[Cscwg-public] Presentation on common criteria from call April 8, 2021

Adriano Santoni adriano.santoni at staff.aruba.it
Tue Apr 13 10:10:27 UTC 2021

Thank you Tomas.

I checked better and I have to admit that I wrote something wrong, 
previously. In fact, there are several FIPS 140-2 certifications 
relating to "crypto modules" identified as a combination of HW (e.g. a 
certain type of microprocessor) and FW (typically a specific Java Card 
platform), thus excluding the SW component (typically an applet) where 
applicable -- which however is always necessarily present on a Java Card 

So, if in §16.3 the term "hardware crypto module" means the above, then 

there certainly are some devices on the market that formally comply with 
the requirements of §16.3 even if they obviously owe their operation to 

an applet installed on them ( e.g. the OpenPGP applet to mention a real 
case) which was left outside the scope of the FIPS evaluation. As for 
the role of such an applet, judging by the lack of feedback, I 
understand that the issue is considered non-existent or irrelevant by 
the WG, and I have decided to let it go.

In conclusion, if everyone agrees that in §16.3 "hardware cryptographic 

module" can mean a combination of HW and FW with FIPS 140-2 (or 140-3) 
certification, possibly leaving out the applet (or equivalent) installed 
"on top" of it , where applicable, then that's okay with me too. The 
important thing, as far as I'm concerned, is that the interpretation is 
clear. I will not suggest revisions to the CSBR if they are not deemed 

Just a few words about the other certification type, namely the CC. 
While FIPS 140-2 certification refers to very specific and 
pre-established criteria and functionalities, the same is not true for 
CC certification, as Tomas correctly pointed out. A CC certification 
means nothing except in light of the specific Protection Profile (PP) or 
Security Target (ST) on which it is based, and the latter may or may not 
include the security features implied by CSBR; in fact, a device can 
have CC EAL4 + certification without necessarily offering any 
cryptographic functionality. A memory stick may very well be CC certified.

I therefore understand that it is up to the CA (and their auditor) to 
assess whether a given PP or ST is reasonably compliant with the 
security requirements implied by the CSBR, and that it is not considered 
necessary to specify this in the CSBR themselves. If that's the case, 
that's absolutely OK with me. Otherwise, someone corrects me.

I will give a concrete example, but without naming the product. On the 
market there is a device that offers all the functionalities needed in 
this context (key generation, also RSA 4096, signature, key protection), 
but has a CC certification for the HW component only, based on an ST 
that does not cover any of those features (because the HW component in 
itself does not offer them). In my opinion, such a device does not 
satisfy §16.3. Are there different opinions? I would love to know them ....



Il 08/04/2021 19:08, Tomas Gustavsson via Cscwg-public ha scritto:
> Hi,
> Find attached the presentation from todays call.
> I added/removed just a few words, and I enjoy this discussion.
> Regards,
> Tomas
> _______________________________________________
> Cscwg-public mailing list
> Cscwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/cscwg-public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210413/9d6f0bd9/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4557 bytes
Desc: Firma crittografica S/MIME
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210413/9d6f0bd9/attachment-0001.p7s>

More information about the Cscwg-public mailing list