STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2

CSV information ?

Status active
Valid from 12.06.2024
Valid until 12.06.2029
Scheme 🇩🇪 DE
Manufacturer Giesecke+Devrient ePayments GmbH
Category ICs, Smart Cards and Smart Card-Related Devices and Systems
Security level AVA_VAN.5, ALC_DVS.2, EAL4+, ATE_DPT.2
Protection profiles

Heuristics summary ?

Certificate ID: BSI-DSZ-CC-1077-V2-2024

Certificate ?

Extracted keywords

Operating System name
STARCOS 3
Vendor
Giesecke+Devrient

Security level
EAL 4, EAL 5, EAL 2, EAL 4 augmented
Security Assurance Requirements (SAR)
ALC_DVS.2, ATE_DPT.2, AVA_VAN.5
Protection profiles
BSI-CC-PP-0087-V2-2016-MA-01, BSI-CC-PP-0090-2016
Certificates
BSI-DSZ-CC-1077-V2-2024

Standards
ISO/IEC 15408, ISO/IEC 18045
Technical reports
BSI TR-03110

File metadata

Title Certificate BSI-DSZ-CC-1077-V2-2024
Subject Common Criteria, Certification, Zertifizierung, STARCOS 3.7
Keywords Common Criteria, Certification, Zertifizierung, STARCOS 3.7
Author Federal Office for Information Security
Pages 1

Certification report ?

Extracted keywords

Symmetric Algorithms
AES, DES, 3DES, CMAC
Asymmetric Algorithms
ECDH, ECDSA, ECIES, ECC, Diffie-Hellman
Hash functions
SHA-256, SHA-384, SHA-512
Schemes
MAC, Key Agreement
Protocols
PACE
Randomness
RNG
Elliptic Curves
brainpoolP512r1
Block cipher modes
CBC, OFB

Operating System name
STARCOS 3
Vendor
Infineon, Infineon Technologies AG, Giesecke+Devrient

Security level
EAL 4, EAL 5, EAL 2, EAL 1, EAL 5+, EAL 6, EAL 4 augmented
Security Assurance Requirements (SAR)
ADV_ARC, ALC_DVS.2, ALC_FLR, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_LCD.1, ALC_TAT.1, ATE_DPT.2, AVA_VAN.5
Security Functional Requirements (SFR)
FCS_COP, FCS_CKM, FCS_RND, FIA_UAU, FTP_ITC
Protection profiles
BSI-CC-PP-0087-V2-2016-MA-01, BSI-CC-PP-0090-2016, BSI-CC-PP-0059-2009-MA-02, BSI-CC-PP-0056-V2-2012, BSI-CC-PP-0086, BSI-CC-PP-0068-V2-2011-MA-01, BSI-CC-PP-0068-V2-
Certificates
BSI-DSZ-CC-1077-V2-2024, BSI-DSZ-CC-1077-2020, BSI-DSZ-CC-1077-, BSI-DSZ-CC-1077-2020-RA-01, BSI-DSZ-CC-1110-V6-2023, BSI-DSZ-CC-1077-2020-RA-02, BSI-DSZ-CC-S-0260-2023, BSI-DSZ-CC-S-0208-2022, BSI-DSZ-CC-S-0253-2023
Evaluation facilities
TÃœV Informationstechnik, SRC Security Research & Consulting

Side-channel analysis
side channel, physical tampering, malfunction, fault injection, JIL
Certification process
being maintained is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, 7 ID eAT C2, STARCOS 3.7 ID ePass C2, Version 1.7, 26 April 2024, Giesecke+Devrient ePayments GmbH (confidential document) [7] Security Target Lite BSI-DSZ-CC-1077-V2-2024, Security Target Lite STARCOS 3.7 ID ePA C2, eAT C2, STARCOS 3.7 ID ePass C2, Version 1.0, 3 May 2024, SRC Security Research & Consulting GmbH (confidential document) [15] Configuration List BSI-DSZ-CC-1077-V2-2024, Configuration List STARCOS 3.7 ID ePA C2, STARCOS, 7 ID eAT C2, STARCOS 3.7 ID ePass C2, Version 0.9, 29 April 2024, Giesecke+Devrient ePayments GmbH (confidential document) [16] Guidance Documentation STARCOS 3.7 ID C2 – Main Document, Version 1.1, 05 December 2023, H13, Revision 4.4, 30 November 2023, Infineon Technologies AG, BSI-DSZ-CC- 1110-V6-2023 (confidential document) Security Target Lite of the underlying hardware platform, Common Criteria Public Security Target, procedure BSI-DSZ-CC-1110-V6-2023, Version 3, 01 December 2023, TÜV Informationstechnik GmbH (confidential document) [24] Technical Guideline BSI TR-03110: Advanced Security Mechanisms for Machine Readable Travel

Standards
FIPS180-4, FIPS180, FIPS46-3, FIPS197, FIPS PUB 46-3, FIPS PUB 180-4, FIPS PUB 197, AIS 34, AIS 36, AIS 37, AIS 26, AIS 25, AIS 20, AIS 31, AIS 46, AIS 35, AIS 1, AIS 14, AIS 19, AIS 32, AIS 38, AIS20, AIS31, RFC 5639, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, ISO/IEC 18031:2005, ICAO
Technical reports
BSI TR-03110, BSI TR-03116-2, BSI TR-02102-1, BSI TR-03116, BSI 7148

File metadata

Title Certification Report BSI-DSZ-CC-1077-V2-2024
Subject Common Criteria, Certification, Zertifizierung, STARCOS 3.7, MR.ED-PP, MR.ED-ON-PP
Keywords "Common Criteria, Certification, Zertifizierung, STARCOS 3.7, MR.ED-PP, MR.ED-ON-PP"
Author Federal Office for Information Security
Pages 39

Frontpage

Certificate ID BSI-DSZ-CC-1077-V2-2024
Certified item STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2
Certification lab BSI
Developer Giesecke+Devrient ePayments GmbH

References

Outgoing
  • BSI-DSZ-CC-1077-2020 - active - STARCOS 3.7 ID ePA C1, STARCOS 3.7 ID eAT C1, STARCOS 3.7 ID ePass C1
  • BSI-DSZ-CC-1110-V6-2023 - active - Infineon Security Controller IFX_CCI_000003h, 000005h, 000008h, 00000Ch, 000013h, 000014h, 000015h, 00001Ch, 00001Dh, 000021h, 000022h in the design step H13 and including optional software libraries and dedicated firmware in several versions

Security target ?

Extracted keywords

Symmetric Algorithms
AES, DES, 3DES, Triple-DES, TDES, KMAC, CMAC
Asymmetric Algorithms
ECDH, ECDSA, ECIES, ECC, Diffie-Hellman, DH
Hash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
Schemes
MAC
Protocols
PACE
Randomness
RNG, RND
Block cipher modes
CBC, OFB

Operating System name
STARCOS 3
IC data groups
EF.DG14, EF.DG1, EF.DG16, EF.DG3, EF.DG4, EF.COM, EF.SOD, EF.ChipSecurity
Vendor
NXP Semiconductors, Infineon, Infineon Technologies, Infineon Technologies AG, G+D, Giesecke+Devrient

Security level
EAL4, EAL6+, EAL 4, EAL 6, EAL6, EAL4 augmented, EAL6 augmented
Claims
O.RND, O.AES, O.TDES, O.MEM_ACCESS, T.RND, A.CGA, A.SCA, OE.HID_VAD
Security Assurance Requirements (SAR)
ADV_ARC.1, ADV_TDS.3, ADV_FSP.4, ADV_IMP.1, AGD_PRE, AGD_OPE, AGD_PRE.1, AGD_OPE.1, ALC_DVS.2, ALC_DEL.1, ALC_FLR.1, ATE_DPT.2, ATE_FUN, ATE_FUN.1, ATE_DPT, AVA_VAN.5
Security Functional Requirements (SFR)
FAU_SAS.1, FAU_SAS, FAU_SAS.1.1, FCS_RND.1, FCS_RND, FCS_CKM, FCS_CKM.2, FCS_COP.1, FCS_CKM.4, FCS_CKM.1, FCS_COP, FCS_RNG, FDP_ACF, FDP_ACF.1, FDP_ITC.1, FDP_ITC.2, FDP_RIP.1, FDP_ACC.1, FDP_ACC, FDP_RIP, FDP_UCT, FDP_IFC.1, FDP_UCT.1, FDP_UIT, FDP_UIT.1, FDP_SDI, FDP_SDI.1, FDP_SDI.2, FDP_IFC, FDP_IFF.1, FDP_IFF, FDP_MTD, FDP_ITT.1, FDP_SDC.1, FIA_UAU, FIA_API.1, FIA_API, FIA_AFL, FIA_UAU.4, FIA_UAU.1, FIA_AFL.1, FIA_UID, FIA_UID.1, FIA_UAU.6, FIA_UAU.5, FIA_UAU.4.1, FMT_SMR.1, FMT_LIM.1, FMT_LIM.2, FMT_LIM, FMT_MTD.3, FMT_MTD, FMT_MSA.3, FMT_MSA.1, FMT_MSA, FMT_SMR.1.1, FMT_SMR.1.2, FMT_SMF.1, FMT_SMF, FMT_MTD.1, FMT_SMR, FMT_MOF, FMT_MOF.1, FMT_MSA.2, FMT_MSA.4, FMT_FLS.1, FMT_TST.1, FPT_EMS.1, FPT_EMS, FPT_TST, FPT_FLS, FPT_FLS.1, FPT_TST.1, FPT_PHP, FPT_PHP.3, FPT_EMS.1.1, FPT_EMS.1.2, FPT_PHP.1, FPT_TST.2, FPT_ITT.1, FRU_FLT.2, FTP_ITC, FTP_ITC.1, FTP_TRP.1
Protection profiles
BSI-CC-PP-0087-V2-MA-01, BSI-CC-PP-0056-V2-2012, BSI-CC-PP-0086-2015, BSI-CC-PP-0084-2014, BSI-CC-PP-0087-V2-2016-MA-01, BSI-CC-PP-0059-
Certificates
BSI-DSZ-CC-1110-V6-2023
Evaluation facilities
T-Systems International

Side-channel analysis
Leak-Inherent, physical tampering, Malfunction, malfunction
Certification process
out of scope, and supports this process by cryptographic means. In particular, the updated TOE software is out of scope of this ST. No assumption is made on the quality and security of the update. To make the point, of the user data accessible using the different terminal types Other terminals than the above are out of scope of this ST. In particular, terminals using Basic Access Control (BAC) are functionally supported by

Standards
FIPS180-4, FIPS 19795, FIPS 197, PKCS#3, AIS20, AIS31, AIS 20, AIS 31, RFC3369, ISO/IEC 7816, ISO/IEC 14443, ICAO, CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004
Technical reports
BSI TR-03110, BSI TR-03116

File metadata

Title Security Target Lite
Subject STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2
Keywords Version, 1.7/Status, 26.04.2024
Author uta
Pages 182

References

Outgoing
  • BSI-DSZ-CC-1110-V6-2023 - active - Infineon Security Controller IFX_CCI_000003h, 000005h, 000008h, 00000Ch, 000013h, 000014h, 000015h, 00001Ch, 00001Dh, 000021h, 000022h in the design step H13 and including optional software libraries and dedicated firmware in several versions

Heuristics ?

Certificate ID: BSI-DSZ-CC-1077-V2-2024

Extracted SARs

ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, AGD_OPE.1, AGD_PRE.1, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_DVS.2, ALC_FLR.1, ALC_LCD.1, ALC_TAT.1, ATE_DPT.2, ATE_FUN.1, AVA_VAN.5

Certificate versions

Name Certificate ID
Previous
STARCOS 3.7 ID ePA C1, STARCOS 3.7 ID eAT C1, STARCOS 3.7 ID ePass C1 BSI-DSZ-CC-1077-2020 Compare

Scheme data ?

Cert Id BSI-DSZ-CC-1077-V2-2024
Product STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2
Vendor Giesecke+Devrient ePayments GmbH
Certification Date 12.06.2024
Category Electronic ID documents
Url https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Hoheitliche_Dokumente-IC_mit_Anwendung/1077.html
Enhanced
Product STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2
Applicant Giesecke+Devrient ePayments GmbH Prinzregentenstr. 161 81677 München
Evaluation Facility SRC Security Research & Consulting GmbH
Assurance Level EAL4+,ALC_DVS.2,ATE_DPT.2,AVA_VAN.5
Protection Profile Machine-Readable Electronic Documents based on BSI TR-03110 for Official Use (MR.ED-PP), Version 2.0.3, 18 July 2016, BSI-CC-PP-0087-V2-2016-MA-01, Common Criteria PP Configuration Machine Readable Electronic Documents - Optionales Nachladen (Optional Post-Emission Updates) [MR.ED-ON-PP], Version 0.9.2, 18 August 2016, BSI-CC-PP-0090-2016
Certification Date 12.06.2024
Expiration Date 11.06.2029
Entries [frozendict({'id': 'BSI-DSZ-CC-1077-V2-2024 (Ausstellungsdatum / Certification Date 12.06.2024, gültig bis / valid until 11.06.2029) Certificate of Conformity to Regulation (EU) No. 910/2014 (eIDAS) based on BSI-DSZ-CC-1077-V2-2024 Zertifizierungsreport / Certification Report Sicherheitsvorgaben / Security Target Zertifikat / Certificate', 'description': 'certificate and integrated site certificates for development and production sites as well as on the update of the vulnerability analysis including penetration testing for the (crypto-) implementation.'}), frozendict({'id': 'BSI', 'description': 'Second Re-Assessment for update of the vulnerability analysis and valuation related to the certification procedure 1077.'}), frozendict({'id': 'BSI', 'description': 'Re-Assessment for update of the vulnerability analysis and valuation related to the certification procedure 1077.'}), frozendict({'id': 'BSI', 'description': 'Certificate'})]
Cert Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1077V2c_pdf.pdf?__blob=publicationFile&v=2
Report Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1077V2a_pdf.pdf?__blob=publicationFile&v=2
Target Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1077V2b_pdf.pdf?__blob=publicationFile&v=2
Description The Target of Evaluation (TOE) is the product STARCOS 3.7 ID ePA C1, STARCOS 3.7 ID eAT C1, STARCOS 3.7 ID ePass C1 provided by Giesecke+Devrient Mobile Security GmbH, based on the hardware platform Infineon Security Controller IFX_CCI_000005h from Infineon Technologies AG. It is an electronic Identity Card representing a smart card with contactless interface programmed according to the Technical Guideline BSI TR-03110 and the ICAO specifications. The smart card provides the following authentication mechanisms: Passive Authentication, Password Authenticated Connection Establishment (PACE), Chip Authentication version 1, 2 and 3, Terminal Authentication version 1 and 2. Additionally, the TOE meets the requirements of the Technical Guideline BSI TR-03116-2 as part of the qualification for the use within electronic ID card projects of the Federal Republic of Germany. Please note that in consistency to the claimed protection profile BSI-CC-PP-0087-V2-2016-MA-01 the security mechanisms Password Authenticated Connection Establishment (PACE) and Extended Access Control (EAC) are in focus of this evaluation process. The further security mechanism Basic Access Control (BAC) contained in the corresponding product is subject of a separate evaluation process (refer to BSI-DSZ-CC-1076-2020). The smart card contains at least one of the following applications that are all subject of the TOE’s evaluation: ePass ApplicationeID ApplicationeSign Application Three different major configurations of the TOE exist that only differ in the installed file system or applications respectively: Electronic DocumentResidence PermitPassport Furthermore, the TOE provides the so-called Update-in-Field mechanism. This secure update mechanism allows to install code-signed updates of the TOE Embedded Software (operating system part) by authorized staff during operational use. The TOE’s evaluation only covers the Update-in-Field mechanism itself, but does not cover any update packages. As stated in the certification report in chapter 12, the certificate comprises the usage as QSigCD according to article 30 of the Regulation (EU) No 910/2014.
Subcategory IC with applications

References ?

Updates ?

  • 21.11.2024 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'prev_certificates': ['BSI-DSZ-CC-1077-2020'], 'next_certificates': []}.
  • 09.11.2024 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The scheme_data property was updated, with the {'certification_date': '2024-06-12', 'enhanced': {'__update__': {'applicant': 'Giesecke+Devrient ePayments GmbH Prinzregentenstr. 161 81677 München', 'protection_profile': 'Machine-Readable Electronic Documents based on BSI TR-03110 for Official Use (MR.ED-PP), Version 2.0.3, 18 July 2016, BSI-CC-PP-0087-V2-2016-MA-01, Common Criteria PP Configuration Machine Readable Electronic Documents - Optionales Nachladen (Optional Post-Emission Updates) [MR.ED-ON-PP], Version 0.9.2, 18 August 2016, BSI-CC-PP-0090-2016', 'certification_date': '2024-06-12', 'expiration_date': '2029-06-11', 'entries': {'0': {'__update__': {'id': 'BSI-DSZ-CC-1077-V2-2024 (Ausstellungsdatum / Certification Date 12.06.2024, gültig bis / valid until 11.06.2029) Certificate of Conformity to Regulation (EU) No. 910/2014 (eIDAS) based on BSI-DSZ-CC-1077-V2-2024 Zertifizierungsreport / Certification Report Sicherheitsvorgaben / Security Target Zertifikat / Certificate'}}}, 'description': 'The Target of Evaluation (TOE) is the product STARCOS 3.7 ID ePA C1, STARCOS 3.7 ID eAT C1, STARCOS 3.7 ID ePass C1 provided by Giesecke+Devrient Mobile Security GmbH, based on the hardware platform Infineon Security Controller IFX_CCI_000005h from Infineon Technologies AG. It is an electronic Identity Card representing a smart card with contactless interface programmed according to the Technical Guideline BSI TR-03110 and the ICAO specifications. The smart card provides the following authentication mechanisms: Passive Authentication, Password Authenticated Connection Establishment (PACE), Chip Authentication version 1, 2 and 3, Terminal Authentication version 1 and 2. Additionally, the TOE meets the requirements of the Technical Guideline BSI TR-03116-2 as part of the qualification for the use within electronic ID card projects of the Federal Republic of Germany. Please note that in consistency to the claimed protection profile BSI-CC-PP-0087-V2-2016-MA-01 the security mechanisms Password Authenticated Connection Establishment (PACE) and Extended Access Control (EAC) are in focus of this evaluation process. The further security mechanism Basic Access Control (BAC) contained in the corresponding product is subject of a separate evaluation process (refer to BSI-DSZ-CC-1076-2020). The smart card contains at least one of the following applications that are all subject of the TOE’s evaluation: ePass ApplicationeID ApplicationeSign Application Three different major configurations of the TOE exist that only differ in the installed file system or applications respectively: Electronic DocumentResidence PermitPassport Furthermore, the TOE provides the so-called Update-in-Field mechanism. This secure update mechanism allows to install code-signed updates of the TOE Embedded Software (operating system part) by authorized staff during operational use. The TOE’s evaluation only covers the Update-in-Field mechanism itself, but does not cover any update packages. As stated in the certification report in chapter 12, the certificate comprises the usage as QSigCD according to article 30 of the Regulation (EU) No 910/2014.'}}} data.
  • 17.10.2024 The certificate data changed.
    Certificate changed

    The Protection Profiles of the certificate were updated.

    • The following values were removed: {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Machine-Readable Electronic Documents based on BSI TR-03110 for Official Use', 'pp_eal': None, 'pp_link': 'https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0087V2b_pdf.pdf', 'pp_ids': None}]}.
    • The following values were added: {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Machine-Readable Electronic Documents based on BSI TR-03110 for Official Use', 'pp_eal': 'EAL4+', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/pp0087V2b_pdf.pdf', 'pp_ids': {'_type': 'Set', 'elements': ['MR.ED-PP_V2.2']}}]}.
  • 22.08.2024 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The st property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '2bbf1c83922098b4b284c5900771fed9b0cb071eea63a504cfbaa9f5a6a5782e', 'txt_hash': 'ffa94cb2127d0be576dd3935b57d734633ef49e70b9fc268336379cf07bd38a9'} data.
    • The cert property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '7efd5772e248fe0a3a78b7ae9d8b17a6c6ec77cd4e73acd6992da2e889c19da2', 'txt_hash': '57ed53e812b422749fe1598e6e0c5d92642dfbab10ee348cd0a890d10559c368'} data.

    The PDF extraction data was updated.

    • The st_metadata property was set to {'pdf_file_size_bytes': 1673991, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 182, '/Author': 'uta', '/Keywords': 'Version, 1.7/Status, 26.04.2024', '/Subject': 'STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2', '/Title': 'Security Target Lite', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
    • The cert_metadata property was set to {'pdf_file_size_bytes': 232936, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 1, '/Author': 'Federal Office for Information Security', '/Keywords': 'Common Criteria, Certification, Zertifizierung, STARCOS 3.7', '/Subject': 'Common Criteria, Certification, Zertifizierung, STARCOS 3.7', '/Title': 'Certificate BSI-DSZ-CC-1077-V2-2024', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
    • The st_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-1110-V6-2023': 2}}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0087-V2-MA-01': 1, 'BSI-CC-PP-0056-V2-2012': 1, 'BSI-CC-PP-0086-2015': 1, 'BSI-CC-PP-0084-2014': 1, 'BSI-CC-PP-0087-V2-2016-MA-01': 1, 'BSI-CC-PP-0059-': 1}}, 'cc_security_level': {'EAL': {'EAL4': 14, 'EAL6+': 2, 'EAL 4': 2, 'EAL 6': 2, 'EAL6': 1, 'EAL4 augmented': 4, 'EAL6 augmented': 1}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 3, 'ADV_TDS.3': 4, 'ADV_FSP.4': 2, 'ADV_IMP.1': 2}, 'AGD': {'AGD_PRE': 4, 'AGD_OPE': 1, 'AGD_PRE.1': 3, 'AGD_OPE.1': 2}, 'ALC': {'ALC_DVS.2': 8, 'ALC_DEL.1': 1, 'ALC_FLR.1': 1}, 'ATE': {'ATE_DPT.2': 9, 'ATE_FUN': 1, 'ATE_FUN.1': 1, 'ATE_DPT': 1}, 'AVA': {'AVA_VAN.5': 8}}, 'cc_sfr': {'FAU': {'FAU_SAS.1': 9, 'FAU_SAS': 14, 'FAU_SAS.1.1': 1}, 'FCS': {'FCS_RND.1': 4, 'FCS_RND': 8, 'FCS_CKM': 106, 'FCS_CKM.2': 11, 'FCS_COP.1': 27, 'FCS_CKM.4': 30, 'FCS_CKM.1': 30, 'FCS_COP': 96, 'FCS_RNG': 9}, 'FDP': {'FDP_ACF': 47, 'FDP_ACF.1': 50, 'FDP_ITC.1': 19, 'FDP_ITC.2': 20, 'FDP_RIP.1': 10, 'FDP_ACC.1': 17, 'FDP_ACC': 35, 'FDP_RIP': 11, 'FDP_UCT': 5, 'FDP_IFC.1': 9, 'FDP_UCT.1': 2, 'FDP_UIT': 5, 'FDP_UIT.1': 3, 'FDP_SDI': 10, 'FDP_SDI.1': 3, 'FDP_SDI.2': 10, 'FDP_IFC': 5, 'FDP_IFF.1': 6, 'FDP_IFF': 6, 'FDP_MTD': 2, 'FDP_ITT.1': 1, 'FDP_SDC.1': 1}, 'FIA': {'FIA_UAU': 70, 'FIA_API.1': 7, 'FIA_API': 21, 'FIA_AFL': 21, 'FIA_UAU.4': 3, 'FIA_UAU.1': 15, 'FIA_AFL.1': 11, 'FIA_UID': 27, 'FIA_UID.1': 18, 'FIA_UAU.6': 4, 'FIA_UAU.5': 4, 'FIA_UAU.4.1': 1}, 'FMT': {'FMT_SMR.1': 43, 'FMT_LIM.1': 7, 'FMT_LIM.2': 7, 'FMT_LIM': 41, 'FMT_MTD.3': 3, 'FMT_MTD': 87, 'FMT_MSA.3': 12, 'FMT_MSA.1': 8, 'FMT_MSA': 17, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1, 'FMT_SMF.1': 30, 'FMT_SMF': 37, 'FMT_MTD.1': 23, 'FMT_SMR': 39, 'FMT_MOF': 2, 'FMT_MOF.1': 1, 'FMT_MSA.2': 1, 'FMT_MSA.4': 1, 'FMT_FLS.1': 1, 'FMT_TST.1': 1}, 'FPT': {'FPT_EMS.1': 15, 'FPT_EMS': 31, 'FPT_TST': 17, 'FPT_FLS': 15, 'FPT_FLS.1': 7, 'FPT_TST.1': 7, 'FPT_PHP': 14, 'FPT_PHP.3': 4, 'FPT_EMS.1.1': 3, 'FPT_EMS.1.2': 3, 'FPT_PHP.1': 3, 'FPT_TST.2': 5, 'FPT_ITT.1': 1}, 'FRU': {'FRU_FLT.2': 6}, 'FTP': {'FTP_ITC': 23, 'FTP_ITC.1': 18, 'FTP_TRP.1': 1}}, 'cc_claims': {'O': {'O.RND': 3, 'O.AES': 2, 'O.TDES': 1, 'O.MEM_ACCESS': 1}, 'T': {'T.RND': 3}, 'A': {'A.CGA': 2, 'A.SCA': 2}, 'OE': {'OE.HID_VAD': 2}}, 'vendor': {'NXP': {'NXP Semiconductors': 1}, 'Infineon': {'Infineon': 3, 'Infineon Technologies': 1, 'Infineon Technologies AG': 1}, 'GD': {'G+D': 2, 'Giesecke+Devrient': 6}}, 'eval_facility': {'TSystems': {'T-Systems International': 1}}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 25}}, 'DES': {'DES': {'DES': 4}, '3DES': {'3DES': 6, 'Triple-DES': 4, 'TDES': 2}}, 'constructions': {'MAC': {'KMAC': 5, 'CMAC': 7}}}, 'asymmetric_crypto': {'ECC': {'ECDH': {'ECDH': 6}, 'ECDSA': {'ECDSA': 4}, 'ECIES': {'ECIES': 1}, 'ECC': {'ECC': 2}}, 'FF': {'DH': {'Diffie-Hellman': 5, 'DH': 4}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 4}, 'SHA2': {'SHA-224': 1, 'SHA-256': 7, 'SHA-384': 4, 'SHA-512': 4}}}, 'crypto_scheme': {'MAC': {'MAC': 5}}, 'crypto_protocol': {'PACE': {'PACE': 112}}, 'randomness': {'RNG': {'RNG': 8, 'RND': 6}}, 'cipher_mode': {'CBC': {'CBC': 4}, 'OFB': {'OFB': 1}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'Leak-Inherent': 6}, 'FI': {'physical tampering': 7, 'Malfunction': 11, 'malfunction': 1}}, 'technical_report_id': {'BSI': {'BSI TR-03110': 2, 'BSI TR-03116': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {'STARCOS': {'STARCOS 3': 580}}, 'cplc_data': {}, 'ic_data_group': {'EF': {'EF.DG14': 1, 'EF.DG1': 1, 'EF.DG16': 1, 'EF.DG3': 2, 'EF.DG4': 2, 'EF.COM': 1, 'EF.SOD': 2, 'EF.ChipSecurity': 1}}, 'standard_id': {'FIPS': {'FIPS180-4': 9, 'FIPS 19795': 1, 'FIPS 197': 1}, 'PKCS': {'PKCS#3': 2}, 'BSI': {'AIS20': 2, 'AIS31': 3, 'AIS 20': 1, 'AIS 31': 1}, 'RFC': {'RFC3369': 2}, 'ISO': {'ISO/IEC 7816': 2, 'ISO/IEC 14443': 4}, 'ICAO': {'ICAO': 10}, 'CC': {'CCMB-2017-04-001': 2, 'CCMB-2017-04-002': 2, 'CCMB-2017-04-003': 2, 'CCMB-2017-04-004': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 2, 'and supports this process by cryptographic means. In particular, the updated TOE software is out of scope of this ST. No assumption is made on the quality and security of the update. To make the point': 1, 'of the user data accessible using the different terminal types Other terminals than the above are out of scope of this ST. In particular, terminals using Basic Access Control (BAC) are functionally supported by': 1}}}.
    • The cert_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-1077-V2-2024': 1}}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0087-V2-2016-MA-01': 1, 'BSI-CC-PP-0090-2016': 1}}, 'cc_security_level': {'EAL': {'EAL 4': 1, 'EAL 5': 1, 'EAL 2': 1, 'EAL 4 augmented': 1}}, 'cc_sar': {'ALC': {'ALC_DVS.2': 1}, 'ATE': {'ATE_DPT.2': 1}, 'AVA': {'AVA_VAN.5': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {'GD': {'Giesecke+Devrient': 1}}, 'eval_facility': {}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {'BSI': {'BSI TR-03110': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {'STARCOS': {'STARCOS 3': 3}}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'ISO': {'ISO/IEC 15408': 2, 'ISO/IEC 18045': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.
    • The st_filename property was set to 1077V2b_pdf.pdf.
    • The cert_filename property was set to 1077V2c_pdf.pdf.

    The computed heuristics were updated.

    • The st_references property was updated, with the {'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1110-V6-2023']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1110-V6-2023']}} data.
    • The report_references property was updated, with the {'indirectly_referencing': {'__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0945-V3-2018', 'BSI-DSZ-CC-0945-V2-2018', 'BSI-DSZ-CC-0945-2017', 'BSI-DSZ-CC-1110-V2-2019', 'BSI-DSZ-CC-0782-2012', 'BSI-DSZ-CC-1110-2019', 'BSI-DSZ-CC-0891-2015', 'BSI-DSZ-CC-0891-V2-2016']}}} data.
    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 1}]} values added.
  • 19.08.2024 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The report_references property was updated, with the {'indirectly_referencing': {'__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1110-V3-2020']}}} data.
  • 17.08.2024 The certificate data changed.
    Certificate changed

    The report_link was updated.

    • The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1077V2a_pdf.pdf.

    The st_link was updated.

    • The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1077V2b_pdf.pdf.

    The state of the certificate object was updated.

    • The report property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '6e4766ae1099a41424156e555e56e8a03d5bc160711cc399c9832bbc1f9ce786', 'txt_hash': '0a604f3263edd1d17ba6653fea9b0e6d7513905f57f5d930de29163a7e164f1b'} data.
    • The cert property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.

    The PDF extraction data was updated.

    • The report_metadata property was set to {'pdf_file_size_bytes': 739434, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 39, '/Author': 'Federal Office for Information Security', '/Keywords': '"Common Criteria, Certification, Zertifizierung, STARCOS 3.7, MR.ED-PP, MR.ED-ON-PP"', '/Subject': 'Common Criteria, Certification, Zertifizierung, STARCOS 3.7, MR.ED-PP, MR.ED-ON-PP', '/Title': 'Certification Report BSI-DSZ-CC-1077-V2-2024', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://www.bsi.bund.de/', 'https://www.commoncriteriaportal.org/', 'https://www.sogis.eu/', 'https://www.bsi.bund.de/zertifizierung', 'http://www.commoncriteriaportal.org/cc/', 'https://www.bsi.bund.de/zertifizierungsreporte', 'http://www.commoncriteriaportal.org/', 'https://www.bsi.bund.de/AIS']}}.
    • The cert_metadata property was set to None.
    • The report_frontpage property was set to {'DE': {'match_rules': ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)'], 'cert_id': 'BSI-DSZ-CC-1077-V2-2024', 'cert_item': 'STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2', 'developer': 'Giesecke+Devrient ePayments GmbH', 'cert_lab': 'BSI', 'ref_protection_profiles': 'Common Criteria Protection Profile Machine-Readable Electronic Documents based on BSI TR-03110 for Official Use [MR.ED-PP], Version 2.0.3, 18 July 2016, BSI-CC-PP-0087-V2-2016-MA-01 Common Criteria PP Configuration Machine Readable Electronic Documents – Optionales Nachladen (Optional Post-Emission Updates) [MR.ED-ON-PP], Version 0.9.2, 18 August 2016, BSI-CC-PP-0090-2016', 'cc_version': 'PP conformant Common Criteria Part 2 extended', 'cc_security_level': 'Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2, ATE_DPT.2 and AVA_VAN.5 valid until: 11 June 2029 SOGIS Recognition Agreement'}}.
    • The report_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-1077-V2-2024': 25, 'BSI-DSZ-CC-1077-2020': 2, 'BSI-DSZ-CC-1077-': 1, 'BSI-DSZ-CC-1077-2020-RA-01': 2, 'BSI-DSZ-CC-1110-V6-2023': 6, 'BSI-DSZ-CC-1077-2020-RA-02': 1, 'BSI-DSZ-CC-S-0260-2023': 1, 'BSI-DSZ-CC-S-0208-2022': 2, 'BSI-DSZ-CC-S-0253-2023': 2}}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0087-V2-2016-MA-01': 3, 'BSI-CC-PP-0090-2016': 4, 'BSI-CC-PP-0059-2009-MA-02': 3, 'BSI-CC-PP-0056-V2-2012': 2, 'BSI-CC-PP-0086': 3, 'BSI-CC-PP-0068-V2-2011-MA-01': 2, 'BSI-CC-PP-0068-V2-': 1}}, 'cc_security_level': {'EAL': {'EAL 4': 5, 'EAL 5': 4, 'EAL 2': 3, 'EAL 1': 1, 'EAL 5+': 2, 'EAL 6': 2, 'EAL 4 augmented': 3}}, 'cc_sar': {'ADV': {'ADV_ARC': 1}, 'ALC': {'ALC_DVS.2': 5, 'ALC_FLR': 2, 'ALC_CMC.4': 1, 'ALC_CMS.4': 1, 'ALC_DEL.1': 1, 'ALC_LCD.1': 1, 'ALC_TAT.1': 1}, 'ATE': {'ATE_DPT.2': 4}, 'AVA': {'AVA_VAN.5': 4}}, 'cc_sfr': {'FCS': {'FCS_COP': 24, 'FCS_CKM': 23, 'FCS_RND': 1}, 'FIA': {'FIA_UAU': 7}, 'FTP': {'FTP_ITC': 5}}, 'cc_claims': {}, 'vendor': {'Infineon': {'Infineon': 9, 'Infineon Technologies AG': 7}, 'GD': {'Giesecke+Devrient': 23}}, 'eval_facility': {'TUV': {'TÃœV Informationstechnik': 1}, 'SRC': {'SRC Security Research & Consulting': 3}}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 12}}, 'DES': {'DES': {'DES': 5}, '3DES': {'3DES': 3}}, 'constructions': {'MAC': {'CMAC': 5}}}, 'asymmetric_crypto': {'ECC': {'ECDH': {'ECDH': 8}, 'ECDSA': {'ECDSA': 12}, 'ECIES': {'ECIES': 2}, 'ECC': {'ECC': 6}}, 'FF': {'DH': {'Diffie-Hellman': 1}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA-256': 2, 'SHA-384': 1, 'SHA-512': 1}}}, 'crypto_scheme': {'MAC': {'MAC': 1}, 'KA': {'Key Agreement': 1}}, 'crypto_protocol': {'PACE': {'PACE': 23}}, 'randomness': {'RNG': {'RNG': 2}}, 'cipher_mode': {'CBC': {'CBC': 6}, 'OFB': {'OFB': 2}}, 'ecc_curve': {'Brainpool': {'brainpoolP512r1': 2}}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'side channel': 1}, 'FI': {'physical tampering': 1, 'malfunction': 1, 'fault injection': 1}, 'other': {'JIL': 6}}, 'technical_report_id': {'BSI': {'BSI TR-03110': 8, 'BSI TR-03116-2': 2, 'BSI TR-02102-1': 1, 'BSI TR-03116': 3, 'BSI 7148': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {'STARCOS': {'STARCOS 3': 80}}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS180-4': 1, 'FIPS180': 6, 'FIPS46-3': 3, 'FIPS197': 4, 'FIPS PUB 46-3': 1, 'FIPS PUB 180-4': 1, 'FIPS PUB 197': 1}, 'BSI': {'AIS 34': 4, 'AIS 36': 5, 'AIS 37': 3, 'AIS 26': 4, 'AIS 25': 4, 'AIS 20': 3, 'AIS 31': 3, 'AIS 46': 3, 'AIS 35': 2, 'AIS 1': 1, 'AIS 14': 1, 'AIS 19': 1, 'AIS 32': 1, 'AIS 38': 1, 'AIS20': 2, 'AIS31': 2}, 'RFC': {'RFC 5639': 15}, 'ISO': {'ISO/IEC 15408': 4, 'ISO/IEC 18045': 4, 'ISO/IEC 17065': 2, 'ISO/IEC 18031:2005': 1}, 'ICAO': {'ICAO': 19}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'ConfidentialDocument': {'being maintained is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification': 1, '7 ID eAT C2, STARCOS 3.7 ID ePass C2, Version 1.7, 26 April 2024, Giesecke+Devrient ePayments GmbH (confidential document) [7] Security Target Lite BSI-DSZ-CC-1077-V2-2024, Security Target Lite STARCOS 3.7 ID ePA C2': 1, 'eAT C2, STARCOS 3.7 ID ePass C2, Version 1.0, 3 May 2024, SRC Security Research & Consulting GmbH (confidential document) [15] Configuration List BSI-DSZ-CC-1077-V2-2024, Configuration List STARCOS 3.7 ID ePA C2, STARCOS': 1, '7 ID eAT C2, STARCOS 3.7 ID ePass C2, Version 0.9, 29 April 2024, Giesecke+Devrient ePayments GmbH (confidential document) [16] Guidance Documentation STARCOS 3.7 ID C2 – Main Document, Version 1.1, 05 December 2023': 1, 'H13, Revision 4.4, 30 November 2023, Infineon Technologies AG, BSI-DSZ-CC- 1110-V6-2023 (confidential document) Security Target Lite of the underlying hardware platform, Common Criteria Public Security Target': 1, 'procedure BSI-DSZ-CC-1110-V6-2023, Version 3, 01 December 2023, TÃœV Informationstechnik GmbH (confidential document) [24] Technical Guideline BSI TR-03110: Advanced Security Mechanisms for Machine Readable Travel': 1}}}.
    • The cert_keywords property was set to None.
    • The report_filename property was set to 1077V2a_pdf.pdf.
    • The cert_filename property was set to None.

    The computed heuristics were updated.

    • The cert_lab property was set to ['BSI'].
    • The report_references property was updated, with the {'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1077-2020', 'BSI-DSZ-CC-1110-V6-2023']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1110-V4-2021', 'BSI-DSZ-CC-1110-V5-2022', 'BSI-DSZ-CC-1077-2020', 'BSI-DSZ-CC-1110-V6-2023']}} data.
    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 4}]} values added.
  • 31.07.2024 The certificate was first processed.
    New certificate

    A new Common Criteria certificate with the product name STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2 was processed.

Raw data

{
  "_type": "sec_certs.sample.cc.CCCertificate",
  "category": "ICs, Smart Cards and Smart Card-Related Devices and Systems",
  "cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1077V2c_pdf.pdf",
  "dgst": "3f746e3371e342f6",
  "heuristics": {
    "_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
    "annotated_references": null,
    "cert_id": "BSI-DSZ-CC-1077-V2-2024",
    "cert_lab": [
      "BSI"
    ],
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_TAT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMC",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMS",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DEL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_IMP",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_FLR",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_DPT",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_OPE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_FSP",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_ARC",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_TDS",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_LCD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_PRE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_FUN",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DVS",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VAN",
          "level": 5
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "3.7"
      ]
    },
    "indirect_transitive_cves": null,
    "next_certificates": [],
    "prev_certificates": [
      "BSI-DSZ-CC-1077-2020"
    ],
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-1110-V6-2023",
          "BSI-DSZ-CC-1077-2020"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-0945-2017",
          "BSI-DSZ-CC-0891-2015",
          "BSI-DSZ-CC-1110-V2-2019",
          "BSI-DSZ-CC-1110-2019",
          "BSI-DSZ-CC-0945-V2-2018",
          "BSI-DSZ-CC-1110-V3-2020",
          "BSI-DSZ-CC-1077-2020",
          "BSI-DSZ-CC-0945-V3-2018",
          "BSI-DSZ-CC-0782-2012",
          "BSI-DSZ-CC-1110-V6-2023",
          "BSI-DSZ-CC-0891-V2-2016",
          "BSI-DSZ-CC-1110-V5-2022",
          "BSI-DSZ-CC-1110-V4-2021"
        ]
      }
    },
    "scheme_data": {
      "category": "Electronic ID documents",
      "cert_id": "BSI-DSZ-CC-1077-V2-2024",
      "certification_date": "2024-06-12",
      "enhanced": {
        "applicant": "Giesecke+Devrient ePayments GmbH Prinzregentenstr. 161 81677 M\u00fcnchen",
        "assurance_level": "EAL4+,ALC_DVS.2,ATE_DPT.2,AVA_VAN.5",
        "cert_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1077V2c_pdf.pdf?__blob=publicationFile\u0026v=2",
        "certification_date": "2024-06-12",
        "description": "The Target of Evaluation (TOE) is the product STARCOS 3.7 ID ePA C1, STARCOS 3.7 ID eAT C1, STARCOS 3.7 ID ePass C1 provided by Giesecke+Devrient Mobile Security GmbH, based on the hardware platform Infineon Security Controller IFX_CCI_000005h from Infineon Technologies AG. It is an electronic Identity Card representing a smart card with contactless interface programmed according to the Technical Guideline BSI TR-03110 and the ICAO specifications. The smart card provides the following authentication mechanisms: Passive Authentication, Password Authenticated Connection Establishment (PACE), Chip Authentication version 1, 2 and 3, Terminal Authentication version 1 and 2. Additionally, the TOE meets the requirements of the Technical Guideline BSI TR-03116-2 as part of the qualification for the use within electronic ID card projects of the Federal Republic of Germany. Please note that in consistency to the claimed protection profile BSI-CC-PP-0087-V2-2016-MA-01 the security mechanisms Password Authenticated Connection Establishment (PACE) and Extended Access Control (EAC) are in focus of this evaluation process. The further security mechanism Basic Access Control (BAC) contained in the corresponding product is subject of a separate evaluation process (refer to BSI-DSZ-CC-1076-2020). The smart card contains at least one of the following applications that are all subject of the TOE\u2019s evaluation: ePass ApplicationeID ApplicationeSign Application Three different major configurations of the TOE exist that only differ in the installed file system or applications respectively: Electronic DocumentResidence PermitPassport Furthermore, the TOE provides the so-called Update-in-Field mechanism. This secure update mechanism allows to install code-signed updates of the TOE Embedded Software (operating system part) by authorized staff during operational use. The TOE\u2019s evaluation only covers the Update-in-Field mechanism itself, but does not cover any update packages. As stated in the certification report in chapter 12, the certificate comprises the usage as QSigCD according to article 30 of the Regulation (EU) No 910/2014.",
        "entries": [
          {
            "description": "certificate and integrated site certificates for development and production sites as well as on the update of the vulnerability analysis including penetration testing for the (crypto-) implementation.",
            "id": "BSI-DSZ-CC-1077-V2-2024 (Ausstellungsdatum / Certification Date 12.06.2024, g\u00fcltig bis / valid until 11.06.2029) Certificate of Conformity to Regulation (EU) No. 910/2014 (eIDAS) based on BSI-DSZ-CC-1077-V2-2024 Zertifizierungsreport / Certification Report Sicherheitsvorgaben / Security Target Zertifikat / Certificate"
          },
          {
            "description": "Second Re-Assessment for update of the vulnerability analysis and valuation related to the certification procedure 1077.",
            "id": "BSI"
          },
          {
            "description": "Re-Assessment for update of the vulnerability analysis and valuation related to the certification procedure 1077.",
            "id": "BSI"
          },
          {
            "description": "Certificate",
            "id": "BSI"
          }
        ],
        "evaluation_facility": "SRC Security Research \u0026 Consulting GmbH",
        "expiration_date": "2029-06-11",
        "product": "STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2",
        "protection_profile": "Machine-Readable Electronic Documents based on BSI TR-03110 for Official Use (MR.ED-PP), Version 2.0.3, 18 July 2016, BSI-CC-PP-0087-V2-2016-MA-01, Common Criteria PP Configuration Machine Readable Electronic Documents - Optionales Nachladen (Optional Post-Emission Updates) [MR.ED-ON-PP], Version 0.9.2, 18 August 2016, BSI-CC-PP-0090-2016",
        "report_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1077V2a_pdf.pdf?__blob=publicationFile\u0026v=2",
        "target_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1077V2b_pdf.pdf?__blob=publicationFile\u0026v=2"
      },
      "product": "STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2",
      "subcategory": "IC with applications",
      "url": "https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Hoheitliche_Dokumente-IC_mit_Anwendung/1077.html",
      "vendor": "Giesecke+Devrient ePayments GmbH"
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-1110-V6-2023"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-1110-V6-2023"
        ]
      }
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": []
  },
  "manufacturer": "Giesecke+Devrient ePayments GmbH",
  "manufacturer_web": "https://www.gi-de.com/de/",
  "name": "STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2",
  "not_valid_after": "2029-06-12",
  "not_valid_before": "2024-06-12",
  "pdf_data": {
    "_type": "sec_certs.sample.cc.CCCertificate.PdfData",
    "cert_filename": "1077V2c_pdf.pdf",
    "cert_frontpage": null,
    "cert_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-1077-V2-2024": 1
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {
        "BSI": {
          "BSI-CC-PP-0087-V2-2016-MA-01": 1,
          "BSI-CC-PP-0090-2016": 1
        }
      },
      "cc_sar": {
        "ALC": {
          "ALC_DVS.2": 1
        },
        "ATE": {
          "ATE_DPT.2": 1
        },
        "AVA": {
          "AVA_VAN.5": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 2": 1,
          "EAL 4": 1,
          "EAL 4 augmented": 1,
          "EAL 5": 1
        }
      },
      "cc_sfr": {},
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {
        "STARCOS": {
          "STARCOS 3": 3
        }
      },
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "ISO": {
          "ISO/IEC 15408": 2,
          "ISO/IEC 18045": 2
        }
      },
      "symmetric_crypto": {},
      "technical_report_id": {
        "BSI": {
          "BSI TR-03110": 1
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "GD": {
          "Giesecke+Devrient": 1
        }
      },
      "vulnerability": {}
    },
    "cert_metadata": {
      "/Author": "Federal Office for Information Security",
      "/Keywords": "Common Criteria, Certification, Zertifizierung, STARCOS 3.7",
      "/Subject": "Common Criteria, Certification, Zertifizierung, STARCOS 3.7",
      "/Title": "Certificate BSI-DSZ-CC-1077-V2-2024",
      "pdf_file_size_bytes": 232936,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 1
    },
    "report_filename": "1077V2a_pdf.pdf",
    "report_frontpage": {
      "DE": {
        "cc_security_level": "Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2, ATE_DPT.2 and AVA_VAN.5 valid until: 11 June 2029 SOGIS Recognition Agreement",
        "cc_version": "PP conformant Common Criteria Part 2 extended",
        "cert_id": "BSI-DSZ-CC-1077-V2-2024",
        "cert_item": "STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2",
        "cert_lab": "BSI",
        "developer": "Giesecke+Devrient ePayments GmbH",
        "match_rules": [
          "(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
        ],
        "ref_protection_profiles": "Common Criteria Protection Profile Machine-Readable Electronic Documents based on BSI TR-03110 for Official Use [MR.ED-PP], Version 2.0.3, 18 July 2016, BSI-CC-PP-0087-V2-2016-MA-01 Common Criteria PP Configuration Machine Readable Electronic Documents \u2013 Optionales Nachladen (Optional Post-Emission Updates) [MR.ED-ON-PP], Version 0.9.2, 18 August 2016, BSI-CC-PP-0090-2016"
      }
    },
    "report_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 6
          },
          "ECDH": {
            "ECDH": 8
          },
          "ECDSA": {
            "ECDSA": 12
          },
          "ECIES": {
            "ECIES": 2
          }
        },
        "FF": {
          "DH": {
            "Diffie-Hellman": 1
          }
        }
      },
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-1077-": 1,
          "BSI-DSZ-CC-1077-2020": 2,
          "BSI-DSZ-CC-1077-2020-RA-01": 2,
          "BSI-DSZ-CC-1077-2020-RA-02": 1,
          "BSI-DSZ-CC-1077-V2-2024": 25,
          "BSI-DSZ-CC-1110-V6-2023": 6,
          "BSI-DSZ-CC-S-0208-2022": 2,
          "BSI-DSZ-CC-S-0253-2023": 2,
          "BSI-DSZ-CC-S-0260-2023": 1
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {
        "BSI": {
          "BSI-CC-PP-0056-V2-2012": 2,
          "BSI-CC-PP-0059-2009-MA-02": 3,
          "BSI-CC-PP-0068-V2-": 1,
          "BSI-CC-PP-0068-V2-2011-MA-01": 2,
          "BSI-CC-PP-0086": 3,
          "BSI-CC-PP-0087-V2-2016-MA-01": 3,
          "BSI-CC-PP-0090-2016": 4
        }
      },
      "cc_sar": {
        "ADV": {
          "ADV_ARC": 1
        },
        "ALC": {
          "ALC_CMC.4": 1,
          "ALC_CMS.4": 1,
          "ALC_DEL.1": 1,
          "ALC_DVS.2": 5,
          "ALC_FLR": 2,
          "ALC_LCD.1": 1,
          "ALC_TAT.1": 1
        },
        "ATE": {
          "ATE_DPT.2": 4
        },
        "AVA": {
          "AVA_VAN.5": 4
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 1": 1,
          "EAL 2": 3,
          "EAL 4": 5,
          "EAL 4 augmented": 3,
          "EAL 5": 4,
          "EAL 5+": 2,
          "EAL 6": 2
        }
      },
      "cc_sfr": {
        "FCS": {
          "FCS_CKM": 23,
          "FCS_COP": 24,
          "FCS_RND": 1
        },
        "FIA": {
          "FIA_UAU": 7
        },
        "FTP": {
          "FTP_ITC": 5
        }
      },
      "certification_process": {
        "ConfidentialDocument": {
          "7 ID eAT C2, STARCOS 3.7 ID ePass C2, Version 0.9, 29 April 2024, Giesecke+Devrient ePayments GmbH (confidential document) [16] Guidance Documentation STARCOS 3.7 ID C2 \u2013 Main Document, Version 1.1, 05 December 2023": 1,
          "7 ID eAT C2, STARCOS 3.7 ID ePass C2, Version 1.7, 26 April 2024, Giesecke+Devrient ePayments GmbH (confidential document) [7] Security Target Lite BSI-DSZ-CC-1077-V2-2024, Security Target Lite STARCOS 3.7 ID ePA C2": 1,
          "H13, Revision 4.4, 30 November 2023, Infineon Technologies AG, BSI-DSZ-CC- 1110-V6-2023 (confidential document) Security Target Lite of the underlying hardware platform, Common Criteria Public Security Target": 1,
          "being maintained is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1,
          "eAT C2, STARCOS 3.7 ID ePass C2, Version 1.0, 3 May 2024, SRC Security Research \u0026 Consulting GmbH (confidential document) [15] Configuration List BSI-DSZ-CC-1077-V2-2024, Configuration List STARCOS 3.7 ID ePA C2, STARCOS": 1,
          "procedure BSI-DSZ-CC-1110-V6-2023, Version 3, 01 December 2023, T\u00dcV Informationstechnik GmbH (confidential document) [24] Technical Guideline BSI TR-03110: Advanced Security Mechanisms for Machine Readable Travel": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 6
        },
        "OFB": {
          "OFB": 2
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "PACE": {
          "PACE": 23
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 1
        },
        "MAC": {
          "MAC": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "Brainpool": {
          "brainpoolP512r1": 2
        }
      },
      "eval_facility": {
        "SRC": {
          "SRC Security Research \u0026 Consulting": 3
        },
        "TUV": {
          "T\u00dcV Informationstechnik": 1
        }
      },
      "hash_function": {
        "SHA": {
          "SHA2": {
            "SHA-256": 2,
            "SHA-384": 1,
            "SHA-512": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {
        "STARCOS": {
          "STARCOS 3": 80
        }
      },
      "pq_crypto": {},
      "randomness": {
        "RNG": {
          "RNG": 2
        }
      },
      "side_channel_analysis": {
        "FI": {
          "fault injection": 1,
          "malfunction": 1,
          "physical tampering": 1
        },
        "SCA": {
          "side channel": 1
        },
        "other": {
          "JIL": 6
        }
      },
      "standard_id": {
        "BSI": {
          "AIS 1": 1,
          "AIS 14": 1,
          "AIS 19": 1,
          "AIS 20": 3,
          "AIS 25": 4,
          "AIS 26": 4,
          "AIS 31": 3,
          "AIS 32": 1,
          "AIS 34": 4,
          "AIS 35": 2,
          "AIS 36": 5,
          "AIS 37": 3,
          "AIS 38": 1,
          "AIS 46": 3,
          "AIS20": 2,
          "AIS31": 2
        },
        "FIPS": {
          "FIPS PUB 180-4": 1,
          "FIPS PUB 197": 1,
          "FIPS PUB 46-3": 1,
          "FIPS180": 6,
          "FIPS180-4": 1,
          "FIPS197": 4,
          "FIPS46-3": 3
        },
        "ICAO": {
          "ICAO": 19
        },
        "ISO": {
          "ISO/IEC 15408": 4,
          "ISO/IEC 17065": 2,
          "ISO/IEC 18031:2005": 1,
          "ISO/IEC 18045": 4
        },
        "RFC": {
          "RFC 5639": 15
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 12
          }
        },
        "DES": {
          "3DES": {
            "3DES": 3
          },
          "DES": {
            "DES": 5
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 5
          }
        }
      },
      "technical_report_id": {
        "BSI": {
          "BSI 7148": 1,
          "BSI TR-02102-1": 1,
          "BSI TR-03110": 8,
          "BSI TR-03116": 3,
          "BSI TR-03116-2": 2
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "GD": {
          "Giesecke+Devrient": 23
        },
        "Infineon": {
          "Infineon": 9,
          "Infineon Technologies AG": 7
        }
      },
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "Federal Office for Information Security",
      "/Keywords": "\"Common Criteria, Certification, Zertifizierung, STARCOS 3.7, MR.ED-PP, MR.ED-ON-PP\"",
      "/Subject": "Common Criteria, Certification, Zertifizierung, STARCOS 3.7, MR.ED-PP, MR.ED-ON-PP",
      "/Title": "Certification Report BSI-DSZ-CC-1077-V2-2024",
      "pdf_file_size_bytes": 739434,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://www.sogis.eu/",
          "https://www.commoncriteriaportal.org/",
          "https://www.bsi.bund.de/",
          "https://www.bsi.bund.de/zertifizierung",
          "http://www.commoncriteriaportal.org/",
          "https://www.bsi.bund.de/zertifizierungsreporte",
          "https://www.bsi.bund.de/AIS",
          "http://www.commoncriteriaportal.org/cc/"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 39
    },
    "st_filename": "1077V2b_pdf.pdf",
    "st_frontpage": null,
    "st_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 2
          },
          "ECDH": {
            "ECDH": 6
          },
          "ECDSA": {
            "ECDSA": 4
          },
          "ECIES": {
            "ECIES": 1
          }
        },
        "FF": {
          "DH": {
            "DH": 4,
            "Diffie-Hellman": 5
          }
        }
      },
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-1110-V6-2023": 2
        }
      },
      "cc_claims": {
        "A": {
          "A.CGA": 2,
          "A.SCA": 2
        },
        "O": {
          "O.AES": 2,
          "O.MEM_ACCESS": 1,
          "O.RND": 3,
          "O.TDES": 1
        },
        "OE": {
          "OE.HID_VAD": 2
        },
        "T": {
          "T.RND": 3
        }
      },
      "cc_protection_profile_id": {
        "BSI": {
          "BSI-CC-PP-0056-V2-2012": 1,
          "BSI-CC-PP-0059-": 1,
          "BSI-CC-PP-0084-2014": 1,
          "BSI-CC-PP-0086-2015": 1,
          "BSI-CC-PP-0087-V2-2016-MA-01": 1,
          "BSI-CC-PP-0087-V2-MA-01": 1
        }
      },
      "cc_sar": {
        "ADV": {
          "ADV_ARC.1": 3,
          "ADV_FSP.4": 2,
          "ADV_IMP.1": 2,
          "ADV_TDS.3": 4
        },
        "AGD": {
          "AGD_OPE": 1,
          "AGD_OPE.1": 2,
          "AGD_PRE": 4,
          "AGD_PRE.1": 3
        },
        "ALC": {
          "ALC_DEL.1": 1,
          "ALC_DVS.2": 8,
          "ALC_FLR.1": 1
        },
        "ATE": {
          "ATE_DPT": 1,
          "ATE_DPT.2": 9,
          "ATE_FUN": 1,
          "ATE_FUN.1": 1
        },
        "AVA": {
          "AVA_VAN.5": 8
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 4": 2,
          "EAL 6": 2,
          "EAL4": 14,
          "EAL4 augmented": 4,
          "EAL6": 1,
          "EAL6 augmented": 1,
          "EAL6+": 2
        }
      },
      "cc_sfr": {
        "FAU": {
          "FAU_SAS": 14,
          "FAU_SAS.1": 9,
          "FAU_SAS.1.1": 1
        },
        "FCS": {
          "FCS_CKM": 106,
          "FCS_CKM.1": 30,
          "FCS_CKM.2": 11,
          "FCS_CKM.4": 30,
          "FCS_COP": 96,
          "FCS_COP.1": 27,
          "FCS_RND": 8,
          "FCS_RND.1": 4,
          "FCS_RNG": 9
        },
        "FDP": {
          "FDP_ACC": 35,
          "FDP_ACC.1": 17,
          "FDP_ACF": 47,
          "FDP_ACF.1": 50,
          "FDP_IFC": 5,
          "FDP_IFC.1": 9,
          "FDP_IFF": 6,
          "FDP_IFF.1": 6,
          "FDP_ITC.1": 19,
          "FDP_ITC.2": 20,
          "FDP_ITT.1": 1,
          "FDP_MTD": 2,
          "FDP_RIP": 11,
          "FDP_RIP.1": 10,
          "FDP_SDC.1": 1,
          "FDP_SDI": 10,
          "FDP_SDI.1": 3,
          "FDP_SDI.2": 10,
          "FDP_UCT": 5,
          "FDP_UCT.1": 2,
          "FDP_UIT": 5,
          "FDP_UIT.1": 3
        },
        "FIA": {
          "FIA_AFL": 21,
          "FIA_AFL.1": 11,
          "FIA_API": 21,
          "FIA_API.1": 7,
          "FIA_UAU": 70,
          "FIA_UAU.1": 15,
          "FIA_UAU.4": 3,
          "FIA_UAU.4.1": 1,
          "FIA_UAU.5": 4,
          "FIA_UAU.6": 4,
          "FIA_UID": 27,
          "FIA_UID.1": 18
        },
        "FMT": {
          "FMT_FLS.1": 1,
          "FMT_LIM": 41,
          "FMT_LIM.1": 7,
          "FMT_LIM.2": 7,
          "FMT_MOF": 2,
          "FMT_MOF.1": 1,
          "FMT_MSA": 17,
          "FMT_MSA.1": 8,
          "FMT_MSA.2": 1,
          "FMT_MSA.3": 12,
          "FMT_MSA.4": 1,
          "FMT_MTD": 87,
          "FMT_MTD.1": 23,
          "FMT_MTD.3": 3,
          "FMT_SMF": 37,
          "FMT_SMF.1": 30,
          "FMT_SMR": 39,
          "FMT_SMR.1": 43,
          "FMT_SMR.1.1": 1,
          "FMT_SMR.1.2": 1,
          "FMT_TST.1": 1
        },
        "FPT": {
          "FPT_EMS": 31,
          "FPT_EMS.1": 15,
          "FPT_EMS.1.1": 3,
          "FPT_EMS.1.2": 3,
          "FPT_FLS": 15,
          "FPT_FLS.1": 7,
          "FPT_ITT.1": 1,
          "FPT_PHP": 14,
          "FPT_PHP.1": 3,
          "FPT_PHP.3": 4,
          "FPT_TST": 17,
          "FPT_TST.1": 7,
          "FPT_TST.2": 5
        },
        "FRU": {
          "FRU_FLT.2": 6
        },
        "FTP": {
          "FTP_ITC": 23,
          "FTP_ITC.1": 18,
          "FTP_TRP.1": 1
        }
      },
      "certification_process": {
        "OutOfScope": {
          "and supports this process by cryptographic means. In particular, the updated TOE software is out of scope of this ST. No assumption is made on the quality and security of the update. To make the point": 1,
          "of the user data accessible using the different terminal types Other terminals than the above are out of scope of this ST. In particular, terminals using Basic Access Control (BAC) are functionally supported by": 1,
          "out of scope": 2
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 4
        },
        "OFB": {
          "OFB": 1
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "PACE": {
          "PACE": 112
        }
      },
      "crypto_scheme": {
        "MAC": {
          "MAC": 5
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "TSystems": {
          "T-Systems International": 1
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 4
          },
          "SHA2": {
            "SHA-224": 1,
            "SHA-256": 7,
            "SHA-384": 4,
            "SHA-512": 4
          }
        }
      },
      "ic_data_group": {
        "EF": {
          "EF.COM": 1,
          "EF.ChipSecurity": 1,
          "EF.DG1": 1,
          "EF.DG14": 1,
          "EF.DG16": 1,
          "EF.DG3": 2,
          "EF.DG4": 2,
          "EF.SOD": 2
        }
      },
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {
        "STARCOS": {
          "STARCOS 3": 580
        }
      },
      "pq_crypto": {},
      "randomness": {
        "RNG": {
          "RND": 6,
          "RNG": 8
        }
      },
      "side_channel_analysis": {
        "FI": {
          "Malfunction": 11,
          "malfunction": 1,
          "physical tampering": 7
        },
        "SCA": {
          "Leak-Inherent": 6
        }
      },
      "standard_id": {
        "BSI": {
          "AIS 20": 1,
          "AIS 31": 1,
          "AIS20": 2,
          "AIS31": 3
        },
        "CC": {
          "CCMB-2017-04-001": 2,
          "CCMB-2017-04-002": 2,
          "CCMB-2017-04-003": 2,
          "CCMB-2017-04-004": 2
        },
        "FIPS": {
          "FIPS 197": 1,
          "FIPS 19795": 1,
          "FIPS180-4": 9
        },
        "ICAO": {
          "ICAO": 10
        },
        "ISO": {
          "ISO/IEC 14443": 4,
          "ISO/IEC 7816": 2
        },
        "PKCS": {
          "PKCS#3": 2
        },
        "RFC": {
          "RFC3369": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 25
          }
        },
        "DES": {
          "3DES": {
            "3DES": 6,
            "TDES": 2,
            "Triple-DES": 4
          },
          "DES": {
            "DES": 4
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 7,
            "KMAC": 5
          }
        }
      },
      "technical_report_id": {
        "BSI": {
          "BSI TR-03110": 2,
          "BSI TR-03116": 1
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "GD": {
          "G+D": 2,
          "Giesecke+Devrient": 6
        },
        "Infineon": {
          "Infineon": 3,
          "Infineon Technologies": 1,
          "Infineon Technologies AG": 1
        },
        "NXP": {
          "NXP Semiconductors": 1
        }
      },
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "uta",
      "/Keywords": "Version, 1.7/Status, 26.04.2024",
      "/Subject": "STARCOS 3.7 ID ePA C2, STARCOS 3.7 ID eAT C2, STARCOS 3.7 ID ePass C2",
      "/Title": "Security Target Lite",
      "pdf_file_size_bytes": 1673991,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 182
    }
  },
  "protection_profiles": {
    "_type": "Set",
    "elements": [
      {
        "_type": "sec_certs.sample.protection_profile.ProtectionProfile",
        "pp_eal": "EAL4+",
        "pp_ids": {
          "_type": "Set",
          "elements": [
            "MR.ED-PP_V2.2"
          ]
        },
        "pp_link": "https://www.commoncriteriaportal.org/files/ppfiles/pp0087V2b_pdf.pdf",
        "pp_name": "Machine-Readable Electronic Documents based on BSI TR-03110 for Official Use"
      },
      {
        "_type": "sec_certs.sample.protection_profile.ProtectionProfile",
        "pp_eal": null,
        "pp_ids": null,
        "pp_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0090b_pdf.pdf",
        "pp_name": "Common Criteria PP Configuration Machine Readable Electronic Documents - Optionales Nachladen (O..."
      }
    ]
  },
  "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1077V2a_pdf.pdf",
  "scheme": "DE",
  "security_level": {
    "_type": "Set",
    "elements": [
      "AVA_VAN.5",
      "ATE_DPT.2",
      "EAL4+",
      "ALC_DVS.2"
    ]
  },
  "st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1077V2b_pdf.pdf",
  "state": {
    "_type": "sec_certs.sample.cc.CCCertificate.InternalState",
    "cert": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "7efd5772e248fe0a3a78b7ae9d8b17a6c6ec77cd4e73acd6992da2e889c19da2",
      "txt_hash": "57ed53e812b422749fe1598e6e0c5d92642dfbab10ee348cd0a890d10559c368"
    },
    "report": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "6e4766ae1099a41424156e555e56e8a03d5bc160711cc399c9832bbc1f9ce786",
      "txt_hash": "0a604f3263edd1d17ba6653fea9b0e6d7513905f57f5d930de29163a7e164f1b"
    },
    "st": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "2bbf1c83922098b4b284c5900771fed9b0cb071eea63a504cfbaa9f5a6a5782e",
      "txt_hash": "ffa94cb2127d0be576dd3935b57d734633ef49e70b9fc268336379cf07bd38a9"
    }
  },
  "status": "active"
}