Cryptographic Modules – Design

You are here: Technology Topics » Computer & Gadgets » Computer & Network Security » Cryptography » Cryptographic Modules – Design

This post is part of the Computer Security – Cryptography posts series.

A design is an engineering solution that addresses the functional specification for a cryptographic module. The design is intended to provide assurance that the functional specification of a cryptographic module corresponds to the intended functionality described in the Security Policy.

Cryptographic modules shall be designed to allow the testing of the implemented functionality to this standard, where possible without compromising the security of the module, so that all the services of the cryptographic module can be tested.

SECURITY LEVEL 1

The following requirements shall apply to a cryptographic module for Security Level 1:

• • Documentation shall specify the correspondence between the design of the hardware and/or software of a cryptographic module, and the cryptographic module’s Security Policy and FSM.

SECURITY LEVEL 2

In addition to the requirement for Security Level 1, the following requirement shall apply to a cryptographic module for Security Level 2:

• • Documentation shall specify a functional specification that informally describes the cryptographic module, the functionality of the cryptographic module, the external physical ports and logical interfaces of the cryptographic module, and the purpose of the physical ports and logical interfaces.

SECURITY LEVEL 3

In addition to the requirements for Security Levels 1 and 2, the following requirements shall apply to a cryptographic module for Security Level 3:

• Documentation shall specify the detailed design that describes the internal functionality of the cryptographic module’s major components, the internal component interfaces, the purpose of the component interfaces, and the internal information flow (within the cryptographic boundary as a whole and also within the major components).

SECURITY LEVEL 4

In addition to the requirements for Security Levels 1, 2, and 3, the following requirement shall apply to cryptographic modules for Security Level 4:

• Documentation shall specify an informal proof (including the pre-conditions and the post-conditions) of the correspondence between the design of the cryptographic module and the functional specification.

SECURITY LEVEL 5

In addition to the requirements for Security Levels 1, 2, 3, and 4, the following requirements shall apply to cryptographic modules for Security Level 5.

• Documentation shall specify a formal model that describes the rules and characteristics of the cryptographic module Security Policy. The formal model shall be specified using a formal specification language that is a rigorous notation based on established mathematics, such as first order logic or set theory.
• Documentation shall specify a rationale that demonstrates the consistency and completeness of the formal model with respect to the cryptographic module Security Policy.
• Documentation shall specify an informal proof of the correspondence between the formal model and the functional specification.



8 Responses to “Cryptographic Modules – Design”

1. JADU says:

   What Is Cryptography ?
2. admin says:

   Cryptography is the study and practice of hiding information or converting it into codes.
3. Cahil says:

   I would like to learn a bit more about decoding stuff, and perhaps some new ciphers
4. Silvia says:

   Where can i learn at least the basics about cryptography online ?
5. Hans says:

   In books like:

   Applied Cryptography: Protocols, Algorithms, and Source Code in C

   The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography

   Practical Cryptography
6. Marcos says:

   I’ve read a large number of cryptography books. Very few of them come down to brass tacks.

   They give you a description of a few algorithms, their strengths and weaknesses, and leave it at that.

   Either that, or they describe in lovingly complex detail the implementation of a particular protocol, one usually so fraught with options and details that you wonder how, at the end of it, that anybody writes a conforming implementation.
7. Krinker says:

   I can’t really recommend the book: Practical Cryptography;

   Only someone actually implementing a cryptographic system would get anything out of
   this book.
8. Eric Kent says:

   The most secure type of cryptography yet may be quantum cryptography, a method that has not yet been perfected, which instead of using a key, relies on the basic laws of physics, and the movement and orientation of photons to establish a connection that is absolutely secure and unbreakable.
9. Ken says:

   interesting post
10. P. Silva says:

    a very good article about Cryptographic Modules – Design