CMVPValidationAuthorityUpdatestoISO/IEC24759andISO/IEC19790AnnexMarch

CMVPCMVPISO/IEC24759andISO/IEC19790Annex20203NISTSPNISTSPCMVPSecurityPolicyReportsonComputerSystemsTheInformationTechnologyLaboratory(ITL)attheNationalInstituteofStandardsandTechnology(NIST)promotestheU.S.economyandpublicwelfarebyprovidingtechnicalleadershipfortheNation’smeasurementandstandardsinfrastructure.ITLdevelopstests,testmethods,referencedata,proofofconceptimplementations,andtechnicalanalysestoadvancethedevelopmentandproductiveuseofinformationtechnology.ITL’sresponsibilitiesincludethedevelopmentofmanagement,administrative,technical,andphysicalstandardsandguidelinesforthecost-effectivesecurityandprivacyofotherthannationalsecurity-relatedinformationinfederalinformationsystems.TheSpecialPublication800-seriesreportsonITL’sresearch,guidelines,andoutreacheffortsininformationsystemsecurity,anditscollaborativeactivitieswithindustry,government,andacademicorganizations.NISTSpecialPublication(SP)800-140BistobeusedinconjunctionwithISO/IEC19790AnnexBandISO/IEC24759section6.14.Thespecialpublicationmodifiesonlythoserequirementsidentifiedinthisdocument.SP800-140BalsospecifiesthecontentofthetabularandgraphicalinformationrequiredinISO/IEC19790AnnexB.Asavalidationauthority,theCryptographicModuleValidationProgram(CMVP)maymodify,add,ordeleteVendorEvidence(VE)and/orTestEvidence(TE)specifiedunderparagraph6.14oftheISO/IEC24759andspecifytheorderofthesecuritypolicyasspecifiedinISO/IEC19790:2012B.1.CryptographicModuleValidationProgram;CMVP;FIPS140testing;FIPS140;ISO/IEC19790;ISO/IEC24759;testingrequirement;vendorevidence;vendordocumentation;security

美國國家標準與技術研究院（NIST）的信息技術實驗室（ITL）通過提供國家測量和標準基礎設施的技術領導力，促進美國經濟和公共福利。ITL數(shù)據(jù)、概念驗證實現(xiàn)和技術分析，以推進信息技術的發(fā)展和有效使用。ITL聯(lián)邦信息系統(tǒng)中的非國家安全相關信息的成本效益安全性和隱私性制定管理、行政、技800（SpecialPublication800?series）報告ITLB041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbupNISTB041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbup6.14SP800?140BISO/IEC19790BCMVPISO/IEC247596.14(VETEISO/IEC19790:2012B.1密碼模塊驗證計劃；CMVP；FIPS140FIPS140ISO/IEC19790ThispublicationThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-Thisdocumentisfocusedtowardthevendors,testinglabs,andCMVPforthepurposeofaddressingissuesinISO/IEC19790,Informationtechnology–Securitytechniques-Securityrequirementsforcryptographicmodules,andISO/IEC24759,Informationtechnology–Securitytechniques-Testrequirementsforcryptographicmodules.

CMVP，ISO/IEC19790中存在的問題，信ISO/IEC24759安全技—密碼模塊的測試要求。ThispublicationisavailableThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800- Normative Termsand Symbolsandabbreviated Document Security

B041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcB041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbupNISTSPNISTSPCMVPSecurityPolicy ThisdocumentspecifiestheCryptographicModuleValidationProgram(CMVP)modificationsofthemethodstobeusedbyaCryptographicandSecurityTestingLaboratory(CSTL)todemonstrateconformance.Thisdocumentalsospecifiesthemodificationofdocumentationforprovidingevidencetodemonstrateconformity.Unlessotherwisespecifiedinthisdocument,thetestrequirementsarespecifiedinISO/IEC19790AnnexBandISO/IEC24759section6.14. NormativeThissectionidentifiesthenormativereferencescitedasISO/IEC19790andISO/IEC24759.ThespecificeditionstobeusedareISO/IEC19790:2012andISO/IEC24759:2017.Pleasenotethattheversion19790:2012referencedhereincludesthecorrectionsmadein2015.NationalInstituteofStandardsandTechnology(2019)SecurityRequirementsforCryptographicModules.(U.S.DepartmentofCommerce,Washington,DC),FederalInformationProcessingStandardsPublication(FIPS)140-3. TermsandThefollowingtermsanddefinitionssupersedeorareinadditiontothosedefinedinISO/IEC19790andISO/IEC24759:Noneaddedatthis

本文件規(guī)定了密碼模塊驗證計劃（CMVP）對密碼和安全測試實驗室（CSTL）為證ISO/IEC19790BISO/IEC24759 NormativeISO/IEC19790ISO/IEC24759ISO/IEC19790:2012ISO/IEC24759:201719790:20122015B041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfB041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbup TermsandISO/IEC19790ISO/IEC24759 Symbols SymbolsandabbreviatedThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-ThefollowingsymbolsandabbreviatedtermsThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800- CryptographicAlgorithmValidationProgram CanadianCentreforCyberSecurity CryptographicModuleValidationProgram ComputerSecurityDivision CryptographicandSecurityTestingLaboratory EnvironmentalFailureProtection EnvironmentalFailure FederalInformationProcessing

ISO/IEC19790 CryptographicandSecurityTestingLaboratory EnvironmentalFailureProtection EnvironmentalFailure FederalInformationProcessingThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800- FederalInformationSecurityThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-SP800-XXX NISTSpecialPublication800seriesdocument TestEvidence Vendor DocumentSection6ofthisdocumentspecifiesanymodificationstoISO/IEC19790AnnexBandISO/IEC24759section6.14.ModificationstoISO/IEC24759section6.14-Cryptographicmodulesecuritypolicy-willfollowasimilarformatasinISO/IEC24759.Foradditionstotestrequirements,newTestEvidence(TEs)orVendorEvidence(VEs)willbelistedbyincreasingthe“sequence_number.”Modificationscanincludeacombinationofadditionsusingunderlineanddeletionsusingstrikethrough.Ifnochangesarerequired,theparagraphwillindicate“Nochange.”ISO/IEC19790AnnexBincludessecuritypolicyrequirementsinbulletedformbutdoesnotincludewaystoformattherequiredinformation.Modificationsareaddressedbyaddingformattingguidance(e.g.,tables,images,etc.),addingunderlinedtext,orusingstrikethroughfordeletion.Ifnochangesarerequired,theparagraphwillindicate“Nochange.”AdditionalguidancemayalsobeincludedtoaddressrequirementspresentedinSP800-140,SP800-140A,SP800-140C,SP800-140D,SP800-140E,andSP800-140F. Security DocumentationAllrequirementsfromISO/IEC24759section6.14andISO/IEC19790AnnexBapplyandarerequiredinthesecuritypolicyasapplicable.ISO/IEC19790AnnexBusesthesamesectionnamingconventionasISO/IEC19790section7-Securityrequirements.Forexample,AnnexBsectionB.2.1isnamed“General”andB.2.2isnamed“Cryptographicmodulespecification,”whichisthesameasISO/IEC19790section7.1andsection7.2,respectively.Therefore,theformatofthesecuritypolicyshallbepresentedinthesameorderasindicatedinAnnexB,startingwith“General”andendingwith“Mitigationofotherattacks.”Ifsectionsarenotapplicable,theyshallbemarkedassuchinthesecuritypolicy.

聯(lián)邦信息安全管理/ SP NIST800 5文檔組 B041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbup第6章B041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbup247596.14ISO/IEC247596.14??ISO/IEC24759要更改，段落ISO/IEC19790B還可能包含額外的指導，SP800?140SP800?140ASP800?140CSP800?140DSP800?140E6安全要 ISO/IEC247596.14ISO/IEC19790BISO/IEC19790BISO/IEC197907BB.2.1B.2.2ISO/IEC197907.17.2應BNISTSPNISTSPCMVPSecurityPolicyThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-ISO/IEC24759section6.14Thispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-NoISO/IEC19790AnnexBrequirementsaremodifiedasindicatedTheadditionsareintendedtoprovidefurtherguidanceonwhattypeofinformationisexpectedforaspecificrequirementorsetofrequirementsfromAnnexB.TheyarenotintendedtocoveralltherequirementsfromAnnexBbutratherasubsetforclarificationpurposes.TheapplicableAnnexBrequirementsareincludedhereinbulletedformforreference.AtableindicatingtheindividualclauselevelsandoverallOverallSecurityRatingofthemoduleandtheSecurityLevelsofindividualISO/IEC24759Section6.[NumberBelow]FIPS140-3SectionSecurityCryptographicmoduleCryptographicmoduleRoles,services,andPhysicalSensitivesecurityparameterLife-cycleMitigationofotherTablex–Security

ISO/IEC247596.14ISO/IEC19790BB中特定要求或要求集所期望的信息類型提供進一步指導。它們并BB要B041-008.PS.TSIN/8206.01/gro.iod//:sptthB041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbupISO/IEC247596數(shù)字下方FIPS140?3ifispeccatLife-cycleMitigationofotherxCryptographicmoduleHardware,Software,Firmware,orHybridForsoftware,firmware,andhybridcryptographicmodules,listtheoperatingsystem(s)themodulewastestedonandtheoperatingsystem(s)thatthevendoraffirmscanbeusedbythemodule.[ForSoftware/Firmware/HybridTablex-TestedOperationalOperatingTablex–VendorAffirmedOperational

o B041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcB041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbupTablex–VendorAffirmedOperational[ForHardware[PartNumberandFirmwareTablex-CryptographicModuleTested

[硬件模塊 Tablex-CryptographicModuleTested1Examplesmaybeportsandinterfaces,memorystoragedevicesandsizes,fieldreplaceableandstationaryaccessories(powersupplies,fans),etc.

1示例可能包括端口和接口、內存存儲設備和容量、可現(xiàn)場更換和固定附件（電源、風扇）等 ThispublicationThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-Tableofallsecurityfunctionswithspecifickeystrengthsemployedforapprovedservices,aswellastheimplementedmodesofoperation(e.g.CBC,CCM),ifandStandardDescription/KeySize(s)/KeyUse/Tablex-ApprovedUse/Tablex–Non-ApprovedAlgorithmsAllowedintheApprovedModeofUse/Tablex–Non-ApprovedAlgorithmsAllowedintheApprovedModeofOperationwithNoSecurity

的話，所實現(xiàn)的操作模式（CBCCCM）。強度(s)B041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcB041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbupxTablex–Non-ApprovedAlgorithmsAllowedintheApprovedModeofOperationwithNoSecurity2Ifapplicable,insertafootnotedetailinganymode/key-sizethatispresentonalistedCAVPcertificatebutisnotusedbyanyservice,orstatesomethingtotheeffectof:Therearealgorithms,modes,andkey/modulisizesthathavebeenCAVP-testedbutarenotusedbyanyapprovedserviceofthemodule.Onlythealgorithms,modes/methods,andkeylengths/curves/modulishowninthistableareusedbyanapprovedserviceofthemodule.3Thistableincludesvendor-affirmedalgorithmsthatareapprovedbutCAVPtestingisnotyet4ThesealgorithmsdonotclaimanysecurityandarenotusedtomeetFIPS140-3requirements.Therefore,SSPsdonotmaptothesealgorithms.

2CAVP或聲CAVP本表3此表包括已獲得供應商確認且已批準但尚未提供CAVP測試的算法 4這些算法不聲稱任何安全性，也不用于滿足FIPS140?3要求。因此，SSP不會映射到這些算法 ThispublicationThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800- Thispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-Tablex–Non-ApprovedAlgorithmsThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-Illustrativediagram,schematicorphotographofthemodule.Aphotographisincludedforahardwaremodule.Ifthesecuritypolicyencompassesmultipleversionsofthemodule,eachversionisrepresentedseparatelyorannotatedthattherepresentationisillustratedforallversions.Forasoftwareorfirmwarecryptographicmodule,thesecuritypolicyincludesablockdiagramthatillustrates:thelocationofthelogicalobjectofthesoftwareorfirmwaremodulewithrespecttotheoperatingsystem,othersupportingapplicationsandthecryptographicboundarysothatallthelogicalandphysicallayersbetweenthelogicalobjectandthecryptographicboundaryareclearlydefined;andtheinteractionsofthelogicalobjectofthesoftwareorfirmwaremodulewiththeoperatingsystemandothersupportingapplicationsresidentwithinthecryptographicboundary.BlockDiagram,asapplicable.[ForSoftware/Firmware/HybridModule]Figurex–Logical[cryptographic]boundary[andphysicalboundaryifFigurex–Physicalboundary[ifseparatedfromlogical

xB041-008.PS.TSIN/8206.01/gro.iod//:sptthB041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbup x加密]和物理邊界（如果組合）x物理邊界[[ForHardware/Hybrid5 [ForHardware/Hybrid5Figurex–[ModelOverallsecuritydesignandtherulesofCryptographicmodule

B041-008.PS.TSIN/8206.01/gro.iod//:sptthB041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbup

Figurex–[ModelTablelistingofallportsandinterfaces(physicalandDefinetheinformationpassingoverthefivelogicalSpecifyphysicalportsanddatathatpassoverPhysicalLogicalDatathatpassesoverTablex–PortsandRoles,services,andSpecifyallTableofRoles,withcorrespondingservicewithinputand

列出所有端口和接口（物理和邏輯）Tablex–Portsand5Theimagewillshowthedisjointhardwarecomponentofthehybrid6Aspartofthisrequirement,algorithm-specificguidance,rules,andsecuritypolicy-specificrequirementsshallbe7Thephysicalportshereshouldmaptothephysicalportsshowninthemoduleimages/diagrams.Iftheportsaredifferentpermodulewithinthesamesubmission,thenthistableshouldindicatethedifferences.

5Theimagewillshowthedisjointhardwarecomponentofthehybrid6作為此要求的一部分，應包括特定于算法的指導、規(guī)則和特定于安全策略的要求 ThispublicationThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-Thispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-Thispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-Specifyeachauthenticationmethod,whetherthemethodisidentityorrole-based,andwhetherthemethodisrequired.HowisthestrengthofauthenticationrequirementTablex–RolesandSeparatelylistthesecurityandnon-securityservices,bothapprovedandnon-Foreachservice,listtheservicename,aconcisedescriptionoftheservicepurposeand/oruse(theservicenamealonemay,insomeinstances,providethisinformation),alistofapprovedsecurityfunctions(algorithm(s),keymanagementtechnique(s),orauthenticationtechnique)usedbyorimplementedthroughtheinvocationoftheservice,andalistoftheSSPsassociatedwiththeserviceorwiththeapprovedsecurityfunction(s)ituses.Foreachoperatorroleauthorizedtousetheservice,describetheindividualaccessrightstoallSSPsincludinginformationdescribingthemethodusedtoauthenticateeachrole.

xB041-008.PS.TSIN/8206.01/gro.iod//:sptthB041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbupTablex–Rolesand（在某些情況下，SSPsSSPsKeysand/orAccessrightstoKeysand/orSSPs9Tablex–ApprovedG=Generate:ThemodulegeneratesorderivestheR=Read:TheSSPisreadfromthemodule(e.g.theSSPisW=Write:TheSSPisupdated,imported,orwrittentotheE=Execute:ThemoduleusestheSSPinperformingacryptographicZ=Zeroise:Themodulezeroisesthe

Tablex–ApprovedG=SSPR=SSP（SSP）。W=:SSPE=SSPZ=SSP算法ATablex–Non-ApprovedSoftware/FirmwareNo8EachalgorithmshownintheApprovedAlgorithmsandNon-ApprovedAlgorithmsAllowedintheApprovedModeofOperationtablesshouldmaptoatleastoneservice

Tablex–Non-ApprovedSoftware/Firmware8在批準的算法和操作模式允許的非批準算法表中顯示的每個算法都應映射到至少一項服 Thispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-B041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbup9UsethelettersThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-B041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbup10EachalgorithmshownintheNon-ApprovedAlgorithmsNotAllowedintheApprovedModeofOperationtableshouldmaptoatleastoneservice.

9Usetheletters(G,R,W,E,Z)asdefinedunderthistablewhenlistingtheaccessrightsofeach10EachalgorithmshownintheNon-ApprovedAlgorithmsNotAllowedintheApprovedModeofOperationtableshouldmaptoatleastoneservice.ThispublicationisThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-NoPhysical[ForphysicalSecurityLevel2andSpecifythephysicalsecuritymechanismsthatareimplementedinthemodule(e.g.,tamper-evidentseals,locks,tamperresponseandzeroisationswitches,andalarms).Specifytheactionsrequiredbytheoperator(s)toensurethatthephysicalsecurityismaintained(e.g.periodicinspectionoftamper-evidentsealsortestingoftamperresponseandzeroisationswitches).PhysicalSecurityRecommendedFrequencyofTablex–PhysicalSecurityInspectionSpecifythefollowinginformationifthemodulerequiresoperatorappliedtamperevidentsealsorsecurityappliancesthattheoperatorwillapplyormodifyoverthelifecycleofthemodule:ThereferencephotoorillustrationsrequiredinB2.2willreflectthemoduleconfiguredorconstructedasspecified.Additionalphotos/illustrationsmaybeprovidedtoreflectotherconfigurations.Iffillerpanelsareneededtocoverunpopulatedslotsoropeningstomeettheopacityrequirements,theywillbeincludedinthephotoorillustrationswithtampersealsaffixedasneeded.ThefillerpanelswillbeincludedinthelistofPhotosorillustrationswillindicatethepreciseplacementofanytamperevidentsealorsecurityapplianceneededtomeetthephysicalsecurityrequirements.Thetotalnumberoftamper-evidentsealsorsecurityappliancesthatareneededwillbeindicated(e.g.,fivetamper-evidentsealsandtwoopacityscreens).Thephotosorillustrationswhichprovideinstructiononthepreciseplacementwillhaveeachitemnumberedinthephotoorillustrationandwillequalthetotalnumberindicated(theactualtamper-evidentsealsorsecurityappliancesarenotrequiredtobenumberedasillustrated).

[對于物理安全級別2及以上 B041-008.PS.TSIN/8206.01/gro.iod//:sptthB041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbup推薦頻率檢驗/Tablex–PhysicalSecurityInspection如果模塊需要操作員施加防篡改封條或安全設備，并且操作員將在模塊生命周期中施加或修改這些封條或設備，請指定以下信息：B2.2/以反映其他配置。 Figurex–Module1SealApplicationFigurex–Module2SealApplication[ForphysicalSecurityLevel3andTemperatureorvoltageSpecifyEFP11orSpecifyifthisconditionresultsinashutdownorLowHighLowHighTablex–11EFPisrequiredformoduleswithphysicalSecurityLevel

x1Figurex–Module2SealApplicationB041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavaB041-008.PS.TSIN/8206.01/gro.iod//:sptth:morfegrahcfoeerfelbaliavasinoitacilbupEFP11Tablex–11EFPisrequiredformoduleswithphysicalSecurityLevelThispublicationisThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-Thispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-[FormodulescoveredbystrongorThispublicationisavailablefreeofchargefrom:/10.6028/NIST.SP.800-HardnesstestedtemperatureLowHighTablex–HardnesstestingtemperatureNon-invasiveNoSen