NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0373:  RSA-based Key Establishment

Publication Date
2018.12.11

Protection Profiles
MOD_VPN_CLI_V2.1

Other References
FCS_CKM.1.1, FCS_CKM.2.1

Issue Description

RSA-based key establishment schemes are no longer mandated in the App PP. As a result, for VPN Client PP-Module should not mandate RSA-based key establisment schemes when APP PP is the Base-PP. In addition, FCS_CKM.1 is updated to add selection for DH Group 14.

Resolution

Section 5.3.2 FCS_CKM.1 Cryptographic Key Generation is modified as follows:

FCS_CKM.1.1 The application shall [selection: invoke platform-provided functionality, implement functionality] to generate asymmetric cryptographic keys in accordance with a specified cryptographic key generation algorithm

·         [ECC schemes] using [“NIST curves” P-256, P-384 and [selection: P-521, no other curves]] that meet the following: [FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.4];

[selection:

·         [FFC schemes] using cryptographic key sizes of [2048-bit or greater] that meet the following: [FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.1];

·         [FFC Schemes] using Diffie-Hellman group 14 that meet the following: [RFC 3526, Section 3]];

 [selection:

·         [RSA schemes] using cryptographic key sizes of [2048-bit or greater] that meet the following: [FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.3];

·         no other key generation methods

].

For test activities for FCS_CKM.1.1 in the SD, Section 2.3.2.1.1, the following text shall be added:

"Testing for FFC Schemes using Diffie-Hellman group 14 is done as part of testing in CKM.2.1."

No change is made to the Application Note.

FCS_CKM.2.1 in Section 5.3.2 is replaced as follows:

FCS_CKM.2.1     The application shall [selection: invoke platform-provided functionality, implement functionality] to perform cryptographic key establishment in accordance with a specified cryptographic key establishment method:

·         [Elliptic curve-based key establishment schemes] that meets the following: [NIST Special Publication 800-56A, “Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography”]; and

[selection:

·         [Finite field-based key establishment schemes] that meets the following: [NIST Special Publication 800-56A, “Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography”],

·         Key establishment scheme using Diffie-Hellman group 14 that meets the following: RFC 3526, Section 3]; and

 [selection:

 

·         [RSA-based key establishment schemes] that meets the following: [NIST Special Publication 800-56B, “Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography”],

·         No other schemes.]

Application Note:  This SFR differs from its definition in the App PP by moving elliptic curve-based key establishment schemes from selectable to mandatory (due to the mandated support for DH groups 19 and 20 in FCS_IPSEC_EXT.1.8). It also provides the ability to claim either NIST SP 800-56A or RFC 3526 for key establishment using finite field cryptography. One of these two claims must be made in support of DH group 14 in FCS_IPSEC_EXT.1.8.

Justification

See issue description.

 
 
Site Map              Contact Us              Home