GM/T 0008-2012 PDF English
Search result: GM/T 0008-2012 English: PDF (GM/T0008-2012)
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Name of Chinese Standard | Status |
| GM/T 0008-2012 | English | 145 |
Add to Cart
|
0-9 seconds. Auto-delivery.
|
Cryptography test criteria for security IC
| Valid |
PDF Preview: GM/T 0008-2012
GM/T 0008-2012: PDF in English (GMT 0008-2012) GM/T 0008-2012
GM
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
RECORD NO.. 38306-2013
Cryptography test criteria for security IC
ISSUED ON. NOVEMBER 22, 2012
IMPLEMENTED ON. NOVEMBER 22, 2012
Issued by. State Cryptography Administration
Table of Contents
Foreword ... 4
Introduction .. 5
1 Scope .. 6
2 Normative references ... 6
3 Terms, definitions and abbreviations ... 6
3.1 Terms and definitions ... 6
3.2 Abbreviations ... 10
4 Classification of security levels .. 10
4.1 Security level 1 .. 10
4.2 Security level 2 .. 10
4.3 Security level 3 ... 11
5 Cryptographic algorithm ... 11
5.1 Random number generator ... 11
5.2 Block cipher algorithm ... 12
5.3 Public key cipher algorithm ... 13
5.4 Hash cipher algorithm ... 14
5.5 Stream cipher algorithm ... 14
6 Security chip interface ... 15
6.1 Physical interface ... 15
6.2 Logical interface ... 15
7 Key management .. 16
7.1 Generation ... 16
7.2 Storage .. 17
7.3 Usage .. 17
7.4 Update ... 17
7.5 Import .. 18
7.6 Export .. 18
7.7 Clearing .. 19
8 Sensitive information protection ... 19
8.1 Storage .. 19
8.2 Clearing .. 20
8.3 Operation .. 20
8.4 Transmission .. 21
9 Firmware security .. 21
9.1 Storage .. 21
9.2 Implementation.. 22
9.3 Import .. 22
10 Self-test ... 23
10.1 Security level 1 ... 23
10.2 Security level 2 ... 23
10.3 Security level 3 ... 23
11 Audit ... 23
11.1 Security chip identifier ... 23
11.2 Life cycle identifier ... 24
12 Attack mitigation and protection ... 24
12.1 Layout protection .. 24
12.2 Self-destruction of keys and sensitive information ... 25
12.3 Timing attack protection ... 25
12.4 Protection against power analysis attack ... 26
12.5 Protection to EM analysis attack .. 26
12.6 Protection to fault attack... 27
13 Life cycle assurance ... 27
13.1 Organization qualifications .. 27
13.2 Documentation ... 28
13.3 Development environment security ... 28
13.4 Personnel ... 29
13.5 Development process ... 29
13.6 Source file ... 30
Bibliography ... 31
Foreword
This Standard was drafted in accordance with the rules given in GB/T 1.1-2009.
Attention is drawn to the possibility that some of the elements of this document
may be the subject of patent rights. The issuer of this document shall not be
held responsible for identifying any or all such patent rights.
This Standard was proposed by and shall be under the jurisdiction of the State
Cryptography Administration.
The drafting organizations of this Standard. Commercial Cryptography Testing
Centre of State Cryptography Administration, State Key Laboratory of
Information Security, Tsinghua University, Beijing Hongsi Electronic
Technologies Co., Ltd., Nationz Technologies Co., Ltd., Beijing CEC Huada
Electronic Design Co., Ltd., Zhejiang University, Shenzhen Institutes of
Advanced Technology of Chinese Academy of Sciences, Datang
Microelectronics Co., Ltd., Beijing Xinguang-Tiandi IC Design Co., Ltd.,
Chengdu University of Information Technology.
The main drafters of this Standard. Li Dawei, Zhou Yongbin, Luo Peng, Liu Jiye,
Zhang Jianren, Zhang Wenjing, Zhang Yiwei, Chen Lizhi, Ye Yin, Shen Haibin,
Li Huiyun, Sun Dongyu, Xiong Yanping, Liu Hongwei, Chen Yun, Wu Zhen, Mao
Yingying.
Cryptography test criteria for security IC
1 Scope
This Standard specifies three security levels of security capabilities which
increase in sequence and the cryptographic test requirements which are
applicable to the security chips of all security levels.
This Standard applies to both the cryptographic test of security chips and the
development of security chips.
2 Normative references
The following referenced documents are indispensable for the application of
this document. For dated references, only the edition dated applies to this
document. For undated references, the latest edition of the referenced
documents (including all amendments) applies to This Standard.
GM/T 0005, Randomness test specification
3 Terms, definitions and abbreviations
3.1 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
3.1.1
key
Key information or parameters which control cryptographic transformation
operation.
3.1.2
sensitive information
Data in security chips which requires protection, except keys.
3.1.3
security chip
Integrated circuit chips which contain cryptographic algorithms and security
functions and can implement key management mechanisms.
3.1.4
security capability
Direct or indirect assurance and protective measures which are provided by
security chips for keys and sensitive information.
3.1.5
block cipher operation mode
The operation mode of block cipher algorithm, mainly including electronic code
book mode (ECB), cipher block chaining mode (CBC), cipher feedback mode
(CFB), output feedback mode (OFB), counter mode (CTR), etc.
3.1.6 public key cipher application mode
The application mode of public key cipher algorithm, mainly including
encryption/decryption, signature/verification, key agreement, etc.
3.1.7
operation speed of cryptographic algorithm
Maximum data size that security chips can process within the unit time of
cryptographic algorithm implementation.
3.1.8
physical random source
Source blocks of random sequences which is generated by the uncertainty of
physical noise.
3.1.9
firmware
Procedure codes which is solidified in security chips, controlling and
coordinating the cryptography and security functions of security chips.
3.1.10
hardware
such scenarios, security chips shall have basic protective capabilities for all
kinds of security risks.
4.3 Security level 3
Security level 3 specifies the high security level requirements that the security
capabilities of security chips can meet. Based on security level 2, security level
3 specifies the logical and/or physical protective measures that security chips
shall have. Security level 3 requires security chips to provide high protection for
keys and sensitive information; requires them to have the logical and/or
physical security mechanism which is capable of providing complete protection
for keys and sensitive information; requires them to be capable of defending all
attacks specified in this Standard; requires test applicants to be capable of
proving the effectiveness of relevant protective measures; and requires them to
have complete life cycle assurances.
Security chips of security level 3 can be applied in the application scenarios in
which the external operating environment for their deployment is incapable of
ensuring their physical safety and the safety of input and output information. In
such scenarios, security chips shall have comprehensive protective capabilities
for all kinds of security risks.
5 Cryptographic algorithm
5.1 Random number generator
5.1.1 Security level 1
a) Security chips shall have at least 2 physical random sources independent
to each other, which directly generate random numbers or the initial input
of random number extension algorithm. The random numbers directly
generated by or the initial input of random number extension algorithm
generated by physical random sources shall be generated through
exclusive-OR operation of all the output of physical random sources.
b) Within the operating conditions of temperature which are supported by
security chips, set three operating conditions including temperature upper
limit, temperature lower limit and room temperature, and the random
numbers generated by security chips shall meet the randomness test
requirements specified in GM/T 0005.
5.1.2 Security level 2
a) Security chips shall have at least 4 physical random sources independent
to each other, which directly generate random numbers or the initial input
of random number extension algorithm. The random numbers directly
Based on security level 2.
a) The stream cipher algorithms supported by security chips shall be
implemented using special hardware circuits.
b) Security chips themselves can determine the correctness of the stream
cipher algorithms supported by them.
6 Security chip interface
6.1 Physical interface
6.1.1 Security level 1
a) The physical interfaces supported by security chips shall not contain
covert channels.
b) The operation data shall be consistent, which is input and output by
different physical interfaces supported by security chips.
c) If security chips support the random number generation function, all the
random numbers output by the physical interfaces supported by security
chips are capable of passing the randomness test.
6.1.2 Security level 2
Based on security level 1, security chips shall not contain any physical interface
exce...
......
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.
|