1、PD CEN/TS 419221-4:2016Protection Profiles for TSPcryptographic modulesPart 4: Cryptographic module for CSPsigning operations without backupBSI Standards PublicationWB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013 15:06PD CEN/TS 419221-4:2016 PUBLISHED DOCUMENTNational forewordThis Published Docum
2、ent is the UK implementation of CEN/TS419221-4:2016.The UK participation in its preparation was entrusted to TechnicalCommittee IST/17, Cards and personal identification.A list of organizations represented on this committee can beobtained on request to its secretary.This publication does not purport
3、 to include all the necessaryprovisions of a contract. Users are responsible for its correctapplication. The British Standards Institution 2016. Published by BSI StandardsLimited 2016ISBN 978 0 580 92181 0ICS 35.040; 35.240.30Compliance with a British Standard cannot confer immunity fromlegal obliga
4、tions.This Published Document was published under the authority of theStandards Policy and Strategy Committee on 31 July 2016.Amendments issued since publicationDate Text affectedPD CEN/TS 419221-4:2016TECHNICAL SPECIFICATION SPCIFICATION TECHNIQUE TECHNISCHE SPEZIFIKATION CEN/TS 419221-4 July 2016
5、ICS 35.240.30; 35.040 Supersedes CWA 14167-4:2004English Version Protection Profiles for TSP cryptographic modules - Part 4: Cryptographic module for CSP signing operations without backup Exigences de scurit concernant les systmes fiables grant des certificats de signatures lectroniques - Partie 4 :
6、 Module cryptographique pour les oprations de signature lectronique des fournisseurs de services de certification - Profil de protection - CMCSO PP Schutzprofile fr kryptographische Module von vertrauenswrdigen Dienstanbietern - Teil 4: Schutzprofil fr CSP Signieroperationen ohne Sicherung This Tech
7、nical Specification (CEN/TS) was approved by CEN on 8 May 2016 for provisional application. The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to submit their comments, particularly on the question whether the CEN/TS can be
8、 converted into a European Standard. CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in parallel to th
9、e CEN/TS) until the final decision about the possible conversion of the CEN/TS into an EN is reached. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greec
10、e, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey andUnited Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR NORMUNG CE
11、N-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels 2016 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. CEN/TS 419221-4:2016 EPD CEN/TS 419221-4:2016CEN/TS 419221-4:2016 (E) 2 Contents Page European foreword . 4 Introducti
12、on 5 1 Scope 6 2 Normative references 6 3 Terms and definitions . 6 4 PP Introduction 6 4.1 General 6 4.2 PP Reference . 6 4.3 Protection Profile Overview 7 4.4 TOE Overview . 8 4.4.1 TOE type . 8 4.4.2 TOE Roles . 9 4.4.3 Usage and major security features of the TOE 9 4.4.4 Available non-TOE hardwa
13、re/software/firmware 11 5 Conformance Claim . 11 5.1 CC Conformance Claim . 11 5.2 PP Claim . 11 5.3 Conformance Rationale 11 5.4 Conformance Statement 11 6 Security Problem Definition . 12 6.1 Assets 12 6.1.1 General . 12 6.1.2 TOE services . 12 6.1.3 TOE Data 12 6.2 Threats . 13 6.2.1 General . 13
14、 6.2.2 Threat agents . 13 6.2.3 Threats description . 14 6.3 Organizational Security Policies . 17 6.4 Assumptions . 17 7 Security Objectives 18 7.1 General . 18 7.2 Security Objectives for the TOE . 18 7.3 Security Objectives for the Operational Environment . 20 8 Extended Components Definitions 21
15、 8.1 Extended Component Definitions Family FCS_RND 21 9 Security Requirements . 22 9.1 General . 22 9.2 Subjects, objects, security attributes and operations . 22 9.2.1 General . 22 9.2.2 Subjects 22 9.2.3 TOE Objects and security attributes 23 9.2.4 TOE Operations . 23 PD CEN/TS 419221-4:2016CEN/TS
16、 419221-4:2016 (E) 3 9.3 Security Functional Requirements . 24 9.3.1 General . 24 9.3.2 Security audit (FAU) 24 9.3.3 Cryptographic support (FCS) 25 9.3.4 User data protection (FDP) . 27 9.3.5 Identification and authentication (FIA) . 29 9.3.6 Security management (FMT) 30 9.3.7 Privacy (FPR) Unobser
17、vability (FPR_UNO.1) 32 9.3.8 Protection of the TOE Security Functions (FPT) 32 9.3.9 Trusted path (FTP) Trusted path (FTP_TRP.1) 35 9.4 Security Assurance Requirements . 35 9.5 Security Requirements Rationale . 36 9.5.1 Security Problem Definition coverage by Security Objectives . 36 9.5.2 Security
18、 Objectives coverage by SFRs . 41 9.5.3 SFR Dependencies 45 9.5.4 Rationale for SARs 46 9.5.5 AVA_VAN.5 Advanced methodical vulnerability analysis 46 Bibliography . 47 PD CEN/TS 419221-4:2016CEN/TS 419221-4:2016 (E) 4 European foreword This document (CEN/TS 419221-4:2016) has been prepared by Techni
19、cal Committee CEN/TC 224 “Personal identification and related personal devices with secure element, systems, operations and privacy in a multi sectorial environment”, the secretariat of which is held by AFNOR. This document supersedes CWA 14167-4:2004. This document has been prepared under a mandate
20、 given to CEN by the European Commission and the European Free Trade Association. CEN/TS 419221, Protection Profiles for TSP cryptographic modules, is currently composed with the following parts: Part 1: Overview; Part 2: Cryptographic module for CSP signing operations with backup; Part 3: Cryptogra
21、phic module for CSP key generation services; Part 4: Cryptographic module for CSP signing operations without backup. According to the CEN/CENELEC Internal Regulations, the national standards organisations of the following countries are bound to announce this Technical Specification: Austria, Belgium
22、, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerla
23、nd, Turkey and the United Kingdom. PD CEN/TS 419221-4:2016CEN/TS 419221-4:2016 (E) 5 Introduction This Cryptographic Module for CSP Signing Operations - Protection Profile (CMCSO-PP) is issued by the European Committee for Standardization. The document is for use by the European Commission in accord
24、ance with the procedure laid down in Article 9 of Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures 1 as generally recognized standard for electronic-signature products in the Official Journal of the European Com
25、munities. The document has been prepared as a Protection Profile (PP) following the rules and formats of the Common Criteria version 3.1r3 CC1 CC2 CC3. The set of algorithms for secure signature-creation devices and parameters for algorithms for secure signature-creation devices is given in a separa
26、te document, ETSI/TS 102 176. This document has been originally prepared as a single Protection Profile and approved as CWA 14167-2:2002. Afterwards, while reviewing this Protection Profile for the evaluation, in order to make it conformant to the Common Criteria 2.1, two Protection Profiles have be
27、en created for the same TOE, one including the mandatory function of key backup and the other excluding this function: Cryptographic Module for CSP Signing Operations with Backup - Protection Profile (CMCSOB-PP), version 0,28; CWA 14167-2:2004; Cryptographic Module for CSP Signing Operations - Prote
28、ction Profile (CMCSO-PP), version 0.28; CWA 14167-4:2004. Correspondence and comments to this Cryptographic Module for CSP Signing Operations - Protection Profile (CMCSO-PP) should be referred to: Editor: Rmy DAUDIGNY Email: PD CEN/TS 419221-4:2016CEN/TS 419221-4:2016 (E) 6 1 Scope This Technical S
29、pecification specifies a protection profile for cryptographic modules used by certification service providers (as specified in Directive 1999/93) for signing operations, without key backup. Target applications include root certification authorities (certification authorities which issue certificates
30、 to other CAs and is at the top of a CA hierarchy) and other certification service providers where there is a high risk of direct physical attacks against the module. 2 Normative references The following documents, in whole or in part, are normatively referenced in this document and are indispensabl
31、e for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. CEN/TS 419221-1:2016, Protection Profiles for TSP cryptographic modules Part 1: Overview ETSI/TS 101 456, Electronic
32、Signature and Infrastructure (ESI); Policy requirements for certification authorities issuing qualified certificates ETSI/TS 102 176, Electronic Signatures and Infrastructures (ESI); Algorithms and Parameters for Secure Electronic Signatures 3 Terms and definitions For the purposes of this document,
33、 the terms and definitions given in CEN/TS 419221-1:2016 apply. 4 PP Introduction 4.1 General This clause provides document management and overview information that is required to carry out protection profile registry. Therefore, Subclause 4.2 “PP Reference” gives labelling and descriptive informati
34、on necessary for registering the Protection Profile (PP). Subclause 4.3 “Protection Profile Overview” summarizes the PP in narrative form. Subclause 4.4 “TOE Overview” summarizes the TOE in a narrative form. As such, these clauses give an overview to the potential user to decide whether the PP is of
35、 interest. It is usable as standalone abstract in PP catalogues and registers. 4.2 PP Reference Title Cryptographic Module for CSP Signing Operations Protection Profile CC revision v3.1 release 3 PP version v0.33 Authors Rmy Daudigny Publication Date 2015 Keywords cryptographic module, CSP signing d
36、evice, qualified certificate signing, certificate status information signing Registration 4192214 PD CEN/TS 419221-4:2016CEN/TS 419221-4:2016 (E) 7 4.3 Protection Profile Overview The Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for
37、electronic signatures 1, referred to as the Directive in the remainder of the PP, states in Annex II that: Certification-service-providers must: (f) use trustworthy systems and products which are protected against modification and ensure the technical and cryptographic security of the process suppor
38、ted by them; (g) take measures against forgery of certificates, and, in cases where the certification-service-provider generates signature-creation data, guarantee confidentiality during the process of generating such data; In the supporting ETSI Technical Specification “Policy Requirements for Cert
39、ification Authorities (CA)1)issuing Qualified Certificates” (ETSI/TS 101 456), it is stated that: The CA shall ensure that CA keys are generated in accordance with industry standards, and The CA shall ensure that CA private keys remain confidential and maintain their integrity. This Protection Profi
40、le (PP) defines the security requirements of a Cryptographic Module (CM) used by CSP as part of its trustworthy system to provide signing services, such as Certificate Generation Service or Certificate Status Information Signing Services. The Cryptographic Module, which is the Target of Evaluation (
41、TOE), is used for the creation of CSP key pairs, and their usage for the creation and verification of advanced electronic signatures in qualified certificates or certificate status information. The private keys are referred to in this PP as Certification Service Provider Signature-Creation Data (CSP
42、-SCD). The public keys are referred as Certification Service Provider Signature-Verification Data (CSP-SVD). The Protection Profiles primary scope is for signing qualified certificates. However components evaluated against this standard may be applied for other signature-creation tasks carried out b
43、y a certificate service provider (CSP) such as time-stamping, signing certificate revocation lists (CRLs) or issuing online certificate status protocol (OCSP) messages. It may also be used for other trusted service providers creating electronic signatures. This PP is Common Criteria Part 2 extended
44、and Common Criteria Part 3 conformant. The assurance level for this PP is EAL4, augmented with AVA_VAN.5 (Advanced methodical vulnerability analysis). In Article 3.5, the Directive further states that: The Commission may, in accordance with the procedure laid down in Article 9, establish and publish
45、 reference numbers of generally recognized standards for electronic-signature products in the Official Journal of the European Communities. Member States shall presume that there is compliance with the requirements laid down in Annex II, point (f), and Annex III when an electronic signature product
46、meets those standards.” This Protection Profile is established by CEN/ISSS for use by the European Commission, with reference to Annex II (f), in accordance with this procedure. 1) In the remainder of this PP the term Certificate Service Provider (CSP) is used instead of the commonly used term Certi
47、fication Authority (CA), as the former is employed by the Directive EC 1999/93 1 this PP aims to support. PD CEN/TS 419221-4:2016CEN/TS 419221-4:2016 (E) 8 4.4 TOE Overview 4.4.1 TOE type The TOE is a Cryptographic Module (CM) used for the creation and usage of Certificate Service Provider Signature
48、-Creation Data (CSP-SCD). The CM may optionally also perform hashing of the qualified certificate content. The TOE is configured software and hardware that may be used to provide the following cryptographic functions: a) Generation of CSP-SCD b) Usage of the CSP-SCD to create advanced electronic sig
49、natures for qualified certificates based on either 1) the hash value of the content of the qualified certificate, or 2) an intermediate hash-value of a first part of the qualified certificate and a remaining part of the qualified certificate or 3) the complete content of the qualified certificate, where the hashing is also performed in the CM (optional). The TOE may implement additional functions and security requirements, e.g. for the creation of Signature Creation Data (SCD) for loading into Secure
