Archived
TD0084: P-256 is Optional in MDM v2.0
Publication Date
2016.03.08
Protection Profiles
PP_MDM_V2.0
Other References
PP_MDM_V2.0, FCS_CKM.1.1, FCS_COP.1.1(3)
Issue Description
Based on NSA/IAD guidance on Commercial National Security Algorithm Suite and Quantum Computing from January 2016, the inclusion of P-256 should no longer be mandatory in the MDM PP. This Technical Decision is moving P-256 to an optional selection. Resolution
Under FCS_CKM.1.1, the second bullet for ECC schemes is being revised to read: FCS_CKM.1.1 Refinement: The [selection: TSF, TOE platform] shall generate asymmetric cryptographic keys in accordance with a specified cryptographic key generation algorithm [selection:
].
Under FCS_COP.1.1(3), the second bullet for ECDSA schemes is being revised to read: FCS_COP.1.1(3) Refinement: The [selection: TSF, TOE platform] shall perform cryptographic signature services (generation and verification) in accordance with a specified cryptographic algorithm [selection:
]. Justification
P-256 is moving to an optional selection based on new IA guidance. |