Cryptographic module related work in ISO/IEC JTC 1/SC 27/WG 3

Last updated: 2019-03-04

For several years the value of conformance testing against the FIPS 140-2 specification has been well accepted, and the assurance gained through validated conformance has been specified (with varying degrees of rigor) in several other markets. For example:

• Other governments that use either FIPS 140-2 or ISO/IEC 19790: These include: 
• Canada, who partners with NIST in operating the CMVP as a joint endeavor between NIST and the Canadian Centre for Cyber Security (CCCS), a branch of the Communications Security Establishment (CSE); 
• Japan CMVP which is part of the  Information-technology Promotion Agency (IPA). JCMVP developed and operate a validation program (similar to that used in the US and Canada) in support of procurement in compliance with the Japanese Standards for Information Security Measures for the Central Government Computer Systems;
• Korea Cryptographic Module Validation Program (KCMVP)
• Spain (CCN)
• Turkey (TSE)
• 
  
• Several Common Criteria national schemes who may often draw from cryptographic module or cryptographic algorithm validations in their own assurance work. These include:
• US: NIAP who specify that NIST crypto algorithm validation program certificates be obtained in support of CC evaluations.
• 
  
• In 2013, an ENISA survey shows that 89% of respondents report using at least some product with a NIST FIPS certification, while 80% of use at least one Common Criteria certified product. 
• The UK’s information commissioner’s office and Treasury Solicitor’s Department, both of which recommend using FIPS 140-2 validated encryption products.
• The Health industry. For example, the HITECH act provides for "safe harbor" from the costs of patient notification as well as the reputational risk if the data was protected  using encryption. The approved encryption processes to claim safe harbor are those that comply with the requirements of the Federal Information Processing Standards (FIPS) 140-2.
• The Financial industry. This industry has long referenced use of FIPS 140-2 and its predecessors as a best practice. More recently, the Payment Card Industry has drawn heavily from FIPS 140-2 in their endeavors to obtain cryptography assurance within PCI environments and systems in several of their standards.
• Voting Systems. The Electoral Assistance Commission’s Voluntary Voting System Guidelines recommend the use of FIPS 140-2 for cryptography in voting systems.
•  Digital Cinema. FIPS 140-2 is specified in the digital cinema specification, V1.2.

Despite the obvious usefulness of the standard and the assurance that is gained from programmatic testing and validation of the results, it has been long recognized that a US government-produced standard (and US government validations) may not be appropriate for scenarios beyond the US Government regulation and so, in 2003, a project was initiated by ISO/IEC JTC 1 sub-committee 27 which focuses on IT security techniques. The project was allocated to Working Group 3, and the assigned editors and experts from the US, France and Japan led the international coordination to produce the first edition of ISO/IEC 19790 which was published in 2006.

A comparison of FIPS 140-2 and ISO/IEC 19790 is given in the blog "ISO's cryptographic module work".

A similar blog on ISO's work related to ISO/IEC 15408 (Common Criteria)  is also avilable. There is some overlap.

Work from ISO/IEC JTC 1/SC 27/WG 3 related to cryptographic modules

The work in ISO is not restricted to the specification and the associated test requirements. There are several other work items that have been published or are currently being developed in SC 27/WG 3. These include:

Requirements and testing

IS 19790:2012: Security requirements for cryptographic modules

Specifies security requirements specified intended to maintain the security provided by a cryptographic module.

This core standard is currently in it's second edition,  Note that the standard has been updated with a corrigendum in 2015.

IS 24759:2014: Test requirements for cryptographic modules

Specifies the methods to be used by testing laboratories to test whether the cryptographic module conforms to the requirements specified in ISO/IEC 19790:2012/Cor.1:2015. It also specifies the requirements for information that vendors provide to testing laboratories as supporting evidence for conformance testing.

This standard is currently in it's second edition,  Note that the standard has been updated with a corrigendum in 2015.

Deployed Modules 

DRAFT ISO/IEC TS 20540 Guidelines for testing cryptographic modules in their operational environment  

Describes the guidelines that may be used in operational testing of cryptographic
modules which are deployed as part of a security system. The operational tests are performed to determine the suitability and proper usage of a cryptographic module in its intended environment.

Non-Invasive attacks

IS 17825:2016: Testing methods for the mitigation of non-invasive attack classes against cryptographic modules

Specifies the non-invasive attack mitigation test metrics for determining conformance to the requirements specified in ISO/IEC 19790 for Security Levels 3 and 4. The test metrics are associated with the security functions specified in ISO/IEC 19790. Testing will be conducted at the defined boundary of the cryptographic module and I/O available at its defined boundary.

The test methods used by testing laboratories to test whether the cryptographic module conforms to the requirements specified in ISO/IEC 19790 and the test metrics specified in this International Standard for each of the associated security functions specified in ISO/IEC 19790 are specified in ISO/IEC 24759. The test approach employed in this International Standard is an efficient "push-button" approach: the tests are technically sound, repeatable and have moderate costs.

DRAFT ISO/IEC TR 20085-1: Test tool requirements and test tool calibration methods for use in testing non-invasive attack mitigation techniques in cryptographic modules — Part 1: Test tools and techniques.

DRAFT ISO/IEC TR 20085-2: Test tool requirements and test tool calibration methods for use in testing non-invasive attack mitigation techniques in cryptographic modules — Part 2: Test calibration methods and apparatus

TR 30104:2015: Physical Security Attacks, Mitigation Techniques and Security Requirements

This technical report provides guidance and addresses the following topics:

• a survey of physical security attacks directed against different types of hardware embodiments including a description of known physical attacks, ranging from simple attacks that require little skill or resource, to complex attacks that require trained, technical people and considerable resources;
• guidance on the principles, best practices and techniques for the design of tamper protection mechanisms and methods for the mitigation of those attacks; and
• guidance on the evaluation or testing of hardware tamper protection mechanisms and references to current standards and test programs that address hardware tamper evaluation and testing.

Cryptographic functions, algorithms and protocols

Note that the specification of cryptography and security mechanisms  is handled in WG 2: I have not listed their related work here. A full list of SC 27 work can be found in the ISO Standards Catalogue.

DRAFT IS 18367: Cryptographic algorithms and security mechanisms conformance testing

Intended to provide the basis for testing the implementation correctness of cryptographic algorithms published by ISO.
Conformance testing assures that an implementation of a cryptographic algorithm or security mechanism implementation is correct whether implemented in hardware, software or firmware or in a specific operating environment. Testing may consist of known-answer or Monte Carlo testing, or a combination of test methods. Testing may be performed on the actual implementation or modeled in a simulation environment.

2016: This document is in the late stages of development and is expected to be published before the end of 2016.

IS 29128:2011: Verification of cryptographic protocols: 

Establishes a technical base for the security proof of the specification of cryptographic protocols. It specifies design evaluation criteria for these protocols, as well as methods to be applied in a verification process for such protocols. It also provides definitions of different protocol assurance levels consistent with evaluation assurance components in ISO/IEC 15408.

DRAFT ISO/IEC 20543: Test and analysis methods for random bit generators within ISO/IEC 19790 and ISO/IEC 15408

Describes testing and evaluation methods for determining the acceptable randomness of non-deterministic and deterministic random bit generators for use in cryptographic applications.

Physically unclonable functions (PUFs)

DRAFT: ISO/IEC  20897:Security requirements, test and evaluation methods for physically unclonable functions (PUFs) for generating non-stored security parameters

2016: This standard is currently under development.

Competence

DRAFT ISO/IEC TR 19896-1: Competence requirements for information security testers and evaluators: Part 1: Introduction, concepts and general requirements

Provide the fundamental concepts related to the topic of the competence of the individuals responsible for performing IT product security evaluations and conformance testing. Provides the framework and the specialised requirements that specify the minimum competence of individuals performing IT product security evaluation and conformance testing using established standards.
This will support the goals of ISO CASCO conformity assessment by contributing standardized requirements for competency supporting ISO/IEC 17024.

 DRAFT ISO/IEC TR 19896-2: Competence requirements for information security testers and evaluators: Part 2: Knowledge, skills and effectiveness requirements for 19790 testers

This standard will establish  a baseline for the competence of ISO/IEC 19790 testers and validators with the goal of establishing conformity in the requirements for the training of ISO/IEC 19790 testing and validator professionals associated with cryptographic module conformance testing programs.

About testing and validation of conformance to ISO/IEC 19790

Now that there is an internationally recognized set of standards for the specification and testing of cryptographic modules, a base set of cryptographic standards and fundamentals, as well as a means of testing their implementation correctness, all the needed tools are in place for various authorities to develop validation programs - and use of the tools provide for consistent testing, validation, and certification of conformance to the ISO standard.

This is already happening.

• In Japan, IPA operates a cryptographic module validation program with ISO/IEC 19790 as a basis known as the JCMVP.  At the ICMC in 2013, Japan announced that a memorandum of understanding between the JCMVP and the CMVP.
• in Korea, the Korean Cryptographic Module Validation Program (KCMVP ) was established in 2005 and uses ISO/IEC 19790 as a basis for their program specifying the Korean approved set of cryptographic algorithms and security functions.
• A validation program in Spain for cryptographic modules is based on the ISO standards
• A validation program in Turkey for cryptographic modules is based on the ISO standards
• Other national programs are under consideration 

With the development of validation programs using the standards -- and perhaps even one day mutual recognition by different programs -- the needs of the commercial sector around the world can be addressed. This would help developers and vendors of cryptographic modules to address markets on a multi-national basis (and may even help address some of the issues apparent in the critical infrastructures and the international supply chain).

To successfully offer such a service, a validation program must define the operational activities that are vital to a successful program. These activities include:

• accrediting test laboratories
• making program policies
• defining the approved cryptographic functions,
• establishing algorithm implementation testing and validation
• establishing a management system for validating and certifying the testing results
• providing any necessary interpretations of the standards
• dealing with comments, requests, and issues from labs and vendors
• policing the certificate and logo usage 

WG3 have produced a document that provides additional guidance on this topic:

ISO/IEC 15443  ("FRITSA")

ISO/IEC TR 15443-1:2012:  Security assurance framework -- Part 1: Introduction and concepts

ISO/IEC TR 15443-2:2012: Security assurance framework -- Part 2: Analysis

Substantially revised in 2012. Part one gives a discussion of the nature of security assurance, providing a framework for further discussions and documents. Part 2 of this technical report describes the "criteria for criteria". It discusses security assurance schemes, and how these themselves can be evaluated. While some schemes are of high quality, others may not be. What criteria can be used to tell?

By Fiona Pattinson

INCITS Recognizes atsec’s Fiona Pattinson with Technical Excellence Award

atsec information security corporation’s Vice President of Business Development, Fiona Pattinson, has been recognized today by the International Committee for International Technology Standards (INCITS) for outstanding technical contribution to the development of Cyber Security Standards in their CS1 Committee. During the INCITS meeting in Tampa, Florida, Fiona Pattinson was presented with a prestigious Technical Excellence Award in recognition for her long term contribution and dedication to the development of International and National Standards.

Fiona Pattinson receiving the award

“atsec is very proud to congratulate Fiona Pattinson on her INCITS Technical Excellence Award. Her involvement has been an important part of our company’s mission to improve Cyber Security Standards and assist in raising the security capabilities of our customer’s products and solutions.” said Salvatore La Pietra, President and CEO of atsec.

“INCITS is recognizing Fiona’s numerous contributions to the INCITS/CS1 - Cyber Security standards community. As a long time participant and a technical expert on the committee, Fiona has been providing expert contributions on a wide variety of standards projects assigned to ISO/IEC JTC 1/SC 27WG3. In addition, she has accepted many roles, such as editor, co-editor, study period rapporteur and liaison. On most occasions at the international meetings, she presently serves as acting WG 3 recording secretary and as a member of the drafting committee. She continues to serve the committee as the US sub-head of delegation to the SC 27IWG3 meetings,” added Helmut Kurth, Vice President and Chief Scientist of atsec corporation.

The Vatican Signs the ISO/IEC 15408 International Recognition Arrangement (I2RA)

Recognizing the need for secure IT products in all regions of the world, and in support of an internationally agreed Arrangement allowing for the mutual recognition of independently evaluated and validated information technology (IT) products, the Vatican has decided to sign the ISO/IEC 15408 International Recognition Arrangement (I²RA) and has started to validate the security evaluations of IT products.

Vatican City

The I²RA was established in 1996 and was used as the basis for mutually accepting certificates for the assurance of IT products. At that time it was in competition with another arrangement called the Common Criteria Recognition Arrangement (CCRA), which some nations viewed as the more attractive option.

The I²RA signatories therefore started a process to weaken the CCRA thus strengthening the importance and influence of the I²RA. Finally this process was successful.

The Vatican has announced that it has joined the existing signatories to the I²RA as the first Certificate Authorizing member. This provides much needed value to the existing certificate-consuming members¹ of the arrangement.

atsec's Vice President, Fiona Pattinson stated:

"Convincing the Vatican to join this hitherto little known Arrangement has been a long term goal of atsec. Drawing from our long experience in helping nation-states to establish validation schemes under the now obsolete CCRA it seemed natural to help the Vatican to establish an evaluation and validation Scheme within the I²RA in order to continue to support those developers that wish to demonstrate to assurance-consumers that their products offer a modicum of assurance in their security functionality."

The Vatican has set up its own evaluation facility that analyzes IT products for compliance with ISO/IEC 15408 in context with divine security principals and a newly established policy that eliminates security flaws using a new vulnerability assessment and mitigation technology named 'exorcism'. Details of this technology have not been published but the Vatican has stated that this technology has been very successful in the past for projects performed in other areas.

Objections came from several Intelligence Agencies who stated that international mutual recognition of evaluations not performed under their control, and resulting in the eradication of a large number of vulnerabilities, may have a negative influence on their ability to perform the work they are supposed to do. They also objected to the use of 'supernatural' assessment methods claiming to provide a high level of assurance.

Some Voodoo priests in the Caribbean have announced that they are also considering setting up a security evaluation and validation scheme and will potentially convince their countries to join the I²RA.

---

¹ including Atlantis, Caledonia, Tantooine, Dagobah, Rivendell, Gondor, Equestria, Estovakia, Grand Fenwick, Krakozhia, Loompa Land, Moldavia and Molvanîa, Oceania, Qumar, Rohan, Shangri-La, Republic of Tirania, and the United Federation.