©NUVOTON TECHNOLOGY CORP. – NON-PROPRIETARY SECURITY POLICY – MAY BE RE-DISTRIBUTED FREELY IN ITS COMPLETE, UNEDITED FORM
NPCT6XX TPM 1.2
FIPS 140-2 SECURITY POLICY
DOCUMENT VERSION: 4.5
LAST REVISION: JANUARY 25, 2018
NUVOTON
TECHNOLOGY
CORPORATION
8 HASADNAOT STREET
HERZLIA, 46130
ISRAEL
NUVOTON TPM 1.2 SECURITY POLICY PAGE 2 OF 23
CONTENTS
1. Module Description........................................................................................... 4
2. Cryptographic Functions ................................................................................. 9
3. Ports and Interfaces.........................................................................................11
4 Roles and Services.............................................................................................13
5. Key Management .............................................................................................16
6. Power-On Self Tests .......................................................................................19
7. Conditional Self-Tests.....................................................................................20
8. Crypto Officer Guidance.................................................................................21
9. User Guidance...................................................................................................21
10. Acronyms.........................................................................................................22
NUVOTON TPM 1.2 SECURITY POLICY PAGE 3 OF 23
LIST OF TABLES AND FIGURES
Figure 1: TPM 1.2 Images................................................................................... 5
Figure 2: TPM 1.2 Logical Block Diagram ..................................................... 7
Table 1: Security Levels........................................................................................ 8
Table 2: Cryptographic Functions...................................................................... 9
Table 3: Ports and Interfaces.............................................................................11
Table 4: Roles........................................................................................................13
Table 5: Services...................................................................................................14
Table 6: Cryptographic Keys.............................................................................16
Table 7: Self-tests .................................................................................................19
NUVOTON TPM 1.2 SECURITY POLICY PAGE 4 OF 23
1. MODULE DESCRIPTION
The Nuvoton Trusted Platform Module (“MODULE”) is a hardware
cryptographic module that implements advanced cryptographic
algorithms, including symmetric and asymmetric cryptography; as well
as key import and random number generation.
The Module is a SINGLE CHIP MODULE that provides cryptographic
services utilized by external applications. The Module meets the
requirements of FIPS Pub 140-2.
The module meets the commercial-grade specifications for power,
temperature, reliability, shock, and vibrations.
The FIPS 140-2 conformance testing was performed on two platforms
specified below
NUVOTON NPCT6XX TPM 1.2
FIRMWARE VERSIONS: 5.81.0.0, 5.81.1.0, 5.81.2.1
HARDWARE VERSION 1: FB5C85D IN TSSOP28 PACKAGE
HARDWARE VERSION 2: FB5C85D IN QFN32 PACKAGE
HARDWARE VERSION 3: FB5C85E IN TSSOP28 PACKAGE
HARDWARE VERSION 4: FB5C85E IN QFN32 PACKAGE
Images depicting the Module are provided on the next page.
NUVOTON TPM 1.2 SECURITY POLICY PAGE 5 OF 23
FIGURE 1: TPM 1.2 IMAGES
FB5C85D IN TSSOP28 PACKAGE
FB5C85D IN QFN32 PACKAGE
NUVOTON TPM 1.2 SECURITY POLICY PAGE 6 OF 23
FB5C85E IN TSSOP28 PACKAGE
FB5C85E IN QFN32 PACKAGE
The PHYSICAL CRYPTOGRAPHIC BOUNDARY of the Module is the outer
boundary of the chip packaging.
A LOGICAL DIAGRAM of the Module is provided on the next page.
NUVOTON TPM 1.2 SECURITY POLICY PAGE 7 OF 23
FIGURE 2: TPM 1.2 LOGICAL BLOCK DIAGRAM
The Module was tested to meet OVERALL SECURITY LEVEL 1 of the FIPS
PUB 140-2 standard. The Security Level as per each section of FIPS
PUB 140-2 is specified in the table on the next page.
RNG POWER
MANAGEMENT
NON-VOLATILE
DATA
PROCESSOR
CRYPTO
ACCELE-
RATOR
CODE
GPIO
PERIPHE-
RALS
VOLATILE
DATA
HOST
INTERFACE
(TIS
EMULATION)
LPC/I2
C/
SPI BUS
GPI0
NUVOTON TPM 1.2 SECURITY POLICY PAGE 8 OF 23
TABLE 1: SECURITY LEVELS
FIPS 140-2 SECTION SECURITY LEVEL
CRYPTOGRAPHIC MODULE SPECIFICATION 1
CRYPTOGRAPHIC MODULE PORTS AND
INTERFACES
1
ROLES, SERVICES AND AUTHENTICATION 1
FINITE STATE MODEL 1
PHYSICAL SECURITY 1
OPERATING ENVIRONMENT N/A
CRYPTOGRAPHIC KEY MANAGEMENT 1
EMI/EMC 1
SELF-TESTS 1
DESIGN ASSURANCE 1
MITIGATION OF OTHER ATTACKS N/A
NUVOTON TPM 1.2 SECURITY POLICY PAGE 9 OF 23
2. CRYPTOGRAPHIC FUNCTIONS
The cryptographic functions of the Module are outlined in the table
below.
TABLE 2: CRYPTOGRAPHIC FUNCTIONS
FUNCTION
KEYSIZE
USE
CERT
NUMBER
APPROVED FUNCTIONS
AES ENCRYPT
MODES: ECB, CTR
128 BITS ENCRYPTION 3093
3468
RSA VERIFY 1024 &
2048 BITS
DIGITAL
SIGNATURE
VERIFICATION
1582
1779
HMAC KEYED HASH
HMAC-SHA-1
160 BITS KEYED
MESSAGE
DIGEST
1938
2213
SHS HASH N/A MESSAGE
DIGEST
2554
2863
APPROVED SERVICES
CVL
SP 800-135 REV1
N/A TPM KEY
DERIVATION
373
535
NUVOTON TPM 1.2 SECURITY POLICY PAGE 10 OF 23
ALLOWED FOR USE FUNCTIONS
RSA KEY WRAPPING 2048 BITS WRAP &
UNWRAP
SYMMETRIC
KEYS
N/A
HARDWARE-BASED NON-
APPROVED NON-
DETERMINISTIC RNG
(ENTROPY SOURCE).
N/A GENERATE
SEED & THE
SEED KEY FOR
THE RNG
N/A
In the Approved mode of operation the Module supports key size of 2048
bits for RSA key wrapping, which corresponds to an effective key
strength of 112 bits.
The module supports key wrapping using the AES algorithm. AES key
wrapping functionality is compliant with the SP 800-38F
Recommendation for Block Cipher Modes of Operation: Methods for Key
Wrapping, since it uses an Approved symmetric encryption algorithm
(AES #3093 and #3468) with an Approved authentication technique
(HMAC #1938 and #2213). This is designated as KTS (AES Certs.
#3093 and #3468 and HMAC Certs. #1938 and #2213) on the
certificate.
Note: no TPM protocol has been used or tested by the CAVP and
CMVP.
2.1 Non-Approved, Non-Allowed Functions
The Module supports signature generation using RSA-SHA-1, which is
used in the TPM IDENTITY service. This function is Non-Approved
and is considered equivalent to plaintext or obfuscation. The module also
supports a disallowed FIPS 186-2 RNG.
NUVOTON TPM 1.2 SECURITY POLICY PAGE 11 OF 23
3. PORTS AND INTERFACES
The physical ports of the Module are
- LPC Bus
- SPI Bus
- I2C Bus
- GPIO Bus
The logical interfaces and the mapping of the logical interfaces to the
physical ports of the Module are described in the table below.
TABLE 3: PORTS AND INTERFACES
LOGICAL
INTERFACE
DESCRIPTION PHYSICAL
PORTS
CONTROL INPUT
INTERFACE
CONTROL INPUT COMMANDS
ISSUED TO THE CHIP
LPC BUS
SPI BUS
I2C BUS
GPIO BUS
STATUS OUTPUT
INTERFACE
STATUS DATA OUTPUT BY THE
CHIP
LPC BUS
SPI BUS
I2C BUS
GPIO BUS
DATA INPUT
INTERFACE
DATA PROVIDED TO THE CHIP
AS PART OF THE DATA
PROCESSING COMMANDS
LPC BUS
SPI BUS
I2C BUS
GPIO BUS
DATA OUTPUT
INTERFACE
DATA OUTPUT BY THE CHIP A
PART OF THE DATA
PROCESSING COMMANDS
LPC BUS
SPI BUS
I2C BUS
GPIO BUS
NUVOTON TPM 1.2 SECURITY POLICY PAGE 12 OF 23
POWER
INTERFACE
POWER INTERFACE OF THE
CHIP
POWER PIN
GROUND PIN
The Module does not include a maintenance interface.
NUVOTON TPM 1.2 SECURITY POLICY PAGE 13 OF 23
4 ROLES AND SERVICES
The OPERATOR ROLES implemented by the module are summarized in the
table below.
TABLE 4: ROLES
ROLE HIGH LEVEL DESCRIPTION
CRYPTO OFFICER INSTALLS AND CONFIGURES THE PRODUCT AND
MANAGES USERS
USER EXECUTES CRYPTO ALGORITHMS AND ESTABLISHES
KEYS
The Module provides a set of SERVICES described in the table on the next
page. For each service the table includes a description of the service, as
well as lists roles in which the service is available.
NUVOTON TPM 1.2 SECURITY POLICY PAGE 14 OF 23
TABLE 5: SERVICES
SERVICE DESCRIPTION ROLE
GET STATUS THE MODULE IMPLEMENTS A GET STATUS
COMMAND THAT RETURNS THE STATUS OF THE
MODULE, INCLUDING SUCCESS OR FAILURE OF
SELF-TESTS.
CRYPTO OFFICER
RUN SELF-TESTS THE MODULE RUNS POWER-UP SELF-TESTS
AUTOMATICALLY WHEN POWERED ON.
ONE CAN EXECUTE SELF-TESTS ON DEMAND BY
POWER-CYCLING THE MODULE.
CRYPTO OFFICER
ENCRYPT USED TO ENCRYPT DATA USER
ZEROIZE USED TO ZEROIZE (IRREVERSIBLY DESTROY)
MODULE'S CRYPTOGRAPHIC KEYS AND CSPS.
THE KEYS AND CSPS STORED IN THE NON-
VOLATILE AND VOLATILE MEMORY ARE ZEROIZED
BY EXECUTING THE CORRESPONDING KEY/ENTITY
ZEROIZATION COMMANDS:
- TPM_FLUSHSPECIFIC
- TPM_OWNERCLEAR
CRYPTO OFFICER
MAC &
MAC VERIFY
USED TO CALCULATE AND VERIFY MAC FOR DATA USER
RSA VERIFY USED TO VERIFY DATA USING RSA USER
RSA WRAP & UNWRAP USED TO WRAP & UNWRAP CRYPTOGRAPHIC
KEYS USING RSA
USER
KEY IMPORT USED TO IMPORT KEYS USER
NUVOTON TPM 1.2 SECURITY POLICY PAGE 15 OF 23
TPM IDENTITY USED TO
AUTHENTICATE TPM IDENTITY TO OTHER PARTIES
USER
TPM ENDORSEMENT USED TO PROVE TO OTHER PARTIES THAT TPM IS
A GENUINE TPM
USER
UNBINDING USED TO UNBIND SYMMETRIC KEYS USING RSA
PRIVATE BINDING KEY
USER
TPM GET RANDOM USED TO GENERATE RANDOM DATA USER
TPM STIR RANDOM USED TO ADD ENTROPY TO THE RANDOM BIT
GENERATOR
USER
INSTALL MODULE INSTALLS MODULE CRYPTO OFFICER
FIRMWARE UPDATE UPDATES MODULE’S FIRMWARE CRYPTO OFFICER
NUVOTON TPM 1.2 SECURITY POLICY PAGE 16 OF 23
5. KEY MANAGEMENT
The table below specifies each cryptographic key utilized by the Module.
For each key the table provides a description of its use, derivation or
import, and storage.
NOTE: READ is defined as read access; WRITE is defined as write access.
TABLE 6: CRYPTOGRAPHIC KEYS
KEY OR CSP USAGE SERVICE &
ACCESS
ORIGIN &
STORAGE
AES
SYMMETRIC
ENCRYPTION
KEYS
USED TO ENCRYPT
DATA
ENCRYPT
READ
KEY WRAPPING
/UNWRAPPING
WRITE
KEY IMPORT
WRITE
ZEROIZE
WRITE
IMPORTED BY THE
MODULE, STORED IN
OTP OR IN NON-
VOLATILE FLASH IN
PLAINTEXT
RSA PUBLIC
VERIFICATION
KEYS
USED TO VERIFY
SIGNATURES ON
DATA
RSA VERIFY
READ
ZEROIZE
WRITE
KEY WRAPPING
/UNWRAPPING
WRITE
KEY IMPORT
WRITE
IMPORTED BY THE
MODULE, STORED IN
VOLATILE RAM OR IN
NON-VOLATILE FLASH
IN PLAINTEXT
NUVOTON TPM 1.2 SECURITY POLICY PAGE 17 OF 23
RSA PUBLIC
STORAGE KEYS
USED TO WRAP
SYMMETRIC KEYS
RSA
WRAP/UNWRAP
READ
KEY IMPORT
WRITE
ZEROIZE
WRITE
IMPORTED BY THE
MODULE, STORED IN
VOLATILE RAM OR IN
NON-VOLATILE FLASH
IN PLAINTEXT
RSA PRIVATE
STORAGE KEYS
USED TO UNWRAP
SYMMETRIC KEYS
RSA
WRAP/UNWRAP
READ
KEY IMPORT
WRITE
ZEROIZE
WRITE
IMPORTED BY THE
MODULE, STORED IN
VOLATILE RAM OR IN
NON-VOLATILE FLASH
IN PLAINTEXT
IDENTITY KEYS AUTHENTICATION
TOKENS USED TO
TPM IDENTITY TO
OTHER PARTIES
TPM IDENTITY
READ
KEY IMPORT
WRITE
ZEROIZE
WRITE
IMPORTED BY THE
MODULE, STORED IN
VOLATILE RAM OR IN
NON-VOLATILE FLASH
IN PLAINTEXT
RSA PRIVATE
BINDING KEYS
USED TO UNBIND
(UNWRAP) A KEY
BOUND BY AN
EXTERNAL ENTITY
DATA BINDING
READ
ZEROIZE
WRITE
IMPORTED BY THE
MODULE, STORED IN
VOLATILE RAM OR IN
NON-VOLATILE FLASH
IN PLAINTEXT
NUVOTON TPM 1.2 SECURITY POLICY PAGE 18 OF 23
HMAC KEYS USED TO
CALCULATE AND
VERIFY MAC
CODES FOR DATA
MAC/MAC
VERIFY
READ
KEY GEN
READ
KEY IMPORT
WRITE
ZEROIZE
WRITE
IMPORTED BY THE
MODULE, STORED IN
VOLATILE RAM OR IN
NON-VOLATILE FLASH
IN PLAINTEXT
ENDORSEMENT
KEY
AUTHENTICATION
TOKEN USED TO
PROVE TO THE
EXTERNAL PARTIES
THAT TPM IS A
GENUINE TPM
TPM
ENDORSEMENT
READ
INSTALLED AT THE
FACTORY
FIRMWARE
UPDATE KEY
USED TO VERIFY
SIGNATURE ON
FIRMWARE
UPDATES
FIRMWARE
UPDATE
READ
INSTALLED AT THE
FACTORY
The key zeroization service is executed by running the following two
commands in sequence:
 TPM_FlushSpecific
 TPM_OwnerClear
All keys and CSPs that are subject to the key zeroization requirements of
FIPS 140-2 are zeroized by executing the key zeroization service.
The module implements power-up cryptographic algorithm tests that are
described in the table below.
NUVOTON TPM 1.2 SECURITY POLICY PAGE 19 OF 23
6. POWER-ON SELF TESTS
The Module implements a power-up integrity check using a 128-bit error
detection code.
The module implements power-up cryptographic algorithm tests that are
described in the table below.
TABLE 7: SELF-TESTS
CRYPTO FUNCTION TEST TYPE
AES CTR ENCRYPT KNOWN ANSWER TEST
(ENCRYPT)
RSA VERIFY KNOWN ANSWER TEST (VERIFY)
HMAC KEYED HASH KNOWN ANSWER TEST
(KEYED HASH)
SHS HASH KNOWN ANSWER TEST (HASH)
RNG RANDOM NUMBER
GENERATION
KNOWN ANSWER TEST (GENERATE
RANDOM BLOCK)
NUVOTON TPM 1.2 SECURITY POLICY PAGE 20 OF 23
7. CONDITIONAL SELF-TESTS
The Module executes a continuous RNG test on each execution of the
FIPS 186-2 RNG.
The Module executes a continuous RNG test on each execution of the
hardware-based Non-Approved Non-Deterministic RNG (entropy
source).
The Module executes a conditional pair-wise consistency check for RSA
public-private key pairs each time an RSA key pair is generated using
FIPS 186-4 key pair generation algorithm.
The module executes the firmware update test during the firmware
update. The digital signature is verified on the firmware image using an
RSA (SHA-256) algorithm utilizing a 2048-bit firmware update key.
If any of the conditional or power-on self-tests fail, the Module enters an
error state where both data output and cryptographic services are
disabled.
NUVOTON TPM 1.2 SECURITY POLICY PAGE 21 OF 23
8. CRYPTO OFFICER GUIDANCE
To install the Module in the Approved Mode of operation, the following
steps must be followed:
- The Module must be physically controlled during the installation
- The Module must be placed on the PCB as described in the Module
technical specifications
- The module normally would come from the manufacturer pre-
configured with TpmInit script already executed. If the
initialization sequence has not been executed by the manufacturer,
the Crypto Officer shall initialize the module as described in
Nuvoton “NPCT6xx Initialization and Configuration” document.
This includes running the TpmInit script with the -fips flag.
9. USER GUIDANCE
The user shall not generate keys using the disallowed RNG but shall
instead use the Key Import service.
The user shall take security measures to protect tokens used to
authenticate the user to the Module.
NOTE: Authentication is not covered by the FIPS 140-2 Level 1
requirements.
NUVOTON TPM 1.2 SECURITY POLICY PAGE 22 OF 23
10. ACRONYMS
AES Advanced Encryption Algorithm
CPU Central Processing Unit
EMC Electro Magnetic Compatibility
EMI Electro Magnetic Interference
FIPS Federal Information Processing Standard
GPIO General Purpose Input Output bus
HMAC Hash-based Message Authentication Code
I2C Inter-integrated circuit bus
LPC Low Pin Count bus
OTP One Time Programmable Memory
PCB Printed Circuit Board
RAM Random Access Memory
RNG Random Number Generator
RSA Rivest-Shamir-Adleman
SHS Secure Hash Standard
SP Special Publication
SPI Serial Peripheral Interface bus
TCG Trusted Computing Group
TIS TPM Interface Specification
TPM Trusted Platform Module
Nuvoton provides comprehensive service and support.
For product information and technical assistance, contact the nearest Nuvoton center.
Headquarters
No. 4, Creation Rd. 3
Science-Based Industrial Park
Hsinchu, Taiwan, R.O.C
TEL: 886-3-5770066
FAX: 886-3-5665577
http://www.nuvoton.com.tw (Chinese)
http://www.nuvoton.com English)
Nuvoton Technology Corporation America
2727 North First Street
San Jose, CA 95134, U.S.A.
TEL: 1-408-544-1718
FAX: 1-408-544-1787
Nuvoton Technology (Shanghai) Ltd.
27F, 2299 Yan An W. Rd.
Shanghai, 200336 China
TEL: 86-21-62365999
FAX: 86-21-62365998
Taipei Office
1F, No.192, Jingye 1st Rd.
Zhongshan District
Taiwan City 104, Taiwan, R.O.C.
TEL: 886-2-2658-8066
FAX: 886-2-8751-3579
Winbond Electronics Corporation Japan
NO. 2 Ueno-Bldg., 7-18, 3-chome
Shinyokohama Kohoku-ku
Yokohama, 222-0033
TEL: 81-45-4781881
FAX: 81-45-4781800
Nuvoton Technology (H.K.) Ltd.
Unit 9-15, 22F, Millennium City 2,
378 Kwun Tong Rd.
Kowloon, Hong Kong
TEL: 852-27513100
FAX: 852-27552064
For Advanced PC Product Line information contact: APC.Support@nuvoton.com
© 2018 Nuvoton Israel Ltd.. All rights reserved
www.nuvoton.com