Presentation is loading. Please wait.

Presentation is loading. Please wait.

FIPS 140-3 Section 5 – Physical Security Randall J. Easter Director, NIST CMVP Ken Lu CSE CMVP September 28, 2005.

Published byDerrick Hunt Modified over 9 years ago

Similar presentations

Presentation on theme: "FIPS 140-3 Section 5 – Physical Security Randall J. Easter Director, NIST CMVP Ken Lu CSE CMVP September 28, 2005."— Presentation transcript:

1 FIPS 140-3 Section 5 – Physical Security Randall J. Easter Director, NIST CMVP Ken Lu CSE CMVP September 28, 2005

2 Agenda Overview New Embodiments New Levels New requirements

3 FIPS 140-3: Security Areas 1.Cryptographic Module Specification 2.Cryptographic Module Ports and Interfaces 3.Roles, Authentication, and Services 4.Software Security 5.Physical Security 6.Operational Environment 7.Sensitive Security Parameter (SSP) Management 8. 9.Self Tests 10.Implementation Assurance 11.Mitigation of Other Attacks

4 Section 5 – Physical Security A cryptographic module shall employ physical security mechanisms in order to restrict unauthorized physical access to the contents of the module and to deter unauthorized use or modification of the module (including substitution of the entire module) when installed. All hardware, software, and data components within the cryptographic boundary shall be protected. Depending on the physical security mechanisms of a cryptographic module, unauthorized attempts at physical access, use, or modification will have a high probability of being detected –subsequent to an attempt by leaving visible signs (i.e., tamper evidence) and/or –during an access attempt so that appropriate immediate actions can be taken by the cryptographic module to protect CSPs and PSPs (i.e., tamper response). Immediate actions shall be taken to mean that retrieval of CSPs and PSPs are not possible.

5 Embodiments Sub-Chip cryptographic modules are physical embodiments in which a region or part of a single integrated circuit (IC) chip constitutes the cryptographic module. An example of a sub-chip cryptographic module would be a complex single IC chip containing a distinct separate microprocessor, memory devices (e.g. RAM, EEPROM, FLASH) that may also includes a separate distinct cryptographic module. Single-chip cryptographic modules are physical embodiments in which a single integrated circuit (IC) chip may be used as a standalone device or may be embedded within an enclosure or a product that may not be physically protected. Examples of single-chip cryptographic modules include single IC chips or smart cards with a single IC chip. Multiple-chip embedded cryptographic modules are physical embodiments in which two or more IC chips are interconnected and are embedded within an enclosure or a product that may not be physically protected. Examples of multiple-chip embedded cryptographic modules include adapters and expansion boards. Multiple-chip standalone cryptographic modules are physical embodiments in which two or more IC chips are interconnected and the entire enclosure is physically protected. Examples of multiple-chip, standalone cryptographic modules include encrypting routers or secure radios.

6 Table 2: Summary of physical security requirements General Requirements for all Embodiments Sub-Chip Cryptographic Module Single-Chip Cryptographic Modules Multiple-Chip Embedded Cryptographic Modules Multiple-Chip Standalone Cryptographic Modules Security Level 1 Production-grade components No additional requirements. No additional requirements. If applicable, production-grade enclosure or removable cover. Production-grade enclosure. Security Level 2 Evidence of tampering Opaque covering Opaque tamper-evident coating on chip or enclosure. Opaque tamper-evident coating on chip or enclosure. Opaque tamper-evident encapsulating material or opaque enclosure with tamper- evident seals or pick-resistant locks for doors or removable covers. Opaque enclosure with tamper- evident seals or pick-resistant locks for doors or removable covers. Security Level 3 Tamper response and zeroization circuitry Vents protected from probing Simple Power Analysis Protection Hard opaque tamper-evident coating on chip or strong opaque removal-resistant and penetration resistant enclosure. Hard opaque tamper-evident coating on chip or strong opaque removal-resistant and penetration resistant enclosure. Hard opaque potting material encapsulation of multiple chip circuitry embodiment or applicable Multiple-Chip Standalone Security Level 3 requirements. Hard opaque potting material encapsulation of multiple chip circuitry embodiment or strong opaque enclosure with removal/penetration attempts causing serious damage. Security Level 4 No additional requirements Hard opaque removal-resistant coating on chip. Hard opaque removal-resistant coating on chip. Tamper detection envelope with tamper response and zeroization capability. Tamper detection envelope with tamper response and zeroization capability. Security Level 5 EFP or EFT for temperature and voltage EMI Protection No additional requirements. No additional requirements. No additional requirements. No additional requirements. Security Level 6 Differential Power Analysis Protection No additional requirements. No additional requirements. No additional requirements. No additional requirements.

7 FIPS 140-2: Security Levels Level 1 is the lowest, Level 6 most stringent Requirements are primarily cumulative by level Overall rating is lowest rating in all sections Validation is applicable when a module is configured and operated in accordance with the level to which it was tested and validated Security Spectrum Not Validated Level 1 Level 2 Level 3Level 4Level 5Level 6

8 General Physical Security Requirements The following requirements shall apply to all physical embodiments and levels. –Documentation shall specify the physical embodiment and the security level for which the physical security mechanisms of a cryptographic module are implemented. –Documentation shall specify the physical security mechanisms of a cryptographic module.

9 General Physical Security Requirements Level 1 The cryptographic module shall consist of production- grade components that shall include standard passivation techniques (e.g., a conformal coating or a sealing coat applied over the module’s circuitry to protect against environmental or other physical damage).

10 General Physical Security Requirements Level 2 The cryptographic module shall provide evidence of tampering (e.g., on the cover, enclosure, and seal) when physical access to the module is attempted. The cryptographic modules components shall be opaque. –If the cryptographic module contains ventilation holes or slits, internal components shall be protected from observation.

11 General Physical Security Requirements Level 3 If the cryptographic module contains any doors or removable covers or if a maintenance access interface is defined, then the module shall contain tamper response and zeroization circuitry. The tamper response and zeroization circuitry shall immediately zeroize all plaintext secret and private keys and CSPs when a door is opened, a cover is removed, or when the maintenance access interface is accessed. The tamper response and zeroization circuitry shall remain operational when plaintext secret and private cryptographic keys or CSPs are contained within the cryptographic module. If the cryptographic module contains ventilation holes or slits, then the holes or slits shall be constructed in a manner that prevents undetected physical probing inside the enclosure (e.g., require at least one 90 degree bend or obstruction with a substantial blocking material). The cryptographic module shall be designed to protect against simple power analysis attacks.

12 General Physical Security Requirements Level 4 The cryptographic module shall be protected by a hard opaque removal-resistant coating, or The cryptographic module shall be protected by a tamper detection envelope with tamper response and zeroization capability.

13 General Physical Security Requirements Level 5 The cryptographic module shall either include environmental failure protection (EFP) features or undergo environmental failure testing (EFT) as specified in Section 4.5.5, and The cryptographic module shall include protection against Electromagnetic attacks (EMA).

14 General Physical Security Requirements Level 6 The cryptographic module shall be designed to protect against differential power analysis and differential electromagnetic analysis attacks.

15 Areas of Discussion Physical security section split into two types of attacks –Invasive Defeating physical protection mechanisms –Non-invasive Acquiring CSPs via external mechanisms

16 Areas of Discussion Invasive –Level 1 No protection –Level 2 Tamper evidence, opaqueness –Level 3 Active zeroization for removable covers and doors Ventilation holes/slits allowed but inhibited via 90 degree baffles Strong enclosures, hard opaque epoxy EFT: +/- 20% of operating envelope Protection from fault induction Ionizing Radiation –Level 4 Encapsulated in tamper responding cocoon with a degree of difficulty of penetration Ventilation holes/slits allowed but inhibited via 180 degree baffles EFP/EFT: -100C to +200C –Level 5 Encapsulated in tamper responding cocoon with a high degree of difficulty of penetration Probing prevented –Level 6 ??

17 Areas of Discussion Non-Invasive (Side-Channel) Optional – Required Level 4  SPA 1 2 3 4 5  EMA 1 2 3 4 5  DPA 1 2 3 4 5  DEMA 1 2 3 4 5  Timing 1 2 3 4 5  Annex X 1 2 3 4 5

18 Areas of Discussion CMT Laboratory Testing Methods –SPA, DPA, DEMA –Fault Induction Ionizing radiation attack protection? Other physical protection mechanisms Technology dependencies –Single Chip …. Sub-chip …. SmartCard

19 Areas of Discussion New informative Annex –Provide user community with attack protection rationale Provide lifecycle security requirements or guidance from manufacturing to scrap Require external security controls to be included in Security Policy Standardized chemical testing suites Replacement of tamper evident labels Security Policy requirements for post error/tamper recovery Penetration Testing/Vulnerability Analysis at Level 7

20 Additions to Standard things to consider Must provide method for conformance testing –CMVP is not a evaluation process Should not be device type specific Should not involve long, difficult and costly testing –Shall be timely and cost effective –Exception may be at higher levels

21 NIST Randall J. Easter – Director, CMVP, NIST reaster@nist.gov CSE Ken Lu – Technical Authority, CMVP, CSE ken.lu@CSE-CST.GC.CA

Download ppt "FIPS 140-3 Section 5 – Physical Security Randall J. Easter Director, NIST CMVP Ken Lu CSE CMVP September 28, 2005."

Similar presentations

Smart Card Security Xufen Gao CS 265 Spring, 2004 San Jose State University.

Smart Card Security Xufen Gao CS 265 Spring, 2004 San Jose State University.
Carol Cantlon, B.E. (Chemical Engineering)

Carol Cantlon, B.E. (Chemical Engineering)
PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.

PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.
G53SEC 1 Hardware Security The (slightly) more tactile side of security.

G53SEC 1 Hardware Security The (slightly) more tactile side of security.
Larry Wagner Sr. Director of Engineering

Larry Wagner Sr. Director of Engineering
1 © Cooley Godward 2001 PKI A SSESSMENT The process of evaluating, verifying, and certifying your PKI Presented by: Randy V. Sabett Vanguard Enterprise.

1 © Cooley Godward 2001 PKI A SSESSMENT The process of evaluating, verifying, and certifying your PKI Presented by: Randy V. Sabett Vanguard Enterprise.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Differential Power Analysis of Smartcards How secure is your private information? Author: Ryan Junee Supervisor: Matt Barrie.

Differential Power Analysis of Smartcards How secure is your private information? Author: Ryan Junee Supervisor: Matt Barrie.
1Copyright © 2005 InfoGard Laboratories Proprietary 2005 Physical Security Conference Physical Security 101 Tom Caddy September 26, 2005.

1Copyright © 2005 InfoGard Laboratories Proprietary 2005 Physical Security Conference Physical Security 101 Tom Caddy September 26, 2005.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
TGDC Meeting, July 2011 Review of VVSG 1.1 Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL

TGDC Meeting, July 2011 Review of VVSG 1.1 Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Trusted Hardware: Can it be Trustworthy? Design Automation Conference 5 June 2007 Karl Levitt National Science Foundation Cynthia E. Irvine Naval Postgraduate.

Trusted Hardware: Can it be Trustworthy? Design Automation Conference 5 June 2007 Karl Levitt National Science Foundation Cynthia E. Irvine Naval Postgraduate.
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Typical Attack Techniques for Compromising Point of Sale PIN Entry Devices Physical Security Testing Workshop Steven Bowles, Project Manager Payment Assurance.

Typical Attack Techniques for Compromising Point of Sale PIN Entry Devices Physical Security Testing Workshop Steven Bowles, Project Manager Payment Assurance.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Security Controls – What Works

Security Controls – What Works
Chapter 1 – Introduction

Chapter 1 – Introduction
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

Similar presentations

Ads by Google