Cryptography – Environmental Failure Testing Procedures
This post is part of the Computer Security – Cryptography posts series.
EFT shall involve a combination of analysis, simulation, and testing of a cryptographic module to provide reasonable assurance that environmental conditions or fluctuations (accidental or induced) outside the module’s normal operating ranges for temperature and voltage will not compromise the security of the module.
EFT shall demonstrate that, if the operating temperature or voltage falls outside the normal operating range of the cryptographic module resulting in a failure, at no time shall the security of the cryptographic module be compromised.
The temperature tested shall be gradually decreasing from a temperature within the normal operating temperature range to a lower temperature that either
- shuts down the module to prevent further operation or
- immediately zeroizes all CSPs (also, PSPs if Security Level 5);
and shall be gradually increasing from a temperature within the normal operating temperature range to a higher temperature that either
- shuts down the module to prevent further operation or
- immediately zeroize all CSPs (also, PSPs if Security Level 5).
The temperature range tested shall be from – 100° to + 200° Celsius (- 150° to + 400° Fahrenheit); however, the test shall be interrupted as soon as either (1) the module is shutdown to prevent further operation, (2) all CSPs (also, PSPs if Security Level 5) are immediately zeroized or (3) the module enters a failure mode.
The voltage range tested shall be gradually decreasing from a voltage within the normal operating voltage range to a lower voltage that either
- shuts down the module to prevent further operation or
- immediately zeroizes all CSPs (also, PSPs if Security Level 5);
and shall be gradually increasing from a voltage within the normal operating voltage range to a higher voltage that either
- shuts down the module to prevent further operation or
- immediately zeroizes all CSPs (also, PSPs if Security Level 5), including reversing the polarity of the voltages.
Documentation shall specify the normal operating ranges of the cryptographic module and the environmental failure tests performed.
8 Responses to “Cryptography – Environmental Failure Testing Procedures”
I need to write a cryptography research paper. Does anyone know any good books where I can find information?
You absolutely must read the book “Applied Cryptography” by Schneier
Their is also a nice book named “Hand book of Applied Cryptography”.
If you want to befully up to date with the most recent history of cryptography I recommend “Code Book” by Simon Singh.
I’m a computer science student,i must choose between Client-server computing and Cryptography and networking. Which is better,easy and useful?
Cryptography and networking is a much more useful topic in my opinion but will be harder then client-server computing.
Is it cryptography another name for encryption ?
Encryption transforms original information, called plaintext or cleartext, into transformed information, called ciphertext, codetext or simply cipher, which usually has the appearance of random, unintelligible data.
Until modern times cryptography referred almost exclusively to encryption. Cryptography is the practice and study of hiding information. Cryptography is considered a branch of both mathematics and computer science.
Some English terms referring to cryptography are: cryptology, cryptolinguistics, cryptographers.
interesting post
a very good article about Cryptography – Environmental Failure Testing Procedures