This page was not yet optimized for use on mobile
devices.
ID-One PIV on Cosmo V8.1 - SPE Configurations
Certificate #3039
Webpage information
Security policy
Symmetric Algorithms
AES, TDEA, 3DES, HMAC, CMACAsymmetric Algorithms
RSA 2048, RSA 4096, ECDSA, ECC, DHHash functions
SHA1, SHA384Schemes
MAC, Key AgreementRandomness
DRBG, RNGBlock cipher modes
ECB, CBC, CTRJavaCard versions
Java Card 3.0.4Vendor
Oberthur Technologies, OberthurSecurity level
Level 3Side-channel analysis
Side‐channel, DPA, SPA, DFAStandards
FIPS113, FIPS197, FIPS 202, FIPS 197, FIPS 186, PKCS#1, PKCS #1, AIS 31, ISO/IEC 24787: 2010File metadata
| Title | Microsoft Word - 608g - ID-One PIV on Cosmo V8.1 SPESPE-EP Security Policy Level 3 20171003_Updated for PIV 2.4.1.docx |
|---|---|
| Author | lgarcia |
| Creation date | D:20171018162425-07'00' |
| Modification date | D:20171018162425-07'00' |
| Pages | 19 |
| Creator | PScript5.dll Version 5.2.2 |
| Producer | Acrobat Distiller 11.0 (Windows) |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3039,
"dgst": "508d030c81626ebe",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES#4108",
"ECDSA#933",
"CVL#953",
"KTS#4109",
"Triple-DES#2245",
"HMAC#2683",
"SHS#3380",
"CVL#921",
"SHS#3379",
"CVL#954",
"SHA-3#6",
"KBKDF#106",
"KAS#48",
"AES#4107",
"RSA#2252",
"DRBG#1234",
"AES#4109",
"RSA#2253"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"2.4.1",
"8.1",
"2.4.0"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 21
},
"ECDSA": {
"ECDSA": 3
}
},
"FF": {
"DH": {
"DH": 1
}
},
"RSA": {
"RSA 2048": 5,
"RSA 4096": 2
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 1
},
"CTR": {
"CTR": 1
},
"ECB": {
"ECB": 2
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {
"KA": {
"Key Agreement": 1
},
"MAC": {
"MAC": 5
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 1,
"#4108": 1,
"#48": 1
}
},
"fips_certlike": {
"Certlike": {
"AES 128 192 256": 1,
"AES CMAC 128": 1,
"AES/CMAC 128": 1,
"HMAC SHA1": 1,
"PKCS #1": 2,
"PKCS#1": 2,
"RSA 2048": 5,
"RSA 4096": 2,
"SHA1": 1,
"SHA384": 1
}
},
"fips_security_level": {
"Level": {
"Level 3": 3
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA1": 1
},
"SHA2": {
"SHA384": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {
"JavaCard": {
"Java Card 3.0.4": 3
}
},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 8
},
"RNG": {
"RNG": 7
}
},
"side_channel_analysis": {
"FI": {
"DFA": 1
},
"SCA": {
"DPA": 1,
"SPA": 1,
"Side\u2010channel": 1
}
},
"standard_id": {
"BSI": {
"AIS 31": 2
},
"FIPS": {
"FIPS 186": 1,
"FIPS 197": 1,
"FIPS 202": 2,
"FIPS113": 1,
"FIPS197": 1
},
"ISO": {
"ISO/IEC 24787: 2010": 1
},
"PKCS": {
"PKCS #1": 1,
"PKCS#1": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 19
}
},
"DES": {
"3DES": {
"3DES": 1,
"TDEA": 1
}
},
"constructions": {
"MAC": {
"CMAC": 7,
"HMAC": 4
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Oberthur": {
"Oberthur": 2,
"Oberthur Technologies": 21
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "lgarcia",
"/CreationDate": "D:20171018162425-07\u002700\u0027",
"/Creator": "PScript5.dll Version 5.2.2",
"/ModDate": "D:20171018162425-07\u002700\u0027",
"/Producer": "Acrobat Distiller 11.0 (Windows)",
"/Title": "Microsoft Word - 608g - ID-One PIV on Cosmo V8.1 SPESPE-EP Security Policy Level 3 20171003_Updated for PIV 2.4.1.docx",
"pdf_file_size_bytes": 430283,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 19
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "2360706e38db9e29bbc8086a484637d04d646f79a342e12dcdf4d9d6a534b00b",
"policy_txt_hash": "0ff5805a318d31d2005da83769c0ac9cd3eb6f12389f716ebb7caa0ac37d512d"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and initialized to Overall Level 3 per the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertOct2017.pdf",
"date_sunset": null,
"description": "ID-One PIV on Cosmo V8.1 is the next generation of Personal Identification and Verification cards, avalaible in multiple FIPS 140-2 validated configurations. The SPE configurations are extensions to the PIV/CIV configurations where the module enforces the encryption of the PIN when submitted to the module for card holder verification, regardless of the communication interface being used (contact \u0026 contactless). The EP (Enhanced Privacy) option added to the default SPE configuration prevents the leaking from the card of any traceable or PII over the contactless interface.",
"embodiment": "Single Chip",
"exceptions": [
"Physical Security: Level 4"
],
"fw_versions": "Firmware Extension: \u2018086294\u2019+\u2019086683\u2019 (ID-One PIV Applet Suite 2.4.0 on Cosmo V8.1 LARGE) [1], Firmware Extension: \u2018090191\u2019 (ID-One PIV 2.4.1 on Cosmo V8.1 LARGE) [2], Firmware Extension: \u2018086294\u2019+\u2019086693\u2019 (ID-One PIV Applet Suite 2.4.0 on Cosmo V8.1 STD) [3] and Firmware Extension: \u2018090211\u2019 (ID-One PIV 2.4.1 on Cosmo V8.1 STD) [4]",
"historical_reason": "SP 800-56Arev3 transition",
"hw_versions": "P/Ns \u201830-5F01\u2019 [1], \u201830-5F02\u2019 [2], \u002740-6001\u0027 [3] and \u002740-6002\u0027 [4]",
"level": 3,
"mentioned_certs": {},
"module_name": "ID-One PIV on Cosmo V8.1 - SPE Configurations",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2017-10-06",
"lab": "UL Verification Services, Inc.",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2017-11-09",
"lab": "UL Verification Services, Inc.",
"validation_type": "Update"
}
],
"vendor": "Oberthur Technologies",
"vendor_url": "http://www.oberthur.com"
}
}