For FCS_IPSEC_EXT1.8 and FIA_PSK_EXT.1, it is required that IPsec tunnels must perform IKE authentication using pre-shared keys. However, newer PPs (such as IPsec VPN client) only require certificate-based authentication for IPsec SAs. Authentication using pre-shared keys is an options but not a mandated requirement. Can the same approach be taken for WLAN?
FCS_IPSEC_EXT.1.8 can be updated to mandate certificate-based authentication and specify the use of pre-shared keys as an option. The modified requirement will read as follows:
***
FCS_IPSEC_EXT.1.8: The TSF shall ensure that all IKE protocols perform peer authentication using [selection: RSA, ECDSA] that uses X.509v3 certificates that conform to RFC 4945 and [selection: Pre-shared Keys, no other method].
Application Note for FCS_IPSEC_EXT.1.8:
At least one public-key-based Peer Authentication method is required for conformant TOEs; one or more of the public key schemes is chosen by the ST Author to reflect what is implemented by the TOE. The ST author also ensures that appropriate FCS requirements reflecting the algorithms used (and key generation capabilities, if provided) are listed to support those methods. Note that the TSS will elaborate on the way in which these algorithms are to be used (for example, 2409 specifies three authentication methods using public keys; each one supported will be described in the TSS).
If pre-shared keys are chosen in the selection, the ST author must include FIA_PSK_EXT.1 in the ST.
Assurance Activity for FCS_IPSEC_EXT.1.8:
The evaluator ensures that the TSS identifies RSA and/or ECDSA as being used to perform peer authentication. The description must be consistent with the algorithms as specified in FCS_COP.1(2) Cryptographic Operations (cryptographic signature).
The evaluator shall check that the TSS contains a description of the IKE peer authentication process used by the TOE, and that this description covers the use of the algorithm or algorithms specified in the selection. The evaluator shall also perform the following tests:
- Test 1: For each supported algorithm, the evaluator shall test that peer authentication using that algorithm can be successfully achieved.
- Test 2: For each supported identification payload (from RFC 4945), the evaluator shall test that peer authentication can be successfully achieved.
- Test 3: The evaluator shall devise a test that demonstrates that a corrupt or invalid certification path for a certificate will be detected during IKE peer authentication and will result in a connection not being established.
- Test 4: The evaluator shall devise a test that demonstrates that a certificate that has been revoked through a CRL will be detected during IKE peer authentication and will result in a connection not being established.
If pre-shared keys are chosen in the selection, the evaluator shall check to ensure that the TSS describes how pre-shared keys are established and used in authentication of IPsec connections. The evaluator shall check that the operational guidance describes how pre-shared keys are to be generated and established. The description in the TSS and the operational guidance shall also indicate how pre-shared key establishment is accomplished for TOEs/platforms that can generate a pre-shared key as well as TOEs/platforms that simply use a pre-shared key. The evaluator shall also perform the following test:
Test 1: The evaluator shall generate a pre-shared key and use it, as indicated in the operational guidance, to establish an IPsec connection between two peers. If the TOE supports generation of the pre-shared key, the evaluator shall ensure that establishment of the key is carried out for an instance of the TOE generating the key as well as an instance of the TOE merely taking in and using the key.
***
Also, since pre-shared keys are now optional, FIA_PSK_EXT.1 should be moved out of the main body of the PP and into the appendix for additional requirements; it should be in the ST only if the ST author selects pre-shared keys.
