Archived
TD0071: Use of SHA-512 in ESM PPs
Publication Date
2015.12.03
Protection Profiles
PP_ESM_AC_V2.1, PP_ESM_ICM_V2.1, PP_ESM_PM_V2.1
Other References
Issue Description
FCS-COP.1(3) within the ESM Protection Profiles is limited to SHA1, SHA256, and SHA384. This needs to be expanded to include SHA512.
The wording currently Reads: FCS_COP.1(3) Cryptographic Operation (for Cryptographic Hashing)
Hierarchical to: No other components. FCS_COP.1.1(3) Refinement: The TSF shall perform cryptographic hashing services in accordance with a specified cryptographic algorithm [selection: SHA-1, SHA-256, SHA-384] and message digest sizes [selection: 160, 256, 384] bits that meet the following: FIPS Pub 180-3, “Secure Hash Standard.” Resolution
The wording is being revised to: FCS_COP.1(3) Cryptographic Operation (for Cryptographic Hashing)
Hierarchical to: No other components. FCS_COP.1.1(3) Refinement: The TSF shall perform cryptographic hashing services in accordance with a specified cryptographic algorithm [selection: SHA-1, SHA-256, SHA-384, SHA512] and message digest sizes [selection: 160, 256, 384, 512] bits that meet the following: FIPS Pub 180-3, “Secure Hash Standard.” Justification
The SHA512 algorithm is suitable for use and being added as a selection. |