Upload
amy-nicewick
View
18
Download
1
Embed Size (px)
Citation preview
Opening markets through
security certifications
Remove text box and place vendor
logo here
Common Criteria and a
Mutually-Recognized
International
Cryptographic Standard
Amy Nicewick Chief Operating Officer
Corsec Security, Inc.
corsec.com © 2014 Corsec Security, Inc.
The Issue
2
Problem
Definition
• Product Vendors are required to pursue many different cryptographic certifications or cryptographic reviews to sell in different countries.
» Algorithm requirements and module requirements are country dependent
AES 3D
ES
DSA
MD5 SHA
-1
SHA
-25
6
Whirlpool
ECDSA
GO
ST
RIPEMD-128
Kas
um
i
KCDSA RSA
Blowfish SEED
AR
IA
Cam
ellia
SMS4
corsec.com © 2014 Corsec Security, Inc.
Pain
3
» Pain
» Multiple product versions to create and maintain
» Additional Staffing – In-country experts, Testing staff, Lawyers
» In-country testing facilities or dedicated test beds
» Classified versus Unclassified (US and UK)
» COTS versus GOTS
» Different Algorithm lists
» Pain = Product Costs
corsec.com © 2014 Corsec Security, Inc.
What should we do now?
» Keep many existing standards (Nation Specific)?
» Create a new international standard?
» Build off of an existing standard (e.g., FIPS, ISO 19790)?
4
corsec.com © 2014 Corsec Security, Inc.
Cryptographic Evaluation
5
NIST - FIPS 140-2, Type 1
CSE – FIPS 140-2
CAPS, CPA, & FIPS 140-2
ASD-CE – Gov Review BSI - Gov Review
CCN – ISO 19790
Netherlands - Gov Review
JCMVP – ISO 19790
KCMVP - ISO 19790
TSE-CMVP – ISO 19790
NSM – Gov Review based on FIPS 140-2
corsec.com © 2014 Corsec Security, Inc.
CC and crypto solutions?
» Lots of people have looked for common ground in FIPS 140-2 and Common Criteria.
» ICCC Presentations:
» 2008 – Effective Certification Roadmap – Common Criteria and FIPS 140-2 - Lin, Juniper
» 2010 – FIPS and CC – How do they get along – Adam and Connor, EWA
» 2011 – For FIPS 140-2 to CC – Mao, atsec
» 2011 - HSM Protection profile: How to CC-evaluate a HSM to meet FIPS requirement - Munoz, Epoche & Espri
» 2012 – Common Criteria for Crypto? – Keller, Corsec Security
» 2013 – Cryptography and Common Criteria – Vora (Cisco) and Brych (Safenet)
» 2014 – Towards a Scalable International Cryptographic Evaluation Process – Shankar and Winebrenner, Cisco
» First ICCC Presentation
» 2000 - A Protection Profile for FIPS 140-1, Lessons Learned - Smid, CygnaCom
» PPs on the CC Portal:
» 2 for Encrypted storage
» 3 for Cryptographic Modules
» 2 For Full Disk Encryption
» 1 for IP Encryption
» 17 for Digital Signatures
» 4 for Key Management Systems
» CCUF/CCDB Crypto Working Groups working with ISO/IEC JTC1 SC27 WG3
6
corsec.com © 2014 Corsec Security, Inc.
Practical Solutions
7
Needed
Used by many nations and continuing to gain acceptance
Labs in many nations
International collaboration on the standard
Economic incentives (Purchasing requirements)
corsec.com © 2014 Corsec Security, Inc.
Practical Solutions: FIPS 140-2
8
FIPS 140-2
Yes
Needed
Yes
No
Yes
Used by many nations and continuing to gain acceptance
Labs in many nations
International collaboration on the standard
Economic incentives (Purchasing requirements)
corsec.com © 2014 Corsec Security, Inc.
FIPS Validations by Year and Level
Level 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 Total
Level 1 1 2 2 9 12 11 14 30 40 39 42 34 75 83 51 92 64 68 99 102 870
Level 2 1 6 10 19 18 38 38 33 62 47 56 50 91 81 92 92 95 82 100 1011
Level 3 7 13 12 17 13 17 21 28 25 30 19 34 42 26 37 27 33 401
Level 4 1 1 5 1 1 2 1 2 1 1 3 1 20
Yearly Total
1 3 8 27 45 46 70 82 90 122 119 116 155 195 167 227 185 200 208 236 2302
~ 2300 certificates issued 400+ participating vendors
0
50
100
150
200
2501
99
5
19
96
19
97
19
98
19
99
20
00
20
01
20
02
20
03
20
04
20
05
20
06
20
07
20
08
20
09
20
10
20
11
20
12
20
13
20
14
Level 4
Level 3
Level 2
Level 1
9
corsec.com © 2014 Corsec Security, Inc.
ISO 19790
» History » ISO/IEC 19790:2012 (based on FIPS 140-2) published 2012-08-15
» ISO/IEC 24759:2014 (based on FIPS 140-2 DTR) published 2014-02-01
» What it is » Requirement for a whole cryptographic module
» Derived Test Requirements (guidance for testing)
» Annexes – Separate list of algorithms
» Annexes – Allows the “Approval Authority” to be defined
» What it is not » Module Standard with no defined Approval Authority
» No CCRA-like agreement to put weight behind it
» Limited economic drivers (Japan CMVP)
» Latest developments » Request for comment issued by NIST – due September 28, 2015
» CCDB working with ISO to develop algorithm testing standards
12
corsec.com © 2014 Corsec Security, Inc.
Practical Solutions: ISO 19790
13
ISO 19790
Yes
Needed
Yes
Yes
Soon?
Used by many nations and continuing to gain acceptance
Labs in many nations
International collaboration on the standard
Economic incentives (Purchasing requirements)
corsec.com © 2014 Corsec Security, Inc.
Final Thoughts
14
» FIPS 140-2 is the de facto international cryptographic standard
» Nations will want to continue to use different algorithms
» ISO 19790
» common set of cryptographic module requirements
» individual nations to specify and test algorithm implementations
» ISO 19790 is missing critical things:
» Central Approval Authority – Like CCRA
» Wide spread Economic Driver
» ISO 19790 needs to address:
» IF FIPS 140-2 becomes ISO 19790, how will existing FIPS IGs fit in?
» Should governments require vendors to pay for access to the standard they must follow?
corsec.com © 2014 Corsec Security, Inc.
How will this benefit CC?
International Cryptography program will:
Allow cPP authors to be able to provide common, trusted cryptography testing
Allow Nations to trust the crypto required by cPPs, and therefore agree to purchase those products
Reduce the costs to vendors and purchasers that exist in the way crypto is handled right now.
This is a problem worth solving.
15
corsec.com © 2014 Corsec Security, Inc.
Questions?
16
Amy Nicewick| Corsec Security Inc. +1 (703) 267-6050 x114 | [email protected]
www.CORSEC.com