Automated Cryptographic Validation Protocol (ACVP) support from atsec

atsec is proud to present support for the:

NIST ACVP testing framework 

which replaces the legacy NIST CAVS testing. Cryptographic algorithm validation program (CAVP) testing is required for cryptographic modules undergoing conformance testing and validation according to the FIPS 140-2 specification. It is also required for Common Criteria evaluations performed in accordance with the NIAP Common Criteria Evaluation and Validation Scheme.

The Automated Cryptographic Validation Protocol (ACVP) is a network protocol for which NIST provides a server using the protocol which produces test vectors, validates responses and, in the case of successful validation, issues certificates that can be used in support of the Cryptographic Module Validation Program's (CMVP) FIPS 140-2 conformance validations, and Common Criteria evaluations performed under the Common Criteria Evaluation and Validation Scheme (CCEVS) operated by the National Information Assurance Partnership (NIAP).

atsec has developed two tools that provide flexible client-support to access the NIST ACVP server:

• The ACVP Proxy connects to the NIST ACVP server to request test vectors, store them locally, return locally stored test responses to the ACVP server and obtains the final verdict. The ACVP Proxy is a highly threaded system capable of parallel downloads of thousands of test vectors. At the moment, the threading is artificially limited to 32 threads to control the impact on the ACVP development and testing server.
• The ACVP Parser picks up the test vectors retrieved from the ACVP Proxy, invokes the cryptographic module under test to generate the test responses for the ACVP Proxy. The ACVP Parser includes all specific test vector handling including the Monte-Carlo Testing which commonly causes concerns with developers.

Both components handle test vectors and test responses as files which are stored in a database allowing the maintenance of tens of thousands of test vectors. Further, the clear separation between the two components allow the complete isolation of the test infrastructure with the cryptographic module from the Internet.

atsec publishes both components as Open Source available at GitHub under a BSD license. The provided code is a clean C99 implementation which allows the compilation on all environments providing a POSIX API. This includes Linux, BSDs, macOS, iOS, Android, Solaris, AIX, Windows with the POSIX interface and other operating systems. This is demonstrated by atsec with an iOS app of the ACVP Parser that executes the iOS CoreCrypto library considering the atsec development environment is Linux.

The ACVP Proxy and ACVP Parser are highly flexible by providing a plug-in framework to support different cryptographic modules. To add a new cryptographic module support to the ACVP Parser, the interface invoking the cryptographic module API must be implemented. The remaining parsing and unparsing code can be left unchanged. Similarly, the ACVP Proxy only requires additional cipher definitions specifying the supported cryptographic

algorithms of the tested module. To obtain the same test vectors for one cryptographic module executing on different platforms, an ACVP Proxy configuration file only needs updating.

The Open Source release of the ACVP Proxy and ACVP Parser currently offers support for OpenSSL and the hash and HMAC support used by the ACVP Proxy. With these plugins, atsec developed full support for the following cryptographic modules that can be fully tested with the ACVP server and are available to atsec customers:

• OpenSSL
• Linux Kernel Crypto API
• GnuTLS
• libgcrypt
• libkcapi
• Nettle
• NSS
• Generic PKCS11 tokens
• OpenSSH
• Libreswan
• Strongswan
• WPA Supplicant part of the hostapd software
• ACVP Proxy hash and HMAC implementation
• Apple macOS, iOS, tvOS, and watchOS Core Crypto library
• Apple macOS, iOS, tvOS, and watchOS Common Crypto library
• libsodium
• libnacl

Support for additional cryptographic modules can be developed by atsec with reasonable effort.

During the development of the ACVP Proxy and ACVP Parser, atsec supported the NIST ACVP development team to a large extent. The ACVP server data is tested with all of the  cryptographic implementations mentioned above. During the development process, atsec provided numerous improvement suggestions and bug reports to NIST. atsec is committed to the future development and maintenance of the ACVP Proxy and ACVP Parser.

NDcPP v2.1 has been published!

The Network International Technical Community (iTC) published the Network Device Collaborative Protection Profile (NDcPP) version 2.1 this afternoon (2018-09-24). This is the latest update to the NDcPP series of cPPs. Vendors looking to perform a NIAP evaluation using this cPP will need to wait until NIAP approves the new version. In the past, NIAP has taken about one month to approve the NDcPP once it was published by the Network iTC.

Expect this new cPP to appear on the CC Portal very soon. (https://www.commoncriteriaportal.org/)

International Cryptographic Module Conference 2018 in Ottawa, Canada

After a day of pre-conference workshops, the International Cryptographic Module Conference (ICMC) 2018 was kicked off this morning with a welcome address from atsec's VP and Lab Director Yi Mao. The welcome was followed by keynote speeches from Jason Hart, CTO of Data Protection for Gemalto UK and Scott Jones, Assistant Deputy Minister of Information Technology Security for Communications Security Establishment of Canada.



At the ICMC more than 400 attendees from 26 countries will have an opportunity to exchange ideas, network and learn from over 100 industry experts about commercial cryptography and standards like FIPS 140-2, ISO/IEC 19790, and Common Criteria.

More information about the conference running from May 8th to May 11th at the Shaw Center in Ottawa, Ontario, Canada can be found here: https://icmconference.org

Tech Corner: SP 800-56B and RSAES-PKCS1-v1.5 Update

Near the end of 2017, NIAP issued and later retracted Labgram #106. This Labgram warned that RSAES-PKCS1-v1.5 would be disallowed by NIST after 2017 which meant that it would also be disallowed by NIAP after 2017 in CC evaluations. The reason for the retraction was because NIST delayed the publication of their update to NIST SP 800-56B that would effectively disallow RSAES-PKCS1-v1.5-based establishment schemes.

In practice, this disallowance meant that all TLS ciphersuites starting with TLS_RSA_* would be disallowed for use with TLS v1.2 and earlier. This is a large set of commonly supported TLS ciphersuites. Removing them from use would leave only the DH and ECDH-based ciphersuites available for use in TLS.

This update is just to inform you that RSAES-PKCS1-v1.5 is still allowed by NIST and NIAP. We hope to receive updated information from NIST on the SP 800-56B revision at the ICMC conference May 8-11, 2018 in Ontario, Canada.

In the meantime, please be proactive and prepare your products for the eventual disallowance of RSAES-PKCS1-v1.5 and its associated TLS ciphersuites. Also note that the new TLS 1.3 standard has removed support for the static RSA and DH ciphersuites in favor of DHE/ECDHE, pre-shared keys (PSKs), and PSKs with DHE/ECDHE. Thus, static RSA and DH ciphersuites will eventually become a thing of the past in TLS as well as the DSA, MD5, and SHA-224 algorithms.

~Scott Chapman

atsec partners with major retail outlets for provision of security assurance

In a major announcement, dated April 1^st, 2018, atsec information security announces the establishment of partnerships with major retail outlets around the world, in a bid to provide more convenient provision of security assurance to users of commercial IT products.

Users of commercial off the shelf products purchased through major retail outlets can set default profile options such as which technology vendor they prefer, and which program or national scheme is to be used.

atsec services will now include free two-day certificate shipping and a very convenient ordering and re-ordering technology for certificate updates.

For an additional premium, consumers can select products that include OpenSSL and obtain certificate delivery within two hours (available in some areas only).

atsec is also developing an App that will enable compatibility with both Siri and Alexa; and is actively investigating expedited delivery of Security Target , Security Policy and other public facing documents documents by drone. CC validation of the App is expected very soon.

A giant leap for mankind?

Oh boy!!! Yet another year has gone by and we are celebrating International Women's Day again.

This year the theme is "Time is Now: Rural and urban activists transforming women’s lives".

I must say that working in atsec has always been free of the worries about gender inequality that I've been reading such a lot about recently, and that I know some of my industry colleagues have experienced (and probably still do). 

Here in atsec I feel nothing but respect and I am as empowered "as the next man".

According to Wikipedia, 2018 marks a whole century since women were first allowed to vote in Germany and the UK;  in Sweden the centenary is 2019; the US will celebrate  in 2020; In Italy, 2045 and in China it will be 2047. 

To those of my colleagues wondering about International Men's day, I am happy to report that this is celebrated every year on November 19th. This year the men's theme is "Positive male role models."

atsec is celebrating!!

It is 18 years since atsec was founded on January 11th, 2000. 

Since then atsec has made a very significant contribution to information security. As one of the only truly independent labs atsec is still  self-funded, owned by professionals in the security assurance business and a key player in the technologies and geographies in which we operate. We have hundreds of successful testing and evaluation projects, founded IT security conferences, contributed with a great many IT security consultancy projects, become one of the foremost PCI assessors in the China and Asia region, and had a lot of fun along the way.

Not many people know that the name "atsec" is related to the Italian word for basket, ("cesta"). This underlines that we have a great wealth of security-related expertise and diversity within atsec.

Thanks are due to all the atsec customers, schemes and programs, accreditors, atsec staff and alumni who have helped atsec reach this milestone birthday.

eIDAS for Remote (Centralised Server) Signing

What is eIDAS?

Evaluation and certification of trustworthy systems and signature and seal creation devices becomes increasingly important due to the new eIDAS regulation (EU Regulation No. 910/2014) that entered into force in the 28 EU Member States in July 2016. eIDAS is an EU regulation on electronic identification (eID) and trust services (AS), which was established to promote economic growth in the European digital single market, by enhancing the convenience and security of online transactions across EU borders. This is accomplished by establishing a European internal market for Trust Services, including various types of electronic signatures and seals, time stamps, electronic delivery services and website authentication, provided by Trust Service Providers (TSPs).

How it is used?

Ultimately, under the eIDAS regulation, citizens and businesses are able to use their native electronic identification schemes (eIDs) when accessing public services within other EU Member States that use eIDs, and use trust services have the same legal status as traditional paper-based processes and signatures. Digital signatures and seals with different trust levels are specified under eIDAS:

• Electronic signatures or seals: anything which is used to sign to ensure origin and integrity of data (yet no trust in the identity is provided).
• Advanced electronic signatures or seals: an electronic signature or seal with sole control properties. The advanced electronic signature or seal is created with a signature (seal) creation device (i.e. a software key or smart card). 
• Qualified electronic signatures or seals: an advanced electronic signature or seal, which satisfies technical and security requirements as specified in the regulation. This type of signature or seal is created with a qualified signature creation device, which is certified against eIDAS requirements and standards.

Common Criteria?

International (technical) standards play a key role in ensuring transparency and high security for online transactions. The Common Criteria (ISO/IEC 15408) standard is one of the standards that supports eIDAS by providing assurance of, inter alia, the security of trustworthy systems, and signature (and seal) creation devices (International Organization for Standardization, 2009). Various Protection Profiles for Common Criteria evaluations and certification have been developed for local signature generation (i.e. on smart cards or USB tokens), such as the TS 419 211 part 1-6 (Protection Profiles for Secure Signature Creation Device).

Creation of signatures on Central Servers?

New Protection Profiles are being developed by the European Committee for Standardization 

(CEN). These will comprise the requirements for trustworthy systems supporting server signing, also known as central signing, server-side signing or cloud signing, which is employed to allow signatures (and seals) to be created remotely with the user’s signing keys. A Trustworthy Systems Supporting Server Signing is illustrated in the figure below. The remote protected environment, providing server signing capabilities, comprises a Server Signing Application (SSA) and a (Qualified) Signature Creation Device (QSCD). The user may use his mobile phone or any other personal device to remotely sign documents with qualified electronic signatures.

Summary

The new eIDAS regulation provides increased security and convenience for electronic identification and the use of trust services within the EU. Advantages of eIDAS include the recognition of native electronic identification schemes in all EU member states that use eIDs, and that trust services have the same legal status as paper-based processes and signatures. There are different types of signatures (and seals) with different trust levels, including electronic signatures or seals, advanced electronic signatures or seals and qualified electronic signatures or seals. Both local and remote signing, using qualified electronic signatures, require compliance to international standards in the eIDAS standards framework, including Common Criteria evaluations against Protection Profiles for, inter alia, Secure Signature Creation Devices (EN 419 211) and Trustworthy Systems Supporting Server Signing (EN 419 241 - draft).

Even though eIDAS entered into force more than a year ago, many aspects of the regulation are still under development. For instance, various standards for certification of components used for signing with qualified electronic signatures are still under drafting. It therefore remains to be seen what challenges will emerge in the future. Stay tuned for more information on eIDAS!

References and Further Reading

ANSSI (2016). Protection Profile for Trusted Signature Creation Module in TW4S (PP-RSCD-TSCM/TW4S v1.2).

DIN (n.d.). Trustworthy Systems Supporting Server Signing - Part 2: Protection profile for QSCD for Server Signing; German and English version prEN 419241-2:2017. [online] Available at: https://www.din.de/en/getting-involved/standards-committees/nia/projects/wdc-proj:din21:235880560 [Accessed 12 December 2017]

ETSI (2013). ETSI ESI Workshop: Signing in the Cloud. CEN Server Signing TS 419 241 part 1. [online] Available at: https://docbox.etsi.org/workshop/2013/201303_SIGNATURES_IN_CLOUD/3b-CEN-Server-Signing.pdf [Accessed 12 December 2017]

International Organization for Standardization (2009). ISO/IEC 15408: Information technology -- Security techniques -- Evaluation criteria for IT security.

Leroy, F. and Hernandez-Ardieta, J.L. (2012). Update from CEN TC 224 WG 17: Progress Status, Server Signing Standard and other related Protection Profiles. In 13^th International Common Criteria Conference (ICCC 2012), Paris.  

- Dorien Koelemeijer  &

Rasma Araby