This page was not yet optimized for use on mobile devices.
MultiApp 5.2 Premium PQC (version 5.2)(ANSSI-CC-2025/32)
CSV information
| Status | active |
|---|---|
| Valid from | 29.09.2025 |
| Valid until | 29.09.2030 |
| Scheme | 🇫🇷 FR |
| Manufacturer | THALES DIS FRANCE SA |
| Category | ICs, Smart Cards and Smart Card-Related Devices and Systems |
| Security level | EAL6+, ALC_FLR.1 |
| Protection profiles |
Heuristics summary
Certificate ID: ANSSI-CC-2025/32
Certificate
Extracted keywords
Post-quantum Algorithms
PQCSecurity level
EAL6, EAL2Security Assurance Requirements (SAR)
ALC_FLR.1Protection profiles
BSI-CC-PP-0099-V2-2020Certificates
ANSSI-CC-2025/32Evaluation facilities
CEA - LETIFile metadata
| Creation date | D:20250929101346+02'00' |
|---|---|
| Modification date | D:20250930003101-07'00' |
| Pages | 2 |
| Creator | Acrobat PDFMaker 25 pour Word |
| Producer | PDFKit.NET 12.3.563.0 DMV10 |
Certification report
Extracted keywords
Symmetric Algorithms
DESPost-quantum Algorithms
PQCProtocols
PACEJavaCard versions
Java Card 3.2Security level
EAL6, EAL2, EAL7, ITSEC E6 ElevéSecurity Assurance Requirements (SAR)
AGD_PRE, AGD_OPE, ALC_FLR.1, ALC_FLR, AVA_VANProtection profiles
BSI-CC-PP-0099-V2-2020, BSI-PP-0084-2014, BSI-PP-0099-2017Certificates
BSI-DSZ-CC-1169-V4-2024, ANSSI-CC-2025/32Evaluation facilities
CESTI, CEA - LETIStandards
CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004File metadata
| Creation date | D:20250929101523+02'00' |
|---|---|
| Modification date | D:20250930003101-07'00' |
| Pages | 15 |
| Creator | Acrobat PDFMaker 25 pour Word |
| Producer | PDFKit.NET 12.3.563.0 DMV10 |
References
Outgoing- BSI-DSZ-CC-1169-V4-2024 - active - IFX_CCI_00003Bh, 000043h, 00005Dh, 00005Eh, 00005Fh, 000060h, 000061h, 000062h, 000063h, 000064h, design step S11 with firmware 80.309.05.0, optional NRG™ SW 05.03.4097, optional HSL v3.52.9708, UMSLC lib v01.30.0564, optional SCL v2.15.000, optional ACL v3.33.003 and v3.34.000 and v3.35.001, optional RCL v1.10.007, optional HCL v1.13.002 and user guidance
Security target
Extracted keywords
Symmetric Algorithms
AES, AES-256, DES, TDEA, 3DES, TDES, Triple-DES, HMAC, KMAC, CMACAsymmetric Algorithms
ECDH, ECDSA, ECC, DH, Diffie-Hellman, DSAPost-quantum Algorithms
ML-KEM, ML-DSA, KYBER, CRYSTALS-KYBER, PQCHash functions
SHA1, SHA-1, SHA-224, SHA-256, SHA-512, SHA224, SHA-384, SHA2, SHA-3, SHA3, SHA3-256, SHA3-384, SHAKE256Schemes
MAC, Key Agreement, Key agreementProtocols
PACERandomness
PRNG, RNG, RNDBlock cipher modes
ECB, CBCJavaCard versions
Java Card 3.2JavaCard API constants
TYPE_ACCESSCPLC
IC Fabricator, IC TypeIC data groups
EF.DG1, EF.DG16, EF.DG3, EF.DG4Trusted Execution Environments
SEVendor
Infineon, Gemalto, ThalesSecurity level
EAL6+, EAL6, EAL 6+, EAL6 augmentedClaims
D.APP_CODE, D.APP_C_DATA, D.APP_I_DATA, D.PIN, D.API_DATA, D.CRYPTO, D.JCS_CODE, D.JCS_DATA, D.SEC_DATA, D.OS-UPDATE_DEC-KEY, D.APP_KEYS, D.OS-UPDATE_SGNVER-KEY, D.OS-UPDATE_ADDITIONALCODE, D.OS-UPDATE-CODE-ID, D.OS-, O.SID, O.FIREWALL, O.GLOBAL_ARRAYS_CONFID, O.GLOBAL_ARRAYS_INTEG, O.ARRAY_VIEWS_CONFID, O.NATIVE, O.OPERATE, O.REALLOCATION, O.RESOURCES, O.ALARM, O.CIPHER, O.RNG, O.KEY-MNGT, O.PIN-MNGT, O.TRANSACTION, O.OBJ-DELETION, O.DELETION, O.LOAD, O.INSTALL, O.SCP, O.CARD-MANAGEMENT, O.SECURE_LOAD_ACODE, O.SECURE_AC_ACTIVATION, O.TOE_IDENTIFICATION, O.CONFID-OS-UPDATE, O.PIN_MNGT, O.OBJ_DELETION, O.ARRAY_VIEWS_INTEG, O.RND, O.APPLET, O.CODE_CAP_FILE, O.JAVAOBJECT, T.CONFID-APPLI-DATA, T.CONFID-JCS-CODE, T.CONFID-JCS-DATA, T.INTEG-APPLI-CODE, T.INTEG-APPLI-DATA, T.INTEG-JCS-CODE, T.INTEG-JCS-DATA, T.SID, T.EXE-CODE, T.NATIVE, T.RESOURCES, T.DELETION, T.INSTALL, T.OBJ-DELETION, T.PHYSICAL, T.UNAUTHORIZED_TOE_CODE_UPDATE, T.FAKE-SGNVER-KEY, T.WRONG-UPDATE-STATE, T.INTEG-OS-UPDATE_LOAD, T.CONFID-OS-UPDATE_LOAD, A.CAP_FILE, A.DELETION, A.VERIFICATION, A.OS-UPDATE-EVIDENCE, A.SECURE_ACODE_MANAGEMENT, R.JAVA, OT.X, OP.ARRAY_ACCESS, OP.ARRAY_LENGTH, OP.ARRAY_AASTORE, OP.ARRAY_T_ALOAD, OP.ARRAY_T_ASTORE, OP.CREATE, OP.DELETE_APPLET, OP.DELETE_CAP_FILE, OP.DELETE_CAP_FILE_APPLET, OP.INSTANCE_FIELD, OP.INVK_VIRTUAL, OP.INVK_INTERFACE, OP.JAVA, OP.THROW, OP.TYPE_ACCESS, OP.PUT, OP.PUTFIELD, OP.PUTSTATIC, OE.OS-UPDATE-ENCRYPTION, OE.VERIFICATION, OE.CAP_FILE, OE.CODE-EVIDENCE, OE.OS-UPDATE-EVIDENCE, OE.SECURE_ACODE_MANAGEMENT, OE.CARD-MANAGEMENT, OE.SCP, OE.NATIVE, OSP.VERIFICATION, OSP.RNG, OSP.ATOMIC_ACTIVATION, OSP.TOE_IDENTIFICATION, OSP.ADDITIONAL_CODE_SIGNING, OSP.ADDITIONAL_CODE_ENCRYPTIONSecurity Assurance Requirements (SAR)
ADV_SPM.1, ADV_ARC.1, ADV_FSP.5, ADV_IMP.2, ADV_INT.3, ADV_TDS.5, ADV_FSP.4, ADV_ARC, ADV_TDS.1, ADV_IMP.1, ADV_TDS.3, ADV_FSP.1, ADV_FSP.2, ADV_TDS.4, ADV_INT.2, AGD_OPE, AGD_PRE, AGD_OPE.1, AGD_PRE.1, ALC_FLR.1, ALC_CMC.5, ALC_CMS.5, ALC_DEL.1, ALC_DVS.2, ALC_LCD.1, ALC_TAT.3, ALC_TAT.1, ALC_CMC.4, ALC_TAT.2, ATE_COV.3, ATE_DPT.3, ATE_FUN.2, ATE_IND.2, ATE_FUN.1, ATE_COV.1, ATE_COV.2, ATE_DPT.1, AVA_VAN.5, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1Security Functional Requirements (SFR)
FAU_ARP.1, FAU_ARP.1.1, FAU_SAA.1, FAU_SAS.1, FCO_NRO, FCO_NRO.2, FCS_RNG, FCS_CKM, FCS_COP, FCS_RNG.1, FCS_RNG.1.1, FCS_RNG.1.2, FCS_CKM.1, FCS_CKM.1.1, FCS_CKM.2, FCS_CKM.2.1, FCS_CKM.3, FCS_CKM.3.1, FCS_CKM.4, FCS_CKM.4.1, FCS_COP.1, FCS_COP.1.1, FCS_CMK.4, FDP_ACF, FDP_ACC, FDP_ACC.2, FDP_ACF.1, FDP_IFC, FDP_IFC.1, FDP_IFF, FDP_IFF.1, FDP_RIP, FDP_RIP.1, FDP_ROL.1, FDP_ROL, FDP_SDI, FDP_SDI.2, FDP_ITC, FDP_ITC.2, FDP_IFC.2, FDP_UIT, FDP_UIT.1, FDP_ACC.1, FDP_ITC.1, FDP_RIP.1.1, FDP_SDC.1, FDP_ITT.1, FDP_UCT.1, FIA_AFL, FIA_ATD, FIA_ATD.1, FIA_UID, FIA_UID.2, FIA_USB, FIA_USB.1, FIA_UID.1, FIA_UAU.4, FIA_UAU, FIA_UAU.1, FIA_AFL.1.1, FIA_AFL.1.2, FIA_UID.1.1, FIA_UID.1.2, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UAU.4.1, FIA_UAU.5.1, FIA_UAU.5.2, FIA_UAU.6.1, FIA_API.1, FMT_LIM, FMT_LIM.1, FMT_LIM.2, FMT_LIM.1.1, FMT_LIM.2.1, FMT_MSA, FMT_MSA.1, FMT_MSA.2, FMT_MSA.3, FMT_SMR, FMT_SMR.1, FMT_SMF, FMT_SMF.1, FMT_MTD, FMT_MTD.1, FMT_MTD.3, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FPR_UNO.1, FPR_UNO.1.1, FPR_UNO, FPT_EMS, FPT_TST, FPT_EMS.1, FPT_EMS.1.1, FPT_EMS.1.2, FPT_FLS, FPT_FLS.1, FPT_TDC.1, FPT_TDC.1.1, FPT_TDC.1.2, FPT_RCV, FPT_RCV.3, FPT_FLS.1.1, FPT_TST.1, FPT_PHP, FPT_PHP.3, FPT_RCV.4, FPT_ITT, FPT_ITT.1, FPT_TST.1.1, FPT_TST.1.2, FPT_TST.1.3, FPT_PHP.3.1, FPT_TST.2, FRU_FLT.2, FTP_ITC, FTP_ITC.1, FTP_ITC.1.1, FTP_ITC.1.2, FTP_ITC.1.3, FTP_TRP, FTP_TRP.1Protection profiles
BSI-CC-PP-0084-, BSI-CC-PP-0099-V2-2020, BSI-CC-PP- 0068-V2-2011-MA-01, BSI-PP-0056-V2-MA-2012, BSI-PP-0055-Certificates
BSI-DSZ-CC-1169-V4-2024, CC-1, CC-2, CC-3Side-channel analysis
Leak-Inherent, physical probing, DPA, SPA, timing attacks, physical tampering, Physical Tampering, malfunction, Malfunction, fault inductionCertification process
out of scope, • The DELETE and INSTALL APDU commands are out of scope of this SPM, a timeout policy that prevent them from being blocked should a card fails to answer. That point is out of scope of this Security Target, though. Finally, the objectives O.SCP.RECOVERY and O.SCP.SUPPORT are, the active context is not the same as the Selected Applet Context. Application note: This rule is out of scope of the SPM modelisation because CLEAR_ON_DESELECT objects can be created exclusively in the API, is also out of scope (Hypothesis 4 of the SPM document [SPM]).. 3) S.CAP_FILE performing OP.ARRAY_AASTORE of the, as a null reference. Such a mechanism is implementation-dependent. The deletion of applets is out of scope of this SPM scope. In the case of an array type, fields are components of the array ([JVM], §2.14, Context, the Selected Applet Context, and the Active Applets Note: the Selected Applet context is out of scope of the VM functionalities. It is a process that occurs prior to VM start The initial setting of, and deletion; see #.DELETION and #.INSTALL). • The DELETE and INSTALL APDU commands are out of scope of this SPM. The list of registred applets’ AIDs is proven to be not modified during the execution, 1, are out of the scope of the SPM as they are linked to the applet loading or deletion that is out of scope of the SPM boundaries limited to VM opcodes The SFR FMT_MTD.3/JCRE is out of scope of the SPM, because AID registry is created during loading phase, which is also out of scope of the SPM (Hypothesis 2 of the SPM document [SPM]). MultiApp V5.2: JCS Security Target ©Standards
FIPS180-2, FIPS197, FIPS202, FIPS180-4, FIPS 204, FIPS 203, FIPS204, FIPS 197, SP 800-67, PKCS#1, PKCS#5, AIS31, AIS20, ICAO, SCP01, SCP02, SCP03, CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003File metadata
| Creation date | D:20250912174643+02'00' |
|---|---|
| Modification date | D:20250912174643+02'00' |
| Pages | 151 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
References
Outgoing- BSI-DSZ-CC-1169-V4-2024 - active - IFX_CCI_00003Bh, 000043h, 00005Dh, 00005Eh, 00005Fh, 000060h, 000061h, 000062h, 000063h, 000064h, design step S11 with firmware 80.309.05.0, optional NRG™ SW 05.03.4097, optional HSL v3.52.9708, UMSLC lib v01.30.0564, optional SCL v2.15.000, optional ACL v3.33.003 and v3.34.000 and v3.35.001, optional RCL v1.10.007, optional HCL v1.13.002 and user guidance
Heuristics
Certificate ID: ANSSI-CC-2025/32
Extracted SARs
ADV_ARC.1, ADV_FSP.5, ADV_IMP.2, ADV_INT.3, ADV_SPM.1, ADV_TDS.5, AGD_OPE.1, AGD_PRE.1, ALC_CMC.5, ALC_CMS.5, ALC_DEL.1, ALC_DVS.2, ALC_FLR.1, ALC_LCD.1, ALC_TAT.3, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1, ATE_COV.3, ATE_DPT.3, ATE_FUN.2, ATE_IND.2, AVA_VAN.5Similar certificates
Showing 5 out of 33.
References
Loading...
Updates
-
20.10.2025 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name MultiApp 5.2 Premium PQC (version 5.2)(ANSSI-CC-2025/32) was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "ICs, Smart Cards and Smart Card-Related Devices and Systems",
"cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/Certificat-ANSSI-CC-2025_32fr.pdf",
"dgst": "fbe3fb10fd47a9a6",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "ANSSI-CC-2025/32",
"cert_lab": null,
"cpe_matches": null,
"direct_transitive_cves": null,
"eal": "EAL6+",
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_INT",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DVS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_SPM",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 2
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"5.2"
]
},
"indirect_transitive_cves": null,
"next_certificates": null,
"prev_certificates": null,
"protection_profiles": {
"_type": "Set",
"elements": [
"94167fd161e87d71"
]
},
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1169-V4-2024"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1169-V2-2022",
"BSI-DSZ-CC-1169-V4-2024",
"BSI-DSZ-CC-1169-V3-2024"
]
}
},
"scheme_data": null,
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1169-V4-2024"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1169-V4-2024"
]
}
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "THALES DIS FRANCE SA",
"manufacturer_web": "https://www.thalesgroup.com/en/europe/france",
"name": "MultiApp 5.2 Premium PQC (version 5.2)(ANSSI-CC-2025/32)",
"not_valid_after": "2030-09-29",
"not_valid_before": "2025-09-29",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": "Certificat-ANSSI-CC-2025_32fr.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"FR": {
"ANSSI-CC-2025/32": 2
}
},
"cc_claims": {},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0099-V2-2020": 1
}
},
"cc_sar": {
"ALC": {
"ALC_FLR.1": 2
}
},
"cc_security_level": {
"EAL": {
"EAL2": 1,
"EAL6": 1
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"CEA-LETI": {
"CEA - LETI": 2
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {
"PQC": {
"PQC": 1
}
},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"cert_metadata": {
"/CreationDate": "D:20250929101346+02\u002700\u0027",
"/Creator": "Acrobat PDFMaker 25 pour Word",
"/ModDate": "D:20250930003101-07\u002700\u0027",
"/Producer": "PDFKit.NET 12.3.563.0 DMV10",
"pdf_file_size_bytes": 302623,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 2
},
"report_filename": "ANSSI-CC-2025_32fr.pdf",
"report_frontpage": {
"FR": {}
},
"report_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1169-V4-2024": 1
},
"FR": {
"ANSSI-CC-2025/32": 3
}
},
"cc_claims": {},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0099-V2-2020": 1,
"BSI-PP-0084-2014": 1,
"BSI-PP-0099-2017": 1
}
},
"cc_sar": {
"AGD": {
"AGD_OPE": 2,
"AGD_PRE": 2
},
"ALC": {
"ALC_FLR": 1,
"ALC_FLR.1": 2
},
"AVA": {
"AVA_VAN": 1
}
},
"cc_security_level": {
"EAL": {
"EAL2": 2,
"EAL6": 1,
"EAL7": 1
},
"ITSEC": {
"ITSEC E6 Elev\u00e9": 1
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"PACE": {
"PACE": 1
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"CEA-LETI": {
"CEA - LETI": 1
},
"CESTI": {
"CESTI": 5
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {
"JavaCard": {
"Java Card 3.2": 3
}
},
"os_name": {},
"pq_crypto": {
"PQC": {
"PQC": 5
}
},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"CC": {
"CCMB-2017-04-001": 1,
"CCMB-2017-04-002": 1,
"CCMB-2017-04-003": 1,
"CCMB-2017-04-004": 1
}
},
"symmetric_crypto": {
"DES": {
"DES": {
"DES": 1
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/CreationDate": "D:20250929101523+02\u002700\u0027",
"/Creator": "Acrobat PDFMaker 25 pour Word",
"/ModDate": "D:20250930003101-07\u002700\u0027",
"/Producer": "PDFKit.NET 12.3.563.0 DMV10",
"pdf_file_size_bytes": 834150,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.commoncriteriaportal.org/",
"http://www.sogis.eu/",
"mailto:[email protected]",
"http://www.cyber.gouv.fr/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 15
},
"st_filename": "ANSSI-cible-CC-2025_32en.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 13
},
"ECDH": {
"ECDH": 9
},
"ECDSA": {
"ECDSA": 5
}
},
"FF": {
"DH": {
"DH": 14,
"Diffie-Hellman": 6
},
"DSA": {
"DSA": 1
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1169-V4-2024": 1
},
"NL": {
"CC-1": 2,
"CC-2": 3,
"CC-3": 4
}
},
"cc_claims": {
"A": {
"A.CAP_FILE": 4,
"A.DELETION": 4,
"A.OS-UPDATE-EVIDENCE": 3,
"A.SECURE_ACODE_MANAGEMENT": 3,
"A.VERIFICATION": 3
},
"D": {
"D.API_DATA": 3,
"D.APP_CODE": 6,
"D.APP_C_DATA": 3,
"D.APP_I_DATA": 5,
"D.APP_KEYS": 1,
"D.CRYPTO": 5,
"D.JCS_CODE": 6,
"D.JCS_DATA": 8,
"D.OS-": 1,
"D.OS-UPDATE-CODE-ID": 3,
"D.OS-UPDATE_ADDITIONALCODE": 5,
"D.OS-UPDATE_DEC-KEY": 2,
"D.OS-UPDATE_SGNVER-KEY": 2,
"D.PIN": 4,
"D.SEC_DATA": 7
},
"O": {
"O.ALARM": 15,
"O.APPLET": 28,
"O.ARRAY_VIEWS_CONFID": 7,
"O.ARRAY_VIEWS_INTEG": 3,
"O.CARD-MANAGEMENT": 21,
"O.CIPHER": 11,
"O.CODE_CAP_FILE": 23,
"O.CONFID-OS-UPDATE": 4,
"O.DELETION": 4,
"O.FIREWALL": 12,
"O.GLOBAL_ARRAYS_CONFID": 9,
"O.GLOBAL_ARRAYS_INTEG": 5,
"O.INSTALL": 7,
"O.JAVAOBJECT": 68,
"O.KEY-MNGT": 6,
"O.LOAD": 11,
"O.NATIVE": 12,
"O.OBJ-DELETION": 4,
"O.OBJ_DELETION": 4,
"O.OPERATE": 15,
"O.PIN-MNGT": 6,
"O.PIN_MNGT": 4,
"O.REALLOCATION": 5,
"O.RESOURCES": 9,
"O.RND": 1,
"O.RNG": 11,
"O.SCP": 39,
"O.SECURE_AC_ACTIVATION": 5,
"O.SECURE_LOAD_ACODE": 9,
"O.SID": 13,
"O.TOE_IDENTIFICATION": 7,
"O.TRANSACTION": 6
},
"OE": {
"OE.CAP_FILE": 5,
"OE.CARD-MANAGEMENT": 1,
"OE.CODE-EVIDENCE": 11,
"OE.NATIVE": 1,
"OE.OS-UPDATE-ENCRYPTION": 6,
"OE.OS-UPDATE-EVIDENCE": 3,
"OE.SCP": 6,
"OE.SECURE_ACODE_MANAGEMENT": 3,
"OE.VERIFICATION": 25
},
"OP": {
"OP.ARRAY_AASTORE": 3,
"OP.ARRAY_ACCESS": 7,
"OP.ARRAY_LENGTH": 3,
"OP.ARRAY_T_ALOAD": 3,
"OP.ARRAY_T_ASTORE": 3,
"OP.CREATE": 11,
"OP.DELETE_APPLET": 6,
"OP.DELETE_CAP_FILE": 4,
"OP.DELETE_CAP_FILE_APPLET": 4,
"OP.INSTANCE_FIELD": 6,
"OP.INVK_INTERFACE": 10,
"OP.INVK_VIRTUAL": 8,
"OP.JAVA": 8,
"OP.PUT": 8,
"OP.PUTFIELD": 1,
"OP.PUTSTATIC": 1,
"OP.THROW": 7,
"OP.TYPE_ACCESS": 7
},
"OSP": {
"OSP.ADDITIONAL_CODE_ENCRYPTION": 3,
"OSP.ADDITIONAL_CODE_SIGNING": 3,
"OSP.ATOMIC_ACTIVATION": 3,
"OSP.RNG": 3,
"OSP.TOE_IDENTIFICATION": 3,
"OSP.VERIFICATION": 3
},
"OT": {
"OT.X": 1
},
"R": {
"R.JAVA": 13
},
"T": {
"T.CONFID-APPLI-DATA": 3,
"T.CONFID-JCS-CODE": 3,
"T.CONFID-JCS-DATA": 3,
"T.CONFID-OS-UPDATE_LOAD": 3,
"T.DELETION": 3,
"T.EXE-CODE": 6,
"T.FAKE-SGNVER-KEY": 3,
"T.INSTALL": 3,
"T.INTEG-APPLI-CODE": 6,
"T.INTEG-APPLI-DATA": 6,
"T.INTEG-JCS-CODE": 3,
"T.INTEG-JCS-DATA": 3,
"T.INTEG-OS-UPDATE_LOAD": 3,
"T.NATIVE": 3,
"T.OBJ-DELETION": 3,
"T.PHYSICAL": 3,
"T.RESOURCES": 3,
"T.SID": 6,
"T.UNAUTHORIZED_TOE_CODE_UPDATE": 3,
"T.WRONG-UPDATE-STATE": 3
}
},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP- 0068-V2-2011-MA-01": 1,
"BSI-CC-PP-0084-": 1,
"BSI-CC-PP-0099-V2-2020": 1,
"BSI-PP-0055-": 1,
"BSI-PP-0056-V2-MA-2012": 1
}
},
"cc_sar": {
"ADV": {
"ADV_ARC": 1,
"ADV_ARC.1": 10,
"ADV_FSP.1": 1,
"ADV_FSP.2": 2,
"ADV_FSP.4": 2,
"ADV_FSP.5": 8,
"ADV_IMP.1": 5,
"ADV_IMP.2": 4,
"ADV_INT.2": 2,
"ADV_INT.3": 2,
"ADV_SPM.1": 10,
"ADV_TDS.1": 2,
"ADV_TDS.3": 3,
"ADV_TDS.4": 2,
"ADV_TDS.5": 6
},
"AGD": {
"AGD_OPE": 1,
"AGD_OPE.1": 9,
"AGD_PRE": 2,
"AGD_PRE.1": 7
},
"ALC": {
"ALC_CMC.4": 2,
"ALC_CMC.5": 4,
"ALC_CMS.5": 3,
"ALC_DEL.1": 4,
"ALC_DVS.2": 6,
"ALC_FLR.1": 6,
"ALC_LCD.1": 6,
"ALC_TAT.1": 2,
"ALC_TAT.2": 2,
"ALC_TAT.3": 4
},
"ASE": {
"ASE_CCL.1": 1,
"ASE_ECD.1": 1,
"ASE_INT.1": 1,
"ASE_OBJ.2": 1,
"ASE_REQ.2": 1,
"ASE_SPD.1": 1,
"ASE_TSS.1": 1
},
"ATE": {
"ATE_COV.1": 2,
"ATE_COV.2": 3,
"ATE_COV.3": 2,
"ATE_DPT.1": 1,
"ATE_DPT.3": 4,
"ATE_FUN.1": 6,
"ATE_FUN.2": 4,
"ATE_IND.2": 5
},
"AVA": {
"AVA_VAN.5": 4
}
},
"cc_security_level": {
"EAL": {
"EAL 6+": 1,
"EAL6": 33,
"EAL6 augmented": 1,
"EAL6+": 3
}
},
"cc_sfr": {
"FAU": {
"FAU_ARP.1": 16,
"FAU_ARP.1.1": 1,
"FAU_SAA.1": 2,
"FAU_SAS.1": 2
},
"FCO": {
"FCO_NRO": 6,
"FCO_NRO.2": 3
},
"FCS": {
"FCS_CKM": 63,
"FCS_CKM.1": 33,
"FCS_CKM.1.1": 3,
"FCS_CKM.2": 11,
"FCS_CKM.2.1": 1,
"FCS_CKM.3": 6,
"FCS_CKM.3.1": 1,
"FCS_CKM.4": 31,
"FCS_CKM.4.1": 2,
"FCS_CMK.4": 1,
"FCS_COP": 81,
"FCS_COP.1": 31,
"FCS_COP.1.1": 5,
"FCS_RNG": 33,
"FCS_RNG.1": 15,
"FCS_RNG.1.1": 3,
"FCS_RNG.1.2": 3
},
"FDP": {
"FDP_ACC": 50,
"FDP_ACC.1": 21,
"FDP_ACC.2": 6,
"FDP_ACF": 45,
"FDP_ACF.1": 26,
"FDP_IFC": 27,
"FDP_IFC.1": 14,
"FDP_IFC.2": 2,
"FDP_IFF": 17,
"FDP_IFF.1": 14,
"FDP_ITC": 14,
"FDP_ITC.1": 15,
"FDP_ITC.2": 20,
"FDP_ITT.1": 2,
"FDP_RIP": 108,
"FDP_RIP.1": 11,
"FDP_RIP.1.1": 1,
"FDP_ROL": 14,
"FDP_ROL.1": 5,
"FDP_SDC.1": 2,
"FDP_SDI": 9,
"FDP_SDI.2": 4,
"FDP_UCT.1": 2,
"FDP_UIT": 7,
"FDP_UIT.1": 4
},
"FIA": {
"FIA_AFL": 27,
"FIA_AFL.1.1": 2,
"FIA_AFL.1.2": 2,
"FIA_API.1": 2,
"FIA_ATD": 14,
"FIA_ATD.1": 3,
"FIA_UAU": 68,
"FIA_UAU.1": 4,
"FIA_UAU.1.1": 2,
"FIA_UAU.1.2": 2,
"FIA_UAU.4": 1,
"FIA_UAU.4.1": 1,
"FIA_UAU.5.1": 1,
"FIA_UAU.5.2": 1,
"FIA_UAU.6.1": 1,
"FIA_UID": 47,
"FIA_UID.1": 18,
"FIA_UID.1.1": 2,
"FIA_UID.1.2": 2,
"FIA_UID.2": 1,
"FIA_USB": 7,
"FIA_USB.1": 3
},
"FMT": {
"FMT_LIM": 42,
"FMT_LIM.1": 18,
"FMT_LIM.1.1": 2,
"FMT_LIM.2": 17,
"FMT_LIM.2.1": 2,
"FMT_MSA": 114,
"FMT_MSA.1": 15,
"FMT_MSA.2": 2,
"FMT_MSA.3": 22,
"FMT_MTD": 73,
"FMT_MTD.1": 13,
"FMT_MTD.3": 1,
"FMT_SMF": 86,
"FMT_SMF.1": 29,
"FMT_SMF.1.1": 2,
"FMT_SMR": 99,
"FMT_SMR.1": 39,
"FMT_SMR.1.1": 2,
"FMT_SMR.1.2": 2
},
"FPR": {
"FPR_UNO": 6,
"FPR_UNO.1": 9,
"FPR_UNO.1.1": 1
},
"FPT": {
"FPT_EMS": 4,
"FPT_EMS.1": 16,
"FPT_EMS.1.1": 3,
"FPT_EMS.1.2": 3,
"FPT_FLS": 54,
"FPT_FLS.1": 18,
"FPT_FLS.1.1": 2,
"FPT_ITT": 7,
"FPT_ITT.1": 2,
"FPT_PHP": 8,
"FPT_PHP.3": 19,
"FPT_PHP.3.1": 1,
"FPT_RCV": 15,
"FPT_RCV.3": 4,
"FPT_RCV.4": 1,
"FPT_TDC.1": 8,
"FPT_TDC.1.1": 1,
"FPT_TDC.1.2": 1,
"FPT_TST": 10,
"FPT_TST.1": 17,
"FPT_TST.1.1": 1,
"FPT_TST.1.2": 1,
"FPT_TST.1.3": 1,
"FPT_TST.2": 2
},
"FRU": {
"FRU_FLT.2": 2
},
"FTP": {
"FTP_ITC": 20,
"FTP_ITC.1": 7,
"FTP_ITC.1.1": 1,
"FTP_ITC.1.2": 1,
"FTP_ITC.1.3": 1,
"FTP_TRP": 6,
"FTP_TRP.1": 7
}
},
"certification_process": {
"OutOfScope": {
" \u2022 The DELETE and INSTALL APDU commands are out of scope of this SPM": 1,
"1, are out of the scope of the SPM as they are linked to the applet loading or deletion that is out of scope of the SPM boundaries limited to VM opcodes The SFR FMT_MTD.3/JCRE is out of scope of the SPM": 1,
"Context, the Selected Applet Context, and the Active Applets Note: the Selected Applet context is out of scope of the VM functionalities. It is a process that occurs prior to VM start The initial setting of": 1,
"a timeout policy that prevent them from being blocked should a card fails to answer. That point is out of scope of this Security Target, though. Finally, the objectives O.SCP.RECOVERY and O.SCP.SUPPORT are": 1,
"and deletion; see #.DELETION and #.INSTALL). \u2022 The DELETE and INSTALL APDU commands are out of scope of this SPM. The list of registred applets\u2019 AIDs is proven to be not modified during the execution": 1,
"as a null reference. Such a mechanism is implementation-dependent. The deletion of applets is out of scope of this SPM scope. In the case of an array type, fields are components of the array ([JVM], \u00a72.14": 1,
"because AID registry is created during loading phase, which is also out of scope of the SPM (Hypothesis 2 of the SPM document [SPM]). MultiApp V5.2: JCS Security Target \u00a9": 1,
"is also out of scope (Hypothesis 4 of the SPM document [SPM]).. 3) S.CAP_FILE performing OP.ARRAY_AASTORE of the": 1,
"out of scope": 9,
"the active context is not the same as the Selected Applet Context. Application note: This rule is out of scope of the SPM modelisation because CLEAR_ON_DESELECT objects can be created exclusively in the API": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"ECB": {
"ECB": 1
}
},
"cplc_data": {
"ICFab": {
"IC Fabricator": 1
},
"ICType": {
"IC Type": 1
}
},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"PACE": {
"PACE": 165
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 6,
"Key agreement": 2
},
"MAC": {
"MAC": 14
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 4,
"SHA1": 2
},
"SHA2": {
"SHA-224": 2,
"SHA-256": 2,
"SHA-384": 1,
"SHA-512": 2,
"SHA2": 1,
"SHA224": 1
},
"SHA3": {
"SHA-3": 1,
"SHA3": 2,
"SHA3-256": 1,
"SHA3-384": 1
}
},
"SHAKE": {
"SHAKE256": 4
}
},
"ic_data_group": {
"EF": {
"EF.DG1": 4,
"EF.DG16": 4,
"EF.DG3": 1,
"EF.DG4": 1
}
},
"javacard_api_const": {
"misc": {
"TYPE_ACCESS": 7
}
},
"javacard_packages": {
"com": {
"com.gemalto.javacard.eid": 1,
"com.gemalto.javacard.fido.ctap": 1,
"com.gemalto.javacard.iasclassic": 1,
"com.gemalto.javacard.icao.lds2": 1,
"com.gemalto.javacard.mspnp": 1,
"com.gemalto.javacardx.gdp": 1,
"com.gemalto.moc.client": 1,
"com.gemalto.moc.server": 1,
"com.gemalto.mpcos": 1,
"com.gemalto.puredi": 1,
"com.thalesgroup.javacard.qsign": 1
},
"java": {
"java.lang": 1
},
"javacard": {
"javacard.eid": 1,
"javacard.fido.ctap": 1,
"javacard.framework": 3,
"javacard.iasclassic": 1,
"javacard.icao": 1,
"javacard.mspnp": 1,
"javacard.qsign": 1
},
"javacardx": {
"javacardx.gdp": 1
}
},
"javacard_version": {
"JavaCard": {
"Java Card 3.2": 8
}
},
"os_name": {},
"pq_crypto": {
"FIPS": {
"ML-DSA": 3,
"ML-KEM": 2
},
"Kyber": {
"CRYSTALS-KYBER": 1,
"KYBER": 1
},
"PQC": {
"PQC": 8
}
},
"randomness": {
"PRNG": {
"PRNG": 1
},
"RNG": {
"RND": 4,
"RNG": 44
}
},
"side_channel_analysis": {
"FI": {
"Malfunction": 6,
"Physical Tampering": 3,
"fault induction": 2,
"malfunction": 8,
"physical tampering": 1
},
"SCA": {
"DPA": 2,
"Leak-Inherent": 3,
"SPA": 1,
"physical probing": 6,
"timing attacks": 1
}
},
"standard_id": {
"BSI": {
"AIS20": 1,
"AIS31": 6
},
"CC": {
"CCMB-2017-04-001": 1,
"CCMB-2017-04-002": 1,
"CCMB-2017-04-003": 1
},
"FIPS": {
"FIPS 197": 1,
"FIPS 203": 1,
"FIPS 204": 2,
"FIPS180-2": 1,
"FIPS180-4": 2,
"FIPS197": 5,
"FIPS202": 2,
"FIPS204": 1
},
"ICAO": {
"ICAO": 3
},
"NIST": {
"SP 800-67": 1
},
"PKCS": {
"PKCS#1": 7,
"PKCS#5": 5
},
"SCP": {
"SCP01": 4,
"SCP02": 4,
"SCP03": 5
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 28,
"AES-256": 2
}
},
"DES": {
"3DES": {
"3DES": 2,
"TDEA": 1,
"TDES": 13,
"Triple-DES": 3
},
"DES": {
"DES": 20
}
},
"constructions": {
"MAC": {
"CMAC": 3,
"HMAC": 3,
"KMAC": 3
}
}
},
"technical_report_id": {},
"tee_name": {
"IBM": {
"SE": 2
}
},
"tls_cipher_suite": {},
"vendor": {
"Gemalto": {
"Gemalto": 1
},
"Infineon": {
"Infineon": 9
},
"Thales": {
"Thales": 210
}
},
"vulnerability": {}
},
"st_metadata": {
"/CreationDate": "D:20250912174643+02\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/ModDate": "D:20250912174643+02\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"pdf_file_size_bytes": 4184549,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://cyber.gouv.fr/sites/default/files/2021/03/anssi-guide-mecanismes_crypto-2.04.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 151
}
},
"protection_profile_links": {
"_type": "Set",
"elements": [
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0099b_pdf.pdf"
]
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2025_32fr.pdf",
"scheme": "FR",
"security_level": {
"_type": "Set",
"elements": [
"ALC_FLR.1",
"EAL6+"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-cible-CC-2025_32en.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "536c9ecd9fd8271a747871531e492dfde0ce275e291abf2690d5fe5cbd77e3ae",
"txt_hash": "49f05a13bec1244424d07c48b1de3be20289707433fec169b5cb816f6e5799f3"
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "db3b6d4e4d313b22f0e70db8555d5d093387ca12fc70a490b992244b9c427acb",
"txt_hash": "a297f334db161d9afbea0eceee514fc7a7d356041d2d64d08e9a4d48ac18b54a"
},
"st": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "e62d42c098a1413b4a8e43a14a7c670e50e3f14e8fa212b62f3fd3e2f7ac77d6",
"txt_hash": "f80f5da2476e5417cce4c735499297d30af26c87ff9ecb9b19c39b7f480ce5a7"
}
},
"status": "active"
}