycle
Not used
FAU_SAS.1/SCP
Not used
FCS_RNG.1
Used to implement FCS_CKM.1
FPT_EMSEC.1
Used to implement FPT_EMS.1
Functional Requirements for the Secure Box
FDP_ACC.2/SecureBox
Not used
FDP_ACF.1/SecureBox
Not used
FMT_MSA.3/SecureBox
Not used
FMT_MSA.1/SecureBox
Not used
FMT_SMF.1/SecureBox
Not used
Ref
-
10.1.6, f
10.1.1
10.1.5, a, b
10.1.6,c
-
Security assurance requirements of the composite evaluation
Table 12: JCOP SAR
Assurance class
Development
Guidance documents
Life-cycle support
September 2014
Assurance component Compare Assurance component
JCOP platform
Composite ST
ADV_ARC.1
ADV_FSP.5
ADV_IMP.1
ADV_TDS.4
ADV_INT.2
AGD_OPE.1
AGD_PRE.1
ALC_CMC.4
ALC_CMS.5
=
⊃
=
⊃
⊃
=
=
=
⊃
ADV_ARC.1
ADV_FSP.4
ADV_IMP.1
ADV_TDS.3
AGD_OPE.1
AGD_PRE.1
ALC_CMC.4
ALC_CMS.4
ST_AKDeID Evaluation documentation
Page 70 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Assurance class
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Assurance component Compare Assurance component
JCOP platform
Composite ST
ALC_DEL.1
ALC_DVS.2
ALC_LCD.1
ALC_TAT.2
ASE_CCL.1
ASE_ ECD.1
ASE_INT.1
Security Target evaluation ASE_OBJ.2
ASE_REQ.2
ASE_SPD.1
ASE_TSS.1
ATE_COV.2
ATE_DPT.3
Tests
ATE_FUN.1
ATE_IND.2
Vulnerability assessment AVA_VAN.5
=
=
=
⊃
=
=
=
=
=
=
=
=
⊃
=
=
=
ALC_DEL.1
ALC_DVS.2
ALC_LCD.1
ALC_TAT.1
ASE_CCL.1
ASE_ ECD.1
ASE_INT.1
ASE_OBJ.2
ASE_REQ.2
ASE_SPD.1
ASE_TSS.1
ATE_COV.2
ATE_DPT.1
ATE_FUN.1
ATE_IND.2
AVA_VAN.5
As shown in the table above, the security assurance requirements of the composite evaluation
represent a subset of the SARs of the underlying platform.
11.3. Compatibility between the Composite Security Target and the Platform
Security Target
The following mapping demonstrates the compatibility between the Composite Security Target
(the document at hand) and the Platform Security Target [JCOP_ST] regarding security
environments, security objectives, and security requirements. There is no conflict between
security environments, security objectives, and security requirements of the Composite
Security Target and the Platform Security Target.
Table 13: JCOP Definition
JCOP Definition
Pendant in [ST]
/Remarks
Pendant in ST with similar aim
Remarks
OT.Lifecycle_Security, OT.SCD_Secrecy,
OT.Sig_Secure, OT.Tamper_ID
OT.SCD_Secrecy, OT.Sigy_SigF
OT.Lifecycle_Security, OT.SCD_Secrecy,
OT.Sig_Secure, OT.Tamper_ID
OT.Lifecycle_Security, OT.SCD_Secrecy,
OT.Sig_Secure, OT.Tamper_ID
OT.Lifecycle_Security, OT.SCD_Secrecy,
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
Security objectives
Platform objectives concerning
the ESW
OT.SEC_BOX_FW
OT.SID
OT.FIREWALL
OT.GLOBAL_ARRAYS_CONFID
OT.GLOBAL_ARRAYS_INTEG
OT.NATIVE
OT.OPERATE
OT.REALLOCATION
OT.RESOURCES
OT.ALARM
OT.CIPHER
September 2014
ST_AKDeID Evaluation documentation
No contradictions
No contradictions
No contradictions
No contradictions
Page 71 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
JCOP Definition
OT.KEY-MNGT
OT.PIN-MNGT
OT.REMOTE
OT.TRANSACTION
OT.OBJ-DELETION
OT.DELETION
OT.LOAD
OT.INSTALL
OT.CARD-MANAGEMENT
OT.SCP.IC
OT.SCP.RECOVERY
OT.SCP.SUPPORT
OT.EXT-MEM
OT.IDENTIFICATION
OT.RND
OT.MF_FW
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Pendant in [ST]
OT.Sig_Secure, OT.DTBS_Integrity_TOE,
SVD_Corresp, OT.TOE_SSCD_Auth,
OT.TOE_SVD_Exp
OT.Lifecycle_Security, OT.SCD_Secrecy,
OT.Sig_Secure, OT.Sigy_SigF,
OT.DTBS_Integrity_TOE, SVD_Corresp, OT.SCD
OT.TOE_SSCD_Auth, OT.TOE_SVD_Exp
OT.SCD_Secrecy, OT.Sig_Secure, OT.Sigy_SigF,
OT.DTBS_Integrity_TOE
OT.SCD_Secrecy, OT.Sigy_SigF
OT.SCD_Secrecy, OT.Tamper_ID,
OT.Tamper_Resistance, OT.EMSEC_Design
OT.Lifecycle_Security, OT.SCD_Secrecy,
OT.Sig_Secure, OT.Sigy_SigF,
OT.DTBS_Integrity_TOE, SVD_Corresp,
OT.TOE_SSCD_Auth, OT.TOE_SVD_Exp
OT.SCD_Unique
-
/Remarks
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
Relevant threats of the Platform ST vs. threats of the Composite-ST.
Threats of Platform ST
T.OS_OPERATE
T.SEC_BOX_BORDER
T.RND
T.CONFID-APPLI-DATA
T.CONFID-JCS-CODE
T.CONFID-JCS-DATA
T.INTEG-APPLI-CODE
T.INTEG-APPLI-CODE.LOAD
T.INTEG-APPLI-DATA
T.INTEG-APPLI-DATA.LOAD
T.INTEG-JCS-CODE
T.INTEG-JCS-DATA
T.SID.1
T.SID.2
T.EXE-CODE.1
T.EXE-CODE.2
T.EXE-CODE-REMOTE
T.NATIVE
T.RESOURCES
T.DELETION
September 2014
According threats of comp. ST
T.SCD_Derive
T.SCD_Divulg, T.SCD_Derive, T.Hack_Phys,
T.SigF_Misuse
T.SCD_Divulg, T.SCD_Derive, T.Hack_Phys,
T.SigF_Misuse
T.Hack_Phys, T.SCD_Divulg, T.SigF_Misuse
T.Hack_Phys, T.SCD_Divulg, T.SigF_Misuse
-
ST_AKDeID Evaluation documentation
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
Page 72 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
JCOP Definition
Pendant in [ST]
/Remarks
T.INSTALL
T.OBJ-DELETION
T.PHYSICAL
T.Hack_Phys
No contradictions
No contradictions
No contradictions
Assumptions (platform) significant for Composite-ST
Assumptions of Platform ST
A.APPLET
A.VERIFICATION
A.USE_DIAG
A.USE_KEYS
A.PPROCESS-SEC-IC
Relevancy for Composite-ST
Admin guidance, ch. 4.2
Admin guidance, ch. 2.2.1
OE.CGA_TC_SVD_Imp, OE.HID_VAD,
OE.DTBS_Protect
A.CGA, A.SCA, A.CSP
User guidance
Consistent
Consistent
Consistent
Consistent
Consistent
Platform security objectives for the environment and relevancy for the Composite ST
OE of platform ST
OE.USE_DIAG
OE.USE_KEYS
OE.PROCESS_SEC_IC
OE.VERIFICATION
OE.APPLET
Matching aspects in Composite-ST
OE.CGA_TC_SVD_Imp, OE.HID_VAD,
OE.DTBS_Protect
OE.CGA_QCert, OE.SVD_Auth,
OE.DTBS_Indend, OE.SCD/SVD_Auth_Gen,
OE.SCD_Secrecy, OE.SCD_Unique,
OE.SCD_SVD_Corresp
User guidance
Admin guidance, ch.2.2.1
Admin guidance, ch 4.2
Remarks
No contradictions
No contradictions
No contradictions
No contradictions
No contradictions
Platform organizational security policies for the environment and relevancy for the Composite ST
OSP of platform ST
OSP.VERIFICATION
OSP.PROCESS-TOE
12.
Matching aspects in Composite-ST
Admin guidance, ch.2.2.1
OT.TOE_SSCD_Auth
Remarks
No contradictions
No contradictions
Crypto-Disclaimer
The strength of the cryptographic algorithms was not rated in the course of this certification
procedure (see BSIG Section 9, Para. 4, Clause 2). But Cryptographic Functionalities with a
security level of lower than 100 bits can no longer be regarded as secure without considering
the application context. Therefore, for these functionalities it shall be checked whether the
related crypto operations are appropriate for the intended system. Some further hints and
guidelines can be derived from the 'Technische Richtlinie BSI TR-02102'
(https://www.bsi.bund.de).
Any Cryptographic Functionality that is marked in column 'Security Level above 100 Bits' of the
following table with 'no' achieves a security level of lower than 100 Bits (in general context).
Table 14: TOE cryptographic functionality
No Purpose
1
Authenticity
September 2014
Cryptographic Mechanism Standard of
Implementation
Key Size Security
in Bits
Level
above
100 Bits
Comments
RSA signature verification [PKCS#1 v2.1]
(RSA),[FIPS 180-3]
(RSASSA-PKCS1-v1_5) of
CV certificates using SHA- (SHA)
256
Modulus yes
length=
2048
Sec 14.3 of
[EN 148901]
ST_AKDeID Evaluation documentation
Page 73 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
No Purpose
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Cryptographic Mechanism Standard of
Implementation
Key Size Security
in Bits
Level
above
100 Bits
Comments
RSA signature verification [PKCS#1 v2.1]
(RSASSA-PKCS1-v1_5) of
(RSA),[FIPS 180-3]
CV certificates using SHA- (SHA)
1
Modulus no
length=
2048
Sec 14.3 of
[EN 148901]
2
Authenticity
3
Authentication Symmetric Authentication Sec 8.8 of [EN
|k|=112, no
Scheme based on TDES
14890-1], [FIPS 46-3] |challen
(DES), [SP 800-38B] ge|=64
(CBC),[ISO 9797-1]
(Retail MAC)
-
4
Authentication Device authentication
with privacy protection
based on DH and RSA
signature generation and
verification (RSASSAPKCS1-v1_5) using SHA256
Plength= yes
2048,Mo
duluslen
gth=
2048
-
Plength= no
2048,Mo
duluslen
gth=
2048
-
5
Authentication Device authentication
with privacy protection
based on DH and RSA
signature generation and
verification (RSASSAPKCS1-v1_5) using SHA-1
Sec 8.5 of [EN
14890-1],
[PKCS#3]
(DH),[PKCS#1 v2.1]
(RSA),[FIPS 180-3]
(SHA)
Sec 8.5 of [EN
14890-1],
[PKCS#3]
(DH),[PKCS#1 v2.1]
(RSA),[FIPS 180-3]
(SHA)
6
Key Agreement Key derivation using SHA- Sec. 8.10 of [EN
1 or SHA-256
14890-1], [FIPS 1803] (SHA)
-
yes
-
7
Integrity
Triple-DES in Retail MAC [FIPS 46-3] (DES),
Mode
with
padding MAC Algorithm 1 of
method 2
[ISO9797-1]
|k|=112 no
-
8
Trusted
Channel
Secure Messaging based
on asymmetric
authentication
Sec 9 of [EN 148901] additionally cf.
lines 1, 4, 5, 6, 7, 8
-
no
-
9
Trusted
Channel
Secure Messaging based
on symmetric
authentication
Sec 9 of [EN 14890- 1] additionally cf.
lines 1, 3, 4, 5, 6, 7, 8
no
-
10 Cryptographic
Primitive
RSA signature generation
(RSASSA-PKCS1-v1_5)
using SHA-256
[PKCS#1 v2.1]
(RSA),[FIPS 180-3]
(SHA)
11 Cryptographic
Primitive
RSA encryption and
[PKCS#1 v2.1] (RSA)
decryption (RSAES-PKCS1v1_5)
September 2014
Modulus yes
length=
2048
Only after
PINauthentica
tion
Modulus yes
length=
2048
-
ST_AKDeID Evaluation documentation
Page 74 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
Table of content
SCOPE ......................................................................................................................................... 2
1.
2.
REFERENCES................................................................................................................................ 2
3.
CONVENTIONS AND TERMINOLOGY ........................................................................................... 3
3.1. TERMS AND DEFINITIONS.......................................................................................................................... 3
3.2. ABBREVIATED TERMS............................................................................................................................... 6
4.
ST INTRODUCTION ...................................................................................................................... 7
4.1. ST AND TOE REFERENCE .......................................................................................................................... 7
4.2. TOE OVERVIEW ..................................................................................................................................... 7
4.3. TOE DESCRIPTION .................................................................................................................................. 9
4.3.1. Overview for this section ............................................................................................................. 9
4.3.2. Operation of the TOE .................................................................................................................. 9
4.3.3. Security features ....................................................................................................................... 11
4.3.3.1.
Main functions .............................................................................................................................. 11
4.3.3.2.
Identification and user authentication .......................................................................................... 12
4.3.3.3.
Device authentication ................................................................................................................... 12
4.3.3.4.
Secure messaging .......................................................................................................................... 13
4.3.3.5.
Role authentication ....................................................................................................................... 13
4.3.3.6.
Cryptographic functions ................................................................................................................ 14
4.3.3.7.
Self protection ............................................................................................................................... 14
4.3.4. TOE platform ............................................................................................................................. 14
4.3.5. The TOE life cycle ...................................................................................................................... 16
4.3.5.1.
General .......................................................................................................................................... 16
4.3.5.2.
Development stage ....................................................................................................................... 16
4.3.5.3.
Preparation stage .......................................................................................................................... 17
4.3.5.4.
Operational use stage ................................................................................................................... 19
5.
CONFORMANCE CLAIMS ........................................................................................................... 20
5.1. COMMON CRITERIA CONFORMANCE CLAIM ............................................................................................... 20
5.2. PROTECTION PROFILE CLAIM .................................................................................................................. 20
5.3. PACKAGE CLAIM ................................................................................................................................... 21
5.4. CONFORMANCE RATIONALE.................................................................................................................... 21
5.4.1. Main aspects ............................................................................................................................. 21
5.4.2. Differences between ST and PP ................................................................................................. 21
6.
SECURITY PROBLEM DEFINITION .............................................................................................. 22
6.1. ASSETS, USERS AND THREAT AGENTS......................................................................................................... 22
6.2. THREATS ............................................................................................................................................. 23
6.2.1. T.SCD_Divulg
Storing, copying and releasing of the signature creation data................... 23
6.2.2. T.SCD_Derive Derive the signature creation data ................................................................... 23
6.2.3. T.Hack_Phys Physical attacks through the TOE interfaces...................................................... 23
6.2.4. T.SVD_Forgery Forgery of the signature verification data ....................................................... 23
6.2.5. T.SigF_Misuse Misuse of the signature creation function of the TOE ...................................... 23
6.2.6. T.DTBS_Forgery Forgery of the DTBS/R ................................................................................... 23
6.2.7. T.Sig_Forgery Forgery of the electronic signature .................................................................. 23
6.3. ORGANISATIONAL SECURITY POLICIES ........................................................................................................ 24
6.3.1. P.CSP_QCert Qualified certificate............................................................................................ 24
6.3.2. P.QSign Qualified electronic signatures .................................................................................. 24
6.3.3. P.Sigy_SSCD TOE as secure signature creation device ............................................................ 24
6.3.4. P.Sig_Non-Repud Non-repudiation of signatures .................................................................... 24
6.4. ASSUMPTIONS ..................................................................................................................................... 24
September 2014
ST_AKDeID Evaluation documentation
Page 75 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
6.4.1. A.CGA Trustworthy certificate generation application ........................................................... 24
6.4.2. A.SCA Trustworthy signature creation application................................................................. 24
6.5. FURTHER ASSUMPTION REGARDING KEY IMPORT ......................................................................................... 25
6.5.1. A.CSP Secure SCD/SVD management by CSP.......................................................................... 25
7.
SECURITY OBJECTIVES ............................................................................................................... 25
7.1. SECURITY OBJECTIVES FOR THE TOE ......................................................................................................... 25
7.1.1. Security objectives regarding all PPs ......................................................................................... 25
7.1.1.1.
OT.Lifecycle_Security Lifecycle security ....................................................................................... 25
7.1.1.2.
OT.SCD_Secrecy Secrecy of the signature creation data ............................................................. 25
7.1.1.3.
OT.Sig_Secure Cryptographic security of the electronic signature ............................................... 25
7.1.1.4.
OT.Sigy_SigF
7.1.1.5.
OT.DTBS_Integrity_TOE DTBS/R integrity inside the TOE ............................................................. 26
7.1.1.6.
OT.EMSEC_Design Provide physical emanations security ........................................................... 26
7.1.1.7.
OT.Tamper_ID Tamper detection ................................................................................................ 26
7.1.1.8.
OT.Tamper_Resistance Tamper resistance .................................................................................. 26
Signature creation function for the legitimate signatory only .............................. 26
7.1.2. Security objectives regarding the key generation ..................................................................... 26
7.1.2.1.
OT.SCD/SVD_Auth_Gen Authorized SCD/SVD generation ........................................................... 26
7.1.2.2.
OT.SCD_Unique Uniqueness of the signature creation data ....................................................... 26
7.1.2.3.
OT.SCD_SVD_Corresp Correspondence between SVD and SCD ................................................... 26
7.1.3. Security objectives regarding the key import ............................................................................ 27
7.1.3.1.
OT.SCD_Auth_Imp Authorized SCD import ................................................................................. 27
7.1.4. Security objectives regarding the trusted communication with CGA ........................................ 27
7.1.4.1.
OT.TOE_SSCD_Auth Authentication proof as SSCD .................................................................... 27
7.1.4.2.
OT.TOE_TC_SVD_Exp TOE trusted channel for SVD export ........................................................ 27
7.2. SECURITY OBJECTIVES FOR THE OPERATIONAL ENVIRONMENT......................................................................... 27
7.2.1. Security objectives for the operational environment regarding all PPs .................................... 27
7.2.1.1.
OE.SVD_Auth Authenticity of the SVD ........................................................................................ 27
7.2.1.2.
OE.CGA_QCert Generation of qualified certificates .................................................................... 27
7.2.1.3.
OE.HID_VAD Protection of the VAD ............................................................................................ 27
7.2.1.4.
OE.DTBS_Intend SCA sends data intended to be signed.............................................................. 28
7.2.1.5.
OE.DTBS_Protect SCA protects the data intended to be signed .................................................. 28
7.2.1.6.
OE.Signatory Security obligation of the signatory ...................................................................... 28
7.2.2. Security objectives for the operational environment regarding key import ............................. 28
7.2.2.1.
OE.SCD/SVD_Auth_Gen Authorized SCD/SVD generation........................................................... 28
7.2.2.2.
OE.SCD_Secrecy SCD Secrecy...................................................................................................... 28
7.2.2.3.
OE.SCD_Unique Uniqueness of the signature creation data ...................................................... 28
7.2.2.4.
OE.SCD_SVD_Corresp Correspondence between SVD and SCD ................................................... 29
7.2.3. Security objectives for the operational environment regarding the trusted communication with
CGA 29
7.2.3.1.
OE.Dev_Prov_Service Authentic SSCD provided by SSCD Provisioning Service ............................ 29
7.2.3.2.
OE.CGA_SSCD_Auth
7.2.3.3.
OE.CGA_TC_SVD_Imp CGA trusted channel for SVD import ........................................................ 29
Pre-initialisation of the TOE for SSCD authentication .............................. 29
7.3. SECURITY OBJECTIVES RATIONALE ............................................................................................................ 30
7.3.1. Security objectives Coverage..................................................................................................... 30
7.3.2. Security objectives sufficiency ................................................................................................... 31
8.
EXTENDED COMPONENT DEFINITION ....................................................................................... 36
8.1. DEFINITION OF THE FAMILY FPT_EMS ..................................................................................................... 36
8.2. DEFINITION OF THE FAMILY FIA_API ........................................................................................................ 37
9.
SECURITY REQUIREMENTS ........................................................................................................ 37
9.1. SECURITY FUNCTIONAL REQUIREMENTS .................................................................................................... 37
September 2014
ST_AKDeID Evaluation documentation
Page 76 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
Doc ID: DP-I-101
Version: 1.3/2014-09-26
9.1.1. Use of requirement specifications ............................................................................................. 37
9.1.2. Cryptographic support (FCS) ..................................................................................................... 37
9.1.2.1.
FCS_CKM.4 Cryptographic key destruction ................................................................................... 37
9.1.2.2.
FCS_COP.1/Signature_Creation Cryptographic operation............................................................ 38
9.1.2.3.
FCS_COP.1/RSACipher Cryptographic operation ......................................................................... 38
9.1.3. User data protection (FDP) ....................................................................................................... 39
9.1.3.1.
FDP_ACC.1/Signature_Creation Subset access control ................................................................ 39
9.1.3.2.
FDP_ACF.1/Signature creation
9.1.3.3.
FDP_RIP.1 Subset residual information protection........................................................................ 40
9.1.3.4.
FDP_SDI.2/Persistent Stored data integrity monitoring and action .............................................. 40
9.1.3.5.
FDP_SDI.2/DTBS Stored data integrity monitoring and action..................................................... 40
Security attribute based access control ................................ 39
9.1.4. Identification and authentication (FIA) ..................................................................................... 41
9.1.4.1.
FIA_UID.1 Timing of identification ................................................................................................ 41
9.1.4.2.
FIA_UAU.1 Timing of authentication............................................................................................. 41
9.1.4.3.
FIA_AFL.1/PIN Authentication failure handling ............................................................................ 42
9.1.4.4.
FIA_AFL.1/PUK Authentication failure handling ........................................................................... 42
9.1.5. Security management (FMT)..................................................................................................... 42
9.1.5.1.
FMT_SMR.1 Security roles ............................................................................................................. 42
9.1.5.2.
FMT_SMF.1 Security management functions................................................................................ 43
9.1.5.3.
FMT_MOF.1 Management of security functions behaviour .......................................................... 43
9.1.5.4.
FMT_MSA.1/Admin Management of security attributes .............................................................. 43
9.1.5.5.
FMT_MSA.1/Signatory Management of security attributes ......................................................... 43
9.1.5.6.
FMT_MSA.2 Secure security attributes ......................................................................................... 44
9.1.5.7.
FMT_MSA.3 Static attribute initialisation ..................................................................................... 44
9.1.5.8.
FMT_MSA.4 Security attribute value inheritance.......................................................................... 44
9.1.5.9.
FMT_MTD.1/Admin Management of TSF data ............................................................................. 45
FMT_MTD.1/Signatory Management of TSF data .................................................................... 45
9.1.5.10.
9.1.6. Protection of the TSF (FPT) ........................................................................................................ 45
9.1.6.1.
FPT_EMS.1 TOE Emanation ........................................................................................................... 45
9.1.6.2.
FPT_FLS.1 Failure with preservation of secure state .................................................................... 46
9.1.6.3.
FPT_PHP.1 Passive detection of physical attack............................................................................ 46
9.1.6.4.
FPT_PHP.3 Resistance to physical attack ...................................................................................... 47
9.1.6.5.
FPT_TST.1 TSF testing ................................................................................................................... 47
9.1.7. Security functional requirements regarding key generation..................................................... 48
9.1.7.1.
FCS_CKM.1 Cryptographic key generation .................................................................................... 48
9.1.7.2.
FDP_ACC.1/SCD/SVD_Generation Subset access control .............................................................. 48
9.1.7.3.
FDP_ACF.1/SCD/SVD_Generation
9.1.7.4.
FDP_ACC.1/SVD_Transfer Subset access control .......................................................................... 49
9.1.7.5.
FDP_ACF.1/SVD_Transfer Security attribute based access control ............................................... 49
Security attribute based access control ............................... 48
9.1.8. Security functional requirements regarding key import ........................................................... 50
9.1.8.1.
FDP_ACC.1/SCD_Import Subset access control ........................................................................... 50
9.1.8.2.
FDP_ACF.1/SCD_Import Security attribute based access control ................................................ 50
9.1.8.3.
FDP_ITC.1/SCD Import of user data without security attributes ................................................. 50
9.1.8.4.
FDP_UCT.1/SCD Basic data exchange confidentiality ................................................................. 51
9.1.8.5.
FTP_ITC.1/SCD Inter-TSF trusted channel .................................................................................... 51
9.1.9. Security functional requirements regarding trusted communication with CGA ....................... 52
9.1.9.1.
FIA_API.1 Authentication Proof of Identity................................................................................... 52
9.1.9.2.
FDP_DAU.2/SVD Data Authentication with Identity of Guarantor .............................................. 52
September 2014
ST_AKDeID Evaluation documentation
Page 77 of 78
AKD ELECTRONIC IDENTITY CARD
SECURITY TARGET
9.1.9.3.
Doc ID: DP-I-101
Version: 1.3/2014-09-26
FTP_ITC.1/SVD Inter-TSF trusted channel .................................................................................... 53
9.2. SECURITY ASSURANCE REQUIREMENTS ..................................................................................................... 53
9.3. SECURITY REQUIREMENTS RATIONALE ...................................................................................................... 54
9.3.1. Security Requirements Coverage .............................................................................................. 54
9.3.2. TOE Security Requirements Sufficiency ..................................................................................... 55
9.3.3. Satisfaction of dependencies of security functional requirements ........................................... 58
9.3.4. Rationale for chosen security assurance requirements ............................................................ 60
10.
TOE SUMMARY SPECIFICATION ................................................................................................ 60
10.1. SECURITY FUNCTIONALITY ...................................................................................................................... 61
10.1.1. SF.USER User authentication................................................................................................... 61
10.1.2. SF.DEV Device authentication ................................................................................................. 62
10.1.3. SF.SM Secure messaging .......................................................................................................... 63
10.1.4. SF.ACCESS Role authentication ................................................................................................ 63
10.1.5. SF.CRYPTO Cryptographic functions ......................................................................................... 64
10.1.6. SF.PROTECT Self protection ...................................................................................................... 65
10.2. SECURITY FUNCTIONALITY RATIONAL ........................................................................................................ 66
11.
STATEMENT OF COMPATIBILITY CONCERNING COMPOSITE SECURITY TARGET ........................ 67
11.1. SEPARATION OF THE PLATFORM-TSF ........................................................................................................ 67
11.1.1. JCOP-functionality ..................................................................................................................... 67
11.1.2. JCOP-SFRs used by this composite ST ........................................................................................ 68
11.2. SECURITY ASSURANCE REQUIREMENTS OF THE COMPOSITE EVALUATION .......................................................... 70
11.3. COMPATIBILITY BETWEEN THE COMPOSITE SECURITY TARGET AND THE PLATFORM SECURITY TARGET ................... 71
12.
CRYPTO-DISCLAIMER ................................................................................................................ 73
TABLE OF CONTENT ............................................................................................................................. 75
September 2014
ST_AKDeID Evaluation documentation
Page 78 of 78
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement