Unverified Commit 48ebf03e authored by Aki Braun's avatar Aki Braun
Browse files
parent 53d41e04
Loading
Loading
Loading
Loading
+69 −69
Original line number Diff line number Diff line
@@ -34,14 +34,14 @@ The product’s default configuration shall only use cryptographic mechanisms th

1. ACM-listed: the cryptographic mechanism is listed in the ECCG Agreed Cryptographic Mechanisms (ACM) catalogue [1](#_ref_1);
2. ACM-extended: the cryptographic mechanism is not listed in the ECCG Agreed Cryptographic Mechanisms (ACM) catalogue [1](#_ref_1) and meets at least one of the following conditions:
   1. the cryptographic mechanism is listed in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms) as an ACM-extended cryptographic mechanism for the specific product function(s), following consideration of the criteria specified in item 2.b;
   2. where the cryptographic mechanism is not listed in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms), the cryptographic mechanism meets all the following criteria:
      1. the cryptographic mechanism, or where applicable the ACM-listed cryptographic mechanism on which it is based, is not deprecated per the ECCG Agreed Cryptographic Mechanisms (ACM) catalogue [1](#_ref_1);
      2. the cryptographic mechanism has been specified, developed or maintained through a transparent process by a recognized European, international or sector-specific standards development organization, or by an industry specification organization accountable for the relevant specification, including *CEN, CENELEC, ETSI, ISO, IEC, ISO/IEC JTC 1, IETF, IEEE, ITU-T, NIST, 3GPP, O-RAN Alliance, BSI, ACN, [C2SP](http://c2sp.org), ;* or the cryptographic mechanism is listed as suitable in a publicly available cryptographic catalogue maintained by a recognized national or governmental cybersecurity authority, where the catalogue is maintained under a documented revision and retirement process, including BSI TR-02102-1, BSI TR-02102-2, BSI TR-02102-3 and BSI TR-02102-4;
      3. the cryptographic mechanism is described in a valid, publicly available and uniquely referenceable specification;
      4. the cryptographic properties of the cryptographic mechanism are known;
      5. no known weakness affects the cryptographic mechanism in a way that affects its cryptographic properties;
      6. the cryptographic mechanism is required for a specific set of product functions;
  - a) the cryptographic mechanism is listed in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms) as an ACM-extended cryptographic mechanism for the specific product function(s), following consideration of the criteria specified in item 2.b;
  - b) where the cryptographic mechanism is not listed in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms), the cryptographic mechanism meets all the following criteria:
    - i) the cryptographic mechanism, or where applicable the ACM-listed cryptographic mechanism on which it is based, is not deprecated per the ECCG Agreed Cryptographic Mechanisms (ACM) catalogue [1](#_ref_1);
    - ii) the cryptographic mechanism has been specified, developed or maintained through a transparent process by a recognized European, international or sector-specific standards development organization, or by an industry specification organization accountable for the relevant specification, including *CEN, CENELEC, ETSI, ISO, IEC, ISO/IEC JTC 1, IETF, IEEE, ITU-T, NIST, 3GPP, O-RAN Alliance, BSI, ACN, [C2SP](http://c2sp.org), ;* or the cryptographic mechanism is listed as suitable in a publicly available cryptographic catalogue maintained by a recognized national or governmental cybersecurity authority, where the catalogue is maintained under a documented revision and retirement process, including BSI TR-02102-1, BSI TR-02102-2, BSI TR-02102-3 and BSI TR-02102-4;
    - iii) the cryptographic mechanism is described in a valid, publicly available and uniquely referenceable specification;
    - iv) the cryptographic properties of the cryptographic mechanism are known;
    - v) no known weakness affects the cryptographic mechanism in a way that affects its cryptographic properties;
    - vi) the cryptographic mechanism is required for a specific set of product functions;
3. Interoperability-based: the cryptographic mechanism is listed in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms) as an interoperability-based cryptographic mechanism for specific product function(s) and external specification(s) or external requirement(s).

> NOTE 1: The reference to the product’s default configuration is intended to define a clear and assessable baseline, corresponding to the configuration in which the product is placed on the market. The product can provide several configurations that fulfil the requirement.
@@ -79,19 +79,19 @@ The purpose of this assessment case is to verify that cryptographic mechanisms c

The assessment shall include verification that:

1. each cryptographic mechanism claimed under [clause K.1.1](#k11-requirement) item 1. is identified by reference to a relevant ACM entry;
2. the ACM entry corresponds to the cryptographic mechanism used in the product’s default configuration, including relevant parameters where applicable;
3. where the ACM entry includes lifecycle information, such as expiry date, deprecation date, migration condition or usage limitation, this information is reflected in the documentation.
- a) each cryptographic mechanism claimed under [clause K.1.1](#k11-requirement) item 1. is identified by reference to a relevant ACM entry;
- b)  the ACM entry corresponds to the cryptographic mechanism used in the product’s default configuration, including relevant para meters where applicable;
- c) where the ACM entry includes lifecycle information, such as expiry date, deprecation date, migration condition or usage limitation, this information is reflected in the documentation.

##### K.1.2.1.4 Assessment evidence

The assessment evidence shall include, as applicable:

1. description of the product’s default configuration;
2. list of cryptographic mechanisms claimed under [clause K.1.1](#k11-requirement) item 1.;
3. references to the relevant ACM entries;
4. relevant parameters, profiles, cipher suites or configuration constraints, where applicable;
5. relevant lifecycle information from the ACM catalogue, where applicable.
- a) description of the product’s default configuration;
- b) list of cryptographic mechanisms claimed under [clause K.1.1](#k11-requirement) item 1.;
- c) references to the relevant ACM entries;
- d) relevant parameters, profiles, cipher suites or configuration constraints, where applicable;
- e) relevant lifecycle information from the ACM catalogue, where applicable.

##### K.1.2.1.5 Assessment verdict

@@ -108,31 +108,31 @@ The purpose of this assessment case is to verify that cryptographic mechanisms c

* Preconditions for the assessment: The product’s default configuration shall be used for the assessment.
* The documentation shall provide a list of cryptographic mechanisms used in the product’s default configuration and claimed under [clause K.1.1](#k11-requirement) item 2., including the related product function, use case where applicable, relevant parameters where applicable, and at least one of the following:
  1. the relevant entry in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms); or
  2. evidence that the cryptographic mechanism fulfils all applicable criteria in [clause K.1.1](#k11-requirement) item 2.b.
  - a) the relevant entry in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms); or
  - b) evidence that the cryptographic mechanism fulfils all applicable criteria in [clause K.1.1](#k11-requirement) item 2.b.

##### K.1.2.2.3 Assessment activities

The assessment shall include verification that:

1. each cryptographic mechanism claimed under [clause K.1.1](#k11-requirement) item 2\. is either listed in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms) as an ACM-extended cryptographic mechanism or supported by evidence demonstrating fulfilment of the applicable criteria in [clause K.1.1](#k11-requirement) item 2.b;
2. the cryptographic mechanism used by the product corresponds to the mechanism listed in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms) or described in the evidence provided under [clause K.1.1](#k11-requirement) item 2.b;
3. the product function using the cryptographic mechanism, and the use case where applicable, correspond to the related product function and use case specified in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms) or justified under [clause K.1.1](#k11-requirement) item 2.b;
4. the relevant characteristics, parameters, profiles, cipher suites or configuration constraints of the cryptographic mechanism correspond to those specified in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms) or justified under [clause K.1.1](#k11-requirement) item 2.b, where applicable;
5. where [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms) or the justification under [clause K.1.1](#k11-requirement) item 2.b defines conditions or limitations for the use of the cryptographic mechanism, these conditions or limitations are reflected in the product’s default configuration;
6. where technically feasible, the cryptographic mechanism, parameters and configuration identified in the documentation correspond to the assessed product configuration.
- a) each cryptographic mechanism claimed under [clause K.1.1](#k11-requirement) item 2\. is either listed in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms) as an ACM-extended cryptographic mechanism or supported by evidence demonstrating fulfilment of the applicable criteria in [clause K.1.1](#k11-requirement) item 2.b;
- b) the cryptographic mechanism used by the product corresponds to the mechanism listed in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms) or described in the evidence provided under [clause K.1.1](#k11-requirement) item 2.b;
- c) the product function using the cryptographic mechanism, and the use case where applicable, correspond to the related product function and use case specified in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms) or justified under [clause K.1.1](#k11-requirement) item 2.b;
- d) the relevant characteristics, parameters, profiles, cipher suites or configuration constraints of the cryptographic mechanism correspond to those specified in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms) or justified under [clause K.1.1](#k11-requirement) item 2.b, where applicable;
- e) where [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms) or the justification under [clause K.1.1](#k11-requirement) item 2.b defines conditions or limitations for the use of the cryptographic mechanism, these conditions or limitations are reflected in the product’s default configuration;
- f) where technically feasible, the cryptographic mechanism, parameters and configuration identified in the documentation correspond to the assessed product configuration.

##### K.1.2.2.4 Assessment evidence

The assessment evidence shall include, as applicable:

1. description of the product’s default configuration;
2. list of cryptographic mechanisms claimed under [clause K.1.1](#k11-requirement) item 2.;
3. reference to the relevant entry in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms), where the mechanism is listed in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms);
4. evidence that the cryptographic mechanism fulfils the criteria in [clause K.1.1](#k11-requirement) item 2.b, where compliance with [clause K.1.1](#k11-requirement) item 2 is claimed on the basis of those criteria;
5. identification of the related product function using the cryptographic mechanism and the use case where applicable;
6. relevant characteristics, parameters, profiles, cipher suites or configuration constraints, where applicable;
7. evidence that the cryptographic mechanism is used in accordance with the conditions or limitations specified in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms) or in the justification under [clause K.1.1](#k11-requirement) item 2.b, where applicable.
- a) description of the product’s default configuration;
- b) list of cryptographic mechanisms claimed under [clause K.1.1](#k11-requirement) item 2.;
- c) reference to the relevant entry in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms), where the mechanism is listed in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms);
- d) evidence that the cryptographic mechanism fulfils the criteria in [clause K.1.1](#k11-requirement) item 2.b, where compliance with [clause K.1.1](#k11-requirement) item 2 is claimed on the basis of those criteria;
- e) identification of the related product function using the cryptographic mechanism and the use case where applicable;
- f) relevant characteristics, parameters, profiles, cipher suites or configuration constraints, where applicable;
- g) evidence that the cryptographic mechanism is used in accordance with the conditions or limitations specified in [clause K.3.2](#k32-list-of-acm-extended-cryptographic-mechanisms) or in the justification under [clause K.1.1](#k11-requirement) item 2.b, where applicable.

##### K.1.2.2.5 Assessment verdict

@@ -154,25 +154,25 @@ The purpose of this assessment case is to verify that cryptographic mechanisms c

The assessment shall include verification that:

1. each cryptographic mechanism claimed under [clause K.1.1](#k11-requirement) item 3\. is listed in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms) as an interoperability-based cryptographic mechanism;
2. the cryptographic mechanism used by the product corresponds to the cryptographic mechanism listed in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms);
3. the product function using the cryptographic mechanism, and the use case where applicable, correspond to the related product function and use case specified in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms);
4. the external specification or external requirement requiring the use of the cryptographic mechanism corresponds to the external specification or external requirement specified in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms);
5. the relevant characteristics, parameters, profiles, cipher suites or configuration constraints of the cryptographic mechanism correspond to those specified in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms), where applicable;
6. the conditions or limitations specified in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms) for the use of the cryptographic mechanism are reflected in the product’s default configuration;
7. where technically feasible, the cryptographic mechanism, parameters and configuration identified in the documentation correspond to the assessed product configuration.
- a) each cryptographic mechanism claimed under [clause K.1.1](#k11-requirement) item 3\. is listed in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms) as an interoperability-based cryptographic mechanism;
- b) the cryptographic mechanism used by the product corresponds to the cryptographic mechanism listed in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms);
- c) the product function using the cryptographic mechanism, and the use case where applicable, correspond to the related product function and use case specified in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms);
- d) the external specification or external requirement requiring the use of the cryptographic mechanism corresponds to the external specification or external requirement specified in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms);
- e) the relevant characteristics, parameters, profiles, cipher suites or configuration constraints of the cryptographic mechanism correspond to those specified in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms), where applicable;
- f) the conditions or limitations specified in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms) for the use of the cryptographic mechanism are reflected in the product’s default configuration;
- g) where technically feasible, the cryptographic mechanism, parameters and configuration identified in the documentation correspond to the assessed product configuration.

##### K.1.2.3.4 Assessment evidence

The assessment evidence shall include, as applicable:

1. description of the product’s default configuration;
2. list of cryptographic mechanisms claimed under [clause K.1.1](#k11-requirement) item 3.;
3. reference to the relevant entry in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms);
4. identification of the related product function using the cryptographic mechanism and the use case where applicable;
5. identification of the external specification or external requirement requiring use of the cryptographic mechanism;
6. relevant characteristics, parameters, profiles, cipher suites or configuration constraints, where applicable;
7. evidence that the cryptographic mechanism is used in accordance with the conditions or limitations specified in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms).
- a) description of the product’s default configuration;
- b) list of cryptographic mechanisms claimed under [clause K.1.1](#k11-requirement) item 3.;
- c) reference to the relevant entry in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms);
- d) identification of the related product function using the cryptographic mechanism and the use case where applicable;
- e) identification of the external specification or external requirement requiring use of the cryptographic mechanism;
- f) relevant characteristics, parameters, profiles, cipher suites or configuration constraints, where applicable;
- g) evidence that the cryptographic mechanism is used in accordance with the conditions or limitations specified in [clause K.4.2](#k42-list-of-interoperability-based-cryptographic-mechanisms).

##### K.1.2.3.5 Assessment verdict

@@ -189,10 +189,10 @@ The assessment evidence shall include, as applicable:

Where the product’s default configuration uses a cryptographic mechanism for which the ACM catalogue, or the present document, specifies a deprecation date, expiry date, migration condition or usage limitation falling within the intended lifetime of the product, the product shall provide means for addressing the affected cryptographic mechanism by one or more of the following:

1. updating the cryptographic mechanism;
2. using another cryptographic mechanism that complies with [clause K.1.1](#k11-requirement) and is not subject to the relevant deprecation date, expiry date, migration condition or usage limitation;
3. disabling the use of the affected cryptographic mechanism; or
4. limiting the use of the affected product functions accordingly.
- a) updating the cryptographic mechanism;
- b) using another cryptographic mechanism that complies with [clause K.1.1](#k11-requirement) and is not subject to the relevant deprecation date, expiry date, migration condition or usage limitation;
- c) disabling the use of the affected cryptographic mechanism; or
- d) limiting the use of the affected product functions accordingly.

> EXAMPLE: Where a security mechanism uses a hybrid cryptographic construction, for example a hybrid key-encapsulation mechanism combining a classical and a post-quantum primitive, the lifecycle status of each constituent primitive is relevant to the lifecycle status of the construction. Hybridization can be used as part of a planned migration strategy where permitted by the ACM catalogue or by the present document. However, hybridization does not, by itself, extend the recommended usage lifetime of a constituent primitive that has been deprecated.

@@ -216,30 +216,30 @@ The purpose of this assessment case is to verify whether, where the product’s

* Preconditions for the assessment: The product’s default configuration shall be used for the assessment.
* The documentation shall identify:
  1. the intended lifetime of the product;
  2. the cryptographic mechanisms used in the product’s default configuration;
  3. the related product function(s) for each cryptographic mechanism;
  4. the lifecycle information applicable to each cryptographic mechanism, where specified by the ACM catalogue or the present document, including any deprecation date, expiry date, migration condition or usage limitation.
  - a) the intended lifetime of the product;
  - b) the cryptographic mechanisms used in the product’s default configuration;
  - c) the related product function(s) for each cryptographic mechanism;
  - d) the lifecycle information applicable to each cryptographic mechanism, where specified by the ACM catalogue or the present document, including any deprecation date, expiry date, migration condition or usage limitation.

#### K.2.2.3 Assessment activities

The assessment shall include verification that:

1. for each cryptographic mechanism used in the product’s default configuration, the lifecycle information specified by the ACM catalogue or the present document has been identified, where such information is specified;
2. where the ACM catalogue or the present document specifies a deprecation date, expiry date, migration condition or usage limitation for a cryptographic mechanism, this information is reflected in the documentation;
3. where a deprecation date, expiry date, migration condition or usage limitation falls within the intended lifetime of the product, the product provides an applicable mechanism for updating the cryptographic mechanism, using another cryptographic mechanism that complies with [clause K.1.1](#k11-requirement) and is not subject to the relevant deprecation date, expiry date, migration condition or usage limitation, disabling the use of the affected cryptographic mechanism, or limiting the use of the affected product functions accordingly;
4. where another cryptographic mechanism is used, that cryptographic mechanism complies with [clause K.1.1](#k11-requirement) and is not subject to the relevant deprecation date, expiry date, migration condition or usage limitation.
- a) for each cryptographic mechanism used in the product’s default configuration, the lifecycle information specified by the ACM catalogue or the present document has been identified, where such information is specified;
- b) where the ACM catalogue or the present document specifies a deprecation date, expiry date, migration condition or usage limitation for a cryptographic mechanism, this information is reflected in the documentation;
- c) where a deprecation date, expiry date, migration condition or usage limitation falls within the intended lifetime of the product, the product provides an applicable mechanism for updating the cryptographic mechanism, using another cryptographic mechanism that complies with [clause K.1.1](#k11-requirement) and is not subject to the relevant deprecation date, expiry date, migration condition or usage limitation, disabling the use of the affected cryptographic mechanism, or limiting the use of the affected product functions accordingly;
- d) where another cryptographic mechanism is used, that cryptographic mechanism complies with [clause K.1.1](#k11-requirement) and is not subject to the relevant deprecation date, expiry date, migration condition or usage limitation.

#### K.2.2.4 Assessment evidence

The assessment evidence shall include, as applicable:

1. documentation of the intended lifetime of the product;
2. list of cryptographic mechanisms used in the product’s default configuration;
3. identification of the related product function(s) for each cryptographic mechanism;
4. references to the ACM catalogue entry or to the provision of the present document used to determine lifecycle information, where applicable;
5. identification of any deprecation date, expiry date, migration condition or usage limitation falling within the intended lifetime of the product;
6. description of the means provided by the product, such as update of the cryptographic mechanism, use of another cryptographic mechanism that complies with [clause K.1.1](#k11-requirement) and is not subject to the relevant lifecycle constraint, disabling the use of the affected cryptographic mechanism, or limitation of the use of the affected product functions.
- a) documentation of the intended lifetime of the product;
- b) list of cryptographic mechanisms used in the product’s default configuration;
- c) identification of the related product function(s) for each cryptographic mechanism;
- d) references to the ACM catalogue entry or to the provision of the present document used to determine lifecycle information, where applicable;
- e) identification of any deprecation date, expiry date, migration condition or usage limitation falling within the intended lifetime of the product;
- f) description of the means provided by the product, such as update of the cryptographic mechanism, use of another cryptographic mechanism that complies with [clause K.1.1](#k11-requirement) and is not subject to the relevant lifecycle constraint, disabling the use of the affected cryptographic mechanism, or limitation of the use of the affected product functions.

#### K.2.2.5 Assessment verdict