VE 09: Difference between revisions

VE 09 (view source)

Revision as of 02:20, 19 August 2005

87,112 bytes removed , 19 August 2005

fish and chips fish and chips fish and chips fish and chips fish and chips fish and chips

Georgebush

32

edits

@@ Line 1: / Line 1: @@
-==SECTION 9: SELF-TESTS==
+fish and chips fish and chips fish and chips fish and chips fish and chips fish and chips
-<P ALIGN=LEFT STYLE="margin-top: 0.19in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.01</FONT></B>The
-cryptographic module shall perform power-up self-tests and </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>conditional
-self-tests to ensure that the module is functioning properly.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.02</FONT></B>Power-up
-self-tests shall be performed when the cryptographic module </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>is
-powered up.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is tested as part of AS09.07.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.03</FONT></B>Conditional
-self-tests shall be performed when an applicable security </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>function
-or operation is invoked (i.e., security functions for which </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>self-tests
-are required).</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is tested as part of AS09.07.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.04</FONT></B>If
-the cryptographic module fails a self-test, the module shall enter an
-</FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>error
-state and output an error indicator via the status output interface.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.04.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.04.01</FONT></B>The
-vendor shall document all error states associated with each self-test</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>and
-shall indicate for each error state the expected error indicator.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.05</FONT></B>The
-cryptographic module shall not perform any cryptographic </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>operations
-while in an error state.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.05.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.05.01</FONT></B>See
-VE02.06.01 for the vendor design requirement. The vendor design</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>shall
-ensure that cryptographic operations cannot be performed while </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
-module is in the error state.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.06</FONT></B>All
-data output via the data output interface shall be inhibited when an </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>error
-state exists.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.06.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.06.01</FONT></B>See
-VE02.06.01 for the vendor design requirement. The vendor design</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>shall
-ensure that cryptographic operations cannot be performed while </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
-module is in an error state.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.07</FONT></B>Documentation
-shall specify:</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
-the self-tests performed by the cryptographic module, including </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>power-up
-and conditional tests,</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
-the error states that the cryptographic module can enter when a </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>self-test
-fails, and</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
-the conditions and actions necessary to exit the error states and </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>resume
-normal operation of the cryptographic module (i.e., this may </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>include
-maintenance of the module, or returning the module to the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>vendor
-for servicing.)</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.19in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.07.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.07.01</FONT></B>The
-vendor shall provide a list of all self-tests that the module can </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>perform.
-This list shall include both power-up tests and conditional </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>tests.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.07.02==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.07.02</FONT></B>For
-each error condition, the vendor documentation shall provide the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>condition
-name, the events that can produce the condition, and the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>actions
-necessary to clear the condition and resume normal operation.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.08</FONT></B>Power-up
-tests shall be performed by the cryptographic module when </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
-module is powered up (after being powered off, reset, rebooted, </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>etc.).</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.09</FONT></B>The
-power-up tests shall be initiated automatically and shall not require
-</FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>operator
-intervention.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.09.01</FONT></B>The
-vendor documentation shall require that the running of power-up </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>self-tests
-not involve any inputs from or actions by the operator.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.10</FONT></B>When
-the power-up tests are completed, the results (i.e., indications of </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>success
-or failure) shall be output via the &quot;status output&quot;
-interface.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.10.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.10.01</FONT></B>The
-vendor shall document the indicator that the module outputs upon </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>successful
-completion of the power-up self-tests.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.11</FONT></B>All
-data output via the output interface shall be inhibited when the
-tests </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>are
-performed.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is tested as part of AS02.06.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.12</FONT></B>In
-addition to performing the power-up tests when powered up, the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
-module shall permit operators to initiate the tests on </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>demand
-for periodic testing of the module.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.12.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.12.01</FONT></B>The
-vendor shall describe the procedure by which an operator can </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>initiate
-the power-up self-tests on demand. All of the power-up </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>self-tests
-must be included.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.13</FONT></B>The
-cryptographic module shall perform the following power-up tests: </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
-algorithm test, software/firmware integrity test, and </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>critical
-functions test.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.13.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.13.01</FONT></B>See
-VE09.07.01 for the vendor requirement.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.16</FONT></B>A
-cryptographic algorithm test using a known answer shall be </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>conducted
-for all cryptographic functions (e.g., encryption, decryption, </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>authentication
-and random number generation) of each Approved </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
-algorithm implemented by the cryptographic module.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.16.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.16.01</FONT></B>See
-VE09.07.01 for the vendor requirement.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.17</FONT></B>If
-the calculated output does not equal the known answer, the
-known-answer test shall fail.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.17.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.17.01</FONT></B>The
-vendor documentation shall specify the method used to compare </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
-calculated output with the known answer.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.17.02==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.17.02</FONT></B>The
-documentation shall show the transition into an error state and </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>output
-of an error indicator when the two outputs are not equal.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.18</FONT></B>Cryptographic
-algorithms whose outputs vary for a given set of inputs </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>(e.g.,
-the Digital Signature Algorithm) shall be tested using a </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>known-answer
-test or shall be tested using a pair-wise consistency test.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.18.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.18.01</FONT></B>See
-VE09.07.01 for the vendor requirement.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.18.02==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.18.02</FONT></B>The
-vendor documentation shall specify and describe the test(s) which </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>is
-implemented.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.19</FONT></B>Message
-digest algorithms shall have an independent known-answer test</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>or
-the known-answer test shall be included with the associated </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
-algorithm test (e.g., the Digital Signature Standard).</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.19.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.19.01</FONT></B>See
-VE09.07.01 for the vendor requirement.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.19.02==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.19.02</FONT></B>The
-vendor documentation shall specify and describe the test(s) which </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>is
-implemented.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.20</FONT></B>If
-the cryptographic module includes two independent implementations </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>of
-the same cryptographic algorithm, then the outputs of two </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>implementations
-shall be continuously compared.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.20.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.20.01</FONT></B>See
-VE09.07.01 for the vendor requirement.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.20.02==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.20.02</FONT></B>The
-vendor shall specify whether a known answer test or the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>comparison
-of the output of two independent cryptographic algorithm </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>implementations
-(compared answer test) is used to test the module's </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
-algorithm. If the compared answer test is used, the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>vendor
-shall document this fact.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.21</FONT></B>If
-the cryptographic module includes two independent implementations </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>of
-the same cryptographic algorithm then, if the outputs of two </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>implementations
-are not equal, the cryptographic algorithm test shall </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>fail.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.22</FONT></B>A
-software/firmware integrity test using an error detection code (EDC) </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>or
-Approved authentication technique (e.g., an Approved message </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>authentication
-code or digital signature algorithm) shall be applied to all </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>validated
-software and firmware components within the cryptographic </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>module
-when the module is powered up.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.22.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.22.01</FONT></B>The
-vendor documentation shall specify whether an error detection </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>code
-(EDC) or a Approved authentication technique (e.g., an Approved</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>message
-authentication code or digital signature algorithm) is implemented as
-an integrity test for all software and firmware components.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.01in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.22.02</FONT></B>The
-documentation shall describe the implemented integrity </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>mechanism.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.22.03==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.22.03</FONT></B>If
-the module implements an Approved authentication technique:</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>(1)
-The vendor shall provide a validation certificate as specified in </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>VE01.12.01.
-</FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>or</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>(2)
-In the absence of a CMVP algorithm validation certificate issuing </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>process,
-the vendor organization shall provide a written affirmation </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>asserting
-that the authentication technique implemented in the module is</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Approved.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.19in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.23</FONT></B>If
-the calculated result does not equal the previously generated result,
-</FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
-software/firmware test shall fail.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is tested as part of AS09.22.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.24</FONT></B>If
-an EDC is used, the EDC shall be at least 16 bits in length.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.24.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.24.01</FONT></B>If
-the module implements EDCs for software/firmware integrity, the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>vendor
-documentation shall indicate that the EDC is at least 16 bits in </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>length.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.25</FONT></B>Other
-security functions critical to the secure operation of the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
-module shall be tested when the module is powered up as</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>part
-of the power-up tests.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is tested as part of AS09.27.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.26</FONT></B>Other
-critical security functions performed under specific conditions </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>shall
-be tested as conditional tests.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is tested as part of AS09.27.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.27</FONT></B>Documentation
-shall specify all security functions critical to the secure </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>operation
-of the cryptographic module and shall identify the applicable </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>power-up
-tests and conditional tests performed by the module.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-Critical functions are defined as those functions that, upon failure,</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>could
-lead to the disclosure of CSPs. Examples of critical functions </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>include
-but not limited to random number generation, operation of the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
-algorithm, and cryptographic bypass.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.18in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.27.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.27.01</FONT></B>The
-vendor shall provide documentation of all critical functions. For </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>each
-critical function, the vendor shall indicate:</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>1.
-The purpose of the critical function</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>2.
-Which critical functions are tested by which power-up tests</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>3.
-Which critical functions are tested by which conditional tests</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.28</FONT></B>Note:
-There are no requirements for this assertion number.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.28.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.28.01</FONT></B>Note:
-There are no requirements for this assertion number.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.29</FONT></B>Conditional
-tests shall be performed by the cryptographic module when </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
-conditions specified for the following tests occur: pair-wise </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>consistency
-test, software/firmware load test, manual key entry test, </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>continuous
-random number generator test, and bypass test.Note: This </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>assertion
-is not separately tested.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.30</FONT></B>If
-the cryptographic module generates public or private keys, then the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>following
-pair-wise consistency tests for public and private keys shall be</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>performed.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is tested as part of AS09.31, and AS09.33.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.31</FONT></B>If
-the keys are used to perform an approved key transport method, then</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
-public key shall encrypt a plaintext value. The resulting ciphertext </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>value
-shall be compared to the original plaintext value. If the two </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>values
-are equal, then the test shall fail. If the two values differ, then </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
-private key shall be used to decrypt the ciphertext and the resulting
-</FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>value
-shall be compared to the original plaintext value. If the two values
-are not equal, the test shall fail.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.02in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.31.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.31.01</FONT></B>If
-the keys are used to perform an approved key transport method, the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
-module shall test for pairwise consistency by applying the</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>public
-key to a plaintext value. The resulting ciphertext shall be </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>compared
-to the original plaintext to verify that they differ.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
-If the two values are equal, then the cryptographic module shall </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>enter
-an error state and output an error indicator via the status
-interface.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
-If the two values differ, then the private key shall be applied to
-the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>ciphertext
-and the result shall be compared to the original plaintext.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.19in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.32</FONT></B>Note:
-There are no requirements for this assertion number.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.32.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.32.01</FONT></B>Note:
-There are no requirements for this assertion number.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.23in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.33</FONT></B>If
-the keys are used to perform the calculation and verification of
-digital</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>signatures,
-then the consistency of the keys shall be tested by the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>calculation
-and verification of a digital signature. If the digital signature </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cannot
-be verified, the test shall fail.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.33.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.33.01</FONT></B>If
-the public and private keys are to be used only for the calculation </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>and/or
-verification of digital signatures, then the cryptographic module </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>shall
-test for pairwise consistency by calculation and verification of a </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>signature.
-If the signature cannot be verified, the test shall fail.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.34</FONT></B>If
-software or firmware components can be externally loaded into the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
-module, then the following software/firmware load tests </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>shall
-be performed.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is tested as part of AS09.34, AS09.35, and </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.35</FONT></B>An
-Approved authentication technique (e.g., an Approved message </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>authentication
-code, digital signature algorithm, or HMAC) shall be </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>applied
-to all validated software and firmware components when the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>components
-are externally loaded into the cryptographic module.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.35.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.35.01</FONT></B>The
-vendor documentation shall describe the Approved authentication </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>technique
-used to protect the integrity of all externally loaded software </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>and
-firmware components.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.35.02==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.35.02</FONT></B>If
-the module implements an Approved authentication technique:</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>(1)
-The vendor shall provide a validation certificate as specified in </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>VE01.12.01.
-</FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>or</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>(2)
-In the absence of a CMVP algorithm validation certificate issuing </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>process,
-the vendor organization shall provide a written affirmation </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>asserting
-that the authentication technique implemented in the module is</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Approved.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.19in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.36</FONT></B>The
-calculated result shall be compared with a previously generated </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>result.
-If the calculated result does not equal the previously generated </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>result,
-the software/firmware integrity test shall fail.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is tested as part of AS09.35.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.37</FONT></B>If
-cryptographic keys or key components are manually entered into the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
-module, then the following manual key entry tests shall </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>be
-performed.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is not separately tested.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.38</FONT></B>The
-cryptographic key or key components shall have an EDC applied, </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>or
-shall be entered using duplicate entries.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is tested as part of AS09.40.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.39</FONT></B>If
-an EDC is used, the EDC shall be at least 16 bits in length.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is tested as part of AS09.40.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.40</FONT></B>If
-the EDC cannot be verified, or the duplicate entries do not match, </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
-test shall fail.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.40.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.40.01</FONT></B>The
-vendor shall document the manual key entry test. Depending on </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>whether
-error detection codes or duplicate key entries are used, the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>manual
-key entry test shall include the following:</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>1.
-Error detection codes (EDCs):</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
-Description of EDC calculation algorithm</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
-Description of verification process</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
-Expected outputs for success or failure of test</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>2.
-Duplicate key entries:</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
-Description of verification process</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>*
-Expected outputs for success or failure of test</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.21in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.40.02==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.40.02</FONT></B>If
-EDCs are associated with keys, then the vendor documentation that </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>describes
-the format of the cryptographic keys (see AS07.03) shall </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>include
-fields for the error detection codes.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.41</FONT></B>If
-a cryptographic module employs Approved or non-Approved RNGs </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>in
-an Approved mode of operation, the module shall perform the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>following
-continuous random number generator test on each RNG that </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>tests
-for failure to a constant value.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is tested as part of AS09.42 and AS09.43.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.42</FONT></B>If
-each call to a RNG produces blocks of n bits (where n &gt; 15), the
-first</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>n-bit
-block generated after power-up, initialization, or reset shall not be</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>used,
-but shall be saved for comparison with the next n-bit block to be </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>generated.
-Each subsequent generation of an n-bit block shall be </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>compared
-with the previously generated block. The test shall fail if any</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>two
-compared n-bit blocks are equal.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.42.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.42.01</FONT></B>If
-the module implements a random number generator, the vendor shall </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>document
-the continuous random number generator test.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.43</FONT></B>If
-each call to a RNG produces fewer than 16 bits, the first n bits </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>generated
-after power-up, initialization, or reset (for some n &gt; 15) shall </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>not
-be used, but shall be saved for comparison with the next n </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>generated
-bits. Each subsequent generation of n bits shall be compared </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>with
-the previously generated n bits. The test fails if any two compared</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>n-bit
-sequences are equal.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.43.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.43.01</FONT></B>If
-the module implements a random number generator, the vendor shall </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>document
-the continuous random number generator test.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.09in; margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.44</FONT></B>If
-the cryptographic module implements a bypass capability where the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>services
-may be provided without cryptographic processing (e.g., </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>transferring
-plaintext through the module), then the following bypass </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>tests
-shall be performed to ensure that a single point of failure of </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>module
-components will not result in the unintentional output of </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>plaintext.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.45</FONT></B>The
-cryptographic module shall test for the correct operation of the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>services
-providing cryptographic processing when a switch takes place </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>between
-an exclusive bypass service and an exclusive cryptographic </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.45.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.45.01</FONT></B>If
-the cryptographic module implements a bypass service, then the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>vendor
-shall implement a bypass test to verify the correct operation of </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the
-cryptographic service when a switch takes place between an </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>exclusive
-bypass and an exclusive cryptographic service.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.25in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.45.02==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.45.02</FONT></B>The
-vendor shall provide a description of the test as defined in </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>AS09.48.
-The bypass test shall demonstrate that, when switched to an </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>exclusive
-cryptographic service, the module does not output plaintext </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>information
-as defined in AS09.47. The test fails if the cryptographic </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>module
-outputs plaintext information.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.46</FONT></B>If
-the cryptographic module can automatically alternate between a </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>bypass
-service and a cryptographic service, providing some services </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>with
-cryptographic processing and some services without cryptographic </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>processing,
-then the module shall test for the correct operation of the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>services
-providing cryptographic processing when the mechanism </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>governing
-the switching procedure is modified (e.g., an IP address
-source/destination table).</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.22in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.46.01==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.46.01</FONT></B>If
-the cryptographic module is designed to automatically alternate </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>between
-a bypass service and a cryptographic service, then the vendor </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>shall
-implement a bypass test to verify the correct operation of the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic
-service when the mechanism governing the switching </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>procedure
-is modified.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.17in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-==VE.09.46.02==
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.09.46.02</FONT></B>The
-vendor shall provide a description of the test as defined in </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>AS09.48.
-The bypass test shall demonstrate that when the mechanism </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>governing
-the switching procedure is modified:</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>1.
-The mechanism is verified not to have been altered since the last </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>modification.
-If the mechanism has been altered, the cryptographic </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>module
-shall enter an error state and output an error indicator to the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>status
-interface.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>2.
-The correct operation of the cryptographic service is verified by </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>demonstrating
-that the module does not output plaintext information as </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>defined
-in AS09.47. The test fails if the module outputs plaintext </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>information.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.01in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.47</FONT></B>No
-single point of failure shall result in the unintentional output of </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>plaintext.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is tested as part of AS09.45 and AS09.46.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.09.48</FONT></B>Documentation
-shall specify the mechanism or logic governing the </FONT></FONT></FONT>
-</P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>switching
-procedure.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note:
-This assertion is tested as part of AS09.45 and AS09.46.</FONT></FONT></FONT></P>
-<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
-</P>
-==VE.09.05.01==
-Assessment:
-VE.09.05.01See VE02.06.01 for the vendor design requirement.  The vendor design
- shall ensure that cryptographic operations cannot be performed while
-the module is in the error state.
-Assessment:
-AS.09.06All data output via the data output interface shall be inhibited when an
-error state exists.