AS/NZS ISO/IEC 19790:2006 This Joint Australian/New Zealand Standard was prepared by Joint Technical Committee IT-012, Information Systems, Security and Identification. It was approved on behalf of the Council of Standards Australia on 23 June 2006 and on behalf of the Council of Standards New Zealand on 30 June 2006. This Standard was published on 26 July 2006.
The following are represented on Committee IT-012: Attorney Generals Department Australian Association of Permanent Building Societies Australian Bankers Association Australian Chamber Commerce and Industry Australian Electrical and Electronic Manufacturers Association Certification Forum of Australia Department of Defence Department of Social Welfare, NZ Government Communications Security Bureau, NZ Internet Industry Association NSW Police Service New Zealand Defence Force Reserve Bank of Australia
COPYRIGHT Standards Australia/Standards New Zealand All rights are reserved. No part of this work may be reproduced or copied in any form or by any means, electronic or mechanical, including photocopying, without the written permission of the publisher. Jointly published by Standards Australia, GPO Box 476, Sydney, NSW 2001 and Standards New Zealand, Private Bag 2439, Wellington 6020 ISBN 0 7337 7620 5
ii
PREFACE
This Standard was prepared by the Joint Standards Australia/Standards New Zealand Committee IT-012, Information Systems, Security and Identification. The objective of this Standard is to provide informative security practitioner with four increasing, qualitative levels of security requirements intended to cover a wide range of potential applications and environments. The security requirements cover areas relative to the design and implementation of a cryptographic module. These areas include cryptographic module ports and interfaces; roles, services, and authentication; finite state model; physical security; operation environment; cryptographic key management; self-tests; design assurance; and mitigation of other attacks.
This is a free 7 page sample. Access the full version at http://infostore.saiglobal.com.
This Standard is identical with, and has been reproduced from ISO/IEC 19790:2006, Information technologySecurity techniquesSecurity requirements for cryptographic modules. As this Standard is reproduced from an international standard, the following applies: (a) (b) (c) Its number appears on the cover and title page while the international standard number appears only on the cover In the source text this International Standard should read this Australian/New Zealand Standard. A full point substitutes for a comma when referring to a decimal marker.
References to International Standards should be replaced by references to Australian or Australian/New Zealand Standards, as follows: Reference to International Standard ISO/IEC 15408 Information technologySecurity techniquesEvaluation criteria for IT security 15408.1 Part 1: Introduction and general model 15408.2 Part 2: Security functional requirements 15408.3 Part 3: Security assurance requirements Australian/New Zealand Standard AS ISO/IEC 15408 Information technologySecurity techniquesEvaluation criteria for IT security 15408.1 Part 1: Introduction and general model 15408.2 Part 2: Security functional requirements 15408.3 Part 3: Security assurance requirements
Only international references that have been adopted as Australian or Australian/New Zealand Standards have been listed. The terms normative and informative have been used in this Standard to define the application of the annex to which they apply. A normative annex is an integral part of a Standard, whereas an informative annex is only for information and guidance.
iii
Contents
CONTENTS
Page
Foreword............................................................................................................................................................ iv Page Introduction ........................................................................................................................................................ v 1 2 3 4 5 5.1 5.2 5.3 5.4 6 7 7.1 7.2 7.3 7.4 7.5 7.6 7.7 7.8 7.9 7.10 Scope ......................................................................................................................................................1 Normative references ............................................................................................................................1 Terms and definitions ...........................................................................................................................1 Abbreviated terms .................................................................................................................................9 Cryptographic module security levels ................................................................................................9 Security Level 1....................................................................................................................................10 Security Level 2....................................................................................................................................10 Security Level 3....................................................................................................................................10 Security Level 4....................................................................................................................................11 Functional security objectives ...........................................................................................................11 Security requirements .........................................................................................................................12 Cryptographic module specification .................................................................................................14 Cryptographic module ports and interfaces.....................................................................................15 Roles, services, and authentication...................................................................................................16 Finite state model ................................................................................................................................18 Physical security..................................................................................................................................19 Operational environment ....................................................................................................................26 Cryptographic key management ........................................................................................................29 Self-tests...............................................................................................................................................31 Design assurance ................................................................................................................................34 Mitigation of other attacks ..................................................................................................................36
Annex A (normative) Documentation requirements......................................................................................38 Annex B (normative) Cryptographic module security policy .......................................................................42 Annex C (normative) Approved protection profiles ......................................................................................44 Annex D (informative) Approved security functions .....................................................................................45 Annex E (informative) Approved key establishment methods .....................................................................47 Annex F (informative) Recommended software development practices.....................................................48 Annex G (informative) Examples of mitigation of other attacks ..................................................................50 Bibliography ......................................................................................................................................................51
iii
iv INTRODUCTION
ISO/IEC 19790:2006(E)
Introduction
In Information Technology there is an ever-increasing need to use cryptographic mechanisms such as the protection of data against unauthorised disclosure or manipulation, for entity authentication and for nonrepudiation. The security and reliability of such mechanisms are directly dependent on the cryptographic modules in which they are implemented. This International Standard provides for four increasing, qualitative levels of security requirements intended to cover a wide range of potential applications and environments. The security requirements cover areas relative to the design and implementation of a cryptographic module. These areas include cryptographic module specification; cryptographic module ports and interfaces; roles, services, and authentication; finite state model; physical security; operational environment; cryptographic key management; self-tests; design assurance; and mitigation of other attacks. The overall security level of a cryptographic module must be chosen to provide a level of security appropriate for the security requirements of the application and environment in which the module is to be utilized and for the security services that the module is to provide. The responsible authority in each organization should ensure that their computer and telecommunication systems that utilize cryptographic modules provide an acceptable level of security for the given application and environment. Since each authority is responsible for selecting which approved security functions are appropriate for a given application, compliance with this International Standard does not imply either full interoperability or mutual acceptance of compliant products. The importance of security awareness and of making information security a management priority should be communicated to all concerned. Information security requirements vary for different applications; organizations should identify their information resources and determine the sensitivity to and the potential impact of a loss by implementing appropriate controls. Controls include, but are not limited to physical and environmental controls; software development; backup and contingency plans; and information and data controls.
These controls are only as effective as the administration of appropriate security policies and procedures within the operational environment. This International Standard will be revised later, if a new work item is approved, in order to improve the links with Common Criteria scheme (ISO/IEC 15408). This International Standard is derived from NIST Federal Information Processing Standard (FIPS) PUB 140-2 (see Bibliography [1]).
INTERNATIONAL STANDARD
ISO/IEC 19790:2006(E)
Scope
This International Standard specifies the security requirements for a cryptographic module utilized within a security system protecting sensitive information in computer and telecommunication systems. This International Standard defines four security levels for cryptographic modules to provide for a wide spectrum of data sensitivity (e.g., low value administrative data, million dollar funds transfers, and life protecting data) and a diversity of application environments (e.g., a guarded facility, an office, and a completely unprotected location). Four security levels are specified for each of 10 requirement areas. Each security level offers an increase in security over the preceding level. While the security requirements specified in this International Standard are intended to maintain the security provided by a cryptographic module, compliance to this International Standard is not sufficient to ensure that a particular module is secure or that the security provided by the module is sufficient and acceptable to the owner of the information that is being protected.
Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 15408 (all parts), Information technology Security techniques Evaluation criteria for IT security ISO/IEC 18031, Information technology Security techniques Random bit generation
For the purposes of this document, the following terms and definitions apply. 3.1 approval authority any national or international organisation/authority mandated to approve and/or evaluate security functions 3.2 approved ISO/IEC approved or approval authority approved 3.3 approved mode of operation mode of the cryptographic module that employs only approved security functions
NOTE mode. Not to be confused with a specific mode of an approved security function, e.g., Cipher Block Chaining (CBC)
COPYRIGHT
This is a free preview. Purchase the entire publication at the link below:
AS/NZS ISO/IEC 19790:2006, Information technology - Security techniques - Security requirements for cryptographic modules
Looking for additional Standards? Visit SAI Global Infostore Subscribe to our Free Newsletters about Australian Standards in Legislation; ISO, IEC, BSI and more Do you need to Manage Standards Collections Online? Learn about LexConnect, All Jurisdictions, Standards referenced in Australian legislation Do you want to know when a Standard has changed? Want to become an SAI Global Standards Sales Affiliate? Learn about other SAI Global Services: LOGICOM Military Parts and Supplier Database Metals Infobase Database of Metal Grades, Standards and Manufacturers Materials Infobase Database of Materials, Standards and Suppliers Database of European Law, CELEX and Court Decisions