Development of a Cryptographic Module

This post is part of the Computer Security – Cryptography posts series.

A proper development process provides assurance that the implementation of a cryptographic module corresponds to the module functional specification and Security Policy, that the cryptographic module is maintainable, and that the validated cryptographic module is reproducible.

We specifies the security requirements for the representation of a cryptographic module’s security functionality at various levels of abstraction from the functional specification to the implementation representation.

SECURITY LEVEL 1

The following requirements shall apply to cryptographic modules for Security Level 1:

  • If a cryptographic module contains software, documentation shall specify the compilers, configuration settings, and methods to compile the source code into an executable form. The documentation shall also include the source code for the software, annotated with comments that depict the correspondence of the software to the design of the module.
  • If a cryptographic module contains hardware, documentation shall specify the schematics and/or Hardware Description Language (HDL), as applicable. The HDL shall be annotated with comments that depict the correspondence of the hardware to the design of the module.

SECURITY LEVELS 2 AND 3

In addition to the requirements for Security Level 1, the following requirements shall apply to cryptographic modules for Security Levels 2 and 3:

  • All software within a cryptographic module shall be implemented using a high-level, non-proprietary language, except that the limited use of a low-level language (e.g., assembly language or microcode) is allowed if essential to the performance of the module or when a high-level language is not available.
  • Custom integrated circuits within a cryptographic module shall be implemented using a high-level HDL (e.g., VHDL or Verilog).

SECURITY LEVELS 4 AND 5

In addition to the requirements for Security Levels 1, 2 and 3, the following requirement shall apply to cryptographic modules for Security Levels 4 and 5:

  • For each cryptographic module hardware and software component, the documentation shall be annotated with comments that specify
    1. the pre-conditions required upon entry into the module component, function, or procedure in order to execute correctly and
    2. the post-conditions expected to be true when the execution of the module component, function, or procedure is complete. The pre-conditions and post-conditions may be specified using any notation that issufficiently detailed to completely and unambiguously explain the behavior of the cryptographic module component, function, or procedure.

RECOMMENDED SOFTWARE DEVELOPMENT PRACTICES FOR ALL LEVELS

Implementation of software within a cryptographic module using the recommended development practices listed in Appendix B will facilitate the analysis of the software for conformance to the requirements in this standard and will reduce the chance of design errors.

Published in Cryptography , Wednesday February 11th 2009
Tags: , ,



10 Responses to “Development of a Cryptographic Module”

  1. Curt says:

    Where is cryptography used for in today’s world ?

  2. admin says:

    Cryptography is used in online financial transactions,wireless networking,ATM cards,computer passwords.

    Cryptography involves the hiding of the specific meaning of messages, and the word in Greek means “secret writing”.

  3. Cath says:

    Today the term refers to the science of transforming messages to make them secure.
    The original message before being transformed is called plain text. After the message is transformed, it is called cipher text; an encryption algorithm transforms the plain text to cipher text.

  4. Vincenzo Iovino says:

    Cryptography is use in the world of electronic commerce,in ATM cards and computer passwords.

  5. Christopher Culver says:

    Cryptography is the subject, which deals with arts and science of encoding and decoding a message to get rid of intentional tempering.

  6. admin says:

    Check our bookstore about cryptography powered by amazon.

  7. Bruce Schneier says:

    There are numerous applications of Cryptography. We use it in our daily lives. The ATM cards,computer passwords,e-commerce all use cryptography in one way or the other.

  8. Ben Rothke says:

    The strength of a crypto system relies very heavily on the length of the key, the way in which it is generated, and key management.

  9. Owen Cunningham says:

    An excellent, informative and entertaining introduction to this field.

  10. Mcwalter says:

    Introduction to Modern Cryptography: Principles and Protocols is a good book to read. I saw it in the amazon bookstore.

  11. Ken says:

    interesting post

  12. P. Silva says:

    a very good article about Development of a Cryptographic Module

Privacy | About Us | Contact
Copyright © 2008 Home Automation - JAEC - All the rights reserved