STARCOS 3.5 ID GCC C3

CSV information ?

Status archived
Valid from 16.12.2016
Valid until 16.12.2021
Scheme 🇩🇪 DE
Manufacturer G+D Mobile Security GmbH
Category ICs, Smart Cards and Smart Card-Related Devices and Systems
Security level AVA_VAN.5, ALC_DVS.2, EAL4+, ATE_DPT.2
Protection profiles
Maintenance updates STARCOS 3.5 ID GCC C3 (23.02.2018) Certification report

Heuristics summary ?

Certificate ID: BSI-DSZ-CC-0952-V2-2016

Certificate ?

Certification report ?

Extracted keywords

Symmetric Algorithms
AES
Asymmetric Algorithms
ECC
Hash functions
SHA-2
Protocols
PACE
Randomness
RNG
Libraries
v1.02.013

Operating System name
STARCOS 3
Vendor
Infineon Technologies, Infineon, Giesecke & Devrient, G&D

Security level
EAL 4, EAL 5, EAL 1, EAL 2, EAL 5+, EAL 6, EAL 3, EAL 7, EAL 4 augmented, ITSEC Evaluation
Security Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.1, ADV_FSP.2, ADV_FSP.3, ADV_FSP.4, ADV_FSP.5, ADV_FSP.6, ADV_IMP.1, ADV_IMP.2, ADV_INT.1, ADV_INT.2, ADV_INT.3, ADV_SPM.1, ADV_TDS.1, ADV_TDS.2, ADV_TDS.3, ADV_TDS.4, ADV_TDS.5, ADV_TDS.6, ADV_ARC, ADV_FSP, ADV_IMP, ADV_INT, ADV_SPM, ADV_TDS, AGD_OPE.1, AGD_PRE.1, AGD_OPE, AGD_PRE, ALC_DVS.2, ALC_FLR, ALC_CMC.1, ALC_CMC.2, ALC_CMC.3, ALC_CMC.4, ALC_CMC.5, ALC_CMS.1, ALC_CMS.2, ALC_CMS.3, ALC_CMS.4, ALC_CMS.5, ALC_DEL.1, ALC_DVS.1, ALC_FLR.1, ALC_FLR.2, ALC_FLR.3, ALC_LCD.1, ALC_LCD.2, ALC_TAT.1, ALC_TAT.2, ALC_TAT.3, ALC_CMC, ALC_CMS, ALC_DEL, ALC_DVS, ALC_TAT, ATE_DPT.2, ATE_COV.1, ATE_COV.2, ATE_COV.3, ATE_DPT.1, ATE_DPT.3, ATE_DPT.4, ATE_FUN.1, ATE_FUN.2, ATE_IND.1, ATE_IND.2, ATE_IND.3, ATE_COV, ATE_DPT, ATE_FUN, ATE_IND, AVA_VAN.5, AVA_VAN.1, AVA_VAN.2, AVA_VAN.3, AVA_VAN.4, AVA_VAN, APE_INT.1, APE_CCL.1, APE_SPD.1, APE_OBJ.1, APE_OBJ.2, APE_ECD.1, APE_REQ.1, APE_REQ.2, ASE_INT.1, ASE_CCL.1, ASE_SPD.1, ASE_OBJ.1, ASE_OBJ.2, ASE_ECD.1, ASE_REQ.1, ASE_REQ.2, ASE_TSS.1, ASE_TSS.2, ASE_CCL, ASE_ECD, ASE_INT, ASE_OBJ, ASE_SPD, ASE_TSS
Protection profiles
BSI-CC-PP-0061-2009, BSI-CC-PP-0059-2009-MA-02
Certificates
BSI-DSZ-CC-0952-V2-2016, BSI-DSZ-CC-0952-2014, BSI-DSZ-CC-0829-V2-2015, BSI-DSZ-CC-0829-V2-2015-MA-01, BSI-DSZ-CC-S-0070-2016, BSI-DSZ-CC-S-0057-2015, BSI-DSZ-CC-S-0062-2016, BSI-DSZ-CC-S-0053-2016
Evaluation facilities
TĂśV Informationstechnik, SRC Security Research & Consulting

Side-channel analysis
side channel, physical tampering, fault injection, Fault Injection, JIL
Certification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Version 1.10, 06.12.2016, STARCOS 3.5 ID GCC C3 Security Target, Giesecke & Devrient GmbH (confidential document) [7] Common Criteria Protection Profile Electronic Identity Card (ID_Card PP), Version 1.03, 15, Evaluation Technical Report (ETR) STARCOS 3.5 ID GCC C3, SRC Security Research & Consulting GmbH (confidential document) 10 specifically • AIS 20, Version 3, Funktionalitätsklassen und Evaluationsmethodologie für, M7820 A11, Version 5, 16.07.2015, TÜV Informationstechnik GmbH, Evaluation Body for IT Security (confidential document) [11] STARCOS 3.5 ID GCC C2 Configuration 1, Application Specification, Version 1.0, 14.03.2013, Version 1.2, 06.12.2016, Konfigurationsliste von STARCOS 3.5 ID GCC C3, Giesecke & Devrient GmbH (confidential document) [30] BSI-CC-PP-0059-2009-MA-02, Common Criteria Protection Profile: EN 419211-2:2013 - Protection

Standards
AIS 34, AIS 36, AIS 25, AIS 26, AIS 31, AIS 35, AIS 20, AIS 32, AIS 38, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, ICAO
Technical reports
BSI 7148, BSI 22

File metadata

Title Certification Report BSI-DSZ-CC-0952-V2-2016
Subject Common Criteria Certification
Keywords "Common Criteria, Certification, Zertifizierung, Giesecke & Devrient GmbH, G&D, StarCOS, nPA, Personalausweis"
Author Bundesamt fĂĽr Sicherheit in der Informationstechnik
Creation date D:20161230094202+01'00'
Modification date D:20161230111155+01'00'
Pages 36
Creator Writer
Producer LibreOffice 4.2

Frontpage

Certificate ID BSI-DSZ-CC-0952-V2-2016
Certified item STARCOS 3.5 ID GCC C3
Certification lab BSI
Developer Giesecke & Devrient GmbH

References

Outgoing
  • BSI-DSZ-CC-0952-2014 - archived - STARCOS 3.5 ID GCC C2R
  • BSI-DSZ-CC-0829-V2-2015 - archived - Infineon smart card IC (Security Controller) M7820 A11 with optional RSA2048/4096 v1.02.013, EC v1.02.013, SHA-2 v1.01 and Toolbox v1.02.013 libraries and with specific IC dedicated software

Security target ?

Extracted keywords

Symmetric Algorithms
AES, DES, Triple-DES, KMAC, CMAC
Asymmetric Algorithms
ECDH, ECDSA, ECC, Diffie-Hellman, DH, DSA
Hash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-2
Schemes
MAC, Key Agreement
Protocols
PACE
Randomness
TRNG, RNG, RND
Libraries
v1.02.013
Block cipher modes
CBC

Operating System name
STARCOS 3
Vendor
Infineon, Infineon Technologies AG, Giesecke & Devrient

Security level
EAL5+, EAL4, EAL 4, EAL 5, EAL4 augmented
Claims
O.RND, O.MEM_ACCESS, T.RND, A.CGA, A.SCA, OE.CGA_SSCD, OE.CGA_TC_SVD, OE.HID_TC_VAD, OE.SCA_TC_DTBS, OE.HID_VAD
Security Assurance Requirements (SAR)
ADV_ARC.1, ADV_TDS.3, ADV_FSP.4, ADV_IMP.1, AGD_OPE.1, AGD_PRE.1, ALC_DVS.2, ALC_DVS.1, ATE_DPT.2, ATE_DPT.1, ATE_FUN.1, AVA_VAN.5, APE_ECD, ASE_ECD
Security Functional Requirements (SFR)
FAU_SAS, FAU_GEN, FAU_SAS.1, FAU_SAS.1.1, FCS_RND, FCS_RND.1, FCS_CKM.1, FCS_RND.1.1, FCS_COP, FCS_CKM, FCS_CKM.2, FCS_COP.1, FCS_CKM.4, FCS_RNG.1, FDP_ACF, FDP_RIP, FDP_SDI, FDP_ITC.1, FDP_ITC.2, FDP_RIP.1, FDP_ACC, FDP_ACF.1, FDP_ACC.1.1, FDP_ACC.1, FDP_SDI.1, FDP_IFC.1, FDP_SDI.2, FDP_ITT.1, FIA_API, FIA_SOS.2, FIA_API.1, FIA_API.1.1, FIA_UAU, FIA_UID, FIA_AFL, FIA_UIA, FIA_UAU.4, FIA_UAU.5, FIA_UAU.6, FIA_UAU.1, FIA_AFL.1, FIA_UID.1, FIA_UAU.4.1, FMT_LIM, FMT_LIM.1, FMT_LIM.2, FMT_LIM.1.1, FMT_LIM.2.1, FMT_SMR, FMT_MTD, FMT_MTD.3, FMT_MSA.3, FMT_MSA.1, FMT_SMF.1, FMT_SMR.1, FMT_SMF, FMT_MTD.1, FMT_MTD.1.1, FMT_MOF, FMT_MSA, FPT_TST.1, FPT_FLS.1, FPT_PHP.3, FPT_FLS, FPT_FLS.1.1, FPT_TST.1.3, FPT_PHP, FPT_TST, FPT_PHP.1, FPT_TST.2, FPT_ITT.1, FRU_FLT.2, FTP_ITC, FTP_ITC.1
Protection profiles
BSI-CC-PP-0061, BSI-PP-0056, BSI-CC-PP-0059-2009-MA-02, BSI-PP-0055, BSI-CC-PP- 0084-2014
Certificates
BSI-DSZ-CC-0829-V2-2015-MA-01

Side-channel analysis
Leak-Inherent, physical probing, DPA, SPA, timing attacks, Physical Tampering, Physical tampering, physical tampering, Malfunction, malfunction, fault injection, reverse engineering
Certification process
out of scope, to the plastic Identity Card is achieved by physical and organisational security measures being out of scope of the current ST. The TOE shall comprise at least a) the circuitry of the contactless chip incl

Standards
FIPS 180-2, FIPS 197, FIPS PUB 180-2, PKCS#3, AIS20, AIS 31, AIS 20, RFC3369, RFC 5639, ISO/IEC 7816-2, ISO/IEC 14443, ISO/IEC 7816-4, ICAO, CCMB-2009-07-001, CCMB-2009-07-002, CCMB-2009-07-003, CCMB-2009-07-004, CCMB-2012-09-001, CCMB-2012-09-002, CCMB-2012-09-003, CCMB-2012-09-004
Technical reports
BSI TR-03110

File metadata

Title Security Target Lite
Subject STARCOS 3.5 ID GCC C3
Keywords Common Criteria, Certification, Zertifizierung, Giesecke & Devrient GmbH, G&D, StarCOS, nPA, Personalausweis, eID, electronic identity, eGovernment, eIDAS, QES, qualified electronic signature, travel document, passport
Author eij
Creation date D:20161216094745+01'00'
Modification date D:20161216094745+01'00'
Pages 133
Creator Microsoft® Word 2010
Producer Microsoft® Word 2010

Heuristics ?

Certificate ID: BSI-DSZ-CC-0952-V2-2016

Extracted SARs

ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_INT.3, ADV_SPM.1, ADV_TDS.3, AGD_OPE.1, AGD_PRE.1, ALC_CMC.5, ALC_CMS.5, ALC_DEL.1, ALC_DVS.2, ALC_FLR.3, ALC_LCD.2, ALC_TAT.3, APE_CCL.1, APE_ECD.1, APE_INT.1, APE_OBJ.2, APE_REQ.2, APE_SPD.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.2, ATE_COV.3, ATE_DPT.2, ATE_FUN.1, ATE_IND.3, AVA_VAN.5

Certificate versions

Name Certificate ID
Previous
STARCOS 3.5 ID GCC C2R BSI-DSZ-CC-0952-2014 Compare

References ?

Updates ?

  • 21.11.2024 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'prev_certificates': ['BSI-DSZ-CC-0952-2014'], 'next_certificates': []}.
  • 17.10.2024 The certificate data changed.
    Certificate changed

    The Protection Profiles of the certificate were updated.

    • The new value is {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Electronic Identity Card (ID_Card PP), Version 1.03', 'pp_eal': 'EAL4+', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/pp0061b_pdf.pdf', 'pp_ids': {'_type': 'Set', 'elements': ['PP_ID_CARD_V1.03']}}]}.
  • 22.08.2024 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The report property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '9481f0852e4440d1c67981cb6077ce505467d2369bfe6933db362cc0e070f3c0', 'txt_hash': 'b2968cd05c1f7edd754824059df661497ed39640d3e2e7ddb0c488ba7910b0ec'} data.
    • The st property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '8d976902a8c76c719b17d43ee133d4bdae8d4c073f056ca4b7b73dfa37d297de', 'txt_hash': 'd3d626e37d0370c0a14b7e17474b6aadc291c92f33816f5bc8ea6fa33357a037'} data.

    The PDF extraction data was updated.

    • The report_metadata property was set to {'pdf_file_size_bytes': 1122731, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 36, '/Author': 'Bundesamt fĂĽr Sicherheit in der Informationstechnik', '/CreationDate': "D:20161230094202+01'00'", '/Creator': 'Writer', '/Keywords': '"Common Criteria, Certification, Zertifizierung, Giesecke & Devrient GmbH, G&D, StarCOS, nPA, Personalausweis"', '/ModDate': "D:20161230111155+01'00'", '/Producer': 'LibreOffice 4.2', '/Subject': 'Common Criteria Certification', '/Title': 'Certification Report BSI-DSZ-CC-0952-V2-2016', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://www.bsi.bund.de/', 'http://www.sogisportal.eu/', 'https://www.bsi.bund.de/zertifizierung', 'http://www.beuth.de/', 'https://www.bsi.bund.de/zertifizierungsreporte', 'https://standards.cen.eu/', 'http://www.commoncriteriaportal.org/', 'https://www.bsi.bund.de/AIS']}}.
    • The st_metadata property was set to {'pdf_file_size_bytes': 2002351, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 133, '/Title': 'Security Target Lite', '/Author': 'eij', '/Subject': 'STARCOS 3.5 ID GCC C3', '/Keywords': 'Common Criteria, Certification, Zertifizierung, Giesecke & Devrient GmbH, G&D, StarCOS, nPA, Personalausweis, eID, electronic identity, eGovernment, eIDAS, QES, qualified electronic signature, travel document, passport', '/Creator': 'Microsoft® Word 2010', '/CreationDate': "D:20161216094745+01'00'", '/ModDate': "D:20161216094745+01'00'", '/Producer': 'Microsoft® Word 2010', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
    • The report_frontpage property was set to {'DE': {'match_rules': ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)'], 'cert_id': 'BSI-DSZ-CC-0952-V2-2016', 'cert_item': 'STARCOS 3.5 ID GCC C3', 'developer': 'Giesecke & Devrient GmbH', 'cert_lab': 'BSI', 'ref_protection_profiles': 'Common Criteria Protection Profile Electronic Identity Card (ID_Card PP), Version 1.03, 15 December 2009, BSI-CC-PP-0061-2009 (**) and in accordance with BSI Technische Richtlinie BSI-TR-03116-2, 2016', 'cc_version': 'PP conformant Common Criteria Part 2 extended', 'cc_security_level': 'Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2, ATE_DPT.2 and AVA_VAN.5 The IT Product identified in this certificate has been evaluated at an approved evaluation facility using the Common Methodology for IT Security Evaluation (CEM), Version 3.1 extended by Scheme Interpretations, by advice of the Certification Body for components beyond EAL 5 and CC Supporting Documents as listed in the Certification Report for conformance to the Common Criteria for IT Security Evaluation (CC), Version 3.1. CC and CEM are also published as ISO/IEC 15408 and ISO/IEC 18045. (*) This certificate applies only to the specific version and release of the product in its evaluated configuration and in conjunction with the complete Certification Report and Notification. For details on the validity see Certification Report part A chapter 4 (**'}}.
    • The report_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-0952-V2-2016': 21, 'BSI-DSZ-CC-0952-2014': 4, 'BSI-DSZ-CC-0829-V2-2015': 4, 'BSI-DSZ-CC-0829-V2-2015-MA-01': 1, 'BSI-DSZ-CC-S-0070-2016': 2, 'BSI-DSZ-CC-S-0057-2015': 2, 'BSI-DSZ-CC-S-0062-2016': 2, 'BSI-DSZ-CC-S-0053-2016': 2}}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0061-2009': 4, 'BSI-CC-PP-0059-2009-MA-02': 3}}, 'cc_security_level': {'EAL': {'EAL 4': 13, 'EAL 5': 8, 'EAL 1': 7, 'EAL 2': 4, 'EAL 5+': 1, 'EAL 6': 4, 'EAL 3': 4, 'EAL 7': 4, 'EAL 4 augmented': 3}, 'ITSEC': {'ITSEC Evaluation': 1}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 1, 'ADV_FSP.1': 1, 'ADV_FSP.2': 1, 'ADV_FSP.3': 1, 'ADV_FSP.4': 1, 'ADV_FSP.5': 1, 'ADV_FSP.6': 1, 'ADV_IMP.1': 1, 'ADV_IMP.2': 1, 'ADV_INT.1': 1, 'ADV_INT.2': 1, 'ADV_INT.3': 1, 'ADV_SPM.1': 1, 'ADV_TDS.1': 1, 'ADV_TDS.2': 1, 'ADV_TDS.3': 1, 'ADV_TDS.4': 1, 'ADV_TDS.5': 1, 'ADV_TDS.6': 1, 'ADV_ARC': 1, 'ADV_FSP': 1, 'ADV_IMP': 1, 'ADV_INT': 1, 'ADV_SPM': 1, 'ADV_TDS': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1, 'AGD_OPE': 1, 'AGD_PRE': 1}, 'ALC': {'ALC_DVS.2': 7, 'ALC_FLR': 3, 'ALC_CMC.1': 1, 'ALC_CMC.2': 1, 'ALC_CMC.3': 1, 'ALC_CMC.4': 2, 'ALC_CMC.5': 1, 'ALC_CMS.1': 1, 'ALC_CMS.2': 1, 'ALC_CMS.3': 1, 'ALC_CMS.4': 2, 'ALC_CMS.5': 1, 'ALC_DEL.1': 2, 'ALC_DVS.1': 1, 'ALC_FLR.1': 1, 'ALC_FLR.2': 1, 'ALC_FLR.3': 1, 'ALC_LCD.1': 2, 'ALC_LCD.2': 1, 'ALC_TAT.1': 2, 'ALC_TAT.2': 1, 'ALC_TAT.3': 1, 'ALC_CMC': 1, 'ALC_CMS': 1, 'ALC_DEL': 1, 'ALC_DVS': 1, 'ALC_TAT': 1}, 'ATE': {'ATE_DPT.2': 6, 'ATE_COV.1': 1, 'ATE_COV.2': 1, 'ATE_COV.3': 1, 'ATE_DPT.1': 1, 'ATE_DPT.3': 1, 'ATE_DPT.4': 1, 'ATE_FUN.1': 1, 'ATE_FUN.2': 1, 'ATE_IND.1': 1, 'ATE_IND.2': 1, 'ATE_IND.3': 1, 'ATE_COV': 1, 'ATE_DPT': 1, 'ATE_FUN': 1, 'ATE_IND': 1}, 'AVA': {'AVA_VAN.5': 6, 'AVA_VAN.1': 1, 'AVA_VAN.2': 1, 'AVA_VAN.3': 1, 'AVA_VAN.4': 1, 'AVA_VAN': 2}, 'APE': {'APE_INT.1': 1, 'APE_CCL.1': 1, 'APE_SPD.1': 1, 'APE_OBJ.1': 1, 'APE_OBJ.2': 1, 'APE_ECD.1': 1, 'APE_REQ.1': 1, 'APE_REQ.2': 1}, 'ASE': {'ASE_INT.1': 1, 'ASE_CCL.1': 1, 'ASE_SPD.1': 1, 'ASE_OBJ.1': 1, 'ASE_OBJ.2': 1, 'ASE_ECD.1': 1, 'ASE_REQ.1': 1, 'ASE_REQ.2': 1, 'ASE_TSS.1': 1, 'ASE_TSS.2': 1, 'ASE_CCL': 1, 'ASE_ECD': 1, 'ASE_INT': 1, 'ASE_OBJ': 1, 'ASE_SPD': 1, 'ASE_TSS': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {'Infineon': {'Infineon Technologies': 1, 'Infineon': 4}, 'GD': {'Giesecke & Devrient': 17, 'G&D': 1}}, 'eval_facility': {'TUV': {'TĂśV Informationstechnik': 1}, 'SRC': {'SRC Security Research & Consulting': 3}}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 2}}}, 'asymmetric_crypto': {'ECC': {'ECC': {'ECC': 3}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA-2': 2}}}, 'crypto_scheme': {}, 'crypto_protocol': {'PACE': {'PACE': 3}}, 'randomness': {'RNG': {'RNG': 1}}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {'Infineon': {'v1.02.013': 4}}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'side channel': 1}, 'FI': {'physical tampering': 1, 'fault injection': 1, 'Fault Injection': 1}, 'other': {'JIL': 4}}, 'technical_report_id': {'BSI': {'BSI 7148': 1, 'BSI 22': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {'STARCOS': {'STARCOS 3': 27}}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'BSI': {'AIS 34': 2, 'AIS 36': 4, 'AIS 25': 2, 'AIS 26': 2, 'AIS 31': 2, 'AIS 35': 2, 'AIS 20': 1, 'AIS 32': 1, 'AIS 38': 1}, 'ISO': {'ISO/IEC 15408': 6, 'ISO/IEC 18045': 6, 'ISO/IEC 17065': 2}, 'ICAO': {'ICAO': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'ConfidentialDocument': {'being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification': 1, 'Version 1.10, 06.12.2016, STARCOS 3.5 ID GCC C3 Security Target, Giesecke & Devrient GmbH (confidential document) [7] Common Criteria Protection Profile Electronic Identity Card (ID_Card PP), Version 1.03, 15': 1, 'Evaluation Technical Report (ETR) STARCOS 3.5 ID GCC C3, SRC Security Research & Consulting GmbH (confidential document) 10 specifically • AIS 20, Version 3, Funktionalitätsklassen und Evaluationsmethodologie fĂĽr': 1, 'M7820 A11, Version 5, 16.07.2015, TĂśV Informationstechnik GmbH, Evaluation Body for IT Security (confidential document) [11] STARCOS 3.5 ID GCC C2 Configuration 1, Application Specification, Version 1.0, 14.03.2013': 1, 'Version 1.2, 06.12.2016, Konfigurationsliste von STARCOS 3.5 ID GCC C3, Giesecke & Devrient GmbH (confidential document) [30] BSI-CC-PP-0059-2009-MA-02, Common Criteria Protection Profile: EN 419211-2:2013 - Protection': 1}}}.
    • The st_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-0829-V2-2015-MA-01': 1}}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0061': 2, 'BSI-PP-0056': 2, 'BSI-CC-PP-0059-2009-MA-02': 2, 'BSI-PP-0055': 1, 'BSI-CC-PP- 0084-2014': 1}}, 'cc_security_level': {'EAL': {'EAL5+': 1, 'EAL4': 13, 'EAL 4': 2, 'EAL 5': 2, 'EAL4 augmented': 3}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 4, 'ADV_TDS.3': 2, 'ADV_FSP.4': 1, 'ADV_IMP.1': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1}, 'ALC': {'ALC_DVS.2': 9, 'ALC_DVS.1': 1}, 'ATE': {'ATE_DPT.2': 9, 'ATE_DPT.1': 2, 'ATE_FUN.1': 1}, 'AVA': {'AVA_VAN.5': 8}, 'APE': {'APE_ECD': 1}, 'ASE': {'ASE_ECD': 1}}, 'cc_sfr': {'FAU': {'FAU_SAS': 5, 'FAU_GEN': 1, 'FAU_SAS.1': 18, 'FAU_SAS.1.1': 2}, 'FCS': {'FCS_RND': 7, 'FCS_RND.1': 12, 'FCS_CKM.1': 16, 'FCS_RND.1.1': 2, 'FCS_COP': 55, 'FCS_CKM': 52, 'FCS_CKM.2': 4, 'FCS_COP.1': 11, 'FCS_CKM.4': 20, 'FCS_RNG.1': 4}, 'FDP': {'FDP_ACF': 23, 'FDP_RIP': 4, 'FDP_SDI': 14, 'FDP_ITC.1': 7, 'FDP_ITC.2': 8, 'FDP_RIP.1': 13, 'FDP_ACC': 16, 'FDP_ACF.1': 21, 'FDP_ACC.1.1': 1, 'FDP_ACC.1': 12, 'FDP_SDI.1': 3, 'FDP_IFC.1': 5, 'FDP_SDI.2': 4, 'FDP_ITT.1': 1}, 'FIA': {'FIA_API': 20, 'FIA_SOS.2': 1, 'FIA_API.1': 4, 'FIA_API.1.1': 3, 'FIA_UAU': 45, 'FIA_UID': 25, 'FIA_AFL': 33, 'FIA_UIA': 1, 'FIA_UAU.4': 6, 'FIA_UAU.5': 13, 'FIA_UAU.6': 7, 'FIA_UAU.1': 8, 'FIA_AFL.1': 6, 'FIA_UID.1': 9, 'FIA_UAU.4.1': 1}, 'FMT': {'FMT_LIM': 14, 'FMT_LIM.1': 16, 'FMT_LIM.2': 15, 'FMT_LIM.1.1': 2, 'FMT_LIM.2.1': 2, 'FMT_SMR': 5, 'FMT_MTD': 86, 'FMT_MTD.3': 9, 'FMT_MSA.3': 6, 'FMT_MSA.1': 4, 'FMT_SMF.1': 37, 'FMT_SMR.1': 29, 'FMT_SMF': 5, 'FMT_MTD.1': 4, 'FMT_MTD.1.1': 1, 'FMT_MOF': 3, 'FMT_MSA': 15}, 'FPT': {'FPT_TST.1': 15, 'FPT_FLS.1': 13, 'FPT_PHP.3': 14, 'FPT_FLS': 3, 'FPT_FLS.1.1': 1, 'FPT_TST.1.3': 1, 'FPT_PHP': 6, 'FPT_TST': 2, 'FPT_PHP.1': 5, 'FPT_TST.2': 3, 'FPT_ITT.1': 1}, 'FRU': {'FRU_FLT.2': 4}, 'FTP': {'FTP_ITC': 23, 'FTP_ITC.1': 6}}, 'cc_claims': {'O': {'O.RND': 3, 'O.MEM_ACCESS': 1}, 'T': {'T.RND': 3}, 'A': {'A.CGA': 2, 'A.SCA': 2}, 'OE': {'OE.CGA_SSCD': 3, 'OE.CGA_TC_SVD': 2, 'OE.HID_TC_VAD': 1, 'OE.SCA_TC_DTBS': 1, 'OE.HID_VAD': 2}}, 'vendor': {'Infineon': {'Infineon': 3, 'Infineon Technologies AG': 1}, 'GD': {'Giesecke & Devrient': 7}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 19}}, 'DES': {'DES': {'DES': 1}, '3DES': {'Triple-DES': 6}}, 'constructions': {'MAC': {'KMAC': 4, 'CMAC': 8}}}, 'asymmetric_crypto': {'ECC': {'ECDH': {'ECDH': 7}, 'ECDSA': {'ECDSA': 5}, 'ECC': {'ECC': 1}}, 'FF': {'DH': {'Diffie-Hellman': 8, 'DH': 2}, 'DSA': {'DSA': 1}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 5}, 'SHA2': {'SHA-224': 2, 'SHA-256': 5, 'SHA-384': 3, 'SHA-512': 3, 'SHA-2': 1}}}, 'crypto_scheme': {'MAC': {'MAC': 3}, 'KA': {'Key Agreement': 3}}, 'crypto_protocol': {'PACE': {'PACE': 94}}, 'randomness': {'TRNG': {'TRNG': 1}, 'RNG': {'RNG': 8, 'RND': 6}}, 'cipher_mode': {'CBC': {'CBC': 3}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {'Infineon': {'v1.02.013': 2}}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'Leak-Inherent': 6, 'physical probing': 3, 'DPA': 2, 'SPA': 1, 'timing attacks': 1}, 'FI': {'Physical Tampering': 4, 'Physical tampering': 2, 'physical tampering': 7, 'Malfunction': 14, 'malfunction': 6, 'fault injection': 1}, 'other': {'reverse engineering': 1}}, 'technical_report_id': {'BSI': {'BSI TR-03110': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {'STARCOS': {'STARCOS 3': 148}}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 180-2': 1, 'FIPS 197': 1, 'FIPS PUB 180-2': 1}, 'PKCS': {'PKCS#3': 3}, 'BSI': {'AIS20': 1, 'AIS 31': 1, 'AIS 20': 1}, 'RFC': {'RFC3369': 2, 'RFC 5639': 5}, 'ISO': {'ISO/IEC 7816-2': 1, 'ISO/IEC 14443': 2, 'ISO/IEC 7816-4': 1}, 'ICAO': {'ICAO': 4}, 'CC': {'CCMB-2009-07-001': 1, 'CCMB-2009-07-002': 1, 'CCMB-2009-07-003': 1, 'CCMB-2009-07-004': 1, 'CCMB-2012-09-001': 1, 'CCMB-2012-09-002': 1, 'CCMB-2012-09-003': 1, 'CCMB-2012-09-004': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 1, 'to the plastic Identity Card is achieved by physical and organisational security measures being out of scope of the current ST. The TOE shall comprise at least a) the circuitry of the contactless chip incl': 1}}}.
    • The report_filename property was set to 0952V2a_pdf.pdf.
    • The st_filename property was set to 0952V2b_pdf.pdf.

    The computed heuristics were updated.

    • The cert_lab property was set to ['BSI'].
    • The cert_id property was set to BSI-DSZ-CC-0952-V2-2016.
    • The report_references property was updated, with the {'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0952-2014', 'BSI-DSZ-CC-0829-V2-2015']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0952-2014', 'BSI-DSZ-CC-0813-2012', 'BSI-DSZ-CC-0829-2012', 'BSI-DSZ-CC-0751-2013', 'BSI-DSZ-CC-0728-2011', 'BSI-DSZ-CC-0640-2010', 'BSI-DSZ-CC-0829-V2-2015']}} data.
    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_SPM', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_INT', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 3}]} values added.
  • 17.08.2024 The certificate data changed.
    Certificate changed

    The report_link was updated.

    • The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0952V2a_pdf.pdf.

    The st_link was updated.

    • The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0952V2b_pdf.pdf.

    The state of the certificate object was updated.

    • The report property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.

    The PDF extraction data was updated.

    • The report_metadata property was set to None.
    • The report_frontpage property was set to None.
    • The report_keywords property was set to None.
    • The report_filename property was set to None.

    The computed heuristics were updated.

    • The cert_lab property was set to None.
    • The cert_id property was set to None.
    • The report_references property was updated, with the {'directly_referencing': None, 'indirectly_referencing': None} data.
    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 6}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_SPM', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 6}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_INT', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 3}]} values discarded.
  • 12.08.2024 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The st property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.

    The PDF extraction data was updated.

    • The st_metadata property was set to None.
    • The st_keywords property was set to None.
    • The st_filename property was set to None.

    The computed heuristics were updated.

    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 6}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 6}]} values added.
  • 23.07.2024 The certificate was first processed.
    New certificate

    A new Common Criteria certificate with the product name STARCOS 3.5 ID GCC C3 was processed.

Raw data

{
  "_type": "sec_certs.sample.cc.CCCertificate",
  "category": "ICs, Smart Cards and Smart Card-Related Devices and Systems",
  "cert_link": null,
  "dgst": "aaa5c2239e7c1d9e",
  "heuristics": {
    "_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
    "annotated_references": null,
    "cert_id": "BSI-DSZ-CC-0952-V2-2016",
    "cert_lab": [
      "BSI"
    ],
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_INT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_COV",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_ARC",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_IND",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_FUN",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "APE_OBJ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VAN",
          "level": 5
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_TAT",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_OBJ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "APE_SPD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_REQ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_SPM",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "APE_CCL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_FLR",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_PRE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DEL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_LCD",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_INT",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_TSS",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_ECD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "APE_REQ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_SPD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_FSP",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "APE_INT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_CCL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_TDS",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMC",
          "level": 5
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DVS",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_IMP",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_DPT",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_OPE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMS",
          "level": 5
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "APE_ECD",
          "level": 1
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "3.5"
      ]
    },
    "indirect_transitive_cves": null,
    "next_certificates": [],
    "prev_certificates": [
      "BSI-DSZ-CC-0952-2014"
    ],
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-0952-2014",
          "BSI-DSZ-CC-0829-V2-2015"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-0640-2010",
          "BSI-DSZ-CC-0813-2012",
          "BSI-DSZ-CC-0952-2014",
          "BSI-DSZ-CC-0829-2012",
          "BSI-DSZ-CC-0728-2011",
          "BSI-DSZ-CC-0751-2013",
          "BSI-DSZ-CC-0829-V2-2015"
        ]
      }
    },
    "scheme_data": null,
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": [
      {
        "_type": "sec_certs.sample.cc.CCCertificate.MaintenanceReport",
        "maintenance_date": "2018-02-23",
        "maintenance_report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0952V2ma1a_pdf.pdf",
        "maintenance_st_link": null,
        "maintenance_title": "STARCOS 3.5 ID GCC C3"
      }
    ]
  },
  "manufacturer": "G+D Mobile Security GmbH",
  "manufacturer_web": "https://www.gi-de.com/de/de/mobile-security/",
  "name": "STARCOS 3.5 ID GCC C3",
  "not_valid_after": "2021-12-16",
  "not_valid_before": "2016-12-16",
  "pdf_data": {
    "_type": "sec_certs.sample.cc.CCCertificate.PdfData",
    "cert_filename": null,
    "cert_frontpage": null,
    "cert_keywords": null,
    "cert_metadata": null,
    "report_filename": "0952V2a_pdf.pdf",
    "report_frontpage": {
      "DE": {
        "cc_security_level": "Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2, ATE_DPT.2 and AVA_VAN.5 The IT Product identified in this certificate has been evaluated at an approved evaluation facility using the Common Methodology for IT Security Evaluation (CEM), Version 3.1 extended by Scheme Interpretations, by advice of the Certification Body for components beyond EAL 5 and CC Supporting Documents as listed in the Certification Report for conformance to the Common Criteria for IT Security Evaluation (CC), Version 3.1. CC and CEM are also published as ISO/IEC 15408 and ISO/IEC 18045. (*) This certificate applies only to the specific version and release of the product in its evaluated configuration and in conjunction with the complete Certification Report and Notification. For details on the validity see Certification Report part A chapter 4 (**",
        "cc_version": "PP conformant Common Criteria Part 2 extended",
        "cert_id": "BSI-DSZ-CC-0952-V2-2016",
        "cert_item": "STARCOS 3.5 ID GCC C3",
        "cert_lab": "BSI",
        "developer": "Giesecke \u0026 Devrient GmbH",
        "match_rules": [
          "(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
        ],
        "ref_protection_profiles": "Common Criteria Protection Profile Electronic Identity Card (ID_Card PP), Version 1.03, 15 December 2009, BSI-CC-PP-0061-2009 (**) and in accordance with BSI Technische Richtlinie BSI-TR-03116-2, 2016"
      }
    },
    "report_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 3
          }
        }
      },
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-0829-V2-2015": 4,
          "BSI-DSZ-CC-0829-V2-2015-MA-01": 1,
          "BSI-DSZ-CC-0952-2014": 4,
          "BSI-DSZ-CC-0952-V2-2016": 21,
          "BSI-DSZ-CC-S-0053-2016": 2,
          "BSI-DSZ-CC-S-0057-2015": 2,
          "BSI-DSZ-CC-S-0062-2016": 2,
          "BSI-DSZ-CC-S-0070-2016": 2
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {
        "BSI": {
          "BSI-CC-PP-0059-2009-MA-02": 3,
          "BSI-CC-PP-0061-2009": 4
        }
      },
      "cc_sar": {
        "ADV": {
          "ADV_ARC": 1,
          "ADV_ARC.1": 1,
          "ADV_FSP": 1,
          "ADV_FSP.1": 1,
          "ADV_FSP.2": 1,
          "ADV_FSP.3": 1,
          "ADV_FSP.4": 1,
          "ADV_FSP.5": 1,
          "ADV_FSP.6": 1,
          "ADV_IMP": 1,
          "ADV_IMP.1": 1,
          "ADV_IMP.2": 1,
          "ADV_INT": 1,
          "ADV_INT.1": 1,
          "ADV_INT.2": 1,
          "ADV_INT.3": 1,
          "ADV_SPM": 1,
          "ADV_SPM.1": 1,
          "ADV_TDS": 1,
          "ADV_TDS.1": 1,
          "ADV_TDS.2": 1,
          "ADV_TDS.3": 1,
          "ADV_TDS.4": 1,
          "ADV_TDS.5": 1,
          "ADV_TDS.6": 1
        },
        "AGD": {
          "AGD_OPE": 1,
          "AGD_OPE.1": 1,
          "AGD_PRE": 1,
          "AGD_PRE.1": 1
        },
        "ALC": {
          "ALC_CMC": 1,
          "ALC_CMC.1": 1,
          "ALC_CMC.2": 1,
          "ALC_CMC.3": 1,
          "ALC_CMC.4": 2,
          "ALC_CMC.5": 1,
          "ALC_CMS": 1,
          "ALC_CMS.1": 1,
          "ALC_CMS.2": 1,
          "ALC_CMS.3": 1,
          "ALC_CMS.4": 2,
          "ALC_CMS.5": 1,
          "ALC_DEL": 1,
          "ALC_DEL.1": 2,
          "ALC_DVS": 1,
          "ALC_DVS.1": 1,
          "ALC_DVS.2": 7,
          "ALC_FLR": 3,
          "ALC_FLR.1": 1,
          "ALC_FLR.2": 1,
          "ALC_FLR.3": 1,
          "ALC_LCD.1": 2,
          "ALC_LCD.2": 1,
          "ALC_TAT": 1,
          "ALC_TAT.1": 2,
          "ALC_TAT.2": 1,
          "ALC_TAT.3": 1
        },
        "APE": {
          "APE_CCL.1": 1,
          "APE_ECD.1": 1,
          "APE_INT.1": 1,
          "APE_OBJ.1": 1,
          "APE_OBJ.2": 1,
          "APE_REQ.1": 1,
          "APE_REQ.2": 1,
          "APE_SPD.1": 1
        },
        "ASE": {
          "ASE_CCL": 1,
          "ASE_CCL.1": 1,
          "ASE_ECD": 1,
          "ASE_ECD.1": 1,
          "ASE_INT": 1,
          "ASE_INT.1": 1,
          "ASE_OBJ": 1,
          "ASE_OBJ.1": 1,
          "ASE_OBJ.2": 1,
          "ASE_REQ.1": 1,
          "ASE_REQ.2": 1,
          "ASE_SPD": 1,
          "ASE_SPD.1": 1,
          "ASE_TSS": 1,
          "ASE_TSS.1": 1,
          "ASE_TSS.2": 1
        },
        "ATE": {
          "ATE_COV": 1,
          "ATE_COV.1": 1,
          "ATE_COV.2": 1,
          "ATE_COV.3": 1,
          "ATE_DPT": 1,
          "ATE_DPT.1": 1,
          "ATE_DPT.2": 6,
          "ATE_DPT.3": 1,
          "ATE_DPT.4": 1,
          "ATE_FUN": 1,
          "ATE_FUN.1": 1,
          "ATE_FUN.2": 1,
          "ATE_IND": 1,
          "ATE_IND.1": 1,
          "ATE_IND.2": 1,
          "ATE_IND.3": 1
        },
        "AVA": {
          "AVA_VAN": 2,
          "AVA_VAN.1": 1,
          "AVA_VAN.2": 1,
          "AVA_VAN.3": 1,
          "AVA_VAN.4": 1,
          "AVA_VAN.5": 6
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 1": 7,
          "EAL 2": 4,
          "EAL 3": 4,
          "EAL 4": 13,
          "EAL 4 augmented": 3,
          "EAL 5": 8,
          "EAL 5+": 1,
          "EAL 6": 4,
          "EAL 7": 4
        },
        "ITSEC": {
          "ITSEC Evaluation": 1
        }
      },
      "cc_sfr": {},
      "certification_process": {
        "ConfidentialDocument": {
          "Evaluation Technical Report (ETR) STARCOS 3.5 ID GCC C3, SRC Security Research \u0026 Consulting GmbH (confidential document) 10 specifically \u2022 AIS 20, Version 3, Funktionalit\u00e4tsklassen und Evaluationsmethodologie f\u00fcr": 1,
          "M7820 A11, Version 5, 16.07.2015, T\u00dcV Informationstechnik GmbH, Evaluation Body for IT Security (confidential document) [11] STARCOS 3.5 ID GCC C2 Configuration 1, Application Specification, Version 1.0, 14.03.2013": 1,
          "Version 1.10, 06.12.2016, STARCOS 3.5 ID GCC C3 Security Target, Giesecke \u0026 Devrient GmbH (confidential document) [7] Common Criteria Protection Profile Electronic Identity Card (ID_Card PP), Version 1.03, 15": 1,
          "Version 1.2, 06.12.2016, Konfigurationsliste von STARCOS 3.5 ID GCC C3, Giesecke \u0026 Devrient GmbH (confidential document) [30] BSI-CC-PP-0059-2009-MA-02, Common Criteria Protection Profile: EN 419211-2:2013 - Protection": 1,
          "being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1
        }
      },
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "Infineon": {
          "v1.02.013": 4
        }
      },
      "crypto_protocol": {
        "PACE": {
          "PACE": 3
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "SRC": {
          "SRC Security Research \u0026 Consulting": 3
        },
        "TUV": {
          "T\u00dcV Informationstechnik": 1
        }
      },
      "hash_function": {
        "SHA": {
          "SHA2": {
            "SHA-2": 2
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {
        "STARCOS": {
          "STARCOS 3": 27
        }
      },
      "pq_crypto": {},
      "randomness": {
        "RNG": {
          "RNG": 1
        }
      },
      "side_channel_analysis": {
        "FI": {
          "Fault Injection": 1,
          "fault injection": 1,
          "physical tampering": 1
        },
        "SCA": {
          "side channel": 1
        },
        "other": {
          "JIL": 4
        }
      },
      "standard_id": {
        "BSI": {
          "AIS 20": 1,
          "AIS 25": 2,
          "AIS 26": 2,
          "AIS 31": 2,
          "AIS 32": 1,
          "AIS 34": 2,
          "AIS 35": 2,
          "AIS 36": 4,
          "AIS 38": 1
        },
        "ICAO": {
          "ICAO": 2
        },
        "ISO": {
          "ISO/IEC 15408": 6,
          "ISO/IEC 17065": 2,
          "ISO/IEC 18045": 6
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 2
          }
        }
      },
      "technical_report_id": {
        "BSI": {
          "BSI 22": 1,
          "BSI 7148": 1
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "GD": {
          "G\u0026D": 1,
          "Giesecke \u0026 Devrient": 17
        },
        "Infineon": {
          "Infineon": 4,
          "Infineon Technologies": 1
        }
      },
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "/CreationDate": "D:20161230094202+01\u002700\u0027",
      "/Creator": "Writer",
      "/Keywords": "\"Common Criteria, Certification, Zertifizierung, Giesecke \u0026 Devrient GmbH, G\u0026D, StarCOS, nPA, Personalausweis\"",
      "/ModDate": "D:20161230111155+01\u002700\u0027",
      "/Producer": "LibreOffice 4.2",
      "/Subject": "Common Criteria Certification",
      "/Title": "Certification Report BSI-DSZ-CC-0952-V2-2016",
      "pdf_file_size_bytes": 1122731,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://www.beuth.de/",
          "https://www.bsi.bund.de/",
          "https://standards.cen.eu/",
          "https://www.bsi.bund.de/zertifizierung",
          "http://www.sogisportal.eu/",
          "http://www.commoncriteriaportal.org/",
          "https://www.bsi.bund.de/zertifizierungsreporte",
          "https://www.bsi.bund.de/AIS"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 36
    },
    "st_filename": "0952V2b_pdf.pdf",
    "st_frontpage": null,
    "st_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 1
          },
          "ECDH": {
            "ECDH": 7
          },
          "ECDSA": {
            "ECDSA": 5
          }
        },
        "FF": {
          "DH": {
            "DH": 2,
            "Diffie-Hellman": 8
          },
          "DSA": {
            "DSA": 1
          }
        }
      },
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-0829-V2-2015-MA-01": 1
        }
      },
      "cc_claims": {
        "A": {
          "A.CGA": 2,
          "A.SCA": 2
        },
        "O": {
          "O.MEM_ACCESS": 1,
          "O.RND": 3
        },
        "OE": {
          "OE.CGA_SSCD": 3,
          "OE.CGA_TC_SVD": 2,
          "OE.HID_TC_VAD": 1,
          "OE.HID_VAD": 2,
          "OE.SCA_TC_DTBS": 1
        },
        "T": {
          "T.RND": 3
        }
      },
      "cc_protection_profile_id": {
        "BSI": {
          "BSI-CC-PP- 0084-2014": 1,
          "BSI-CC-PP-0059-2009-MA-02": 2,
          "BSI-CC-PP-0061": 2,
          "BSI-PP-0055": 1,
          "BSI-PP-0056": 2
        }
      },
      "cc_sar": {
        "ADV": {
          "ADV_ARC.1": 4,
          "ADV_FSP.4": 1,
          "ADV_IMP.1": 1,
          "ADV_TDS.3": 2
        },
        "AGD": {
          "AGD_OPE.1": 1,
          "AGD_PRE.1": 1
        },
        "ALC": {
          "ALC_DVS.1": 1,
          "ALC_DVS.2": 9
        },
        "APE": {
          "APE_ECD": 1
        },
        "ASE": {
          "ASE_ECD": 1
        },
        "ATE": {
          "ATE_DPT.1": 2,
          "ATE_DPT.2": 9,
          "ATE_FUN.1": 1
        },
        "AVA": {
          "AVA_VAN.5": 8
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 4": 2,
          "EAL 5": 2,
          "EAL4": 13,
          "EAL4 augmented": 3,
          "EAL5+": 1
        }
      },
      "cc_sfr": {
        "FAU": {
          "FAU_GEN": 1,
          "FAU_SAS": 5,
          "FAU_SAS.1": 18,
          "FAU_SAS.1.1": 2
        },
        "FCS": {
          "FCS_CKM": 52,
          "FCS_CKM.1": 16,
          "FCS_CKM.2": 4,
          "FCS_CKM.4": 20,
          "FCS_COP": 55,
          "FCS_COP.1": 11,
          "FCS_RND": 7,
          "FCS_RND.1": 12,
          "FCS_RND.1.1": 2,
          "FCS_RNG.1": 4
        },
        "FDP": {
          "FDP_ACC": 16,
          "FDP_ACC.1": 12,
          "FDP_ACC.1.1": 1,
          "FDP_ACF": 23,
          "FDP_ACF.1": 21,
          "FDP_IFC.1": 5,
          "FDP_ITC.1": 7,
          "FDP_ITC.2": 8,
          "FDP_ITT.1": 1,
          "FDP_RIP": 4,
          "FDP_RIP.1": 13,
          "FDP_SDI": 14,
          "FDP_SDI.1": 3,
          "FDP_SDI.2": 4
        },
        "FIA": {
          "FIA_AFL": 33,
          "FIA_AFL.1": 6,
          "FIA_API": 20,
          "FIA_API.1": 4,
          "FIA_API.1.1": 3,
          "FIA_SOS.2": 1,
          "FIA_UAU": 45,
          "FIA_UAU.1": 8,
          "FIA_UAU.4": 6,
          "FIA_UAU.4.1": 1,
          "FIA_UAU.5": 13,
          "FIA_UAU.6": 7,
          "FIA_UIA": 1,
          "FIA_UID": 25,
          "FIA_UID.1": 9
        },
        "FMT": {
          "FMT_LIM": 14,
          "FMT_LIM.1": 16,
          "FMT_LIM.1.1": 2,
          "FMT_LIM.2": 15,
          "FMT_LIM.2.1": 2,
          "FMT_MOF": 3,
          "FMT_MSA": 15,
          "FMT_MSA.1": 4,
          "FMT_MSA.3": 6,
          "FMT_MTD": 86,
          "FMT_MTD.1": 4,
          "FMT_MTD.1.1": 1,
          "FMT_MTD.3": 9,
          "FMT_SMF": 5,
          "FMT_SMF.1": 37,
          "FMT_SMR": 5,
          "FMT_SMR.1": 29
        },
        "FPT": {
          "FPT_FLS": 3,
          "FPT_FLS.1": 13,
          "FPT_FLS.1.1": 1,
          "FPT_ITT.1": 1,
          "FPT_PHP": 6,
          "FPT_PHP.1": 5,
          "FPT_PHP.3": 14,
          "FPT_TST": 2,
          "FPT_TST.1": 15,
          "FPT_TST.1.3": 1,
          "FPT_TST.2": 3
        },
        "FRU": {
          "FRU_FLT.2": 4
        },
        "FTP": {
          "FTP_ITC": 23,
          "FTP_ITC.1": 6
        }
      },
      "certification_process": {
        "OutOfScope": {
          "out of scope": 1,
          "to the plastic Identity Card is achieved by physical and organisational security measures being out of scope of the current ST. The TOE shall comprise at least a) the circuitry of the contactless chip incl": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 3
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "Infineon": {
          "v1.02.013": 2
        }
      },
      "crypto_protocol": {
        "PACE": {
          "PACE": 94
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 3
        },
        "MAC": {
          "MAC": 3
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 5
          },
          "SHA2": {
            "SHA-2": 1,
            "SHA-224": 2,
            "SHA-256": 5,
            "SHA-384": 3,
            "SHA-512": 3
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {
        "STARCOS": {
          "STARCOS 3": 148
        }
      },
      "pq_crypto": {},
      "randomness": {
        "RNG": {
          "RND": 6,
          "RNG": 8
        },
        "TRNG": {
          "TRNG": 1
        }
      },
      "side_channel_analysis": {
        "FI": {
          "Malfunction": 14,
          "Physical Tampering": 4,
          "Physical tampering": 2,
          "fault injection": 1,
          "malfunction": 6,
          "physical tampering": 7
        },
        "SCA": {
          "DPA": 2,
          "Leak-Inherent": 6,
          "SPA": 1,
          "physical probing": 3,
          "timing attacks": 1
        },
        "other": {
          "reverse engineering": 1
        }
      },
      "standard_id": {
        "BSI": {
          "AIS 20": 1,
          "AIS 31": 1,
          "AIS20": 1
        },
        "CC": {
          "CCMB-2009-07-001": 1,
          "CCMB-2009-07-002": 1,
          "CCMB-2009-07-003": 1,
          "CCMB-2009-07-004": 1,
          "CCMB-2012-09-001": 1,
          "CCMB-2012-09-002": 1,
          "CCMB-2012-09-003": 1,
          "CCMB-2012-09-004": 1
        },
        "FIPS": {
          "FIPS 180-2": 1,
          "FIPS 197": 1,
          "FIPS PUB 180-2": 1
        },
        "ICAO": {
          "ICAO": 4
        },
        "ISO": {
          "ISO/IEC 14443": 2,
          "ISO/IEC 7816-2": 1,
          "ISO/IEC 7816-4": 1
        },
        "PKCS": {
          "PKCS#3": 3
        },
        "RFC": {
          "RFC 5639": 5,
          "RFC3369": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 19
          }
        },
        "DES": {
          "3DES": {
            "Triple-DES": 6
          },
          "DES": {
            "DES": 1
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 8,
            "KMAC": 4
          }
        }
      },
      "technical_report_id": {
        "BSI": {
          "BSI TR-03110": 1
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "GD": {
          "Giesecke \u0026 Devrient": 7
        },
        "Infineon": {
          "Infineon": 3,
          "Infineon Technologies AG": 1
        }
      },
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "eij",
      "/CreationDate": "D:20161216094745+01\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word 2010",
      "/Keywords": "Common Criteria, Certification, Zertifizierung, Giesecke \u0026 Devrient GmbH, G\u0026D, StarCOS, nPA, Personalausweis, eID, electronic identity, eGovernment, eIDAS, QES, qualified electronic signature, travel document, passport",
      "/ModDate": "D:20161216094745+01\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word 2010",
      "/Subject": "STARCOS 3.5 ID GCC C3",
      "/Title": "Security Target Lite",
      "pdf_file_size_bytes": 2002351,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 133
    }
  },
  "protection_profiles": {
    "_type": "Set",
    "elements": [
      {
        "_type": "sec_certs.sample.protection_profile.ProtectionProfile",
        "pp_eal": "EAL4+",
        "pp_ids": {
          "_type": "Set",
          "elements": [
            "PP_ID_CARD_V1.03"
          ]
        },
        "pp_link": "https://www.commoncriteriaportal.org/files/ppfiles/pp0061b_pdf.pdf",
        "pp_name": "Electronic Identity Card (ID_Card PP), Version 1.03"
      }
    ]
  },
  "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0952V2a_pdf.pdf",
  "scheme": "DE",
  "security_level": {
    "_type": "Set",
    "elements": [
      "AVA_VAN.5",
      "ATE_DPT.2",
      "EAL4+",
      "ALC_DVS.2"
    ]
  },
  "st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0952V2b_pdf.pdf",
  "state": {
    "_type": "sec_certs.sample.cc.CCCertificate.InternalState",
    "cert": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": false,
      "download_ok": false,
      "extract_ok": false,
      "pdf_hash": null,
      "txt_hash": null
    },
    "report": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "9481f0852e4440d1c67981cb6077ce505467d2369bfe6933db362cc0e070f3c0",
      "txt_hash": "b2968cd05c1f7edd754824059df661497ed39640d3e2e7ddb0c488ba7910b0ec"
    },
    "st": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "8d976902a8c76c719b17d43ee133d4bdae8d4c073f056ca4b7b73dfa37d297de",
      "txt_hash": "d3d626e37d0370c0a14b7e17474b6aadc291c92f33816f5bc8ea6fa33357a037"
    }
  },
  "status": "archived"
}