<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body>
<p><font face="Calibri">All,</font></p>
<p><font face="Calibri">after examining several FIPS PUB 140-2
certifications and considering the meaning of the term "crypto
module" in that context, I would say that the requirement in
§16.3 item 2 cannot but refer to the crypto device <u>as a
whole</u> (HW + FW + SW), regardless of which of its internal
components are (or are not) individually certified. It also
seems to me that, in the light of the recent WG call, this is
the most shared interpretation. <br>
</font></p>
<p><font face="Calibri">Therefore, a device such as the one that
Tomas has mentioned as an example, obviously does not meet the
certification requirement in §16.3 item 2 , as it is a device
that - as a whole - does not possess any type of certification
(nor FIPS nor CC). I hope we all agree on this. If not, then my
take is that §16.3 item 2 must be rewritten (after establishing
what the intended requirement is). <br>
</font></p>
<p><font face="Calibri">I'd love to get feedbacks.</font></p>
<p><font face="Calibri">Adriano</font></p>
<p><font face="Calibri"></font><br>
</p>
<div class="moz-cite-prefix">Il 26/03/2021 15:03, Inigo Barreira ha
scritto:<br>
</div>
<blockquote type="cite"
cite="mid:DM6PR17MB31160989183187BF494DE45B81619@DM6PR17MB3116.namprd17.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style>@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;}p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;}span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:#1F497D;}span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}div.WordSection1
{page:WordSection1;}ol
{margin-bottom:0cm;}ul
{margin-bottom:0cm;}</style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">Correct Adriano. The ones I´ve listed in the
other email are CC or/and FIPS certified and in the features
some list the certification of the hardware and the software
and not all are on the same level or only one of the two.
But it´s true, that we´d need to clarify what kind of
certification we´re looking for. We could stick to the point
that the device, that is the hardware itself, is listed as
CC or FIPS and show auditors the certificates. Or just the
OS. If we´re going to the point to distinguish what part is
certified and require it then it would be a problem if we
have to differentiate from hardw and softw, which one is
best, or remove some possible suppliers from the list, so
I´d leave it as much open possible but clearly indicating
what we require. <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US"><o:p> </o:p></span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0cm
0cm 0cm 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"
lang="EN-US">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"
lang="EN-US"> Adriano Santoni
<a class="moz-txt-link-rfc2396E" href="mailto:adriano.santoni@staff.aruba.it"><adriano.santoni@staff.aruba.it></a> <br>
<b>Sent:</b> viernes, 26 de marzo de 2021 14:26<br>
<b>To:</b> Inigo Barreira
<a class="moz-txt-link-rfc2396E" href="mailto:Inigo.Barreira@sectigo.com"><Inigo.Barreira@sectigo.com></a>;
<a class="moz-txt-link-abbreviated" href="mailto:cscwg-public@cabforum.org">cscwg-public@cabforum.org</a><br>
<b>Subject:</b> Re: [Cscwg-public] Re FIPS tokens
supporting RSA 3072<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p><span style="font-family:"Calibri",sans-serif">Hi
Inigo,</span><o:p></o:p></p>
<p><span style="font-family:"Calibri",sans-serif">I
also am aware of 4-5 suppliers of USB crypto tokens
supporting RSA 3072, regardless of FIPS or CC. That is not
the problem I raised.</span><o:p></o:p></p>
<p><span style="font-family:"Calibri",sans-serif">My
concern is that §16.3, point 2, of the CSBR is ambiguous
(to me) as to what is supposed to be "certified" (either
FIPS or CC):</span><o:p></o:p></p>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif">A
hardware crypto module with a unit design form factor
certified as conforming to at least FIPS 140 Level 2,
Common Criteria EAL 4+<s>, or equivalent</s>. <o:p></o:p></span></p>
</blockquote>
<p><span style="font-family:"Calibri",sans-serif">This
is likely my fault, but I am not clear what "unit design
form factor" exactly means, and I would appreciate very
much anybody pointing me to any FIPS or CC certification
reports wherein this term is used. </span><o:p></o:p></p>
<p><span style="font-family:"Calibri",sans-serif">As
far as I know, a "form factor" is the particular design,
shape, assembly and wiring of a functionally
self-contained electronic component, such as a PCB
including microchip(s) and other auxiliary components.</span><o:p></o:p></p>
<p><span style="font-family:"Calibri",sans-serif">A
crypto device is like an onion, being comprised of:</span><o:p></o:p></p>
<ul type="disc">
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1"><b><span
style="font-family:"Calibri",sans-serif">hardware
platform</span></b><span
style="font-family:"Calibri",sans-serif"> (a
microcontroller, tipically including a crypto
co-processor);</span><o:p></o:p></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1"><b><span
style="font-family:"Calibri",sans-serif">card
operating system</span></b><span
style="font-family:"Calibri",sans-serif">
(COS), which can either be either mono- or
multi-application (e.g. Javacard); </span><o:p></o:p></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1"><span
style="font-family:"Calibri",sans-serif">where
applicable, an <b>applet</b>. If the COS is
multi-application, a suitable PKI application (mostly
referred to as "applet") must be installed into the chip
at the production plant, for the device to be usable. A
multi-app COS, such as the Javacard platform, does not
expose by itself any crypto and key management
functionalities in a way that's usable by the host: a
suitable Java applet is needed, supporting specific
commands (APDUs), a specific file system, specific
PKCS11/CSP object attributes, enforcing a specific set
of security principles, etc.</span><o:p></o:p></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1"><span
style="font-family:"Calibri",sans-serif">a
case with I/O and power supply contacts</span><o:p></o:p></li>
</ul>
<p><span style="font-family:"Calibri",sans-serif">Where
the device is Javacard based, the security of the whole
device critically depends on the design of the PKI applet,
that's why Javacard-based devices designed for specific
usages (e..g. digital signatures) always require this
applet to be certified as well (not just the COS). Would
we be happy to use a Javacard-based device running an
applet that nobody has ever verified to be actually
secure? Of course we may, if that's what the WG believes
to be the way to go.</span><o:p></o:p></p>
<p><span style="font-family:"Calibri",sans-serif">But
what does it mean for the "hardware crypto module" to be
either FIPS or CC certified ? Does it mean that at least
the hardware platform (the microchip) must be certified?
In this case we have plenty microchips on the market
meeting this requirement. Does it mean that the COS must
(also) be certified? In this case we have a lesser number
of suitable choices, but still comfortable. Or, does it
mean that the applet must (also) be certified? In this
case, we have a very small choice, to date.</span><o:p></o:p></p>
<p><span style="font-family:"Calibri",sans-serif">My
understanding from the last CSWG call, is that some of the
WG members believe it to be sufficient that the COS be
certified (or even just the HW?). IMO, this is not clear
from the current CSBR language. I would suggest to drop
the "unit design form factor" term, and specify instead
that the hardware crypto module must be based on a FIPS or
CC certified COS (if this is the desired interpretation).
Let me clarify that I would not object to this choice, if
the WG believes is the right one. </span><o:p></o:p></p>
<p><span style="font-family:"Calibri",sans-serif">I
am not trying to play the "purist", just trying to raise
attention and get explanations on some aspects that are
not clear to me at this time.</span><o:p></o:p></p>
<p><span style="font-family:"Calibri",sans-serif">How
about adding to the CSBR the definitions of these two
terms in section 4 ?</span><o:p></o:p></p>
<ul type="disc">
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1
level1 lfo2">hardware crypto module<o:p></o:p></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1
level1 lfo2"><span
style="font-family:"Calibri",sans-serif">unit
design form factor</span><o:p></o:p></li>
</ul>
<p class="MsoNormal"><span
style="font-family:"Calibri",sans-serif">Adriano</span>
<o:p></o:p></p>
<p><o:p> </o:p></p>
<div>
<p class="MsoNormal">Il 26/03/2021 12:37, Inigo Barreira ha
scritto:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US">Hi
Adriano,</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">Sorry for jumping late here but I´m
restarting with the CABF issues and am still in the
process </span><span
style="font-size:11.0pt;font-family:Wingdings;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">L</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">Regarding your question, we can
differentiate between those USB&smartcards and the
HSMs. So, for the first, we´ve found some others, but
it´s true that there are not many but we´re aware of 3-4
additional providers. In the HSM space, I see no
problems.</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">Regards</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US"> </span><o:p></o:p></p>
<div style="border:none;border-left:solid blue
1.5pt;padding:0cm 0cm 0cm 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"
lang="EN-US">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"
lang="EN-US"> Cscwg-public <a
href="mailto:cscwg-public-bounces@cabforum.org"
moz-do-not-send="true"><cscwg-public-bounces@cabforum.org></a>
<b>On Behalf Of </b>Adriano Santoni via
Cscwg-public<br>
<b>Sent:</b> miércoles, 17 de marzo de 2021 16:08<br>
<b>To:</b> <a
href="mailto:cscwg-public@cabforum.org"
moz-do-not-send="true">cscwg-public@cabforum.org</a><br>
<b>Subject:</b> [Cscwg-public] Re FIPS tokens
supporting RSA 3072</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<div style="border:solid black 1.0pt;padding:2.0pt 2.0pt
2.0pt 2.0pt">
<p class="MsoNormal"
style="line-height:12.0pt;background:#FAFA03"><span
style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:black">CAUTION:
This email originated from outside of the
organization. Do not click links or open attachments
unless you recognize the sender and know the content
is safe.</span><o:p></o:p></p>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<p><span
style="font-family:"Calibri",sans-serif">I
already posted this question yesterday, but
apparently it did not get through.</span><o:p></o:p></p>
<p><span
style="font-family:"Calibri",sans-serif">I
was asking: is the SafeNet eToken 5110 CC the only
FIPS token supporting RSA 3072 available on the
market?</span><o:p></o:p></p>
<p><span
style="font-family:"Calibri",sans-serif">I
am investigating this matter myself, and although I
am not finished it seems there aren't many...
possibly just one. </span><o:p></o:p></p>
<p><span
style="font-family:"Calibri",sans-serif">If
so, it would be a rather unfortunate situation
competition-wise.</span><o:p></o:p></p>
<p>Adriano<o:p></o:p></p>
<p> <o:p></o:p></p>
</div>
</div>
</blockquote>
</div>
</div>
</blockquote>
</body>
</html>