Archived
TD0326: RSA-based key establishment schemes
Publication Date
2018.05.21
Protection Profiles
PP_APP_v1.2
Other References
FCS_CKM.1, FCS_CKM.2, FCS_TLSS_EXT.1.3
Issue Description
If an ST author chooses any options other than TLS-RSA (i.e. DHE, ECDHE, etc.) for a TOE that does not use RSA-based key establishment schemes then FCS_CKM.2 as currently defined should not apply as it is inconsistent with FCS_TLSS_EXT.1.3. Resolution
This TD supersedes TD0293. This TD also supersedes TD0107 for AppSW v1.2 only. FCS_CKM.1.1(1) is replaced as follows: The application shall [selection: invoke platform-provided functionality, implement functionality] to generate asymmetric cryptographic keys in accordance with a specified cryptographic key generation algorithm [selection: [RSA schemes] using cryptographic key sizes of [2048-bit or greater] that meet the following: [FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.3]; [ECC schemes] using [“NIST curves” P-256, P-384 and [selection: P-521 , no other curves ] ] that meet the following: [FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.4] , [FFC schemes] using cryptographic key sizes of [2048-bit or greater] that meet the following: [FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.1] ] . This requirement depends upon selection in FCS_CKM_EXT.1.1.
Application Note: The ST author shall select all key generation schemes used for key establishment and entity authentication. When key generation is used for key establishment, the schemes in FCS_CKM.2.1 and selected cryptographic protocols must match the selection. When key generation is used for entity authentication, the public key is expected to be associated with an X.509v3 certificate.
FCS_CKM.2.1 is replaced as follows:
The application shall [selection: invoke platform-provided functionality , implement functionality ] to perform cryptographic key establishment in accordance with a specified cryptographic key establishment method: [selection:
[RSA-based key establishment schemes] that meets the following: [NIST Special Publication 800-56B, “Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography”], [Elliptic curve-based key establishment schemes] that meets the following: [NIST Special Publication 800-56A, “Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography”] , [Finite field-based key establishment schemes] that meets the following: [NIST Special Publication 800-56A, “Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography”] ] .
This requirement depends upon selection in FCS_TLSC_EXT.1.1.
Application Note: The ST author shall select all key establishment schemes used for the selected cryptographic protocols. FCS_TLSC_EXT.1 allows for cipher suites that use RSA-based key establishment schemes.
FCS_TLSS_EXT.1.3 is replaced as follows:
FCS_TLSS_EXT.1.3: The application shall generate key establishment parameters using using [selection: RSA with key size [selection: 2048 bits, 3072 bits, 4096 bits], ECDHE over NIST curves [selection: secp256r1, secp384r1, secp521r1] and no other curves, Diffie-Hellman parameters of size [selection: 2048 bits, 3072 bits]].
Justification
See issue description. |