Detail of GM/T 0039-2015

Introduction of GM/T 0039-2015

Security Test Requirements for Cryptographic Modules 1 Scope In accordance with the requirements of GM/T 0028-2014, this standard specifies requirements on a series of test procedures, methods and corresponding vendor documentation for cryptographic modules. This standard is applicable to tests of cryptographic modules. 2 Normative References The following documents are essential for the application of this Standard. For dated reference, just dated edition applies to this document. For undated references, the latest edition (including any amendments) applies to this document. GM/T 0028-2014 Technical Requirements for Cryptographic Module Security GM/Z 4001 Cryptography Terminologies 3 Terms and Definitions For the purpose of this Standard, the terms and definitions in GM/T 0028-2014 and GM/Z 4001 apply. 4 Acronyms The following acronyms apply in this document. API Application Program Interface CBC Cipher Block Chaining CSP Critical Security Parameter EDC Error Detection Code EFP Environmental Failure Protection EFT Environmental Failure Testing FSM Finite State Model HDL Hardware Description Language IC Integrated Circuit PIN Personal Identification Number PROM Programmable Read-Only Memory PSP Public Security Parameter RAM Random Access Memory RBG Random Bit Generator ROM Read-Only Memory SSP Sensitive Security Parameter 5 Document Organization 5.1 General Clause 6 of this document specifies the procedures and methods that shall be used by testing laboratories and the requirements for information that vendors shall provide to testing laboratories. Clause 6 includes 18 subclauses: general requirements are specified in 6.1; and 6.2~6.18 correspond to the eleven areas of security requirements and the Annexes A to F in GM/T 0028-2014. 5.2 Assertions and Security Requirements Within each subclause in Clause 6, the corresponding security requirements from GM/T 0028-2014 are divided into a set of assertions. All of the assertions are direct quotations from GM/T 0028-2014 and expressed in bold font. The assertions are denoted by the form: AY. Where "AY" means security requirement, “requirement_number” is the number of the corresponding area specified in GM/T 0028-2014 (i.e., one through twelve and A through F), and “sequence_number” is a sequential identifier for assertions within a subclause. After the number of each assertion, the security levels to which the assertion applies are listed in parentheses. After the statement of each assertion, the requirements on the vendor documentation required are stated. These requirements describe the types of documentation or explicit information that the vendor shall provide in order for the tester to verify conformity to the given assertion. These requirements are denoted by the form: CY.. Where "CY" means the requirements on the vendor documentation, “requirement_number” and “assertion_sequence_number” are identical to the corresponding assertion requirement number and sequence number, and “sequence_number” is a sequential identifier for vendor requirements within the assertion requirement. Also following the vendor documentation is a set of requirements on the test procedures. These requirements instruct the tester as to what he or she shall do in order to test the cryptographic module with respect to the given assertion. These requirements are denoted by the form: JY.. Where "JY" means the requirements on test procedures and method, “requirement_number” and “assertion_sequence_number” are identical to the corresponding assertion requirement number and sequence number, and “sequence_number” is a sequential identifier for tester requirements within the assertion requirement. 5.3 Assertions with Cross References For clarity in some assertions, cross references to GM/T 0028-2014 or other assertions numbers have been put between curly brackets “{“ and ”}”. Those cross references are written in italics. 6 Security Requirements 6.1 General Note: this subclause states general requirements to meet the assertions of the other subclauses in Clause 6. AY01.01: (Levels 1, 2, 3, and 4) This Clause specifies the security requirements that shall be satisfied by the cryptographic module’s compliance to this standard. Note: this assertion is not separately tested. AY01.02: (Levels 1, 2, 3, and 4) A cryptographic module shall be tested against the requirements of each area. Note 1: the tests can be performed by the testing laboratories in one or more of the following manners: a) Tester performs tests at the testing laboratory’s facility b) Tester performs tests at the vendor’s facility c) Tester supervises vendor performing tests at the vendor’s facility. In such case,

Contents of GM/T 0039-2015

1 Scope 2 Normative References 3 Terms and Definitions 4 Acronyms 5 Document Organization 5.1 General 5.2 Assertions and Security Requirements 5.3 Assertions with Cross References 6 Security Requirements 6.1 General 6.2 Cryptographic Module Specification 6.3 Cryptographic Module Interfaces 6.4 Roles, Services, and Authentication 6.5 Software/Firmware security 6.6 Operational environment 6.7 Physical security 6.8 Non-invasive Security 6.10 Self-tests 6.11 Life-cycle Assurance 6.12 Mitigation of Other Attacks 6.13 A-Documentation Requirements 6.14 B-Cryptographic Module Security Policy 6.15 C-Approved Security Functions 6.16 D-Approved sensitive Security Parameter Generation and Establishment Methods 6.17 E-Approved Authentication Mechanisms 6.18 F-Approved Non-invasive Attack Mitigation Test Metrics Annex A (Informative) Security Level Corresponding Table