F2009VE 01
Contents
- 1 SECTION1: CRYPTOGRAPHIC MODULE SPECIFICATION
- 2 VE.01.03.01
- 3 VE.01.03.02
- 4 VE.01.06.01
- 5 VE.01.06.02
- 6 VE.01.08.01
- 7 VE.01.08.02
- 8 VE.01.08.03
- 9 VE.01.08.04
- 10 VE.01.08.05
- 11 VE.01.08.06
- 12 VE.01.08.07
- 13 VE.01.09.01
- 14 VE.01.09.02
- 15 VE.01.12.01
- 16 VE.01.12.02
- 17 VE.01.13.01
- 18 VE.01.13.02
- 19 VE.01.13.03
- 20 VE.01.13.04
- 21 VE.01.14.01
- 22 VE.01.15.01
- 23 VE.01.16.01
SECTION1: CRYPTOGRAPHIC MODULE SPECIFICATION
AS.01.01The cryptographic module shall be a set of hardware, software,
firmware, or some combination thereof that implements cryptographic
functions or processes, including cryptographic algorithms and,
optionally, key generation, and is contained within a defined
cryptographic boundary.
Assessment:
AS.01.02The cryptographic module shall implement at least one Approved
security function used in an Approved mode of operation.
Note: This assertion is tested as part of AS01.12.
Assessment:
AS.01.03The operator shall be able to determine when an Approved mode of
operation is selected.
Assessment:
VE.01.03.01
VE.01.03.01The vendor provided nonproprietary security policy shall provide a
description of the Approved mode of operation.
Assessment:
VE.01.03.02
VE.01.03.02The vendor provided non-proprietary security policy shall provide
instructions for invoking the Approved mode of operation.
Assessment:
AS.01.05The cryptographic boundary shall consist of an explicitly defined
perimeter that establishes the physical bounds of the cryptographic
module.
Assessment:
AS.01.06If the cryptographic module consists of software or firmware
components, the cryptographic boundary shall contain the processor(s)
and other hardware components that store and protect the software and
firmware components.
Assessment:
VE.01.06.01
VE.01.06.01For each processor in the module, the vendor shall identify, by major
services, the software or firmware that are executed by the processor,
and the memory devices that contain the executable code and data.
Assessment:
VE.01.06.02
VE.01.06.02For each processor, the vendor shall identify any hardware with which
the processor interfaces.
Assessment:
AS.01.07The following documentation requirements shall apply to all
security-specific hardware, software, and firmware contained within the
cryptographic module.
Note: This assertion is not separately tested.
Assessment:
AS.01.08Documentation shall specify the hardware, software, and firmware
components of the cryptographic module, specify the cryptographic
boundary surrounding these components, and describe the physical
configuration of the module.
Assessment:
VE.01.08.01
VE.01.08.01All hardware, software, and firmware components of the cryptographic
module shall be identified in the vendor documentation. Components
to be listed shall include, as applicable, all of the following:
1. Integrated circuits, including processors, memory, and (semi-)
custom integrated circuits
2. Other active electronic circuit elements
3. Power inputs and outputs, and internal power supplies or
converters
4. Physical structures, including circuit boards or other mounting
surfaces, enclosures, and connectors
5. Software and firmware modules
6. Other component types not listed above
Assessment:
VE.01.08.02
VE.01.08.02The above list of components shall be consistent with the information
provided for all other assertions of this section.
Assessment:
VE.01.08.03
VE.01.08.03The vendor documentation shall specify the module's cryptographic
boundary. The cryptographic boundary shall be an explicitly defined,
contiguous perimeter that establishes the physical bounds of the
cryptographic module. The boundary definition shall specify module
components and connections (ports), and also module information
flows, processing, and input/output data.
Assessment:
VE.01.08.04
VE.01.08.04The cryptographic boundary shall include any hardware or software that inputs, processes, or outputs important security parameters that could lead to the compromise of sensitive information if not properly controlled.
Assessment:
VE.01.08.05
VE.01.08.05The vendor documentation shall specify the physical embodiments of
the module ( single-chip cryptographic module, multiple-chip embedded
cryptographic module, or multiple-chip standalone cryptographic
module, as defined in Section 4.5 of FIPS PUB 140-2.
Assessment:
VE.01.08.06
VE.01.08.06The vendor's documentation shall indicate the internal layout and
assembly methods (e.g., fasteners and fittings) of the module, including
drawings that are at least approximately to scale. The interior of
integrated circuits need not be shown.
Assessment:
VE.01.08.07
VE.01.08.07The vendor's documentation shall describe the primary physical
parameters of the module, including descriptions of the enclosure,
access points, circuit boards, location of power supply, interconnection
wiring runs, cooling arrangements, and any other significant parameters.
Assessment:
AS.01.09Documentation shall specify any hardware, software, or firmware
components of the cryptographic module that are excluded from the
security requirements of this standard and explain the rationale for the
exclusion.
Assessment:
VE.01.09.01
VE.01.09.01All components that are to be excluded from the security requirements
shall be explicitly listed in the vendor documentation.
Assessment:
VE.01.09.02
VE.01.09.02The rationale for excluding each of the components listed in response to
requirement VE01.09.01 shall be provided in the vendor
documentation. The vendor shall show that each component, even if
malfunctioning or misused, cannot cause a compromise under any reasonable condition.
Assessment:
AS.01.10Documentation shall specify the physical ports and logical interfaces
and all defined input and output paths of the cryptographic module.
Note: This assertion is tested as part of AS02.01.
Assessment:
AS.01.11Documentation shall specify the manual or logical controls of the
cryptographic module, physical or logical status indicators, and their
physical, logical, and electrical characteristics.
Note: This assertion is tested as part of AS02.01.
Assessment:
AS.01.12Documentation shall list all security functions, both Approved and
non-Approved, that are employed by the cryptographic module and
shall specify all modes of operation, both Approved and non-Approved.
Assessment:
VE.01.12.01
VE.01.12.01The vendor shall provide a validation certificate for all Approved
cryptographic algorithms.
Assessment:
VE.01.12.02
VE.01.12.02The vendor shall provide a list of all non-Approved security functions.
Assessment:
AS.01.13Documentation shall specify a block diagram depicting all of the major
hardware components of the cryptographic module and their
interconnections, including any microprocessors, input/output buffers,
plaintext/ciphertext buffers, control buffers, key storage, working
memory, and program memory.
Assessment:
VE.01.13.01
VE.01.13.01The vendor documentation shall include a block diagram showing the
hardware components and their interconnections. Components to be
included in the block diagram shall include, as applicable:
1. Microprocessors
2. Input/output buffers
3. Plaintext/ciphertext buffers
4. Control buffers
5. Key storage
6. Working memory
7. Program memory
8. Other components types not listed above
Assessment:
VE.01.13.02
VE.01.13.02The block diagram shall also include any (semi-) custom integrated
circuits (e.g., gate arrays, field programmable gate arrays, or other
programmable logic).
Assessment:
VE.01.13.03
VE.01.13.03The block diagram shall show interconnections among major
components of the module and between the module and equipment or
components outside of the cryptographic boundary.
Assessment:
VE.01.13.04
VE.01.13.04The block diagram shall show the cryptographic boundary of the
module.
Assessment:
AS.01.14Documentation shall specify the design of the hardware, software, and
firmware components of the cryptographic module. High-level
specification languages for software/firmware or schematics for
hardware shall be used to document the design.
Assessment:
VE.01.14.01
VE.01.14.01The vendor shall provide a detailed specification of the design of the
hardware, software, and/or firmware contained in the module. This
documentation shall include, the finite state model and description
referred to in Section 4.4 of FIPS PUB 140-2. If the relationship
between the finite state model and the design specification is not clear,
the vendor shall provide additional documentation that describes this
Assessment:
AS.01.15Documentation shall specify all security-related information, including
secret and private cryptographic keys (both plaintext and encrypted),
authentication data (e.g., passwords, PINs), CSPs, and other protected
information (e.g., audited events, audit data) whose disclosure or
modification can compromise the security of the cryptographic module.
Assessment:
VE.01.15.01
VE.01.15.01The vendor shall provide documentation specifying all security-related
information, including secret and private cryptographic keys (both
plaintext and encrypted), authentication data (e.g., passwords, PINs),
CSPs, and other protected information (e.g., audited events, audit data)
whose disclosure or modification can compromise the security of the
cryptographic module.
Assessment:
AS.01.16Documentation shall specify the cryptographic module security policy.
The security policy shall include the rules derived from the
requirements of this standard and the rules derived from any additional
requirements imposed by the vendor.
Assessment:
VE.01.16.01
VE.01.16.01The vendor shall provide a separate nonproprietary security policy.
The security policy is defined in Appendix C of FIPS PUB 140-2.
