This page was not yet optimized for use on mobile
devices.
STARCOS 3.6 COSGKV C1
CSV information
| Status | archived |
|---|---|
| Valid from | 29.12.2015 |
| Valid until | 29.12.2020 |
| Scheme | 🇩🇪 DE |
| Manufacturer | G+D Mobile Security GmbH |
| Category | ICs, Smart Cards and Smart Card-Related Devices and Systems |
| Security level | ALC_DVS.2, ATE_DPT.2, EAL4+, AVA_VAN.5 |
| Protection profiles | |
| Maintenance updates | STARCOS 3.7 COS GKV (02.08.2018) Certification report |
| Reassessment - STARCOS 3.6 COSGKV C1 (19.09.2017) Certification report Security target |
Heuristics summary
Certificate ID: BSI-DSZ-CC-0976-2015
Certificate
certificate file processing did not finish successfully.
Show more...
Download pdf:
ERROR
Convert pdf to text:
ERROR
Extract keywords:
ERROR
Certification report
Extracted keywords
Symmetric Algorithms
AES, HPC, DES, TDES, TDEA, CMACAsymmetric Algorithms
ECDH, ECDSA, ECCHash functions
SHA-1, SHA-256, SHA-2Schemes
MAC, Key AgreementProtocols
PACERandomness
PRNG, RNGLibraries
v1.02.013Block cipher modes
CBCOperating System name
STARCOS 3Vendor
Infineon, Infineon Technologies AG, Giesecke & DevrientSecurity level
EAL 4, EAL 5, EAL 1, EAL 2, EAL 5+, EAL 6, EAL 3, EAL 7, EAL 4 augmented, ITSEC EvaluationClaims
A.S, A.VSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.1, ADV_FSP.2, ADV_FSP.3, ADV_FSP.4, ADV_FSP.5, ADV_FSP.6, ADV_IMP.1, ADV_IMP.2, ADV_INT.1, ADV_INT.2, ADV_INT.3, ADV_SPM.1, ADV_TDS.1, ADV_TDS.2, ADV_TDS.3, ADV_TDS.4, ADV_TDS.5, ADV_TDS.6, ADV_ARC, ADV_FSP, ADV_IMP, ADV_INT, ADV_SPM, ADV_TDS, AGD_OPE.1, AGD_PRE.1, AGD_OPE, AGD_PRE, ALC_DVS.2, ALC_FLR, ALC_CMC.1, ALC_CMC.2, ALC_CMC.3, ALC_CMC.4, ALC_CMC.5, ALC_CMS.1, ALC_CMS.2, ALC_CMS.3, ALC_CMS.4, ALC_CMS.5, ALC_DEL.1, ALC_DVS.1, ALC_FLR.1, ALC_FLR.2, ALC_FLR.3, ALC_LCD.1, ALC_LCD.2, ALC_TAT.1, ALC_TAT.2, ALC_TAT.3, ALC_CMC, ALC_CMS, ALC_DEL, ALC_DVS, ALC_TAT, ATE_DPT.2, ATE_COV.1, ATE_COV.2, ATE_COV.3, ATE_DPT.1, ATE_DPT.3, ATE_DPT.4, ATE_FUN.1, ATE_FUN.2, ATE_IND.1, ATE_IND.2, ATE_IND.3, ATE_COV, ATE_DPT, ATE_FUN, ATE_IND, AVA_VAN.5, AVA_VAN.1, AVA_VAN.2, AVA_VAN.3, AVA_VAN.4, AVA_VAN, APE_INT.1, APE_CCL.1, APE_SPD.1, APE_OBJ.1, APE_OBJ.2, APE_ECD.1, APE_REQ.1, APE_REQ.2, ASE_INT.1, ASE_CCL.1, ASE_SPD.1, ASE_OBJ.1, ASE_OBJ.2, ASE_ECD.1, ASE_REQ.1, ASE_REQ.2, ASE_TSS.1, ASE_TSS.2, ASE_CCL, ASE_ECD, ASE_INT, ASE_OBJ, ASE_SPD, ASE_TSSSecurity Functional Requirements (SFR)
FCS_COP.1, FCS_COP, FCS_CKM.1, FCS_RNG.1, FCS_RNG, FPT_ITE.1Protection profiles
BSI-CC-PP-0082-V2-2014Certificates
BSI-DSZ-CC-0976-2015, BSI-DSZ-CC-0916-2015, BSI-DSZ-CC-0782-V2-2015, BSI-DSZ-CC-0976, BSI-DSZ-CC-S-0017-2014, BSI-DSZ-CC-S-0029-2014, BSI-DSZ-CC-S-0031-2014Evaluation facilities
TÃœV Informationstechnik, SRC Security Research & ConsultingSide-channel analysis
side channel, DPA, SPA, physical tampering, malfunction, DFA, fault injection, JILCertification process
and certification procedure is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Security Target STARCOS 3.6 COSGKV C1, Version 1.0.7, 10 December 2015, Giesecke & Devrient GmbH (confidential document) [7] Security Target Lite BSI-DSZ-CC-0976, Security Target Lite STARCOS 3.6 COSGKV C1, Version 1.0, for STARCOS 3.6 COSGKV C1, Version 1.3, 11 December 2015, SRC Security Research & Consulting GmbH (confidential document) [10] Configuration List BSI-DSZ-CC-0976, Configuration List STARCOS 3.6 COSGKV C1, Version 1.2, 11, 2015, Giesecke & Devrient GmbH (confidential document) [11] Guidance Documentation STARCOS 3.6 – Main Document, Version 1.7, 25 July 2015, Giesecke &, procedure BSI-DSZ-CC-0782-V2-2015, Version 7, 21 October 2015, TÜV Informationstechnik GmbH (confidential document) [21] Einführung der Gesundheitskarte, Spezifikation des Card Operating System (COS), ElektrischeStandards
FIPS PUB 180-4, FIPS PUB 197, FIPS PUB 186-4, PKCS #1, AIS 34, AIS 36, AIS 26, AIS 25, AIS 20, AIS 31, AIS 35, AIS 1, AIS 14, AIS 19, AIS 23, AIS 32, AIS 38, RFC 3447, RFC 5639, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065Technical reports
BSI TR-03144, BSI TR-03143, BSI TR-03116-1, BSI 7148File metadata
| Title | Certification Report BSI-DSZ-CC-0976-2015 |
|---|---|
| Subject | eHealth / G2-COS Card Platform from G&D |
| Keywords | "Common Criteria, Certification, Zertifizierung, eGK, STARCOS, Generation 2, Health Care System" |
| Author | Bundesamt für Sicherheit in der Informationstechnik |
| Creation date | D:20160107150744+01'00' |
| Modification date | D:20160108103345+01'00' |
| Pages | 46 |
| Creator | Writer |
| Producer | LibreOffice 4.2 |
Frontpage
| Certificate ID | BSI-DSZ-CC-0976-2015 |
|---|---|
| Certified item | STARCOS 3.6 COSGKV C1 |
| Certification lab | BSI |
| Developer | Giesecke & Devrient GmbH |
References
Outgoing- BSI-DSZ-CC-0916-2015 - archived - STARCOS 3.6 COS C1
- BSI-DSZ-CC-0782-V2-2015 - archived - Infineon Security Controller M7892 B11 with optional RSA2048/4096 v1.02.013, EC v1.02.013, SHA-2 v1.01 and Toolbox v1.02.013 libraries and with specific IC dedicated software (firmware)
- BSI-DSZ-CC-0976-V2-2018 - archived - STARCOS 3.7 COS GKV
Security target
Extracted keywords
Symmetric Algorithms
AES, HPC, Triple-DES, TDEA, CMACAsymmetric Algorithms
ECDH, ECDSA, ECC, DH, Diffie-HellmanHash functions
SHA-1, SHA-224, SHA-384, SHA-256, SHA-512, SHA-2Schemes
MAC, Key agreement, Key AgreementProtocols
SSL, PACERandomness
TRNG, RND, RNGElliptic Curves
brainpoolP256r1, brainpoolP384r1, brainpoolP512r1Block cipher modes
CBCOperating System name
STARCOS 3Trusted Execution Environments
SEVendor
NXP Semiconductors, Infineon, Infineon Technologies AG, STMicroelectronics, Giesecke & Devrient, G&DSecurity level
EAL4, EAL4 augmentedClaims
O.RND, T.RNDSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, ADV_ARC, ADV_FSP, ADV_IMP, AGD_OPE.1, AGD_PRE.1, AGD_OPE, AGD_PRE, ALC_DVS.2, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_LCD.1, ALC_TAT.1, ALC_DEL, ALC_DVS, ALC_CMS, ALC_CMC, ATE_FUN.1, ATE_IND.2, ATE_DPT.2, ATE_COV.2, ATE_COV, ATE_DPT.1, AVA_VAN.5, AVA_VAN, APE_ECD, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1, ASE_ECDSecurity Functional Requirements (SFR)
FAU_SAS, FAU_SAS.1, FCS_RNG, FCS_RNG.1, FCS_RNG.1.1, FCS_RNG.1.2, FCS_COP, FCS_CKM, FCS_CKM.4, FCS_COP.1, FCS_CKM.1, FCS_CKM.2, FCS_COP.1.1, FCS_CKM.4.1, FDP_ITT, FDP_IFC, FDP_RIP.1, FDP_SDI.2, FDP_ACC, FDP_ACF, FDP_ITT.1, FDP_IFC.1, FDP_RIP.1.1, FDP_SDI.1, FDP_SDI.2.1, FDP_SDI.2.2, FDP_ACF.1, FDP_ACC.1, FDP_ITC.1, FDP_ITC.2, FIA_API, FIA_API.1, FIA_API.1.1, FIA_AFL, FIA_ATD.1, FIA_SOS.1, FIA_UAU.1, FIA_UAU.4, FIA_UAU.5, FIA_UAU.6, FIA_USB.1, FIA_UID.1, FIA_SOS.1.1, FIA_AFL.1, FIA_ATD.1.1, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UAU.4.1, FIA_UAU.5.1, FIA_UAU.5.2, FIA_UAU.6.1, FIA_UID.1.1, FIA_UID.1.2, FIA_USB.1.1, FIA_USB.1.2, FIA_USB.1.3, FMT_LIM, FMT_SMR.1, FMT_MSA.3, FMT_SMF.1, FMT_MSA, FMT_MTD, FMT_SMR.1.1, FMT_SMF.1.1, FMT_LIM.1, FMT_LIM.2, FMT_SMR.1.2, FMT_MSA.1, FMT_MSA.3.1, FMT_MSA.3.2, FMT_MTD.1, FPT_EMS, FPT_ITE, FPT_FLS, FPT_PHP, FPT_ITT, FPT_EMS.1, FPT_EMS.1.1, FPT_EMS.1.2, FPT_ITE.1, FPT_ITE.2, FPT_ITE.1.1, FPT_ITE.1.2, FPT_ITE.2.1, FPT_ITE.2.2, FPT_FLS.1, FPT_TDC.1, FPT_TST.1, FPT_PHP.3, FPT_ITT.1, FPT_FLS.1.1, FPT_TST, FPT_TDC.1.1, FPT_TDC.1.2, FPT_TST.1.1, FPT_TST.1.2, FPT_TST.1.3, FRU_FLT, FRU_FLT.2, FTP_ITC, FTP_ITE, FTP_ITC.1Protection profiles
BSI-PP-0035-2007, BSI-CC-PP-0035, BSI-CC-PP-0035-2007, BSI-CC-PP- 0035-2007, BSI-CC-PP-0082-V2, BSI-CC-PP-0082-, BSI-CC-PP-0035-, BSI-CC-PP- 0082-V2, BSI-PP-0035-, BSI-PP-0035, BSI-CC-PP-0059, BSI-CC-PP-0075, BSI-CC-PP-0071, BSI-CC-PP-0072, BSI-CC-PP-0035-2007-2007, BSI-CC-PP-0084-2014Certificates
BSI-DSZ-CC-0782-V2-2015Side-channel analysis
Leak-Inherent, Physical Probing, side channel, SPA, DPA, timing attacks, physical tampering, Malfunction, malfunction, DFA, Bleichenbacher attack, JILStandards
FIPS 180-4, FIPS 197, NIST SP 800-67, NIST SP 800-38B, PKCS1, AIS31, AIS20, RFC5639, RFC 5639, ISO/IEC 7816, ISO/IEC 9797-1, CCMB-2012-09-001, CCMB-2012-09-002, CCMB-2012-09-003, CCMB-2012-09-004File metadata
| Title | Giesecke&Devrient Security Target to BSI-PP-0082-V2 |
|---|---|
| Subject | Security Target Lite STARCOS 3.6 COSGKV C1 |
| Keywords | Version 1.0.1/10.12.15 |
| Author | Giesecke & Devrient GmbH |
| Creation date | D:20151210183631+01'00' |
| Modification date | D:20151210183631+01'00' |
| Pages | 134 |
| Creator | Microsoft® Word 2010 |
| Producer | Microsoft® Word 2010 |
References
Outgoing- BSI-DSZ-CC-0782-V2-2015 - archived - Infineon Security Controller M7892 B11 with optional RSA2048/4096 v1.02.013, EC v1.02.013, SHA-2 v1.01 and Toolbox v1.02.013 libraries and with specific IC dedicated software (firmware)
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.Certificate ID
BSI-DSZ-CC-0976-2015Extracted SARs
ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_INT.3, ADV_SPM.1, ADV_TDS.3, AGD_OPE.1, AGD_PRE.1, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_DVS.2, ALC_FLR.3, ALC_LCD.1, ALC_TAT.1, APE_CCL.1, APE_ECD.1, APE_INT.1, APE_OBJ.2, APE_REQ.2, APE_SPD.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1, ATE_COV.2, ATE_DPT.2, ATE_FUN.1, ATE_IND.2, AVA_VAN.5References
Loading...
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "ICs, Smart Cards and Smart Card-Related Devices and Systems",
"cert_link": null,
"dgst": "40039372a991315f",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "BSI-DSZ-CC-0976-2015",
"cert_lab": [
"BSI"
],
"cpe_matches": null,
"direct_transitive_cves": null,
"eal": "EAL4+",
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "APE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "APE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "APE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_INT",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DVS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "APE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "APE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_SPM",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "APE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"3.6"
]
},
"indirect_transitive_cves": null,
"next_certificates": null,
"prev_certificates": null,
"protection_profiles": {
"_type": "Set",
"elements": [
"ecc28509c30de1a5"
]
},
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0976-V2-2018"
]
},
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0916-2015",
"BSI-DSZ-CC-0782-V2-2015"
]
},
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0976-V3-2019",
"BSI-DSZ-CC-0976-V2-2018",
"BSI-DSZ-CC-1243-2024",
"BSI-DSZ-CC-0976-V4-2021"
]
},
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0916-2015",
"BSI-DSZ-CC-0782-2012",
"BSI-DSZ-CC-0879-2014",
"BSI-DSZ-CC-0782-V2-2015"
]
}
},
"scheme_data": null,
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0782-V2-2015"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0782-V2-2015"
]
}
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.cc.CCCertificate.MaintenanceReport",
"maintenance_date": "2017-09-19",
"maintenance_report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976ra1a_pdf.pdf",
"maintenance_st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976ra1b_pdf.pdf",
"maintenance_title": "Reassessment - STARCOS 3.6 COSGKV C1"
},
{
"_type": "sec_certs.sample.cc.CCCertificate.MaintenanceReport",
"maintenance_date": "2018-08-02",
"maintenance_report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976ma1a_pdf.pdf",
"maintenance_st_link": null,
"maintenance_title": "STARCOS 3.7 COS GKV"
}
]
},
"manufacturer": "G+D Mobile Security GmbH",
"manufacturer_web": "https://www.gi-de.com/de/de/mobile-security/",
"name": "STARCOS 3.6 COSGKV C1",
"not_valid_after": "2020-12-29",
"not_valid_before": "2015-12-29",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": null,
"cert_frontpage": null,
"cert_keywords": null,
"cert_metadata": null,
"report_filename": "0976a_pdf.pdf",
"report_frontpage": {
"DE": {
"cc_security_level": "Common Criteria Part 3 conformant EAL 4 augmented by AVA_VAN.5, ATE_DPT.2 and ALC_DVS.2 SOGIS Recognition Agreement",
"cc_version": "PP conformant Common Criteria Part 2 extended",
"cert_id": "BSI-DSZ-CC-0976-2015",
"cert_item": "STARCOS 3.6 COSGKV C1",
"cert_lab": "BSI",
"developer": "Giesecke \u0026 Devrient GmbH",
"match_rules": [
"(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
],
"ref_protection_profiles": "Card Operating System Generation 2 (PP COS G2), Version 1.9, 18 November 2014, BSI-CC-PP-0082-V2-2014"
}
},
"report_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 8
},
"ECDH": {
"ECDH": 1
},
"ECDSA": {
"ECDSA": 8
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-0782-V2-2015": 8,
"BSI-DSZ-CC-0916-2015": 3,
"BSI-DSZ-CC-0976": 4,
"BSI-DSZ-CC-0976-2015": 24,
"BSI-DSZ-CC-S-0017-2014": 2,
"BSI-DSZ-CC-S-0029-2014": 2,
"BSI-DSZ-CC-S-0031-2014": 2
}
},
"cc_claims": {
"A": {
"A.S": 2,
"A.V": 2
}
},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0082-V2-2014": 4
}
},
"cc_sar": {
"ADV": {
"ADV_ARC": 1,
"ADV_ARC.1": 1,
"ADV_FSP": 1,
"ADV_FSP.1": 1,
"ADV_FSP.2": 1,
"ADV_FSP.3": 1,
"ADV_FSP.4": 1,
"ADV_FSP.5": 1,
"ADV_FSP.6": 1,
"ADV_IMP": 1,
"ADV_IMP.1": 1,
"ADV_IMP.2": 1,
"ADV_INT": 1,
"ADV_INT.1": 1,
"ADV_INT.2": 1,
"ADV_INT.3": 1,
"ADV_SPM": 1,
"ADV_SPM.1": 1,
"ADV_TDS": 1,
"ADV_TDS.1": 1,
"ADV_TDS.2": 1,
"ADV_TDS.3": 1,
"ADV_TDS.4": 1,
"ADV_TDS.5": 1,
"ADV_TDS.6": 1
},
"AGD": {
"AGD_OPE": 1,
"AGD_OPE.1": 1,
"AGD_PRE": 1,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_CMC": 1,
"ALC_CMC.1": 1,
"ALC_CMC.2": 1,
"ALC_CMC.3": 1,
"ALC_CMC.4": 2,
"ALC_CMC.5": 1,
"ALC_CMS": 1,
"ALC_CMS.1": 1,
"ALC_CMS.2": 1,
"ALC_CMS.3": 1,
"ALC_CMS.4": 2,
"ALC_CMS.5": 1,
"ALC_DEL": 1,
"ALC_DEL.1": 2,
"ALC_DVS": 1,
"ALC_DVS.1": 1,
"ALC_DVS.2": 7,
"ALC_FLR": 3,
"ALC_FLR.1": 1,
"ALC_FLR.2": 1,
"ALC_FLR.3": 1,
"ALC_LCD.1": 2,
"ALC_LCD.2": 1,
"ALC_TAT": 1,
"ALC_TAT.1": 2,
"ALC_TAT.2": 1,
"ALC_TAT.3": 1
},
"APE": {
"APE_CCL.1": 1,
"APE_ECD.1": 1,
"APE_INT.1": 1,
"APE_OBJ.1": 1,
"APE_OBJ.2": 1,
"APE_REQ.1": 1,
"APE_REQ.2": 1,
"APE_SPD.1": 1
},
"ASE": {
"ASE_CCL": 1,
"ASE_CCL.1": 1,
"ASE_ECD": 1,
"ASE_ECD.1": 1,
"ASE_INT": 1,
"ASE_INT.1": 1,
"ASE_OBJ": 1,
"ASE_OBJ.1": 1,
"ASE_OBJ.2": 1,
"ASE_REQ.1": 1,
"ASE_REQ.2": 1,
"ASE_SPD": 1,
"ASE_SPD.1": 1,
"ASE_TSS": 1,
"ASE_TSS.1": 1,
"ASE_TSS.2": 1
},
"ATE": {
"ATE_COV": 1,
"ATE_COV.1": 1,
"ATE_COV.2": 1,
"ATE_COV.3": 1,
"ATE_DPT": 1,
"ATE_DPT.1": 1,
"ATE_DPT.2": 6,
"ATE_DPT.3": 1,
"ATE_DPT.4": 1,
"ATE_FUN": 1,
"ATE_FUN.1": 1,
"ATE_FUN.2": 1,
"ATE_IND": 1,
"ATE_IND.1": 1,
"ATE_IND.2": 1,
"ATE_IND.3": 1
},
"AVA": {
"AVA_VAN": 2,
"AVA_VAN.1": 1,
"AVA_VAN.2": 1,
"AVA_VAN.3": 1,
"AVA_VAN.4": 1,
"AVA_VAN.5": 6
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 7,
"EAL 2": 4,
"EAL 3": 4,
"EAL 4": 13,
"EAL 4 augmented": 3,
"EAL 5": 10,
"EAL 5+": 1,
"EAL 6": 4,
"EAL 7": 4
},
"ITSEC": {
"ITSEC Evaluation": 1
}
},
"cc_sfr": {
"FCS": {
"FCS_CKM.1": 2,
"FCS_COP": 2,
"FCS_COP.1": 30,
"FCS_RNG": 1,
"FCS_RNG.1": 1
},
"FPT": {
"FPT_ITE.1": 1
}
},
"certification_process": {
"ConfidentialDocument": {
"2015, Giesecke \u0026 Devrient GmbH (confidential document) [11] Guidance Documentation STARCOS 3.6 \u2013 Main Document, Version 1.7, 25 July 2015, Giesecke \u0026": 1,
"Security Target STARCOS 3.6 COSGKV C1, Version 1.0.7, 10 December 2015, Giesecke \u0026 Devrient GmbH (confidential document) [7] Security Target Lite BSI-DSZ-CC-0976, Security Target Lite STARCOS 3.6 COSGKV C1, Version 1.0": 1,
"and certification procedure is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1,
"for STARCOS 3.6 COSGKV C1, Version 1.3, 11 December 2015, SRC Security Research \u0026 Consulting GmbH (confidential document) [10] Configuration List BSI-DSZ-CC-0976, Configuration List STARCOS 3.6 COSGKV C1, Version 1.2, 11": 1,
"procedure BSI-DSZ-CC-0782-V2-2015, Version 7, 21 October 2015, T\u00dcV Informationstechnik GmbH (confidential document) [21] Einf\u00fchrung der Gesundheitskarte, Spezifikation des Card Operating System (COS), Elektrische": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 4
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"Infineon": {
"v1.02.013": 3
}
},
"crypto_protocol": {
"PACE": {
"PACE": 2
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 2
},
"MAC": {
"MAC": 2
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"SRC": {
"SRC Security Research \u0026 Consulting": 3
},
"TUV": {
"T\u00dcV Informationstechnik": 1
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 1
},
"SHA2": {
"SHA-2": 1,
"SHA-256": 6
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {
"STARCOS": {
"STARCOS 3": 38
}
},
"pq_crypto": {},
"randomness": {
"PRNG": {
"PRNG": 1
},
"RNG": {
"RNG": 4
}
},
"side_channel_analysis": {
"FI": {
"DFA": 1,
"fault injection": 1,
"malfunction": 1,
"physical tampering": 1
},
"SCA": {
"DPA": 1,
"SPA": 1,
"side channel": 1
},
"other": {
"JIL": 3
}
},
"standard_id": {
"BSI": {
"AIS 1": 1,
"AIS 14": 1,
"AIS 19": 1,
"AIS 20": 3,
"AIS 23": 1,
"AIS 25": 2,
"AIS 26": 3,
"AIS 31": 3,
"AIS 32": 1,
"AIS 34": 2,
"AIS 35": 1,
"AIS 36": 4,
"AIS 38": 1
},
"FIPS": {
"FIPS PUB 180-4": 1,
"FIPS PUB 186-4": 1,
"FIPS PUB 197": 1
},
"ISO": {
"ISO/IEC 15408": 4,
"ISO/IEC 17065": 2,
"ISO/IEC 18045": 4
},
"PKCS": {
"PKCS #1": 1
},
"RFC": {
"RFC 3447": 1,
"RFC 5639": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 13
},
"HPC": {
"HPC": 1
}
},
"DES": {
"3DES": {
"TDEA": 1,
"TDES": 7
},
"DES": {
"DES": 3
}
},
"constructions": {
"MAC": {
"CMAC": 5
}
}
},
"technical_report_id": {
"BSI": {
"BSI 7148": 1,
"BSI TR-03116-1": 1,
"BSI TR-03143": 4,
"BSI TR-03144": 11
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"GD": {
"Giesecke \u0026 Devrient": 36
},
"Infineon": {
"Infineon": 11,
"Infineon Technologies AG": 7
}
},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"/CreationDate": "D:20160107150744+01\u002700\u0027",
"/Creator": "Writer",
"/Keywords": "\"Common Criteria, Certification, Zertifizierung, eGK, STARCOS, Generation 2, Health Care System\"",
"/ModDate": "D:20160108103345+01\u002700\u0027",
"/Producer": "LibreOffice 4.2",
"/Subject": "eHealth / G2-COS Card Platform from G\u0026D",
"/Title": "Certification Report BSI-DSZ-CC-0976-2015",
"pdf_file_size_bytes": 1362924,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.commoncriteriaportal.org/",
"https://www.bsi.bund.de/zertifizierung",
"https://www.bsi.bund.de/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 46
},
"st_filename": "0976b_pdf.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 14
},
"ECDH": {
"ECDH": 2
},
"ECDSA": {
"ECDSA": 41
}
},
"FF": {
"DH": {
"DH": 1,
"Diffie-Hellman": 1
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-0782-V2-2015": 2
}
},
"cc_claims": {
"O": {
"O.RND": 8
},
"T": {
"T.RND": 10
}
},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP- 0035-2007": 7,
"BSI-CC-PP- 0082-V2": 1,
"BSI-CC-PP-0035": 5,
"BSI-CC-PP-0035-": 9,
"BSI-CC-PP-0035-2007": 49,
"BSI-CC-PP-0035-2007-2007": 1,
"BSI-CC-PP-0059": 1,
"BSI-CC-PP-0071": 1,
"BSI-CC-PP-0072": 1,
"BSI-CC-PP-0075": 1,
"BSI-CC-PP-0082-": 3,
"BSI-CC-PP-0082-V2": 32,
"BSI-CC-PP-0084-2014": 1,
"BSI-PP-0035": 1,
"BSI-PP-0035-": 3,
"BSI-PP-0035-2007": 5
}
},
"cc_sar": {
"ADV": {
"ADV_ARC": 2,
"ADV_ARC.1": 9,
"ADV_FSP": 2,
"ADV_FSP.4": 6,
"ADV_IMP": 2,
"ADV_IMP.1": 6,
"ADV_TDS.3": 3
},
"AGD": {
"AGD_OPE": 2,
"AGD_OPE.1": 6,
"AGD_PRE": 2,
"AGD_PRE.1": 2
},
"ALC": {
"ALC_CMC": 2,
"ALC_CMC.4": 1,
"ALC_CMS": 2,
"ALC_CMS.4": 1,
"ALC_DEL": 2,
"ALC_DEL.1": 1,
"ALC_DVS": 2,
"ALC_DVS.2": 11,
"ALC_LCD.1": 1,
"ALC_TAT.1": 1
},
"APE": {
"APE_ECD": 1
},
"ASE": {
"ASE_CCL.1": 1,
"ASE_ECD": 1,
"ASE_ECD.1": 1,
"ASE_INT.1": 1,
"ASE_OBJ.2": 1,
"ASE_REQ.2": 1,
"ASE_SPD.1": 1,
"ASE_TSS.1": 1
},
"ATE": {
"ATE_COV": 2,
"ATE_COV.2": 1,
"ATE_DPT.1": 1,
"ATE_DPT.2": 10,
"ATE_FUN.1": 6,
"ATE_IND.2": 5
},
"AVA": {
"AVA_VAN": 2,
"AVA_VAN.5": 9
}
},
"cc_security_level": {
"EAL": {
"EAL4": 14,
"EAL4 augmented": 4
}
},
"cc_sfr": {
"FAU": {
"FAU_SAS": 9,
"FAU_SAS.1": 9
},
"FCS": {
"FCS_CKM": 54,
"FCS_CKM.1": 29,
"FCS_CKM.2": 9,
"FCS_CKM.4": 54,
"FCS_CKM.4.1": 1,
"FCS_COP": 136,
"FCS_COP.1": 24,
"FCS_COP.1.1": 1,
"FCS_RNG": 12,
"FCS_RNG.1": 23,
"FCS_RNG.1.1": 3,
"FCS_RNG.1.2": 2
},
"FDP": {
"FDP_ACC": 101,
"FDP_ACC.1": 36,
"FDP_ACF": 89,
"FDP_ACF.1": 35,
"FDP_IFC": 5,
"FDP_IFC.1": 9,
"FDP_ITC.1": 26,
"FDP_ITC.2": 26,
"FDP_ITT": 6,
"FDP_ITT.1": 4,
"FDP_RIP.1": 10,
"FDP_RIP.1.1": 1,
"FDP_SDI.1": 1,
"FDP_SDI.2": 9,
"FDP_SDI.2.1": 1,
"FDP_SDI.2.2": 1
},
"FIA": {
"FIA_AFL": 22,
"FIA_AFL.1": 4,
"FIA_API": 6,
"FIA_API.1": 16,
"FIA_API.1.1": 2,
"FIA_ATD.1": 10,
"FIA_ATD.1.1": 1,
"FIA_SOS.1": 8,
"FIA_SOS.1.1": 1,
"FIA_UAU.1": 15,
"FIA_UAU.1.1": 1,
"FIA_UAU.1.2": 1,
"FIA_UAU.4": 10,
"FIA_UAU.4.1": 1,
"FIA_UAU.5": 15,
"FIA_UAU.5.1": 1,
"FIA_UAU.5.2": 1,
"FIA_UAU.6": 10,
"FIA_UAU.6.1": 1,
"FIA_UID.1": 13,
"FIA_UID.1.1": 1,
"FIA_UID.1.2": 1,
"FIA_USB.1": 20,
"FIA_USB.1.1": 1,
"FIA_USB.1.2": 1,
"FIA_USB.1.3": 1
},
"FMT": {
"FMT_LIM": 11,
"FMT_LIM.1": 5,
"FMT_LIM.2": 4,
"FMT_MSA": 59,
"FMT_MSA.1": 6,
"FMT_MSA.3": 33,
"FMT_MSA.3.1": 1,
"FMT_MSA.3.2": 1,
"FMT_MTD": 29,
"FMT_MTD.1": 3,
"FMT_SMF.1": 48,
"FMT_SMF.1.1": 2,
"FMT_SMR.1": 33,
"FMT_SMR.1.1": 2,
"FMT_SMR.1.2": 1
},
"FPT": {
"FPT_EMS": 5,
"FPT_EMS.1": 12,
"FPT_EMS.1.1": 3,
"FPT_EMS.1.2": 3,
"FPT_FLS": 5,
"FPT_FLS.1": 17,
"FPT_FLS.1.1": 1,
"FPT_ITE": 9,
"FPT_ITE.1": 15,
"FPT_ITE.1.1": 2,
"FPT_ITE.1.2": 2,
"FPT_ITE.2": 13,
"FPT_ITE.2.1": 4,
"FPT_ITE.2.2": 2,
"FPT_ITT": 5,
"FPT_ITT.1": 5,
"FPT_PHP": 5,
"FPT_PHP.3": 6,
"FPT_TDC.1": 10,
"FPT_TDC.1.1": 1,
"FPT_TDC.1.2": 1,
"FPT_TST": 2,
"FPT_TST.1": 11,
"FPT_TST.1.1": 1,
"FPT_TST.1.2": 1,
"FPT_TST.1.3": 1
},
"FRU": {
"FRU_FLT": 5,
"FRU_FLT.2": 3
},
"FTP": {
"FTP_ITC": 9,
"FTP_ITC.1": 3,
"FTP_ITE": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 4
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"PACE": {
"PACE": 9
},
"TLS": {
"SSL": {
"SSL": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 1,
"Key agreement": 1
},
"MAC": {
"MAC": 15
}
},
"device_model": {},
"ecc_curve": {
"Brainpool": {
"brainpoolP256r1": 2,
"brainpoolP384r1": 2,
"brainpoolP512r1": 2
}
},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 3
},
"SHA2": {
"SHA-2": 1,
"SHA-224": 2,
"SHA-256": 12,
"SHA-384": 6,
"SHA-512": 4
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {
"STARCOS": {
"STARCOS 3": 156
}
},
"pq_crypto": {},
"randomness": {
"RNG": {
"RND": 18,
"RNG": 17
},
"TRNG": {
"TRNG": 1
}
},
"side_channel_analysis": {
"FI": {
"DFA": 1,
"Malfunction": 20,
"malfunction": 1,
"physical tampering": 3
},
"SCA": {
"DPA": 2,
"Leak-Inherent": 17,
"Physical Probing": 2,
"SPA": 2,
"side channel": 1,
"timing attacks": 1
},
"other": {
"Bleichenbacher attack": 1,
"JIL": 1
}
},
"standard_id": {
"BSI": {
"AIS20": 2,
"AIS31": 1
},
"CC": {
"CCMB-2012-09-001": 3,
"CCMB-2012-09-002": 2,
"CCMB-2012-09-003": 3,
"CCMB-2012-09-004": 2
},
"FIPS": {
"FIPS 180-4": 1,
"FIPS 197": 2
},
"ISO": {
"ISO/IEC 7816": 2,
"ISO/IEC 9797-1": 1
},
"NIST": {
"NIST SP 800-38B": 1,
"NIST SP 800-67": 2
},
"PKCS": {
"PKCS1": 2
},
"RFC": {
"RFC 5639": 1,
"RFC5639": 3
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 39
},
"HPC": {
"HPC": 1
}
},
"DES": {
"3DES": {
"TDEA": 1,
"Triple-DES": 1
}
},
"constructions": {
"MAC": {
"CMAC": 18
}
}
},
"technical_report_id": {},
"tee_name": {
"IBM": {
"SE": 1
}
},
"tls_cipher_suite": {},
"vendor": {
"GD": {
"G\u0026D": 6,
"Giesecke \u0026 Devrient": 9
},
"Infineon": {
"Infineon": 2,
"Infineon Technologies AG": 2
},
"NXP": {
"NXP Semiconductors": 2
},
"STMicroelectronics": {
"STMicroelectronics": 1
}
},
"vulnerability": {}
},
"st_metadata": {
"/Author": "Giesecke \u0026 Devrient GmbH",
"/CreationDate": "D:20151210183631+01\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2010",
"/Keywords": "Version 1.0.1/10.12.15",
"/ModDate": "D:20151210183631+01\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2010",
"/Subject": "Security Target Lite STARCOS 3.6 COSGKV C1",
"/Title": "Giesecke\u0026Devrient Security Target to BSI-PP-0082-V2",
"pdf_file_size_bytes": 2396621,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://tools.ietf.org/html/rfc5639"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 134
}
},
"protection_profile_links": {
"_type": "Set",
"elements": [
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0082V2b_pdf.pdf"
]
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976a_pdf.pdf",
"scheme": "DE",
"security_level": {
"_type": "Set",
"elements": [
"ALC_DVS.2",
"ATE_DPT.2",
"AVA_VAN.5",
"EAL4+"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976b_pdf.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": false,
"download_ok": false,
"extract_ok": false,
"pdf_hash": null,
"txt_hash": null
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "1ef52714d46a242d557e2f533aa49684951e091c20438f9a21b3d1bcb90650ee",
"txt_hash": "ce32a787d47a31b1ef7570bc7a3a09507cc8aff82edcf20d6679e24460667893"
},
"st": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "eda8c936d23a3028acad216a0d5ad73a2dcebbe4505b278b22827f53c0efd7dd",
"txt_hash": "52f87a2a4d21e97897b6448d7636358181b50f4be470e9ce23b8c7694e40bbf7"
}
},
"status": "archived"
}