anybody seen (EAL5) semi-formal specification for FIPS186-2/x9.62 ecdsa?

[lynn.wheeler at firstdata.com]

for eal 5/6 evaluation .... a semi-formal specification is required. has
anybody seen a fips186-2/x9.62 semi-formal specification?

from common criteria ...

in the attached, TOE refers to "target of evaluation" ... for more detailed
definition ... see TOE in
http://www.garlic.com/~lynn/secure.htm


                     EAL5

EAL5 permits a developer to gain maximum assurance from security
engineering based upon rigorous commercial development practices supported
by moderate application of specialist security engineering techniques. Such
a TOE will probably be designed and developed with the intent of achieving
EAL5 assurance. It is likely that the additional costs attributable to the
EAL5 requirements, relative to rigorous development without the application
of specialized techniques, will not be large.

EAL5 is therefore applicable to those circumstances where developers or
users require a high level of independently assured security in a planned
development and require a rigorous development approach without incurring
unreasonable costs attributable to specialist security engineering
techniques.

EAL5 provides assurance by an analysis of the security functions, using a
functional and complete interface specification, guidance documentation,
the high-level and low-level design of the TOE, and all of the
implementation, to understand the security behavior. Assurance is
additional gained through a formal model of the TOE security policy and a
semiformal presentation of the functional specification and high-level
design and a semiformal demonstration of correspondence between them. A
modular TOE design is also required.

This EAL represents a meaningful increase in assurance from EAL4 by
requiring semiformal design descriptions, the entire implementation, a more
structure (and hence analyzable) architecture, covert channel analysis, and
improved mechanisms and/or procedures that provide confidence that the TOE
will not be tampered with during development.

                     EAL6

EAL6 permits developers to gain high assurance from application of security
engineering techniques is a rigorous development environment in order to
produce a premium TOE for protecting high value assets against significant
risks.

EAL6 is therefore applicable to the development of security TOEs for
application in high risk situations where the value of the protected assets
justifies the additional costs.

This EAL represents a meaningful increase in assurance from EAL5 by
requiring more comprehensive analysis, a structure representation of the
implementation, more architectural structure (e.g. layering), more
comprehensive independent vulnerability analysis, systematic covert channel
identification, and improved configuration management and development
environmental controls.



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com