GM/T 0059-2018 PDF in English
GM/T 0059-2018 (GM/T0059-2018, GMT 0059-2018, GMT0059-2018)
Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Name of Chinese Standard | Status |
GM/T 0059-2018 | English | 250 |
Add to Cart
|
0-9 seconds. Auto-delivery.
|
Cryptographic server test specifications
| Valid |
Standards related to (historical): GM/T 0059-2018
PDF Preview
GM/T 0059-2018: PDF in English (GMT 0059-2018) GM/T 0059-2018
CRYPTOGRAPHIC INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Registration number: 62994-2018
GB/T 0059-2018
Cryptographic server test specifications
ISSUED ON: MAY 02, 2018
IMPLEMENTED ON: MAY 02, 2018
Issued by: State Cryptography Administration
Table of Contents
Foreword ... 3
1 Scope ... 4
2 Normative references ... 4
3 Terms and definitions ... 4
4 Abbreviations ... 6
5 Requirements of testing environment ... 7
5.1 Routine testing environment ... 7
5.2 Cross-network testing environment ... 7
6 Testing content ... 8
6.1 Overview ... 8
6.2 Inspection of device appearance and structure ... 9
6.3 Inspection of device’s management function ... 10
6.4 Testing of device state ... 10
6.5 Testing of device self-test ... 11
6.6 Testing of device’s configuration management ... 11
6.7 Testing of device’s key management ... 12
6.8 Testing of correctness and consistency of device’s cryptographic algorithm ... 13
6.9 Testing of device’s random number quality ... 15
6.10 Testing of device’s application interface ... 17
6.11 Testing of device’s remote management interface ... 17
6.12 Testing of device access control ... 18
6.13 Testing of device logging ... 19
6.14 Testing of device performance ... 19
6.15 Testing of device’s network adaptability ... 21
6.16 Testing of device security ... 21
6.17 Testing of device’s environmental adaptability ... 22
6.18 Testing of device reliability ... 22
7 Technical requirements for document-for-inspection ... 22
Appendix A (Informative) List of test items ... 23
Cryptographic server test specifications
1 Scope
This standard specifies the test requirements and test methods for
cryptographic server devices.
This standard applies to the testing of cryptographic server devices, as well as
the research & development of such cryptographic devices. It may also be used
to guide application development based on such cryptographic devices.
2 Normative references
The following documents are indispensable for the application of this document.
For dated references, only the dated version applies to this document. For
undated references, the latest edition (including all amendments) applies to this
document.
GB/T 32905 Information security technology SM3 cryptographic hash
algorithm
GB/T 32907 Information security technology - SM4 block cipher algorithm
GB/T 32915 Information security technology - Binary sequence randomness
testing method
GB/T 32918 Information security techniques - Elliptic curve public - key
cryptography
GM/T 0005 Randomness test specification
GM/T 0018 Interface specifications of cryptography device application
GM/T 0030-2014 Cryptographic server technical specification
GM/T 0039 Security test requirements for cryptographic modules
3 Terms and definitions
The following terms and definitions apply to this document.
3.1
A universally applicable infrastructure built using public key cryptography,
which provides users with security services such as certificate management
and key management.
3.9
Private key access password
A password which is used to verify the private key’s usage rights.
3.10
SM1 algorithm
A block cipher algorithm.
3.11
SM2 algorithm
An algorithm as defined by GB/T 32918.
3.12
SM3 algorithm
An algorithm defined by GB/T 32905.
3.13
SM4 algorithm
An algorithm as defined by GB/T 32907.
4 Abbreviations
The following abbreviations apply to this document.
API: Application Program Interface
CBC: Cipher Block Chaining
CFB: Cipher Feedback
CS: Cryptographic Server
ECB: Electronic Codebook
OFB: Output Feedback
j) Testing of device’s SM4 cryptographic operation;
k) Testing of device random number’s quality;
l) Testing of device’s application interface;
m) Testing of device’s management interface;
n) Testing of device’s access control;
o) Testing of device log;
p) Testing of device performance;
q) Testing of device’s network adaptability;
r) Testing of device security;
s) Testing of device’s environmental adaptability;
t) Testing of device’s reliability.
6.2 Inspection of device appearance and structure
The cryptographic server shall have the following main components or
interfaces:
a) It shall support the state indicator. It may use visual observation to
distinguish the normal working state and fault state of the state indicator;
b) It shall support the power indicator. It may use visual observation to
distinguish whether the device is powered on;
c) It shall support at least two RJ45 network interfaces.
The cryptographic server should have the following main components or
interfaces:
a) It should support one serial port (RJ45 or DB9 form) as the control port;
b) It should support the redundant power supply.
The cryptographic server may have the following main components or
interfaces:
a) It may support the manual key destruction switch;
b) It may support DB9 serial port;
automatically enter the initial state. At this time, the cryptographic server cannot
provide password service. The user performs the initial configuration of the
cryptographic server. The initial configuration shall include user management,
key management, system configuration. After the configuration is completed, it
shall restart the cryptographic server.
After the initial configuration, the cryptophone is powered on, it can
automatically enter the ready state, then the cryptographic server can provide
the cryptographic service.
The cryptographic server in the ready state can only enter the initial state again
by triggering the key-destruction mechanism and restarting after power-off. The
cryptographic server cannot be changed from the ready state to the initial state
through management interface, control port, human-machine interaction
component or other means.
6.5 Testing of device self-test
The cryptographic server shall support the self-test function. The self-test shall
include power-on/reset self-test, periodic self-test, self-test after accepting the
command. The self-test content includes the validity self-test of physical noise
source, validity self-test of cryptographic operation unit, self-test of random
number, self-test of cryptographic algorithm’s correctness, integrity check of
static storage data, etc.
The test results shall be reported after the end of the self-test. If the self-test is
successful, the cryptographic server shall enter the ready state. If the self-test
fails, the cryptographic server shall record the log and alarm, meanwhile
immediately stop providing the cryptographic service externally.
6.6 Testing of device’s configuration management
The cryptographic server shall include, but is not limited to, configuration of
cryptographic authority, configuration of cryptographic server’s network,
configuration of cryptographic server’s access control, other management
functions.
The configuration of cryptographic authority should have:
a) Management of three roles: administrator, security officer, operator;
b) The administrator is responsible for the addition, modification, cancellation
of security officers and operators;
c) The security officer is responsible for the authority management of the
stored can be exported to the outside of the cryptographic server.
6.7.2 Security function of key management
The cryptographic server shall comply with the standard GM/T 0030-2014 and
have the following security functions of key management:
a) The management key shall be generated or installed in the initial state by
the management tool provided by the cryptographic server manufacturer,
stored securely inside the cryptographic server:
b) The signature key pair of the user key and the device key is generated or
installed by the cryptographic server. The random number used by the key
shall be generated by the physical noise source chip, the key shall be
generated using a strong prime number. The encryption key pair is
generated by the independent key management system and issued
according to the private key protection structure of the encryption key as
specified in GM/T 0018 to the device;
c) The key’s encryption key is an optional support item. When the
cryptographic server supports this item, the key shall be generated or
installed by the management tool provided by the cryptographic server’s
manufacturer and shall support secure storage of a certain amount of
key’s encryption key inside the cryptographic server;
d) The session key cannot be exported in plaintext. It shall be encrypted by
the use of user key or key’s encryption key during export;
e) The symmetric key and asymmetric key stored securely in the
cryptographic server shall be called by the key index number or other form
of unique identifier;
f) The cryptographic server shall be able to securely store at least 100 sets
of symmetric keys and 32 pairs of asymmetric key pairs;
g) The cryptographic server shall support key backup and key recovery. The
backup file shall be stored in a secure storage medium in ciphertext,
meanwhile the same type of cryptographic server by the same
manufacturer shall be able to support mutual backup and recovery.
6.8 Testing of correctness and consistency of device’s
cryptographic algorithm
6.8.1 Testing of device’s symmetric cryptographic operation
perform the decryption operation, the decrypted result is exactly the same
as the given plaintext;
c) After the cryptographic server uses the given key to sign the signature
message by calling the cryptographic algorithm, the testing platform
verifies the signed results; the verification shall pass;
d) After the cryptographic server uses the given key to sign the message to
be signed by calling the cryptographic algorithm, it calls the cryptographic
algorithm to perform the verification operation; the verification passes;
e) The cryptographic server uses the given key and key negotiation
parameters, to call the key negotiation algorithm to perform key
negotiation with the testing platform; the negotiation result is correct.
6.8.3 Testing of device’s hash cryptographic operation
The cryptographic server shall support the SM3 algorithm. The cryptographic
server may call the SM3 algorithm to hash the message. It shall be able to
support the hashing operation of the given message and parameters by calling
the SM3 algorithm.
a) The cryptographic server calls the SM3 algorithm to calculate the hash
value of the given message; the result is exactly the same as the given
hash value;
b) The cryptographic server calls the SM3 algorithm to calculate the hash
value of the given message and parameters; the result is exactly the same
as the given hash value.
6.9 Testing of device’s random number quality
The cryptographic server shall have the function of generating random number.
It shall have at least 2 independent physical noise sources. The testing of
random number’s quality shall follow GB/T 32915.
The testing program of random number is designed and provided by a testing
organization approved by the national password management department. The
testing result of the random number testing of the cryptographic server shall
meet the requirements of GM/T 0005.
The random number generator used by the cryptographic server shall be able
to pass the random number testing at 4 different application phases: sample
delivery testing, exit-factory testing, power-on testing, use testing:
a) Sample delivery testing
2) Single testing
• Testing amount: It is determined according to the size of the random
number taken each time in actual application, but the length shall not
be lower than 128 bits. Meanwhile the unused sequence that has
passed the testing can continue to be used;
• Testing item: Poker testing, when the sample length is less than 320
bits, the parameter m = 2;
• Testing pass criteria: If the test criteria are not passed during the test,
the alarm test is unqualified.
It is allowed to repeat the random number collection and testing once. If the
repeated testing is still unqualified, it is determined that the random number
generator of the product is invalid
6.10 Testing of device’s application interface
The application programming interface of the cryptographic server shall follow
GM/T 0018.
For the correct calling environment and calling process of the cryptographic
server, the API function shall return the correct result and complete the
corresponding function. For the set incorrect calling environment or calling
process, the API function shall return the corresponding error code. The API
interface testing of the cryptographic server shall include the following six
categories:
a) Function of device management;
b) Function of key management;
c) Function of symmetric algorithm operation;
d) Function of asymmetric algorithm operation;
e) Function of hash operation;
f) Function of user file operation.
6.11 Testing of device’s remote management interface
The cryptographic server shall support the device’s remote management
function. If this function is supported, the remote management interface of the
cryptographic server shall follow GM/T 0030-2014.
prevent malicious personnel from unauthorized logging in, thereby protecting
the security of cryptographic server.
For the private key stored inside the cryptographic server, it can only be used
when holding the correct access control code of private key. The calling to the
cryptographic server’s function and the remote management of the
cryptographic server shall use the IP packet-based authorized access control
technology, only a host that has an authorized IP address can normally call the
device function or remotely manage the device. A host that does not have an
authorized IP cannot call the device function or remotely manage the device.
6.13 Testing of device logging
The cryptographic server shall provide logging, viewing, export functions.
The log content of the cryptographic server shall include:
a) Administrator’s operation, including login authentication, system
configuration, key management, etc.;
b) Abnormal events, including records of abnormal events such as
authentication failures and illegal access.
The log content of the cryptographic server should include:
a) If connected to the device’s management center, record the corresponding
operations;
b) Log the calling related to the key management in the application interface.
6.14 Testing of device performance
The password operations of the cryptographic server shall meet certain
performance indicators.
The performance testing of the cryptographic server shall include nine aspects:
generation of random number of cryptographic sever, generation of symmetric
key of cryptographic server, generation of asymmetric key of cryptographic
server, encryption and decryption performance of cryptographic server’s SM1
algorithm, encryption and decryption performance of cryptographic server’s
SM2 algorithm, signature/verification performance of cryptographic server’s
SM2 algorithm, operation performance of cryptographic server’s SM3 algorithm,
encryption and decryption performance of cryptographic server’s SM4
algorithm, concurrent performance of the cryptographic server. Each
performance of the cryptographic server shall be tested multiple times. Take the
completion time T(s). Performance index formula is:
S = 8LN/(1024 × 1024 T); the unit is Mbps;
h) The testing of encryption and decryption performance of cryptographic
server’s SM4 algorithm: send a data message of length L (byte) to the
cryptographic server for encryption/decryption; repeat the operation N
times; calculate the completion time T (s). The performance of the various
working modes supported by the SM4 algorithm needs to be tested
separately. The performance index formula is:
S = 8LN/(1024 x 1024T); the unit is Mbps;
i) The testing of concurrent performance of the cryptographic server:
including two indicators of the number of new connections established per
second and the maximum number of concurrent connections.
In the testing platform, simulate multiple client behaviors; establish a TCP
connection with the cryptographic server in parallel; repeat this process for
a period of time; take the average of the number of connections established
per second as the test result of the number of new connections per second,
the unit is (pieces/s).
In the testing platform, simulate multiple client behaviors; establishes a TCP
connection with the cryptographic server in parallel; then continuously adds
the client; repeats the process until it cannot establish and maintain the
connection. The number of TCP connections that have been accessed is the
test result, the unit is piece.
6.15 Testing of device’s network adaptability
The cryptographic server shall have good adaptability and scalability to the
service mode of the user. It shall meet the application requirements of at least
three modes, including:
a) The cryptographic server shall be able to connect directly to the host;
b) The cryptographic server shall be able to connect to multiple hosts at the
same time through the switch;
c) The cryptographic server shall be able to connect to the hosts of different
networks.
6.16 Testing of device security
The testing of security of cryptographic server complies with GM/T 0039.
...... Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.
|