© A`` 2 of 72 nShield5s HSM Security Target nShield5s HSM Security Target 3 of 72 4 of 72 nShield5s HSM Security Target nShield5s HSM Security Target 5 of 72 Title nShield5s HSM Security Target Version Current Page Version 115 • • 6 of 72 nShield5s HSM Security Target Type Name Identifier Form factor Delivery Hardware nShield5s (Model number NC5536E) PCB assembly part number: PCA10005- 01 PCB assembly revision: 03 PCIe board Courier nShield5s ((Model number NC5536N) for nShield5c (Model number NH2096) PCB assembly part number: PCA10005- 01 PCB assembly revision: 03 PCIe board embedded in nShield5c appliance Courier Firmware nShield5s firmware image Primary: 13.5.1 Recovery: 13.5.0 Bootloader: 1.4.1 binary image file in ISO image or DVD Courier or web download Documentation nShield5 Common Criteria Evaluated Configuration Guide V29 pdf file Web download nShield5s HSM Security Target 7 of 72 • • • • • 8 of 72 nShield5s HSM Security Target • • • Algorithm and mode Standard Key sizes Use Advanced Encryption Standard (AES) • ECB • CBC • GCM FIPS 197 SP800- 38A SP800- 38D 128 bits 192 bits 256 bits Data encryption/decryption Advanced Encryption Standard (AES) • Key Wrapping (KW) • Key Wrapping with Padding (KWP) • GCM SP800-38F SP800- 38D 128 bits 192 bits 256 bits Key wrapping/unwrapping (KTS) Advanced Encryption Standard (AES) for SSH crypto • CTR • GCM FIPS 197 SP800- 38A SP800- 38D 128 bits Data encryption/decryption RSA OAEP SP 800- 56Brev2 2048 bits 3072 bits 4096 bits Key transport (KTS) CKG SP 800- 133 128 bits Symmetric key generation nShield5s HSM Security Target 9 of 72 Algorithm and mode Standard Key sizes Use 192 bits 256 bits RSA • RSASSA-PKCS- v1_5 • RSASSA-PSS FIPS 186-4 1024 bits (verification only) 2048 bits 3072 bits 4096 bits Key generation Signature generation and verification Elliptic Curve Digital Signature Algorithm (ECDSA) FIPS 186-4 • NIST P-224, P-256, P-384, P- 521 • NIST K-233, K-283, K-409, K- 571 • NIST B-233, B-283, B-409, B- 571 • brainpoolP224r1/P224t1 (112 bits of strength) • brainpoolP256r1/P256t1 (128 bits of strength) • brainpoolP320r1/P320t1 (160 bits of strength) • brainpoolP384r1/P384t1 (192 bits of strength) • brainpoolP512r1/P512t1 (256 bits of strength) Key generation Signature generation and verification Digital Signature Algorithm (DSA) FIPS 186-4 L = 1024 bits, N = 160 bits (verification only) L = 2048 bits, N = 224 bits L = 2048 bits, N = 256 bits L = 3072 bits, N = 256 bits Key generation Signature generation and verification HMAC-SHA1 HMAC-SHA2 FIPS 198-1 >= 112 bits MAC generation and verification Advanced Encryption Standard (AES) • CMAC SP800- 38B 128 bits 192 bits 256 bits MAC generation and verification Diffie-Hellman (DH) SP 800- 56Arev3 MODP-2048 MODP-3072 Key establishment (KAS) 10 of 72 nShield5s HSM Security Target Algorithm and mode Standard Key sizes Use MODP-4096 MODP-6144 MODP-8192 FB FC Elliptic Curve Diffie- Hellman (ECDH) SP 800- 56Arev3 • NIST P-224, P-256, P-384, P- 521 • NIST K-233, K-283, K-409, K- 571 • NIST B-233, B-283, B-409, B- 571 • brainpoolP224r1/P224t1 (112 bits of strength) • brainpoolP256r1/P256t1 (128 bits of strength) • brainpoolP320r1/P320t1 (160 bits of strength) • brainpoolP384r1/P384t1 (192 bits of strength) • brainpoolP512r1/P512t1 (256 bits of strength) Key establishment (KAS) and (KAS-SSC) Elliptic Curve Menezes– Qu–Vanstone (ECMQV) SP 800- 56Arev3 • NIST P-224, P-256, P-384, P- 521 • NIST K-233, K-283, K-409, K- 571 • NIST B-233, B-283, B-409, B- 571 • brainpoolP224r1/P224t1 (112 bits of strength) • brainpoolP256r1/P256t1 (128 bits of strength) • brainpoolP320r1/P320t1 (160 bits of strength) • brainpoolP384r1/P384t1 (192 bits of strength) Key establishment (KAS) nShield5s HSM Security Target 11 of 72 Algorithm and mode Standard Key sizes Use • brainpoolP512r1/P512t1 (256 bits of strength) Key Based KDF (KBKDF): • counter mode SP 800- 108 n/a Key derivation Secure Shell (SSH) KDF SP 800- 135rev1 n/a Key derivation SHA-1 FIPS 180-4 n/a Message digest SHA-224, SHA-256, SHA- 384, SHA-512 FIPS 180-4 n/a Message digest SHA3-224, SHA3-256, SHA3-384, SHA3-512 FIPS 202 n/a Message digest Hash-based DRBG SP 800- 90A 344 bits Random bit generation Algorithm/Function Use Symmetric DES Data encryption/decryption Key wrapping/unwrapping Triple DES encryption, MAC generation AES GCM with externally generated IV AES CBC MAC Aria Camellia Arc Four (compatible with RC4) CAST 256 (RFC2612) 12 of 72 nShield5s HSM Security Target Algorithm/Function Use SEED (Korean Data Encryption Standard) Asymmetric KTS-OAEP-basic with SHA-256 with key size less than 2048 bits Key transport Data encryption/decryption ElGamal (encryption using Diffie-Hellman keys) Key transport Data encryption/decryption KCDSA (Korean Certificate-based Digital Signature Algorithm) Signature generation and verification RSA digital signature generation with SHA-1 or key size less than 2048 bits DSA digital signature generation with SHA-1 or key size less than 2048 bits ECDSA digital signature generation with SHA-1 or curves P-192, K-163 , B-163, brainpoolP160r1/P160t1, brainpoolP192r1/P192t1, other custom curves. Ed25519 public-key signature Deterministic DSA compliant with RFC6979 DH with key size p < 2048 bits or q < 224 bits, or non-compliant with SP800-56Arev3 Key establishment ECDH with curves P-192, K-163, B-163, brainpoolP160r1/P160t1, brainpoolP192r1/P192t1, other custom curves, or non-compliant with SP800-56Arev3 EC MQV with curves P-192, K-163 or B-163, brainpoolP160r1/P160t1, brainpoolP192r1/P192t1, other custom curves., or non-compliant with SP800-56Arev3 X25519 key exchange ECKA-EG key agreement ECIES encryption/wrapping and decryption/unwrapping Key wrapping/unwrapping Data encryption/decryption Hash HAS-160 Message digest MD5 RIPEMD-160 nShield5s HSM Security Target 13 of 72 Algorithm/Function Use Tiger Message Authentication Codes MD5, RIPEMD-160 and Tiger MAC generation/verification HMAC with key size less than 112 bits Other EMV support: Cryptogram (ARQC) generation and verification (includes EMV2000, M/Chip 4 and Visa Cryptogram Version 14, EMV 2004, M/Chip 2.1, Visa Cryptogram Version 10) Watchword generation and verification MAC generation/verification Hyperledger client side KDF Key derivation 3GPP TUAK algorithm from ETSI standard [TUAK] Key derivation 3GPP Milenage algorithm from ETSI standard [Milenage] Key derivation • • • • 14 of 72 nShield5s HSM Security Target • • • • • nShield5s HSM Security Target 15 of 72 16 of 72 nShield5s HSM Security Target nShield5s HSM Security Target 17 of 72 • • • 18 of 72 nShield5s HSM Security Target nShield5s HSM Security Target 19 of 72 20 of 72 nShield5s HSM Security Target • nShield5s HSM Security Target 21 of 72 • • 22 of 72 nShield5s HSM Security Target nShield5s HSM Security Target 23 of 72 • • • • 24 of 72 nShield5s HSM Security Target • • • • nShield5s HSM Security Target 25 of 72 26 of 72 nShield5s HSM Security Target nShield5s HSM Security Target 27 of 72 • • • Hierarchical to: No other components Dependencies: FCS_COP.1 Cryptographic operation FCS_CKM.4 Cryptographic key destruction FCS_CKM.1.1 The TSF shall generate cryptographic keys in accordance with a specifiedcryptographic key generation algorithm list of key generation algorithm specified in Key Generation Table below and specified cryptographic key sizes specified in Key Generation Table below that meet the following: list of standards specified in Key Generation Table below. Key generation algorithm Key size(s) Standard Asymmetric key generation See FCS_COP.1 FIPS 186-4 SP 800-56A Symmetric key generation See FCS_COP.1 Direct generation using FCS_RNG.1/DRBG Hierarchical to: No other components 28 of 72 nShield5s HSM Security Target Dependencies: FCS_CKM.1 Cryptographic key generation FCS_CKM.4.1 The TSF shall destroy cryptographic keys in accordance with a specified cryptographic key destruction method zeroisation that meets the following: FIPS 140-3 Level 3. Hierarchical to: No other components Dependencies: FCS_CKM.1 Cryptographic key generation FCS_CKM.4 Cryptographic key destruction FCS_COP.1.1 The TSF shall perform list of cryptographic operations specified in CC-endorsed Cryptographic Algorithms Table below in accordance with a specified cryptographic algorithm specified in CC-endorsed Cryptographic Algorithms Table below and cryptographic key sizes specified in CC-endorsed Cryptographic Algorithms Table below that meet the following: list of standards specified in CC-endorsed Cryptographic Algorithms Table below. Algorithm and mode Standard Key sizes Use Advanced Encryption Standard (AES) • ECB • CBC • GCM FIPS 197 SP800- 38A SP800- 38D 128 bits 192 bits 256 bits Data encryption/decryption Advanced Encryption Standard (AES) • Key Wrapping (KW) • Key Wrapping with Padding (KWP) • GCM SP800-38F SP800- 38D 128 bits 192 bits 256 bits Key wrapping/unwrapping (KTS) Advanced Encryption Standard (AES) for SSH crypto • CTR FIPS 197 SP800- 38A 128 bits Data encryption/decryption nShield5s HSM Security Target 29 of 72 Algorithm and mode Standard Key sizes Use • GCM SP800- 38D RSA OAEP SP 800- 56Brev2 2048 bits 3072 bits 4096 bits Key transport (KTS) CKG SP 800- 133 128 bits 192 bits 256 bits Symmetric key generation RSA • RSASSA-PKCS- v1_5 • RSASSA-PSS FIPS 186-4 1024 bits (verification only) 2048 bits 3072 bits 4096 bits Key generation Signature generation and verification Elliptic Curve Digital Signature Algorithm (ECDSA) FIPS 186-4 • NIST P-224, P-256, P-384, P- 521 • NIST K-233, K-283, K-409, K- 571 • NIST B-233, B-283, B-409, B- 571 • brainpoolP224r1/P224t1 (112 bits of strength) • brainpoolP256r1/P256t1 (128 bits of strength) • brainpoolP320r1/P320t1 (160 bits of strength) • brainpoolP384r1/P384t1 (192 bits of strength) • brainpoolP512r1/P512t1 (256 bits of strength) Key generation Signature generation and verification Digital Signature Algorithm (DSA) FIPS 186-4 L = 1024 bits, N = 160 bits (verification only) L = 2048 bits, N = 224 bits L = 2048 bits, N = 256 bits L = 3072 bits, N = 256 bits Key generation Signature generation and verification 30 of 72 nShield5s HSM Security Target Algorithm and mode Standard Key sizes Use HMAC-SHA1 HMAC-SHA2 FIPS 198-1 >= 112 bits MAC generation and verification Advanced Encryption Standard (AES) • CMAC SP800- 38B 128 bits 192 bits 256 bits MAC generation and verification Diffie-Hellman (DH) SP 800- 56Arev3 MODP-2048 MODP-3072 MODP-4096 MODP-6144 MODP-8192 FB FC Key establishment (KAS) Elliptic Curve Diffie- Hellman (ECDH) SP 800- 56Arev3 • NIST P-224, P-256, P-384, P- 521 • NIST K-233, K-283, K-409, K- 571 • NIST B-233, B-283, B-409, B- 571 • brainpoolP224r1/P224t1 (112 bits of strength) • brainpoolP256r1/P256t1 (128 bits of strength) • brainpoolP320r1/P320t1 (160 bits of strength) • brainpoolP384r1/P384t1 (192 bits of strength) • brainpoolP512r1/P512t1 (256 bits of strength) Key establishment (KAS) and (KAS-SSC) Elliptic Curve Menezes– Qu–Vanstone (ECMQV) SP 800- 56Arev3 • NIST P-224, P-256, P-384, P- 521 • NIST K-233, K-283, K-409, K- 571 • NIST B-233, B-283, B-409, B- 571 Key establishment (KAS) nShield5s HSM Security Target 31 of 72 Algorithm and mode Standard Key sizes Use • brainpoolP224r1/P224t1 (112 bits of strength) • brainpoolP256r1/P256t1 (128 bits of strength) • brainpoolP320r1/P320t1 (160 bits of strength) • brainpoolP384r1/P384t1 (192 bits of strength) • brainpoolP512r1/P512t1 (256 bits of strength) Key Based KDF (KBKDF): • counter mode SP 800- 108 n/a Key derivation Secure Shell (SSH) KDF SP 800- 135rev1 n/a Key derivation SHA-1 FIPS 180-4 n/a Message digest SHA-224, SHA-256, SHA- 384, SHA-512 FIPS 180-4 n/a Message digest SHA3-224, SHA3-256, SHA3-384, SHA3-512 FIPS 202 n/a Message digest Hash-based DRBG SP 800- 90A 344 bits Random bit generation Hierarchical to: No other components Dependencies: No dependencies. FCS_RNG.1.1/PTRNG The TSF shall provide a physical random number generator that implements: (PTG.2.1) A total failure test detects a total failure of entropy source immediately when the RNG has started. When a total failure is detected, no random numbers will be output. (PTG.2.2) If a total failure of the entropy source occurs while the RNG is being operated, the RNG prevents the output of any internal random number that depends on some raw random numbers that have been generated after the total failure of the entropy source. 32 of 72 nShield5s HSM Security Target (PTG.2.3) The online test shall detect non-tolerable statistical defects of the raw random number sequence (i) immediately when the RNG has started, and (ii) while the RNG is being operated. The TSF must not output any random numbers before the power-up online test has finished successfully or when a defect has been detected. (PTG.2.4) The online test procedure shall be effective to detect non-tolerable weaknesses of the random numbers soon. (PTG.2.5) The online test procedure checks the quality of the raw random number sequence. It is triggered continuously. The online test is suitable for detecting non-tolerable statistical defects of the statistical properties of the raw random numbers within an acceptable period of time. FCS_RNG.1.2/PTRNG The TSF shall provide octets of bits that meet: (PTG.2.6) Test procedure A and none does not distinguish the internal random numbers from output sequences of an ideal RNG. (PTG.2.7) The average Shannon entropy per internal random bit exceeds 0.997 Hierarchical to: No other components Dependencies: No dependencies. FCS_RNG.1.1/DRBG The TSF shall provide a hybrid deterministic random number generator that implements: (DRG.4.1) The internal state of the RNG shall have at least 128 bits of entropy. (DRG.4.2) The RNG provides forward secrecy. (DRG.4.3) The RNG provides backward secrecy even if the current internal state is known. (DRG.4.4) The RNG provides enhanced forward secrecy on condition reseeding (every 80,000 requests). (DRG.4.5) The internal state of the RNG is seeded by an PTRNG of class PTG.2. FCS_RNG.1.2/DRBG The TSF shall provide octets of bits that meet: (DRG.4.6) The RNG generates output for which 2^47 strings of bit length 128 are mutually different with probability 1 - 2^-34 (DRG.4.7) Statistical test suites cannot practically distinguish the random numbers from output sequences of an ideal RNG. The random numbers must pass test procedure A and NIST SP 800-22 test suite. nShield5s HSM Security Target 33 of 72 Hierarchical to: No other components. Dependencies: No dependencies. FIA_UID.1.1 The TSF shall allow (1) Self test according to FPT_TST_EXT.1 (2) none on behalf of the user to be performed before the user is identified. FIA_UID.1.2 The TSF shall require each user to be successfully identified before allowing any other TSF-mediated actions on behalf of that user. Hierarchical to: No other components. Dependencies: FIA_UID.1 Timing of identification. FIA_UAU.1.1 The TSF shall allow (1) Self-test according to FPT_TST_EXT.1, (2) Identification of the user by means of TSF required by FIA_UID.1 (3) none on behalf of the user to be performed before the user is authenticated. FIA_UAU.1.2 The TSF shall require each user to be successfully authenticated before allowing any other TSF-mediated actions on behalf of that user. Hierarchical to: No other components Dependencies: No dependencies. FIA_UAU.6.1/KeyAuth_Token The TSF shall authorise and re-authorise the user for access to a secret key under the conditions 34 of 72 nShield5s HSM Security Target (1) Authorisation in order to be granted initial access to the key; and (2) Re-authorisation of token protected secret keys under the following conditions: • after expiry of the time period (as specified in the secret key’s attributes) for which the secret key was last authorised; • after the number of uses of the secret key (as specified in the secret key’s attributes) for which the secret key was last authorised has already been made; • after explicit rescinding of previous authorisation for access to the secret key. Hierarchical to: No other components Dependencies: No dependencies. FIA_UAU.6.1/KeyAuth_CertifierKey The TSF shall authorise and re-authorise the user for access to a secret key under the conditions (1) Authorisation in order to be granted initial access to the key; and (2) Re-authorisation of secret key protected by a certifier key under the following conditions: • after explicit rescinding of previous authorisation for access to the secret key. Hierarchical to: No other components. Dependencies: FIA_UAU.1 Timing of authentication. FIA_AFL.1.1 The TSF shall detect when one unsuccessful authentication or authorisation attempts occur related to consecutive failed authentication or authorisation attempts FIA_AFL.1.2 When the defined number of unsuccessful authentication or authorisation attempts has been met, the TSF shall block access to command processing until a time period of 4s has elapsed. nShield5s HSM Security Target 35 of 72 Hierarchical to: No other components Dependencies: FDP_IFF.1 Simple security attributes FDP_IFC.1.1/KeyBasics The TSF shall enforce the Key Basics SFP on (1) subjects: all; (2) information: keys; (3) operations: all. Hierarchical to: No other components Dependencies: FDP_IFC.1 Subset information flow control FMT_MSA.3 Static attribute initialisation FDP_IFF.1.1/KeyBasics The TSF shall enforce the Key Basics SFP based on the following types of subject and information security attributes: (1) whether a key is a secret or a public key (2) whether a secret key is an Assigned Key (3) whether channels selected to export keys are secure (4) the value of the Export Flag of a key. FDP_IFF.1.2/KeyBasics The TSF shall permit an information flow between a controlled subject and controlled information via a controlled operation if the following rules hold: (1) Export of secret keys shall only be allowed provided that the secret key is not an Assigned Key, that the secret key is encrypted, and that a secure channel (providing authentication and integrity protection) is used for the export; (2) Public keys shall always be exported with integrity protection of their key value and attributes; (3) Keys shall only be imported over a secure channel (providing authentication and integrity protection); (4) A secret key can only be imported if it is a non-Assigned key; (5) Secret keys shall only be imported in encrypted formor using split- knowledge procedures requiring at least two key components to reconstruct the key, with key components supplied by at least two separately authenticated users. FDP_IFF.1.3/KeyBasics The TSF shall enforce the following additional information flow control rules: none. 36 of 72 nShield5s HSM Security Target FDP_IFF.1.4/KeyBasics The TSF shall explicitly authorise an information flow based on the following rules: none. FDP_IFF.1.5/KeyBasics The TSF shall explicitly deny an information flow based on the following rules: (1) No subject shall be allowed to access the plaintext value of any secret key directly; (2) No subject shall be allowed to export a secret key in plaintext; (3) No subject shall be allowed to export an Assigned Key; (4) No subject shall be allowed to export a secret key without submitting the correct authorisation data for the key; (5) No subject shall be allowed to access intermediate values in any operation that uses a secret key; (6) A key with an Export Flag value marking it as non-exportable shall not be exported. Hierarchical to: No other components Dependencies: FDP_ACF.1 Security attribute based access control FDP_ACC.1.1/KeyUsage The TSF shall enforce the Key Usage SFP on (1) subjects: all; (2) objects: keys; (3) operations: all. Hierarchical to: No other components Dependencies: FDP_ACC.1 Subset access control FMT_MSA.3 Static attribute initialisation FDP_ACF.1.1/KeyUsage The TSF shall enforce the Key Usage SFP to objects based on the following: (1) whether the subject is currently authorised to use the secret key; (2) whether the subject is currently authorised to change the attributes of the secret key; (3) the cryptographic function that is attempting to use the secret key. nShield5s HSM Security Target 37 of 72 FDP_ACF.1.2/KeyUsage The TSF shall enforce the following rules to determine if an operation among controlled subjects and controlled objects is allowed: (1) Attributes of a key shall only be changed by an authorised subject, and only as permitted in the Key Attributes Modification Table (2) Only subjects with current authorisation for a specific secret key shall be allowed to carry out operations using the plaintext value of that key (3) Only cryptographic functions permitted by the secret key’s Key Usage attribute shall be carried out using the secret key. FDP_ACF.1.3/KeyUsage The TSF shall explicitly authorise access of subjects to objects based on the following additional rules: none. FDP_ACF.1.4/KeyUsage The TSF shall explicitly deny access of subjects to objects based on the following additional rules: none. Hierarchical to: No other components Dependencies: FDP_ACF.1 Security attribute based access control FDP_ACC.1.1/Backup The TSF shall enforce the Backup SFP on (1) subjects: all; (2) objects: keys; (3) operations: backup, restore. Hierarchical to: No other components Dependencies: FDP_ACC.1 Subset access control FMT_MSA.3 Static attribute initialisation FDP_ACF.1.1/Backup The TSF shall enforce the Backup SFP to objects based on the following: (1) whether the subject is an administrator FDP_ACF.1.2/Backup The TSF shall enforce the following rules to determine if an operation among controlled subjects and controlled objects is allowed: (1) Only authorised administrators shall be able to perform any backup operation provided by the TSF to create backups of the TSF state or to restore the TSF state from a backup (2) Any restore of the TSF shall only be possible under at least dual person control, with each person being an administrator (3) Any backup and restore shall preserve the confidentiality and integrity of the secret keys, and the integrity of public keys 38 of 72 nShield5s HSM Security Target (4) Any backup and restore operations shall preserve the integrity of the key attributes, and the binding of each set of attributes to its key. FDP_ACF.1.3/Backup The TSF shall explicitly authorise access of subjects to objects based on the following additional rules: none. FDP_ACF.1.4/Backup The TSF shall explicitly deny access of subjects to objects based on the following additional rules: none. Hierarchical to: FDP_SDI.1 Stored data integrity monitoring. Dependencies: No dependencies. FDP_SDI.2.1 The TSF shall monitor user data stored in containers controlled by the TSF for integrity errors on all keys (including security attributes), based on the following attributes: integrity protection data. FDP_SDI.2.2 Upon detection of a data integrity error, the TSF shall (1) prohibit the use of the altered data; (2) notify the error to the user. Hierarchical to: No other components. Dependencies: No dependencies. FDP_RIP.1.1 The TSF shall ensure that any previous information content of a resource is made unavailable upon the deallocation of the resource from the following objects: • authorisation data; • secret keys. Hierarchical to: No other components. Dependencies: No dependencies. FTP_TRP.1.1/Local The TSF shall provide a communication path between itself and local client applications that is logically distinct from other communication paths and nShield5s HSM Security Target 39 of 72 provides assured authentication of its end points and protection of the communicated data from modification and disclosure. FTP_TRP.1.2/Local The TSF shall permit Local and Local Embedded CodeSafe client applications to initiate communication via the trusted path. FTP_TRP.1.3/Local The TSF shall require the use of the trusted path for accessing services offered by the TSF. Hierarchical to: No other components Dependencies: No dependencies. FPT_STM.1.1 The TSF shall be able to provide reliable time stamps. 40 of 72 nShield5s HSM Security Target Hierarchical to: No other components Dependencies: No dependencies. FPT_TST_EXT.1.1 The TSF shall run a suite of the following self-tests during initial start-up (or power-on) and periodically during normal operation to demonstrate the correct operation of the TSF: • At initial start-up (or power-on): o Software/firmware integrity test o Cryptographic algorithm tests o Random number generator tests • Periodically during normal operation: o SP 800-90B health tests o AIS 31 online test procedure Hierarchical to: No other components Dependencies: No dependencies. FPT_PHP.1.1 The TSF shall provide unambiguous detection of physical tampering that might compromise the TSF. FPT_PHP.1.2 The TSF shall provide the capability to determine whether physical tampering with the TSF’s devices or TSF’s elements has occurred. nShield5s HSM Security Target 41 of 72 Hierarchical to: No other components Dependencies: No dependencies. FPT_PHP.3.1 The TSF shall resist physical penetration attempts to the hard opaque potted enclosure by responding automatically such that the SFRs are always enforced. Hierarchical to: No other components Dependencies: No dependencies. FPT_FLS.1.1 The TSF shall preserve a secure state when the following types of failures occur: (1) Self-test according to FPT_TST_EXT.1 fails; (2) Environmental conditions are outside normal operating range (including temperature and power); (3) Failures of critical TOE hardware components (including the RNG) occurs; (4) Corruption of TOE software occurs; (5) none Hierarchical to: No other components. 42 of 72 nShield5s HSM Security Target Dependencies: FIA_UID.1 Timing of identification. FMT_SMR.1.1 The TSF shall maintain the roles Administrator (i.e. Platform Crypto Officer (PCO), nShield Security Officer (NSO)), Local Client Application, Key User, none. FMT_SMR.1.2 The TSF shall be able to associate users with roles. • • Hierarchical to: No other components. Dependencies: No dependencies. FMT_SMF.1.1 The TSF shall be capable of performing the following management functions: (1) Modifying attributes of keys; (2) Export and deletion of the audit data, which can take place only under the control of the Administrator role; (3) backup and restore functions; (4) key import function; (5) key export function. (6) Get platform information (Setup Service) (7) Factory reset (Setup factorystate) (8) ssh secure channel administration (SSHAdmin service) (9) Software update (Updater Service) (10) CodeSafe Application loading and signature verification (Launcher Service) Hierarchical to: No other components. Dependencies: FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Functions nShield5s HSM Security Target 43 of 72 FMT_MTD.1.1/Unblock The TSF shall restrict the ability to unblock the none to none. Hierarchical to: No other components. Dependencies: FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Functions FMT_MTD.1.1/AuditLog The TSF shall restrict the ability to control export and deletion of the audit log records to the Administrator role. Hierarchical to: No other components. Dependencies: [FDP_ACC.1 Subset access control, or FDP_IFC.1 Subset information flow control] FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Functions FMT_MSA.1.1/GenKeys The TSF shall enforce the Key Usage SFP to restrict the ability to modify the security attributes specified in the Key Attributes Modification Table to subjects, objects, and operations among subjects and General Keys as specified in the Key Attributes Modification Table. Hierarchical to: No other components. Dependencies: [FDP_ACC.1 Subset access control, or FDP_IFC.1 Subset information flow control] FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Functions FMT_MSA.1.1/AKeys The TSF shall enforce the Key Usage SFP to restrict the ability to modify the security attributes specified in the Key Attributes Modification Table to subjects, objects, and operations among subjects and Assigned Keys as specified in the Key Attributes Modification Table. Key Attribute (MSA.1) Assigned Key General Key Key ID Cannot be modified Cannot be modified 44 of 72 nShield5s HSM Security Target Key Attribute (MSA.1) Assigned Key General Key Key type Cannot be modified Cannot be modified Authorisation data For Token protected keys: Modified only when modification operation includes successful validation of current (pre- modification) authorisation data. For Certifier protected keys: cannot be modified. Modified only when modification operation includes successful validation of current (pre-modification) authorisation data, or by an Administrator Re- authorisation conditions Cannot be modified - Key usage Cannot be modified - Export flag Cannot be modified - Assigned flag Cannot be modified Can be modified only by Administrator, and only to change from non-assigned to assigned Cannot be modified Integrity protection data Cannot be modified by users (maintained automatically by TSF) Cannot be modified by users (maintained automatically by TSF) Hierarchical to: No other components. Dependencies: FMT_MSA.1 Management of security attributes FMT_SMR.1 Security roles FMT_MSA.3.1/Keys The TSF shall enforce the Key Usage SFP to provide restrictive default values for security attributes that are used to enforce the SFP. FMT_MSA.3.2/Keys The TSF shall allow the authorised identified roles, according to the constraints in the Key Attributes Initialisation Table to specify alternative initial values to override the default values when an object or information is created. nShield5s HSM Security Target 45 of 72 Key Attribute (MSA.1) Assigned Key General Key Key ID Initialised by generation process Initialised by generation process Key type Initialised by generation process Initialised by generation process Authorisation data Initialised by creator during generation Initialised by creator during generation Re-authorisation conditions Initialised by Administrator during generation - Key usage Initialised by creator during generation - Export flag False (i.e. no export allowed) - Assigned flag Initialised by generation process Non-assigned Integrity protection data Initialised automatically by TSF Initialised automatically by TSF Hierarchical to: No other components. Dependencies: FPT_STM.1 Reliable time stamps FAU_GEN.1.1 The TSF shall be able to generate an audit record of the following auditable events: a) Start-up and shutdown of the audit functions; b) All auditable events for the not specified level of audit; and c) Startup of the TOE; d) Shutdown of the TOE; e) Cryptographic key generation (FCS_CKM.1); f) Cryptographic key destruction (FCS_CKM.4); g) Failure of the random number generator (FCS_RNG.1); h) Authentication and authorisation failure handling (FIA_AFL.1): all unsuccessful authentication or authorisation attempts,the reaching of the threshold for the unsuccessful authentication or authorisation attempts and the blocking actions taken; i) All attempts to import or export keys (FDP_IFF.1/KeyBasics); j) All modifications to attributes of keys (FDP_ACF.1/KeyUsage, FMT_MSA.1/GenKeys and FMT_MSA.1/AKeys); 46 of 72 nShield5s HSM Security Target k) Backup and restore (FDP_ACF.1/Backup): use of any backup function, use of any restore function, unsuccessful restore because of detection of modification of the backup data; l) Integrity errors detected for keys (FDP_SDI.2); m) Failures to establish secure channels (FTP_TRP.1/Local); n) Self-test completion (FPT_TST_EXT.1); o) Failures detected by the TOE (FPT_FLS.1); p) All administrative actions (FMT_SMF.1, FMT_MSA.1 (all iterations), FMT_MSA.3/Keys); q) Unblocking of access (FMT_MTD.1/Unblock); r) Modifications to audit parameters (affecting the content of the audit log) (FAU_GEN.1); s) None FAU_GEN.1.2 The TSF shall record within each audit record at least the following information: a) Date and time of the event, type of event, subject identity (if applicable), and the outcome (success or failure) of the event; and b) For each audit event type, based on the auditable event definitions of the functional components included in the PP/ST: none. Hierarchical to: No other components. Dependencies: FAU_GEN.1 Audit data generation FIA_UID.1 Timing of identification FAU_GEN.2.1 For audit events resulting from actions of identified users, the TSF shall be able to associate each auditable event with the identity of the user that caused the event. Hierarchical to: FAU_STG.1 Protected audit trail storage Dependencies: FAU_GEN.1 Audit data generation FAU_STG.2.1 The TSF shall protect the stored audit records in the audit trail from unauthorised deletion. FAU_STG.2.2 The TSF shall be able to detect unauthorised modifications to the stored audit records in the audit trail. nShield5s HSM Security Target 47 of 72 FAU_STG.2.3 The TSF shall ensure that all stored audit records will be maintained when the following conditions occur: audit storage exhaustion. 48 of 72 nShield5s HSM Security Target • • • • • nShield5s HSM Security Target 49 of 72 • • o o • • 50 of 72 nShield5s HSM Security Target • • o o • • nShield5s HSM Security Target 51 of 72 • • • • • • • • • • 52 of 72 nShield5s HSM Security Target • • • • • • • • • ecdh-sha2-nistp256 • aes128-gcm Audit Authorisation Key management Physical protection Self tests Secure channel Cryptographic functions Random number generation FAU_GEN.1 X FAU_GEN.2 X FAU_STG.2 X FCS_CKM.1 X nShield5s HSM Security Target 53 of 72 Audit Authorisation Key management Physical protection Self tests Secure channel Cryptographic functions Random number generation FCS_CKM.4 X FCS_COP.1 X FCS_RNG.1/PTRNG X X FCS_RNG.1/DRBG X X FIA_UID.1 X FIA_UAU.1 X FIA_UAU.6/KeyAuth_Token X FIA_AFL.1 X FIA_UAU.6/KeyAuth_CertifierKey X FDP_IFC.1/KeyBasics X FDP_IFF.1/KeyBasics X FDP_ACC.1/KeyUsage X X FDP_ACF.1/KeyUsage X X FDP_ACC.1/Backup X FDP_ACF.1/Backup X FDP_SDI.2 X FDP_RIP.1 X FMT_SMR.1 X FMT_SMF.1 X X FMT_MTD.1/Unblock (n/a) FMT_MTD.1/AuditLog X FMT_MSA.1/GenKeys X FMT_MSA.1/AKeys X FMT_MSA.3/Keys X 54 of 72 nShield5s HSM Security Target Audit Authorisation Key management Physical protection Self tests Secure channel Cryptographic functions Random number generation FPT_STM.1 X FPT_TST_EXT.1 X FPT_PHP.1 X FPT_PHP.3 X FPT_FLS.1 X FTP_TRP.1/Local X X FTP_TRP.1/External X X nShield5s HSM Security Target 55 of 72 OT.PlainKeyConf OT.Algorithms OT.KeyIntegrity OT.Auth OT.KeyUseConstrai nt OT.KeyUseScope OT.DataConf OT.DataMod OT.ImportExport OT.Backup OT.RNG OT.TamperDetect OT.FailureDetect OT.Audit OE.ExternalData OE.Env OE.DataContext OE.AppSupport OE.Uauth OE.AuditSupport T.KeyDisclose X X X X X X X X T.KeyDerive X X T.KeyMod X X X X T.KeyMisuse X X T.KeyOveruse X T.DataDisclose X X X T.DataMod X X X 56 of 72 nShield5s HSM Security Target OT.PlainKeyConf OT.Algorithms OT.KeyIntegrity OT.Auth OT.KeyUseConstrai nt OT.KeyUseScope OT.DataConf OT.DataMod OT.ImportExport OT.Backup OT.RNG OT.TamperDetect OT.FailureDetect OT.Audit OE.ExternalData OE.Env OE.DataContext OE.AppSupport OE.Uauth OE.AuditSupport T.Malfunction X P.Algorithms X P.KeyControl X X X X X X X P.RNG X P.Audit X A.ExternalData X A.Env X A.DataContext X A.AppSupport X A.UAuth X A.AuditSupport X nShield5s HSM Security Target 57 of 72 58 of 72 nShield5s HSM Security Target • • • • nShield5s HSM Security Target 59 of 72 OT.PlainKeyConf OT.Algorithms OT.KeyIntegrity OT.Auth OT.KeyUseConstraint OT.KeyUseScope OT.DataConf OT.DataMod OT.ImportExport OT.Backup OT.RNG OT.TamperDetect OT.FailureDetect OT.Audit FCS_CKM.1 X FCS_CKM.4 X FCS_COP.1 X FCS_RNG.1/PTRNG X FCS_RNG.1/DRBG X FIA_UID.1 X FIA_UAU.1 X FIA_AFL.1 X FIA_UAU.6/KeyAuth_Token X X FIA_UAU.6/KeyAuth_CertifierKey X X 60 of 72 nShield5s HSM Security Target OT.PlainKeyConf OT.Algorithms OT.KeyIntegrity OT.Auth OT.KeyUseConstraint OT.KeyUseScope OT.DataConf OT.DataMod OT.ImportExport OT.Backup OT.RNG OT.TamperDetect OT.FailureDetect OT.Audit FDP_IFC.1/KeyBasics X X X FDP_IFF.1/KeyBasics X X X X FDP_ACC.1/KeyUsage X X FDP_ACF.1/KeyUsage X X FDP_ACC.1/Backup X FDP_ACF.1/Backup X FDP_SDI.2 X FDP_RIP.1 X X FTP_TRP.1/Local X X X X X FTP_TRP.1/External X X X X X FPT_STM.1 X FPT_TST_EXT.1 X FPT_PHP.1 X FPT_PHP.3 X nShield5s HSM Security Target 61 of 72 OT.PlainKeyConf OT.Algorithms OT.KeyIntegrity OT.Auth OT.KeyUseConstraint OT.KeyUseScope OT.DataConf OT.DataMod OT.ImportExport OT.Backup OT.RNG OT.TamperDetect OT.FailureDetect OT.Audit FPT_FLS.1 X FMT_SMR.1 X X FMT_SMF.1 X X FMT_MTD.1/Unblock X FMT_MTD.1/AuditLog X FMT_MSA.1/GenKeys X FMT_MSA.1/AKeys X FMT_MSA.3/Keys X FAU_GEN.1 X FAU_GEN.2 X FAU_STG.2 X 62 of 72 nShield5s HSM Security Target nShield5s HSM Security Target 63 of 72 Requirement Dependencies Fulfilled by FCS_CKM.1 [FCS_CKM.2 or FCS_COP.1] FCS_CKM.4 FCS_COP.1 FCS_CKM.4 FCS_CKM.4 [FDP_ITC.1 or FDP_ITC.2 or FCS_CKM.1] FCS_CKM.1 See also note below on key attributes during import or export. FCS_COP.1 [FDP_ITC.1 or FDP_ITC.2 or FCS_CKM.1] FCS_CKM.4 FCS_CKM.1 FCS_CKM.4 See also note below on key attributes during import or export. FCS_RNG.1/PTRNG No dependencies -- 64 of 72 nShield5s HSM Security Target Requirement Dependencies Fulfilled by FCS_RNG.1/DRBG FIA_UID.1 No dependencies -- FIA_UAU.1 FIA_UID.1 FIA_UID.1 FIA_AFL.1 FIA_UAU.1 FIA_UAU.1 FIA_UAU.6/KeyAuth_Token FIA_UAU.6/KeyAuth_Certifier No dependencies -- FDP_IFC.1/KeyBasics FDP_IFF.1 FDP_IFF.1/KeyBasics FDP_IFF.1/KeyBasics FDP_IFC.1 FMT_MSA.3 FDP_IFC.1/KeyBasics FMT_MSA.3/Keys FDP_ACC.1/KeyUsage FDP_ACF.1 FDP_ACF.1/KeyUsage FDP_ACF.1/KeyUsage FDP_ACC.1 FMT_MSA.3 FDP_ACC.1/KeyUsage FMT_MSA.3/Keys FDP_ACC.1/Backup FDP_ACF.1 FDP_ACF.1/Backup FDP_ACF.1/Backup FDP_ACC.1 FMT_MSA.3 FDP_ACC.1/Backup The dependency on FMT_MSA.3 is not relevant in this case since the attribute used in FDP_ACF.1/Backup is determined by the ability of the user to authenticate as an administrator according to FIA_UAU.1. FDP_SDI.2 No dependencies -- FDP_RIP.1 No dependencies -- nShield5s HSM Security Target 65 of 72 Requirement Dependencies Fulfilled by FTP_TRP.1/Local No dependencies -- FTP_TRP.1/External No dependencies -- FPT_STM.1 No dependencies -- FPT_TST_EXT.1 No dependencies -- FPT_PHP.1 No dependencies -- FPT_PHP.3 No dependencies -- FPT_FLS.1 No dependencies -- FMT_SMR.1 FIA_UID.1 FIA_UID.1 FMT_SMF.1 No dependencies -- FMT_MTD.1/Unblock FMT_SMR.1 FMT_SMF.1 FMT_SMR.1 FMT_SMF.1 FMT_MTD.1/AuditLog FMT_SMR.1 FMT_SMF.1 FMT_SMR.1 FMT_SMF.1 FMT_MSA.1/GenKeys [FDP_ACC.1 or FDP_IFC.1] FMT_SMR.1 FMT_SMF.1 FDP_ACC.1/KeyUsage FDP_IFC.1/KeyBasics FMT_SMR.1 FMT_SMF.1 FMT_MSA.1/AKeys [FDP_ACC.1 or FDP_IFC.1] FDP_ACC.1/KeyUsage 66 of 72 nShield5s HSM Security Target Requirement Dependencies Fulfilled by FMT_SMR.1 FMT_SMF.1 FDP_IFC.1/KeyBasics FMT_SMR.1 FMT_SMF.1 FMT_MSA.3/Keys FMT_MSA.1 FMT_SMR.1 FMT_MSA.1/GenKeys, FMT_MSA.1/AKeys FMT_SMR.1 FAU_GEN.1 FPT_STM.1 FPT_STM.1 FAU_GEN.2 FAU_GEN.1 FIA_UID.1 FAU_GEN.1 FIA_UID.1 FAU_STG.2 FAU_GEN.1 FAU_GEN.1 • • nShield5s HSM Security Target 67 of 72 68 of 72 nShield5s HSM Security Target [CC1] Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and general model, Version 3.1 Revision 5, April 2017, CCMB-2017-04-001 [CC2] Common Criteria for Information Technology Security Evaluation, Part 2: Security functional requirements, Version 3.1 Revision 5, April 2017, CCMB-2017-04-002 [CC3] Common Criteria for Information Technology Security Evaluation, Part 3: Security assurance requirements, Version 3.1 Revision 5, April 2017, CCMB-2017-04-003 [AIS 31] A proposal for: Functionality classes for random number generators, Version 2.0, 18 September 2011 [ISO 19790] ISO/IEC 19790:2012 Information technology – Security techniques – Security requirements for cryptographic modules [SP 800-90A] NIST Special Publication 800-90A Rev. 1, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, June 2015 [CEN EN 419221-5] CEN, EN 419221-5:2018, Protection Profiles for TSP Cryptographic Modules - Part 5, Cryptographic Module for Trust Services, Version 1.0 [TUAK] ETSI TS 135 231 [Milenage] ETSI TS 135 206 [FIPS 186-4] Digital Signature Standard (DSS), July 2013 [FIPS 197] Advanced Encryption Standard (AES), November 2001 [SP 800-38A] Recommendation for Block Cipher Modes of Operation: Methods and Techniques, December 2001 [SP 800-38B] Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication, May 2005 (Updated 10/6/2016) [SP 800-38C] Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality, May 2004 (Updated 7/20/2007) nShield5s HSM Security Target 69 of 72 [SP 800-38D] Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC, November 2007 [SP 800-67] Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, Rev. 1, January 2012 [FIPS 180-4] Secure Hash Standard (SHS), August 2015 [FIPS 198-1] The Keyed-Hash Message Authentication Code (HMAC), July 2008 [SP 800-56A] Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, Rev. 2, May 2013 [SP 800-38F] Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping, December 2012 [SP 800-108] Recommendation for Key Derivation Using Pseudorandom Functions (Revised), October 2009 [PKCS#1] RFC 8017 PKCS #1 v2.2 [FIPS 140-3] Security Requirements for Cryptographic Modules, March 22nd, 2019 70 of 72 nShield5s HSM Security Target Term Definition ACS Administrator Card Set - a set of smart cards used to control access to Administration functions. OCS Operator Card Set – a set of smart cards used to control access to keys. Softcard A logical token that is protected by a passphrase. Hardserver The nShield server software running on the nShield Connect XC or host server/PC in which the TOE is installed. It performs the following functions: • Command and reply translation between the clients and the HSM, • Forward log entries to a Syslog server for persistent storage. Impath Inter-module path. An nCipher proprietary secure protocol between two Hardserver instances. Key blob Key blobs (also known as Application Key Tokens) provide a mechanism for securely storing a key and ACL on insecure media. They provide both confidentiality and integrity. Key blobs can be stored externally of the TOE or internally in non-volatile memory. Logical token A logical token is a symmetric key used exclusively for the purpose of protecting other keys. They can be split into Shares using a quorum system based on Shamir's Secret Sharing algorithm which allows reassembly of a logical token using any k of a total of n shares (these values being chosen when the logical token is created). Each Share is stored encrypted on a smartcard or softcard, protected with a passphrase. Token protected key A key stored in a Key blob which is protected by a Logical Token and the TOE's Module key. The Logical Token needs to be loaded from a Softcard or an OCS quorum to unlock the use of this key. Certifier key A key that is required to unlock the use of a Certifier protected key. Certifier protected key A key stored in a Key blob which is protected by the TOE's Module key. The ACL of the key requires a Certifier key to be loaded in the TOE to unlock the use of this key. nShield5s HSM Security Target 71 of 72 Term Definition ACL Access Control List. An ordered list of permission groups, which consists of one or more actions, and optionally restrictions. Module key Symmetric key stored inside the TOE which is used for Key Blob protection. CodeSafe application An embedded application running in the protected environment of the HSM. The CodeSafe application is sandboxed and does not have access to key material loaded into the HSM except through the same APIs, satisfying the same access controls, as applications that call the HSM from the host side. NFKM A Security World API that can be used manage keys, cardsets and softcards qSCD Qualified Signature (or Seal) Creation Device TVD Trusted Verification Device, a card reader for secure remote presentation of smartcards to the HSM.