A Study on the Cryptographic Module Validation in the CC .ppt

2007/06/04 Copyright C 2007, Canon Inc. All rights reserved. A Study onthe Cryptographic Module Validationin the CC Evaluationfrom Vendors point of view Nobuhiro TAGASHIRA Canon Inc. Contents Background The Common Criteria Evaluation vs The Cryptographic Module Validation Proposal 1 Developer’s Explanation Proposal 2 new framework Conclusion Background in Japan Activities in Canon The Common Criteria Evaluation Standard : ISO/IEC 15408 Common Criteria Methodology : CEM Target : TOE a set of S/W, F/W and/or H/W Top Description : Security Target Flow : ST Evaluation - TOE Evaluation Levels : EAL1 to EAL7 Action : Evaluation Etc : 8 Security Assurance Classes The Cryptographic Module Validation Standard : ISO/IEC 19790 FIPS 140-2 Methodology : DTR Derived Test Requirements Target : Cryptographic Module Top Description : Security Policy Flow : Algorithm Testing - Module Testing Levels : Security Level 1 to 4 Action : Testing Etc : 11 security areas CC Evaluation vs CM Validation The CC Evaluation and CM Validation are different in Abstractness Focus of tests [B2-04][B2-05] Question! Have the CC Evaluation and CM validation produced a synergistic effect? Problems and Countermeasuresunder the CC Evaluation and CM Validation Problems 1. It is difficult for an end user to understand the validity of the CC Evaluation and CM Validation. Proposal 1 for CNTM1 Developer’s Explanation Write a ST, which clearly describes the TOE and the CM, so that an end user can understand. Point : It is NOT necessary to change a structure of the ST. There are some sections, which describes the CM. ST Description Chap. 1 for Proposal 1 ST reference TOE reference Identify the Cryptographic Module, which is in the TOE. TOE overview TOE description In the description of the physical scope of the TOE, describe the physical scope of the CM, and a relationship between the TOE and the CM. In the description of the logical scope of the TOE, descri