Archived TD0033: Auditing of Low-Level Crypto Failures in MDM PP V1.1
PP_MDM_V1.1, requirement FAU_GEN.1(1), Table 7
FAU_GEN.1(1) requires auditing of a number of low-level crypto failures (CKM.1, COP.1-4, RBG.1) that would be hard to produce during testing. This type of auditing has been removed from most other PPs, leaving higher level auditing (e.g., connection failures). The PP allows that many of the functions could be performed by the platform, making testing perhaps even more complicated given the difficulty in forcing the events for testing purposes.
Table 7 for FAU_GEN.1(1), the Auditable Events column for the following requirements should be changed to "None." and the Additional Audit Record Contents column should be blank:
In addition, the Auditable Events column for FCS_CKM.1 should be changed to "Failure of key generation activity for authentication keys." The audit requirement for FCS_RBG_EXT.1 remains the same.
FAU_GEN.1(1) in the recently posted MDM PP Version 2.0 does not have the level of detail required in v.1.x for those requirements. The above changes align MDM PP V1.1 with the new version.