NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0345:  FIT Technical Decision for Key Destruction and KMD Documentation

Publication Date
2018.08.17

Protection Profiles
CPP_FDE_AA_V2.0, CPP_FDE_EE_V2.0

Other References
CPP_FDE_AA_V2.0-SD, CPP_FDE_EE_V2.0-SD, FCS_CKM_EXT.4(b), FPT_PWR_EXT.1, FPT_PWR_EXT.2, FCS_CKM.1.1(b), C.2 Extended Component Definitions

Issue Description

The FIT has issued a Technical Decision for key destruction and KMD documentation.

Resolution


The FCS_CKM_EXT.6.1 entry in the C.2 Extended Component Definitions section of the FDE AA cPP v2.0 shall be removed.

 

The KMD section FCS_CKM_EXT.4(b) in the FDE AA SD v2.0 shall be replaced by:
 
"The evaluator shall verify the KMD includes a description of the areas where keys and key material reside.  
 
The evaluator shall verify the KMD includes a key lifecycle that includes a description where key material resides, how the key material is used, and how the material is destroyed once it is not needed and that the documentation in the KMD follows FCS_CKM.4(d) for the destruction."
 
 
 
The Test section in FPT_PWR_EXT.1 in the FDE AA SD v2.0 shall be replaced by:
 
"The evaluator shall confirm that for each listed compliant state all key/key materials are removed from volatile memory by using the test defined in FCS_CKM.4(d)."
 
 
 
The Test section in FPT_PWR_EXT.2 in the FDE AA SD v2.0 shall be replaced by:
 
"The evaluator shall trigger each condition in the list of identified conditions and ensure the TOE ends up in a compliant power saving state by running the test identified in FCS_CKM.4(d)."
 
 
 
 
The following line in the Application Note section in FCS_CKM.1.1(b) in the FDE EE cPP v2.0 shall be removed:
 
“FCS_CKM.4(b) Cryptographic Key Destruction (TOE-  Controlled Hardware)."
 
The FCS_CKM_EXT.6.1 entry in the C.2 Extended Component Definitions section of the FDE EE cPP v2.0 shall be replaced by:
 
"The TSF shall use [assignment: one or more iterations of FCS_CKM.4 defined elsewhere in the Security Target] key destruction methods."
 

 

The KMD section in FCS_CKM_EXT.4(b) in the FDE EE SD v2.0 shall be replaced by:
 
"The evaluator shall verify the KMD includes a description of the areas where keys and key material reside. 
 
The evaluator shall verify the KMD includes a key lifecycle that includes a description where key material resides, how the key material is used, and how the material is destroyed once it is not needed and that the documentation in the KMD follows FCS_CKM_EXT.6 for the destruction."
 
 
The Test section in FPT_PWR_EXT.1 in the FDE EE SD v2.0 shall be replaced by:
 
"The evaluator shall confirm that for each listed Compliant state all key/key materials are removed from volatile memory by using the test indicated by the selection in FCS_CKM_EXT.6."
 
 
 
The Test section in FPT_PWR_EXT.2 in the FDE EE SD v2.0 shall be replaced by:
 
"The evaluator shall trigger each condition in the list of identified conditions and ensure the TOE ends up in a Compliant power saving state by using the test indicated by the selection in FCS_CKM_EXT.6." 


 

For further information, please see the FIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/FITDecision201806.pdf

Justification

 

See issue description.

 
 
Site Map              Contact Us              Home