|
US$2779.00 · In stock
Delivery: <= 15 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 38625-2020: Information security technology - Security test requirements for cryptographic modules
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 38625-2020 | English | 2779 |
Add to Cart
|
15 days [Need to translate]
|
Information security technology - Security test requirements for cryptographic modules
| Valid |
GB/T 38625-2020
|
PDF similar to GB/T 38625-2020
Standard similar to GB/T 38625-2020 GB/T 38638 GB/T 38671 GB/T 38628 Basic data | Standard ID | GB/T 38625-2020 (GB/T38625-2020) | | Description (Translated English) | Information security technology - Security test requirements for cryptographic modules | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.040 | | Word Count Estimation | 150,135 | | Date of Issue | 2020-04-28 | | Date of Implementation | 2020-11-01 | | Quoted Standard | GB/T 25069-2010; GB/T 37092-2018 | | Adopted Standard | ISO/IEC 24759-2017, NEQ | | Issuing agency(ies) | State Administration for Market Regulation, China National Standardization Administration | | Summary | This standard specifies the testing requirements for cryptographic modules and the corresponding material requirements for inspection. This standard is applicable to the testing of cryptographic modules submitted for inspection by testing institutions, and can also be used to guide the self-testing of cryptographic module manufacturers. | GB/T 38625-2020: Information security technology - Security test requirements for cryptographic modules
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology - Security test requirements for cryptographic modules
ICS 35.040
L80
National Standards of People's Republic of China
Information Security Technology
Password module security testing requirements
2020-04-28 released
2020-11-01 implementation
State Administration for Market Regulation
Issued by the National Standardization Management Committee
Table of contents
Preface Ⅲ
1 Scope 1
2 Normative references 1
3 Terms and definitions 1
4 Abbreviations 1
5 Overview 1
6 Safety testing requirements 2
6.1 General requirements 2
6.2 Cryptographic module specifications 3
6.3 Password module interface 13
6.4 Roles, services and identification 24
6.5 Software/Firmware Security 41
6.6 Operating environment 46
6.7 Physical Security 57
6.8 Non-intrusive security 81
6.9 Management of sensitive security parameters 83
6.10 Self-test 95
6.11 Life Cycle Guarantee 114
6.12 Mitigation of other attacks 127
6.13 Documentation requirements 128
6.14 Password module security policy 128
6.15 Approved safety features 129
6.16 Approved methods for generating and establishing sensitive security parameters 129
6.17 Approved authentication mechanism 129
6.18 Non-invasive attacks and common mitigation methods 129
Appendix A (Normative Appendix) Security Level Correspondence Table 130
Information Security Technology
Password module security testing requirements
1 Scope
According to GB/T 37092-2018, this standard specifies the testing requirements for cryptographic modules and the corresponding material requirements for inspection.
This standard applies to the testing of cryptographic modules submitted for inspection by testing organizations, and can also be used to guide the self-testing of cryptographic module developers.
2 Normative references
The following documents are indispensable for the application of this document. For dated reference documents, only the dated version applies to this document.
For undated references, the latest version (including all amendments) applies to this document.
GB/T 25069-2010 Information Security Technical Terms
GB/T 37092-2018 Information Security Technology Cryptographic Module Security Requirements
3 Terms and definitions
The terms and definitions defined in GB/T 37092-2018 and GB/T 25069-2010 apply to this document.
4 Abbreviations
The following abbreviations apply to this document.
5 overview
Chapter 6 describes in detail the requirements for the materials provided to the testing organization by the submitting manufacturer and the program requirements used by the testing organization.
Chapter 6 has 18 articles, including 6.1 general requirements and 11 security domains corresponding to GB/T 37092-2018 and Appendix A to Appendix F.
This standard uses the "[xx.yy]" method to identify and serially number all evaluation units in the standard, where xx means the chapter 6
The corresponding bar, yy is the numerical index of the evaluation unit. Each evaluation unit includes safety requirements, requirements for materials submitted for inspection, and requirements for inspection procedures.
Among them. the content of the safety requirements directly refers to each of the corresponding safety requirements clauses in GB/T 37092-2018.For the completeness of the sentence, the
Some of the safety requirements clauses cited are supplemented, and the supplementary sentences are written in italics; the requirements for materials submitted for inspection describe the
The document type or detailed material requirements provided so that the inspector can verify (document or material) compliance with the given safety requirements;
The testing procedure requirements indicate the procedures that the testing personnel should perform when testing whether the cryptographic module meets the given security requirements.
In this standard, "safety requirements [xx.yy]", "required materials for inspection [xx.yy]" and "test procedure requirements [xx.yy]" respectively represent the corresponding evaluation
Unit [xx.yy] safety requirements, material requirements and testing procedures requirements.
The security level of the cryptographic module corresponding to each evaluation unit in this standard is shown in Appendix A.
6 Safety testing requirements
6.1 General requirements
6.1.1 Test purpose
The general requirements test includes 4 evaluation units to test whether the cryptographic module submitted for inspection matches the security specified in GB/T 37092-2018
Domain, and whether the inspection manufacturer has provided all relevant materials for the cryptographic module.
6.1.2 Evaluation unit [01.01]
Safety requirements.
The security requirements that a cryptographic module that meets this standard should meet.
Material requirements for inspection.
This article does not provide separate materials.
Testing procedure requirements.
This article is not tested separately.
6.1.3 Evaluation unit [01.02]
Safety requirements.
The cryptographic module shall be tested according to the requirements of each domain.
Note. If the cryptographic module submitted for inspection is not subject to some of the security requirements specified in GB/T 37092-2018, the testing organization will exclude the corresponding security requirements from testing.
Material requirements for inspection.
This article does not provide separate materials.
Testing procedure requirements.
The testing agency can test the security of the cryptographic module in one or more of the following ways.
a) The inspector uses the equipment of the inspection agency to perform the test.
b) The inspector uses the equipment of the supplier to perform the test.
c) Inspectors supervise the submitting manufacturer to use the equipment of the submitting organization for testing. In this case, the testing agency needs to.
1) Explain the reason why you cannot conduct the test;
2) Develop the required test plan and test tasks;
3) Directly observe the execution of the test.
If any one of the tests is unsuccessful, then this one fails.
6.1.4 Evaluation unit [01.03]
Safety requirements.
Cryptographic modules should be rated independently in each domain.
Material requirements for inspection.
This article does not provide separate materials.
Testing procedure requirements.
This article is not tested separately.
6.1.5 Evaluation unit [01.04]
Safety requirements.
The cryptographic module to be confirmed or evaluated shall provide all relevant documents, including user and installation manuals, design instructions, life cycle documents, etc.
Material requirements for inspection.
This article does not provide separate materials.
Testing procedure requirements.
This article is not tested separately.
6.2 Cryptographic module specifications
6.2.1 General requirements for cryptographic module specifications
6.2.1.1 Test purpose
General requirements for cryptographic module specifications The test includes 2 evaluation units to test whether the cryptographic module submitted for inspection meets GB/T 37092-2018
The general requirements of the specified cryptographic module specifications, and whether the cryptographic module specification documents are written in accordance with the requirements specified in GB/T 37092-2018.
6.2.1.2 Evaluation unit [02.01]
Safety requirements.
The cryptographic module should be a collection of hardware, software, firmware, or a combination of them. This collection uses at least one approved cryptographic algorithm, security
The full function or process implements a cryptographic service and is contained within the defined cryptographic boundary.
Material requirements for inspection.
This article does not provide separate materials.
Testing procedure requirements.
a) This article is not tested separately.
b) Appendix C of GB/T 37092-2018 lists the approved safety functions.
6.2.1.3 Evaluation unit [02.02]
Safety requirements.
The cryptographic module specification document shall be compiled in accordance with the requirements specified in A.2.2 of GB/T 37092-2018.
Material requirements for inspection.
This article does not provide separate materials.
Testing procedure requirements.
This article is tested as part of the evaluation unit [A.01].
6.2.2 Types of cryptographic modules
6.2.2.1 Test purpose
The cryptographic module type detection includes 4 evaluation units to detect whether the cryptographic module type defined by the submitting manufacturer matches GB/T 37092-
The cryptographic module types specified in.2018 and whether the defined cryptographic module types meet all applicable requirements specified in GB/T 37092-2018
Claim.
6.2.2.2 Evaluation unit [02.03]
Safety requirements.
The cryptographic module should be defined as one of the following cryptographic module types.
---Hardware cryptographic module;
---Software password module;
---Firmware password module;
---Hybrid software password module;
---Mixed firmware cryptographic module.
Material requirements for inspection.
a) The type of cryptographic module should be described in the documentation submitted by the manufacturer and the basis for selecting this type should be explained.
b) The inspection manufacturer shall provide the specifications of the cryptographic module to identify the hardware, software and/or firmware components of all cryptographic modules.
Testing procedure requirements.
a) The inspector shall verify that a module type defined in the safety requirements [02.03] is identified in the document submitted by the inspection manufacturer.
b) The inspector should review the specification documents provided by the submitting manufacturer, and identify all hardware, software and/or firmware components, and verify the
The cryptographic module is consistent with the cryptographic module type defined in the security requirements [02.03].
6.2.2.3 Evaluation unit [02.04]
Safety requirements.
For hardware and firmware cryptographic modules, they should meet the physical security specified in 7.7 of GB/T 37092-2018 and the non-entry security specified in 7.8.
All applicable requirements for intrusive security.
Material requirements for inspection.
This article does not provide separate materials.
Testing procedure requirements.
This article is not tested separately.
6.2.2.4 Evaluation unit [02.05]
Safety requirements.
For software cryptographic modules running in a modifiable environment, they should meet the non-intrusive security specified in GB/T 37092-2018, 7.8
All applicable requirements in GB/T 37092-2018; the physical safety requirements specified in 7.7 of GB/T 37092-2018 are optional.
Material requirements for inspection.
This article does not provide separate materials.
Testing procedure requirements.
This article is not tested separately.
6.2.2.5 Evaluation unit [02.06]
Safety requirements.
For the mixed cryptographic module, it should meet the software/firmware security specified in 7.5 of GB/T 37092-2018, the operating environment specified in 7.6,
All applicable requirements in physical security specified in 7.7 and non-intrusive security specified in 7.8.
Material requirements for inspection.
This article does not provide separate materials.
Testing procedure requirements.
This article is not tested separately.
6.2.3 Password boundary
6.2.3.1 General requirements for password boundaries
6.2.3.1.1 Test purpose
The general requirements for password boundary testing include 8 evaluation units to detect whether the password boundary defined by the submitting manufacturer is clear and related to security.
Whether algorithms, safety functions, processes, and components are within the boundaries, and whether the excluded hardware, software or firmware components are safety-related, and check
Whether the name of the cryptographic module can represent the component composition within the cryptographic boundary.
6.2.3.1.2 Evaluation unit [02.07]
Safety requirements.
The cryptographic boundary should be composed of a well-defined boundary (for example, a collection of hardware, software or firmware components) that establishes the boundary of all components of the cryptographic module.
Material requirements for inspection.
All components within the password boundary shall be specified in the documents submitted by the inspection manufacturer.
Testing procedure requirements.
a) The inspector shall verify that all components are within the password boundary through document review and module inspection.
b) The inspector shall verify through document review and module inspection that no unidentified parts are within the password boundary.
6.2.3.1.3 Evaluation unit [02.08]
Safety requirements.
The requirements of GB/T 37092-2018 shall apply to all algorithms, security functions, processes and components within the cryptographic boundary.
Material requirements for inspection.
This article does not provide separate materials.
Testing procedure requirements.
This article is not tested separately.
6.2.3.1.4 Evaluation unit [02.09]
Safety requirements.
The cryptographic boundary should at least include all security-related algorithms, security functions, processes and components in the cryptographic module (i.e. GB/T 37092-
Safety-related within the scope of.2018).
Material requirements for inspection.
The submitting manufacturer shall provide a list of all security-related algorithms, security functions, processes and components within the password boundary. The security functions include
But not limited to.
---Block cipher;
---Stream password;
---Asymmetric cryptographic algorithms and technologies;
---Message authentication code;
---Hash function;
---Entity identification;
---Key management;
---Random number generator.
Testing procedure requirements.
The inspector should verify that all security-related algorithms, security functions,
Process and components.
6.2.3.1.5 Evaluation unit [02.10]
Safety requirements.
The implementation of non-safety-related algorithms, safety functions, processes and components used to approve the working mode shall not interfere with or destroy the approved operation of the cryptographic module.
Material requirements for inspection.
The documents submitted by the inspection manufacturer shall list the non-safety-related algorithms, safety functions, processes and components used for the approved working mode.
And prove that they do not interfere with or destroy the authorized operation of cryptographic modules.
Testing procedure requirements.
a) The inspector should verify non-safety-related algorithms, safety functions,
The implementation of the process and components does not interfere with or destroy the approved operation of the cryptographic module.
b) The inspector shall verify the correctness of any reason provided by the supplier for non-interference or damage. The burden of proof lies with the submitting manufacturer,
If there is any uncertainty or ambiguity, the inspector should request the inspection manufacturer to show the required further information.
6.2.3.1.6 Evaluation unit [02.11]
Safety requirements.
The name of the cryptographic module should represent the component composition within the cryptographic boundary, and should not represent a composition or product larger than the actual scope.
Material requirements for inspection.
The name of the cryptographic module should be provided in the documentation of the supplier.
Testing procedure requirements.
a) The inspector should verify that the name of the cryptographic module provided by the supplier is consistent with the components within the cryptographic boundary.
b) The inspector should verify that the name of the cryptographic module does not represent a component or functional composition that is inconsistent with the component composition within the cryptographic boundary.
6.2.3.1.7 Evaluation unit [02.12]
Safety requirements.
The cryptographic module should at least have specific version information representing each of the different hardware, software and/or firmware components.
Material requirements for inspection.
The submitting manufacturer shall provide specific version information of each different hardware, software and/or firmware component of the cryptographic module.
Testing procedure requirements.
The inspector shall verify that the submitting manufacturer provides specific version information for each different hardware, software and/or firmware component of the cryptographic module.
6.2.3.1.8 Evaluation unit [02.13]
Safety requirements.
Certain hardware, software and/or firmware components within the cryptographic boundary can be excluded from the requirements of GB/T 37092-2018.Excluded
The realization of hardware, software or firmware components shall not interfere with or destroy the safe operation of the cryptographic module approved.
Material requirements for inspection.
This article does not provide separate materials.
Testing procedure requirements.
This article is tested as part of the evaluation unit [02.14].
6.2.3.1.9 Evaluation unit [02.14]
Safety requirements.
The documentation of the cryptographic module specifications should state the excluded hardware, software, or firmware.
Material requirements for inspection.
a) All hardware, software and/or firmware components that are excluded from the safety requirements of GB/T 37092-2018 should be inspected by the manufacturer
Is clearly listed in the documentation.
b) The reason for the exclusion of each component should be provided in the manufacturer’s documentation. The submitting manufacturer shall indicate that even if there is a failure or misuse, every
Neither component will interfere with or destroy the operation of the security functions approved by the cryptographic module.
Testing procedure requirements.
a) The inspector should verify whether the inspection manufacturer indicates that some parts of the module are excluded from the safety requirements of GB/T 37092-2018.
b) If the inspection manufacturer has indicated that some components of the module are excluded from GB/T 37092-2018, the inspector shall verify each
Reasons for exclusion are provided. These reasons should show that even if the component fails, it will not cause critical safety parameters, plaintext data
Data or other misuse may lead to the disclosure of dangerous information. These reasons will be considered acceptable if supported by the following evidence.
---The component does not process critical safety parameters, plaintext data or other information that may cause danger if misused;
---This component is not allowed to pass critical safety parameters, clear text data or other information in an inappropriate way in the module.
Connection of safety-related components that may cause dangerous information;
---All the information processed by the components should be strictly for the internal use of the module, and should not affect the equipment connected to the module in any way.
c) The inspector shall verify the correctness of all exclusion reasons provided by the submitting manufacturer. The burden of proof lies with the submitting manufacturer;
If there is any uncertainty or ambiguity, the inspector should request the inspection manufacturer to show the required further information.
6.2.3.2 Definition of password boundary
6.2.3.2.1 Test purpose
The definition of password boundary detection includes 4 evaluation units, which detect whether the demarcation of the password boundary of the password module submitted for inspection matches with the type of the password module.
6.2.3.2.2 Evaluation unit [02.15]
Safety requirements.
The cryptographic boundary of the hardware cryptographic module shall be delimited and determined.
A collection of hardware components, which can include.
---The physical structure of the physical wiring that provides interconnection between components, including circuit boards, substrates or other surface mounts;
---Effective electrical components, such as semi-integrated, custom integrated or general integrated circuits, processors, memory, power supplies, converters, etc.;
---Physical structures such as housing, potting or packaging materials, connectors and interfaces;
---Firmware, which can include an operating system;
---Other component types not listed above.
Material requirements for inspection.
a) All hardware components of the hardware cryptographic module should be identified in the documents submitted by the manufacturer and a list of components should be provided.
b) The internal layout and installation method of the module (for example, fixing parts and installation parts) should be indicated in the documents submitted by the inspection manufacturer, including drawings of approximate proportions.
c) The main physical parameters of the module should be described in the manufacturer’s documentation, including the housing, access point, circuit board, power supply location, and circuit
Description of wiring, cooling system and other key parameters.
d) The documentation submitted by the inspection manufacturer shall include a block diagram showing the module boundary and the relationship between its hardware components.
Testing procedure requirements.
a) The inspector should verify that the manufacturer’s document includes a parts list, which includes all hardware components of the cryptographic module.
b) The inspector should identify all the hardware components of the cryptographic module and verify that the component list includes all the following types of components, but
Excluding component types not used in the module.
---Processor, including microprocessor, digital signal processor, custom processor, microcontroller, or any other type of processor
Processor;
--- ROM integrated circuits that store executable codes and data of programs, which may include mask programmed ROM, programmable
ROM (PROM) such as ultraviolet erasable PROM (EPROM), electrically erasable PROM (EEPROM) or Flash memory;
---RAM or other integrated circuits used for temporary data storage;
---Semi-custom, application-specific integrated circuits, such as gate arrays, programmable logic arrays, field programmable gate arrays or other programmable logic elements;
---Full customization, application specific integrated circuits, including any custom cryptographic integrated circuits;
---Other active electronic circuit components (if passive circuit components are part of the cryptographic module but do not provide relevant security
Function, the manufacturer does not need to list it, such as pull-up/pull-down resistors or bypass capacitors);
---Power supply components, including power supply, voltage conversion module (for example, AC-DC or DC-DC module), transformer, input
Power connector and output power connector;
---Circuit board or other surface mount;
---Shell, including any door or cover;
---The physical connector between the external equipment of the encryption module or any main independent sub-module;
--- Software and/or firmware components;
---Other types of parts not listed above.
c) The inspector should verify that the parts list is consistent with the materials provided in other clauses, which are defined as follows.
---The boundary specification of the cryptographic module required in the security requirements [02.07]. Verify that all components within the cryptographic boundary are included
In the parts list, all parts outside the boundaries of the cryptographic module are not listed as cryptographic module components.
---Block diagram specifications required by safety requirements [A.01]. Verify that all individual components (such as microprocessors, memory) in the block diagram are also
All are listed in the parts list.
---Safety requirements [02.14] specified components that are excluded from the safety requirements of GB/T 37092-2018.Verify these parts
Still listed in the parts list.
d) The inspector should verify that the password boundary is physically continuous to ensure that there are no loopholes that can allow uncontrolled input, output, or
He interface enters the cryptographic module. (The requirements for physical and disassembly protection are described in 7.7 of GB/T 37092-2018.) Module design
The computer should also ensure that the cryptographic module has no uncontrolled input and output interfaces, which may leak key security parameters and plaintext data.
Or other information that may cause damage if misused.
e) The inspector should verify that the password boundary includes all the inputs, outputs or gates identified in the block diagram required by the security requirements [A.01]
Key security parameter processing, plain text, or other information components t...
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 38625-2020_English be delivered?Answer: Upon your order, we will start to translate GB/T 38625-2020_English as soon as possible, and keep you informed of the progress. The lead time is typically 11 ~ 15 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 38625-2020_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 38625-2020_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|