NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0258:  NIT Technical Decision for TLS and DTLS Server Tests - Applying RfI#201643 to NDcPPv2

Publication Date
2017.11.13

Protection Profiles
CPP_ND_V2.0

Other References
ND SD V2.0, FCS_DTLSS_EXT.1, FCS_DTLSS_EXT.2, FCS_TLSS_EXT.1, FCS_TLSS_EXT.2

Issue Description

The NIT has issued a technical decision forTLS and DTLS Server Tests - Applying RfI#201643 to NDcPPv2.

Resolution

The NIT acknowledges the issue described in the 'Issue' section above for Issue2.  Since the NIT could not identify additional value of this test regarding security the NIT decided that FCS_DTLSS_EXT.1.1 Test 3, FCS_DTLSS_EXT.2.1 Test 3, FCS_TLSS_EXT.1.1 Test 3 and FCS_TLSS_EXT.2.1 Test 3 shall be dropped.

The NIT acknowledges also the issue described in the 'Issue' section above for Issue 3. FCS_DTLSS_EXT.1.1 Test 4e, FCS_DTLSS_EXT.2.1 Test 4e, FCS_TLSS_EXT.1.1 Test 4e and FCS_TLSS_EXT.2.1 Test 4e shall therefore be modified as follows:

"Test Intent: The intent of this test is to ensure that the server's TLS implementation immediately makes use of the key exchange and authentication algorithms to:

a) Correctly encrypt (D)TLS Finished message

b) Encrypt every (D)TLS message after session keys are negotiated”

Test 4 e): The evaluator shall use one of the claimed ciphersuites to complete a successful handshake and observe transmission of properly encrypted application data. The evaluator shall verify that no Alert with alert level Fatal (2) messages were sent.

The evaluator shall verify that the Finished message (handshake type hexadecimal 16) is sent immediately after the server's ChangeCipherSpec (handshake type hexadecimal 14) message. The evaluator shall examine the Finished message (encrypted example in hexadecimal, 16 03 03 00 40 11 22 33 44 55...) and confirm that it does not contain unencrypted data (unencrypted example in hexadecimal, 16 03 03 00 40 14 00 00 0c...), where '14' is the hexidecimal message type code in the verify_data header and '00 00 0c' is the verify_data field length. There is a chance that an encrypted Finished message contains a hexadecimal value of '14' at the position where a plaintext Finished message would contain the message type code '14'. If the observed Finished message contains a hexadecimal value of '14' at the position where the plaintext Finished message would contain the message type code, the test shall be repeated three times in total. In case the value of '14' can be observed in all three tests it can be assumed that the Finished message has indeed been sent in plaintext and the test has to be regarded as 'failed'. Otherwise it has to be assumed that the observation of the value '14' has been due to chance and that the Finished message has indeed been sent encrypted. In that latter case the test shall be regarded as 'passed'.

For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI201713.pdf

Justification

See issue description.

 
 
Site Map              Contact Us              Home