VE 01

==SECTION1: CRYPTOGRAPHIC MODULE SPECIFICATION==

AS.01.01Thecryptographic module shall be a set of hardware, software,

firmware,or some combination thereof that implements cryptographic

functionsor processes, including cryptographic algorithms and,

optionally,key generation, and is contained within a defined

cryptographicboundary.

Assessment:

AS.01.02Thecryptographic module shall implement at least one Approved

securityfunction used in an Approved mode of operation.

Note:This assertion is tested as part of AS01.12.

Assessment:

AS.01.03Theoperator shall be able to determine when an Approved mode of

operationis selected.

Assessment:

==VE.01.03.01==

VE.01.03.01Thevendor provided nonproprietary security policy shall provide a

descriptionof the Approved mode of operation.

Assessment:

==VE.01.03.02==

VE.01.03.02Thevendor provided non-proprietary security policy shall provide

instructionsfor invoking the Approved mode of operation.

Assessment:

AS.01.05Thecryptographic boundary shall consist of an explicitly defined

perimeterthat establishes the physical bounds of the cryptographic

module.

Assessment:

AS.01.06Ifthe cryptographic module consists of software or firmware

components,the cryptographic boundary shall contain the processor(s)

andother hardware components that store and protect the software and

firmwarecomponents.

Assessment:

==VE.01.06.01==

VE.01.06.01Foreach processor in the module, the vendor shall identify, by major

services,the software or firmware that are executed by the processor,

andthe memory devices that contain the executable code and data.

Assessment:

==VE.01.06.02==

VE.01.06.02Foreach processor, the vendor shall identify any hardware with which

theprocessor interfaces.

Assessment:

AS.01.07Thefollowing documentation requirements shall apply to all

security-specifichardware, software, and firmware contained within the

cryptographicmodule.

Note:This assertion is not separately tested.

Assessment:

AS.01.08Documentationshall specify the hardware, software, and firmware

componentsof the cryptographic module, specify the cryptographic

boundarysurrounding these components, and describe the physical

configurationof the module.

Assessment:

==VE.01.08.01==

VE.01.08.01Allhardware, software, and firmware components of the cryptographic

moduleshall be identified in the vendor documentation. Components

tobe listed shall include, as applicable, all of the following:

1.Integrated circuits, including processors, memory, and (semi-)

customintegrated circuits

2.Other active electronic circuit elements

3.Power inputs and outputs, and internal power supplies or

converters

4.Physical structures, including circuit boards or other mounting

surfaces,enclosures, and connectors

5.Software and firmware modules

6.Other component types not listed above

Assessment:

==VE.01.08.02==

VE.01.08.02Theabove list of components shall be consistent with the information

providedfor all other assertions of this section.

Assessment:

==VE.01.08.03==

VE.01.08.03Thevendor documentation shall specify the module's cryptographic

boundary.The cryptographic boundary shall be an explicitly defined,

contiguousperimeter that establishes the physical bounds of the

cryptographicmodule. The boundary definition shall specify module

componentsand connections (ports), and also module information

flows,processing, and input/output data.

Assessment:

==VE.01.08.04==

VE.01.08.04The cryptographic boundary shall include any hardware or software that inputs, processes, or outputs important security parameters that could lead to the compromise of sensitive information if not properly controlled.

Assessment:

==VE.01.08.05==

VE.01.08.05Thevendor documentation shall specify the physical embodiments of

themodule ( single-chip cryptographic module, multiple-chip embedded

cryptographicmodule, or multiple-chip standalone cryptographic

module,as defined in Section 4.5 of FIPS PUB 140-2.

Assessment:

==VE.01.08.06==

VE.01.08.06Thevendor's documentation shall indicate the internal layout and

assemblymethods (e.g., fasteners and fittings) of the module, including

drawingsthat are at least approximately to scale. The interior of

integratedcircuits need not be shown.

Assessment:

==VE.01.08.07==

VE.01.08.07Thevendor's documentation shall describe the primary physical

parametersof the module, including descriptions of the enclosure,

accesspoints, circuit boards, location of power supply, interconnection

wiringruns, cooling arrangements, and any other significant parameters.

Assessment:

AS.01.09Documentationshall specify any hardware, software, or firmware

componentsof the cryptographic module that are excluded from the

securityrequirements of this standard and explain the rationale for the

exclusion.

Assessment:

==VE.01.09.01==

VE.01.09.01Allcomponents that are to be excluded from the security requirements

shallbe explicitly listed in the vendor documentation.

Assessment:

==VE.01.09.02==

VE.01.09.02Therationale for excluding each of the components listed in response to

requirementVE01.09.01 shall be provided in the vendor

documentation.The vendor shall show that each component, even if

malfunctioningor misused, cannot cause a compromise under any reasonable condition.

Assessment:

AS.01.10Documentationshall specify the physical ports and logical interfaces

andall defined input and output paths of the cryptographic module.

Note:This assertion is tested as part of AS02.01.

Assessment:

AS.01.11Documentationshall specify the manual or logical controls of the

cryptographicmodule, physical or logical status indicators, and their

physical,logical, and electrical characteristics.

Note:This assertion is tested as part of AS02.01.

Assessment:

AS.01.12Documentationshall list all security functions, both Approved and

non-Approved,that are employed by the cryptographic module and

shallspecify all modes of operation, both Approved and non-Approved.

Assessment:

==VE.01.12.01==

VE.01.12.01Thevendor shall provide a validation certificate for all Approved

cryptographicalgorithms.

Assessment:

==VE.01.12.02==

VE.01.12.02Thevendor shall provide a list of all non-Approved security functions.

Assessment:

AS.01.13Documentationshall specify a block diagram depicting all of the major

hardwarecomponents of the cryptographic module and their

interconnections,including any microprocessors, input/output buffers,

plaintext/ciphertextbuffers, control buffers, key storage, working

memory,and program memory.

Assessment:

==VE.01.13.01==

VE.01.13.01Thevendor documentation shall include a block diagram showing the

hardwarecomponents and their interconnections. Components to be

includedin the block diagram shall include, as applicable:

1.Microprocessors

2.Input/output buffers

3.Plaintext/ciphertext buffers

4.Control buffers

5.Key storage

6.Working memory

7.Program memory

8.Other components types not listed above

Assessment:

==VE.01.13.02==

VE.01.13.02Theblock diagram shall also include any (semi-) custom integrated

circuits(e.g., gate arrays, field programmable gate arrays, or other

programmablelogic).

Assessment:

==VE.01.13.03==

VE.01.13.03Theblock diagram shall show interconnections among major

componentsof the module and between the module and equipment or

componentsoutside of the cryptographic boundary.

Assessment:

==VE.01.13.04==

VE.01.13.04Theblock diagram shall show the cryptographic boundary of the

module.

Assessment:

AS.01.14Documentationshall specify the design of the hardware, software, and

firmwarecomponents of the cryptographic module. High-level

specificationlanguages for software/firmware or schematics for

hardwareshall be used to document the design.

Assessment:

==VE.01.14.01==

VE.01.14.01Thevendor shall provide a detailed specification of the design of the

hardware,software, and/or firmware contained in the module. This

documentationshall include, the finite state model and description

referredto in Section 4.4 of FIPS PUB 140-2. If the relationship

betweenthe finite state model and the design specification is not clear,

thevendor shall provide additional documentation that describes this

Assessment:

AS.01.15Documentationshall specify all security-related information, including

secretand private cryptographic keys (both plaintext and encrypted),

authenticationdata (e.g., passwords, PINs), CSPs, and other protected

information(e.g., audited events, audit data) whose disclosure or

modificationcan compromise the security of the cryptographic module.

Assessment:

==VE.01.15.01==

VE.01.15.01Thevendor shall provide documentation specifying all security-related

information,including secret and private cryptographic keys (both

plaintextand encrypted), authentication data (e.g., passwords, PINs),

CSPs,and other protected information (e.g., audited events, audit data)

whosedisclosure or modification can compromise the security of the

cryptographicmodule.

Assessment:

AS.01.16Documentationshall specify the cryptographic module security policy.

Thesecurity policy shall include the rules derived from the

requirementsof this standard and the rules derived from any additional

requirementsimposed by the vendor.

Assessment:

==VE.01.16.01==

VE.01.16.01Thevendor shall provide a separate nonproprietary security policy.

Thesecurity policy is defined in Appendix C of FIPS PUB 140-2.

=