This page was not yet optimized for use on mobile devices.
Kinibi v311A on Exynos 7870 Référence t-base-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854
CSV information ?
| Status | archived |
|---|---|
| Valid from | 17.02.2017 |
| Valid until | 17.02.2022 |
| Scheme | 🇫🇷 FR |
| Manufacturer | TRUSTONIC |
| Category | Trusted Computing |
| Security level | EAL2+ |
Heuristics summary ?
Certificate ID: ANSSI-CC-2017/03
Certificate ?
Certification report ?
Extracted keywords
Symmetric Algorithms
AES, DESAsymmetric Algorithms
ECC, DSASchemes
MACRandomness
RNGTrusted Execution Environments
Kinibi, TEESecurity level
EAL 2, EAL2, EAL4, EAL 1, EAL 3, EAL 5, EAL 7, ITSEC E3 ElémentaireClaims
OE.INTEGRATION_CONFIGURATION, OE.PROTECTION_AFTER_DELIVERY, OE.ROLLBACK, OE.SECRETS, OE.TA_DEVELOPMENT, OE.UNIQUE_TEE_ID, OE.CONFIGURATION, OE.TRUSTED_HARDWARE, OE.TRUSTED_FIRMWARE, OE.TA_MANAGEMENT, OE.RNG, OE.INITIALIZATIONSecurity Assurance Requirements (SAR)
ADV_ARC, ADV_FSP, ADV_IMP, ADV_INT, ADV_SPM, ADV_TDS, AGD_OPE, AGD_PRE, ALC_FLR, ALC_CMC, ALC_CMS, ALC_DEL, ALC_DVS, ALC_TAT, ALC_CMC_CMS, ATE_COV, ATE_DPT, ATE_FUN, ATE_IND, AVA_TEE.2, AVA_TEE, AVA_VAN.2, AVA_VAN, ASE_CCL, ASE_ECD, ASE_INT, ASE_OBJ, ASE_REQ, ASE_SPD, ASE_TSSProtection profiles
ANSSI-CC-PP-2014/01, ANSSI-CC-PP-2014/01-M01Certificates
ANSSI-CC-2017/03Standards
NIST SP 800-90A, CCMB-2012-09-001, CCMB-2012-09-002, CCMB-2012-09-003, CCMB-2012-09-004File metadata
| Title | ANSSI-CC-2017-03 |
|---|---|
| Pages | 18 |
| Creator | PDFCreator Version 1.2.1 |
| Producer | GPL Ghostscript 9.02 |
Frontpage
| Certificate ID | ANSSI-CC-2017/03 |
|---|---|
| Certified item | Kinibi v311A on Exynos 7870 |
| Certification lab | THALES (TCS – CNES) 18 avenue Edouard Belin, BPI1414, 31401 Toulouse Cedex 9 France |
| Developer | Trustonic 20 Station Road Cambridge BD1 2ID United Kingdom Commanditaire Trustonic 20 Station Road Cambridge BD1 2ID United Kingdom |
Security target ?
Extracted keywords
Symmetric Algorithms
AES, DES, Triple-DES, HMACAsymmetric Algorithms
DSASchemes
MACProtocols
SSL, TLS, IPsec, VPNRandomness
PRNG, RNGTrusted Execution Environments
ARM TrustZone, TrustZone, Kinibi, TEEVendor
Samsung, ThalesSecurity level
EAL2, EAL 2, EAL2 augmentedClaims
O.CA_TA_IDENTIFICATIO, O.KEYS_USAGE, O.TEE_ID, O.INITIALIZATION, O.INSTANCE_TIME, O.OPERATION, O.RNG, O.RUNTIME_CONFIDENTI, O.RUNTIME_INTEGRITY, O.TA_AUTHENTICITY, O.TA_ISOLATION, O.TEE_DATA_PROTECTIO, O.TEE_FIRMWARE_UPGRA, O.TEE_ISOLATION, O.TRUSTED_STORAGE, O.CA_TA_IDENTIFICATION, O.RUNTIME_CONFIDENTIALITY, O.TEE_DATA_PROTECTION, T.ABUSE_FUNCT, T.CLONE, T.FLASH_DUMP, T.IMPERSONATION, T.ROGUE_CODE_EXECUTI, T.PERTURBATION, T.RAM, T.RNG, T.SPY, T.TEE_FIRMWARE_ROLLB, T.STORAGE_CORRUPTION, T.ROGUE_CODE_EXECUTION, A.PROTECTION_AFTER_D, A.ROLLBACK, A.TA_DEVELOPMENT, A.CONNECT, A.PEER, A.RNG, A.PROTECTION_AFTER_DELIVERY, OP.LOAD, OP.STORE, OE.TEE_FIRMWARE_UPGRADE, OE.INTEGRATION_CONFI, OE.PROTECTION_AFTER_, OE.ROLLBACK, OE.SECRETS, OE.TA_DEVELOPMENT, OE.TEE_FIRMWARE_UPGR, OE.UNIQUE_TEE_ID, OE.TRUSTED_HARDWARE, OE.TRUSTED_FIRMWARE, OE.TA_MANAGEMENT, OE.RNG, OE.INITIALIZATION, OE.INTEGRATION_CONFIGURATION, OE.PROTECTION_AFTER_DELIVERY, OE.DEBUG, OE.CRYPTOGRAPHY, OSP.TEE_ID, OSP.INTEGRATION_CONFI, OSP.SECRETS, OSP.TEE_FIRMWARE_UPG, OSP.INTEGRATION_CONFIGURATION, OSP.TA_MANAGEMENTSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.2, ADV_TDS.1, ADV_FSP.1, AGD_OPE, AGD_PRE, AGD_OPE.1, AGD_PRE.1, ALC_CMC.2, ALC_CMS.1, ALC_CMS.2, ALC_DEL.1, ATE_COV.1, ATE_FUN.1, AVA_TEE, AVA_TEE.2, AVA_VAN.2, AVA_VAN, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_REQ.1, ASE_REQ.2, ASE_OBJ.2, ASE_SPD.1, ASE_TSS.1Security Functional Requirements (SFR)
FAU_ARP.1, FAU_SAR.1, FAU_STG.1, FAU_SAR.1.1, FAU_SAR.1.2, FAU_STG.1.1, FAU_STG.1.2, FAU_ARP.1.1, FAU_GEN.1, FAU_SAA.1, FCS_RNG, FCS_RNG.1, FCS_COP.1, FCS_CKM.1, FCS_CKM.4, FCS_RNG.1.1, FCS_RNG.1.2, FCS_CKM.1.1, FCS_CKM.4.1, FCS_COP.1.1, FCS_CKM.2, FDP_IFC, FDP_IFF, FDP_ITT, FDP_RIP, FDP_ACC, FDP_ACF, FDP_SDI.2, FDP_ROL, FDP_ACC.1, FDP_ACF.1, FDP_IFC.2, FDP_IFF.1, FDP_RIP.1, FDP_ROL.1, FDP_SDI.2.1, FDP_SDI.2.2, FDP_IFC.1, FDP_ITC.1, FDP_ITC.2, FIA_ATD.1, FIA_UID.2, FIA_USB.1, FIA_UID.2.1, FIA_USB.1.1, FIA_USB.1.2, FIA_USB.1.3, FIA_ATD.1.1, FIA_UID.1, FMT_SMR.1, FMT_MSA, FMT_SMF.1, FMT_MSA.1, FMT_MSA.3, FMT_MTD.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_SMF.1.1, FPT_INI, FPT_INI.1, FPT_ITT, FPT_FLS.1, FPT_STM, FPT_INI.1.1, FPT_INI.1.2, FPT_INI.1.3, FPT_ITT.1, FPT_STM.1, FPT_TEE.1, FPT_TEE.1.1, FPT_TEE.1.2, FPT_FLS.1.1, FTP_TEE.1Evaluation facilities
Trusted LabsCertification process
out of scope, System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE, Service Provider TAs and Installed TAs). Such components are out of scope of the TOE, which is out of scope of the present Security Target, Informative — out of scope for ALC, 1.4 2016-06-01 Updated to PP 1.2; aligned most SFR to the PP 1.5 2016-06-07 Mention TA management (out of scope); reference crypto algorithms document 1.6 2016-08-29 Added the file name of the ATE cover sheet, the exact version string to the TOE description. 1.7 2016-11-22 Lifecycle: note that phase 0 is out of scope. TOE overview: mention all embedded TAs, and TAs outside the TOE. List all known TAs/drivers and, Version of Chipset EVT0_REV0.0 Note that the TOE consists of software only. The chipset is out of scope of the evaluation. Kinibi Security Target ST PUBLIC 10 1.3 Diffusion List Trustonic employees , space of its callers. Additional Trusted Applications provided by Trustonic. Such components are out of scope of the TOE. o Content Management Trusted Application (version 3.6) (System TA responsible for, and Trusted Applications (System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE. Additional trusted applications installed via Content Management (Service Provider, and Installed TAs). Such components are out of scope of the TOE. The TOE components are as follows (Table 4): Kinibi Component Descriptions MTK, Storage Upgrade Service, to convert secure storage from previous versions of Kinibi. Upgrade is out of scope of the present Security Target. SPT2 ‹ Secure Storage Proxy, a communication relay between the, proxy, a communication relay between STH2 and a rollb ack-protected storage driver (which is out of scope of the present Security Target). Table 4 TOE Architecture 4.3 TOE Environment: Required, to other entities provided the overall security level is met. Phases Actors (Informative — out of scope for ALC) Phase 0: Firmware/Hardware design, REE development The TEE hardware designer is in charge, The silicon vendor designs the ROM code and the secure portion of the TEE chipset. This phase is out of scope for this security target since it only concerns the preparation of the hardware which not part ofSide-channel analysis
side-channelsCertification process
out of scope, System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE, Service Provider TAs and Installed TAs). Such components are out of scope of the TOE, which is out of scope of the present Security Target, Informative — out of scope for ALC, 1.4 2016-06-01 Updated to PP 1.2; aligned most SFR to the PP 1.5 2016-06-07 Mention TA management (out of scope); reference crypto algorithms document 1.6 2016-08-29 Added the file name of the ATE cover sheet, the exact version string to the TOE description. 1.7 2016-11-22 Lifecycle: note that phase 0 is out of scope. TOE overview: mention all embedded TAs, and TAs outside the TOE. List all known TAs/drivers and, Version of Chipset EVT0_REV0.0 Note that the TOE consists of software only. The chipset is out of scope of the evaluation. Kinibi Security Target ST PUBLIC 10 1.3 Diffusion List Trustonic employees , space of its callers. Additional Trusted Applications provided by Trustonic. Such components are out of scope of the TOE. o Content Management Trusted Application (version 3.6) (System TA responsible for, and Trusted Applications (System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE. Additional trusted applications installed via Content Management (Service Provider, and Installed TAs). Such components are out of scope of the TOE. The TOE components are as follows (Table 4): Kinibi Component Descriptions MTK, Storage Upgrade Service, to convert secure storage from previous versions of Kinibi. Upgrade is out of scope of the present Security Target. SPT2 ‹ Secure Storage Proxy, a communication relay between the, proxy, a communication relay between STH2 and a rollb ack-protected storage driver (which is out of scope of the present Security Target). Table 4 TOE Architecture 4.3 TOE Environment: Required, to other entities provided the overall security level is met. Phases Actors (Informative — out of scope for ALC) Phase 0: Firmware/Hardware design, REE development The TEE hardware designer is in charge, The silicon vendor designs the ROM code and the secure portion of the TEE chipset. This phase is out of scope for this security target since it only concerns the preparation of the hardware which not part ofStandards
FIPS PUB 197, FIPS PUB 46-3, FIPS PUB 180-4, NIST SP 800-90A, PKCS5, ISO/IEC 15408:2005, CCMB-2012-09-001, CCMB-2012-09-002, CCMB-2012-09-003, CCMB-2012-09-004File metadata
| Title | Kinibi v311A Security Target |
|---|---|
| Author | lukas.hanel@trustonic.com |
| Creation date | D:20170110164007+01'00' |
| Modification date | D:20170110164007+01'00' |
| Pages | 93 |
| Creator | Microsoft® Word 2010 Subscription |
| Producer | Microsoft® Word 2010 Subscription |
Heuristics ?
Certificate ID: ANSSI-CC-2017/03
Extracted SARs
ASE_CCL.1, AGD_PRE.1, ASE_REQ.2, ASE_TSS.1, ATE_COV.1, ADV_FSP.2, ASE_ECD.1, ALC_CMS.2, ASE_SPD.1, ALC_DEL.1, AVA_TEE.2, ADV_TDS.1, ASE_INT.1, ALC_CMC.2, ATE_FUN.1, ASE_OBJ.2, AVA_VAN.2, ADV_ARC.1, AGD_OPE.1Scheme data ?
| Product | Kinibi v311A on Exynos 7870 (Référence t-base-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854) | |
|---|---|---|
| Url | https://cyber.gouv.fr/produits-certifies/kinibi-v311a-exynos-7870-reference-t-base-exynos64-android-311a-v004 | |
| Description | Le produit certifié est le système d’exploitation « Kinibi v311A on Exynos 7870, référence tbase-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854, version 311A »développé par TRUSTONIC. Le produit Kinibi est l’implémentation par TRUSTONIC d’un système d’exploitation (Trusted OS), conçu pour être exécuté par un environnement d’exécution de confiance (TEE - Trusted Execution Environnement) | |
| Sponsor | Trustonic | |
| Developer | Trustonic | |
| Cert Id | 2017/03 | |
| Level | EAL2+ | |
| Enhanced | ||
| Cert Id | 2017/03 | |
| Certification Date | 17/02/2017 | |
| Category | Divers | |
| Cc Version | Critères Communs version 3.1r4 | |
| Developer | Trustonic | |
| Sponsor | Trustonic | |
| Evaluation Facility | THALES (TCS – CNES) | |
| Level | EAL2+ | |
| Protection Profile | ||
| Mutual Recognition | SOG-IS CCRA | |
| Augmented | AVA_TEE.2 | |
| Target Link | https://cyber.gouv.fr/sites/default/files/2017/02/anssi_cc-2017_03-cible-publique.pdf | |
| Report Link | https://cyber.gouv.fr/sites/default/files/2017/02/anssi-cc-2017-03.pdf | |
References ?
No references are available for this certificate.
Updates ?
-
23.07.2024 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name Kinibi v311A on Exynos 7870 Référence t-base-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854 was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Trusted Computing",
"cert_link": null,
"dgst": "f7b39b6793294fa8",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "ANSSI-CC-2017/03",
"cert_lab": [
"THALES"
],
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_TEE",
"level": 2
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"7870"
]
},
"indirect_transitive_cves": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"scheme_data": {
"cert_id": "2017/03",
"description": "Le produit certifi\u00e9 est le syst\u00e8me d\u2019exploitation \u00ab Kinibi v311A on Exynos 7870, r\u00e9f\u00e9rence tbase-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854, version 311A \u00bbd\u00e9velopp\u00e9 par TRUSTONIC.\n\nLe produit Kinibi est l\u2019impl\u00e9mentation par TRUSTONIC d\u2019un syst\u00e8me d\u2019exploitation (Trusted OS), con\u00e7u pour \u00eatre ex\u00e9cut\u00e9 par un environnement d\u2019ex\u00e9cution de confiance (TEE - Trusted Execution Environnement)",
"developer": "Trustonic",
"enhanced": {
"augmented": "AVA_TEE.2",
"category": "Divers",
"cc_version": "Crit\u00e8res Communs version 3.1r4",
"cert_id": "2017/03",
"certification_date": "17/02/2017",
"developer": "Trustonic",
"evaluation_facility": "THALES (TCS \u2013 CNES)",
"level": "EAL2+",
"mutual_recognition": "SOG-IS\n CCRA",
"protection_profile": "",
"report_link": "https://cyber.gouv.fr/sites/default/files/2017/02/anssi-cc-2017-03.pdf",
"sponsor": "Trustonic",
"target_link": "https://cyber.gouv.fr/sites/default/files/2017/02/anssi_cc-2017_03-cible-publique.pdf"
},
"level": "EAL2+",
"product": "Kinibi v311A on Exynos 7870 (R\u00e9f\u00e9rence t-base-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854)",
"sponsor": "Trustonic",
"url": "https://cyber.gouv.fr/produits-certifies/kinibi-v311a-exynos-7870-reference-t-base-exynos64-android-311a-v004"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "TRUSTONIC",
"manufacturer_web": "https://www.trustonic.com/",
"name": "Kinibi v311A on Exynos 7870 R\u00e9f\u00e9rence t-base-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854",
"not_valid_after": "2022-02-17",
"not_valid_before": "2017-02-17",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": null,
"cert_frontpage": null,
"cert_keywords": null,
"cert_metadata": null,
"report_filename": "ANSSI-CC-2017-03.pdf",
"report_frontpage": {
"FR": {
"cc_security_level": "EAL 2 augment\u00e9 AVA_TEE.2",
"cc_version": "Crit\u00e8res Communs version 3.1 r\u00e9vision 4",
"cert_id": "ANSSI-CC-2017/03",
"cert_item": "Kinibi v311A on Exynos 7870",
"cert_item_version": "R\u00e9f\u00e9rence t-base-EXYNOS64-Android-311A-V004- 20160527_225213_11082_38854, Version 311A",
"cert_lab": "THALES (TCS \u2013 CNES) 18 avenue Edouard Belin, BPI1414, 31401 Toulouse Cedex 9 France",
"developer": "Trustonic 20 Station Road Cambridge BD1 2ID United Kingdom Commanditaire Trustonic 20 Station Road Cambridge BD1 2ID United Kingdom",
"match_rules": [
"R\u00e9f\u00e9rence du rapport de certification(.+)Nom du produit(.+)R\u00e9f\u00e9rence/version du produit(.+)Conformit\u00e9 \u00e0 un profil de protection(.+)Crit\u00e8res d\u2019\u00e9valuation et version(.+)Niveau d\u2019\u00e9valuation(.+)D\u00e9veloppeur\\(s\\)(.+)Centre d\u2019\u00e9valuation(.+)Accords de reconnaissance applicables"
],
"ref_protection_profiles": "N\u00e9ant"
}
},
"report_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
}
},
"FF": {
"DSA": {
"DSA": 1
}
}
},
"cc_cert_id": {
"FR": {
"ANSSI-CC-2017/03": 19
}
},
"cc_claims": {
"OE": {
"OE.CONFIGURATION": 1,
"OE.INITIALIZATION": 1,
"OE.INTEGRATION_CONFIGURATION": 1,
"OE.PROTECTION_AFTER_DELIVERY": 1,
"OE.RNG": 1,
"OE.ROLLBACK": 1,
"OE.SECRETS": 1,
"OE.TA_DEVELOPMENT": 1,
"OE.TA_MANAGEMENT": 1,
"OE.TRUSTED_FIRMWARE": 1,
"OE.TRUSTED_HARDWARE": 1,
"OE.UNIQUE_TEE_ID": 1
}
},
"cc_protection_profile_id": {
"ANSSI": {
"ANSSI-CC-PP-2014/01": 1,
"ANSSI-CC-PP-2014/01-M01": 1
}
},
"cc_sar": {
"ADV": {
"ADV_ARC": 1,
"ADV_FSP": 1,
"ADV_IMP": 1,
"ADV_INT": 1,
"ADV_SPM": 1,
"ADV_TDS": 1
},
"AGD": {
"AGD_OPE": 2,
"AGD_PRE": 2
},
"ALC": {
"ALC_CMC": 2,
"ALC_CMC_CMS": 1,
"ALC_CMS": 1,
"ALC_DEL": 1,
"ALC_DVS": 1,
"ALC_FLR": 2,
"ALC_TAT": 1
},
"ASE": {
"ASE_CCL": 1,
"ASE_ECD": 1,
"ASE_INT": 1,
"ASE_OBJ": 1,
"ASE_REQ": 1,
"ASE_SPD": 1,
"ASE_TSS": 1
},
"ATE": {
"ATE_COV": 1,
"ATE_DPT": 1,
"ATE_FUN": 1,
"ATE_IND": 1
},
"AVA": {
"AVA_TEE": 2,
"AVA_TEE.2": 5,
"AVA_VAN": 1,
"AVA_VAN.2": 1
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 1,
"EAL 2": 2,
"EAL 3": 1,
"EAL 5": 1,
"EAL 7": 1,
"EAL2": 3,
"EAL4": 1
},
"ITSEC": {
"ITSEC E3 El\u00e9mentaire": 1
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"CC": {
"CCMB-2012-09-001": 1,
"CCMB-2012-09-002": 1,
"CCMB-2012-09-003": 1,
"CCMB-2012-09-004": 1
},
"NIST": {
"NIST SP 800-90A": 4
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 1
}
},
"DES": {
"DES": {
"DES": 2
}
}
},
"technical_report_id": {},
"tee_name": {
"other": {
"Kinibi": 31,
"TEE": 33
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/Author": "",
"/CreationDate": "",
"/Creator": "PDFCreator Version 1.2.1",
"/Keywords": "",
"/ModDate": "",
"/Producer": "GPL Ghostscript 9.02",
"/Subject": "",
"/Title": "ANSSI-CC-2017-03",
"pdf_file_size_bytes": 589101,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 18
},
"st_filename": "ANSSI_CC-2017_03 Cible publique.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"FF": {
"DSA": {
"DSA": 2
}
}
},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.CONNECT": 5,
"A.PEER": 12,
"A.PROTECTION_AFTER_D": 1,
"A.PROTECTION_AFTER_DELIVERY": 4,
"A.RNG": 6,
"A.ROLLBACK": 5,
"A.TA_DEVELOPMENT": 5
},
"O": {
"O.CA_TA_IDENTIFICATIO": 1,
"O.CA_TA_IDENTIFICATION": 10,
"O.INITIALIZATION": 3,
"O.INSTANCE_TIME": 9,
"O.KEYS_USAGE": 1,
"O.OPERATION": 25,
"O.RNG": 11,
"O.RUNTIME_CONFIDENTI": 1,
"O.RUNTIME_CONFIDENTIALITY": 25,
"O.RUNTIME_INTEGRITY": 24,
"O.TA_AUTHENTICITY": 14,
"O.TA_ISOLATION": 21,
"O.TEE_DATA_PROTECTIO": 1,
"O.TEE_DATA_PROTECTION": 17,
"O.TEE_FIRMWARE_UPGRA": 1,
"O.TEE_ID": 12,
"O.TEE_ISOLATION": 18,
"O.TRUSTED_STORAGE": 24
},
"OE": {
"OE.CRYPTOGRAPHY": 1,
"OE.DEBUG": 1,
"OE.INITIALIZATION": 17,
"OE.INTEGRATION_CONFI": 1,
"OE.INTEGRATION_CONFIGURATION": 8,
"OE.PROTECTION_AFTER_": 1,
"OE.PROTECTION_AFTER_DELIVERY": 7,
"OE.RNG": 6,
"OE.ROLLBACK": 8,
"OE.SECRETS": 7,
"OE.TA_DEVELOPMENT": 7,
"OE.TA_MANAGEMENT": 9,
"OE.TEE_FIRMWARE_UPGR": 1,
"OE.TEE_FIRMWARE_UPGRADE": 1,
"OE.TRUSTED_FIRMWARE": 5,
"OE.TRUSTED_HARDWARE": 11,
"OE.UNIQUE_TEE_ID": 8
},
"OP": {
"OP.LOAD": 4,
"OP.STORE": 5
},
"OSP": {
"OSP.INTEGRATION_CONFI": 1,
"OSP.INTEGRATION_CONFIGURATION": 4,
"OSP.SECRETS": 5,
"OSP.TA_MANAGEMENT": 4,
"OSP.TEE_FIRMWARE_UPG": 1,
"OSP.TEE_ID": 7
},
"T": {
"T.ABUSE_FUNCT": 11,
"T.CLONE": 11,
"T.FLASH_DUMP": 5,
"T.IMPERSONATION": 7,
"T.PERTURBATION": 13,
"T.RAM": 9,
"T.RNG": 8,
"T.ROGUE_CODE_EXECUTI": 1,
"T.ROGUE_CODE_EXECUTION": 11,
"T.SPY": 8,
"T.STORAGE_CORRUPTION": 8,
"T.TEE_FIRMWARE_ROLLB": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 6,
"ADV_FSP.1": 3,
"ADV_FSP.2": 14,
"ADV_TDS.1": 9
},
"AGD": {
"AGD_OPE": 2,
"AGD_OPE.1": 8,
"AGD_PRE": 1,
"AGD_PRE.1": 8
},
"ALC": {
"ALC_CMC.2": 1,
"ALC_CMS.1": 1,
"ALC_CMS.2": 1,
"ALC_DEL.1": 1
},
"ASE": {
"ASE_CCL.1": 1,
"ASE_ECD.1": 4,
"ASE_INT.1": 5,
"ASE_OBJ.2": 3,
"ASE_REQ.1": 2,
"ASE_REQ.2": 2,
"ASE_SPD.1": 2,
"ASE_TSS.1": 1
},
"ATE": {
"ATE_COV.1": 5,
"ATE_FUN.1": 4
},
"AVA": {
"AVA_TEE": 5,
"AVA_TEE.2": 22,
"AVA_VAN": 2,
"AVA_VAN.2": 8
}
},
"cc_security_level": {
"EAL": {
"EAL 2": 4,
"EAL2": 3,
"EAL2 augmented": 1
}
},
"cc_sfr": {
"FAU": {
"FAU_ARP.1": 13,
"FAU_ARP.1.1": 1,
"FAU_GEN.1": 4,
"FAU_SAA.1": 2,
"FAU_SAR.1": 11,
"FAU_SAR.1.1": 1,
"FAU_SAR.1.2": 1,
"FAU_STG.1": 10,
"FAU_STG.1.1": 1,
"FAU_STG.1.2": 1
},
"FCS": {
"FCS_CKM.1": 12,
"FCS_CKM.1.1": 1,
"FCS_CKM.2": 1,
"FCS_CKM.4": 10,
"FCS_CKM.4.1": 1,
"FCS_COP.1": 20,
"FCS_COP.1.1": 1,
"FCS_RNG": 4,
"FCS_RNG.1": 15,
"FCS_RNG.1.1": 2,
"FCS_RNG.1.2": 2
},
"FDP": {
"FDP_ACC": 18,
"FDP_ACC.1": 6,
"FDP_ACF": 16,
"FDP_ACF.1": 6,
"FDP_IFC": 21,
"FDP_IFC.1": 4,
"FDP_IFC.2": 3,
"FDP_IFF": 19,
"FDP_IFF.1": 8,
"FDP_ITC.1": 2,
"FDP_ITC.2": 2,
"FDP_ITT": 3,
"FDP_RIP": 9,
"FDP_RIP.1": 2,
"FDP_ROL": 10,
"FDP_ROL.1": 3,
"FDP_SDI.2": 17,
"FDP_SDI.2.1": 1,
"FDP_SDI.2.2": 1
},
"FIA": {
"FIA_ATD.1": 13,
"FIA_ATD.1.1": 1,
"FIA_UID.1": 1,
"FIA_UID.2": 13,
"FIA_UID.2.1": 1,
"FIA_USB.1": 8,
"FIA_USB.1.1": 1,
"FIA_USB.1.2": 1,
"FIA_USB.1.3": 1
},
"FMT": {
"FMT_MSA": 68,
"FMT_MSA.1": 5,
"FMT_MSA.3": 9,
"FMT_MTD.1": 1,
"FMT_SMF.1": 17,
"FMT_SMF.1.1": 1,
"FMT_SMR.1": 17,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
},
"FPT": {
"FPT_FLS.1": 17,
"FPT_FLS.1.1": 1,
"FPT_INI": 3,
"FPT_INI.1": 15,
"FPT_INI.1.1": 2,
"FPT_INI.1.2": 2,
"FPT_INI.1.3": 2,
"FPT_ITT": 14,
"FPT_ITT.1": 2,
"FPT_STM": 6,
"FPT_STM.1": 2,
"FPT_TEE.1": 8,
"FPT_TEE.1.1": 1,
"FPT_TEE.1.2": 1
},
"FTP": {
"FTP_TEE.1": 1
}
},
"certification_process": {
"OutOfScope": {
"1.4 2016-06-01 Updated to PP 1.2; aligned most SFR to the PP 1.5 2016-06-07 Mention TA management (out of scope); reference crypto algorithms document 1.6 2016-08-29 Added the file name of the ATE cover sheet": 1,
"Informative \u2014 out of scope for ALC": 1,
"Service Provider TAs and Installed TAs). Such components are out of scope of the TOE": 1,
"Storage Upgrade Service, to convert secure storage from previous versions of Kinibi. Upgrade is out of scope of the present Security Target. SPT2 \u2039 Secure Storage Proxy, a communication relay between the": 1,
"System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE": 1,
"The silicon vendor designs the ROM code and the secure portion of the TEE chipset. This phase is out of scope for this security target since it only concerns the preparation of the hardware which not part of": 1,
"Version of Chipset EVT0_REV0.0 Note that the TOE consists of software only. The chipset is out of scope of the evaluation. Kinibi Security Target ST PUBLIC 10 1.3 Diffusion List Trustonic employees ": 1,
"and Installed TAs). Such components are out of scope of the TOE. The TOE components are as follows (Table 4): Kinibi Component Descriptions MTK": 1,
"and Trusted Applications (System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE. Additional trusted applications installed via Content Management (Service Provider": 1,
"out of scope": 10,
"proxy, a communication relay between STH2 and a rollb ack-protected storage driver (which is out of scope of the present Security Target). Table 4 TOE Architecture 4.3 TOE Environment: Required": 1,
"space of its callers. Additional Trusted Applications provided by Trustonic. Such components are out of scope of the TOE. o Content Management Trusted Application (version 3.6) (System TA responsible for": 1,
"the exact version string to the TOE description. 1.7 2016-11-22 Lifecycle: note that phase 0 is out of scope. TOE overview: mention all embedded TAs, and TAs outside the TOE. List all known TAs/drivers and": 1,
"to other entities provided the overall security level is met. Phases Actors (Informative \u2014 out of scope for ALC) Phase 0: Firmware/Hardware design, REE development The TEE hardware designer is in charge": 1,
"which is out of scope of the present Security Target": 1
}
},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IPsec": {
"IPsec": 2
},
"TLS": {
"SSL": {
"SSL": 1
},
"TLS": {
"TLS": 1
}
},
"VPN": {
"VPN": 2
}
},
"crypto_scheme": {
"MAC": {
"MAC": 3
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"TrustedLabs": {
"Trusted Labs": 1
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"PRNG": 1
},
"RNG": {
"RNG": 48
}
},
"side_channel_analysis": {
"SCA": {
"side-channels": 1
}
},
"standard_id": {
"CC": {
"CCMB-2012-09-001": 2,
"CCMB-2012-09-002": 2,
"CCMB-2012-09-003": 2,
"CCMB-2012-09-004": 1
},
"FIPS": {
"FIPS PUB 180-4": 1,
"FIPS PUB 197": 1,
"FIPS PUB 46-3": 1
},
"ISO": {
"ISO/IEC 15408:2005": 2
},
"NIST": {
"NIST SP 800-90A": 6
},
"PKCS": {
"PKCS5": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 7
}
},
"DES": {
"3DES": {
"Triple-DES": 1
},
"DES": {
"DES": 5
}
},
"constructions": {
"MAC": {
"HMAC": 1
}
}
},
"technical_report_id": {},
"tee_name": {
"ARM": {
"ARM TrustZone": 3,
"TrustZone": 1
},
"other": {
"Kinibi": 110,
"TEE": 341
}
},
"tls_cipher_suite": {},
"vendor": {
"Samsung": {
"Samsung": 3
},
"Thales": {
"Thales": 3
}
},
"vulnerability": {}
},
"st_metadata": {
"/Author": "lukas.hanel@trustonic.com",
"/CreationDate": "D:20170110164007+01\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2010 Subscription",
"/ModDate": "D:20170110164007+01\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2010 Subscription",
"/Title": "Kinibi v311A Security Target",
"pdf_file_size_bytes": 1581958,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 93
}
},
"protection_profiles": {
"_type": "Set",
"elements": []
},
"report_link": "https://www.commoncriteriaportal.org/files/epfiles/ANSSI-CC-2017-03.pdf",
"scheme": "FR",
"security_level": {
"_type": "Set",
"elements": [
"EAL2+"
]
},
"st_link": "https://www.commoncriteriaportal.org/files/epfiles/ANSSI_CC-2017_03%20Cible%20publique.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": false,
"download_ok": false,
"extract_ok": false,
"pdf_hash": null,
"txt_hash": null
},
"report": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "107ef7a6468e15116c19fd2cef20902b2a63c75c0b61bb1d12054727915ac84e",
"txt_hash": "6215bd0f735df8d5f26a05010d6c4435e227a6230229ddeaa184b760d1d00d42"
},
"st": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "f4eaa5348a5e8868d4e267b981596d63acdd54a316bc57536c42c42eb27d6d53",
"txt_hash": "968f29d69dd98afe1abe3e225c1b24ca9148816a1b50a76db1a492e374daa63b"
}
},
"status": "archived"
}