NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0291:  NIT technical decision for DH14 and FCS_CKM.1

Publication Date
2018.02.03

Protection Profiles

Other References
FCS_CKM.1.1, ND SD V1.0, ND SD V2.0

Issue Description

The Network Interpretations Team (NIT) has issued a technical decision regarding DH14 and FCS_CKM.1.

Resolution

Updated 3/7/2018 to include FWcPP 1.0 and FWcPP 2.0.

To align with NIT interpretation #201723rev2 the following changes shall be implemented:

 

FCS_CKM.1.1 The TSF shall generate asymmetric cryptographic keys in accordance with a specified cryptographic key generation algorithm: [selection:

·         RSA schemes using cryptographic key sizes of 2048-bit or greater that meet the following: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.3;

·         ECC schemes using “NIST curves” [selection: P-256, P-384, P-521] that meet the following: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.4;

·         FFC schemes using cryptographic key sizes of 2048-bit or greater that meet the following: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.1

·         FFC Schemes using Diffie-Hellman group 14 that meet the following: RFC 3526, Section 3

]and specified cryptographic key sizes [assignment: cryptographic key sizes] that meet the following: [assignment: list of standards]."

For the test activities for FCS_CKM.1.1 in the supporting document the following text shall be added:

"Testing for FFC Schemes using Diffie-Hellman group 14 is done as part of testing in CKM.2.1."

Note that for ND SD V1.0 RfI#201702b needs to be applied as well.

 

For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfi201723rev2.pdf.

 

Justification

See issue description.

 
 
Site Map              Contact Us              Home