Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 1/23
Treasure Cryptographic Module
FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
Prepared by jtsec Beyond IT Security S.L.
Version: 1.14
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 2/23
Table of content
1 Introduction.................................................................................................................................................4
1.1 Overview............................................................................................................................................4
1.2 Document Organization....................................................................................................................4
2 Module Specification..................................................................................................................................5
2.1 Modes of Operation and Security Functions ..................................................................................5
2.2 Block Diagram....................................................................................................................................6
2.3 Critical Security Parameters.............................................................................................................7
2.4 Ports and Interfaces..........................................................................................................................8
3 Roles, Authentication and services............................................................................................................9
3.1 Roles and Authentication.................................................................................................................9
3.2 Services..............................................................................................................................................9
4 Physical Security........................................................................................................................................11
5 Operational Environment.........................................................................................................................12
5.1 Tested Configuration......................................................................................................................12
5.2 Operation Rules...............................................................................................................................12
6 Cryptographic Key Management .............................................................................................................13
6.1 Random Number Generation.........................................................................................................13
6.2 Key Generation................................................................................................................................13
6.3 Key Entry and Output .....................................................................................................................13
6.4 Key Storage......................................................................................................................................13
6.5 Key Zeroization................................................................................................................................13
7 Electromagnetic Interference/Electromagnetic Compatibility (EMI/EMC)..........................................14
8 Self-Tests....................................................................................................................................................15
8.1 Power-Up Self-Test.........................................................................................................................15
8.2 Conditional Self-Test.......................................................................................................................15
9 Mitigation of Other Attacks......................................................................................................................17
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 3/23
10 Design Assurance......................................................................................................................................18
10.1 Configuration Management...........................................................................................................18
10.2 Configuration Items Identification Method..................................................................................18
11 Crypto Officer and User Guidance...........................................................................................................19
11.1 Secure Distribution.........................................................................................................................19
11.2 Integrity and Confidentiality Assurance........................................................................................19
11.3 Installation Instructions and Initialization.....................................................................................19
11.4 Secure operation.............................................................................................................................22
12 Glosary and Abbreviations .......................................................................................................................23
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 4/23
1 INTRODUCTION
1.1 OVERVIEW
This document is the non-proprietary FIPS 140-2 Security Policy for the Treasure Cryptographic Module
(Software Version 1.5, Hardware Version: Intel Core i7-6600U). The Treasure Cryptographic Module will
alsobe referred to as“themodule”throughthedocument.ThisSecurityPolicyspecifiesthesecurityrules
under which the moduleshould operateto meet FIPS 140-2 level 1 requirements.
The moduleis classified by FIPS 140-2 as a software-hybrid, multi-chip standaloneembodiment module.
The software component of the module is library providing a C-language application programming
interface (API) for use by another application which statically links with it. The hardware component of
themoduleis CPU which supports AES-NI instruction set, which is invoked for AES operations performed
by themodule.
The FIPS 140-2 security levels for the moduleareas follow:
Security Requirements Security Level
Cryptographic ModuleSpecification 1
Cryptographic Module Ports and Interfaces 1
Roles, Services, and Authentication 1
FiniteStateModel 1
Physical Security 1
Operational Environment 1
Cryptographic Key Management 1
EMI/EMC 1
Self-Tests 1
Design Assurance 1
Mitigation of Other Attacks N/A
Table 1: Security Requirement
1.2 DOCUMENT ORGANIZATION
This security policy is onepart of the FIPS 140-2 submissionpackage. The submission packagecontains:
- Security policy: This document.
- Algorithm certificates:see Section “2.1 Modes of Operation and Security Functions”.
- Functionalspecificationanddesigndocumentation:SeeSections“2.2BlockDiagram”and “2.4Portsand
Interfaces” and thedocument “Treasure FIPS 140-2 Functional Specification-1.2.pdf”
- User guide: See Section “11 Crypto Officer and User Guidance”
- Finite statemodel: See thedocument “Treasure FIPS 140-2 FiniteStateModel-1.2.pdf”
- Configuration item list: Seethedocument “Treasure FIPS 140-2 Configuration Item List-1.12.pdf”
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 5/23
2 MODULE SPECIFICATION
The logical cryptographic boundaryof the moduleis the discreteblockof data and instructionsgenerated
from the Treasure object module source code; a single file named fipscanister.o. This object module
contains the FIPS enabled operations (AES, ECC, HMAC, RSA, cipher_common, digest, rand, and
cipher_key_tools) and the modified versionof theOpenSSL 2.0.16 sourcecode which has been compiled
to run in intel SGX environment and has been modified to support the algorithms provided by ADV
(Treasure Data Vault).
The module is to be run on a general-purpose computer that consists of multiple components, so the
physical cryptographic boundary is the general-purpose computer where the module is installed. This
includes thecentral processing unit(s), thecache, themain memory, disk drives, network interface cards
and peripherals.
2.1 MODES OF OPERATION AND SECURITY FUNCTIONS
The module can only be operated in a FIPS 140-2 Approved mode. The module supports the following
Approved security functions:
Algorithm Modes Certificate
[FIPS 186-4] RSA2 GenKey(ANSI X9.31, 2048/3072bits), SigGenPKCS1.5,
SigVerPKCS1.5 (2048/3072 and SHA-224 SHA-256, SHA-384,
SHA-512 sizesto signatureverification).
The module also supports GenKey,
SigGenPKCS1.5, SigVerPKCS1.5 (4096 bits) but
they have not been CAVP tested.
#C608
FIPS 186-2] RSA SigGenPKCS1.5 (4096and SHA-224SHA-256, SHA-384, SHA-
512 sizes to signaturegeneration).
#C608
[FIPS 197] AES 128/192/256-bit[SP 800-38C] CCM, [SP 800-38D] GCM, CBC,
CTR, OFB, ECB, CFB
#C608
[FIPS 186-4] ECDSA - GenKey: curves (P-224, P-256, P-384, P-521)
- PKV: curves (P-224, P-256, P-384, P-521)
- SigGen:(P-224[SHA-224, SHA-256, SHA-384, SHA-
512], P-256 [SHA-224, SHA-256, SHA-384, SHA-512],
P-384 [SHA-224, SHA-256, SHA-384, SHA-512], P-512
[SHA-224, SHA-256, SHA-384, SHA-512])
- SigVer: (P-224 [SHA-224, SHA-256, SHA-384, SHA-
512], P-256 [SHA-224, SHA-256, SHA-384, SHA-512],
P-384 [SHA-224, SHA-256, SHA-384, SHA-512], P-521
[SHA-224, SHA-256, SHA-384, SHA-512])
#C608
[FIPS 198] HMAC SHA-1, SHA-224, SHA-256, SHA-384, SHA-512 #C608
[FIPS 180-4] Digest SHA-1, SHA-224, SHA-256, SHA-384, SHA-512 #C608
[SP 800-90] DRBG Hash DRBG (SHA-1, SHA-224, SHA-256, SHA-384, SHA-512) #C608
[SP 800-133] CKG Resulting Symmetric keysand seeds used for asymmetric key
generation are an unmodified output from an Approved
DRBG.
Vendor
Affirmed
Table 2: Modes of operation and security functions
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 6/23
Algorithm Caveat Use
RSA Key Wrapping Provides between 112 and 150 bits of
encryption strength
Key Establishment
NDRNG1
Used to provideseed input
into themodule’s Approved
DRBG
Table 3: Non-Approved but Allowed Algorithm Implementations
There are no Non-Approved security functions supported by themodule, because the moduleis always
operating in FIPS Approved mode.
2.2 BLOCK DIAGRAM
The following block diagram depicts theinformation flows between the moduleand outsideequipment
through theinput/output interfaces defined in section 2.4 Ports and Interfaces.
Figure 1: Module block diagram
1
The module’s NDRNG produces an estimated 128bits of entropy
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 7/23
Figure 2: Picture of the Intel® Core™ i7-6600U Processor
2.3 CRITICAL SECURITY PARAMETERS
Critical Security Parameters (CSPs) encompass all symmetric keys and asymmetric private keys whose
disclosure or modification can compromise the security of the cryptographic module. The main
responsibility of theprotection of theCSPs relies on thehost hardwareand softwarewhich is outsideof
theboundary of this module using themethodology specified in section “6.4 Key Storage”.
The following table describes thedifferent types of CSPs used by themoduleand their description:
CSP Description
RSA SGK RSA (2048/3072/4096bits) signaturegeneration
key
RSA DK RSA (2048/3072/4096bits) decryption key
AES EDK AES (128/192/256bits) encrypt/decryptkey
HMAC Key HMAC (256/384/512/1024bits) key
EC SGK ECDSA (224/256/384/521bits) signature
generation key
Hash_DRBG CSPs V (440/888bits), C (440/888 bits), entropy input
and seed by default depending on theused SHA
size
Table 4: List of CSPs used by the module
The following tableshows a completelist of thepublic keys used by themodule:
Public key Description
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 8/23
RSA SVK RSA (2048/3072/4096bits) signatureverification
key
RSA EK RSA (2048/3072/4096bits) encryption key
EC SVK ECDSA (224/256/384/521bits) signature
verification key
Table 5: List of the public keys used by the module
2.4 PORTS AND INTERFACES
The physical ports of themodulearethesameas thegeneral-purposecomputer on which it is executing.
The moduleprovides a logical interface via a C-language application program interface(API). FIPS 140-2
interfaces are mapped to the module’s logical interfaceas follows:
FIPS-140-2
Interface
Physical Interface Logical Interface Description
Data input Network port, Serial
port, USB port,
SCSI/SATA Controller
Input parameters to API
calls
The module has one input
interface that is mapped
with the API input
parameters to all
cryptographic functions.
Data output Network port, Serial
port, USB port,
SCSI/SATA
Controller
Output parameters from
APO calls
The modulehas one output
interface that is mapped to
the API output parameters.
Control input Network port, Serial
port, USB port, Power
button
API Function calls Themodulehasonecontrol
input interface that is
mapped with all API
function calls.
Status output Network port, Serial
port, USB port,
Graphics controller
Returnvaluesfrom APIcalls The module has one status
output interface which is
mapped with all API status
output parameters and
return codes
Power Input General purpose
computer power
Not Applicable Not Applicable
Table 6: Module interfaces
The output data path is provided by the data interfaces and is logically disconnected from processes
performing key generation or zeroization. No key information is outputthrough thedata outputinterface
when the modulezeroizes keys.”
The control of the physical ports is outsidemodulescope. When themoduleis performing self-tests, or
is in an error state, all data output via thedata output interfaceis inhibited.
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 9/23
3 ROLES, AUTHENTICATION AND SERVICES
3.1 ROLES AND AUTHENTICATION
As it is required, themodule supports theUser and Crypto Officer roles. Only one rolecan be active at a
time as the module has been built to disablethreading (by using the compilation option “no-threads” in
buid_openssl_fips_module.sh). Therefore, themodule does not allow concurrent operators. In addition,
the cryptographic moduledoes not supportauthenticationmechanisms.
The following table describes each of the two operator roles support by the module. The roles are
implicitly assumed upon theinvocation of themoduleservices:
Role Authorized Services
User Alltheservices,related to themoduleloading and
callinganyof theAPIfunctions,except themodule
installation
Crypto Officer Secure installation of the Module on the host
computer system and calling of any API functions
Table 7: Users role and authorized services
3.2 SERVICES
After the crypto officer has performed the module installation, each user (User role and crypto officer
role) can usethe following services and Keys/CSPs depending its typeof access by using thespecified API
function:
Authorized
Services
Roles Description Keys and
CSPs
API function Access
Module
Initialization
CO Used to initialize
themodule.
N/A FIPS_module_mode_set() N/A
Self-test User, CO Used to perform
self-tests.
N/A FIPS_selftest() N/A
Generatekey User, CO Used to generate
symmetric and
asymmetric keys.
RSA SGK,
RSA DK,
AES EDK,
HMAC Key,
EC SGK,
RSA SVK,
RSA EK, EC
SVK
aes_keygen()
rsa_gen_keypair()
ec_gen_keypair()
hmac_keygen()
W
Encrypt User, CO Used to encrypt a
block of data with
RSA or AES.
RSA EK, AES
EDK
aes_encrypt()
aes _ecb_256_encrypt()
rsa_public_encrypt()
RX
Decrypt User, CO Used to decrypt a
block of data with
RSA or AES
RSA DK,
AES EDK
aes_decrypt()
aes _ecb_256_decrypt()
rsa_private_decrypt()
RX
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 10/23
Generate
MAC
User, CO Used to generate
HMAC
HMAC Key hmac_sign() RX
Generate
signature
User, CO Used to generate
RSA or EC
signatures.
RSA SGK,
EC SGK
rsa_sign()
ec_sign()
RX
Verify MAC User, CO Used to verify
HMAC
HMAC Key hmac_verify() RX
Verify
signature
User, CO Used to verify RSA
or EC signatures.
RSA SVK,
EC SVK
rsa_verify()
ec_verify()
RX
Digest User, CO Used to generate
a SHA-1 or SHA-2
message digest.
N/A get_digest() N/A
Random
number
generation
User, CO Used to generate
a random number
Hash_DRBG
CSPs
rgen() RWX
Zeroize User, CO Used to destroy all
CPSs.
All CSPs delete_object() W
Get status User, CO Used to get the
current status of
themodule
N/A FIPS_get_module_state() N/A
Table 8: Description of authorized services
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 11/23
4 PHYSICAL SECURITY
The module is a software-hybrid module that operates on a multi-chip standalone platform which
conforms to the Level 1 requirements for physical security. The hardware portion is entirely contained
within a hard plastic production-grade enclosure which corresponds to the laptop enclosure that
surrounds thecryptographic module.
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 12/23
5 OPERATIONAL ENVIRONMENT
The cryptographic module operates on Ubuntu 18.04 LTS 64-bit running on the Intel® Core™ i7-6600U
CPU @ 2.60GHz × 4 processor, hence themodule’s operational environment is modifiable. The operating
system segregates user processes into separateprocessspaces. Each process spaceis logically separated
fromall otherprocessesby theoperatingsystemsoftwareandhardware, preventingunauthorizedaccess
from other running processes. The Module functions entirely within the process space of the calling
application in a singlethread satisfying therequirement for a singleuser modeof operation.
5.1 TESTED CONFIGURATION
The following table shows the tested configuration that must be deployed in a Lenovo Thinkpad T460s
with thefollowing specifications:
Element Specifications
Laptop Model Lenovo Thinkpad T460s
CPU Intel® Core™ i7-6600U CPU @ 2.60GHz× 4
Memory 24GB DDR4
Storage SATA SSD(512 GB)
Table 9: Tested configuration to be deployed
5.2 OPERATION RULES
Once the application is loaded into memory, themodule is initialized to operatein FIPS modethat is its
only modeof operation complying with thefollowing rules:
1. The module is initialized in the FIPS mode of operation using the FIPS_module_mode_set()
function call.
2. The replacement or modification of themoduleby unauthorized users is prohibited.
3. The operating system enforces authenticationmethod(s) to prevent unauthorized access to the
Moduleservices.
4. Before performing any cryptographic operation, thesystem statusmust beset to READY which
means that thepower-up self-test has been successfully completed.
5. The output interface is inhibited if the module state is FIPS_STATE_POWER_ON,
FIPS_STATE_SELFTEST or FIPS_STATE_ERROR.
6. All Critical Security Parameters (CSP) are verified as correct and are securely generated, stored
and destroyed.
7. All host system components that can contains sensitive cryptographic data (main memory,
system bus and disk storage) must belocated in a secureenvironment.
8. The unauthorized reading, writing, or modification of the address space of the Module is
prohibited.
9. The operating system is the responsible for multitasking operations so that other processes
cannot access theaddress spaceof theprocess containing theModule.
10. The user shall not link multi-threaded applicationsto the ModuleAPI.
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 13/23
6 CRYPTOGRAPHIC KEY MANAGEMENT
6.1 RANDOM NUMBER GENERATION
The module uses an SP 800-90A compliant Hash_DRBG for the generation of random numbers. The
module also uses a NDRNG as the sourceof entropy for DRBG seeds.
To perform the random number generation, the modulecalls the RAND_bytes() function for symmetric
and asymmetric key generation.
6.2 KEY GENERATION
The module uses the DRBG defined in Section “6.1 Random Number Generation” for the creation of
random data, which is used to generate symmetric keys and seeds for RSA or ECDSA key pair generation.
The moduledoes not return intermediatekey generation values.
6.3 KEY ENTRY AND OUTPUT
The module does not support manual key entry or intermediate key generation output. The module
supports theentry of keys to it via API input parameters in plaintext form. The modulealso supports the
output of keys via API output parameters in plaintext form. Themoduledoes not enter or output keys in
plaintext format outsideof its physical boundary
6.4 KEY STORAGE
Public and private keys are provided to the module by the calling process, and are destroyed when
released by the appropriateAPI function calls. Themoduledoes not perform persistent storageof keys.
6.5 KEY ZEROIZATION
After using CSPs, symmetric keys and asymmetric keys, the memorywherethey are temporally stored is
automatically zeroized by calling the SAFE_FREE() function which replaces its contentwith 0s.
The calling application is responsiblefor calling the delete_object() zeroization function, which uses the
compare_header() to verify that the ID and type of the key matches properly before zeroizing it. The
zeroization function overwrite the memory occupied by keys with 0s and deallocates the memory with
theregular memory deallocation operating system call.
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 14/23
7 ELECTROMAGNETIC INTERFERENCE/ELECTROMAGNETIC COMPATIBILITY
(EMI/EMC)
The software runs in a platform that conforms to the EMI/EMC requirements specified by 47 Code of
Federal Regulations, Part 15, Subpart B, UnintentionalRadiators, Digital Devices, Class A.
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 15/23
8 SELF-TESTS
8.1 POWER-UP SELF-TEST
Themodulestartsperformingthepower-upself-testafterbeing loadedintomemoryandinitialized.Once
themodulestarts theperformanceof thepower-up self-tests, it changes states from the“No Operative”
stateto the “Test” state. The power-up self-tests arecomposed of an integrity test of thesoftwareusing
HMAC-SHA1 and the KAT (Known Answer Tests), which are a group of tests based on calculating a
cryptographic valueand comparing it with a stored previously determined answer. In thecase of ECDSA,
it is tested using a pair-wiseconsistency test.
To execute the power-up self-test, the module calls the FIPS_selftest() function which performs the
integrity test of the module and the KAT for each of the Approved algorithms detailed in the following
table:
Algorithm Description
Integrity test Software integrity test using HMAC-SHA-1. Theassociated function to thistest is
FIPS_check_incore_fingerprint().
AES Known answer test. Separate encryption and decryption test using a 128 bitskey
and ECB mode. The associated function to this test is FIPS_selftest_aes().
AES CCM Known answer test. Separate encryption and decryption test using a 192 bitskey.
The associated function to this test is FIPS_selftest_aes_ccm().
AES GCM Known answer test. Separate encryption and decryption test using a 256 bitskey.
The associated function to this test is FIPS_selftest_aes_gcm().
RSA Known answer test. By signing and verifying with 2048bits key and SHA-256. The
associated function to this test is FIPS_selftest_rsa().
ECDSA Pair-wiseconsistency test. By signing and verifying using a P-224curve with SHA-
512. Theassociated function to this test is FIPS_selftest_ecdsa().
HMAC Known answer test for HMAC-SHA-1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-
384 and HMAC-SHA-512. Theassociated function to this test is
FIPS_selftest_hmac().
SHA-1 Known answer test. Messagedigest using SHA-1. Theassociated function to thistest
is FIPS_selftest_sha1(). All other SHS implementations aretest as a part of the
HMAC KAT.
DRBG Known answer test. SP 800-90A HASH_DRBG:SHA-1, SHA-224, SHA-256, SHA-384
and SHA-512. Theassociated function to thistest is FIPS_selftest_drbg().
Table 10: Power-Up self-test description
Power-on self tests return 1 if all self tests succeed, and 0 if not. If a self-test fails, themoduleenters the
error stateand all data output is inhibited. During self-tests, cryptographic functions cannotbe
performed until thetests arecomplete. If a self-test fails, subsequent invocation of any cryptographic
function calls will fail. The only way to recover from a self-test failureis by power-cycling themodule.
8.2 CONDITIONAL SELF-TEST
The moduleperforms thefollowing conditional self-tests:
Algorithm Description
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 16/23
RSA Pairwise consistency test for both Sign/Verifyand Encrypt/Decrypt.
ECDSA Pairwiseconsistency test for Sign/Verify.
Hash_DRBG -Continuous random number generator test as specified by SP 800-90A.
- SP 800-90A DRBG Health Tests:Instantiate, Reseed, Generate, and Uninstantiate.
NDRNG Continuous Random Number Generation Test
Table 11: Conditional self-test description
In theevent of a DRBG self-test failurethe calling application mustuninstantiateand re-instantiatethe
DRBG per SP 800-90A requirements.
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 17/23
9 MITIGATION OF OTHER ATTACKS
The moduleis not designed to mitigate against attacks which areoutsideof the scopeof FIPS 140-2.
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 18/23
10 DESIGN ASSURANCE
10.1 CONFIGURATION MANAGEMENT
Configurationmanagementforthemodule’ssourcecodeis providedbytheGitsourcecodemanagement
system. Git provides configuration item version control, change control, flaw remediation tracking and
thetracking of sourcecoderevisions. Thesourcecodeis maintained in a privateGit repository withwrite
access restricted to authorized developers.
10.2 CONFIGURATION ITEMS IDENTIFICATION METHOD
Theinternalversioningofthesourcecodefilesis performedbyGit automaticallyandtheassignedversion
and revision are used internally to control the code development, so that it must not be confused with
the final released version of thecode that is assigned manually to each sourcefile to allow thecostumer
to identifytheversion.Theversionwillbe assignedwiththefollowingformat“Version: X.Y (Date)”, where
X is theversion number, Y is therevision number and Dateis therelease dateof themodule.
Regardingeach associatedmoduledocumentation,theyaremanuallyversionedbyappendingtheversion
and revision to their filenameas follow: Document-X.Y.
Each associated moduledocumentation fileis manually assigned a version number which is stated as part
of thefile name which uses the following naming convention:
- Naming: Name-X.Y, where Name is the unique name of the related document, and X.Y is the
version and revision of thedocument. Every new document is starts with version v1.0.
- Version Update: When the document is modified and this modification implies major changes,
then theX number is incremented. However, if changes and modifications implyminorchanges,
then the Y number is incremented.
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 19/23
11 CRYPTO OFFICER AND USER GUIDANCE
11.1 SECURE DISTRIBUTION
The Treasure Data Vault application, which themoduleis integrated in, is available for downloaded from
thevendorwebsiteover HTTPS.Ahash andsignatureof thedownloadareprovidedtoallow thecustomer
to verify theintegrity of theapplication beforeproceed with the secureinstallation and configuration.
11.2 INTEGRITY AND CONFIDENTIALITY ASSURANCE
Due to module being contained within the Treasure Data Vault Application, the only way to verify its
integrity is during thefirst run of theapplication.
As it is specified in the section below, during thebuild process of the HSMApp, thefipscanister signature
is stored in thefipscanister_digest.hex filewhich will beused to verify theintegrity of themodule.
To perform the validation, the crypto officer needs to use the incore utility to generate the signatureof
thefipscanisterinsidetheHSMEnclave.signed.sobyrunningthefollowingcommand beinginthe‘release’
directory:
./fips/incore -dso./lib/HSMEnclave.signed.so.
Once the crypto officer has obtained the signatureof the fipscanister insidethe HSMEnclave.signed.so,
he can compare it with the content of the fipscanister_digest.hex filegenerated during thebuild process:
Figure 3: Integrityverification of the module
11.3 INSTALLATION INSTRUCTIONS AND INITIALIZATION
This section details the steps that must be followed by the Crypto Officer to proceed with the secure
installation and initialization of themodule after checking that its version is 1.5.
As is detailed in section “2 Module Specification” the fipscanister.o is composed of FIPS enabled ciphers
and the OpenSSL source code which complies with the standard FIPS 140-2. The fipscanister.o is part of
the Treasure Data Vault library (HSMEnclave.signed.so).
The ADV application has some dependencies that must be installed prior to proceeding with the
application installation, this is because ADV is a security service that runs on Intel’s Software Guard
Extension (SGX) technology. Theneeded dependencies are listed below:
1. Intel SGX SDK for Linux (https://github.com/01org/linux-sgx)
2. Intel SGX driver for Linux (https://github.com/01org/linux-sgx-driver)
3. FIPS Enabled SGXSSL for Linux (OpenSSL 1.0.2q ported by Treasure for Intel SGX Environment)
4. Boost C++ Library (http://www.boost.org) used for logging, encoding/decoding, communication,
etc.
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 20/23
The following command and instruction must be used to proceed with the installation of the listed
dependencies:
SGX SDK and SGX driver installation:
Step 1: Configurethesystem with theSGX hardwareenabled option.
Step 2: Check if matching kernel headers areinstalled:
dpkg-query -s linux-headers-$(uname -r)
Step 3: Install matching headers:
sudo apt-get install linux-headers-$(uname -r)
Step 4: Build theIntel SGX driver by executing thefollowing command in thedriver path:
make
Step 5: Install theintel SGX driver with:
sudo mkdir -p "/lib/modules/"`uname -r`"/kernel/drivers/intel/sgx"
sudo cp isgx.ko "/lib/modules/"`uname -r`"/kernel/drivers/intel/sgx"
sudo sh -c "cat /etc/modules | grep -Fxq isgx || echo isgx >> /etc/modules"
sudo /sbin/depmod
sudo /sbin/modprobe isgx
Step 6: Install therequired tools to build theIntel(R) SGX SDK:
sudo apt-get install build-essential ocaml automake autoconf libtoolwget pythonlibssl-dev
sudo apt-get install libssl-devlibcurl4-openssl-devprotobuf-compiler libprotobuf-dev debhelper
Step 7: Download theprebuilt binaries by running thedownload_prebuilt.sh script:
./download_prebuilt.sh
Step 8: Build theIntel SGX SDK and SGX PSW:
make
Step 9: Build theIntel SGX SDK Installer
make sdk_install_pkg
Step 10: Build theIntel SGX PSW Installer
make deb_pkg
make deb_sgx_enclave_common_dev_pkg
Step 11: Install therequired tool to use Intel(R) SGX SDK:
sudo apt-get install build-essential python
Step 12: Install theIntel SGX SDK:
source ${sgx-sdk-install-path}/environment
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 21/23
cd linux/installer/bin
./sgx_linux_x64_sdk_${version}.bin
Step 13: Install the prerequisites for SGX PSW:
sudo apt-get install libssl-devlibcurl4-openssl-devlibprotobuf-dev
Step 14: Install theIntel SGX PSW:
cd linux/installer/deb
sudo dpkg -i ./libsgx-urts_${version}-${revision}_amd64.deb./libsgx-enclave-common_${version}-
${revision}_amd64.deb
Step 15: Download sourcecodefrom dynamic-application-loader-host-interfaceproject. In thesource
code folder, build and install theJHI serviceusing thefollowing commands
sudo apt-get install uuid-dev libxml2-devcmake pkg-configlibsystemd-devcmake .;make;sudomake
install;sudosystemctl enable jhi
FIPS Enabled SGXSSL for Linux:
Step 16: After installing the Intel SGX SDK, Intel PSW, Intel SGX driver and PERL. Download OpenSSL
packageinto openssl_source/directory. (tar.gz package, e.g. openssl-1.0.2q.tar.gz)
Step 17: cd to Linux/ directory and run thefollowing commands to install Intel SGXSSL libraries:
make all
sudo make install
Boost and C++ Library installation:
Step 18: Install thelibrary:
sudo apt-get install build-essential libboost-all-dev libc++-devlibcppunit-dev
After installing the dependencies, the module can be built and installed, however it’s important to
consider that themodulewill be compiled and installed internally during thebuilt and installation of the
HSMApp.
The HSMApp can be installed in three different modes: pre-release mode, debug mode or production
mode. When built in production mode, the signing material (hash of HSMEnclave) has been generated
using theIntel SGX tool (sgx_sign) to sign theenclave softwareand then the signatureis attached to the
HSMEnclave.sotogeneratetheHSMEnclave.signed.so (Thisprocesscanonlybeperformedbywhitelisted
signers as the vendor). In addition, this signing process is only necessary to ensure the security of the
enclavesoftware, thus it does not affect to themoduleoperation and security.
To proceed with the build and installation using the production mode, it is necessary to perform the
following steps:
Step 19: Generatethesigning material by running thefollowingscript:
./build_fips.sh cleanprod
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 22/23
Step 20: At this point, the signing material (HSMEnclave_hash.hex) has been generated in./release/lib.
Now bring it to the signing machine which contains the signer's key that has been whitelisted by Intel.
Sign the signing material/s (HSMEnclave_signature.hex) and then bring it back to this build machine
(./release/lib). Then run the production releasescript:
./prod_release.sh <pubkey><hsm_signature><ra_signature>
Thisscriptwillbuildand installtheHSMAppapplication,HSMEnclave.signed.solibrary,whichcontainsthe
module, and the FIPS Validation Suite. When it is executed, the HSMEnclave.signed.so (in this case the
HSMEnclave.so) is loaded with all its libraries (ADV Ciphers, OpenSSL source code compliant with FIPS
140-2, Intel SGX libraries, SGXSSL, etc.) and theincluded fips_premain.c which will beused to performthe
FIPS integrity test.
During thebuild process, the HSMApp computes thefingerprintof fipscanister.o and writesthesignature
file in the variable HMAC_SHA1_SIG defined in the fips_premain.c and also creates a file named as
fipscanister_digest.hex to storeits value.
Once the signaturefilehas been generated, the build_fips.sh scriptpasses it to thesecond build process
to set it when the HSMApp loads theHSMEnclave.signed.so (in this casetheHSMEnclave.so).
Finally, the HSMEnclave.signed.so (in this casetheHSMEnclave.so) is loaded and initializesthemodulein
FIPS modeby executing the fips_set_mode() function which starts thepower-up self-test by calling the
FIPS_selftest() function defined in the fips_post.c file.
11.4 SECURE OPERATION
After the Crypto Officer installs and initializes themodule as described in the previous section, if all the
power-up self-test (listed in section “8.1 Power-Up Self-Test)” are performed successfully, then the
module will be in READY stateand will allow the User and Crypto Officer to usethe authorized services
and the API functions detailed in the section “3.2 Services” related to any cryptographic operation, key
zeroization, obtaining themodulestatusor performing a self-test.
To interact with the module, the User and Crypto Officer can use the defined ports in the section “2.4
Ports and Interfaces” without any additional measureor especial behavior, due to the moduleis always
operating in FIPS modeand, in addition, it does not return any privatesecret or key component.
Apart from that, themodulegenerates IVs internally using theApproved DRBG which areat least 96-bits
in length. In the event that modulepower is lost and restored, the calling application must ensurethat
any AES-GCM keys used for encryption or decryption are re-distributed.
Version: 1.13 Date: 06/02/2020
Treasure Cryptographic Module FIPS 140-2 Security Policy
Treasure Cloud Pte Ltd.
PAGE 23/23
12 GLOSARY AND ABBREVIATIONS
ADV Treasure Data Vault
AES Advanced Encryption Standard
API Application ProgrammingInterface
CBC Cipher Block Chaining
CFB Cipher Feedback
CO Crypto Officer
CPU Central processing Unit
CSP Critical Security Parameter
CTR Counter
DK Decryption Key
DRBG Deterministic Random Bit Generator
ECB Electronic Codebook
ECC Elliptic CurveCryptographic
ECDSA Elliptic CurveDigital SignatureAlgorithm
EDK Encrypt/Decrypt Key
EMI ELECTROMAGNETIC INTERFERENCE
EMC ELECTROMAGNETIC COMPATIBILITY
FSM FiniteStateModel
GCM Galois/Counter Mode
HMAC Hash-based MessageAuthenticationCode
KAT Known Answer Test
NDRNG Non-Deterministic Random Number Generator
OFB Output Feedback
RAM Random Access Memory
SHA Secure Hash Algorithm
SGK SignatureGeneration Key
SGX SoftwareGuard Extension
SVK SignatureVerification Key
URI Uniform ResourceIdentifier