Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.
STARCOS 3.7 COS GKV C2
BSI-DSZ-CC-1243-2024
STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2
BSI-DSZ-CC-1077-V2-2024
name STARCOS 3.7 COS GKV C2 STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2
not_valid_after 22.08.2029 12.06.2029
not_valid_before 22.08.2024 12.06.2024
cert_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1243c_pdf.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1077V2c_pdf.pdf
report_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1243a_pdf.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1077V2a_pdf.pdf
st_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1243b_pdf.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1077V2b_pdf.pdf
dgst 7e00946c0c70e2a7 3f746e3371e342f6
heuristics/cert_id BSI-DSZ-CC-1243-2024 BSI-DSZ-CC-1077-V2-2024
heuristics/extracted_sars ASE_INT.1, ALC_TAT.1, ATE_FUN.1, ADV_IMP.1, ALC_FLR.1, ASE_TSS.1, AGD_PRE.1, ASE_CCL.1, ALC_CMS.4, ALC_DVS.2, ATE_IND.2, AVA_VAN.5, ASE_SPD.1, ATE_DPT.2, ASE_OBJ.2, ADV_FSP.4, ATE_COV.2, ASE_REQ.2, ALC_CMC.4, ADV_ARC.1, ALC_DEL.1, AGD_OPE.1, ADV_TDS.3, ALC_LCD.1, ASE_ECD.1 AVA_VAN.5, AGD_PRE.1, ADV_ARC.1, ALC_CMS.4, ADV_FSP.4, ALC_TAT.1, ATE_FUN.1, ALC_DEL.1, ADV_IMP.1, AGD_OPE.1, ADV_TDS.3, ALC_LCD.1, ALC_DVS.2, ALC_FLR.1, ATE_DPT.2, ALC_CMC.4
heuristics/prev_certificates {} BSI-DSZ-CC-1077-2020
heuristics/report_references/directly_referencing BSI-DSZ-CC-0976-V3-2019, BSI-DSZ-CC-1110-V6-2023 BSI-DSZ-CC-1077-2020, BSI-DSZ-CC-1110-V6-2023
heuristics/report_references/indirectly_referencing BSI-DSZ-CC-0945-V3-2018, BSI-DSZ-CC-0945-V2-2018, BSI-DSZ-CC-0945-2017, BSI-DSZ-CC-1110-V4-2021, BSI-DSZ-CC-0916-2015, BSI-DSZ-CC-1110-V2-2019, BSI-DSZ-CC-0782-2012, BSI-DSZ-CC-1110-V6-2023, BSI-DSZ-CC-0782-V2-2015, BSI-DSZ-CC-1110-2019, BSI-DSZ-CC-0891-2015, BSI-DSZ-CC-1110-V3-2020, BSI-DSZ-CC-0976-V3-2019, BSI-DSZ-CC-0976-2015, BSI-DSZ-CC-0976-V2-2018, BSI-DSZ-CC-0891-V2-2016, BSI-DSZ-CC-1110-V5-2022, BSI-DSZ-CC-0879-2014 BSI-DSZ-CC-0945-V3-2018, BSI-DSZ-CC-0945-V2-2018, BSI-DSZ-CC-0945-2017, BSI-DSZ-CC-1110-V2-2019, BSI-DSZ-CC-0782-2012, BSI-DSZ-CC-1077-2020, BSI-DSZ-CC-1110-V6-2023, BSI-DSZ-CC-1110-2019, BSI-DSZ-CC-0891-2015, BSI-DSZ-CC-1110-V3-2020, BSI-DSZ-CC-1110-V5-2022, BSI-DSZ-CC-0891-V2-2016, BSI-DSZ-CC-1110-V4-2021
heuristics/scheme_data
  • category: eHealth
  • cert_id: BSI-DSZ-CC-1243-2024
  • certification_date: 22.08.2024
  • enhanced:
    • applicant: Giesecke+Devrient ePayments GmbH Prinzregentenstr. 161 81677 München
    • assurance_level: EAL4+,ALC_DVS.2,ATE_DPT.2,AVA_VAN.5
    • cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1243c_pdf.pdf?__blob=publicationFile&v=2
    • certification_date: 22.08.2024
    • description: The Target of Evaluation (TOE) is the product STARCOS 3.7 COS GKV C2 developed by Giesecke+Devrient ePayments GmbH. The TOE is a smart card product according to the G2 Card Operating System (G2-COS) specification from gematik. The TOE is intended to be used as a card operating system platform for the electronic Health Card (eHC) of the card generation G2.1 in the framework of the German health care system, and therefore implements the mandatory part of the G2-COS specification with the base functionality of the operating system platform and additionally the functional packages "RSA Key Generation" and "Contactless Interface". The TOE uses from the Protection Profile PP-0082-V4 the base part together with the corresponding optional packages. This certification procedure was carried out as a re-evaluation based on the certificate BSI-DSZ-CC-0976-V3-2019 including subsequent maintenance procedures BSI-DSZ-CC-0976-V3-2019-MA-01 and BSI-DSZ-CC-0976-V3-2019-MA-02. The TOE and its implementation itself did not change. The focus of this re-evaluation was on the change of the TOE’s life-cycle model regards production sites including renewal of corresponding site certificates, the update of the underlying HW certificate, and the renewal of the TOE’s vulnerability analysis and assessment including penetration testing of the TOE’s (crypto) implementation.
    • evaluation_facility: SRC Security Research & Consulting GmbH
    • expiration_date: 21.08.2029
    • product: STARCOS 3.7 COS GKV C2
    • protection_profile: Card Operating System Generation 2 (PP COS G2), Version 2.1, 10 July 2019, BSI-CC-PP-0082-V4-2019
    • report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1243a_pdf.pdf?__blob=publicationFile&v=2
    • target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1243b_pdf.pdf?__blob=publicationFile&v=2
  • product: STARCOS 3.7 COS GKV C2
  • subcategory: Smartcards
  • url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_SmartCards/1243.html
  • vendor: Giesecke+Devrient ePayments GmbH
  • category: Electronic ID documents
  • cert_id: BSI-DSZ-CC-1077-V2-2024
  • certification_date: 12.06.2024
  • enhanced:
    • applicant: Giesecke+Devrient ePayments GmbH Prinzregentenstr. 161 81677 München
    • assurance_level: EAL4+,ALC_DVS.2,ATE_DPT.2,AVA_VAN.5
    • cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1077V2c_pdf.pdf?__blob=publicationFile&v=2
    • certification_date: 12.06.2024
    • description: The Target of Evaluation (TOE) is the product STARCOS 3.7 ID ePA C1, STARCOS 3.7 ID eAT C1, STARCOS 3.7 ID ePass C1 provided by Giesecke+Devrient Mobile Security GmbH, based on the hardware platform Infineon Security Controller IFX_CCI_000005h from Infineon Technologies AG. It is an electronic Identity Card representing a smart card with contactless interface programmed according to the Technical Guideline BSI TR-03110 and the ICAO specifications. The smart card provides the following authentication mechanisms: Passive Authentication, Password Authenticated Connection Establishment (PACE), Chip Authentication version 1, 2 and 3, Terminal Authentication version 1 and 2. Additionally, the TOE meets the requirements of the Technical Guideline BSI TR-03116-2 as part of the qualification for the use within electronic ID card projects of the Federal Republic of Germany. Please note that in consistency to the claimed protection profile BSI-CC-PP-0087-V2-2016-MA-01 the security mechanisms Password Authenticated Connection Establishment (PACE) and Extended Access Control (EAC) are in focus of this evaluation process. The further security mechanism Basic Access Control (BAC) contained in the corresponding product is subject of a separate evaluation process (refer to BSI-DSZ-CC-1076-2020). The smart card contains at least one of the following applications that are all subject of the TOE’s evaluation: ePass ApplicationeID ApplicationeSign Application Three different major configurations of the TOE exist that only differ in the installed file system or applications respectively: Electronic DocumentResidence PermitPassport Furthermore, the TOE provides the so-called Update-in-Field mechanism. This secure update mechanism allows to install code-signed updates of the TOE Embedded Software (operating system part) by authorized staff during operational use. The TOE’s evaluation only covers the Update-in-Field mechanism itself, but does not cover any update packages. As stated in the certification report in chapter 12, the certificate comprises the usage as QSigCD according to article 30 of the Regulation (EU) No 910/2014.
    • entries: [frozendict({'id': 'BSI-DSZ-CC-1077-V2-2024 (Ausstellungsdatum / Certification Date 12.06.2024, gültig bis / valid until 11.06.2029) Certificate of Conformity to Regulation (EU) No. 910/2014 (eIDAS) based on BSI-DSZ-CC-1077-V2-2024 Zertifizierungsreport / Certification Report Sicherheitsvorgaben / Security Target Zertifikat / Certificate', 'description': 'certificate and integrated site certificates for development and production sites as well as on the update of the vulnerability analysis including penetration testing for the (crypto-) implementation.'}), frozendict({'id': 'BSI', 'description': 'Second Re-Assessment for update of the vulnerability analysis and valuation related to the certification procedure 1077.'}), frozendict({'id': 'BSI', 'description': 'Re-Assessment for update of the vulnerability analysis and valuation related to the certification procedure 1077.'}), frozendict({'id': 'BSI', 'description': 'Certificate'})]
    • evaluation_facility: SRC Security Research & Consulting GmbH
    • expiration_date: 11.06.2029
    • product: STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2
    • protection_profile: Machine-Readable Electronic Documents based on BSI TR-03110 for Official Use (MR.ED-PP), Version 2.0.3, 18 July 2016, BSI-CC-PP-0087-V2-2016-MA-01, Common Criteria PP Configuration Machine Readable Electronic Documents - Optionales Nachladen (Optional Post-Emission Updates) [MR.ED-ON-PP], Version 0.9.2, 18 August 2016, BSI-CC-PP-0090-2016
    • report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1077V2a_pdf.pdf?__blob=publicationFile&v=2
    • target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1077V2b_pdf.pdf?__blob=publicationFile&v=2
  • product: STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2
  • subcategory: IC with applications
  • url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Hoheitliche_Dokumente-IC_mit_Anwendung/1077.html
  • vendor: Giesecke+Devrient ePayments GmbH
protection_profiles
pdf_data/cert_filename 1243c_pdf.pdf 1077V2c_pdf.pdf
pdf_data/cert_keywords/cc_cert_id
  • DE:
    • BSI-DSZ-CC-1243-2024: 1
  • DE:
    • BSI-DSZ-CC-1077-V2-2024: 1
pdf_data/cert_keywords/cc_protection_profile_id
  • BSI:
    • BSI-CC-PP-0082-V4-: 1
  • BSI:
    • BSI-CC-PP-0087-V2-2016-MA-01: 1
    • BSI-CC-PP-0090-2016: 1
pdf_data/cert_keywords/technical_report_id
  • BSI:
    • BSI TR-03110: 1
pdf_data/cert_keywords/os_name
  • STARCOS:
    • STARCOS 3: 1
  • STARCOS:
    • STARCOS 3: 3
pdf_data/cert_metadata
  • /Author: Bundesamt für Sicherheit in der Informationstechnik
  • /Keywords: "Common Criteria, Certification, Zertifizierung, PP-0082-V4, G+D, STARCOS 3.7, eHealth"
  • /Subject: Common Criteria, Certification, Zertifizierung, PP-0082-V4, G+D, STARCOS 3.7, eHealth
  • /Title: Certification Report BSI-DSZ-CC-1243-2024
  • pdf_file_size_bytes: 233610
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 1
  • /Author: Federal Office for Information Security
  • /Keywords: Common Criteria, Certification, Zertifizierung, STARCOS 3.7
  • /Subject: Common Criteria, Certification, Zertifizierung, STARCOS 3.7
  • /Title: Certificate BSI-DSZ-CC-1077-V2-2024
  • pdf_file_size_bytes: 232936
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 1
pdf_data/report_filename 1243a_pdf.pdf 1077V2a_pdf.pdf
pdf_data/report_frontpage
  • DE:
    • cc_security_level: Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2, ATE_DPT.2 and AVA_VAN.5 valid until: 21 August 2029
    • cc_version: PP conformant Common Criteria Part 2 extended
    • cert_id: BSI-DSZ-CC-1243-2024
    • cert_item: STARCOS 3.7 COS GKV C2
    • cert_lab: BSI
    • developer: Giesecke+Devrient ePayments GmbH
    • match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
    • ref_protection_profiles: Card Operating System Generation 2 (PP COS G2), Version 2.1, 10 July 2019, BSI-CC-PP-0082-V4- 2019
  • DE:
    • cc_security_level: Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2, ATE_DPT.2 and AVA_VAN.5 valid until: 11 June 2029 SOGIS Recognition Agreement
    • cc_version: PP conformant Common Criteria Part 2 extended
    • cert_id: BSI-DSZ-CC-1077-V2-2024
    • cert_item: STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2
    • cert_lab: BSI
    • developer: Giesecke+Devrient ePayments GmbH
    • match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
    • ref_protection_profiles: Common Criteria Protection Profile Machine-Readable Electronic Documents based on BSI TR-03110 for Official Use [MR.ED-PP], Version 2.0.3, 18 July 2016, BSI-CC-PP-0087-V2-2016-MA-01 Common Criteria PP Configuration Machine Readable Electronic Documents – Optionales Nachladen (Optional Post-Emission Updates) [MR.ED-ON-PP], Version 0.9.2, 18 August 2016, BSI-CC-PP-0090-2016
pdf_data/report_keywords/cc_cert_id
  • DE:
    • BSI-DSZ-CC-0976-V3-: 2
    • BSI-DSZ-CC-0976-V3-2019: 3
    • BSI-DSZ-CC-0976-V3-2019-MA-01: 2
    • BSI-DSZ-CC-1110-V6-2023: 7
    • BSI-DSZ-CC-1243: 4
    • BSI-DSZ-CC-1243-2024: 21
    • BSI-DSZ-CC-S-0260-2023: 2
  • DE:
    • BSI-DSZ-CC-1077-: 1
    • BSI-DSZ-CC-1077-2020: 2
    • BSI-DSZ-CC-1077-2020-RA-01: 2
    • BSI-DSZ-CC-1077-2020-RA-02: 1
    • BSI-DSZ-CC-1077-V2-2024: 25
    • BSI-DSZ-CC-1110-V6-2023: 6
    • BSI-DSZ-CC-S-0208-2022: 2
    • BSI-DSZ-CC-S-0253-2023: 2
    • BSI-DSZ-CC-S-0260-2023: 1
pdf_data/report_keywords/cc_protection_profile_id
  • BSI:
    • BSI-CC-PP-0082-V4-: 1
    • BSI-CC-PP-0082-V4-2019: 3
  • BSI:
    • BSI-CC-PP-0056-V2-2012: 2
    • BSI-CC-PP-0059-2009-MA-02: 3
    • BSI-CC-PP-0068-V2-: 1
    • BSI-CC-PP-0068-V2-2011-MA-01: 2
    • BSI-CC-PP-0086: 3
    • BSI-CC-PP-0087-V2-2016-MA-01: 3
    • BSI-CC-PP-0090-2016: 4
pdf_data/report_keywords/cc_sfr
  • FCS:
    • FCS_CKM: 4
    • FCS_COP: 25
    • FCS_RNG: 3
    • FCS_RNG.1: 1
  • FIA:
    • FIA_UAU: 2
    • FIA_USB: 1
  • FPT:
    • FPT_ITE.1: 1
  • FCS:
    • FCS_CKM: 23
    • FCS_COP: 24
    • FCS_RND: 1
  • FIA:
    • FIA_UAU: 7
  • FTP:
    • FTP_ITC: 5
pdf_data/report_keywords/vendor
  • GD:
    • Giesecke+Devrient: 33
  • Infineon:
    • Infineon: 12
    • Infineon Technologies AG: 6
  • GD:
    • Giesecke+Devrient: 23
  • Infineon:
    • Infineon: 9
    • Infineon Technologies AG: 7
pdf_data/report_keywords/symmetric_crypto
  • AES_competition:
    • AES:
      • AES: 21
    • HPC:
      • HPC: 1
  • constructions:
    • MAC:
      • CMAC: 9
  • AES_competition:
    • AES:
      • AES: 12
  • DES:
    • 3DES:
      • 3DES: 3
    • DES:
      • DES: 5
  • constructions:
    • MAC:
      • CMAC: 5
pdf_data/report_keywords/asymmetric_crypto
  • ECC:
    • ECC:
      • ECC: 9
    • ECDH:
      • ECDH: 4
    • ECDSA:
      • ECDSA: 13
  • FF:
    • DH:
      • DH: 1
      • Diffie-Hellman: 2
  • RSA:
    • RSA-OAEP: 1
  • ECC:
    • ECC:
      • ECC: 6
    • ECDH:
      • ECDH: 8
    • ECDSA:
      • ECDSA: 12
    • ECIES:
      • ECIES: 2
  • FF:
    • DH:
      • Diffie-Hellman: 1
pdf_data/report_keywords/hash_function
  • SHA:
    • SHA2:
      • SHA-256: 3
  • SHA:
    • SHA2:
      • SHA-256: 2
      • SHA-384: 1
      • SHA-512: 1
pdf_data/report_keywords/crypto_scheme
  • KA:
    • Key Agreement: 2
  • MAC:
    • MAC: 1
  • KA:
    • Key Agreement: 1
  • MAC:
    • MAC: 1
pdf_data/report_keywords/crypto_protocol
  • PACE:
    • PACE: 18
  • PACE:
    • PACE: 23
pdf_data/report_keywords/randomness
  • PRNG:
    • PRNG: 1
  • RNG:
    • RNG: 5
  • RNG:
    • RNG: 2
pdf_data/report_keywords/cipher_mode
  • CBC:
    • CBC: 6
  • CBC:
    • CBC: 6
  • OFB:
    • OFB: 2
pdf_data/report_keywords/ecc_curve
  • Brainpool:
    • brainpoolP512r1: 2
pdf_data/report_keywords/side_channel_analysis
  • FI:
    • DFA: 1
    • fault injection: 1
    • malfunction: 1
    • physical tampering: 1
  • SCA:
    • DPA: 1
    • SPA: 1
    • side channel: 1
  • other:
    • JIL: 6
  • FI:
    • fault injection: 1
    • malfunction: 1
    • physical tampering: 1
  • SCA:
    • side channel: 1
  • other:
    • JIL: 6
pdf_data/report_keywords/technical_report_id
  • BSI:
    • BSI 7148: 1
    • BSI TR-03116-1: 1
    • BSI TR-03143: 5
    • BSI TR-03144: 11
  • BSI:
    • BSI 7148: 1
    • BSI TR-02102-1: 1
    • BSI TR-03110: 8
    • BSI TR-03116: 3
    • BSI TR-03116-2: 2
pdf_data/report_keywords/os_name
  • STARCOS:
    • STARCOS 3: 38
  • STARCOS:
    • STARCOS 3: 80
pdf_data/report_keywords/standard_id
  • BSI:
    • AIS 1: 1
    • AIS 14: 1
    • AIS 19: 1
    • AIS 20: 5
    • AIS 25: 4
    • AIS 26: 4
    • AIS 31: 4
    • AIS 32: 1
    • AIS 34: 4
    • AIS 35: 2
    • AIS 36: 5
    • AIS 37: 3
    • AIS 38: 1
    • AIS 46: 3
  • FIPS:
    • FIPS PUB 180-4: 1
    • FIPS PUB 197: 1
  • ISO:
    • ISO/IEC 15408: 4
    • ISO/IEC 17065: 2
    • ISO/IEC 18031:2005: 1
    • ISO/IEC 18045: 4
  • RFC:
    • RFC 5639: 1
  • BSI:
    • AIS 1: 1
    • AIS 14: 1
    • AIS 19: 1
    • AIS 20: 3
    • AIS 25: 4
    • AIS 26: 4
    • AIS 31: 3
    • AIS 32: 1
    • AIS 34: 4
    • AIS 35: 2
    • AIS 36: 5
    • AIS 37: 3
    • AIS 38: 1
    • AIS 46: 3
    • AIS20: 2
    • AIS31: 2
  • FIPS:
    • FIPS PUB 180-4: 1
    • FIPS PUB 197: 1
    • FIPS PUB 46-3: 1
    • FIPS180: 6
    • FIPS180-4: 1
    • FIPS197: 4
    • FIPS46-3: 3
  • ICAO:
    • ICAO: 19
  • ISO:
    • ISO/IEC 15408: 4
    • ISO/IEC 17065: 2
    • ISO/IEC 18031:2005: 1
    • ISO/IEC 18045: 4
  • RFC:
    • RFC 5639: 15
pdf_data/report_keywords/certification_process
  • ConfidentialDocument:
    • H13, Revision 4.4, 30 November 2023, Infineon Technologies AG, BSI-DSZ-CC- 1110-V6-2023 (confidential document) Security Target Lite of the underlying hardware platform, Common Criteria Public Security Target: 1
    • July 2024, Giesecke+Devrient ePayments GmbH (confidential document) [11] Guidance Documentation STARCOS 3.7 COS GKV C2 – Main Document, Version 1.5, 5 June 2024: 1
    • Target STARCOS 3.7 COS GKV C2, Version 1.6, 10 June 2024, Giesecke+Devrient ePayments GmbH (confidential document) [7] Security Target Lite BSI-DSZ-CC-1243, Security Target Lite STARCOS 3.7 COS GKV C2, Version 1.6: 1
    • being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
    • for STARCOS 3.7 COS GKV C2, Version 1.1, 1 August 2024, SRC Security Research & Consulting GmbH (confidential document) [10] Configuration List BSI-DSZ-CC-1243, Configuration List STARCOS 3.7 COS GKV C2, Version 1.2: 1
    • procedure BSI-DSZ-CC-1110-V6-2023, Version 3, 01 December 2023, TÜV Informationstechnik GmbH (confidential document) [21] Einführung der Gesundheitskarte, Spezifikation des Card Operating System (COS), Elektrische: 1
  • ConfidentialDocument:
    • 7 ID eAT C2, STARCOS 3.7 ID ePass C2, Version 0.9, 29 April 2024, Giesecke+Devrient ePayments GmbH (confidential document) [16] Guidance Documentation STARCOS 3.7 ID C2 – Main Document, Version 1.1, 05 December 2023: 1
    • 7 ID eAT C2, STARCOS 3.7 ID ePass C2, Version 1.7, 26 April 2024, Giesecke+Devrient ePayments GmbH (confidential document) [7] Security Target Lite BSI-DSZ-CC-1077-V2-2024, Security Target Lite STARCOS 3.7 ID ePA C2: 1
    • H13, Revision 4.4, 30 November 2023, Infineon Technologies AG, BSI-DSZ-CC- 1110-V6-2023 (confidential document) Security Target Lite of the underlying hardware platform, Common Criteria Public Security Target: 1
    • being maintained is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
    • eAT C2, STARCOS 3.7 ID ePass C2, Version 1.0, 3 May 2024, SRC Security Research & Consulting GmbH (confidential document) [15] Configuration List BSI-DSZ-CC-1077-V2-2024, Configuration List STARCOS 3.7 ID ePA C2, STARCOS: 1
    • procedure BSI-DSZ-CC-1110-V6-2023, Version 3, 01 December 2023, TÜV Informationstechnik GmbH (confidential document) [24] Technical Guideline BSI TR-03110: Advanced Security Mechanisms for Machine Readable Travel: 1
pdf_data/report_metadata
pdf_data/st_filename 1243b_pdf.pdf 1077V2b_pdf.pdf
pdf_data/st_keywords/cc_cert_id
  • DE:
    • BSI-DSZ-CC-1110-V6-2023: 1
  • DE:
    • BSI-DSZ-CC-1110-V6-2023: 2
pdf_data/st_keywords/cc_protection_profile_id
  • BSI:
    • BSI-CC-PP- 0082-V4: 1
    • BSI-CC-PP- 0084-2014: 8
    • BSI-CC-PP- 16: 1
    • BSI-CC-PP-0035-2007: 1
    • BSI-CC-PP-0082-: 1
    • BSI-CC-PP-0082-V4: 24
    • BSI-CC-PP-0084-: 4
    • BSI-CC-PP-0084-2007: 1
    • BSI-CC-PP-0084-2014: 54
    • BSI-PP-0082-V4: 147
    • BSI-PP-0084-: 2
    • BSI-PP-0084-2014: 8
  • BSI:
    • BSI-CC-PP-0056-V2-2012: 1
    • BSI-CC-PP-0059-: 1
    • BSI-CC-PP-0084-2014: 1
    • BSI-CC-PP-0086-2015: 1
    • BSI-CC-PP-0087-V2-2016-MA-01: 1
    • BSI-CC-PP-0087-V2-MA-01: 1
pdf_data/st_keywords/cc_security_level
  • EAL:
    • EAL 4: 2
    • EAL 6: 2
    • EAL4: 14
    • EAL4 augmented: 4
    • EAL6: 1
    • EAL6+: 1
  • EAL:
    • EAL 4: 2
    • EAL 6: 2
    • EAL4: 14
    • EAL4 augmented: 4
    • EAL6: 1
    • EAL6 augmented: 1
    • EAL6+: 2
pdf_data/st_keywords/cc_sar
  • ADV:
    • ADV_ARC: 2
    • ADV_ARC.1: 9
    • ADV_FSP: 2
    • ADV_FSP.4: 6
    • ADV_IMP: 2
    • ADV_IMP.1: 6
    • ADV_TDS.3: 3
  • AGD:
    • AGD_OPE: 2
    • AGD_OPE.1: 6
    • AGD_PRE: 2
    • AGD_PRE.1: 2
  • ALC:
    • ALC_CMC: 2
    • ALC_CMC.4: 1
    • ALC_CMS: 2
    • ALC_CMS.4: 1
    • ALC_DEL: 2
    • ALC_DEL.1: 1
    • ALC_DVS: 2
    • ALC_DVS.2: 12
    • ALC_FLR.1: 1
    • ALC_LCD.1: 1
    • ALC_TAT.1: 1
  • ASE:
    • ASE_CCL.1: 1
    • ASE_ECD: 2
    • ASE_ECD.1: 1
    • ASE_INT.1: 1
    • ASE_OBJ.2: 1
    • ASE_REQ.2: 1
    • ASE_SPD.1: 1
    • ASE_TSS.1: 1
  • ATE:
    • ATE_COV: 2
    • ATE_COV.2: 1
    • ATE_DPT.1: 1
    • ATE_DPT.2: 11
    • ATE_FUN.1: 6
    • ATE_IND.2: 5
  • AVA:
    • AVA_VAN: 2
    • AVA_VAN.5: 10
  • ADV:
    • ADV_ARC.1: 3
    • ADV_FSP.4: 2
    • ADV_IMP.1: 2
    • ADV_TDS.3: 4
  • AGD:
    • AGD_OPE: 1
    • AGD_OPE.1: 2
    • AGD_PRE: 4
    • AGD_PRE.1: 3
  • ALC:
    • ALC_DEL.1: 1
    • ALC_DVS.2: 8
    • ALC_FLR.1: 1
  • ATE:
    • ATE_DPT: 1
    • ATE_DPT.2: 9
    • ATE_FUN: 1
    • ATE_FUN.1: 1
  • AVA:
    • AVA_VAN.5: 8
pdf_data/st_keywords/cc_sfr
  • FAU:
    • FAU_SAS: 8
    • FAU_SAS.1: 4
  • FCS:
    • FCS_CKM: 67
    • FCS_CKM.1: 31
    • FCS_CKM.2: 8
    • FCS_CKM.4: 49
    • FCS_CKM.4.1: 1
    • FCS_COP: 144
    • FCS_COP.1: 21
    • FCS_COP.1.1: 1
    • FCS_RNG: 32
    • FCS_RNG.1: 20
    • FCS_RNG.1.1: 3
    • FCS_RNG.1.2: 2
  • FDP:
    • FDP_ACC: 114
    • FDP_ACC.1: 41
    • FDP_ACF: 93
    • FDP_ACF.1: 35
    • FDP_IFC: 7
    • FDP_IFC.1: 17
    • FDP_ITC.1: 27
    • FDP_ITC.2: 27
    • FDP_ITT: 7
    • FDP_ITT.1: 4
    • FDP_RIP: 9
    • FDP_RIP.1: 12
    • FDP_RIP.1.1: 1
    • FDP_SDC: 8
    • FDP_SDC.1: 4
    • FDP_SDI: 7
    • FDP_SDI.1: 1
    • FDP_SDI.2: 11
    • FDP_SDI.2.1: 1
    • FDP_SDI.2.2: 1
    • FDP_UCT: 7
    • FDP_UCT.1: 1
    • FDP_UIT: 8
    • FDP_UIT.1: 2
  • FIA:
    • FIA_AFL: 22
    • FIA_AFL.1: 4
    • FIA_API: 1
    • FIA_API.1: 14
    • FIA_API.1.1: 1
    • FIA_ATD: 10
    • FIA_ATD.1: 14
    • FIA_ATD.1.1: 1
    • FIA_SOS.1: 8
    • FIA_SOS.1.1: 1
    • FIA_UAU: 40
    • FIA_UAU.1: 20
    • FIA_UAU.1.1: 1
    • FIA_UAU.1.2: 1
    • FIA_UAU.4: 12
    • FIA_UAU.4.1: 1
    • FIA_UAU.5: 17
    • FIA_UAU.5.1: 1
    • FIA_UAU.5.2: 1
    • FIA_UAU.6: 11
    • FIA_UAU.6.1: 1
    • FIA_UID: 14
    • FIA_UID.1: 19
    • FIA_UID.1.1: 1
    • FIA_UID.1.2: 1
    • FIA_USB: 13
    • FIA_USB.1: 23
    • FIA_USB.1.1: 1
    • FIA_USB.1.2: 1
    • FIA_USB.1.3: 1
  • FMT:
    • FMT_LIM: 15
    • FMT_LIM.1: 4
    • FMT_LIM.2: 2
    • FMT_MSA: 60
    • FMT_MSA.1: 6
    • FMT_MSA.3: 33
    • FMT_MSA.3.1: 1
    • FMT_MSA.3.2: 1
    • FMT_MTD: 38
    • FMT_MTD.1: 4
    • FMT_SMF.1: 51
    • FMT_SMF.1.1: 1
    • FMT_SMR: 9
    • FMT_SMR.1: 38
    • FMT_SMR.1.1: 1
    • FMT_SMR.1.2: 1
    • FMT_SRM: 1
  • FPT:
    • FPT_EMS: 10
    • FPT_EMS.1: 15
    • FPT_EMS.1.1: 1
    • FPT_EMS.1.2: 1
    • FPT_FLS: 7
    • FPT_FLS.1: 16
    • FPT_FLS.1.1: 1
    • FPT_ITE: 11
    • FPT_ITE.1: 11
    • FPT_ITE.1.1: 1
    • FPT_ITE.1.2: 1
    • FPT_ITE.2: 13
    • FPT_ITE.2.1: 5
    • FPT_ITE.2.2: 1
    • FPT_ITT: 7
    • FPT_ITT.1: 4
    • FPT_PHP: 7
    • FPT_PHP.3: 5
    • FPT_TDC.1: 10
    • FPT_TDC.1.1: 1
    • FPT_TDC.1.2: 1
    • FPT_TST: 2
    • FPT_TST.1: 11
    • FPT_TST.1.1: 1
    • FPT_TST.1.2: 1
    • FPT_TST.1.3: 1
  • FRU:
    • FRU_FLT: 7
    • FRU_FLT.2: 4
  • FTP:
    • FTP_ITC: 22
    • FTP_ITC.1: 12
    • FTP_ITE: 1
    • FTP_TRP.1: 5
  • FAU:
    • FAU_SAS: 14
    • FAU_SAS.1: 9
    • FAU_SAS.1.1: 1
  • FCS:
    • FCS_CKM: 106
    • FCS_CKM.1: 30
    • FCS_CKM.2: 11
    • FCS_CKM.4: 30
    • FCS_COP: 96
    • FCS_COP.1: 27
    • FCS_RND: 8
    • FCS_RND.1: 4
    • FCS_RNG: 9
  • FDP:
    • FDP_ACC: 35
    • FDP_ACC.1: 17
    • FDP_ACF: 47
    • FDP_ACF.1: 50
    • FDP_IFC: 5
    • FDP_IFC.1: 9
    • FDP_IFF: 6
    • FDP_IFF.1: 6
    • FDP_ITC.1: 19
    • FDP_ITC.2: 20
    • FDP_ITT.1: 1
    • FDP_MTD: 2
    • FDP_RIP: 11
    • FDP_RIP.1: 10
    • FDP_SDC.1: 1
    • FDP_SDI: 10
    • FDP_SDI.1: 3
    • FDP_SDI.2: 10
    • FDP_UCT: 5
    • FDP_UCT.1: 2
    • FDP_UIT: 5
    • FDP_UIT.1: 3
  • FIA:
    • FIA_AFL: 21
    • FIA_AFL.1: 11
    • FIA_API: 21
    • FIA_API.1: 7
    • FIA_UAU: 70
    • FIA_UAU.1: 15
    • FIA_UAU.4: 3
    • FIA_UAU.4.1: 1
    • FIA_UAU.5: 4
    • FIA_UAU.6: 4
    • FIA_UID: 27
    • FIA_UID.1: 18
  • FMT:
    • FMT_FLS.1: 1
    • FMT_LIM: 41
    • FMT_LIM.1: 7
    • FMT_LIM.2: 7
    • FMT_MOF: 2
    • FMT_MOF.1: 1
    • FMT_MSA: 17
    • FMT_MSA.1: 8
    • FMT_MSA.2: 1
    • FMT_MSA.3: 12
    • FMT_MSA.4: 1
    • FMT_MTD: 87
    • FMT_MTD.1: 23
    • FMT_MTD.3: 3
    • FMT_SMF: 37
    • FMT_SMF.1: 30
    • FMT_SMR: 39
    • FMT_SMR.1: 43
    • FMT_SMR.1.1: 1
    • FMT_SMR.1.2: 1
    • FMT_TST.1: 1
  • FPT:
    • FPT_EMS: 31
    • FPT_EMS.1: 15
    • FPT_EMS.1.1: 3
    • FPT_EMS.1.2: 3
    • FPT_FLS: 15
    • FPT_FLS.1: 7
    • FPT_ITT.1: 1
    • FPT_PHP: 14
    • FPT_PHP.1: 3
    • FPT_PHP.3: 4
    • FPT_TST: 17
    • FPT_TST.1: 7
    • FPT_TST.2: 5
  • FRU:
    • FRU_FLT.2: 6
  • FTP:
    • FTP_ITC: 23
    • FTP_ITC.1: 18
    • FTP_TRP.1: 1
pdf_data/st_keywords/cc_claims
  • O:
    • O.AES: 6
    • O.PACE_CHIP: 2
    • O.RND: 7
  • T:
    • T.RND: 5
  • A:
    • A.CGA: 2
    • A.SCA: 2
  • O:
    • O.AES: 2
    • O.MEM_ACCESS: 1
    • O.RND: 3
    • O.TDES: 1
  • OE:
    • OE.HID_VAD: 2
  • T:
    • T.RND: 3
pdf_data/st_keywords/vendor
  • GD:
    • G+D: 147
    • Giesecke+Devrient: 13
  • Infineon:
    • Infineon: 2
    • Infineon Technologies: 1
    • Infineon Technologies AG: 1
  • NXP:
    • NXP Semiconductors: 1
  • STMicroelectronics:
    • STMicroelectronics: 1
  • GD:
    • G+D: 2
    • Giesecke+Devrient: 6
  • Infineon:
    • Infineon: 3
    • Infineon Technologies: 1
    • Infineon Technologies AG: 1
  • NXP:
    • NXP Semiconductors: 1
pdf_data/st_keywords/eval_facility
  • TSystems:
    • T-Systems International: 1
pdf_data/st_keywords/symmetric_crypto
  • AES_competition:
    • AES:
      • AES: 56
    • HPC:
      • HPC: 1
  • constructions:
    • MAC:
      • CMAC: 24
  • AES_competition:
    • AES:
      • AES: 25
  • DES:
    • 3DES:
      • 3DES: 6
      • TDES: 2
      • Triple-DES: 4
    • DES:
      • DES: 4
  • constructions:
    • MAC:
      • CMAC: 7
      • KMAC: 5
pdf_data/st_keywords/asymmetric_crypto
  • ECC:
    • ECC:
      • ECC: 14
    • ECDH:
      • ECDH: 6
    • ECDSA:
      • ECDSA: 38
  • FF:
    • DH:
      • DH: 12
      • Diffie-Hellman: 1
    • DSA:
      • DSA: 1
  • ECC:
    • ECC:
      • ECC: 2
    • ECDH:
      • ECDH: 6
    • ECDSA:
      • ECDSA: 4
    • ECIES:
      • ECIES: 1
  • FF:
    • DH:
      • DH: 4
      • Diffie-Hellman: 5
pdf_data/st_keywords/hash_function
  • SHA:
    • SHA1:
      • SHA-1: 3
    • SHA2:
      • SHA-224: 2
      • SHA-256: 11
      • SHA-384: 6
      • SHA-512: 3
  • SHA:
    • SHA1:
      • SHA-1: 4
    • SHA2:
      • SHA-224: 1
      • SHA-256: 7
      • SHA-384: 4
      • SHA-512: 4
pdf_data/st_keywords/crypto_scheme
  • KA:
    • Key Agreement: 1
    • Key agreement: 1
  • MAC:
    • MAC: 33
  • MAC:
    • MAC: 5
pdf_data/st_keywords/crypto_protocol
  • PACE:
    • PACE: 125
  • TLS:
    • SSL:
      • SSL: 1
  • PACE:
    • PACE: 112
pdf_data/st_keywords/randomness
  • RNG:
    • RND: 14
    • RNG: 38
  • RNG:
    • RND: 6
    • RNG: 8
pdf_data/st_keywords/cipher_mode
  • CBC:
    • CBC: 3
  • CBC:
    • CBC: 4
  • OFB:
    • OFB: 1
pdf_data/st_keywords/ecc_curve
  • Brainpool:
    • brainpoolP256r1: 4
    • brainpoolP384r1: 4
    • brainpoolP512r1: 4
pdf_data/st_keywords/side_channel_analysis
  • FI:
    • DFA: 1
    • Malfunction: 16
    • malfunction: 1
    • physical tampering: 3
  • SCA:
    • DPA: 1
    • Leak-Inherent: 14
    • Physical Probing: 2
    • SPA: 1
    • side channel: 1
  • other:
    • Bleichenbacher attack: 1
    • JIL: 3
  • FI:
    • Malfunction: 11
    • malfunction: 1
    • physical tampering: 7
  • SCA:
    • Leak-Inherent: 6
pdf_data/st_keywords/technical_report_id
  • BSI:
    • BSI TR-03111: 3
    • BSI TR-03143: 2
  • BSI:
    • BSI TR-03110: 2
    • BSI TR-03116: 1
pdf_data/st_keywords/tee_name
  • IBM:
    • SE: 1
pdf_data/st_keywords/os_name
  • STARCOS:
    • STARCOS 3: 16
  • STARCOS:
    • STARCOS 3: 580
pdf_data/st_keywords/ic_data_group
  • EF:
    • EF.COM: 1
    • EF.ChipSecurity: 1
    • EF.DG1: 1
    • EF.DG14: 1
    • EF.DG16: 1
    • EF.DG3: 2
    • EF.DG4: 2
    • EF.SOD: 2
pdf_data/st_keywords/standard_id
  • BSI:
    • AIS20: 2
    • AIS31: 1
  • CC:
    • CCMB-2017-04-001: 1
    • CCMB-2017-04-002: 1
    • CCMB-2017-04-003: 1
    • CCMB-2017-04-004: 1
    • CCMB-2017-05-001: 1
  • FIPS:
    • FIPS 180-4: 1
    • FIPS 197: 3
    • FIPS PUB 180-4: 1
  • ISO:
    • ISO/IEC 7816: 2
  • NIST:
    • NIST SP 800-38B: 1
  • PKCS:
    • PKCS #1: 1
  • RFC:
    • RFC 5639: 1
    • RFC5639: 3
  • BSI:
    • AIS 20: 1
    • AIS 31: 1
    • AIS20: 2
    • AIS31: 3
  • CC:
    • CCMB-2017-04-001: 2
    • CCMB-2017-04-002: 2
    • CCMB-2017-04-003: 2
    • CCMB-2017-04-004: 2
  • FIPS:
    • FIPS 197: 1
    • FIPS 19795: 1
    • FIPS180-4: 9
  • ICAO:
    • ICAO: 10
  • ISO:
    • ISO/IEC 14443: 4
    • ISO/IEC 7816: 2
  • PKCS:
    • PKCS#3: 2
  • RFC:
    • RFC3369: 2
pdf_data/st_keywords/certification_process
  • OutOfScope:
    • and supports this process by cryptographic means. In particular, the updated TOE software is out of scope of this ST. No assumption is made on the quality and security of the update. To make the point: 1
    • of the user data accessible using the different terminal types Other terminals than the above are out of scope of this ST. In particular, terminals using Basic Access Control (BAC) are functionally supported by: 1
    • out of scope: 2
pdf_data/st_metadata
  • /Author: wallhaek
  • /Keywords:
  • /Subject:
  • /Title: ASE_STA37_COSGKV_C2_Lite
  • pdf_file_size_bytes: 1178896
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 149
  • /Author: uta
  • /Keywords: Version, 1.7/Status, 26.04.2024
  • /Subject: STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2
  • /Title: Security Target Lite
  • pdf_file_size_bytes: 1673991
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 182
state/cert/pdf_hash Different Different
state/cert/txt_hash Different Different
state/report/pdf_hash Different Different
state/report/txt_hash Different Different
state/st/pdf_hash Different Different
state/st/txt_hash Different Different