TÜV Rheinland Nederland B.V. Headoffice: Westervoortsedijk 73 NL-6827 AV Arnhem P.O. Box 2220 NL-6802 CE Arnhem The Netherlands Location Leek: Eiberkamp 10 NL-9351 VT Leek P.O. Box 37 NL-9350 AA Leek The Netherlands info@nl.tuv.com www.tuv.com/nl Tel. +31 (0)88 888 7 888 Fax +31 (0)88 888 7 859 TÜV Rheinland Nederland B.V. is a registered company with the Amsterdam Chamber of Commerce under number 27288788 VAT number: NL815820380B01 IBAN: NL61DEUT0265155096 Version 20101101 ® TÜV, TUEV and TUV are registered trademarks. Any use or application requires prior approval. Certification Report Luna PCI-E Cryptographic Module, Firmware version 6.10.9 Sponsor and developer: SafeNet Inc 20 Colonnade Road, Suite 200 K2E 7M6, OTTAWA ON Canada Evaluation facility: Brightsight Delftechpark 1 2628 XJ Delft The Netherlands Reportnumber: NSCIB-CC-38671-CR Report version: 1 Projectnumber: 38671 Authors(s): Denise Cater/Wouter Slegers Date: 29 June 2017 Number of pages: 14 Number of appendices: 0 Reproduction of this report is authorized provided the report is reproduced in its entirety. Page: 3/14 of report number: NSCIB-CC-38671-CR, dated 29 June 2017 ® TÜV, TUEV and TUV are registered trademarks. Any use or application requires prior approval. CONTENTS: Foreword 4 Recognition of the certificate 5 International recognition 5 European recognition 5 1 Executive Summary 6 2 Certification Results 7 2.1 Identification of Target of Evaluation 7 2.2 Security Policy 7 2.3 Assumptions and Clarification of Scope 7 2.4 Architectural Information 8 2.5 Documentation 9 2.6 IT Product Testing 9 2.7 Evaluated Configuration 11 2.8 Results of the Evaluation 11 2.9 Comments/Recommendations 11 3 Security Target 13 4 Definitions 13 5 Bibliography 14 Page: 4/14 of report number: NSCIB-CC-38671-CR, dated 29 June 2017 ® TÜV, TUEV and TUV are registered trademarks. Any use or application requires prior approval. Foreword The Netherlands Scheme for Certification in the Area of IT Security (NSCIB) provides a third-party evaluation and certification service for determining the trustworthiness of Information Technology (IT) security products. Under this NSCIB, TÜV Rheinland Nederland B.V. has the task of issuing certificates for IT security products, as well as for protection profiles and sites. A part of the procedure is the technical examination (evaluation) of the product, protection profile or site according to the Common Criteria assessment guidelines published by the NSCIB. Evaluations are performed by an IT Security Evaluation Facility (ITSEF) under the oversight of the NSCIB Certification Body, which is operated by TÜV Rheinland Nederland B.V. in cooperation with the Ministry of the Interior and Kingdom Relations. An ITSEF in the Netherlands is a commercial facility that has been licensed by TÜV Rheinland Nederland B.V. to perform Common Criteria evaluations; a significant requirement for such a license is accreditation to the requirements of ISO Standard 17025 “General requirements for the accreditation of calibration and testing laboratories”. By awarding a Common Criteria certificate, TÜV Rheinland Nederland B.V. asserts that the product or site complies with the security requirements specified in the associated (site) security target, or that the protection profile (PP) complies with the requirements for PP evaluation specified in the Common Criteria for Information Security Evaluation. A (site) security target is a requirements specification document that defines the scope of the evaluation activities. The consumer should review the security target or protection profile, in addition to this certification report, in order to gain an understanding of any assumptions made during the evaluation, the IT product's intended environment, its security requirements, and the level of confidence (i.e., the evaluation assurance level) that the product satisfies the security requirements stated in the (site) security target. Reproduction of this report is authorized provided the report is reproduced in its entirety. Page: 5/14 of report number: NSCIB-CC-38671-CR, dated 29 June 2017 ® TÜV, TUEV and TUV are registered trademarks. Any use or application requires prior approval. Recognition of the certificate Presence of the Common Criteria Recognition Arrangement and SOG-IS logos on the certificate would indicate that this certificate is issued in accordance with the provisions of the CCRA and the SOG-IS agreement and will be recognised by the participating nations. International recognition The CCRA has been signed by the Netherlands in May 2000 and provides mutual recognition of certificates based on the CC. Starting September 2014 the CCRA has been updated to provide mutual recognition of certificates based on cPPs (exact use) or STs with evaluation assurance levels up to and including EAL2+ALC_FLR. The current list of signatory nations and approved certification schemes can be found on: http://www.commoncriteriaportal.org. Certificates issued before 08 September 2014 are still under recognition according to the rules of the previous CCRA (i.e. recognition based on assurance components up to and including EAL4+ALC_FLR). Also certification procedures started before 8 September 2014 and Assurance Continuity (maintenance and re-certification) of old certificates remain recognised according to the rules of the previous CCRA. The certification of this product has started before 8 September 2014 and thus the recognition of the certificate falls under the recognition rules of the previous CCRA. European recognition The European SOGIS-Mutual Recognition Agreement (SOGIS-MRA) version 3 effective from April 2010 provides mutual recognition of Common Criteria and ITSEC certificates at a basic evaluation level for all products. A higher recognition level for evaluation levels beyond EAL4 (resp. E3-basic) is provided for products related to specific technical domains. This agreement was initially signed by Finland, France, Germany, The Netherlands, Norway, Spain, Sweden and the United Kingdom. Italy joined the SOGIS-MRA in December 2010. The current list of signatory nations, approved certification schemes and the list of technical domains for which the higher recognition applies can be found on: http://www.sogisportal.eu. Page: 6/14 of report number: NSCIB-CC-38671-CR, dated 29 June 2017 ® TÜV, TUEV and TUV are registered trademarks. Any use or application requires prior approval. 1 Executive Summary This Certification Report states the outcome of the Common Criteria security evaluation of the Luna PCI-E Cryptographic Module, Firmware version 6.10.9. The developer of the Luna PCI-E Cryptographic Module is SafeNet Inc located in Ottawa, Canada and they also act as the sponsor of the evaluation and certification. A Certification Report is intended to assist prospective consumers when judging the suitability of the IT security properties of the product for their particular requirements. The TOE provides a logically protected component for the performance of cryptographic functions for key generation, key storage, encryption and decryption, key wrapping, secure key transport, key establishment, digital signature generation and verification used by application systems that provide cryptographic support functions such as a Certificate Authority/Certification Service Provider (CA) or Time Stamp Authority (TSA). Luna SA is the most common host for the Luna PCI-E Cryptographic Module and when acting as the host system, it allows clients to authenticate to the TOE to access cryptographic services. Access to TOE services is provided using supplied host software (non-TOE) that interfaces to the Crypto Module using its PCI-E interface. The TOE Security Functionality is contained within the Luna PCI-E cryptographic module (a printed circuit board in PCI-E card format enclosed within tamper-evident metal covers). The Luna SA is outside the scope of the TOE. The TOE has been evaluated by Brightsight B.V. located in Delft, The Netherlands. The evaluation was completed on June 21 2017 with the approval of the ETR. The certification procedure has been conducted in accordance with the provisions of the Netherlands Scheme for Certification in the Area of IT Security [NSCIB]. The scope of the evaluation is defined by the security target [ST], which identifies assumptions made during the evaluation, the intended environment for the Luna PCI-E Cryptographic Module, the security requirements, and the level of confidence (evaluation assurance level) at which the product is intended to satisfy the security requirements. Consumers of the Luna PCI-E Cryptographic Module are advised to verify that their own environment is consistent with the security target, and to give due consideration to the comments, observations and recommendations in this certification report. The results documented in the evaluation technical report [ETR] 1 for this product provide sufficient evidence that it meets the EAL4augmented (EAL4(+)) assurance requirements for the evaluated security functionality. This assurance level is augmented with ALC_FLR.2 (Flaw Reporting Procedures) and AVA_VAN.4 (Methodical vulnerability analysis). The evaluation was conducted using the Common Methodology for Information Technology Security Evaluation, Version 3.1 Revision 4 [CEM], for conformance to the Common Criteria for Information Technology Security Evaluation, version 3.1 Revision 4 [CC]. TÜV Rheinland Nederland B.V., as the NSCIB Certification Body, declares that the Luna PCI-E Cryptographic Module, Firmware version 6.10.9 evaluation meets all the conditions for international recognition of Common Criteria Certificates and that the product will be listed on the NSCIB Certified Products list. It should be noted that the certification results only apply to the specific version of the product as evaluated. 1 The Evaluation Technical Report contains information proprietary to the developer and/or the evaluator, and is not releasable for public review. Page: 7/14 of report number: NSCIB-CC-38671-CR, dated 29 June 2017 ® TÜV, TUEV and TUV are registered trademarks. Any use or application requires prior approval. 2 Certification Results 2.1 Identification of Target of Evaluation The Target of Evaluation (TOE) for this evaluation is the Luna PCI-E Cryptographic Module, Firmware version 6.10.9 from SafeNet Inc located in Ottawa, Canada. The TOE is a printed circuit board in PCI-E card format enclosed within tamper-evident metal covers. It may be delivered stand-alone or integrated in a Luna SA appliance. Additional security functionality provided by the Luna SA appliance to satisfy the requirements levied upon the Operational Environment of the TOE has not been examined in the conduct of this evaluation. The TOE is comprised of the following main components: Delivery item type Identifier Version Hardware 808-00015-001, 808-00015-003, 808-000052-001, 808-000053-001 n/a Software Luna PCI-E Cryptographic module Firmware 6.10.9 To ensure secure usage a set of guidance documents is provided together with the Luna PCI-E Cryptographic Module. Details can be found in section 2.5 of this report. 2.2 Security Policy The Target of Evaluation – TOE (i.e. Luna PCI-E Cryptographic Module) is a Hardware Security Module (HSM) in the form of a PCI-E card that typically resides within a custom computing or secure communications appliance that is operated in a controlled environment. The TOE features hardware key management to maintain the confidentiality and integrity of digital signature and encryption keys. Key material is generated, stored, and used exclusively within the Luna PCI-E cryptographic module to prevent compromise. The cryptographic functionality includes:  Key generation; symmetric (TDES and AES) keys and asymmetric key pairs (RSA and ECDSA),  Key storage,  Encryption and decryption using both symmetric and asymmetric cryptography, and  Digital signature generation and verification using RSA and ECDSA key pairs. 2.3 Assumptions and Clarification of Scope 2.3.1 Assumptions Detailed information on the assumption and threats can be found in the [ST] sections 3.4 and 3.2 respectively. Detailed information on the security objectives that must be fulfilled by the TOE environment can be found in section 4.2 of the [ST]. 2.3.2 Clarification of scope The TOE must be operated within protected physical environment that limits physical access to the TOE to authorised individuals. The TOE does not protect against physical tampering. The TOE environment must protect the user data in the red area of the IT system and controls the exchange data between the red and black area of the IT system according to the IT security policy. Page: 8/14 of report number: NSCIB-CC-38671-CR, dated 29 June 2017 ® TÜV, TUEV and TUV are registered trademarks. Any use or application requires prior approval. 2.4 Architectural Information The TOE subsystems, depicted in Figure 1 below, are summarised in the following table. Subsystem Description Hardware subsystem PowerPC 440EPx Processor (CPU) SafeXcel-3120 Security Processor w/ 64MBytes private Flash Memory SafeXcel-1746 Accelerator Bridge for (PCI <-> PCIe) and a FPGA supports the Bus Logic nvRAM in the RTC 64 MBytes Flash Memory 256 MBytes SDRAM Memory Bootloader Subsystem The boot loader is responsible for ensuring the integrity of the underlying platform memory and for ensuring the integrity of the main firmware load. The boot loader loads all other embedded subsystems onto the cryptographic module. The bootloader is built from a separate make file. Linux Subsystem The Luna PCI-E cryptographic module includes Linux Kernel version 2.6.28 at its core. The HSM/PCI-e is a single application on top of the Linux system. Main Subsystem This subsystem is responsible for: Providing an entry point for the process that provides all HSM services by starting an infinite loop function in the communication subsystem. Initializing and zeroing the HSM, Setting the cryptographic module policy values, Applying capability and policy updates, Initiating firmware updates and rollbacks, Maintaining the firmware version number, the communication protocol number, and the amount of global storage available across the HSM. Communication Subsystem This subsystem contains the main loop for receiving commands and dispatching to other subsystems. Session Manager Subsystem This subsystem maintains information on active sessions alongside authentication status for each of the sessions. User Subsystem This subsystem maintains user management and user authentication services for the cryptographic module. Rule subsystem This subsystem maintains capabilities and policies. Param Subsystem This subsystem is interface for other subsystems to the Rule subsystem. Key Management subsystem This subsystem provides security-enforcing functions. It processes all commands that involve the generation, wrapping/unwrapping and derivation of keys. Key destruction is performed within the Object Handler subsystem. Cryptographic Operations Subsystem This subsystem is responsible for cryptographic operations on the Luna HSM. Master Tamper Key (MTK) This subsystem handles the MTK recovery. Page: 9/14 of report number: NSCIB-CC-38671-CR, dated 29 June 2017 ® TÜV, TUEV and TUV are registered trademarks. Any use or application requires prior approval. Subsystem Description Subsystem Object Handler Subsystem This subsystem maintains all data structures. Memory Management Subsystem This subsystem manages the allocation of memory. Figure 1 TOE subsystems 2.5 Documentation The following documentation is provided with the product by the developer to the customer: Identifier Version Guidance Documentation: CR-4119, Luna PCI-E Cryptographic Module, Common Criteria User Guidance 2.0 2.6 IT Product Testing Testing (depth, coverage, functional tests, independent testing): The evaluators examined the developer’s testing activities documentation and verified that the developer has met their testing responsibilities. 2.6.1 Testing approach and depth The developer created a testing environment that tested all logical TOE interfaces. This includes all typical deployment scenarios, all crypto functionality and the less common functionality. Additionally, security mechanisms providing the following functionality were tested:  Zeroisation,  internal object integrity protection, Page: 10/14 of report number: NSCIB-CC-38671-CR, dated 29 June 2017 ® TÜV, TUEV and TUV are registered trademarks. Any use or application requires prior approval.  PCI-E bus read/write supervision to protect against attempts from the host to maliciously access sensitive internal TOE memory regions. The evaluator repeated and confirmed the results of all automated tests presented by the vendor, as well as some manual tests that could not be exercised from external interfaces; including those for zeroization, internal object integrity protection and PCI-E bus read/write supervision. The evaluator devised and executed an additional twenty (20) independent functional tests to further demonstrate the behaviour of the major TOE functionalities such as User authentication, Crypto rule enforcement, Access control rule enforcement, Key Attributes and Mechanisms, Configuration, and Cloning. For some of the functional tests a small code change was added to the TOE firmware to support a trigger signal. The evaluator reviewed this change and concluded that the extra code only starts and stops the trigger, but do not influence the functional behaviour of the TOE. Therefore, it was concluded the change did not impact the test results of the functional tests. 2.6.2 Independent Penetration Testing The evaluator independent penetration tests were devised after performing a methodical vulnerability analysis. To identify possible vulnerabilities for further analysis, the evaluator performed the following activities:  SFR design analysis: SFR implementation details were examined in the SFR design analysis. During this examination several possible vulnerabilities were collected.  Additional security analysis: Once the implementations of the SFRs were understood, some coverage checks were performed on SFR relevant aspects, resulting in collection of several possible vulnerabilities.  CWE vulnerability focus: Using inspiration from the CWE weaknesses collection, the evaluator collected a list of security questions and related answers. This approach ensured that the evaluator was forced to think in terms of vulnerabilities from all different angles and improved completeness in the vulnerability analysis. Also during this examination several possible vulnerabilities were collected.  Public vulnerability search: Also during this search several possible vulnerabilities were collected. Having collected possible vulnerabilities, the evaluator then analysed each possible vulnerability in turn, either producing a satisfactory analysis to show the possible vulnerability is not applicable to the TOE, or it was examined further as a potential vulnerability. For each potential vulnerability an attack description and attack rating was produced, additional code review was performed, and/or additional functional/penetration test cases were devised. From this analysis a total of eight (8) penetration tests were devised and executed, comprised of 5 logical tests, 1 fuzzing test and 2 side channel tests (timing and emissions). 2.6.3 Test Configuration The developer provided the evaluator with the TOE (hardware 808-00015-001 2 and firmware 6.10.9), code and tools necessary to recreate the test environments used for developer testing. For execution of some test cases it was necessary for a development board to be used and/or modified bootloader firmware and trigger code. The evaluators assessed the differences between the TOE and development hardware/firmware, and determined that the differences did not have an impact on the behaviour being demonstrated. These test environments were used for repeating developer testing and also for independent functional and penetration testing performed by the evaluator. See the [ETR] for details. 2 The single version of TOE hardware was used in testing, and the evaluators produced an equivalency rationale to demonstrate the behaviour demonstrated for this hardware variant was representative of the other 3 TOE hardware variants. Page: 11/14 of report number: NSCIB-CC-38671-CR, dated 29 June 2017 ® TÜV, TUEV and TUV are registered trademarks. Any use or application requires prior approval. 2.6.4 Testing Results The testing activities, including configurations, procedures, test cases, expected results and observed results are summarised in the [ETR], with references to the documents containing the full details. The developer’s tests and the independent functional tests produced the expected results, giving assurance that the TOE behaves as specified in its ST and functional specification. No exploitable vulnerabilities were found with the independent penetration tests. The algorithmic security level of cryptographic functionality has not been rated in this certification process, but the current consensus on the algorithmic security level in the open domain, i.e. from the current best cryptanalytic attacks published, has been taken into account. 2.7 Evaluated Configuration The TOE is defined uniquely by its name and version number Luna PCI-E Cryptographic Module, Firmware version 6.10.9, together with the PCI-E hardware identifiers as detailed in Section 2.1. 2.8 Results of the Evaluation The evaluation lab documented their evaluation results in the [ETR] 3 which references the ASE Intermediate Report and other NSP#6-compliant evaluator documents. The verdict of each claimed assurance requirement is “Pass”. Based on the above evaluation results the evaluation lab concluded the Luna PCI-E Cryptographic Module, Firmware version 6.10.9, to be CC Part 2 extended, CC Part 3 conformant, and to meet the requirements of EAL 4 augmented with ALC_FLR.2 and AVA_VAN.4. This implies that the product satisfies the security technical requirements specified in Security Target Security Target for Luna PCI- E Cryptographic Module, Rev 18, 30 May 2017. 2.9 Comments/Recommendations The user guidance as outlined in section 2.5 contains necessary information about the usage of the TOE and guidance to meet the objectives for the operational environment to ensure secure operation of the TOE. The SO is responsible for configuring the HSM in its CC compliant mode of operation, by enabling or disabling the appropriate Module Policy settings as specified in the user guidance. In particular it is important that FIPS mode is enabled and the partition policy “21: Enable High Availability Recovery” is disabled. Also if the partition policy “11: Enable Changing Key Attributes” is disabled then the partition policies “0: Allow Private Key Cloning, “1: Allow Private Key Wrapping”, “4: Allow Secret Key Cloning” and “5: Allow Secret Key Wrapping” must be disabled as well. As noted in the user guidance, it is important that the following operations are performed using the local PED during initial setup and during administration of roles:  All SO login operations e.g. during role or partition creation and initial configuration;  Initialisation of CO and CU roles where PED keys are written including presentation of the challenge secret via the PED.  Reset of the CO or CU challenge secrets to an HSM generated random value where the value is presented to the end user via the PED display. The customer must ensure that only the serial cable provided with the TOE (as part of the Luna SA appliance delivery) is used when presenting PIN/password and Token using a device connected directly to the TOE. This is a specialised cable that incorporates features not uniformly present in all COTS serial cables, which minimise the risk of radiated emission during operation of a connected device. 3 The Evaluation Technical Report contains information proprietary to the developer and/or the evaluator, and is not releasable for public review. Page: 12/14 of report number: NSCIB-CC-38671-CR, dated 29 June 2017 ® TÜV, TUEV and TUV are registered trademarks. Any use or application requires prior approval. In addition, all aspects of assumptions, threats and policies as outlined in the Security Target not covered by the TOE itself need to be fulfilled by the operational environment of the TOE. In particular attention should be paid to the physical protection of the TOE provided by the operational environment as the TOE is not evaluated to provide physical protection. Also, the operational environment of the TOE must provide separation and protection of Red/Black user data. The customer or user of the product shall consider the results of the certification within his system risk management process. In order for the evolution of attack methods and techniques to be covered, he should define the period of time until a re-assessment for the TOE is required and thus requested from the sponsor of the certificate. The strength of the implemented cryptographic algorithms was not rated in the course of this evaluation. To fend off attackers with high attack potential appropriate cryptographic algorithms with adequate key lengths must be used (references can be found in national and international documents and standards). Page: 13/14 of report number: NSCIB-CC-38671-CR, dated 29 June 2017 ® TÜV, TUEV and TUV are registered trademarks. Any use or application requires prior approval. 3 Security Target The Security Target Security Target for Luna PCI-E Cryptographic Module, Rev 18, 30 May 2017[ST] is included here by reference. 4 Definitions This list of Acronyms and the glossary of terms contains elements that are not already defined by the CC or CEM: CO Crypto Officer CU Crypto User HA High Availability HSM Hardware Security Module IT Information Technology ITSEF IT Security Evaluation Facility NSCIB Netherlands scheme for certification in the area of IT security PED PIN Entry Device PP Protection Profile SO Security Officer TOE Target of Evaluation Page: 14/14 of report number: NSCIB-CC-38671-CR, dated 29 June 2017 ® TÜV, TUEV and TUV are registered trademarks. Any use or application requires prior approval. 5 Bibliography This section lists all referenced documentation used as source material in the compilation of this report: [CC] Common Criteria for Information Technology Security Evaluation, Part I version 3.1 revision 1, and Parts II and III, version 3.1, revision 4, September 2012. [CEM] Common Methodology for Information Technology Security Evaluation, version 3.1, Revision 4, September 2012. [ETR] Evaluation Technical Report Luna PCI-E Cryptographic Module EAL4+, 16-RPT- 261, version 2.0, 21 June 2017. [NSCIB] Netherlands Scheme for Certification in the Area of IT Security, Version 2.3, 1 April, 2017. [ST] Security Target for Luna PCI-E Cryptographic Module, Rev 18, 30 May 2017. (This is the end of this report).