SCM Security Policy
Page 1 of 11
May be reproduced only in its original entirety [without revision].
Copyright© 2006-2010 Kenwood Corporation
Copyright© 2011-2024 JVCKENWOOD Corporation
FIPS 140-2 Cryptographic Module Security Policy
Secure Cryptographic Module (SCM)
Document Version 3.1.3
FIPS 140-2 Non-Proprietary
JVCKENWOOD Corporation
SCM Security Policy
Page 2 of 11
May be reproduced only in its original entirety [without revision].
Copyright© 2006-2010 Kenwood Corporation
Copyright© 2011-2024 JVCKENWOOD Corporation
Revision History
Date Revision Author Description
2013/05/05 3.0.0 Tamaki Shimamura Ported from version 2.1.2_1.
This branch is developed for HW version 2.0.0, FW
version A3.0.0.
2013/12/06 3.0.1 Tamaki Shimamura Updated following onsite review and testing.
2014/01/24 3.0.2 Tamaki Shimamura Included FW version A3.0.1.
2014/03/08 3.0.3 Tamaki Shimamura Updated radio information.
2014/06/12 3.0.4 Tamaki Shimamura Removed FW version A3.0.0.
2014/09/09 3.0.5 Tamaki Shimamura Included FW version A3.0.2.
2015/4/1 3.0.6 Tamaki Shimamura Updated supported radios.
2015/5/30 3.0.7 Tamaki Shimamura Included FW version A3.0.3.
2017/04/11 3.0.8 Tamaki Shimamura Included HW version 2.1.0 and updated supported
radios.
2018/1/19 3.0.9 Tamaki Shimamura Included FW version A3.0.4.
2020/08/20 3.1.0 Tamaki Shimamura Updated vendor name and copyright date.
2020/11/16 3.1.1 Tamaki Shimamura Included HW version 2.2.0, and FW version A3.1.0.
2022/03/01 3.1.2 Tamaki Shimamura Updated information based on CMVP comments
2024/06/10 3.1.3 Tamaki Shimamura Updated email address and copyright date
SCM Security Policy
Page 3 of 11
May be reproduced only in its original entirety [without revision].
Copyright© 2006-2010 Kenwood Corporation
Copyright© 2011-2024 JVCKENWOOD Corporation
Table of Contents
1 Introduction ....................................................................................................................4
1.1 Hardware and Physical Cryptographic Boundary.........................................................................5
1.2 Logical Function............................................................................................................................6
1.3 Modes of Operation.....................................................................................................................6
2 Cryptographic Functionality.............................................................................................6
2.1 Critical Security Parameters.........................................................................................................7
3 Roles, Authentication and Services..................................................................................8
3.1 Assumption of Roles.....................................................................................................................8
3.2 Services.........................................................................................................................................8
4 Self-tests........................................................................................................................10
5 Operational Environment ..............................................................................................10
6 Mitigation of Other Attacks Policy.................................................................................10
7 Security Rules and Guidance..........................................................................................11
8 References and Definitions............................................................................................11
List of Tables
Table 1 – Security Level of Security Requirements.......................................................................................4
Table 2 – Ports and Interfaces ...................................................................................................................... 5
Table 3 – Approved and CAVP Validated Cryptographic Functions..............................................................7
Table 4 – Non-Approved but Allowed Cryptographic Functions ..................................................................7
Table 5 – Critical Security Parameters (CSPs) ...............................................................................................7
Table 6 – Services.......................................................................................................................................... 8
Table 7 – CSP Access Rights within Services .................................................................................................9
Table 8 – Power-Up Self-tests..................................................................................................................... 10
Table 9 – Conditional Self-tests ..................................................................................................................10
Table 10 – Mitigation of Other Attacks.......................................................................................................10
Table 11 – References................................................................................................................................. 11
Table 12 – Acronyms and Definitions .........................................................................................................11
List of Figures
Figure 1 – Physical Form of the SCM ............................................................................................................ 5
Figure 2 – SCM Block Diagram ...................................................................................................................... 6
SCM Security Policy
Page 4 of 11
May be reproduced only in its original entirety [without revision].
Copyright© 2006-2010 Kenwood Corporation
Copyright© 2011-2024 JVCKENWOOD Corporation
1 Introduction
The Secure Cryptographic Module (SCM) is a hardware cryptographic module developed by JVCKENWOOD
Corporation to provide FIPS 140-2 validated cryptographic security functionality for the radio series.
 TK-5XX0 series FM/P25 digital two way radios
 NX‐/NXR‐ series FM/P25/NEXEDGE digital radios
 VPxxx0 series FM/P25 digital two way radios
 VMxxx0 series FM/P25 digital two way radios
The SCM is a multi-chip embedded embodiment that meets FIPS 140-2 overall Level 1 requirements.
The validated module is identified as follows:
SCM part number: KWD-AE30
Hardware versions: 2.0.0, 2.1.0 and 2.2.0
Firmware versions A3.0.1, A3.0.2, A3.0.3, A3.0.4 and A3.1.0
Technical contact: fips140_JKC@jvckenwood.com
Sales contact: fips@us.jvckenwood.com
The FIPS 140-2 security levels for the Module are as follows:
Table 1 – Security Level of Security Requirements
Security Requirement Security Level
Cryptographic Module Specification 3
Cryptographic Module Ports and Interfaces 1
Roles, Services, and Authentication 1
Finite State Model 1
Physical Security 1
Operational Environment N/A
Cryptographic Key Management 1
EMI/EMC 3
Self-Tests 1
Design Assurance 3
Mitigation of Other Attacks 1
Overall 1
SCM Security Policy
Page 5 of 11
May be reproduced only in its original entirety [without revision].
Copyright© 2006-2010 Kenwood Corporation
Copyright© 2011-2024 JVCKENWOOD Corporation
1.1 Hardware and Physical Cryptographic Boundary
The SCM physical form is depicted in Figure 1, with the cryptographic boundary defined as the surfaces
and edges of the assembled SCM printed circuit board.
Figure 1 – Physical Form of the SCM
The Module relies on external hardware: the carrier boards of the TK-5XX0 and NX-/NXR- series radios for
system interaction, and on an external key loader device used in conjunction with the radio.
All physical ports are located on a single board-to-board connector J1.
Table 2 – Ports and Interfaces
Pin # Pin Name Description Logical Interface Type
1 GND Ground Power
2 GND Ground Power
3 /RESET Reset Control Input
4 TXD UART (key loader) data Status Output
5 SCK SPI shift clock Control Input
6 RXD UART (key loader) data Control Input, Data Input
7 /REQ Interrupt request Status Output
8 BUSY Busy indicator Status Output
9 TAMPER2 Tamper detection Control Input
10 NC No Connect N/A
11 TAMPER Tamper detection Control Input
12 Vcc +3.3V Power
13 MOSI SPI data Control Input, Data Input
14 BCLK Clock Control Input
15 /SS SPI slave enable Control Input
16 MISO SPI data Data Output, Status Output
SCM Security Policy
Page 6 of 11
May be reproduced only in its original entirety [without revision].
Copyright© 2006-2010 Kenwood Corporation
Copyright© 2011-2024 JVCKENWOOD Corporation
Pin # Pin Name Description Logical Interface Type
17 /WAKEUP Wakeup from sleep mode Control Input
18 /BFS Frame sync Control Input
19 GND Ground Power
20 GND Ground Power
1.2 Logical Function
Figure 2 depicts the SCM logical block diagram in an operational context. The SCM comprises a Processor
(DSP), non-volatile memory (NVM), clock, tamper detection circuit and a board to board connector.
Processor
(TI 55x DSP)
RAM
Tamper
detect
NVM
SCM
Radio
Radio
Control /
Management
Key
Loader
RF
RF
signalling
Figure 2 – SCM Block Diagram
1.3 Modes of Operation
The SCM cryptographic module employs both FIPS approved and non-FIPS approved modes of operation.
By initializing AES 256-bit encryption or decryption service, or using the AES-OTAR service with CBC-MAC
or CMAC to confirm the KMM’s integrity, the module enters an Approved mode of operation. Any
requests for DES or AES 128-bit encryption or decryption initialization service, or DES-OTAR service after
AES/AES-OTAR services will result in the module transitioning to a non-Approved mode of operation,
exiting the Approved mode of operation and setting the Cipher Status flag to “0”. Other than the use of
non-Approved algorithms as described below, there are no other differences in the functionality of the
Module between the Approved mode and the non-Approved mode.
An operator (via radio controller functions) is capable of confirming the Approved mode of operation by
calling the Show Status service and verifying the Cipher Status flag is set to “1”.
2 Cryptographic Functionality
The Module implements the FIPS Approved and Non-Approved but Allowed cryptographic functions listed
below.
SCM Security Policy
Page 7 of 11
May be reproduced only in its original entirety [without revision].
Copyright© 2006-2010 Kenwood Corporation
Copyright© 2011-2024 JVCKENWOOD Corporation
Table 3 – Approved and CAVP Validated Cryptographic Functions
Algorithm Description Cert #
AES [FIPS 197, SP 800-38A] Encryption and Decryption in ECB and OFB modes using
a 256-bit key.
2696
CMAC [SP 800-38B] [Project 25 TIA-102AACA-1] CMAC generation and verification
using a 256-bit key.
2696
SHA [FIPS 180-3] SHA-256 used for radio pairing. 2285
NOTE: There are algorithms, modes, and keys that have been CAVP tested but not used by the module.
Only the algorithms, modes/methods, and key lengths/curves/moduli shown in this table are used by the
module.
Table 4 – Non-Approved but Allowed Cryptographic Functions
Algorithm Description
AES MAC (OTAR) [ANSI/TIA-102.AACA-1] AES MAC (AES Cert. #2696, vendor affirmed, P25 AES OTAR).
Non-Approved Cryptographic Functions for use in non-FIPS mode only:
• AES 128 / ECB (for use in Link Layer Authentication)
• DES- MAC (used in P25 AES OTAR)
• DES (encryption, decryption)
• LFSR (used for IV generation)
2.1 Critical Security Parameters
All CSPs used by the Module are described in this section. All usage of these CSPs by the Module (including
all CSP lifecycle states) is described in the services detailed in Section 3.
Table 5 – Critical Security Parameters (CSPs)
CSP Description / Usage
EDK 256 bit AES key used for encryption and decryption.
FWI 256 bit AES key used for firmware load testing.
KMMI 256 bit AES key used for KMM integrity.
The module does not utilize public keys.
SCM Security Policy
Page 8 of 11
May be reproduced only in its original entirety [without revision].
Copyright© 2006-2010 Kenwood Corporation
Copyright© 2011-2024 JVCKENWOOD Corporation
3 Roles, Authentication and Services
3.1 Assumption of Roles
The cryptographic module supports both Cryptographic Officer (CO) and User roles, implicitly selected by
the operator from the services provided. The module does not support a maintenance role.
The CO role is responsible for management activities including installing the module to the radio, deletion
of keys, and checking status of the module. The User role has access to all crypto related functions
supported by the crypto module, including key entry.
3.2 Services
All services implemented by the Module are listed in the table(s) below. Each service description also
describes all usage of CSPs by the service.
Table 6 – Services
Service Description User CO
Calibrate Calibrate SCM timing. X
Firmware
Upgrade
Update validated firmware using AES CMAC verification. Loading
the Zeroization Image zeroizes all keys (including FWI).
X
Show status Report SCM status. X X
Self-test Perform self-tests. If any of the self-tests fail, an indicator showing
which self-test(s) have failed will be returned.
X X
Zeroize Zeroizes all CSPs except FWI and RAND. X
Secure
Communication
Encrypted communications using AES (Approved mode) or DES
(non-Approved mode).
X
OTAR Rekeying per P25 AES OTAR using AES CMAC or AES MAC (Approved
mode), or DES OTAR using DES MAC (non-Approved mode).
X
Key load Loads the EDK and KMMI AES-256 bit keys via a key loader. X
Sleep / Wake-up Enable or disable sleep mode (power consumption reduction). X
SCM Security Policy
Page 9 of 11
May be reproduced only in its original entirety [without revision].
Copyright© 2006-2010 Kenwood Corporation
Copyright© 2011-2024 JVCKENWOOD Corporation
Table 7 defines the relationship between access to CSPs and the different module services. The modes
of access shown in the table are defined as:
• -- = No access to the CSP.
• G = Generate: The SCM generates the CSP.
• R = Read: The SCM outputs the CSP.
• E = Execute: The SCM executes using the CSP.
• W = Write: The SCM writes the CSP.
• Z = Zeroize: The module zeroizes (destroys) the CSP.
Table 7 – CSP Access Rights within Services
Service
CSPs
EDK
FWI
KMMI
Calibrate -- -- --
Firmware Upgrade Z E, W, Z Z
Show status -- -- --
Self-test -- -- --
Zeroize Z -- Z
Secure Communication E -- --
OTAR W, Z -- E, W, Z
Key load W -- W
Sleep / Wake-up -- -- --
SCM Security Policy
Page 10 of 11
May be reproduced only in its original entirety [without revision].
Copyright© 2006-2010 Kenwood Corporation
Copyright© 2011-2024 JVCKENWOOD Corporation
4 Self-tests
Each time the SCM is powered up, it tests that the cryptographic algorithms still operate correctly and
that sensitive data have not been damaged. Power-up self–tests are available on demand by power cycling
the module, and are performed prior to any usage of SCM services.
On power-up or reset, the Module performs the self-tests described in Table 8 below. All KATs must be
completed successfully prior to any other use of cryptography by the Module. If one of the KATs fails, the
SCM enters an error state (returning “AA01” and a bit field indicating which self-test has failed) and only
the show-status function will be functional. By using the show-status function, the operator (Crypto
Officer and User) is capable of understanding which of the self-tests have failed.
Table 8 – Power-Up Self-tests
Test Target Description
Firmware Integrity 16-bit CRC performed over all code.
AES Separate encryption and decryption KATs with the following Mode/ Key Size
• ECB / 256
• OFB / 256
CMAC AES CMAC KAT using a 256-bit key
SHA SHA-256 KAT
Table 9 – Conditional Self-tests
Test Target Description
Firmware Load AES CMAC verification performed when firmware is loaded.
LSFR RNG Continuous Random Number Generator Test performed per AS09.42 when a
random value is requested from the LSFR (for use as an OFB IV).
5 Operational Environment
The Module is designated as a limited operational environment under the FIPS 140-2 definitions. The
Module includes a firmware load service to support necessary updates. New firmware versions within the
scope of this validation must be validated through the FIPS 140-2 CMVP. Any other firmware loaded into
this module is out of the scope of this validation and require a separate FIPS 140-2 validation.
6 Mitigation of Other Attacks Policy
The module has been designed to mitigate specific attacks as follows outside the scope of FIPS 140-2,
with no specific limitations on attack mitigation.
Table 10 – Mitigation of Other Attacks
Other Attacks Mitigation Mechanism
Active Tamper
The module will detect removal from the radio while power is provided, and
zeroize all EDKs and KMMIs.
Static Tamper
The module will detect removal from the radio while power is off and zeroize all
EDKs and KMMIs upon next boot.
SCM Security Policy
Page 11 of 11
May be reproduced only in its original entirety [without revision].
Copyright© 2006-2010 Kenwood Corporation
Copyright© 2011-2024 JVCKENWOOD Corporation
7 Security Rules and Guidance
The Module design corresponds to the Module security rules. This section documents the security rules
enforced by the cryptographic module to implement the security requirements of this FIPS 140-2 Level 1
module.
1. Physical security policy: all of the components within the module are production grade using
standard passivation techniques.
2. The SCM inhibits cryptographic operations in error states, and inhibits data output during self-tests,
zeroization, and error states.
3. Status information does not contain CSPs or sensitive data that if misused could lead to a
compromise of the module.
4. Keys are entered by authorized operators in plaintext form using a compatible key variable loader
(manual distribution, electronic entry) or in encrypted form via OTAR automated methods.
5. The SCM does not output any CSPs.
6. For the Approved mode of operation, the operator shall use AES for Secure Communications. DES
shall not be used in an Approved mode of operation.
7. An SCM is paired with a specific radio: upon detection of an invalid radio identifier, the SCM zeroizes
AES keys and AES-OTAR keys as described in Table 10.
8. SCM tamper event key zeroization behavior depends on the Infinite attribute flag: when the flag is
set, a tamper event zeroizes all AES keys and AES-OTAR keys; when not set, a tamper event zeroizes
keys stored in RAM.
8 References and Definitions
Table 11 – References
Abbreviation Full Specification Name
[FIPS140-2] National Institute of Standards and Technology, Security Requirements for
Cryptographic Modules, 25 May, 2001
[FIPS 140 DTR] National Institute of Standards and Technology, Derived Test Requirements for FIPS
PUB 140-2, Security Requirements for Cryptographic Modules. Draft, January 4, 2011
[FIPS PUB 197] National Institute of Standards and Technology, Advanced Encryption Standard
(AES), November 26, 2001
[FIPS PUB 46-3] National Institute of Standards and Technology, FIPS PUB 46-3, Data Encryption
Standard (DES), October 25, 1999
Table 12 – Acronyms and Definitions
Acronym Definition
AES Advanced Encryption Standard
DES Data Encryption Standard
ESN Electric Serial Number
KMM Key Management Message
LFSR Linear Feedback Shift Register
OTAR Over The Air-Rekeying
SHA-256 Secure Hash Algorithm with 256 bits of message digest.
SPI Serial Peripheral Interface