<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body>
<p><font face="Calibri">Hi Inigo,</font></p>
<p><font face="Calibri">I also am aware of 4-5 suppliers of USB
crypto tokens supporting RSA 3072, regardless of FIPS or CC.
That is not the problem I raised.</font></p>
<p><font face="Calibri">My concern is that §16.3, point 2, of the
CSBR is ambiguous (to me) as to what is supposed to be
"certified" (either FIPS or CC):</font></p>
<p><font face="Calibri">
<blockquote type="cite">A hardware crypto module with a unit
design form factor certified as conforming to at
least FIPS 140 Level 2, Common Criteria EAL 4+<strike>, or
equivalent</strike>. </blockquote>
</font></p>
<p><font face="Calibri">This is likely my fault, but I am not clear
what "unit design form factor" </font><font face="Calibri"><font
face="Calibri"><font face="Calibri">exactly </font>means</font>,
and I would appreciate very much anybody pointing me to any FIPS
or CC certification reports wherein this term is used. <br>
</font></p>
<p><font face="Calibri">As far as I know, a "form factor" is the
particular design, shape, assembly and wiring of a functionally
self-contained electronic component, such as a PCB including
microchip(s) and other auxiliary components.<br>
</font></p>
<p><font face="Calibri">A crypto device is like an onion, being
comprised of:</font></p>
<ul>
<li><font face="Calibri"><b>hardware platform</b> (a
microcontroller, tipically including a crypto co-processor);<br>
</font></li>
<li><font face="Calibri"><b>card operating system</b> (COS), which
can either be either mono- or multi-application (e.g.
Javacard); <br>
</font></li>
<li><font face="Calibri">where applicable, an <b>applet</b>. If
the COS is multi-application, a suitable PKI application
(mostly referred to as "applet") must be installed into the
chip at the production plant, for the device to be usable. A
multi-app COS, such as the Javacard platform, does not expose
</font><font face="Calibri"><font face="Calibri">by itself </font>any
crypto and key management functionalities in a way that's
usable by the host: a suitable Java applet is needed,
supporting </font><font face="Calibri"><font face="Calibri">specific
commands (APDUs), </font>a specific file system, specific
PKCS11/CSP object attributes, enforcing a specific set of
security principles, etc.</font></li>
<li><font face="Calibri">a case with I/O and power supply contacts<br>
</font></li>
</ul>
<p><font face="Calibri"><font face="Calibri">Where the device is
Javacard based, the security of the whole device critically </font></font><font
face="Calibri"><font face="Calibri"><font face="Calibri"><font
face="Calibri">depends </font></font>on the design of the
PKI applet, that's why Javacard-based devices designed for
specific usages (e..g. digital signatures) always require this
applet to be certified as well (not just the COS). Would we be
happy to use a Javacard-based device running an applet that
nobody has ever verified to be actually secure? Of course we
may, if that's what the WG believes to be the way to go.<br>
</font>
</font></p>
<p><font face="Calibri"> </font></p>
<p><font face="Calibri">But what does it mean for the "hardware
crypto module" to be either FIPS or CC certified ? Does it mean
that at least the hardware platform (the microchip) must be
certified? In this case we have plenty microchips on the market
meeting this requirement. Does it mean that the COS must (also)
be certified? </font><font face="Calibri">In this case we have
a lesser number of suitable choices, but still comfortable. Or,
does it mean that the applet must (also) be certified? In this
case, we have a very small choice, to date.<br>
</font></p>
<p><font face="Calibri">My understanding from the last CSWG call, is
that some of the WG members believe it to be sufficient that the
COS be certified (or even just the HW?). IMO, this is not clear
from the current CSBR language. I would suggest to drop the "</font><font
face="Calibri"><font face="Calibri">unit design form factor</font>"
term, and specify instead that the hardware crypto module must
be based on a FIPS or CC certified COS (if this is the desired
interpretation). Let me clarify that I would not object to this
choice, if the WG believes is the right one. <br>
</font></p>
<p><font face="Calibri">I am not trying to play the "purist", just
trying to raise attention and get explanations on some aspects
that are not clear to me at this time.<br>
</font></p>
<p><font face="Calibri">How about adding to the CSBR the definitions
of these two terms in section 4 ?<br>
</font></p>
<ul>
<li>hardware crypto module<br>
</li>
<li><font face="Calibri">unit design form factor<br>
</font></li>
</ul>
<font face="Calibri">Adriano</font>
<p><font face="Calibri"><br>
</font></p>
<div class="moz-cite-prefix">Il 26/03/2021 12:37, Inigo Barreira ha
scritto:<br>
</div>
<blockquote type="cite"
cite="mid:DM6PR17MB3116FA58C4EAC910101942C381619@DM6PR17MB3116.namprd17.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style>@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;}p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;}span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}div.WordSection1
{page:WordSection1;}</style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US">Hi
Adriano,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">Sorry for jumping late here but I´m restarting
with the CABF issues and am still in the process
</span><span
style="font-size:11.0pt;font-family:Wingdings;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">L</span><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">Regarding your question, we can differentiate
between those USB&smartcards and the HSMs. So, for the
first, we´ve found some others, but it´s true that there are
not many but we´re aware of 3-4 additional providers. In the
HSM space, I see no problems.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">Regards<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US"><o:p> </o:p></span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0cm
0cm 0cm 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"
lang="EN-US">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"
lang="EN-US"> Cscwg-public
<a class="moz-txt-link-rfc2396E" href="mailto:cscwg-public-bounces@cabforum.org"><cscwg-public-bounces@cabforum.org></a>
<b>On Behalf Of </b>Adriano Santoni via Cscwg-public<br>
<b>Sent:</b> miércoles, 17 de marzo de 2021 16:08<br>
<b>To:</b> <a class="moz-txt-link-abbreviated" href="mailto:cscwg-public@cabforum.org">cscwg-public@cabforum.org</a><br>
<b>Subject:</b> [Cscwg-public] Re FIPS tokens
supporting RSA 3072<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:solid black 1.0pt;padding:2.0pt 2.0pt 2.0pt
2.0pt">
<p class="MsoNormal"
style="line-height:12.0pt;background:#FAFA03"><span
style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:black">CAUTION:
This email originated from outside of the organization.
Do not click links or open attachments unless you
recognize the sender and know the content is safe.<o:p></o:p></span></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p><span style="font-family:"Calibri",sans-serif">I
already posted this question yesterday, but apparently
it did not get through.</span><o:p></o:p></p>
<p><span style="font-family:"Calibri",sans-serif">I
was asking: is the SafeNet eToken 5110 CC the only FIPS
token supporting RSA 3072 available on the market?</span><o:p></o:p></p>
<p><span style="font-family:"Calibri",sans-serif">I
am investigating this matter myself, and although I am
not finished it seems there aren't many... possibly just
one.
</span><o:p></o:p></p>
<p><span style="font-family:"Calibri",sans-serif">If
so, it would be a rather unfortunate situation
competition-wise.</span><o:p></o:p></p>
<p>Adriano<o:p></o:p></p>
<p><o:p> </o:p></p>
</div>
</div>
</div>
</blockquote>
</body>
</html>