VE 01: Difference between revisions

SECTION1: CRYPTOGRAPHIC MODULE SPECIFICATION

AS.01.01The cryptographic module shall be a set of hardware, software,

firmware, or some combination thereof that implements cryptographic

functions or processes, including cryptographic algorithms and,

optionally, key generation, and is contained within a defined

cryptographic boundary.

Assessment:

AS.01.02The cryptographic module shall implement at least one Approved

security function used in an Approved mode of operation.

Note: This assertion is tested as part of AS01.12.

Assessment:

AS.01.03The operator shall be able to determine when an Approved mode of

operation is selected.

Assessment:

VE.01.03.01

VE.01.03.01The vendor provided nonproprietary security policy shall provide a

description of the Approved mode of operation.

Assessment:

VE.01.03.02

VE.01.03.02The vendor provided non-proprietary security policy shall provide

instructions for invoking the Approved mode of operation.

Assessment:

AS.01.05The cryptographic boundary shall consist of an explicitly defined

perimeter that establishes the physical bounds of the cryptographic

module.

Assessment:

AS.01.06If the cryptographic module consists of software or firmware

components, the cryptographic boundary shall contain the processor(s)

and other hardware components that store and protect the software and

firmware components.

Assessment:

VE.01.06.01

VE.01.06.01For each processor in the module, the vendor shall identify, by major

services, the software or firmware that are executed by the processor,

and the memory devices that contain the executable code and data.

Assessment:

VE.01.06.02

VE.01.06.02For each processor, the vendor shall identify any hardware with which

the processor interfaces.

Assessment:

AS.01.07The following documentation requirements shall apply to all

security-specific hardware, software, and firmware contained within the

cryptographic module.

Note: This assertion is not separately tested.

Assessment:

AS.01.08Documentation shall specify the hardware, software, and firmware

components of the cryptographic module, specify the cryptographic

boundary surrounding these components, and describe the physical

configuration of the module.

Assessment:

VE.01.08.01

VE.01.08.01All hardware, software, and firmware components of the cryptographic

module shall be identified in the vendor documentation. Components

to be listed shall include, as applicable, all of the following:

1. Integrated circuits, including processors, memory, and (semi-)

custom integrated circuits

2. Other active electronic circuit elements

3. Power inputs and outputs, and internal power supplies or

converters

4. Physical structures, including circuit boards or other mounting

surfaces, enclosures, and connectors

5. Software and firmware modules

6. Other component types not listed above

Assessment:

VE.01.08.02

VE.01.08.02The above list of components shall be consistent with the information

provided for all other assertions of this section.

Assessment:

VE.01.08.03

VE.01.08.03The vendor documentation shall specify the module's cryptographic

boundary. The cryptographic boundary shall be an explicitly defined,

contiguous perimeter that establishes the physical bounds of the

cryptographic module. The boundary definition shall specify module

components and connections (ports), and also module information

flows, processing, and input/output data.

Assessment:

VE.01.08.04

VE.01.08.04The cryptographic boundary shall include any hardware or software that inputs, processes, or outputs important security parameters that could lead to the compromise of sensitive information if not properly controlled.

Assessment:

VE.01.08.05

VE.01.08.05The vendor documentation shall specify the physical embodiments of

the module ( single-chip cryptographic module, multiple-chip embedded

cryptographic module, or multiple-chip standalone cryptographic

module, as defined in Section 4.5 of FIPS PUB 140-2.

Assessment:

VE.01.08.06

VE.01.08.06The vendor's documentation shall indicate the internal layout and

assembly methods (e.g., fasteners and fittings) of the module, including

drawings that are at least approximately to scale. The interior of

integrated circuits need not be shown.

Assessment:

VE.01.08.07

VE.01.08.07The vendor's documentation shall describe the primary physical

parameters of the module, including descriptions of the enclosure,

access points, circuit boards, location of power supply, interconnection

wiring runs, cooling arrangements, and any other significant parameters.

Assessment:

AS.01.09Documentation shall specify any hardware, software, or firmware

components of the cryptographic module that are excluded from the

security requirements of this standard and explain the rationale for the

exclusion.

Assessment:

VE.01.09.01

VE.01.09.01All components that are to be excluded from the security requirements

shall be explicitly listed in the vendor documentation.

Assessment:

VE.01.09.02

VE.01.09.02The rationale for excluding each of the components listed in response to

requirement VE01.09.01 shall be provided in the vendor

documentation. The vendor shall show that each component, even if

malfunctioning or misused, cannot cause a compromise under any reasonable condition.

Assessment:

AS.01.10Documentation shall specify the physical ports and logical interfaces

and all defined input and output paths of the cryptographic module.

Note: This assertion is tested as part of AS02.01.

Assessment:

AS.01.11Documentation shall specify the manual or logical controls of the

cryptographic module, physical or logical status indicators, and their

physical, logical, and electrical characteristics.

Note: This assertion is tested as part of AS02.01.

Assessment:

AS.01.12Documentation shall list all security functions, both Approved and

non-Approved, that are employed by the cryptographic module and

shall specify all modes of operation, both Approved and non-Approved.

Assessment:

VE.01.12.01

VE.01.12.01The vendor shall provide a validation certificate for all Approved

cryptographic algorithms.

Assessment:

VE.01.12.02

VE.01.12.02The vendor shall provide a list of all non-Approved security functions.

Assessment:

AS.01.13Documentation shall specify a block diagram depicting all of the major

hardware components of the cryptographic module and their

interconnections, including any microprocessors, input/output buffers,

plaintext/ciphertext buffers, control buffers, key storage, working

memory, and program memory.

Assessment:

VE.01.13.01

VE.01.13.01The vendor documentation shall include a block diagram showing the

hardware components and their interconnections. Components to be

included in the block diagram shall include, as applicable:

1. Microprocessors

2. Input/output buffers

3. Plaintext/ciphertext buffers

4. Control buffers

5. Key storage

6. Working memory

7. Program memory

8. Other components types not listed above

Assessment:

VE.01.13.02

VE.01.13.02The block diagram shall also include any (semi-) custom integrated

circuits (e.g., gate arrays, field programmable gate arrays, or other

programmable logic).

Assessment:

VE.01.13.03

VE.01.13.03The block diagram shall show interconnections among major

components of the module and between the module and equipment or

components outside of the cryptographic boundary.

Assessment:

VE.01.13.04

VE.01.13.04The block diagram shall show the cryptographic boundary of the

module.

Assessment:

AS.01.14Documentation shall specify the design of the hardware, software, and

firmware components of the cryptographic module. High-level

specification languages for software/firmware or schematics for

hardware shall be used to document the design.

Assessment:

VE.01.14.01

VE.01.14.01The vendor shall provide a detailed specification of the design of the

hardware, software, and/or firmware contained in the module. This

documentation shall include, the finite state model and description

referred to in Section 4.4 of FIPS PUB 140-2. If the relationship

between the finite state model and the design specification is not clear,

the vendor shall provide additional documentation that describes this

Assessment:

AS.01.15Documentation shall specify all security-related information, including

secret and private cryptographic keys (both plaintext and encrypted),

authentication data (e.g., passwords, PINs), CSPs, and other protected

information (e.g., audited events, audit data) whose disclosure or

modification can compromise the security of the cryptographic module.

Assessment:

VE.01.15.01

VE.01.15.01The vendor shall provide documentation specifying all security-related

information, including secret and private cryptographic keys (both

plaintext and encrypted), authentication data (e.g., passwords, PINs),

CSPs, and other protected information (e.g., audited events, audit data)

whose disclosure or modification can compromise the security of the

cryptographic module.

Assessment:

AS.01.16Documentation shall specify the cryptographic module security policy.

The security policy shall include the rules derived from the

requirements of this standard and the rules derived from any additional

requirements imposed by the vendor.

Assessment:

VE.01.16.01

VE.01.16.01The vendor shall provide a separate nonproprietary security policy.

The security policy is defined in Appendix C of FIPS PUB 140-2.