NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0381:  FCS_SMIME_EXT.1 Test 3

Publication Date
2018.12.27

Protection Profiles
PP_APP_EMAILCLIENT_EP_v2.0

Other References
FCS_SMIME_EXT.1.1

Issue Description

Test 3, which focuses on encryption, contains the following text: "After verifying the message decrypts, the evaluator shall send an encrypted message using each of the algorithms specified in the ST and use a man-in-the-middle tool to modify at least one byte of the message such that the encryption is no longer valid. The evaluator shall verify that the received message fails to decrypt."  This reads as an integrity test, but RFC5751 states that "It is important to note that sending enveloped but not signed messages does not provide for data integrity.  It is possible to replace ciphertext in such a way that the processed message will still be valid, but the meaning can be altered."

Resolution

Test 3 shall be rewritten as follows:

a) The evaluator shall send an encrypted message from the TOE to an OE receiver using each of the algorithms specified in the ST. The evaluator shall verify that each message is encrypted and the OE receiver can successfully decrypt each message.

 

b) The evaluator shall use the OE receiver to send an encrypted reply back to the TOE for each message sent in a). The evaluator shall verify that each reply is encrypted and the TOE can successfully decrypt each reply.

Justification

See issue description. Integrity is tested in Test 2.

 
 
Site Map              Contact Us              Home