Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GM/T 0008-2012 PDF English

US$145.00 · In stock · Download in 9 seconds
GM/T 0008-2012: Cryptography test criteria for security IC
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Valid
Standard IDUSDBUY PDFDeliveryStandard Title (Description)Status
GM/T 0008-2012145 Add to Cart Auto, 9 seconds. Cryptography test criteria for security IC Valid

Similar standards

GB/T 15843.1   GA/T 1389   GM/T 0018   

GM/T 0008-2012: Cryptography test criteria for security IC

---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GMT0008-2012
GM CRYPTOGRAPHY INDUSTRY STANDARD ICS 35.040 L 80 RECORD NO.. 38306-2013 Cryptography test criteria for security IC Issued on. NOVEMBER 22, 2012 Implemented on. NOVEMBER 22, 2012 Issued by. State Cryptography Administration

Table of Contents

Foreword... 4 Introduction... 5 1 Scope... 6 2 Normative references... 6 3 Terms, definitions and abbreviations... 6 4 Classification of security levels... 10 5 Cryptographic algorithm... 11 6 Security chip interface... 15 7 Key management... 16 8 Sensitive information protection... 19 9 Firmware security... 21 10 Self-test... 23 11 Audit... 23 12 Attack mitigation and protection... 24 13 Life cycle assurance... 27 Bibliography... 31

Foreword

This Standard was drafted in accordance with the rules given in GB/T 1.1-2009. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. The issuer of this document shall not be held responsible for identifying any or all such patent rights. This Standard was proposed by and shall be under the jurisdiction of the State Cryptography Administration. The drafting organizations of this Standard. Commercial Cryptography Testing Centre of State Cryptography Administration, State Key Laboratory of Information Security, Tsinghua University, Beijing Hongsi Electronic Technologies Co., Ltd., Nationz Technologies Co., Ltd., Beijing CEC Huada Electronic Design Co., Ltd., Zhejiang University, Shenzhen Institutes of Advanced Technology of Chinese Academy of Sciences, Datang Microelectronics Co., Ltd., Beijing Xinguang-Tiandi IC Design Co., Ltd., Chengdu University of Information Technology. The main drafters of this Standard. Li Dawei, Zhou Yongbin, Luo Peng, Liu Jiye, Zhang Jianren, Zhang Wenjing, Zhang Yiwei, Chen Lizhi, Ye Yin, Shen Haibin, Li Huiyun, Sun Dongyu, Xiong Yanping, Liu Hongwei, Chen Yun, Wu Zhen, Mao Yingying.

1 Scope

This Standard specifies three security levels of security capabilities which increase in sequence and the cryptographic test requirements which are applicable to the security chips of all security levels. This Standard applies to both the cryptographic test of security chips and the development of security chips.

2 Normative references

The following referenced documents are indispensable for the application of this document. For dated references, only the edition dated applies to this document. For undated references, the latest edition of the referenced documents (including all amendments) applies to This Standard. GM/T 0005, Randomness test specification

3 Terms, definitions and abbreviations

3.1 Terms and definitions For the purposes of this document, the following terms and definitions apply. 3.1.1 key Key information or parameters which control cryptographic transformation operation. 3.1.2 sensitive information Data in security chips which requires protection, except keys. 3.1.3 security chip Integrated circuit chips which contain cryptographic algorithms and security functions and can implement key management mechanisms. 3.1.4 security capability Direct or indirect assurance and protective measures which are provided by security chips for keys and sensitive information. 3.1.5 block cipher operation mode The operation mode of block cipher algorithm, mainly including electronic code book mode (ECB), cipher block chaining mode (CBC), cipher feedback mode (CFB), output feedback mode (OFB), counter mode (CTR), etc. 3.1.6 public key cipher application mode The application mode of public key cipher algorithm, mainly including encryption/decryption, signature/verification, key agreement, etc. 3.1.7 operation speed of cryptographic algorithm Maximum data size that security chips can process within the unit time of cryptographic algorithm implementation. 3.1.8 physical random source Source blocks of random sequences which is generated by the uncertainty of physical noise. 3.1.9 firmware Procedure codes which is solidified in security chips, controlling and coordinating the cryptography and security functions of security chips.

4 Classification of security levels

4.1 Security level 1 Security level 1 specifies the minimum security level requirements that the security capabilities of security chips shall meet. Security level 1 requires security chips to provide basic protective measures for keys and sensitive information. 4.2 Security level 2 Security level 2 specifies the intermediate security level requirements that the security capabilities of security chips can meet. Based on security level 1, 4.3 Security level 3 Security level 3 specifies the high security level requirements that the security capabilities of security chips can meet. Based on security level 2, security level 3 specifies the logical and/or physical protective measures that security chips shall have.

5 Cryptographic algorithm

5.1 Random number generator 5.1.1 Security level 1 5.1.2 Security level 2 5.2 Block cipher algorithm 5.2.1 Security level 1 5.2.2 Security level 2 Based on security level 1. a) Security chips are capable of giving clear results or responses for any data input. b) The central operation parts of the block cipher algorithm supported by security chips shall be implemented using special hardware circuits. 5.2.3 Security level 3 Based on security level 2. a) The block cipher algorithm supported by security chips shall be implemented using special hardware circuits. b) Security chips themselves can verify the correctness of the block cipher algorithm supported by them in all operating modes. 5.3 Public key cipher algorithm 5.5 Stream cipher algorithm 5.5.1 Security level 1 a) All stream cipher algorithms supported by security chips shall be implemented correctly. b) Security chips shall determine the operation rate of the stream cipher algorithms. 5.5.2 Security level 2 5.5.3 Security level 3 Based on security level 2.

6 Security chip interface

6.1 Physical interface 6.1.1 Security level 1 6.1.2 Security level 2 Based on security level 1, security chips shall not contain any physical interface except the physical interfaces declared. 6.1.3 Security level 3 Based on security level 2. 6.2 Logical interface 6.2.1 Security level 1 a) The logical interfaces supported by security chips shall not contain covert channels. b) The operation data of the cryptographic algorithm shall be consistent, which is input and output by the logical interfaces supported by security chips. c) If security chips support the random number generation function, all the random numbers output by the logical interfaces supported by security chips are capable of passing the randomness test.

7 Key management

7.1 Generation 7.1.1 Security level 1 7.1.2 Security level 2 Based on security level 1. a) Security chips shall not disclose relevant information of keys through physical interfaces or logical interfaces during the key generation process. b) After the generation of keys, security chips shall immediately eliminate relevant data and temporary data which is used during the generation of keys and will no longer be used. 7.1.3 Security level 3 As security level 2. 7.2 Storage 7.2.1 Security level 1 Security chips are capable of storing keys correctly and effectively. 7.3 Usage 7.3.1 Security level 1 Security chips shall be capable of using keys correctly and effectively in accordance with key types, application scenarios, etc. 7.3.2 Security level 2 Based on security level 1. a) The storage region of security chips for the storage keys and key related information during the usage of keys shall be controllable and special. b) During the usage of keys, the physical interfaces and logical interfaces of security chips shall not disclose keys and related information. 7.4 Update 7.4.1 Security level 1 Security chips shall be capable of updating keys correctly and effectively. 7.4.2 Security level 2 Based on security level 1. 7.4.3 Security level 3 As security level 2. 7.5 Import 7.5.1 Security level 1 Security chips shall be capable of importing keys correctly and effectively. 7.5.2 Security level 2 Based on security level 1. a) The import of keys requires corresponding authorization. b) Security chips shall support importing keys in the form of ciphertexts. 7.5.3 Security level 3 As security level 2. 7.6 Export 7.6.1 Security level 1 Security chips are capable of exporting keys correctly and effectively.

8 Sensitive information protection

8.1 Storage 8.1.1 Security level 1 Security chips are capable of storing sensitive information correctly and effectively. 8.2 Clearing 8.2.1 Security level 1 Security chips are capable of clearing sensitive information correctly and effectively. 8.2.2 Security level 2 Based on security level 1. 8.2.3 Security level 3 Based on security level 2, security chips shall support the secure key clearing mechanism which is implemented using the methods including repeated erasing. 8.3 Operation 8.3.1 Security level 1 a) Security chips shall be capable of conducting operation for sensitive information correctly and effectively. b) Security chips shall not export sensitive information during the operation process. 8.4 Transmission 8.4.1 Security level 1 Security chips shall be capable of importing or exporting sensitive information permissible for transmission correctly and effectively, as needed. 8.4.2 Security level 2 Based on security level 1.

9 Firmware security

9.1 Storage 9.1.1 Security level 1 The firmware in security chips shall not be read out through interfaces. 9.1.2 Security level 2 Based on security level 1. 9.2 Implementation 9.2.1 Security level 1 a) Security chips shall be capable of implementing the functions declared correctly and effectively. b) The firmware of security chips shall not implement the functions which are not declared. 9.2.2 Security level 2 Based on security level 1, security chips shall take the measures such as exception handling mechanism, to ensure the robustness and integrity of firmware itself. 9.3 Import 9.3.1 Security level 1 Security chips shall implement the import of firmware correctly and effectively. GM/T 0008-2012 GM CRYPTOGRAPHY INDUSTRY STANDARD ICS 35.040 L 80 RECORD NO.. 38306-2013 Cryptography test criteria for security IC Issued on. NOVEMBER 22, 2012 Implemented on. NOVEMBER 22, 2012 Issued by. State Cryptography Administration

Table of Contents

Foreword... 4 Introduction... 5 1 Scope... 6 2 Normative references... 6 3 Terms, definitions and abbreviations... 6 4 Classification of security levels... 10 5 Cryptographic algorithm... 11 6 Security chip interface... 15 7 Key management... 16 8 Sensitive information protection... 19 9 Firmware security... 21 10 Self-test... 23 11 Audit... 23 12 Attack mitigation and protection... 24 13 Life cycle assurance... 27 Bibliography... 31

Foreword

This Standard was drafted in accordance with the rules given in GB/T 1.1-2009. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. The issuer of this document shall not be held responsible for identifying any or all such patent rights. This Standard was proposed by and shall be under the jurisdiction of the State Cryptography Administration. The drafting organizations of this Standard. Commercial Cryptography Testing Centre of State Cryptography Administration, State Key Laboratory of Information Security, Tsinghua University, Beijing Hongsi Electronic Technologies Co., Ltd., Nationz Technologies Co., Ltd., Beijing CEC Huada Electronic Design Co., Ltd., Zhejiang University, Shenzhen Institutes of Advanced Technology of Chinese Academy of Sciences, Datang Microelectronics Co., Ltd., Beijing Xinguang-Tiandi IC Design Co., Ltd., Chengdu University of Information Technology. The main drafters of this Standard. Li Dawei, Zhou Yongbin, Luo Peng, Liu Jiye, Zhang Jianren, Zhang Wenjing, Zhang Yiwei, Chen Lizhi, Ye Yin, Shen Haibin, Li Huiyun, Sun Dongyu, Xiong Yanping, Liu Hongwei, Chen Yun, Wu Zhen, Mao Yingying.

1 Scope

This Standard specifies three security levels of security capabilities which increase in sequence and the cryptographic test requirements which are applicable to the security chips of all security levels. This Standard applies to both the cryptographic test of security chips and the development of security chips.

2 Normative references

The following referenced documents are indispensable for the application of this document. For dated references, only the edition dated applies to this document. For undated references, the latest edition of the referenced documents (including all amendments) applies to This Standard. GM/T 0005, Randomness test specification

3 Terms, definitions and abbreviations

3.1 Terms and definitions For the purposes of this document, the following terms and definitions apply. 3.1.1 key Key information or parameters which control cryptographic transformation operation. 3.1.2 sensitive information Data in security chips which requires protection, except keys. 3.1.3 security chip Integrated circuit chips which contain cryptographic algorithms and security functions and can implement key management mechanisms. 3.1.4 security capability Direct or indirect assurance and protective measures which are provided by security chips for keys and sensitive information. 3.1.5 block cipher operation mode The operation mode of block cipher algorithm, mainly including electronic code book mode (ECB), cipher block chaining mode (CBC), cipher feedback mode (CFB), output feedback mode (OFB), counter mode (CTR), etc. 3.1.6 public key cipher application mode The application mode of public key cipher algorithm, mainly including encryption/decryption, signature/verification, key agreement, etc. 3.1.7 operation speed of cryptographic algorithm Maximum data size that security chips can process within the unit time of cryptographic algorithm implementation. 3.1.8 physical random source Source blocks of random sequences which is generated by the uncertainty of physical noise. 3.1.9 firmware Procedure codes which is solidified in security chips, controlling and coordinating the cryptography and security functions of security chips.

4 Classification of security levels

4.1 Security level 1 Security level 1 specifies the minimum security level requirements that the security capabilities of security chips shall meet. Security level 1 requires security chips to provide basic protective measures for keys and sensitive information. 4.2 Security level 2 Security level 2 specifies the intermediate security level requirements that the security capabilities of security chips can meet. Based on security level 1, 4.3 Security level 3 Security level 3 specifies the high security level requirements that the security capabilities of security chips can meet. Based on security level 2, security level 3 specifies the logical and/or physical protective measures that security chips shall have.

5 Cryptographic algorithm

5.1 Random number generator 5.1.1 Security level 1 5.1.2 Security level 2 5.2 Block cipher algorithm 5.2.1 Security level 1 5.2.2 Security level 2 Based on security level 1. a) Security chips are capable of giving clear results or responses for any data input. b) The central operation parts of the block cipher algorithm supported by security chips shall be implemented using special hardware circuits. 5.2.3 Security level 3 Based on security level 2. a) The block cipher algorithm supported by security chips shall be implemented using special hardware circuits. b) Security chips themselves can verify the correctness of the block cipher algorithm supported by them in all operating modes. 5.3 Public key cipher algorithm 5.5 Stream cipher algorithm 5.5.1 Security level 1 a) All stream cipher algorithms supported by security chips shall be implemented correctly. b) Security chips shall determine the operation rate of the stream cipher algorithms. 5.5.2 Security level 2 5.5.3 Security level 3 Based on security level 2.

6 Security chip interface

6.1 Physical interface 6.1.1 Security level 1 6.1.2 Security level 2 Based on security level 1, security chips shall not contain any physical interface except the physical interfaces declared. 6.1.3 Security level 3 Based on security level 2. 6.2 Logical interface 6.2.1 Security level 1 a) The logical interfaces supported by security chips shall not contain covert channels. b) The operation data of the cryptographic algorithm shall be consistent, which is input and output by the logical interfaces supported by security chips. c) If security chips support the random number generation function, all the random numbers output by the logical interfaces supported by security chips are capable of passing the randomness test.

7 Key management

7.1 Generation 7.1.1 Security level 1 7.1.2 Security level 2 Based on security level 1. a) Security chips shall not disclose relevant information of keys through physical interfaces or logical interfaces during the key generation process. b) After the generation of keys, security chips shall immediately eliminate relevant data and temporary data which is used during the generation of keys and will no longer be used. 7.1.3 Security level 3 As security level 2. 7.2 Storage 7.2.1 Security level 1 Security chips are capable of storing keys correctly and effectively. 7.3 Usage 7.3.1 Security level 1 Security chips shall be capable of using keys correctly and effectively in accordance with key types, application scenarios, etc. 7.3.2 Security level 2 Based on security level 1. a) The storage region of security chips for the storage keys and key related information during the usage of keys shall be controllable and special. b) During the usage of keys, the physical interfaces and logical interfaces of security chips shall not disclose keys and related information. 7.4 Update 7.4.1 Security level 1 Security chips shall be capable of updating keys correctly and effectively. 7.4.2 Security level 2 Based on security level 1. 7.4.3 Security level 3 As security level 2. 7.5 Import 7.5.1 Security level 1 Security chips shall be capable of importing keys correctly and effectively. 7.5.2 Security level 2 Based on security level 1. a) The import of keys requires corresponding authorization. b) Security chips shall support importing keys in the form of ciphertexts. 7.5.3 Security level 3 As security level 2. 7.6 Export 7.6.1 Security level 1 Security chips are capable of exporting keys correctly and effectively.

8 Sensitive information protection

8.1 Storage 8.1.1 Security level 1 Security chips are capable of storing sensitive information correctly and effectively. 8.2 Clearing 8.2.1 Security level 1 Security chips are capable of clearing sensitive information correctly and effectively. 8.2.2 Security level 2 Based on security level 1. 8.2.3 Security level 3 Based on security level 2, security chips shall support the secure key clearing mechanism which is implemented using the methods including repeated erasing. 8.3 Operation 8.3.1 Security level 1 a) Security chips shall be capable of conducting operation for sensitive information correctly and effectively. b) Security chips shall not export sensitive information during the operation process. 8.4 Transmission 8.4.1 Security level 1 Security chips shall be capable of importing or exporting sensitive information permissible for transmission correctly and effectively, as needed. 8.4.2 Security level 2 Based on security level 1.

9 Firmware security

9.1 Storage 9.1.1 Security level 1 The firmware in security chips shall not be read out through interfaces. 9.1.2 Security level 2 Based on security level 1. 9.2 Implementation 9.2.1 Security level 1 a) Security chips shall be capable of implementing the functions declared correctly and effectively. b) The firmware of security chips shall not implement the functions which are not declared. 9.2.2 Security level 2 Based on security level 1, security chips shall take the measures such as exception handling mechanism, to ensure the robustness and integrity of firmware itself. 9.3 Import 9.3.1 Security level 1 Security chips shall implement the import of firmware correctly and effectively. ......
Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.
Image 1     Image 2     Image 3     

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of English version of GM/T 0008-2012 be delivered?Answer: The full copy PDF of English version of GM/T 0008-2012 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.

Question 2: Can I share the purchased PDF of GM/T 0008-2012_English with my colleagues?Answer: Yes. The purchased PDF of GM/T 0008-2012_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?Answer: Yes. www.ChineseStandard.us -- GM/T 0008-2012 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.

How to buy and download a true PDF of English version of GM/T 0008-2012?

A step-by-step guide to download PDF of GM/T 0008-2012_EnglishStep 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).
Step 2: Search keyword "GM/T 0008-2012".
Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart.
Step 4: Select payment option (Via payment agents Stripe or PayPal).
Step 5: Customize Tax Invoice -- Fill up your email etc.
Step 6: Click "Checkout".
Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively.
Step 8: Optional -- Go to download PDF.
Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice.
See screenshots for above steps: Steps 1~3    Steps 4~6    Step 7    Step 8    Step 9