Specifications
Security Target Version 1.0 9/29/2014
38
TSS shall also describe the checks that are done when negotiating IKEv1 Phase 2 and/or IKEv2
CHILD_SA suites to ensure that the strength (in terms of the number of bits of key in the
symmetric algorithm) of the negotiated algorithm is less than or equal to that of the IKE SA this is
protecting the negotiation. The evaluator shall also perform the following tests:
Test 1: This test shall be performed for each version of IKE supported by the TOE. The evaluator
shall successfully negotiate an IPsec connection using each of the supported algorithms and hash
functions identified in the requirements.
Test 2: This test shall be performed for each version of IKE supported by the TOE. The evaluator
shall attempt to establish an SA for ESP that selects an encryption algorithm with more strength
than that being used for the IKE SA (i.e., symmetric algorithm with a key size larger than that
being used for the IKE SA). Such attempts should fail.
5.2.2.13 Extended: Cryptographic Operation: Random Bit Generation (FCS_RBG_EXT.1)
FCS_RBG_EXT.1.1
The TSF shall perform all random bit generation (RBG) services in accordance with [NIST
Special Publication 800-90 using [CTR_DRBG(any)]] seeded by an entropy source that
accumulates entropy from at least one independent TSF-hardware-based noise sources
FCS_RBG_EXT.1.2
The deterministic RBG shall be seeded with a minimum of [256 bits] of entropy at least equal to
the greatest bit length of the keys and authorization factors that it will generate.
Component Assurance Activity:
The evaluator shall review the TSS section to determine the version number of the product
containing the RBG(s) used in the TOE. The evaluator shall also confirm that the TSS describes
the hardware-based noise source from which entropy is gathered, and further confirm that this
noise source is located on the USB Flash Drive. The evaluator will further verify that all of the
underlying functions and parameters used in the RBG are listed in the TSS.
The evaluator shall verify that the TSS contains a description of the RBG model, including the
method for obtaining entropy input, as well as identifying the entropy source(s) used, how entropy
is produced/gathered from each source, and how much entropy is produced by each entropy
source. The evaluator shall also ensure that the TSS describes the entropy source health tests, a
rationale for why the health tests are sufficient to determine the health of the entropy sources, and
known modes of entropy source failure. Finally, the evaluator shall ensure that the TSS contains a
description of the RBG outputs in terms of the independence of the output and variance with time
and/or environmental conditions.
Regardless of the standard to which the RBG is claiming conformance, the evaluator perform the
following test:
Test 1: The evaluator shall determine an entropy estimate for each entropy source by using the
Entropy Source Test Suite. The evaluator shall ensure that the TSS includes an entropy estimate
that is the minimum of all results obtained from all entropy sources.
The evaluator shall also perform the following tests, depending on the standard to which the RBG
conforms.
Implementations Conforming to FIPS 140-2, Annex C
The reference for the tests contained in this section is The Random Number Generator Validation
System (RNGVS) [RNGVS]. The evaluators shall conduct the following two tests. Note that the
"expected values" are produced by a reference implementation of the algorithm that is known to
be correct. Proof of correctness is left to each Scheme.