COMMON CRITERIA RECOGNITION ARRANGEMENT FOR COMPONENTS UP TO EAL4 Certification Report EAL 4+ (ALC_DVS.2) Evaluation of TÜBİTAK BİLGEM UEKAE SMART CARD OPERATING SYSTEM (AKiS) V 1.4N PASSPORT AKILLI KART İŞLETİM SİSTEMİ (AKiS) V1.4N PASAPORT issued by Turkish Standards Institution Common Criteria Certification Scheme Date : 13 July 2011 Pages : 34 Certification Report Number :14.10.01/11-211 This page left blank on purpose. ----- o ----- 3 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 3 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 TABLE OF CONTENTS: 1. INTRODUCTION..........................................................................................................................5 2. GLOSSARY....................................................................................................................................6 3. EXECUTIVE SUMMARY............................................................................................................7 4. IDENTIFICATION .....................................................................................................................17 5. SECURITY POLICY ..................................................................................................................20 6. ARCHITECTURAL INFORMATION .....................................................................................21 7. ASSUMPTIONS AND CLARIFICATION OF SCOPE ..........................................................23 8. DOCUMENTATION...................................................................................................................25 9. IT PRODUCT TESTING............................................................................................................26 10. EVALUATED CONFIGURATION.........................................................................................28 11. RESULTS OF THE EVALUATION .......................................................................................30 12. EVALUATOR COMMENTS/ RECOMMENDATIONS......................................................32 13. CERTIFICATION AUTHORITY COMMENTS/ RECOMMENDATIONS .....................32 14. SECURITY TARGET...............................................................................................................32 15. BIBLIOGRAPHY ......................................................................................................................33 16. APPENDICES............................................................................................................................34 LIST OF TABLES Table 1 – Glossary ...............................................................................................................................6 Table 2 – TOE Security Functions.....................................................................................................12 Table 3 – Threats................................................................................................................................15 Table 4 – Organizational Security Policies........................................................................................20 Table 5 – Usage Assumptions............................................................................................................23 Table 6 – Environmental Assumptions..............................................................................................24 Table 7 – Security Assurance Requirements for the TOE.................................................................30 FIGURES Figure 1 – Phases…………………………………………………………………………………....19 Figure 2 – AKiS v1.4N Operating System components and environment………………………….22 4 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 4 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 This page left blank on purpose. ----- o ----- 5 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 5 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 CERTIFICATION REPORT The Certification Report is drawn up to submit the Certification Committee the results and evaluation information upon the completion of a Common Criteria evaluation service performed under the Common Criteria Certification Scheme. Certification Report covers all non-confidential security and technical information related with a Common Criteria evaluation which is made under the PCC Common Criteria Certification Scheme. This report is issued publicly to and made available to all relevant parties for reference and use. 1. INTRODUCTION The Common Criteria Certification Scheme (CCCS) provides an evaluation and certification service to ensure the reliability of Information Security (IS) products. Evaluation and tests are conducted by a public or commercial Common Criteria Evaluation Facility (CCTL) under CCCS‟ supervision. CCEF is a facility, licensed as a result of inspections carried out by CCCS for performing tests and evaluations which will be the basis for Common Criteria certification. As a prerequisite for such certification, the CCEF has to fulfill the requirements of the standard ISO/IEC 17025 and should be accredited with respect to that standard by the Turkish Accreditation Agency (TÜRKAK), the national accreditation body in Turkey. The evaluation and tests related with the concerned product have been performed by TÜBİTAK-BİLGEM-UEKAE-OKTEM, which is a public CCTL. A Common Criteria Certificate given to a product means that such product meets the security requirements defined in its security target document that has been approved by the CCCS. The Security Target document is where requirements defining the scope of evaluation and test activities are set forth. Along with this certification report, the user of the IT product should also review the security target document in order to understand any assumptions made in the course of evaluations, the environment where the IT product will run, security requirements of the IT product and the level of assurance provided by the product. 6 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 6 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 This certification report is associated with the Common Criteria Certificate issued by the CCCS for AKILLI KART İŞLETİM SİSTEMİ (AKiS) V1.4N PASAPORT - SMART CARD OPERATING SYSTEM (AKiS) V1.4N PASSPORT whose evaluation was completed on 13.06.2011 and whose evaluation technical report was drawn up by OKTEM (as CCTL), and with the Security Target document with version no 06 of the relevant product. 2. GLOSSARY Table 1 - Glossary CCCS: Common Criteria Certification Scheme CCTL: Common Criteria Test Laboratory CCMB: Common Criteria Management Board CEM: Common Evaluation Methodology AKiS: Smart Card Operating System (Akıllı Kart İşletim Sistemi) ETR: Evaluation Technical Report IT: Information Technology OKTEM: Common Criteria Test Center (as CCTL) PCC: Product Certification Center ST: Security Target TOE: Target of Evaluation TSF: TOE Security Function TSFI: TSF Interface SFR: Security Functional Requirement TÜBİTAK: Turkish Scientific and Technological Research Council TÜRKAK: Turkish Accreditation Agency BİLGEM: Center of Research For Advanced Technologies of Informatics and Information Security UEKAE: National Electronics and Cryptology Research Institute EAL: Evaluation Assurance Level PP: Protection Profile 7 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 7 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 3. EXECUTIVE SUMMARY Evaluated IT product name: Smart Card Operating System (AKiS) v 1.4N Passport Akıllı Kart İşletim Sistemi (AKiS) v1.4N Pasaport IT Product version: V 1.4N Developer`s Name: TÜBİTAK BİLGEM UEKAE AKIS Project Group Name of CCTL : TÜBİTAK BİLGEM UEKAE OKTEM Common Criteria Test Laboratory Completion date of evaluation : 13.06.2011 Common Criteria Standard version :  Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and General Model, Version 3.1, Revision 3, July 2009  Common Criteria for Information Technology Security Evaluation, Part 2: Security Functional Components, Version 3.1, Revision 3, July 2009  Common Criteria for Information Technology Security Evaluation, Part 3: Security Assurance Components, Version 3.1, Revision 3, July 2009 Common Criteria Evaluation Method version :  Common Methodology for Information Technology Security Evaluation v3.1 rev3, July 2009 Other Mandatory Document version:  Composite product evaluation for Smart Cards and similar devices v1.0 rev 1 Sep 2007 8 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 8 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 Short summary of the Report: 1) Assurance Package : EAL 4+ (ALC_DVS.2) 2) Functionality : AKiS-Pasaport v1.4N is a smart card application which is designed to be used as Machine Readable Travel Document (MRTD). The Target of Evaluation (TOE) is the contactless integrated circuit chip of machine readable travel document (AKiS-Pasaport) programmed according to the Logical Data Structure (LDS) and providing the Basic Access Control according to „ICAO Doc 9303‟. The TOE is a composite product comprising an integrated circuit (IC) AKiS Pasaport v1.4N application with a card operating system. The TOE composes AKiS Pasaport v1.4N by combining NXP P5CD081. The integrated circuit of the MRTD‟s chip is NXP P5CD081. NXP-P5CD081 has CC EAL 5+ (AVA_VAN.5) certificate. AKiS-Pasaport v1.4N Operating System is loaded into the ROM of the NXP chip (P5CD081) during the manufacturing of the IC. The evaluation has been performed according to the composition scheme as defined in the guide 15.7 in order to assess that no weakness comes from the integration of the software in the integrated circuit already certified. Regarding Composite evaluation, smartcard specific prescription for evaluation and evaluation approach for assurance components which are not prescribed in CEM, they are based on the supporting documents.(15.7) The TOE comprises  the circuitry of the MRTD‟s chip (the integrated circuit, IC): NXP P5CD081  the IC Embedded Software (AKiS-Pasaport v1.4N OS),  the MRTD application and  the MRTD User Manual. 9 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 9 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 TOE SECURITY FUNCTIONS Cryptographic Operations 1. 3DES key generation according to Document Basic Access Control Key Derivation Algorithm with key sizes of 112 bit. 2. Hashing according to SHA-1 and SHA-256 that meets FIPS 180-2. For Basic Access Control SHA-1 is used. For active authentication manufacturer decides which algorithms will be used : SHA-1 or SHA- 256. 3. Secure messaging: encryption and decryption with 3DES algorithm in CBC mode with key sizes of 112 bits. 8 bytes zero IV, padding mode 2 is used. 4. Secure messaging: message authentication with Retail MAC with key sizes 112 bits according to ISO 9797. MAC Algorithm 3 is used with block cipher 3DES. 5. Active authentication signature generation according to ISO/IEC 9796- 2 scheme 1 with RSA algorithm RFC 3447 RSASSA-PSS key sizes 1024 to 1848 bits. 6. After each active authentication, active authentication keys are destroyed by writing 0. 7. After each BAC session both the 3DES encryption key and message authentication key are destroyed by writing 0. 8. After each initialization authentication and personalization authentication, initialization key and personalization key are destroyed by writing 0. 9. Random number generation according to ANSI X9.17, AIS20 Class K4 for key generation, authentication operations. Identification and Authentication 1. Storage of IC Identification data by the Manufacturer (with PUT DATA command) 2. The following data can be read before identification and authentication a. Initialization data in Manufacturing phase b. ATS (Answer to Select) in all phases 3. TSF mediated actions require successful identification and authentication, because BAC is activated. 4. Authentication data (random numbers) are prevented to be reused. 5. User authentication is provided through: a. BAC authentication mechanism in Operation Phase through BAC Authentication mechanism with Document Basic Access keys. b. Symmetric authentication mechanism based on 3DES in 10 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 10 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 Manufacturing Phase with initialization key. c. Symmetric authentication mechanism based on 3DES in Personalization Phase with personalization key. 6. Active authentication of the TOE is provided through Active authentication mechanism with active authentication keys. User Data Protection 1. Allowing only the successfully authenticated Personalization Agent to read and write data groups DG1 to DG16 of the LDS. 2. Allowing the terminals to read data groups DG1 to DG 16 of the LDS after successful BAC authentication. 3. Not allowing anybody to modify any data groups DG1 to DG 16 of the LDS in Operation phase. 4. Not allowing anybody to write/modify/erase any data (keys, LDS data) in Operation phase. 5. Transmitted and received user data is protected from modification, deletion, insertion and replay errors through secure messaging. 6. Determination on receipt of user data if modification, deletion, insertion and replay have occurred through secure messaging. Not allowing anybody to read DG3 and DG4. Security Management 1. Initialization, personalization and configuration of the TOE are only allowed for the manufacturer and the personalization agent. 2. Initialization data and pre-personalization data can only be written by the manufacturer. 3. Ability to enable attack counter and set its maximum value is restricted to the manufacturer and the personalization agent. 4. When attack counter exceeds the threshold, the TOE enters the Death phase and can no longer be used. 5. Ability to set maximum value of the BAC error counter and wait time for the BAC error is restricted to the manufacturer. 6. When BAC error counter exceeds the threshold, the TOE waits for a pre-configured wait time without any action. 7. Ability to set the hash algorithm for the active authentication, SHA-1 or SHA-256, is restricted to the manufacturer and the personalization agent. 8. Maintenance of the security roles: Manufacturer, personalization agent, Basic Inspection System. 9. Personalization Agent is allowed to write the Document Basic Access Keys. 11 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 11 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 10. Manufacturer and Personalization Agent are allowed to write the Active Authentication keys. 11. After unsuccessfull authentication in INITIALIZATION START, INITIALIZATION END, and CHANGE KEY commands in Manufacturing phase, the initialization key error counter is incremented. When the counter reaches the threshold, the TOE enters the Death phase and can no longer be used. 12. After unsuccessfull authentication in PERSONALIZATION START, PERSONALIZATION END, CHANGE KEY commands in Personalization phase, the personalization key error counter is incremented. When the counter reaches the threshold, the TOE enters the Death phase and can no longer be used. 13. After unsuccessfull authentication in ERASE FILES command in Manufacturing and Personalization phase, the initialization key error counter is incremented. When the counter reaches the threshold, the TOE enters the Death phase and can no longer be used. 14. After unsuccessfull authentication in EXCHANGE CHALLENGE command in Manufacturing phase, the EXCHANGE CHALLENGE error counter is incremented. When the counter reaches the threshold, the TOE enters the Death phase and can no longer be used which may enable other attacks. 15. Nobody is allowed to read Document Basic Access keys and Active Authentication keys. 16. Test features of the TOE are not available in Operation phase. If test features are performed by the TOE, no user data, TSF data can be disclosed or manipulated, no software can be reconstructed and no substantial information about TSF can be gathered. 17. Ability to disable read access for users to the Initialization Data to the Personalization Agent. Protection 1. Hiding information about IC power consumption and command execution time. 2. Detection of the physical tampering of the TSF with sensors for operating voltage, clock frequency, temperature and electromagnetic radiation. If the TOE detects with the mentioned sensors, that it is not supplied within the specified limits, a security reset is initiated and the TOE is not operable until the supply is back in the specified limits. The hardware protects itself against analyzing and physical tampering. 3. Clock randomization 4. Not allowing any unauthorized users to use the following interface smart card circuit contacts to gain access to initialization and personalization authentication key and logical MRTD data. 12 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 12 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 5. Preserve a secure state when a failure is detected by TSF according to FPT_TST.1. 6. Runs random number generator tests during initial start-up, when any command received, and at any cryptographic operation. Runs voltage level control test during initial start-up. 7. Provide authorized manufacturer and personalization agent with the capability to verify the integrity of ROM. 8. Verifies the integrity of the keys, header data of DFs, header and body data of EFs. If the integrity check of keys, header data of EFs and DFs fails, an error is returned to the user. If the integrity check of EF data fails, a warning returns to the user. If an integrity check of interior file system tables fails, the card enters the death phase and can no longer be used. Table 2 – TOE Security Functions 3) Summary of Threats and Organizational Security Policies (OSPs) addressed by the evaluated IT product: The TOE counter such threats presented in the table below and provides functions for countermeasure to them. T.Chip_ID Identification of MRTD’s chip Adverse action: An attacker trying to trace the movement of the MRTD by identifying remotely the MRTD‟s chip by establishing or listening to communications through the contactless communication interface. Threat agent: having enhanced basic attack potential, not knowing the optically readable MRZ data printed on the MRTD data page in advance Asset: Anonymity of user, T.Skimming Skimming the logical MRTD Adverse action: An attacker imitates an inspection system trying to establish a communication to read the logical MRTD or parts of it via the contactless communication channel of the TOE. Threat agent: having enhanced basic attack potential, not knowing the optically readable MRZ data printed on the MRTD data page in advance Asset: confidentiality of logical MRTD data T.Eavesdropping Eavesdropping to the communication between TOE and inspection system Adverse action: An attacker is listening to an existing communication between the MRTD‟s chip and an inspection system to gain the logical MRTD or parts of it. The inspection system uses the MRZ data printed on the MRTD data page but the attacker does not know these data in advance. 13 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 13 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 Threat agent: having enhanced basic attack potential, not knowing the optically readable MRZ data printed on the MRTD data page in advance Asset: confidentiality of logical MRTD data T.Forgery Forgery of data on MRTD’s chip Adverse action: An attacker alters fraudulently the complete stored logical MRTD or any part of it including its security related data in order to deceive on an inspection system by means of the changed MRTD holder‟s identity or biometric reference data. This threat comprises several attack scenarios of MRTD forgery. The attacker may alter the biographical data on the biographical data page of the passport book, in the printed MRZ and in the digital MRZ to claim another identity of the traveler. The attacker may alter the printed portrait and the digitized portrait to overcome the visual inspection of the inspection officer and the automated biometric authentication mechanism by face recognition. The attacker may alter the biometric reference data to defeat automated biometric authentication mechanism of the inspection system. The attacker may combine data groups of different logical MRTDs to create a new forged MRTD, e.g. the attacker writes the digitized portrait and optional biometric reference finger data read from the logical MRTD of a traveler into another MRTD‟s chip leaving their digital MRZ unchanged to claim the identity of the holder this MRTD. The attacker may also copy the complete unchanged logical MRTD to another contactless chip. Threat agent: having enhanced basic attack potential, being in possession of one or more legitimate MRTDs Asset: authenticity of logical MRTD data T.Abuse-Func Abuse of Functionality Adverse action: An attacker may use functions of the TOE which shall not be used in the phase “Operational Use” in order (i) to manipulate User Data, (ii) to manipulate (explore, bypass, deactivate or change) security features or functions of the TOE or (iii) to disclose or to manipulate TSF Data. This threat addresses the misuse of the functions for the initialization and the personalization in the operational state after delivery to MRTD holder. Threat agent: having enhanced basic attack potential, being in possession of a legitimate MRTD Asset: confidentiality and authenticity of logical MRTD and TSF data, correctness of TSF. T.Information_ Leakage Information Leakage from MRTD’s chip Adverse action: An attacker may exploit information which is leaked from the TOE during its usage in order to disclose confidential TSF data. The information leakage 14 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 14 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 may be inherent in the normal operation or caused by the attacker. Leakage may occur through emanations, variations in power consumption, I/O characteristics, clock frequency, or by changes in processing time requirements. This leakage may be interpreted as a covert channel transmission but is more closely related to measurement of operating parameters, which may be derived either from measurements of the contactless interface (emanation) or direct measurements (by contact to the chip still available even for a contactless chip) and can then be related to the specific operation being performed. Examples are the Differential Electromagnetic Analysis (DEMA) and the Differential Power Analysis (DPA). Moreover the attacker may try actively to enforce information leakage by fault injection (e.g. Differential Fault Analysis). Threat agent: having enhanced basic attack potential, being in possession of a legitimate MRTD Asset: confidentiality of logical MRTD and TSF data T.Phys-Tamper Adverse action: An attacker may perform physical probing of the MRTD‟s chip in order (i) to disclose TSF Data or (ii) to disclose/reconstruct the MRTD‟s chip Embedded Software. An attacker may physically modify the MRTD‟s chip in order to (i) modify security features or functions of the MRTD‟s chip, (ii) modify security functions of the MRTD‟s chip Embedded Software, (iii) modify User Data or (iv) to modify TSF data. The physical tampering may be focused directly on the disclosure or manipulation of TOE User Data (e.g. the biometric reference data for the inspection system) or TSF Data (e.g. authentication key of the MRTD‟s chip) or indirectly by preparation of the TOE to following attack methods by modification of security features (e.g. to enable information leakage through power analysis). Physical tampering requires direct interaction with the MRTD‟s chip internals. Techniques commonly employed in IC failure analysis and IC reverse engineering efforts may be used. Before that, the hardware security mechanisms and layout characteristics need to be identified. Determination of software design including treatment of User Data and TSF Data may also be a pre-requisite. The modification may result in the deactivation of a security function. Changes of circuitry or data can be permanent or temporary. Threat agent: having enhanced basic attack potential, being in possession of a legitimate MRTD Asset: confidentiality and authenticity of logical MRTD and TSF data, correctness of TSF 15 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 15 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 T.Malfunction Malfunction due to Environmental Stress Adverse action: An attacker may cause a malfunction of TSF or of the MRTD‟s chip Embedded Software by applying environmental stress in order to (i) deactivate or modify security features or functions of the TOE or (ii) circumvent, deactivate or modify security functions of the MRTD‟s chip Embedded Software. This may be achieved e.g. by operating the MRTD‟s chip outside the normal operating conditions, exploiting errors in the MRTD‟s chip Embedded Software or misusing administration function. To exploit these vulnerabilities an attacker needs information about the functional operation. Threat agent: having enhanced basic attack potential, being in possession of a legitimate MRTD Asset: confidentiality and authenticity of logical MRTD and TSF data, correctness of TSF Table 3 - Threats 4) Special Configuration Requirements: The usage and security features are as defined in the MRTD with ICAO Application, Basic Access Control protection profile: A State or Organization issues MRTDs to be used by the holder for international travel. The traveler presents a MRTD to the inspection system to prove his or her identity. The MRTD in context of this ST contains:  visual (eye readable) biographical data and portrait of the holder,  a separate data summary (MRZ data) for visual and machine reading using OCR methods in the Machine readable zone (MRZ) and  data elements on the MRTD‟s chip according to LDS for contactless machine reading. The authentication of the traveler is based on (i) the possession of a valid MRTD personalized for a holder with the claimed identity as given on the biographical data page and (ii) optional biometrics using the reference data stored in the MRTD. The issuing State or Organization ensures the authenticity of the data of genuine MRTD‟s. The receiving State trusts a genuine MRTD of an issuing State or Organization. 16 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 16 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 5) Disclaimers: This certification report and the IT product defined in the associated Common Criteria document has been evaluated at an accredited and licensed evaluation facility conformance to Common Criteria for IT Security Evaluation, version 3.1 , revision 3, using Common Methodology for IT Products Evaluation, version 3.1, revision 3. This certification report and the associated Common Criteria document apply only to the identified version and release of the product in its evaluated configuration. Evaluation has been conducted in accordance with the provisions of the CCCS, and the conclusions of the evaluation facility in the evaluation report are consistent with the evidence adduced. This report and its associated Common Criteria document are not an endorsement of the product by the Turkish Standardization Institution, or any other organization that recognizes or gives effect to this report and its associated Common Criteria document, and no warranty is given for the product by the Turkish Standardization Institution, or any other organization that recognizes or gives effect to this report and its associated Common Criteria document. 17 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 17 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 4. IDENTIFICATION AKiS-Pasaport v1.4N is a smart card which is designed to be used as Machine Readable Travel Document (MRTD). The Target of Evaluation (TOE) is the contactless integrated circuit chip of machine readable travel document (AKiS-Pasaport) programmed according to the Logical Data Structure (LDS) and providing the Basic Access Control according to „ICAO Doc 9303‟. AKiS v1.4N Operating System Phases AKiS v1.4N Operating System also consists of some phases which will be called as “AKiS v1.4N Operating System Life cycle phases” (Figure 1) in order to obstruct a confusion. There are 5 different life cycle phases available on TOE. Relations and crossing between these life cycle phases are shown in the Figure 1. Also there are some several keys available on TOE in order to be used within the execution of the secure commands. Command interpreter of TOE is designed to execute some special commands for the different life cycle phases. These phases are; Activation: Main purposes of the activation phase is; to check if TOE is correct (not corrupted) and load the initial values of the keys that will be used on the execution of the secure commands (initialization and personalization key). MF (Master File) is created in this phase. Initialization: Main purpose of the initialization phase is to load the initialization data into the card. Therefore the file system will begin to construct on the EEPROM on each command. Personalization: Main purpose of the personalization phase is to load the personalization data into the card. Henceforth the card will include unique data belonging to the end user. Operation: In the operation phase, TOE is available for the end user. Death: When the security conditions listed below are not satisfied or it is noticed that security is trying to be surpassed, TOE enters the death phase: 18 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 18 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060  When 64 unsuccessful authentication attempts occur related to loading of the system keys with Exchange Challenge command.  When 10 unsuccessful authentication attempts occur related to changing of the initialization key with Change Key command, erasing of EEPROM with Erase Files command, Initialization Start and Initialization End commands.  When 10 unsuccessful authentication attempts occur related to changing of the personalization key with Change Key command, Personalization Start and Personalization End commands.  When 16 to 128 (configurable) unsuccessful authentication attempts occur related to BAC authentication protocol.  When an integrity check of interior filesystem tables fails. 19 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 19 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 Activation Phase Initialization Phase Personalization Phase Operation Phase EXCHANGE CHALLENGE Death Phase INITIALIZE PERSONALIZE ERASE FILES CARD TEST EXCHANGE CHALLENGE CHANGE KEY INITIALIZE ERASE FILES GET DATA CREATE FILE SELECT FILE UPDATE BINARY PUT DATA CHANGE KEY PERSONALIZE ERASE FILES GET DATA CREATE FILE SELECT FILE UPDATE BINARY PUT DATA GET DATA File system commands: SELECT FILE READ BINARY Security Commands GET CHALLANGE INTERNAL AUTHENTICATE MUTUAL AUTHENTICATE ERASE FILES GET_DATA DELETE_FILE READ_BINARY ERASE_BINARY WRITE_DELETE_KEY READ KEY GET_RESPONSE DELETE_FILE READ_BINARY ERASE_BINARY WRITE_DELETE_KEY READ KEY GET_RESPONSE Figure 1 - Phases 20 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 20 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 5. SECURITY POLICY Organizational Security Policies The TOE shall comply with the following Organizational Security Policies (OSP) as security rules, procedures, practices, or guidelines imposed by an organization upon its operations (see CC part 1, sec. 3.2). P.Manufact Manufacturing of the MRTD’s chip The Initialization Data are written by the IC Manufacturer to identify the IC uniquely. The MRTD Manufacturer writes the Pre-personalization Data which contains at least the Personalization Agent Key. P.Personalization Personalization of the MRTD by issuing State or Organization only The issuing State or Organization guarantees the correctness of the biographical data, the printed portrait and the digitized portrait, the biometric reference data and other data of the logical MRTD with respect to the MRTD holder. The personalization of the MRTD for the holder is performed by an agent authorized by the issuing State or Organization only. P.Personal Data Personal data protection policy The biographical data and their summary printed in the MRZ and stored on the MRTD‟s chip (EF.DG1), the printed portrait and the digitized portrait (EF.DG2), the biometric reference data of finger(s) (EF.DG3), the biometric reference data of iris image(s) (EF.DG4) and data according to LDS (EF.DG5 to EF.DG13, EF.DG16) stored on the MRTD‟s chip are personal data of the MRTD holder. These data groups are intended to be used only with agreement of the MRTD holder by inspection systems to which the MRTD is presented. The MRTD‟s chip shall provide the possibility for the Basic Access Control to allow read access to these data only for terminals successfully authenticated based on knowledge of the Document Basic Access Keys. Table 4 – Organizational Security Policies 21 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 21 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 6. ARCHITECTURAL INFORMATION AKiS v1.4N algorithms and crypto specifications are; Basic Access Control; ISO/IEC11770-2 Key Establishment Mechanism 6 3DES CBC as block cipher Cryptographic checksum ISO/IEC9797-1 MAC Algorithm 3 Active Authentication; ISO/IEC9796-2 Digital Signature Scheme 1 MRTD Chip The integrated circuit of the MRTD‟s chip is NXP P5CD081. NXP-P5CD081 has CC EAL 5+(AVA_VAN.5) certificate. AKiS-Pasaport v1.4N Operating System is loaded into the ROM of the NXP chip (P5CD081) during the manufacturing of the IC. Operating system components are shown in Figure2;  Memory Manager  File Manager  Command Interpreter  Communication Handler Message is received by UART which is managed by communication handler in TOE. The message comes in TPDU format which is mentioned above. Incoming TPDU packet is analysed and block type decision is made by the communication handler. TPDU may include 3 different types of blocks, named R, S and I block. R and S blocks are used to control the transmission protocol (ISO 7816-3). I block carries the command which is transmitted to the command interpreter and executed in TOE. When command execution is finished, communication handler sends the answer to the reader via UART. If the command is related with the file system, command interpreter calls the file manager. File manager is responsible for the operations in the file field which is in the EEPROM. 22 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 22 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 Memory manager is used to open new file, close file, delete page and attach new page. Memory Management File Management Command Interpreter Communication Handler MMU UART OS CARD READER PC Random Number Generator ROM EEPROM RAM ACE Timer Interrupt Module MED Figure 2 - AKiS v1.4N Operating System components and environment 23 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 23 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 7. ASSUMPTIONS AND CLARIFICATION OF SCOPE TOE consists of the components which are defined in section 6 (Architectural information). Except these, Other components are not in the scope of Common Criteria Evaluation. 7.1 Usage Assumptions A.MRTD_Manufact MRTD manufacturing on steps 4 to 6 It is assumed that appropriate functionality testing of the MRTD is used. It is assumed that security procedures are used during all manufacturing and test operations to maintain confidentiality and integrity of the MRTD and of its manufacturing and test data (to prevent any possible copy, modification, retention, theft or unauthorized use). A.MRTD_Delivery MRTD delivery during steps 4 to 6 Procedures shall guarantee the control of the TOE delivery and storage process and conformance to its objectives: - Procedures shall ensure protection of TOE material/information under delivery and storage. - Procedures shall ensure that corrective actions are taken in case of improper operation in the delivery process and storage. - Procedures shall ensure that people dealing with the procedure for delivery have got the required skill. A.Pers_Agent Personalization of the MRTD’s chip The Personalization Agent ensures the correctness of (i) the logical MRTD with respect to the MRTD holder, (ii) the Document Basic Access Keys, (iii) the Chip Authentication Public Key (EF.DG14) if stored on the MRTD‟s chip, and (iv) the Document Signer Public Key Certificate (if stored on the MRTD‟s chip). The Personalization Agent signs the Document Security Object. The Personalization Agent bears the Personalization Agent Authentication to authenticate himself to the TOE by symmetric cryptographic mechanisms. Table 5 – Usage Assumptions 24 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 24 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 7.2 Environmental Assumptions A.Insp_Sys Inspection Systems for global interoperability The Inspection System is used by the border control officer of the receiving State (i) examining an MRTD presented by the traveler and verifying its authenticity and (ii) verifying the traveler as MRTD holder. The Basic Inspection System for global interoperability (i) includes the Country Signing Public Key and the Document Signer Public Key of each issuing State or Organization, and (ii) implements the terminal part of the Basic Access Control. The Basic Inspection System reads the logical MRTD under Basic Access Control and performs the Passive Authentication to verify the logical MRTD. A.BAC-Keys Cryptographic quality of Basic Access Control Keys The Document Basic Access Control Keys being generated and imported by the issuing State or Organization have to provide sufficient cryptographic strength. As a consequence of the „ICAO Doc 9303‟ , the Document Basic Access Control Keys are derived from a defined subset of the individual printed MRZ data. It has to be ensured that these data provide sufficient entropy to withstand any attack based on the decision that the inspection system has to derive Document Access Keys from the printed MRZ data with enhanced basic attack potential. Table 6 – Environmental Assumptions 7.3 Clarification of Scope Under normal conditions; there are no threats which TOE must counter but did not; however Operational Environment and Organizational Policies have countered. Information about threats that are countered by TOE and Operational Environmental are stated in the Security Target document. 25 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 25 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 8. DOCUMENTATION AKiS v1.4N Pasaport Security Target Ver. Number and Date: 06 – 18.04.2011 AKiS v1.4N Pasaport User Guidance Ver. Number and Date: 01 – 30.12.2011 26 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 26 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 9. IT PRODUCT TESTING During the evaluation, all evaluation evidences of TOE were delivered and transferred completely to CCTL by the developers. All the delivered evaluation evidences which include software, documents, etc are mapped to the assurance families of Common Criteria and Common Methodology; so the connections between the assurance families and the evaluation evidences has been established. The evaluation results are available in the Evaluation Technical Report (ETR) of AKiS Pasaport v1.4N. It is concluded that the TOE supports EAL 4+ (ALC_DVS.2) . There are 29 assurance families which are all evaluated with the methods detailed in the ETR. IT Product Testing is mainly realized in two parts: 1) Developer Testing :  TOE Test Coverage: Developer has prepared TOE System Test Document according to the TOE Functional Specification documentation.  TOE Test Depth: Developer has prepared TOE System Test Document according to the TOE Design documentation which include TSF subsystems and its interactions.  TOE Functional Testing: Developer has made functional tests according to the test documentation. Test plans, test scenarios, expected test results and actual test results are in the test documentation. 2) Evaluator Testing :  Independent Testing: Evaluator has done a total of 37 sample independent tests. 19 of them are selected from developer`s test plans. The other 18 tests are evaluator`s independent tests. All of them are related to TOE security functions.  Penetration Testing: Evaluator has done 17 penetration tests to find out if TOE`s vulnerabilities can be used for malicious purposes. The potential vulnerabilities and the penetration tests are in “TOE Security Functions Penetration Tests Scope” which is in Annex-C of the ETR and the penetration tests and their results are available in detail in the 27 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 27 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 ETR document as well. The result of AVA_VAN.3 evaluation is given below:  It is determined that TOE, in its operational environment, is resistant to an attacker possessing “Enhanced-Basic” attack potential. For the product AKiS Pasaport v1.4N, there is no residual vulnerability (vulnerabilities can be used as evil actions by the hostile entities who have MEDIUM or HIGH level attack potential), that they do not affect the evaluation result, found by CCTL(OKTEM) laboratory under the conditions defined by the evaluation evidences and developer claims. 28 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 28 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 10. EVALUATED CONFIGURATION During the evaluation; the configuration of evaluation evidences which are composed of Software source code, Common Criteria documents, sustenance document and guides are shown below: Evaluation Evidence: TOE – AKiS Pasaport Application and NXP P5CD081 Contactless IC (AKiS Pasaport Uygulaması ve NXP P5CD081 Temazsız Yonga) Version Number: 1.4N Production Date : 05.11.2010 Evaluation Evidence: AKiS v1.4N Pasaport Source Code (Kaynak Kodu) Version Number and Date: 1.0 – 30.12.2010 Evaluation Evidence: AKiS v1.4N Pasaport Design Specification Document (Tasarım Belirtim Dökümanı) Version Number and Date: 03 –30.05.2011 Evaluation Evidence: AKiS v1.4N Pasaport Functional Specification Document (Fonksiyonel Belirtim Dokümanı) Version Number and Date: 01 - 22.12.2010 Evaluation Evidence: AKiS v1.4N Pasaport Security Architecture Document (Güvenlik Mimarisi Dokümanı) Version Number and Date: 01 – 27.12.2010 Evaluation Evidence: AKiS v1.4N Pasaport Delivery and Usage Document (Teslim ve İşletim Dokümanı ) Version Number and Date: 01 – 05.12.2010 Evaluation Evidence: AKiS v1.4N Pasaport Configuration Management Plan (Konfigürasyon Yönetim Planı) Version Number and Date: 02 – 01.06.2011 Evaluation Evidence: AKiS v1.4N Pasaport Development Environment Security and Development Tools (Geliştirme Ortam Güvenliği ve Geliştirme Aletleri Dokümanı) Version Number and Date: 01 – 05.01.2011 Evaluation Evidence: AKiS v1.4N Pasaport Life Cycle Document (Kullanım Ömrü Dokümanı) Version Number and Date: 01 – 22.12.2010 Evaluation Evidence: AKiS v1.4N Pasaport Security Target Document (Güvenlik Hedefi) Version Number and Date: 06 – 18.04.2011 Evaluation Evidence: AKiS v1.4N Pasaport System and Test Document (Sistem ve Test Dokümanı) 29 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 29 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 Version Number and Date: 01 – 25.01.2011 Evaluation Evidence: AKiS v1.4N Pasaport System Test Pre-usage Document (Sistem Test Dokumani Isletim Oncesi) Version Number and Date: 01 – 23.01.2011 Evaluation Evidence: AKiS v1.4N Pasaport Administrator and User Manual Document (Yönetici ve Kullanıcı Kılavuzu Dokümanı) Version Number and Date: 02 – 03.06.2011 30 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 30 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 11. RESULTS OF THE EVALUATION Table 7 below provides a complete listing of the Security Assurance Requirements for the TOE. These requirements consists of the Evaluation Assurance Level 4 (EAL 4) components as specified in Part 3 of the Common Criteria, augmented with ALC_DVS.2. Component ID Component Title ASE_INT.1 ST Introduction ASE_CCL.1 Conformance Claims ASE_SPD.1 Security Problem Definition ASE_OBJ.2 Security Objectives ASE_ECD.1 Extended Components Definition ASE_REQ.2 Security Requirements ASE_TSS.1 TOE Summary Specifiation ASE_COMP.1 Consistency of Security Target ADV_ARC.1 Security Architecture ADV_COMP.1 Composite Design Compliance ADV_FSP.4 Functional Specification ADV_IMP.1 Implementation Representation ADV_TDS.3 TOE Design AGD_OPE.1 Operational User Guidance AGD_PRE.1 Preparative Procedures ALC_CMC.4 Configuration Management Capabilities ALC_CMS.4 Configuration Management Scope ALC_DEL.1 Delivery ALC_DVS.2 Development Security ALC_LCD.1 Life-Cycle Definition ALC_TAT.1 Tools and Techniques ALC_COMP.1 Integration of composition parts and Consistency of delivery procedures ATE_COV.2 Coverage ATE_DPT.1 Depth ATE_FUN.1 Functional Tests ATE_IND.2 Independent Testing ATE_COMP.1 Composite Testing AVA_VAN.3 Vulnerability Analysis AVA_COMP.1 Composite Vulnerability Analysis Table 7 - Security Assurance Requirements for the TOE The Evaluation Team assigned a Pass, Fail, or Inconclusive verdict to each work unit of each EAL 4 assurance component. For Fail or Inconclusive work unit verdicts, the Evaluation Team advised the developer about the issues requiring resolution or clarification within the evaluation evidence. In this way, the Evaluation Team assigned an overall Pass verdict to the assurance component only 31 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 31 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 when all of the work units for that component had been assigned a Pass verdict. So for TOE AKiS Pasaport v1.4N the result of the assessment of all evaluation tasks are “Pass”. Results of the evaluation: AKiS Pasaport v1.4N product was found to fulfill the Common Criteria requirements for each of 29 assurance families and provide the assurance level EAL 4+ (ALC_DVS.2) .This result shows that TOE is resistant against the “ENHANCED-BASIC‟‟ level attack potential and it countervails the claims of the functional and assurance requirements which are defined in ST document. There is no residual vulnerability (vulnerabilities can be used as evil actions by the hostile entities who have MEDIUM or HIGH level attack potential), that they do not affect the evaluation result, found by CCTL(OKTEM) laboratory under the conditions defined by the evaluation evidences and developer claims. 32 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 32 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 12. EVALUATOR COMMENTS/ RECOMMENDATIONS No recommendations or comments have been communicated to CCCS by the evaluators related to the evaluation process of AKiS Pasaport v1.4N product, result of the evaluation, or the ETR. 13. CERTIFICATION AUTHORITY COMMENTS/ RECOMMENDATIONS The certifier has no comments or recommendations related to the evaluation process of AKiS Pasaport v1.4N product, result of the evaluation, or the ETR. 14.SECURITY TARGET Information about the Security Target document associated with this certification report is as follows: Name of Document : AKiS-PASAPORT v1.4N Security Target Version No. : 06 Date of Document : 18.04.2011 This Security Target describes the TOE, intended IT environment, security objectives, security requirements (for the TOE and IT environment), TOE security functions and all necessary rationale. 33 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 33 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 15. BIBLIOGRAPHY [1] Common Criteria for Information Technology Security Evaluation, Version 3.1 Revision 3, July 2009 [2] Common Methodology for Information Technology Security Evaluation, CEM, Version 3.1 Revision 3, July 2009 [3] AKiS v1.4N Pasaport Security Target Version: 06 Date: 18.04.2011 [4] Evaluation Technical Report (Document Code: DTR 16 TR 01), June 13, 2011 [5] Evaluation Technical Report (Document Code: DTR 16 TR 02), July 11, 2011 [6] Composite product evaluation for Smart Cards and similar devices v1.0 rev 1 Sep 2007 (CCDB-2007-09-001) [7] ETR for composition according to AIS36, as summary of ETR for NXP P5CD081V1A Secure Smart Card Controller [8] PCC-03-WI-04 CERTIFICATION REPORT PREPARATION INSTRUCTIONS, Version 2.0 [9] CC Supporting Document Guidance, Mandatory Technical Document, Application of Attack Potential to Smartcards, Version 2.7 Revision 1, March 2009, CCDB-2009-03-001 [10] CC Supporting Document Guidance, Mandatory Technical Document, Application of CC to Integrated Circuits, Version 3.0 Revision 1, March 2009, CCDB-2009-03-002 [11] P5CD016/021/041/051 and P5Cx081 - Delivery and Optional Manual [12] P5CD016/021/041/051 and P5Cx081 – Product Data Sheet [13] Assurance Continuity Maintenance Report (BSI-DSZ-CC-0555-2009-MA-01) [14] NXP Secure Smart Card Controllers - P5CD016/021/041/051V1A and P5Cx081V1A Security Target Lite [15] P5CD081 Order Entry Forms [16] Common Criteria Protection Profile Machine Readable Travel Document with “ICAO Application”, Basic Access Control, BSI-CC-PP-0055, Version 1.10, 25th March 2009 [17] Common Criteria Protection Profile Machine Readable Travel Document with„ICAO Application", Extended Access Control, BSI-CC-PP-0026, Version 1.2, 19 November 2007, BSI 34 PRODUCT CERTIFICATION CENTER COMMON CRITERIA CERTIFICATION SCHEME CERTIFICATION REPORT Date of Issue: 18/12/2007 Page : 34 / 34 Rev. No : 05 Date of Rev: 17/03/2011 Document No: PCC-03-FR-060 [18] Certification Report for NXP Secure Smart Card Controller P5CD080V0B, P5CN080V0B and P5CC080V0B each with specific IC Dedicated Software, BSI-DSZ-CC-410-2007, 05 July 2007, BSI [19] Joint Interpretation Library, Attack Methods for Smartcards and Similar Devices, confidential Version 1.5, February 2009, BSI 16. APPENDICES There is no additional information which is inappropriate for reference in other sections.