This page was not yet optimized for use on mobile devices.
STARCOS 3.5 ID GCC C3
CSV information ?
| Status | archived |
|---|---|
| Valid from | 16.12.2016 |
| Valid until | 16.12.2021 |
| Scheme | 🇩🇪 DE |
| Manufacturer | G+D Mobile Security GmbH |
| Category | ICs, Smart Cards and Smart Card-Related Devices and Systems |
| Security level | EAL4+, ALC_DVS.2, ATE_DPT.2, AVA_VAN.5 |
| Maintenance updates | STARCOS 3.5 ID GCC C3 (23.02.2018) Certification report |
Heuristics summary ?
Certificate ID: BSI-DSZ-CC-0952-V2-2016
Certificate ?
Certification report ?
Extracted keywords
Symmetric Algorithms
AESAsymmetric Algorithms
ECCHash functions
SHA-2Protocols
PACERandomness
RNGLibraries
v1.02.013Operating System name
STARCOS 3Vendor
Infineon Technologies, Infineon, Giesecke & Devrient, G&DSecurity level
EAL 4, EAL 5, EAL 1, EAL 2, EAL 5+, EAL 6, EAL 3, EAL 7, EAL 4 augmented, ITSEC EvaluationSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.1, ADV_FSP.2, ADV_FSP.3, ADV_FSP.4, ADV_FSP.5, ADV_FSP.6, ADV_IMP.1, ADV_IMP.2, ADV_INT.1, ADV_INT.2, ADV_INT.3, ADV_SPM.1, ADV_TDS.1, ADV_TDS.2, ADV_TDS.3, ADV_TDS.4, ADV_TDS.5, ADV_TDS.6, ADV_ARC, ADV_FSP, ADV_IMP, ADV_INT, ADV_SPM, ADV_TDS, AGD_OPE.1, AGD_PRE.1, AGD_OPE, AGD_PRE, ALC_DVS.2, ALC_FLR, ALC_CMC.1, ALC_CMC.2, ALC_CMC.3, ALC_CMC.4, ALC_CMC.5, ALC_CMS.1, ALC_CMS.2, ALC_CMS.3, ALC_CMS.4, ALC_CMS.5, ALC_DEL.1, ALC_DVS.1, ALC_FLR.1, ALC_FLR.2, ALC_FLR.3, ALC_LCD.1, ALC_LCD.2, ALC_TAT.1, ALC_TAT.2, ALC_TAT.3, ALC_CMC, ALC_CMS, ALC_DEL, ALC_DVS, ALC_TAT, ATE_DPT.2, ATE_COV.1, ATE_COV.2, ATE_COV.3, ATE_DPT.1, ATE_DPT.3, ATE_DPT.4, ATE_FUN.1, ATE_FUN.2, ATE_IND.1, ATE_IND.2, ATE_IND.3, ATE_COV, ATE_DPT, ATE_FUN, ATE_IND, AVA_VAN.5, AVA_VAN.1, AVA_VAN.2, AVA_VAN.3, AVA_VAN.4, AVA_VAN, APE_INT.1, APE_CCL.1, APE_SPD.1, APE_OBJ.1, APE_OBJ.2, APE_ECD.1, APE_REQ.1, APE_REQ.2, ASE_INT.1, ASE_CCL.1, ASE_SPD.1, ASE_OBJ.1, ASE_OBJ.2, ASE_ECD.1, ASE_REQ.1, ASE_REQ.2, ASE_TSS.1, ASE_TSS.2, ASE_CCL, ASE_ECD, ASE_INT, ASE_OBJ, ASE_SPD, ASE_TSSProtection profiles
BSI-CC-PP-0061-2009, BSI-CC-PP-0059-2009-MA-02Certificates
BSI-DSZ-CC-0952-V2-2016, BSI-DSZ-CC-0952-2014, BSI-DSZ-CC-0829-V2-2015, BSI-DSZ-CC-0829-V2-2015-MA-01, BSI-DSZ-CC-S-0070-2016, BSI-DSZ-CC-S-0057-2015, BSI-DSZ-CC-S-0062-2016, BSI-DSZ-CC-S-0053-2016Evaluation facilities
TÜV Informationstechnik, SRC Security Research & ConsultingCertification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Version 1.10, 06.12.2016, STARCOS 3.5 ID GCC C3 Security Target, Giesecke & Devrient GmbH (confidential document) [7] Common Criteria Protection Profile Electronic Identity Card (ID_Card PP), Version 1.03, 15, Evaluation Technical Report (ETR) STARCOS 3.5 ID GCC C3, SRC Security Research & Consulting GmbH (confidential document) 10 specifically • AIS 20, Version 3, Funktionalitätsklassen und Evaluationsmethodologie für, M7820 A11, Version 5, 16.07.2015, TÜV Informationstechnik GmbH, Evaluation Body for IT Security (confidential document) [11] STARCOS 3.5 ID GCC C2 Configuration 1, Application Specification, Version 1.0, 14.03.2013, Version 1.2, 06.12.2016, Konfigurationsliste von STARCOS 3.5 ID GCC C3, Giesecke & Devrient GmbH (confidential document) [30] BSI-CC-PP-0059-2009-MA-02, Common Criteria Protection Profile: EN 419211-2:2013 - ProtectionSide-channel analysis
side channel, physical tampering, fault injection, Fault Injection, JILCertification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Version 1.10, 06.12.2016, STARCOS 3.5 ID GCC C3 Security Target, Giesecke & Devrient GmbH (confidential document) [7] Common Criteria Protection Profile Electronic Identity Card (ID_Card PP), Version 1.03, 15, Evaluation Technical Report (ETR) STARCOS 3.5 ID GCC C3, SRC Security Research & Consulting GmbH (confidential document) 10 specifically • AIS 20, Version 3, Funktionalitätsklassen und Evaluationsmethodologie für, M7820 A11, Version 5, 16.07.2015, TÜV Informationstechnik GmbH, Evaluation Body for IT Security (confidential document) [11] STARCOS 3.5 ID GCC C2 Configuration 1, Application Specification, Version 1.0, 14.03.2013, Version 1.2, 06.12.2016, Konfigurationsliste von STARCOS 3.5 ID GCC C3, Giesecke & Devrient GmbH (confidential document) [30] BSI-CC-PP-0059-2009-MA-02, Common Criteria Protection Profile: EN 419211-2:2013 - ProtectionStandards
AIS 34, AIS 36, AIS 25, AIS 26, AIS 31, AIS 35, AIS 20, AIS 32, AIS 38, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, ICAOTechnical reports
BSI 7148, BSI 22File metadata
| Title | Certification Report BSI-DSZ-CC-0952-V2-2016 |
|---|---|
| Subject | Common Criteria Certification |
| Keywords | "Common Criteria, Certification, Zertifizierung, Giesecke & Devrient GmbH, G&D, StarCOS, nPA, Personalausweis" |
| Author | Bundesamt für Sicherheit in der Informationstechnik |
| Creation date | D:20161230094202+01'00' |
| Modification date | D:20161230111155+01'00' |
| Pages | 36 |
| Creator | Writer |
| Producer | LibreOffice 4.2 |
Frontpage
| Certificate ID | BSI-DSZ-CC-0952-V2-2016 |
|---|---|
| Certified item | STARCOS 3.5 ID GCC C3 |
| Certification lab | BSI |
| Developer | Giesecke & Devrient GmbH |
References
Outgoing- BSI-DSZ-CC-0829-V2-2015 - archived - Infineon smart card IC (Security Controller) M7820 A11 with optional RSA2048/4096 v1.02.013, EC v1.02.013, SHA-2 v1.01 and Toolbox v1.02.013 libraries and with specific IC dedicated software
- BSI-DSZ-CC-0952-2014 - archived - STARCOS 3.5 ID GCC C2R
Security target ?
Extracted keywords
Symmetric Algorithms
AES, DES, Triple-DES, KMAC, CMACAsymmetric Algorithms
ECDH, ECDSA, ECC, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-2Schemes
MAC, Key AgreementProtocols
PACERandomness
TRNG, RNG, RNDLibraries
v1.02.013Block cipher modes
CBCOperating System name
STARCOS 3Vendor
Infineon, Infineon Technologies AG, Giesecke & DevrientSecurity level
EAL5+, EAL4, EAL 4, EAL 5, EAL4 augmentedClaims
O.RND, O.MEM_ACCESS, T.RND, A.CGA, A.SCA, OE.CGA_SSCD, OE.CGA_TC_SVD, OE.HID_TC_VAD, OE.SCA_TC_DTBS, OE.HID_VADSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_TDS.3, ADV_FSP.4, ADV_IMP.1, AGD_OPE.1, AGD_PRE.1, ALC_DVS.2, ALC_DVS.1, ATE_DPT.2, ATE_DPT.1, ATE_FUN.1, AVA_VAN.5, APE_ECD, ASE_ECDSecurity Functional Requirements (SFR)
FAU_SAS, FAU_GEN, FAU_SAS.1, FAU_SAS.1.1, FCS_RND, FCS_RND.1, FCS_CKM.1, FCS_RND.1.1, FCS_COP, FCS_CKM, FCS_CKM.2, FCS_COP.1, FCS_CKM.4, FCS_RNG.1, FDP_ACF, FDP_RIP, FDP_SDI, FDP_ITC.1, FDP_ITC.2, FDP_RIP.1, FDP_ACC, FDP_ACF.1, FDP_ACC.1.1, FDP_ACC.1, FDP_SDI.1, FDP_IFC.1, FDP_SDI.2, FDP_ITT.1, FIA_API, FIA_SOS.2, FIA_API.1, FIA_API.1.1, FIA_UAU, FIA_UID, FIA_AFL, FIA_UIA, FIA_UAU.4, FIA_UAU.5, FIA_UAU.6, FIA_UAU.1, FIA_AFL.1, FIA_UID.1, FIA_UAU.4.1, FMT_LIM, FMT_LIM.1, FMT_LIM.2, FMT_LIM.1.1, FMT_LIM.2.1, FMT_SMR, FMT_MTD, FMT_MTD.3, FMT_MSA.3, FMT_MSA.1, FMT_SMF.1, FMT_SMR.1, FMT_SMF, FMT_MTD.1, FMT_MTD.1.1, FMT_MOF, FMT_MSA, FPT_TST.1, FPT_FLS.1, FPT_PHP.3, FPT_FLS, FPT_FLS.1.1, FPT_TST.1.3, FPT_PHP, FPT_TST, FPT_PHP.1, FPT_TST.2, FPT_ITT.1, FRU_FLT.2, FTP_ITC, FTP_ITC.1Protection profiles
BSI-CC-PP-0061, BSI-PP-0056, BSI-CC-PP-0059-2009-MA-02, BSI-PP-0055, BSI-CC-PP- 0084-2014Certificates
BSI-DSZ-CC-0829-V2-2015-MA-01Certification process
out of scope, to the plastic Identity Card is achieved by physical and organisational security measures being out of scope of the current ST. The TOE shall comprise at least a) the circuitry of the contactless chip inclSide-channel analysis
Leak-Inherent, physical probing, DPA, SPA, timing attacks, Physical Tampering, Physical tampering, physical tampering, Malfunction, malfunction, fault injection, reverse engineeringCertification process
out of scope, to the plastic Identity Card is achieved by physical and organisational security measures being out of scope of the current ST. The TOE shall comprise at least a) the circuitry of the contactless chip inclStandards
FIPS 180-2, FIPS 197, FIPS PUB 180-2, PKCS#3, AIS20, AIS 31, AIS 20, RFC3369, RFC 5639, ISO/IEC 7816-2, ISO/IEC 14443, ISO/IEC 7816-4, ICAO, CCMB-2009-07-001, CCMB-2009-07-002, CCMB-2009-07-003, CCMB-2009-07-004, CCMB-2012-09-001, CCMB-2012-09-002, CCMB-2012-09-003, CCMB-2012-09-004Technical reports
BSI TR-03110File metadata
| Title | Security Target Lite |
|---|---|
| Subject | STARCOS 3.5 ID GCC C3 |
| Keywords | Common Criteria, Certification, Zertifizierung, Giesecke & Devrient GmbH, G&D, StarCOS, nPA, Personalausweis, eID, electronic identity, eGovernment, eIDAS, QES, qualified electronic signature, travel document, passport |
| Author | eij |
| Creation date | D:20161216094745+01'00' |
| Modification date | D:20161216094745+01'00' |
| Pages | 133 |
| Creator | Microsoft® Word 2010 |
| Producer | Microsoft® Word 2010 |
Heuristics ?
Certificate ID: BSI-DSZ-CC-0952-V2-2016
Extracted SARs
ASE_ECD.1, AVA_VAN.5, ATE_IND.3, ALC_DEL.1, APE_ECD.1, ATE_COV.3, APE_OBJ.2, AGD_PRE.1, ALC_LCD.2, ADV_IMP.1, APE_CCL.1, ADV_FSP.4, ATE_FUN.1, ASE_REQ.2, ASE_CCL.1, ALC_CMS.5, ASE_OBJ.2, ADV_ARC.1, ALC_TAT.3, ALC_FLR.3, ALC_DVS.2, ASE_TSS.2, ALC_CMC.5, APE_REQ.2, APE_INT.1, ADV_INT.3, ASE_SPD.1, AGD_OPE.1, ASE_INT.1, ATE_DPT.2, APE_SPD.1, ADV_SPM.1, ADV_TDS.3References ?
Updates ?
-
22.08.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '9481f0852e4440d1c67981cb6077ce505467d2369bfe6933db362cc0e070f3c0', 'txt_hash': 'b2968cd05c1f7edd754824059df661497ed39640d3e2e7ddb0c488ba7910b0ec'}data. - The st property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '8d976902a8c76c719b17d43ee133d4bdae8d4c073f056ca4b7b73dfa37d297de', 'txt_hash': 'd3d626e37d0370c0a14b7e17474b6aadc291c92f33816f5bc8ea6fa33357a037'}data.
The PDF extraction data was updated.
- The report_metadata property was set to
{'pdf_file_size_bytes': 1122731, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 36, '/Author': 'Bundesamt für Sicherheit in der Informationstechnik', '/CreationDate': "D:20161230094202+01'00'", '/Creator': 'Writer', '/Keywords': '"Common Criteria, Certification, Zertifizierung, Giesecke & Devrient GmbH, G&D, StarCOS, nPA, Personalausweis"', '/ModDate': "D:20161230111155+01'00'", '/Producer': 'LibreOffice 4.2', '/Subject': 'Common Criteria Certification', '/Title': 'Certification Report BSI-DSZ-CC-0952-V2-2016', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://www.bsi.bund.de/zertifizierungsreporte', 'https://www.bsi.bund.de/zertifizierung', 'http://www.beuth.de/', 'http://www.sogisportal.eu/', 'http://www.commoncriteriaportal.org/', 'https://www.bsi.bund.de/', 'https://standards.cen.eu/', 'https://www.bsi.bund.de/AIS']}}. - The st_metadata property was set to
{'pdf_file_size_bytes': 2002351, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 133, '/Title': 'Security Target Lite', '/Author': 'eij', '/Subject': 'STARCOS 3.5 ID GCC C3', '/Keywords': 'Common Criteria, Certification, Zertifizierung, Giesecke & Devrient GmbH, G&D, StarCOS, nPA, Personalausweis, eID, electronic identity, eGovernment, eIDAS, QES, qualified electronic signature, travel document, passport', '/Creator': 'Microsoft® Word 2010', '/CreationDate': "D:20161216094745+01'00'", '/ModDate': "D:20161216094745+01'00'", '/Producer': 'Microsoft® Word 2010', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}. - The report_frontpage property was set to
{'DE': {'match_rules': ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)'], 'cert_id': 'BSI-DSZ-CC-0952-V2-2016', 'cert_item': 'STARCOS 3.5 ID GCC C3', 'developer': 'Giesecke & Devrient GmbH', 'cert_lab': 'BSI', 'ref_protection_profiles': 'Common Criteria Protection Profile Electronic Identity Card (ID_Card PP), Version 1.03, 15 December 2009, BSI-CC-PP-0061-2009 (**) and in accordance with BSI Technische Richtlinie BSI-TR-03116-2, 2016', 'cc_version': 'PP conformant Common Criteria Part 2 extended', 'cc_security_level': 'Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2, ATE_DPT.2 and AVA_VAN.5 The IT Product identified in this certificate has been evaluated at an approved evaluation facility using the Common Methodology for IT Security Evaluation (CEM), Version 3.1 extended by Scheme Interpretations, by advice of the Certification Body for components beyond EAL 5 and CC Supporting Documents as listed in the Certification Report for conformance to the Common Criteria for IT Security Evaluation (CC), Version 3.1. CC and CEM are also published as ISO/IEC 15408 and ISO/IEC 18045. (*) This certificate applies only to the specific version and release of the product in its evaluated configuration and in conjunction with the complete Certification Report and Notification. For details on the validity see Certification Report part A chapter 4 (**'}}. - The report_keywords property was set to
{'cc_cert_id': {'DE': {'BSI-DSZ-CC-0952-V2-2016': 21, 'BSI-DSZ-CC-0952-2014': 4, 'BSI-DSZ-CC-0829-V2-2015': 4, 'BSI-DSZ-CC-0829-V2-2015-MA-01': 1, 'BSI-DSZ-CC-S-0070-2016': 2, 'BSI-DSZ-CC-S-0057-2015': 2, 'BSI-DSZ-CC-S-0062-2016': 2, 'BSI-DSZ-CC-S-0053-2016': 2}}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0061-2009': 4, 'BSI-CC-PP-0059-2009-MA-02': 3}}, 'cc_security_level': {'EAL': {'EAL 4': 13, 'EAL 5': 8, 'EAL 1': 7, 'EAL 2': 4, 'EAL 5+': 1, 'EAL 6': 4, 'EAL 3': 4, 'EAL 7': 4, 'EAL 4 augmented': 3}, 'ITSEC': {'ITSEC Evaluation': 1}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 1, 'ADV_FSP.1': 1, 'ADV_FSP.2': 1, 'ADV_FSP.3': 1, 'ADV_FSP.4': 1, 'ADV_FSP.5': 1, 'ADV_FSP.6': 1, 'ADV_IMP.1': 1, 'ADV_IMP.2': 1, 'ADV_INT.1': 1, 'ADV_INT.2': 1, 'ADV_INT.3': 1, 'ADV_SPM.1': 1, 'ADV_TDS.1': 1, 'ADV_TDS.2': 1, 'ADV_TDS.3': 1, 'ADV_TDS.4': 1, 'ADV_TDS.5': 1, 'ADV_TDS.6': 1, 'ADV_ARC': 1, 'ADV_FSP': 1, 'ADV_IMP': 1, 'ADV_INT': 1, 'ADV_SPM': 1, 'ADV_TDS': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1, 'AGD_OPE': 1, 'AGD_PRE': 1}, 'ALC': {'ALC_DVS.2': 7, 'ALC_FLR': 3, 'ALC_CMC.1': 1, 'ALC_CMC.2': 1, 'ALC_CMC.3': 1, 'ALC_CMC.4': 2, 'ALC_CMC.5': 1, 'ALC_CMS.1': 1, 'ALC_CMS.2': 1, 'ALC_CMS.3': 1, 'ALC_CMS.4': 2, 'ALC_CMS.5': 1, 'ALC_DEL.1': 2, 'ALC_DVS.1': 1, 'ALC_FLR.1': 1, 'ALC_FLR.2': 1, 'ALC_FLR.3': 1, 'ALC_LCD.1': 2, 'ALC_LCD.2': 1, 'ALC_TAT.1': 2, 'ALC_TAT.2': 1, 'ALC_TAT.3': 1, 'ALC_CMC': 1, 'ALC_CMS': 1, 'ALC_DEL': 1, 'ALC_DVS': 1, 'ALC_TAT': 1}, 'ATE': {'ATE_DPT.2': 6, 'ATE_COV.1': 1, 'ATE_COV.2': 1, 'ATE_COV.3': 1, 'ATE_DPT.1': 1, 'ATE_DPT.3': 1, 'ATE_DPT.4': 1, 'ATE_FUN.1': 1, 'ATE_FUN.2': 1, 'ATE_IND.1': 1, 'ATE_IND.2': 1, 'ATE_IND.3': 1, 'ATE_COV': 1, 'ATE_DPT': 1, 'ATE_FUN': 1, 'ATE_IND': 1}, 'AVA': {'AVA_VAN.5': 6, 'AVA_VAN.1': 1, 'AVA_VAN.2': 1, 'AVA_VAN.3': 1, 'AVA_VAN.4': 1, 'AVA_VAN': 2}, 'APE': {'APE_INT.1': 1, 'APE_CCL.1': 1, 'APE_SPD.1': 1, 'APE_OBJ.1': 1, 'APE_OBJ.2': 1, 'APE_ECD.1': 1, 'APE_REQ.1': 1, 'APE_REQ.2': 1}, 'ASE': {'ASE_INT.1': 1, 'ASE_CCL.1': 1, 'ASE_SPD.1': 1, 'ASE_OBJ.1': 1, 'ASE_OBJ.2': 1, 'ASE_ECD.1': 1, 'ASE_REQ.1': 1, 'ASE_REQ.2': 1, 'ASE_TSS.1': 1, 'ASE_TSS.2': 1, 'ASE_CCL': 1, 'ASE_ECD': 1, 'ASE_INT': 1, 'ASE_OBJ': 1, 'ASE_SPD': 1, 'ASE_TSS': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {'Infineon': {'Infineon Technologies': 1, 'Infineon': 4}, 'GD': {'Giesecke & Devrient': 17, 'G&D': 1}}, 'eval_facility': {'TUV': {'TÜV Informationstechnik': 1}, 'SRC': {'SRC Security Research & Consulting': 3}}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 2}}}, 'asymmetric_crypto': {'ECC': {'ECC': {'ECC': 3}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA-2': 2}}}, 'crypto_scheme': {}, 'crypto_protocol': {'PACE': {'PACE': 3}}, 'randomness': {'RNG': {'RNG': 1}}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {'Infineon': {'v1.02.013': 4}}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'side channel': 1}, 'FI': {'physical tampering': 1, 'fault injection': 1, 'Fault Injection': 1}, 'other': {'JIL': 4}}, 'technical_report_id': {'BSI': {'BSI 7148': 1, 'BSI 22': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {'STARCOS': {'STARCOS 3': 27}}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'BSI': {'AIS 34': 2, 'AIS 36': 4, 'AIS 25': 2, 'AIS 26': 2, 'AIS 31': 2, 'AIS 35': 2, 'AIS 20': 1, 'AIS 32': 1, 'AIS 38': 1}, 'ISO': {'ISO/IEC 15408': 6, 'ISO/IEC 18045': 6, 'ISO/IEC 17065': 2}, 'ICAO': {'ICAO': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'ConfidentialDocument': {'being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification': 1, 'Version 1.10, 06.12.2016, STARCOS 3.5 ID GCC C3 Security Target, Giesecke & Devrient GmbH (confidential document) [7] Common Criteria Protection Profile Electronic Identity Card (ID_Card PP), Version 1.03, 15': 1, 'Evaluation Technical Report (ETR) STARCOS 3.5 ID GCC C3, SRC Security Research & Consulting GmbH (confidential document) 10 specifically • AIS 20, Version 3, Funktionalitätsklassen und Evaluationsmethodologie für': 1, 'M7820 A11, Version 5, 16.07.2015, TÜV Informationstechnik GmbH, Evaluation Body for IT Security (confidential document) [11] STARCOS 3.5 ID GCC C2 Configuration 1, Application Specification, Version 1.0, 14.03.2013': 1, 'Version 1.2, 06.12.2016, Konfigurationsliste von STARCOS 3.5 ID GCC C3, Giesecke & Devrient GmbH (confidential document) [30] BSI-CC-PP-0059-2009-MA-02, Common Criteria Protection Profile: EN 419211-2:2013 - Protection': 1}}}. - The st_keywords property was set to
{'cc_cert_id': {'DE': {'BSI-DSZ-CC-0829-V2-2015-MA-01': 1}}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0061': 2, 'BSI-PP-0056': 2, 'BSI-CC-PP-0059-2009-MA-02': 2, 'BSI-PP-0055': 1, 'BSI-CC-PP- 0084-2014': 1}}, 'cc_security_level': {'EAL': {'EAL5+': 1, 'EAL4': 13, 'EAL 4': 2, 'EAL 5': 2, 'EAL4 augmented': 3}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 4, 'ADV_TDS.3': 2, 'ADV_FSP.4': 1, 'ADV_IMP.1': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1}, 'ALC': {'ALC_DVS.2': 9, 'ALC_DVS.1': 1}, 'ATE': {'ATE_DPT.2': 9, 'ATE_DPT.1': 2, 'ATE_FUN.1': 1}, 'AVA': {'AVA_VAN.5': 8}, 'APE': {'APE_ECD': 1}, 'ASE': {'ASE_ECD': 1}}, 'cc_sfr': {'FAU': {'FAU_SAS': 5, 'FAU_GEN': 1, 'FAU_SAS.1': 18, 'FAU_SAS.1.1': 2}, 'FCS': {'FCS_RND': 7, 'FCS_RND.1': 12, 'FCS_CKM.1': 16, 'FCS_RND.1.1': 2, 'FCS_COP': 55, 'FCS_CKM': 52, 'FCS_CKM.2': 4, 'FCS_COP.1': 11, 'FCS_CKM.4': 20, 'FCS_RNG.1': 4}, 'FDP': {'FDP_ACF': 23, 'FDP_RIP': 4, 'FDP_SDI': 14, 'FDP_ITC.1': 7, 'FDP_ITC.2': 8, 'FDP_RIP.1': 13, 'FDP_ACC': 16, 'FDP_ACF.1': 21, 'FDP_ACC.1.1': 1, 'FDP_ACC.1': 12, 'FDP_SDI.1': 3, 'FDP_IFC.1': 5, 'FDP_SDI.2': 4, 'FDP_ITT.1': 1}, 'FIA': {'FIA_API': 20, 'FIA_SOS.2': 1, 'FIA_API.1': 4, 'FIA_API.1.1': 3, 'FIA_UAU': 45, 'FIA_UID': 25, 'FIA_AFL': 33, 'FIA_UIA': 1, 'FIA_UAU.4': 6, 'FIA_UAU.5': 13, 'FIA_UAU.6': 7, 'FIA_UAU.1': 8, 'FIA_AFL.1': 6, 'FIA_UID.1': 9, 'FIA_UAU.4.1': 1}, 'FMT': {'FMT_LIM': 14, 'FMT_LIM.1': 16, 'FMT_LIM.2': 15, 'FMT_LIM.1.1': 2, 'FMT_LIM.2.1': 2, 'FMT_SMR': 5, 'FMT_MTD': 86, 'FMT_MTD.3': 9, 'FMT_MSA.3': 6, 'FMT_MSA.1': 4, 'FMT_SMF.1': 37, 'FMT_SMR.1': 29, 'FMT_SMF': 5, 'FMT_MTD.1': 4, 'FMT_MTD.1.1': 1, 'FMT_MOF': 3, 'FMT_MSA': 15}, 'FPT': {'FPT_TST.1': 15, 'FPT_FLS.1': 13, 'FPT_PHP.3': 14, 'FPT_FLS': 3, 'FPT_FLS.1.1': 1, 'FPT_TST.1.3': 1, 'FPT_PHP': 6, 'FPT_TST': 2, 'FPT_PHP.1': 5, 'FPT_TST.2': 3, 'FPT_ITT.1': 1}, 'FRU': {'FRU_FLT.2': 4}, 'FTP': {'FTP_ITC': 23, 'FTP_ITC.1': 6}}, 'cc_claims': {'O': {'O.RND': 3, 'O.MEM_ACCESS': 1}, 'T': {'T.RND': 3}, 'A': {'A.CGA': 2, 'A.SCA': 2}, 'OE': {'OE.CGA_SSCD': 3, 'OE.CGA_TC_SVD': 2, 'OE.HID_TC_VAD': 1, 'OE.SCA_TC_DTBS': 1, 'OE.HID_VAD': 2}}, 'vendor': {'Infineon': {'Infineon': 3, 'Infineon Technologies AG': 1}, 'GD': {'Giesecke & Devrient': 7}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 19}}, 'DES': {'DES': {'DES': 1}, '3DES': {'Triple-DES': 6}}, 'constructions': {'MAC': {'KMAC': 4, 'CMAC': 8}}}, 'asymmetric_crypto': {'ECC': {'ECDH': {'ECDH': 7}, 'ECDSA': {'ECDSA': 5}, 'ECC': {'ECC': 1}}, 'FF': {'DH': {'Diffie-Hellman': 8, 'DH': 2}, 'DSA': {'DSA': 1}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 5}, 'SHA2': {'SHA-224': 2, 'SHA-256': 5, 'SHA-384': 3, 'SHA-512': 3, 'SHA-2': 1}}}, 'crypto_scheme': {'MAC': {'MAC': 3}, 'KA': {'Key Agreement': 3}}, 'crypto_protocol': {'PACE': {'PACE': 94}}, 'randomness': {'TRNG': {'TRNG': 1}, 'RNG': {'RNG': 8, 'RND': 6}}, 'cipher_mode': {'CBC': {'CBC': 3}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {'Infineon': {'v1.02.013': 2}}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'Leak-Inherent': 6, 'physical probing': 3, 'DPA': 2, 'SPA': 1, 'timing attacks': 1}, 'FI': {'Physical Tampering': 4, 'Physical tampering': 2, 'physical tampering': 7, 'Malfunction': 14, 'malfunction': 6, 'fault injection': 1}, 'other': {'reverse engineering': 1}}, 'technical_report_id': {'BSI': {'BSI TR-03110': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {'STARCOS': {'STARCOS 3': 148}}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 180-2': 1, 'FIPS 197': 1, 'FIPS PUB 180-2': 1}, 'PKCS': {'PKCS#3': 3}, 'BSI': {'AIS20': 1, 'AIS 31': 1, 'AIS 20': 1}, 'RFC': {'RFC3369': 2, 'RFC 5639': 5}, 'ISO': {'ISO/IEC 7816-2': 1, 'ISO/IEC 14443': 2, 'ISO/IEC 7816-4': 1}, 'ICAO': {'ICAO': 4}, 'CC': {'CCMB-2009-07-001': 1, 'CCMB-2009-07-002': 1, 'CCMB-2009-07-003': 1, 'CCMB-2009-07-004': 1, 'CCMB-2012-09-001': 1, 'CCMB-2012-09-002': 1, 'CCMB-2012-09-003': 1, 'CCMB-2012-09-004': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 1, 'to the plastic Identity Card is achieved by physical and organisational security measures being out of scope of the current ST. The TOE shall comprise at least a) the circuitry of the contactless chip incl': 1}}}. - The report_filename property was set to
0952V2a_pdf.pdf. - The st_filename property was set to
0952V2b_pdf.pdf.
The computed heuristics were updated.
- The cert_lab property was set to
['BSI']. - The cert_id property was set to
BSI-DSZ-CC-0952-V2-2016. - The report_references property was updated, with the
{'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0829-V2-2015', 'BSI-DSZ-CC-0952-2014']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0952-2014', 'BSI-DSZ-CC-0751-2013', 'BSI-DSZ-CC-0829-V2-2015', 'BSI-DSZ-CC-0640-2010', 'BSI-DSZ-CC-0728-2011', 'BSI-DSZ-CC-0829-2012', 'BSI-DSZ-CC-0813-2012']}}data. - The extracted_sars property was updated, with the
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_INT', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_SPM', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}]}values added.
- The report property was updated, with the
-
17.08.2024 The certificate data changed.
Certificate changed
The report_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0952V2a_pdf.pdf.
The st_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0952V2b_pdf.pdf.
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}data.
The PDF extraction data was updated.
- The report_metadata property was set to
None. - The report_frontpage property was set to
None. - The report_keywords property was set to
None. - The report_filename property was set to
None.
The computed heuristics were updated.
- The cert_lab property was set to
None. - The cert_id property was set to
None. - The report_references property was updated, with the
{'directly_referencing': None, 'indirectly_referencing': None}data. - The extracted_sars property was updated, with the
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 6}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 6}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_INT', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_SPM', 'level': 1}]}values discarded.
- The new value is
-
12.08.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The st property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}data.
The PDF extraction data was updated.
- The st_metadata property was set to
None. - The st_keywords property was set to
None. - The st_filename property was set to
None.
The computed heuristics were updated.
- The extracted_sars property was updated, with the
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 6}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 6}]}values added.
- The st property was updated, with the
-
23.07.2024 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name STARCOS 3.5 ID GCC C3 was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "ICs, Smart Cards and Smart Card-Related Devices and Systems",
"cert_link": null,
"dgst": "aaa5c2239e7c1d9e",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "BSI-DSZ-CC-0952-V2-2016",
"cert_lab": [
"BSI"
],
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "APE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "APE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_INT",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "APE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "APE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DVS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "APE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "APE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_SPM",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"3.5"
]
},
"indirect_transitive_cves": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0952-2014",
"BSI-DSZ-CC-0829-V2-2015"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0952-2014",
"BSI-DSZ-CC-0728-2011",
"BSI-DSZ-CC-0751-2013",
"BSI-DSZ-CC-0829-V2-2015",
"BSI-DSZ-CC-0813-2012",
"BSI-DSZ-CC-0640-2010",
"BSI-DSZ-CC-0829-2012"
]
}
},
"scheme_data": null,
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.cc.CCCertificate.MaintenanceReport",
"maintenance_date": "2018-02-23",
"maintenance_report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0952V2ma1a_pdf.pdf",
"maintenance_st_link": null,
"maintenance_title": "STARCOS 3.5 ID GCC C3"
}
]
},
"manufacturer": "G+D Mobile Security GmbH",
"manufacturer_web": "https://www.gi-de.com/de/de/mobile-security/",
"name": "STARCOS 3.5 ID GCC C3",
"not_valid_after": "2021-12-16",
"not_valid_before": "2016-12-16",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": null,
"cert_frontpage": null,
"cert_keywords": null,
"cert_metadata": null,
"report_filename": "0952V2a_pdf.pdf",
"report_frontpage": {
"DE": {
"cc_security_level": "Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2, ATE_DPT.2 and AVA_VAN.5 The IT Product identified in this certificate has been evaluated at an approved evaluation facility using the Common Methodology for IT Security Evaluation (CEM), Version 3.1 extended by Scheme Interpretations, by advice of the Certification Body for components beyond EAL 5 and CC Supporting Documents as listed in the Certification Report for conformance to the Common Criteria for IT Security Evaluation (CC), Version 3.1. CC and CEM are also published as ISO/IEC 15408 and ISO/IEC 18045. (*) This certificate applies only to the specific version and release of the product in its evaluated configuration and in conjunction with the complete Certification Report and Notification. For details on the validity see Certification Report part A chapter 4 (**",
"cc_version": "PP conformant Common Criteria Part 2 extended",
"cert_id": "BSI-DSZ-CC-0952-V2-2016",
"cert_item": "STARCOS 3.5 ID GCC C3",
"cert_lab": "BSI",
"developer": "Giesecke \u0026 Devrient GmbH",
"match_rules": [
"(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
],
"ref_protection_profiles": "Common Criteria Protection Profile Electronic Identity Card (ID_Card PP), Version 1.03, 15 December 2009, BSI-CC-PP-0061-2009 (**) and in accordance with BSI Technische Richtlinie BSI-TR-03116-2, 2016"
}
},
"report_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 3
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-0829-V2-2015": 4,
"BSI-DSZ-CC-0829-V2-2015-MA-01": 1,
"BSI-DSZ-CC-0952-2014": 4,
"BSI-DSZ-CC-0952-V2-2016": 21,
"BSI-DSZ-CC-S-0053-2016": 2,
"BSI-DSZ-CC-S-0057-2015": 2,
"BSI-DSZ-CC-S-0062-2016": 2,
"BSI-DSZ-CC-S-0070-2016": 2
}
},
"cc_claims": {},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0059-2009-MA-02": 3,
"BSI-CC-PP-0061-2009": 4
}
},
"cc_sar": {
"ADV": {
"ADV_ARC": 1,
"ADV_ARC.1": 1,
"ADV_FSP": 1,
"ADV_FSP.1": 1,
"ADV_FSP.2": 1,
"ADV_FSP.3": 1,
"ADV_FSP.4": 1,
"ADV_FSP.5": 1,
"ADV_FSP.6": 1,
"ADV_IMP": 1,
"ADV_IMP.1": 1,
"ADV_IMP.2": 1,
"ADV_INT": 1,
"ADV_INT.1": 1,
"ADV_INT.2": 1,
"ADV_INT.3": 1,
"ADV_SPM": 1,
"ADV_SPM.1": 1,
"ADV_TDS": 1,
"ADV_TDS.1": 1,
"ADV_TDS.2": 1,
"ADV_TDS.3": 1,
"ADV_TDS.4": 1,
"ADV_TDS.5": 1,
"ADV_TDS.6": 1
},
"AGD": {
"AGD_OPE": 1,
"AGD_OPE.1": 1,
"AGD_PRE": 1,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_CMC": 1,
"ALC_CMC.1": 1,
"ALC_CMC.2": 1,
"ALC_CMC.3": 1,
"ALC_CMC.4": 2,
"ALC_CMC.5": 1,
"ALC_CMS": 1,
"ALC_CMS.1": 1,
"ALC_CMS.2": 1,
"ALC_CMS.3": 1,
"ALC_CMS.4": 2,
"ALC_CMS.5": 1,
"ALC_DEL": 1,
"ALC_DEL.1": 2,
"ALC_DVS": 1,
"ALC_DVS.1": 1,
"ALC_DVS.2": 7,
"ALC_FLR": 3,
"ALC_FLR.1": 1,
"ALC_FLR.2": 1,
"ALC_FLR.3": 1,
"ALC_LCD.1": 2,
"ALC_LCD.2": 1,
"ALC_TAT": 1,
"ALC_TAT.1": 2,
"ALC_TAT.2": 1,
"ALC_TAT.3": 1
},
"APE": {
"APE_CCL.1": 1,
"APE_ECD.1": 1,
"APE_INT.1": 1,
"APE_OBJ.1": 1,
"APE_OBJ.2": 1,
"APE_REQ.1": 1,
"APE_REQ.2": 1,
"APE_SPD.1": 1
},
"ASE": {
"ASE_CCL": 1,
"ASE_CCL.1": 1,
"ASE_ECD": 1,
"ASE_ECD.1": 1,
"ASE_INT": 1,
"ASE_INT.1": 1,
"ASE_OBJ": 1,
"ASE_OBJ.1": 1,
"ASE_OBJ.2": 1,
"ASE_REQ.1": 1,
"ASE_REQ.2": 1,
"ASE_SPD": 1,
"ASE_SPD.1": 1,
"ASE_TSS": 1,
"ASE_TSS.1": 1,
"ASE_TSS.2": 1
},
"ATE": {
"ATE_COV": 1,
"ATE_COV.1": 1,
"ATE_COV.2": 1,
"ATE_COV.3": 1,
"ATE_DPT": 1,
"ATE_DPT.1": 1,
"ATE_DPT.2": 6,
"ATE_DPT.3": 1,
"ATE_DPT.4": 1,
"ATE_FUN": 1,
"ATE_FUN.1": 1,
"ATE_FUN.2": 1,
"ATE_IND": 1,
"ATE_IND.1": 1,
"ATE_IND.2": 1,
"ATE_IND.3": 1
},
"AVA": {
"AVA_VAN": 2,
"AVA_VAN.1": 1,
"AVA_VAN.2": 1,
"AVA_VAN.3": 1,
"AVA_VAN.4": 1,
"AVA_VAN.5": 6
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 7,
"EAL 2": 4,
"EAL 3": 4,
"EAL 4": 13,
"EAL 4 augmented": 3,
"EAL 5": 8,
"EAL 5+": 1,
"EAL 6": 4,
"EAL 7": 4
},
"ITSEC": {
"ITSEC Evaluation": 1
}
},
"cc_sfr": {},
"certification_process": {
"ConfidentialDocument": {
"Evaluation Technical Report (ETR) STARCOS 3.5 ID GCC C3, SRC Security Research \u0026 Consulting GmbH (confidential document) 10 specifically \u2022 AIS 20, Version 3, Funktionalit\u00e4tsklassen und Evaluationsmethodologie f\u00fcr": 1,
"M7820 A11, Version 5, 16.07.2015, T\u00dcV Informationstechnik GmbH, Evaluation Body for IT Security (confidential document) [11] STARCOS 3.5 ID GCC C2 Configuration 1, Application Specification, Version 1.0, 14.03.2013": 1,
"Version 1.10, 06.12.2016, STARCOS 3.5 ID GCC C3 Security Target, Giesecke \u0026 Devrient GmbH (confidential document) [7] Common Criteria Protection Profile Electronic Identity Card (ID_Card PP), Version 1.03, 15": 1,
"Version 1.2, 06.12.2016, Konfigurationsliste von STARCOS 3.5 ID GCC C3, Giesecke \u0026 Devrient GmbH (confidential document) [30] BSI-CC-PP-0059-2009-MA-02, Common Criteria Protection Profile: EN 419211-2:2013 - Protection": 1,
"being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1
}
},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"Infineon": {
"v1.02.013": 4
}
},
"crypto_protocol": {
"PACE": {
"PACE": 3
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"SRC": {
"SRC Security Research \u0026 Consulting": 3
},
"TUV": {
"T\u00dcV Informationstechnik": 1
}
},
"hash_function": {
"SHA": {
"SHA2": {
"SHA-2": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {
"STARCOS": {
"STARCOS 3": 27
}
},
"pq_crypto": {},
"randomness": {
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {
"FI": {
"Fault Injection": 1,
"fault injection": 1,
"physical tampering": 1
},
"SCA": {
"side channel": 1
},
"other": {
"JIL": 4
}
},
"standard_id": {
"BSI": {
"AIS 20": 1,
"AIS 25": 2,
"AIS 26": 2,
"AIS 31": 2,
"AIS 32": 1,
"AIS 34": 2,
"AIS 35": 2,
"AIS 36": 4,
"AIS 38": 1
},
"ICAO": {
"ICAO": 2
},
"ISO": {
"ISO/IEC 15408": 6,
"ISO/IEC 17065": 2,
"ISO/IEC 18045": 6
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 2
}
}
},
"technical_report_id": {
"BSI": {
"BSI 22": 1,
"BSI 7148": 1
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"GD": {
"G\u0026D": 1,
"Giesecke \u0026 Devrient": 17
},
"Infineon": {
"Infineon": 4,
"Infineon Technologies": 1
}
},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"/CreationDate": "D:20161230094202+01\u002700\u0027",
"/Creator": "Writer",
"/Keywords": "\"Common Criteria, Certification, Zertifizierung, Giesecke \u0026 Devrient GmbH, G\u0026D, StarCOS, nPA, Personalausweis\"",
"/ModDate": "D:20161230111155+01\u002700\u0027",
"/Producer": "LibreOffice 4.2",
"/Subject": "Common Criteria Certification",
"/Title": "Certification Report BSI-DSZ-CC-0952-V2-2016",
"pdf_file_size_bytes": 1122731,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.bsi.bund.de/AIS",
"http://www.commoncriteriaportal.org/",
"https://www.bsi.bund.de/",
"http://www.sogisportal.eu/",
"https://standards.cen.eu/",
"https://www.bsi.bund.de/zertifizierungsreporte",
"http://www.beuth.de/",
"https://www.bsi.bund.de/zertifizierung"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 36
},
"st_filename": "0952V2b_pdf.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
},
"ECDH": {
"ECDH": 7
},
"ECDSA": {
"ECDSA": 5
}
},
"FF": {
"DH": {
"DH": 2,
"Diffie-Hellman": 8
},
"DSA": {
"DSA": 1
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-0829-V2-2015-MA-01": 1
}
},
"cc_claims": {
"A": {
"A.CGA": 2,
"A.SCA": 2
},
"O": {
"O.MEM_ACCESS": 1,
"O.RND": 3
},
"OE": {
"OE.CGA_SSCD": 3,
"OE.CGA_TC_SVD": 2,
"OE.HID_TC_VAD": 1,
"OE.HID_VAD": 2,
"OE.SCA_TC_DTBS": 1
},
"T": {
"T.RND": 3
}
},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP- 0084-2014": 1,
"BSI-CC-PP-0059-2009-MA-02": 2,
"BSI-CC-PP-0061": 2,
"BSI-PP-0055": 1,
"BSI-PP-0056": 2
}
},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 4,
"ADV_FSP.4": 1,
"ADV_IMP.1": 1,
"ADV_TDS.3": 2
},
"AGD": {
"AGD_OPE.1": 1,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_DVS.1": 1,
"ALC_DVS.2": 9
},
"APE": {
"APE_ECD": 1
},
"ASE": {
"ASE_ECD": 1
},
"ATE": {
"ATE_DPT.1": 2,
"ATE_DPT.2": 9,
"ATE_FUN.1": 1
},
"AVA": {
"AVA_VAN.5": 8
}
},
"cc_security_level": {
"EAL": {
"EAL 4": 2,
"EAL 5": 2,
"EAL4": 13,
"EAL4 augmented": 3,
"EAL5+": 1
}
},
"cc_sfr": {
"FAU": {
"FAU_GEN": 1,
"FAU_SAS": 5,
"FAU_SAS.1": 18,
"FAU_SAS.1.1": 2
},
"FCS": {
"FCS_CKM": 52,
"FCS_CKM.1": 16,
"FCS_CKM.2": 4,
"FCS_CKM.4": 20,
"FCS_COP": 55,
"FCS_COP.1": 11,
"FCS_RND": 7,
"FCS_RND.1": 12,
"FCS_RND.1.1": 2,
"FCS_RNG.1": 4
},
"FDP": {
"FDP_ACC": 16,
"FDP_ACC.1": 12,
"FDP_ACC.1.1": 1,
"FDP_ACF": 23,
"FDP_ACF.1": 21,
"FDP_IFC.1": 5,
"FDP_ITC.1": 7,
"FDP_ITC.2": 8,
"FDP_ITT.1": 1,
"FDP_RIP": 4,
"FDP_RIP.1": 13,
"FDP_SDI": 14,
"FDP_SDI.1": 3,
"FDP_SDI.2": 4
},
"FIA": {
"FIA_AFL": 33,
"FIA_AFL.1": 6,
"FIA_API": 20,
"FIA_API.1": 4,
"FIA_API.1.1": 3,
"FIA_SOS.2": 1,
"FIA_UAU": 45,
"FIA_UAU.1": 8,
"FIA_UAU.4": 6,
"FIA_UAU.4.1": 1,
"FIA_UAU.5": 13,
"FIA_UAU.6": 7,
"FIA_UIA": 1,
"FIA_UID": 25,
"FIA_UID.1": 9
},
"FMT": {
"FMT_LIM": 14,
"FMT_LIM.1": 16,
"FMT_LIM.1.1": 2,
"FMT_LIM.2": 15,
"FMT_LIM.2.1": 2,
"FMT_MOF": 3,
"FMT_MSA": 15,
"FMT_MSA.1": 4,
"FMT_MSA.3": 6,
"FMT_MTD": 86,
"FMT_MTD.1": 4,
"FMT_MTD.1.1": 1,
"FMT_MTD.3": 9,
"FMT_SMF": 5,
"FMT_SMF.1": 37,
"FMT_SMR": 5,
"FMT_SMR.1": 29
},
"FPT": {
"FPT_FLS": 3,
"FPT_FLS.1": 13,
"FPT_FLS.1.1": 1,
"FPT_ITT.1": 1,
"FPT_PHP": 6,
"FPT_PHP.1": 5,
"FPT_PHP.3": 14,
"FPT_TST": 2,
"FPT_TST.1": 15,
"FPT_TST.1.3": 1,
"FPT_TST.2": 3
},
"FRU": {
"FRU_FLT.2": 4
},
"FTP": {
"FTP_ITC": 23,
"FTP_ITC.1": 6
}
},
"certification_process": {
"OutOfScope": {
"out of scope": 1,
"to the plastic Identity Card is achieved by physical and organisational security measures being out of scope of the current ST. The TOE shall comprise at least a) the circuitry of the contactless chip incl": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 3
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"Infineon": {
"v1.02.013": 2
}
},
"crypto_protocol": {
"PACE": {
"PACE": 94
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 3
},
"MAC": {
"MAC": 3
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 5
},
"SHA2": {
"SHA-2": 1,
"SHA-224": 2,
"SHA-256": 5,
"SHA-384": 3,
"SHA-512": 3
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {
"STARCOS": {
"STARCOS 3": 148
}
},
"pq_crypto": {},
"randomness": {
"RNG": {
"RND": 6,
"RNG": 8
},
"TRNG": {
"TRNG": 1
}
},
"side_channel_analysis": {
"FI": {
"Malfunction": 14,
"Physical Tampering": 4,
"Physical tampering": 2,
"fault injection": 1,
"malfunction": 6,
"physical tampering": 7
},
"SCA": {
"DPA": 2,
"Leak-Inherent": 6,
"SPA": 1,
"physical probing": 3,
"timing attacks": 1
},
"other": {
"reverse engineering": 1
}
},
"standard_id": {
"BSI": {
"AIS 20": 1,
"AIS 31": 1,
"AIS20": 1
},
"CC": {
"CCMB-2009-07-001": 1,
"CCMB-2009-07-002": 1,
"CCMB-2009-07-003": 1,
"CCMB-2009-07-004": 1,
"CCMB-2012-09-001": 1,
"CCMB-2012-09-002": 1,
"CCMB-2012-09-003": 1,
"CCMB-2012-09-004": 1
},
"FIPS": {
"FIPS 180-2": 1,
"FIPS 197": 1,
"FIPS PUB 180-2": 1
},
"ICAO": {
"ICAO": 4
},
"ISO": {
"ISO/IEC 14443": 2,
"ISO/IEC 7816-2": 1,
"ISO/IEC 7816-4": 1
},
"PKCS": {
"PKCS#3": 3
},
"RFC": {
"RFC 5639": 5,
"RFC3369": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 19
}
},
"DES": {
"3DES": {
"Triple-DES": 6
},
"DES": {
"DES": 1
}
},
"constructions": {
"MAC": {
"CMAC": 8,
"KMAC": 4
}
}
},
"technical_report_id": {
"BSI": {
"BSI TR-03110": 1
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"GD": {
"Giesecke \u0026 Devrient": 7
},
"Infineon": {
"Infineon": 3,
"Infineon Technologies AG": 1
}
},
"vulnerability": {}
},
"st_metadata": {
"/Author": "eij",
"/CreationDate": "D:20161216094745+01\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2010",
"/Keywords": "Common Criteria, Certification, Zertifizierung, Giesecke \u0026 Devrient GmbH, G\u0026D, StarCOS, nPA, Personalausweis, eID, electronic identity, eGovernment, eIDAS, QES, qualified electronic signature, travel document, passport",
"/ModDate": "D:20161216094745+01\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2010",
"/Subject": "STARCOS 3.5 ID GCC C3",
"/Title": "Security Target Lite",
"pdf_file_size_bytes": 2002351,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 133
}
},
"protection_profiles": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.protection_profile.ProtectionProfile",
"pp_eal": null,
"pp_ids": null,
"pp_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0061b_pdf.pdf",
"pp_name": "Electronic Identity Card (ID_Card PP), Version 1.03"
}
]
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0952V2a_pdf.pdf",
"scheme": "DE",
"security_level": {
"_type": "Set",
"elements": [
"EAL4+",
"ALC_DVS.2",
"AVA_VAN.5",
"ATE_DPT.2"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0952V2b_pdf.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": false,
"download_ok": false,
"extract_ok": false,
"pdf_hash": null,
"txt_hash": null
},
"report": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "9481f0852e4440d1c67981cb6077ce505467d2369bfe6933db362cc0e070f3c0",
"txt_hash": "b2968cd05c1f7edd754824059df661497ed39640d3e2e7ddb0c488ba7910b0ec"
},
"st": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "8d976902a8c76c719b17d43ee133d4bdae8d4c073f056ca4b7b73dfa37d297de",
"txt_hash": "d3d626e37d0370c0a14b7e17474b6aadc291c92f33816f5bc8ea6fa33357a037"
}
},
"status": "archived"
}