Archived TD0199: NIT Technical Decision for Elliptic Curves for Signatures
The NIT has issued a Technical Decision making elliptic curves P-256 and P-384 optional for signature generation and signature verification.
To align with NIT interpretation # 201602rev2, FCS_COP.1.1(2) shall therefore be modified as follows:
FCS_COP.1.1(2) The TSF shall perform cryptographic signature services (generation and verification) in accordance with a specified cryptographic algorithm [selection:
· RSA Digital Signature Algorithm and cryptographic key sizes (modulus) [assignment: 2048 bits or greater],
· Elliptic Curve Digital Signature Algorithm and cryptographic key sizes [assignment: 256 bits or greater]
that meet the following: [selection:
· For RSA schemes: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Section 5.5, using PKCS #1 v2.1 Signature Schemes RSASSA-PSS and/or RSASSA-PKCS1v1_5; ISO/IEC 9796-2, Digital signature scheme 2 or Digital Signature scheme 3,
· For ECDSA schemes: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Section 6 and Appendix D, Implementing “NIST curves” [selection: P-256, P-384, P-521]; ISO/IEC 14888-3, Section 6.4
The application note for FCS_COP.1.1(2) shall be replaced by the following:
The ST Author chooses the algorithm(s) implemented to perform digital signatures. For the algorithm(s) chosen, the ST author makes the appropriate assignments/selections to specify the parameters that are implemented for that algorithm. The ST author ensures that the assignments and selections for this SFR include all the parameter values necessary for the cipher suites selected for the protocol SFRs (see Appendix B.2.1) that are included in the ST. The ST Author checks for consistency of selections with other FCS requirements, especially when supporting elliptic curves.
For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI201602rev2.pdf
See issue description.