FIPS Security Policy

Similar documents
EgoSecure GmbH. EgoSecure Full Disk Encryption (FDE) Cryptographic Module. FIPS Security Policy

Hitachi Virtual Storage Platform (VSP) Encryption Board. FIPS Non-Proprietary Cryptographic Module Security Policy

Juniper Network Connect Cryptographic Module Version 2.0 Security Policy Document Version 1.0. Juniper Networks, Inc.

STS Secure for Windows XP, Embedded XP Security Policy Document Version 1.4

Dolphin DCI 1.2. FIPS Level 3 Validation. Non-Proprietary Security Policy. Version 1.0. DOL.TD DRM Page 1 Version 1.0 Doremi Cinema LLC

This Security Policy describes how this module complies with the eleven sections of the Standard:

Dolphin Board. FIPS Level 3 Validation. Security Policy. Version a - Dolphin_SecPolicy_000193_v1_3.doc Page 1 of 19 Version 1.

KEY-UP Cryptographic Module Security Policy Document Version 0.5. Ian Donnelly Systems (IDS)

Imprivata FIPS Cryptographic Module Non-Proprietary Security Policy Version: 2.9 Date: August 10, 2016

FIPS Security Policy

The Xirrus Wi Fi Array XS4, XS8 Security Policy Document Version 1.0. Xirrus, Inc.

Symantec Corporation

SEL-3021 Serial Encrypting Transceiver Security Policy Document Version 1.9

Integral Memory PLC. Crypto Dual (Underlying Steel Chassis) and Crypto Dual Plus (Underlying Steel Chassis) FIPS Security Policy

FIPS Security Policy. for Marvell Semiconductor, Inc. Solaris 2 Cryptographic Module

Secure Cryptographic Module (SCM)

Security Policy Document Version 3.3. Tropos Networks

FIPS Level 1 Validation March 31, 2011 Version 1.12

Juniper Networks Pulse Cryptographic Module. FIPS Level 1 Security Policy Version: 1.0 Last Updated: July 19, 2013

Silent Circle Mobile Application Cryptographic Module

FIPS Non-Proprietary Security Policy. Cotap Cryptographic Module. Software Version 1.0. Document Version 1.4.

IOS Common Cryptographic Module (IC2M)

Credant CmgCryptoLib Version 1.7 Credant Cryptographic Kernel Version 1.5 FIPS Non-Proprietary Security Policy, Version 1.7 Level 1 Validation

CAT862 Dolby JPEG 2000/MPEG-2 Media Block IDC Security Policy. Version 3 June 30, 2010

SecureD v Security Policy

FIPS Non-Proprietary Security Policy

Meru Networks. Security Gateway SG1000 Cryptographic Module Security Policy Document Version 1.2. Revision Date: June 24, 2009

SecureDoc Disk Encryption Cryptographic Engine

FIPS Non-Proprietary Security Policy. Level 1 Validation Version 1.2

Hewlett-Packard Development Company, L.P. NonStop Volume Level Encryption (NSVLE) Product No: T0867 SW Version: 2.0

Dolby IMS-SM FIPS Level 2 Validation. Nonproprietary Security Policy Version: 4

Security Policy: Astro Subscriber Encryption Module Astro Spectra, Astro Saber, Astro Consolette, and Astro XTS3000. Version

FireEye CM Series: CM-4400, CM-7400, CM-9400

Oracle Solaris Kernel Cryptographic Framework Software Version 1.0 and 1.1

econet smart grid gateways: econet SL and econet MSA FIPS Security Policy

Security Requirements for Crypto Devices

ProtectV StartGuard. FIPS Level 1 Non-Proprietary Security Policy

Lexmark PrintCryption TM (Firmware Version 1.3.1)

Sony Security Module. Security Policy

Hughes Network Systems, LLC Hughes Crypto Kernel Firmware Version: FIPS Non-Proprietary Security Policy

Security Policy: Astro Subscriber Motorola Advanced Crypto Engine (MACE)

Oracle Solaris Userland Cryptographic Framework Software Version 1.0 and 1.1

Security Policy for FIPS KVL 3000 Plus

Dell SonicWALL. NSA 220, NSA 220W and NSA 240. FIPS Non-Proprietary Security Policy

FireEye NX Series: NX-900, NX1400, NX-2400, NX-4400, NX4420, NX-7400, NX-7420, NX7500, NX-10000, NX-9450, NX10450

Canon MFP Security Chip. ISO/IEC Security Policy

FIPS SECURITY POLICY FOR

CoSign Hardware version 7.0 Firmware version 5.2

FIPS Security Policy UGS Teamcenter Cryptographic Module

FIPS Security Policy

Motorola PTP 800 Series CMU Cryptographic Module Security Policy

1 INTRODUCTION CRYPTOGRAPHIC MODULE SPECIFICATION... 9

SafeNet LUNA EFT FIPS LEVEL 3 SECURITY POLICY

Non-Proprietary Security Policy Version 1.1

FireEye HX Series: HX 4400, HX 4400D, HX 4402, HX 9402

Enhanced Bandwidth Efficient Modem (EBEM) Cryptographic Module Non-Proprietary Security Policy

Samsung FIPS BC for Mobile Phone and Tablet FIPS Security Policy

WatchKey USB Token Cryptographic Module Model Number: K6 Smart Card Chip: Z32L256D32U PCB: K003010A Firmware Version: 360C6702

Bluefly Processor. Security Policy. Bluefly Processor MSW4000. Darren Krahn. Security Policy. Secure Storage Products. 4.0 (Part # R)

Prepared by the Fortress Technologies, Inc., Government Technology Group 4023 Tampa Rd. Suite Oldsmar, FL 34677

BCM58100B0 Series: BCM58101B0, BCM58102B0, BCM58103B0 Cryptographic Module VC0 Non-Proprietary Security Policy Document Version 0.

ARX (Algorithmic Research) PrivateServer Hardware version 4.7 Firmware version 4.8.1

Toshiba Secure TCG Opal SSC and Wipe technology. Self-Encrypting Drive Series

Dell Software, Inc. Dell SonicWALL NSA Series SM 9600, SM 9400, SM 9200, NSA FIPS Non-Proprietary Security Policy

IBM System Storage TS1140 Tape Drive Machine Type 3592, Model E07. Security Policy

Polycom, Inc. VSX 3000, VSX 5000, and VSX 7000s (Firmware version: ) FIPS Non-Proprietary Security Policy

Seagate Secure TCG Enterprise SSC Pulsar.2 Self-Encrypting Drive FIPS 140 Module Security Policy

VMware, Inc. VMware Horizon JCE (Java Cryptographic Extension) Module

AirMagnet SmartEdge Sensor A5200, A5205, A5220, and A5225 Security Policy

WatchKey ProX USB Token Cryptographic Module Hardware Version: K023314A Firmware Version:

Version 2.0. FIPS Non-Proprietary Security Policy. Certicom Corp. September 27, 2005

RFS7000 SERIES Wireless Controller. FIPS Cryptographic Module Security Policy

Oracle Linux 7 OpenSSH Server Cryptographic Module

FIPS Cryptographic Module Security Policy Entrust Authority Security Toolkit for the Java Platform

FIPS Crypto In the IoT. Chris Conlon ICMC17, May 16-19, 2017 Westin Arlington Gateway Washington DC

Cryptography and the Common Criteria (ISO/IEC 15408) by Kirill Sinitski

Cryptographic Module Security Policy For Outbacker MXP (Non-Proprietary)

FIPS Non-Proprietary Security Policy

Acme Packet 3820 and Acme Packet 4500

FIPS Level 2 Security Policy for FlagStone Core (Versions V a, V a, V )

Cisco VPN 3002 Hardware Client Security Policy

),36 6(&85,7< 32/,&< 1HW6FUHHQ ;7 9HUVLRQ U 3 1 5HY %

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Alcatel-Lucent. Alcatel-Lucent VPN Firewall Brick 50

Apple Inc. Apple OS X CoreCrypto Kernel Module, v5.0 FIPS Non-Proprietary Security Policy

1(76&5((1 &U\SWRJUDSKLF 0RGXOH 6HFXULW\ 3ROLF\ 9HUVLRQ 3 1 5HY $

FIPS SECURITY POLICY

FIPS SECURITY POLICY

FIPS Security Policy for Cisco Aironet Lightweight AP1131, AP1142, AP1242, AP1252, AP1262, CAP3502e, and CAP3502i Wireless LAN Access Points

FIPS SECURITY POLICY

McAfee, Inc. Network Security Platform Sensor M-1250, M-1450, M-2750, M-2850, M-2950, M-3050, M-4050, and M-6050

FEITIAN Technologies Company, LTD epass Token Hardware Version: FIPS Non-Proprietary Security Policy

Telkonet G3 Series ibridge/extender Security Policy

Oracle Linux 6 OpenSSH Server Cryptographic Module

Barco ICMP FIPS Non-Proprietary Security Policy

Motorola PTP 600 Series Point to Point Wireless Ethernet Bridges

SUSE Linux Enterprise Server 12 libgcrypt Cryptographic Module version 1.0. FIPS Non-Proprietary Security Policy

Cambium Networks PTP 800 Compact Modem Unit (CMU) FIPS Security Policy

Hydra PC FIPS Sector-based Encryption Module Security Policy

Common Crypto Circuit Card Assembly Rockwell Collins. Commercial Crypto Contract (CCC)

Transcription:

Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy Module Version 1.0 Document version 1.13 March 11, 2015 This document may be freely copied and distributed provided that it is copied in its entirety without modification.

CHANGE RECORD Revision Date Author Description of Change 1.13 03/11/15 W. Ribeiro Update to add new platforms 1.12 12/12/13 W. Ribeiro Update to add new test platforms 1.11 09/16/13 W. Ribeiro Update to add official name to new test platform 1.10 09/13/13 W. Ribeiro Update based on CMVP comments 1.9 04/17/13 W. Ribeiro Including new operation system version 1.8 01/07/13 J. Pinto Update based on review comments 1.7 12/21/12 W. Ribeiro Update based on review comments 1.6 12/19/2012 W. Ribeiro Added CAVP numbers and updated based on review comments 1.5 11/12/2012 W. Ribeiro Update based on review comments 1.4 10/31/2012 W. Ribeiro Update based on review comments 1.3 10/30/2012 W. Ribeiro Update based on review comments 1.2 10/11/2012 J. Pinto Update with latest review comments 1.1 08/27/2012 J. Pinto Include review comments 1.0 03/28/2012 J. Pinto Initial version <Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy> Page 2 of 15

Contents 1 Module Overview... 5 2 Security Level... 7 3 Modes of Operation... 8 3.1 FIPS Approved Mode of Operation... 8 4 Ports and Interfaces... 9 5 Identification and Authentication Policy... 10 5.1 Assumption of Roles... 10 6 Access Control Policy... 10 6.1 Roles and Services... 10 7 Operational Environment... 12 8 Security Rules... 13 9 Physical Security Policy... 15 10 Mitigation of Other Attacks Policy... 15 11 References... 15 <Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy> Page 3 of 15

Tables Table 1 Module Security Level Specification... 7 Table 2 FIPS Approved Algorithms Used in Current Module... 8 Table 3 Ports and Interfaces... 9 Table 4 Services... 11 Table 5 CSPs description... 11 Figures Figure 1 Module Cryptographic Boundary Software Block Diagram... 5 Figure 2 Module Cryptographic Boundary Hardware Block Diagram... 6 <Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy> Page 4 of 15

1 Module Overview This non-proprietary security policy describes the Motorola Mobility Linux Kernel Software Cryptographic Module (hereafter referred to as the module) and the FIPS Approved mode of operation per FIPS 140-2 Level-1 requirements. The module is a software only Linux kernel cryptographic module intended to operate on a multi-chip standalone mobile device (physical boundary) running Android. The name of the module file in the mobile device file system is moto_crypto.ko. The module provides general-purpose cryptographic services to the remainder of the Linux kernel. As with all Linux kernel modules, this module is written in C. The logical cryptographic boundary of the module is shown in Figure 1. Figure 1 - Module Cryptographic Boundary Software Block Diagram The software configuration for this validation is Motorola Linux Kernel Software Cryptographic Module, Version 1.0. This module includes Power-On Self Tests. <Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy> Page 5 of 15

Figure 2 depicts the hardware block diagram of a device that will run the module. Power DRAM Physical boundary Flash ROM CPU I/O devices (display, touch screen, USB) Figure 2 - Module Cryptographic Boundary Hardware Block Diagram <Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy> Page 6 of 15

2 Security Level The cryptographic module is designed to operate at FIPS 140-2 overall security level 1. Table 1 below shows the security level met for each of the eleven areas specified within the FIPS 140-2 security requirements. Security Requirements Section Level Cryptographic Module Specification 1 Module Ports and Interfaces 1 Roles, Services and Authentication 1 Finite State Model 1 Physical Security N/A Operational Environment 1 Cryptographic Key Management 1 EMI/EMC 1 Self-Tests 1 Design Assurance 1 Mitigation of Other Attacks N/A Table 1 - Module Security Level Specification <Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy> Page 7 of 15

3 Modes of Operation 3.1 FIPS Approved Mode of Operation The module always operates in a FIPS Approved mode of operation and provides all of the algorithms described in Table 2. The module will enter FIPS Approved mode following successful power up initialization. The module supports the following FIPS Approved algorithms. The module does not provide nonapproved security functions. FIPS Approved Algorithm Key / block size CAVP Cert. AES (CBC/ECB/CTR) Encryption and Decryption 128, 192, 256 bits #2287 Triple DES (CBC/ECB) Encryption and Decryption 192 bits (3-key only) #1435 SHA 160, 224, 256, 384, 512 bits #1968 HMAC SHA 160, 224, 256, 384, 512 bits #1403 ANSI X 9.31 PRNG AES-128 #1138 Table 2 - FIPS Approved Algorithms Used in Current Module <Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy> Page 8 of 15

4 Ports and Interfaces FIPS Interface Data Input Data Output Control Input Status Output Power Input Port API input parameters API return values API function calls API return codes; Kernel log file Physical power connector Table 3 Ports and Interfaces <Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy> Page 9 of 15

5 Identification and Authentication Policy 5.1 Assumption of Roles The module supports two distinct operator roles, User and Cryptographic Officer (CO). The operators assume their roles implicitly based on the services being accessed. The module does not support authentication of roles. 6 Access Control Policy 6.1 Roles and Services Table 4 shows the services available on the module, which roles are enabled to access the service, the API calls which support the service, the CSPs involved, if any, and the access mode to them. Role Service Description CSP API Calls Access (Read, Write, Execute) User User Encrypt/Decrypt with AES Encrypt/Decrypt with Triple DES Encrypt/Decrypt data using AES in CBC/ECB/CTR modes Encrypt/Decrypt data using Triple DES User SHA Use hash functions to perform SHA-1, SHA-224, SHA- 256, SHA-384 or SHA-512 User HMAC SHA Perform HMAC SHA-1, HMAC SHA-224, HMAC SHA-256, HMAC SHA-384 or HMAC SHA-512 AES keys Triple DES 3 keys N/A HMAC key moto_aes_set_key moto_ecb_aes_encrypt moto_ecb_aes_decrypt moto_cbc_aes_encrypt moto_cbc_aes_decrypt moto_ctr_aes_encrypt moto_ctr_aes_decrypt moto_des3_ede_set_key moto_ecb_des3_ede_encrypt moto_ecb_des3_ede_decrypt moto_cbc_des3_ede_encrypt moto_cbc_des3_ede_decrypt moto_sha1_init moto_sha1_update moto_sha1_final moto_sha224_init moto_sha224_final moto_sha256_update moto_sha256_init moto_sha256_final moto_sha384_init moto_sha512_update moto_sha384_final moto_sha512_init moto_sha512_update moto_sha512_final moto_hmac_create moto_hmac_init moto_hmac_setkey moto_hmac_update moto_hmac_final R, W, EX R, W, EX R, W, EX R, W, EX <Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy> Page 10 of 15

Role Service Description CSP API Calls Access (Read, Write, Execute) User PRNG 1 Generate pseudo random number using ANSI X 9.31 PRNG with AES- 128 User Show status Provides information about the status of the module User Perform Self-Test Power cycle the module to perform self-test on demand Crypto Officer Crypto Officer Initialization Module initialization Seed, Seed key N/A moto_cprng_init moto_fips_cprng_reset moto_fips_cprng_get_random moto_cprng_exit Kernel log and return codes from API calls N/A N/A N/A N/A moto_crypto_init N/A Finalization Module finalization N/A moto_crypto_fini N/A Table 4 - Services R, W, EX R The table below details the usage of the CSPs involved in the module. CSP AES keys Triple DES keys HMAC key Seed key 1 Seed 1 Description / Usage Passed in moto_aes_set_key API call to be used as the key on the AES encrpyt/decrypt process. Supported key sizes are 128, 192 and 256 bits. Passed in moto_des3_ede_set_key API call to be used as the key on the triple DES encrpyt/decrypt process. Total key size is 192 bits (3 keys of 64 bits each). Passed in moto_hmac_setkey API call to be used as the key on the HMAC generation process. Passed in moto_fips_cprng_reset API call to be used as the key for the PRNG underlying AES encryption. Key size is 128 bits. Passed in moto_fips_cprng_reset API call to be used as the PRNG seed. Table 5 CSPs description Note: The module does not use public keys. 1 There is no assurance of the strength of the externally provided entropy in the seed and seed key. <Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy> Page 11 of 15

7 Operational Environment The module was operational tested on the following platforms: Motorola Droid Razr HD (XT926) device running Android 4.1.2 Motorola Droid Ultra (XT1080) device running Android 4.2.2 Motorola Moto G (XT1028) device running Android 4.3 Motorola Moto X (XT1060) device running Android 4.4 Motorola Droid Turbo (XT1254) device running Android 5.0.2. The module is intended for use on a personal mobile device using the Android operating system. For FIPS 140-2 compliance this is considered to be a single-user operational environment due to the fact that only one operator is in possession of the device at a time. Also, the module implementation is single-threaded. All CSPs in memory remain in the process space of the operator using the module. The Android operating system uses its memory management and process separation mechanisms to ensure that outside processes cannot access the process memory used by the module. <Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy> Page 12 of 15

8 Security Rules The module design corresponds to the FIPS 140-2 Level 1 security rules. This section documents the security rules enforced by the cryptographic module to implement the security requirements of this FIPS 140-2 Level 1 module. 1. The cryptographic module shall provide two distinct operator roles. These are the User role, and the Cryptographic Officer role. 2. The cryptographic module does not support authentication; roles are implicitly assumed depending on the service accessed. 3. The cryptographic module shall perform the following tests: A. Power on Self-Tests 1. Cryptographic algorithm tests a. SHA-1 Known Answer Test b. SHA-224 Known Answer Test c. SHA-256 Known Answer Test d. SHA-384 Known Answer Test e. SHA-512 Known Answer Test f. HMAC-SHA-1 Known Answer Test g. HMAC-SHA-224 Known Answer Test h. HMAC-SHA-256 Known Answer Test i. HMAC-SHA-384 Known Answer Test j. HMAC-SHA-512 Known Answer Test k. AES Encrypt Known Answer Test l. AES Decrypt Known Answer Test m. TDES Encrypt Known Answer Test n. TDES Decrypt Known Answer Test o. ANSI X 9.31 RNG Known Answer Test 2. Software Integrity Test (HMAC SHA-256) B. Conditional Tests A continuous RNG test is performed during each use of the RNG service. If values of two consecutive random numbers are the same, the module goes into error state. 4. The operator shall be capable of commanding the module to perform the power-up self-test by cycling power or resetting the module. 5. Power-up self tests do not require any operator intervention. 6. Data output is inhibited during self-tests and error states. Only status information is output when in those states. 7. Status information does not contain CSPs or sensitive data that if misused could lead to a compromise of the module. 8. The module does not support concurrent operators. <Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy> Page 13 of 15

9. The module does not support a maintenance interface or role. 10. The module does not support manual key entry. 11. The module does not have any external input/output devices used for entry/output of data. 12. The module does not output plaintext CSPs. 13. The module does not generate keys. 14. The module zeroizes memory used by CSPs prior to deallocation. 15. The RNG service returns an error if initialized with a seed and seed key with the same value. <Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy> Page 14 of 15

9 Physical Security Policy This is a software module therefore the FIPS 140-2 physical security requirements are not applicable. 10 Mitigation of Other Attacks Policy The module has not been designed to mitigate attacks outside of the scope of FIPS 140-2. Therefore this section is not applicable. 11 References [FIPS 140-2] FIPS Publication 140-2 Security Requirements for Cryptographic Modules. <Motorola Mobility Linux Kernel Software Cryptographic Module FIPS 140-2 Security Policy> Page 15 of 15

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback