Revisions to FCS_CKM.1, FCS_CKM.2, FCS_COP.1(1), FCS_COP.1(2), FCS_COP.1(3), FCS_COP.1(4) requirements in OS PP V4.0 are needed to meet the intent of the Protection Profile.

The following requirements have been revised to read:

FCS_CKM.1 Cryptographic Key Generation (Refined)

The OS shall generate asymmetric cryptographic keys in accordance with a specified cryptographic key generation algorithm [selection: 

RSA schemes using cryptographic key sizes of 2048-bit or greater that meet the following: [selection: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.3],

ECC schemes using “NIST curves” P-256, P-384 and [selection: P-521, no other curves] that meet the following: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.4].

and specified cryptographic key sizes [assignment: cryptographic key sizes] that meet the following: [assignment: list of standards].

FCS_CKM.2 Cryptographic Key Establishment (Refined)

The OS shall implement functionality to perform cryptographic key establishment in accordance with a specified cryptographic key establishment method:

[RSA-based key establishment schemes] that meets the following: [NIST Special Publication 800-56B, “Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography”]

and [selection: 

Elliptic curve-based key establishment schemes that meets the following: NIST Special Publication 800-56A, “Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography”,

No other schemes 

] that meets the following: [assignment: list of standards].

FCS_COP.1(1) Cryptographic Operation - Encryption/Decryption (Refined) 

The OS shall perform [encryption/decryption services for data] in accordance with a specified cryptographic algorithm [

• AES-XTS (as defined in NIST SP 800-38E) mode,
• AES-CBC (as defined in NIST SP 800-38A) mode,

[selection: 

AES-CCMP (as defined in FIPS PUB 197, NIST SP 800-38C, and IEEE 802.11-2012,

AES Key Wrap (KW) (as defined in NIST SP 800-38F),

AES Key Wrap with Padding (KWP) (as defined in NIST SP 800-38F),

AES-GCM (as defined in NIST SP 800-38D),

AES-CCM (as defined in NIST SP 800-38C),

AES-CCMP-256 (as defined in NIST SP800-38C and IEEE 802.11ac-2013),

AES-GCMP-256 (as defined in NIST SP800-38D and IEEE 802.11ac-2013),

no other modes

]] and cryptographic key sizes [128-bit, 256-bit]

that meet the following: [assignment: list of standards].

FCS_COP.1(2) Cryptographic Operation – Hashing (Refined)

The OS shall perform [cryptographic hashing services] in accordance with a specified cryptographic algorithm [SHA-1 and [selection:

SHA-256,

SHA-384,

SHA-512,

no other algorithms

]] and message digest sizes [160 bits, [selection:

256 bits,

384 bits,

512 bits,

no other sizes

]] that meet the following: [FIPS Pub 180-4].

FCS_COP.1(3) Cryptographic Operation – Signing (Refined)

The OS shall perform [cryptographic signature services (generation and verification)] in accordance with a specified cryptographic algorithm [selection:

RSA schemes using cryptographic key sizes of 2048-bit or greater that meet the following: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Section 5.5, using PKCS #1 v2.1 Signature Schemes RSASSA-PSS and/or RSASSAPKCS2v1_5,

ECDSA schemes using “NIST curves” P-256, P-384 and [selection: P-521, no other curves] that meet the following: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Section 6 and Appendix D]

and cryptographic key sizes [assignment: cryptographic algorithm] that meet the following: [assignment: list of standards].

FCS_COP.1(4) Cryptographic Operation - Keyed-Hash Message Authentication (Refined)

The OS shall perform [keyed-hash message authentication services] in accordance with a specified cryptographic algorithm [selection:

SHA-1,

SHA-256,

SHA-384,

SHA-512,

] with key sizes [assignment: key size (in bits) used in HMAC] and message digest sizes [selection: 160 bits, 256 bits, 384 bits, 512 bits] that meet the following: [FIPS Pub 198-1 The Keyed-Hash Message Authentication Code and FIPS Pub 180-4 Secure Hash Standard].

Revision of requirements needed