VE 09: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(fish and chips fish and chips fish and chips fish and chips fish and chips fish and chips)
Line 1: Line 1:
==SECTION 9: SELF-TESTS==
fish and chips fish and chips fish and chips fish and chips fish and chips fish and chips
<P ALIGN=LEFT STYLE="margin-top: 0.19in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.01</FONT></B>The
cryptographic module shall perform power-up self-tests and </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>conditional
self-tests to ensure that the module is functioning properly.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.02</FONT></B>Power-up
self-tests shall be performed when the cryptographic module </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>is
powered up.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is tested as part of AS09.07.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.03</FONT></B>Conditional
self-tests shall be performed when an applicable security </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>function
or operation is invoked (i.e., security functions for which </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>self-tests
are required).</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is tested as part of AS09.07.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.04</FONT></B>If
the cryptographic module fails a self-test, the module shall enter an
</FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>error
state and output an error indicator via the status output interface.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.04.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.04.01</FONT></B>The
vendor shall document all error states associated with each self-test</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>and
shall indicate for each error state the expected error indicator.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.05</FONT></B>The
cryptographic module shall not perform any cryptographic </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>operations
while in an error state.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.05.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.05.01</FONT></B>See
VE02.06.01 for the vendor design requirement. The vendor design</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>shall
ensure that cryptographic operations cannot be performed while </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
module is in the error state.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.06</FONT></B>All
data output via the data output interface shall be inhibited when an </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>error
state exists.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.06.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.06.01</FONT></B>See
VE02.06.01 for the vendor design requirement. The vendor design</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>shall
ensure that cryptographic operations cannot be performed while </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
module is in an error state.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.07</FONT></B>Documentation
shall specify:</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
the self-tests performed by the cryptographic module, including </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>power-up
and conditional tests,</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
the error states that the cryptographic module can enter when a </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>self-test
fails, and</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
the conditions and actions necessary to exit the error states and </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>resume
normal operation of the cryptographic module (i.e., this may </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>include
maintenance of the module, or returning the module to the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>vendor
for servicing.)</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.19in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.07.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.07.01</FONT></B>The
vendor shall provide a list of all self-tests that the module can </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>perform.
This list shall include both power-up tests and conditional </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>tests.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.07.02==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.07.02</FONT></B>For
each error condition, the vendor documentation shall provide the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>condition
name, the events that can produce the condition, and the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>actions
necessary to clear the condition and resume normal operation.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.08</FONT></B>Power-up
tests shall be performed by the cryptographic module when </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
module is powered up (after being powered off, reset, rebooted, </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>etc.).</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.09</FONT></B>The
power-up tests shall be initiated automatically and shall not require
</FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>operator
intervention.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.09.01</FONT></B>The
vendor documentation shall require that the running of power-up </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>self-tests
not involve any inputs from or actions by the operator.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.10</FONT></B>When
the power-up tests are completed, the results (i.e., indications of </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>success
or failure) shall be output via the &quot;status output&quot;
interface.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.10.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.10.01</FONT></B>The
vendor shall document the indicator that the module outputs upon </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>successful
completion of the power-up self-tests.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.11</FONT></B>All
data output via the output interface shall be inhibited when the
tests </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>are
performed.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is tested as part of AS02.06.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.12</FONT></B>In
addition to performing the power-up tests when powered up, the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
module shall permit operators to initiate the tests on </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>demand
for periodic testing of the module.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.12.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.12.01</FONT></B>The
vendor shall describe the procedure by which an operator can </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>initiate
the power-up self-tests on demand. All of the power-up </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>self-tests
must be included.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.13</FONT></B>The
cryptographic module shall perform the following power-up tests: </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
algorithm test, software/firmware integrity test, and </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>critical
functions test.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.13.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.13.01</FONT></B>See
VE09.07.01 for the vendor requirement.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.16</FONT></B>A
cryptographic algorithm test using a known answer shall be </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>conducted
for all cryptographic functions (e.g., encryption, decryption, </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>authentication
and random number generation) of each Approved </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
algorithm implemented by the cryptographic module.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.16.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.16.01</FONT></B>See
VE09.07.01 for the vendor requirement.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.17</FONT></B>If
the calculated output does not equal the known answer, the
known-answer test shall fail.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.17.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.17.01</FONT></B>The
vendor documentation shall specify the method used to compare </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
calculated output with the known answer.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.17.02==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.17.02</FONT></B>The
documentation shall show the transition into an error state and </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>output
of an error indicator when the two outputs are not equal.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.18</FONT></B>Cryptographic
algorithms whose outputs vary for a given set of inputs </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>(e.g.,
the Digital Signature Algorithm) shall be tested using a </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>known-answer
test or shall be tested using a pair-wise consistency test.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.18.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.18.01</FONT></B>See
VE09.07.01 for the vendor requirement.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.18.02==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.18.02</FONT></B>The
vendor documentation shall specify and describe the test(s) which </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>is
implemented.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.19</FONT></B>Message
digest algorithms shall have an independent known-answer test</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>or
the known-answer test shall be included with the associated </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
algorithm test (e.g., the Digital Signature Standard).</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.19.01==
<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.19.01</FONT></B>See
VE09.07.01 for the vendor requirement.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.19.02==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.19.02</FONT></B>The
vendor documentation shall specify and describe the test(s) which </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>is
implemented.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.20</FONT></B>If
the cryptographic module includes two independent implementations </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>of
the same cryptographic algorithm, then the outputs of two </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>implementations
shall be continuously compared.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.20.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.20.01</FONT></B>See
VE09.07.01 for the vendor requirement.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.20.02==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.20.02</FONT></B>The
vendor shall specify whether a known answer test or the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>comparison
of the output of two independent cryptographic algorithm </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>implementations
(compared answer test) is used to test the module's </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
algorithm. If the compared answer test is used, the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>vendor
shall document this fact.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.21</FONT></B>If
the cryptographic module includes two independent implementations </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>of
the same cryptographic algorithm then, if the outputs of two </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>implementations
are not equal, the cryptographic algorithm test shall </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>fail.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.22</FONT></B>A
software/firmware integrity test using an error detection code (EDC) </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>or
Approved authentication technique (e.g., an Approved message </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>authentication
code or digital signature algorithm) shall be applied to all </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>validated
software and firmware components within the cryptographic </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>module
when the module is powered up.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.22.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.22.01</FONT></B>The
vendor documentation shall specify whether an error detection </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>code
(EDC) or a Approved authentication technique (e.g., an Approved</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>message
authentication code or digital signature algorithm) is implemented as
an integrity test for all software and firmware components.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.01in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.22.02</FONT></B>The
documentation shall describe the implemented integrity </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>mechanism.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.22.03==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.22.03</FONT></B>If
the module implements an Approved authentication technique:</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>(1)
The vendor shall provide a validation certificate as specified in </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>VE01.12.01.
</FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>or</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>(2)
In the absence of a CMVP algorithm validation certificate issuing </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>process,
the vendor organization shall provide a written affirmation </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>asserting
that the authentication technique implemented in the module is</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Approved.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.19in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.23</FONT></B>If
the calculated result does not equal the previously generated result,
</FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
software/firmware test shall fail.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is tested as part of AS09.22.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.24</FONT></B>If
an EDC is used, the EDC shall be at least 16 bits in length.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.24.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.24.01</FONT></B>If
the module implements EDCs for software/firmware integrity, the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>vendor
documentation shall indicate that the EDC is at least 16 bits in </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>length.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.25</FONT></B>Other
security functions critical to the secure operation of the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
module shall be tested when the module is powered up as</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>part
of the power-up tests.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is tested as part of AS09.27.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.26</FONT></B>Other
critical security functions performed under specific conditions </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>shall
be tested as conditional tests.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is tested as part of AS09.27.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.27</FONT></B>Documentation
shall specify all security functions critical to the secure </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>operation
of the cryptographic module and shall identify the applicable </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>power-up
tests and conditional tests performed by the module.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
Critical functions are defined as those functions that, upon failure,</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>could
lead to the disclosure of CSPs. Examples of critical functions </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>include
but not limited to random number generation, operation of the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
algorithm, and cryptographic bypass.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.18in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.27.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.27.01</FONT></B>The
vendor shall provide documentation of all critical functions. For </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>each
critical function, the vendor shall indicate:</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>1.
The purpose of the critical function</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>2.
Which critical functions are tested by which power-up tests</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>3.
Which critical functions are tested by which conditional tests</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.28</FONT></B>Note:
There are no requirements for this assertion number.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.28.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.28.01</FONT></B>Note:
There are no requirements for this assertion number.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.29</FONT></B>Conditional
tests shall be performed by the cryptographic module when </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
conditions specified for the following tests occur: pair-wise </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>consistency
test, software/firmware load test, manual key entry test, </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>continuous
random number generator test, and bypass test.Note: This </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>assertion
is not separately tested.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.30</FONT></B>If
the cryptographic module generates public or private keys, then the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>following
pair-wise consistency tests for public and private keys shall be</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>performed.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is tested as part of AS09.31, and AS09.33.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.31</FONT></B>If
the keys are used to perform an approved key transport method, then</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
public key shall encrypt a plaintext value. The resulting ciphertext </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>value
shall be compared to the original plaintext value. If the two </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>values
are equal, then the test shall fail. If the two values differ, then </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
private key shall be used to decrypt the ciphertext and the resulting
</FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>value
shall be compared to the original plaintext value. If the two values
are not equal, the test shall fail.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.02in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.31.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.31.01</FONT></B>If
the keys are used to perform an approved key transport method, the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
module shall test for pairwise consistency by applying the</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>public
key to a plaintext value. The resulting ciphertext shall be </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>compared
to the original plaintext to verify that they differ.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
If the two values are equal, then the cryptographic module shall </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>enter
an error state and output an error indicator via the status
interface.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
If the two values differ, then the private key shall be applied to
the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>ciphertext
and the result shall be compared to the original plaintext.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.19in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.32</FONT></B>Note:
There are no requirements for this assertion number.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.32.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.32.01</FONT></B>Note:
There are no requirements for this assertion number.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.33</FONT></B>If
the keys are used to perform the calculation and verification of
digital</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>signatures,
then the consistency of the keys shall be tested by the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>calculation
and verification of a digital signature. If the digital signature </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cannot
be verified, the test shall fail.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.33.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.33.01</FONT></B>If
the public and private keys are to be used only for the calculation </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>and/or
verification of digital signatures, then the cryptographic module </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>shall
test for pairwise consistency by calculation and verification of a </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>signature.
If the signature cannot be verified, the test shall fail.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.34</FONT></B>If
software or firmware components can be externally loaded into the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
module, then the following software/firmware load tests </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>shall
be performed.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is tested as part of AS09.34, AS09.35, and </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.35</FONT></B>An
Approved authentication technique (e.g., an Approved message </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>authentication
code, digital signature algorithm, or HMAC) shall be </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>applied
to all validated software and firmware components when the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>components
are externally loaded into the cryptographic module.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.35.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.35.01</FONT></B>The
vendor documentation shall describe the Approved authentication </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>technique
used to protect the integrity of all externally loaded software </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>and
firmware components.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.35.02==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.35.02</FONT></B>If
the module implements an Approved authentication technique:</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>(1)
The vendor shall provide a validation certificate as specified in </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>VE01.12.01.
</FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>or</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>(2)
In the absence of a CMVP algorithm validation certificate issuing </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>process,
the vendor organization shall provide a written affirmation </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>asserting
that the authentication technique implemented in the module is</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Approved.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.19in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.36</FONT></B>The
calculated result shall be compared with a previously generated </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>result.
If the calculated result does not equal the previously generated </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>result,
the software/firmware integrity test shall fail.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is tested as part of AS09.35.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.37</FONT></B>If
cryptographic keys or key components are manually entered into the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
module, then the following manual key entry tests shall </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>be
performed.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is not separately tested.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.38</FONT></B>The
cryptographic key or key components shall have an EDC applied, </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>or
shall be entered using duplicate entries.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is tested as part of AS09.40.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.39</FONT></B>If
an EDC is used, the EDC shall be at least 16 bits in length.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is tested as part of AS09.40.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.40</FONT></B>If
the EDC cannot be verified, or the duplicate entries do not match, </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
test shall fail.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.40.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.40.01</FONT></B>The
vendor shall document the manual key entry test. Depending on </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>whether
error detection codes or duplicate key entries are used, the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>manual
key entry test shall include the following:</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>1.
Error detection codes (EDCs):</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
Description of EDC calculation algorithm</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
Description of verification process</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
Expected outputs for success or failure of test</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>2.
Duplicate key entries:</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
Description of verification process</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
Expected outputs for success or failure of test</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.21in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.40.02==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.40.02</FONT></B>If
EDCs are associated with keys, then the vendor documentation that </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>describes
the format of the cryptographic keys (see AS07.03) shall </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>include
fields for the error detection codes.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.41</FONT></B>If
a cryptographic module employs Approved or non-Approved RNGs </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>in
an Approved mode of operation, the module shall perform the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>following
continuous random number generator test on each RNG that </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>tests
for failure to a constant value.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is tested as part of AS09.42 and AS09.43.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.42</FONT></B>If
each call to a RNG produces blocks of n bits (where n &gt; 15), the
first</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>n-bit
block generated after power-up, initialization, or reset shall not be</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>used,
but shall be saved for comparison with the next n-bit block to be </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>generated.
Each subsequent generation of an n-bit block shall be </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>compared
with the previously generated block. The test shall fail if any</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>two
compared n-bit blocks are equal.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.42.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.42.01</FONT></B>If
the module implements a random number generator, the vendor shall </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>document
the continuous random number generator test.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.43</FONT></B>If
each call to a RNG produces fewer than 16 bits, the first n bits </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>generated
after power-up, initialization, or reset (for some n &gt; 15) shall </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>not
be used, but shall be saved for comparison with the next n </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>generated
bits. Each subsequent generation of n bits shall be compared </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>with
the previously generated n bits. The test fails if any two compared</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>n-bit
sequences are equal.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.43.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.43.01</FONT></B>If
the module implements a random number generator, the vendor shall </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>document
the continuous random number generator test.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.44</FONT></B>If
the cryptographic module implements a bypass capability where the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>services
may be provided without cryptographic processing (e.g., </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>transferring
plaintext through the module), then the following bypass </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>tests
shall be performed to ensure that a single point of failure of </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>module
components will not result in the unintentional output of </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>plaintext.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.45</FONT></B>The
cryptographic module shall test for the correct operation of the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>services
providing cryptographic processing when a switch takes place </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>between
an exclusive bypass service and an exclusive cryptographic </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.45.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.45.01</FONT></B>If
the cryptographic module implements a bypass service, then the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>vendor
shall implement a bypass test to verify the correct operation of </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
cryptographic service when a switch takes place between an </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>exclusive
bypass and an exclusive cryptographic service.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.45.02==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.45.02</FONT></B>The
vendor shall provide a description of the test as defined in </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>AS09.48.
The bypass test shall demonstrate that, when switched to an </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>exclusive
cryptographic service, the module does not output plaintext </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>information
as defined in AS09.47. The test fails if the cryptographic </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>module
outputs plaintext information.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.46</FONT></B>If
the cryptographic module can automatically alternate between a </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>bypass
service and a cryptographic service, providing some services </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>with
cryptographic processing and some services without cryptographic </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>processing,
then the module shall test for the correct operation of the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>services
providing cryptographic processing when the mechanism </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>governing
the switching procedure is modified (e.g., an IP address
source/destination table).</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.22in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.46.01==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.46.01</FONT></B>If
the cryptographic module is designed to automatically alternate </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>between
a bypass service and a cryptographic service, then the vendor </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>shall
implement a bypass test to verify the correct operation of the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
service when the mechanism governing the switching </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>procedure
is modified.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
==VE.09.46.02==
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.46.02</FONT></B>The
vendor shall provide a description of the test as defined in </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>AS09.48.
The bypass test shall demonstrate that when the mechanism </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>governing
the switching procedure is modified:</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>1.
The mechanism is verified not to have been altered since the last </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>modification.
If the mechanism has been altered, the cryptographic </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>module
shall enter an error state and output an error indicator to the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>status
interface.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>2.
The correct operation of the cryptographic service is verified by </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>demonstrating
that the module does not output plaintext information as </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>defined
in AS09.47. The test fails if the module outputs plaintext </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>information.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.01in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.47</FONT></B>No
single point of failure shall result in the unintentional output of </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>plaintext.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is tested as part of AS09.45 and AS09.46.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.48</FONT></B>Documentation
shall specify the mechanism or logic governing the </FONT></FONT></FONT>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>switching
procedure.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
This assertion is tested as part of AS09.45 and AS09.46.</FONT></FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
 
==VE.09.05.01==
Assessment:
VE.09.05.01See VE02.06.01 for the vendor design requirement.  The vendor design
shall ensure that cryptographic operations cannot be performed while
the module is in the error state.
 
Assessment:
AS.09.06All data output via the data output interface shall be inhibited when an
error state exists.

Revision as of 02:20, 19 August 2005

fish and chips fish and chips fish and chips fish and chips fish and chips fish and chips

Retrieved from "https://wiki.mozilla.org/index.php?title=VE_09&oldid=11156"