TD0455: NIST SP800-133 keygen methods for FAK/FEK Generation
Publication Date
2019.10.18
Protection Profiles
MOD_FE_V1.0
Other References
FDP_AUT_EXT.2.9, FCS_CKM_EXT.2.1
Issue Description
Optional SFR FDP_AUT_EXT.2.9 states that the FAK will be generated using a RBG. The Guidance Assurance Activity states, “It is encouraged for every implementation to use a FAK that is wholly different and independently generated from the FEK”. NIST SP 800-133r1 compliant key generation methods would meet the intent of the SFR. Similarly, mandatory SFR FCS_CKM_EXT.2.1 has a selection that allows the ST writer to generate FEK cryptographic keys using a RBG or derived from a password. The selection should include NIST SP 800-133r1 compliant key generation methods. Resolution
MOD_FE_V1.0FDP_AUT_EXT.2.9 shall be modified as follows, using underlines to mark additions: FDP_AUT_EXT.2.9 The FAK will be generated using [selection: a RBG that meets FCS_RBG_EXT.1 (from [AppPP]), key generation methods compliant with NIST SP 800-133r1].
FCS_CKM_EXT.2.1 shall be modified as follows, using underlines to mark additions: FCS_CKM_EXT.2.1 The TSF shall [selection: · Accept FEK from an enterprise management server, · Generate FEK cryptographic keys [selection:
] ]. Application Note: For keys generated from a password, even if referencing NIST SP 800-133r1 for password-based key genration, "derived from a password/passphrase that is conditioned as defined in FCS_CKM_EXT.6" must be selected so that FCS_CKM_EXT.6 is included.
MOD_FE_V1.1-SDFDP_AUT_EXT.2 shall be modified as follows, using underlines to mark additions: FDP_AUT_EXT.2 TSS The evaluator shall check the TSS section to confirm that it describes how a request for each type of supported resource (file
Conditional: Conditional: If 'key generation methods compliant with NIST SP 800-133r1' was selected, the evaluator shall verify that the TSS describes how the functionality described by NIST SP 800-33r1 is implemented to generate the FAK. The evaluator shall verify that the description of the key generation method matches the methods described in SP 800-133r1 and that the FAK is chained to an approved RBG.
FCS_CKM_EXT.2.1 shall be modified as follows, using underlines to mark additions: FCS_CKM_EXT.2.1 TSS Conditional: Conditional: Conditional:
Justification
See issue description. |