 |
中标分类
行业分类
ICS分类
最新标准
|
登录注册 |
| 您的位置: 标准明细 |
Codeofchina.com is in charge of this English translation. In case of any doubt about the English translation, the Chinese original shall be considered authoritative. This standard is developed in accordance with the rules given in GB/T 1.1-2009. Certain contents of this document may involve patents. The organization issuing this document shall not undertake the responsibility of identifying these patents. This standard was proposed and is under jurisdiction of the State Encryption Management Bureau. Introduction Security chip is an important basic security function unit, and is widely used in computer, information and communication system. Especially, many security chips have one or more cipher functions. The security chip in this standard refers to the integrated circuit chip which has realized one or more cryptographic algorithms, and protects the key and sensitive information by directly or indirectly using cryptographic technology. On the basis of cryptographic algorithm, the security chip must have one or more security capabilities according to the difference of design and application. This standard classifies security capability into 9 parts, i.e., cryptographic algorithm, security chip interface, key management, sensitive information protection, security chip firmware security, self-inspection, audit, weakening and protection against attack and life cycle assurance, and classifies the security capability of each part into three security grades (with security successively increased), and specifies security requirements for each security grade. The security grade of security chip is set as the lowest security grade of the security capability possessed by the security chip. In case of using the cipher function of security chip, the security capability of security chip is very important for assuring the security of entire system. In order to provide expected security service and meet the security requirements of application and environment, security chip with appropriate security grade shall be selected so as to ensure that computer, information and communication system using security chip can provide a kind of acceptable security grade for special application. This standard may provide criteria for security chip which has applicable security grade and meets application and environmental safety requirements, and also may provide guidance for development of security chip. Cryptography Test Criteria for Security IC 1 Scope This standard specifies three security grades with security capability successively increased, and cryptography test requirements for security chip of each security grade. This standard is applicable to cryptography test of security chip and may also guide the development of security chip. 2 Normative References The following referenced document is indispensable for the application of this document. For dated reference, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. GM/T 0005 Randomness Test Specification 3 Terms, Definitions and Abbreviations 3.1 Terms and Definitions For the purposes of this document, the following terms and definitions apply. 3.1.1 key critical information or parameter controlling the operation of cryptographic transformation 3.1.2 sensitive information data needing protection in addition to key in the security chip 3.1.3 security chip integrated circuit chip, containing cryptographic algorithm and security function, capable of realizing key management mechanism 3.1.4 security capability direct or indirect assurance and protective measures provided by security chip for key and sensitive information 3.1.5 block cipher operation mode block cipher operation mode mainly includes the modes of electronic code book (ECB), cipher block chaining (CBC), cipher feedback (CFB), output feedback (OFB) and counter (CTR) 3.1.6 public key cipher application mode public key cipher application mode mainly includes encryption/decryption, signature/confirmation and key agreement 3.1.7 operation speed of cryptographic algorithm maximum data quantity processable in unit time of cryptographic algorithm achieved by security chip 3.1.8 physical random source source block in random sequence generated on the basis of uncertainty of physical noise 3.1.9 firmware program code solidified in the security chip, responsible for controlling and coordinating the password and security function of security chip 3.1.10 hardware physical entity in security chip 3.1.11 life cycle whole process from development of security chip to delivery to user for use 3.1.12 identification a group of data solidified inside the security chip for identification of different security chips 3.1.13 permission a group of rules specifying the operating range permitted by the user 3.1.14 key management a group of definite rules established and implemented in allusion to the generation, registration, certification, deregistration, distribution, installation, storage, filing, revocation, derivation and destruction of key according to security policy 3.1.15 covert channel transmission channel for transmitting key and sensitive information in violation of security requirements 3.1.16 zeroization a kind of method to erase electronic data and avoid data recovery 3.1.17 interface input or output point of security chip, which provides the entrance or exit of inputting or outputting chip for the information flow, including physical interface and logical interface 3.1.18 physical interface interface of various transmission media or transmission equipment 3.1.19 logical interface interface which is capable of realizing data exchange function for physical interface, but inexistent physically and needs to be established through configuration 3.1.20 timing attack a kind of attack pattern to obtain the key and sensitive information in the chip by analyzing according to operation timing difference of cryptographic algorithm in security chip 3.1.21 power analysis attack a kind of attack pattern to obtain the key and sensitive information in the chip by acquiring the power consumption information of security chip generated during crypto-operation with such principles as cryptography, statistics and information theory 3.1.22 EM analysis attack a kind of attack pattern to obtain the key and sensitive information in the chip by acquiring the electromagnetic radiation information of security chip generated during crypto-operation with such principles as cryptography, statistics and information theory 3.1.23 fault attack a kind of attack pattern to obtain the key and sensitive information in the chip by analyzing such fault behavior or error message of hardware fault or arithmetical error which may appear in the operation process of security chip 3.1.24 light attack attack by using the energy of illumination (conducted for package-removed security chip) to change the operation state of security chip 3.1.25 source file file such as software source code, layout and HDL source code involved in the process of security chip development 3.2 Abbreviations For the purpose of this document, the following abbreviation applies. HDL Hardware Description Language 4 Classification of Security Grade 4.1 Security Grade 1 Security Grade 1 specifies the lowest required security grade requirements for security capability of security chip, and requires security chip to provide basic protective measures for key and sensitive information. The security chip reaching Security Grade 1 may be applied to the external operating environment deployed by security chip which is capable of ensuring physical security and input/output information security of security chip. 4.2 Security Grade 2 Security Grade 2 specifies the medium security grade requirements for security capability of security chip. On the basis of Security Grade 1, Security Grade 2 specifies the logical and/or physical protective measures which must be equipped for security chip. Security Grade 2 requires that security chip is capable of protecting key and sensitive information, and has logical and/or physical preventive measures against attack, and that testing unit can describe the validity of corresponding preventive measures; security chip shall have relatively comprehensive assurance of life cycle. The security chip reaching Security Grade 2 may be applied to the external operating environment deployed by security chip which is not capable of ensuring physical security and input/output information security of security chip, in such environment, security chip has basic protection capability for various security risks. 4.3 Security Grade 3 Security Grade 3 specifies the high security grade requirements for security capability of security chip. On the basis of Security Grade 2, Security Grade 3 specifies the logical and/or physical protective measures which must be equipped for security chip. Security Grade 3 requires that security chip is capable of providing high-grade protection for key and sensitive information, and has logical and/or physical security mechanism which can provide overall protection for key and sensitive information, and that security chip is capable of defensing various attacks specified in this standard; it also requires that testing unit can certify the validity of corresponding preventive measures, and security chip shall have relatively integral assurance of life cycle. The security chip reaching Security Grade 3 may be applied to the external operating environment deployed by security chip which is not capable of ensuring physical security and input/output information security of security chip, in such environment, security chip has basic protection capability for various security risks. 5 Cryptographic Algorithm 5.1 Random Number Generation 5.1.1 Security Grade 1 a) Security chip must be provided with at least 2 mutually independent physical random sources to directly generate random number or generate initial input of random number extended algorithm. The random number directly generated by physical random source or the initial input of extended algorithm of such random number must be generated through exclusive-or operation of all output of physical random source. b) Within the range of temperature working condition supported by security chip, three working conditions are set, i.e., upper and lower temperature limits and room temperature, and the random number generated by security chip shall be capable of meeting the requirements of randomness test specified in GM/T 0005. 5.1.2 Security Grade 2 a) Security chip must be provided with at least 4 mutually independent physical random sources to directly generate random number or generate initial input of random number extended algorithm. The random number directly generated by physical random source or the initial input of extended algorithm of such random number must be generated through exclusive-or operation of all output of physical random source. b) Within the range of frequency and temperature working condition supported by security chip, frequency and temperature (9 kinds in total) are set, i.e., upper and lower temperature limits, room temperature, upper and lower frequency limits and normal frequency, and the random number generated by security chip shall be capable of meeting the requirements of randomness test specified in GM/T 0005. 5.1.3 Security Grade 3 a) Security chip must be provided with at least 8 mutually independent and dispersedly distributed physical random sources to directly generate random number or generate initial input of random number extended algorithm. The physical random source shall be realized by adopting at least two kinds of design principles. The random number directly generated by physical random source or the initial input of extended algorithm of such random number must be generated through exclusive-or operation of all output of physical random source. b) Within the range of frequency and temperature working condition supported by security chip, frequency and temperature (9 kinds in total) are set, i.e., upper and lower temperature limits, room temperature, upper and lower frequency limits and normal frequency, and the random number generated by security chip shall be capable of meeting the requirements of randomness test specified in GM/T 0005. 5.2 Block Cipher 5.2.1 Security Grade 1 a) Block cipher supported by security chip can be correctly realized in various operation modes. b) Security chip must determine the operation speed of block cipher in various operation modes. 5.2.2 Security Grade 2 On the basis of Security Grade 1: a) Security chip is capable of giving definite result or making a response for any input data. b) Special hardware circuit must be adopted to realize the core operation link of block cipher supported by security chip. 5.2.3 Security Grade 3 On the basis of Security Grade 2: a) Special hardware circuit must be adopted to realize block cipher supported by security chip. b) Security chip is capable of verifying the accuracy of supported block cipher in various operation modes. 5.3 Public Key Cipher 5.3.1 Security Grade 1 a) Public key cipher supported by security chip can be correctly realized in various operation modes. b) Security chip must determine the operation speed of public key cipher in various application modes. c) If the public key cipher supported by security chip needs the security chip to generate prime number, the generated prime number must pass the primality test. 5.3.2 Security Grade 2 On the basis of Security Grade 1: a) Security chip is capable of giving definite result or making a response for any input data. b) Special hardware circuit must be adopted to realize the core operation link of public key cipher supported by security chip. 5.3.3 Security Grade 3 On the basis of Security Grade 2: a) Special hardware circuit must be adopted to realize public key cipher supported by security chip. b) Security chip is capable of verifying the accuracy of supported public key cipher in various application modes. 5.4 Hash Cipher 5.4.1 Security Grade 1 a) Hash cipher supported by security chip can be correctly realized. b) Security chip must determine the operation speed of hash cipher. 5.4.2 Security Grade 2 On the basis of Security Grade 1: a) Security chip is capable of giving definite result or making a response for any input data. b) Special hardware circuit must be adopted to realize the core operation link of hash cipher supported by security chip. 5.4.3 Security Grade 3 On the basis of Security Grade 2: a) Special hardware circuit must be adopted to realize hash cipher supported by security chip. b) Security chip itself is capable of verifying the accuracy of supported hash cipher. 5.5 Stream Cipher 5.5.1 Security Grade 1 a) Stream cipher supported by security chip can be correctly realized. b) Security chip must determine the operation speed of stream cipher. 5.5.2 Security Grade 2 On the basis of Security Grade 1: a) Security chip is capable of correctly processing the non-normative seed key of stream cipher. b) Special hardware circuit must be adopted to realize the core operation link of stream cipher supported by security chip. 5.5.3 Security Grade 3 On the basis of Security Grade 2: a) Special hardware circuit must be adopted to realize stream cipher supported by security chip. b) Security chip itself is capable of verifying the accuracy of supported stream cipher. Foreword III Introduction IV 1 Scope 2 Normative References 3 Terms, Definitions and Abbreviations 3.1 Terms and Definitions 3.2 Abbreviations 4 Classification of Security Grade 4.1 Security Grade 4.2 Security Grade 4.3 Security Grade 5 Cryptographic Algorithm 5.1 Random Number Generation 5.2 Block Cipher 5.3 Public Key Cipher 5.4 Hash Cipher 5.5 Stream Cipher 6 Security Chip Interface 6.1 Physical Interface 6.2 Logical Interface 7 Key Management 7.1 Generation 7.2 Storage 7.3 Application 7.4 Update 7.5 Import 7.6 Export 7.7 Clearing 8 Sensitive Information Protection 8.1 Storage 8.2 Clearing 8.3 Operation 8.4 Transmission 9 Firmware Security 9.1 Storage 9.2 Execution 9.3 Import 10 Self Inspection 10.1 Security Grade 10.2 Security Grade 10.3 Security Grade 11 Audit 11.1 Security chip identification 11.2 Life cycle identification 12 Attack Weakening and Protection 12.1 Layout Protection 12.2 Self-destruction of Key and Sensitive Information 12.3 Protection against Timing Attack 12.4 Protection against Power Analysis Attack 12.5 Protection against EM Analysis Attack 12.6 Protection against Fault Attack 13 Life Cycle Guarantee 13.1 Unit Qualification 13.2 Document 13.3 Development Environment Safety 13.4 Personnel 13.5 Development Process 13.6 Source Files References ICS 35.040 L 80 备案号:38306—2013 中华人民共和国密码行业标准 GM/T 0008—2012 安全芯片密码检测准则 Cryptography test criteria for security IC 2012—11—22发布 2012—11—22实施 国家密码管理局 发布 前言 本标准依据GB/T 1.1—2009给出的规则起草。 请注意本文件的某些内容可能涉及专利。本文件的发布机构不承担识别这些专利的责任。 本标准山国家密码管理局提出并归口。 本标准的主要起草单位:国家密码管理局商用密码检测中心、信息安全国家重点实验室、清华大学、北京宏思电子技术有限责任公司、国民技术股份有限公司、北京中电华大电子设计有限责任公司、浙江大学、中国科学院深圳先进技术研究院、大唐微电子技术有限公司、北京芯光天地集成电路设计有限公司、成都信息工程学院。 本标准的主要起草人:李大为、周永彬、罗鹏、刘继业、张建人、张文婧、张翌维、陈立志、叶茵、沈海斌、李慧云、孙东昱、熊燕萍、刘宏伟、陈运、吴震、毛颖颖。 引 言 安全芯片是一种重要的基础安全功能单元,在计算机、信息与通信系统中应用非常广泛。特别地,多数安全芯片都具有一种或多种密码功能。本标准中的安全芯片是指实现了一种或多种密码算法,直接或间接地使用密码技术来保护密钥和敏感信息的集成电路芯片。 安全芯片在实现的密码算法的基础上,根据设计和应用的不同须具有一种或多种安全能力。本标准将安全能力划分为密码算法、安全芯片接口、密钥管理、敏感信息保护、安全芯片固件安全、自检、审计、攻击的削弱与防护和生命周期保证九个部分,对每个部分的安全能力划分为安全性依次递增的三个安全等级,并对每个安全等级提出了安全性要求。安全芯片的安全等级定为该安全芯片所具有的各部分的安全能力的最低安全等级。 使用安全芯片所具有的密码功能时,安全芯片的安全能力对于保障整个系统的安全性举足轻重。为提供预期的安全服务,以及满足应用与环境的安全要求,应选择恰当安全等级的安全芯片,以确保使用安全芯片的计算机、信息与通信系统能够为特定应用提供一种可接受的安全等级。 本标准可以为选择满足应用与环境安全要求的适用安全等级的安全芯片提供依据,亦可为安全芯片的研制提供指导。 安全芯片密码检测准则 1 范围 本标准规定了安全能力依次递增的三个安全等级,以及适用于各安全等级安全芯片的密码检测要求。 本标准适用于安全芯片的密码检测,亦可指导安全芯片的研制。 2规范性引用文件 下列文件对于本文件的应用是必不可少的。凡是注日期的引用文件,仅注日期的版本适用于本文件。凡是不注日期的引用文件,其最新版本(包括所有的修改单)适用于本文件。 GM/T 0005随机性检测规范 3术语、定义和缩略语 3.1术语和定义 下列术语、定义适用于本文件。 3.1.1 密钥key 控制密码变换操作的关键信息或参数。 3.1.2 敏感信息sensitive information 安全芯片中除密钥外需要保护的数据。 3.1.3 安全芯片security chip 含有密码算法、安全功能,可实现密钥管理机制的集成电路芯片。 3.1.4 安全能力security capability 安全芯片对密钥和敏感信息能够提供的直接或间接的保障和防护措施。 3.1.5 分组密码算法的工作模式block cipher operation mode 分组密码算法的工作方式,主要包括电码本模式(ECB)、密码分组链接模式(CBC)、密码反馈模式(CFB)、输出反馈模式(OFB)、计数器模式(CTR)等。 3.1.6 公钥密码算法的应用模式public key cipher application mode 公钥密码算法的使用方式,主要包括加密/解密、签名/验证和密钥协商等。 3.1.7 密码算法的运算速率operation speed of cryptographic algorithm 安全芯片实现的密码算法单位时间内可处理的最大数据量。 3.1.8 物理随机源physical random source 基于物理噪声所具有的不确定性而产生随机序列的源部件。 3.1.9 固件firmware 固化在安全芯片内的程序代码,负责控制和协调安全芯片的密码和安全功能。 3.1.10 硬件hardware 安全芯片的物理实体。 3.1.11 生命周期life cycle 安全芯片从研制到交付用户使用的全过程。 3.1.12 标识 identification 安全芯片内部所固化的一组数据,用以识别不同的安全芯片。 3.1.13 权限permission 一组规则,规定用户许可的操作范围。 3.1.14 密钥管理key management 根据安全策略,对密钥的产生、登记、认证、注销、分发、安装、存储、归档、撤销、衍生和销毁等操作制定并实施一组确定的规则。 3.1.15 隐式通道 covert channel 可用来以违反安全要求的方式传送密钥和敏感信息的传输通道。 3.1.16 清零zeroization 一种擦除电子数据的方法,旨在防止数据恢复。 3.1.17 接口 interface 安全芯片的输入或输出点,该点为信息流提供了输入或输出芯片的入口或出口,包括物理接口和逻辑接口。 3.1.18 物理接口physical interface 涉及各种传输介质或传输设备的接口。 3.1.19 逻辑接口logical interface 相对物理接口而言,能够实现数据交换功能但在物理上不存在,需要通过配置来建立的接口。 3.1.20 计时攻击timing attack 根据密码算法在安全芯片中运行的时间差异,分析获取芯片内密钥和敏感信息的一种攻击方式。 3.1.21 能量分析攻击power analysis attack 通过采集安全芯片在密码运算时产生的能量消耗信息,利用密码学、统计学、信息论等原理分析获取芯片内密钥和敏感信息的一种攻击方式。 3.1.22 电磁分析攻击EM analysis attack 通过采集安全芯片在密码运算时产生的电磁辐射信息,利用密码学、统计学、信息论等原理分析获取芯片内密钥和敏感信息的一种攻击方式。 3.1.23 故障攻击fault attack 安全芯片运算过程中受到干扰时可能出现硬件故障或运算错误,利用这些故障行为或错误信息分析获取芯片内密钥和敏感信息的一种攻击方式。 3.1.24 光攻击light attack 对去除封装后的安全芯片进行光照,利用光照的能量改变安全芯片的运行状态来实施的攻击。 3.1.25 源文件source file 安全芯片研制过程中涉及的软件源代码、版图、HDL源代码等文件。 3.2缩略语 下列缩略语适用于本文件。 HDL Hardware Description Language 硬件描述语言 4安全等级的划分 4.1安全等级1 安全等级1规定了安全芯片的安全能力须满足的最低安全等级要求。安全等级1要求安全芯片对密钥和敏感信息提供基本的保护措施。 达到安全等级1的安全芯片可应用于安全芯片所部署的外部运行环境能够保障安全芯片自身物理安全和输入输出信息安全的应用场合。 4.2安全等级2 安全等级2规定了安全芯片的安全能力所能达到的中等安全等级要求。在安全等级1的基础上,安全等级2规定了安全芯片须具有的逻辑和/或物理保护措施。安全等级2要求安全芯片能够对密钥和敏感信息进行保护,具有对抗攻击的逻辑和/或物理的防御措施,并要求送检单位能够对相应防御措施的有效性进行说明,安全芯片应具有较全面的生命周期保障。 达到安全等级2的安全芯片可应用于安全芯片所部署的外部运行环境不能保障安全芯片自身物理安全和输入输出信息安全的应用场合,在该环境下安全芯片对各种安全风险具有基本的防护能力。 4.3安全等级3 安全等级3规定了安全芯片的安全能力所能达到的高安全等级要求。在安全等级2的基础上,安全等级3规定了安全芯片须具有的逻辑和/或物理保护措施。安全等级3要求安全芯片能够对密钥和敏感信息提供高级保护,要求安全芯片具有的逻辑和/或物理安全机制能够对密钥和敏感信息提供完整的保护,要求安全芯片能够防御本标准指定的各种攻击,要求送检单位能够证明相关防御措施的有效性,并要求安全芯片应具有完整的生命周期保障。 达到安全等级3的安全芯片可应用于安全芯片所部署的外部运行环境不能保障安全芯片自身物理安全和输入输出信息安全的应用场合,在该环境下安全芯片对各种安全风险具有全面的防护能力。 5密码算法 5.1随机数生成 5.1.1安全等级1 a)安全芯片内必须有至少2个相互独立的物理随机源直接生成随机数或生成随机数扩展算法的初始输入。由物理随机源直接生成的随机数或生成的随机数扩展算法的初始输入必须由全部物理随机源的输出经异或运算产生。 b)在安全芯片支持的温度工作条件范围内,设定温度上限、温度下限和室温3种工作条件,安全芯片生成的随机数应能满足GM/T 0005规定的随机性检测要求。 5.1.2安全等级2 a)安全芯片内必须有至少4个相互独立的物理随机源直接生成随机数或生成随机数扩展算法的初始输入。由物理随机源直接生成的随机数或生成的随机数扩展算法的初始输入必须由全部物理随机源的输出经异或运算产生。 b)在安全芯片支持的频率和温度工作条件范围内,设定温度上限、温度下限、室温及频率上限、频率下限、正常频率共9种频率和温度的组合,安全芯片生成的随机数应能满足GM/T 0005规定的随机性检测要求。 5.1.3安全等级3 a)安全芯片内必须有至少8个相互独立且分散布局的物理随机源直接生成随机数或生成随机数扩展算法的初始输入。物理随机源应基于至少采用两种以上的设计原理实现。由物理随机源直接生成的随机数或生成的随机数扩展算法的初始输入必须由全部物理随机源的输出经异或运算产生。 b)在安全芯片支持的频率和温度工作条件范围内,设定温度上限、温度下限、室温及频率上限、频率下限、正常频率共9种频率和温度的组合,安全芯片生成的随机数应能满足GM/T 0005规定的随机性检测要求。 5.2分组密码算法 5.2.1安全等级1 a)安全芯片支持的分组密码算法在各种工作模式下实现正确。 b)安全芯片须测定分组密码算法在各种工作模式下的运算速率。 5.2.2安全等级2 在安全等级1的基础上: a)安全芯片对于任何输入数据均能给出明确的结果或响应。 b)安全芯片支持的分组密码算法的核心运算环节须采用专用硬件电路实现。 5.2.3安全等级3 在安全等级2的基础上: a)安全芯片支持的分组密码算法须采用专用硬件电路实现。 b)安全芯片自身可以验证支持的分组密码算法在各种工作模式下的正确性。 5.3公钥密码算法 5.3.1安全等级1 a)安全芯片支持的公钥密码算法在各种应用模式下实现正确。 1))安全芯片须测定公钥密码算法在各种应用模式下的运算速率。 c)若安全芯片支持的公钥密码算法需要由安全芯片生成素数,则生成的素数须通过素性检测。 5.3.2安全等级2 在安全等级1的基础上: a)安全芯片对于任何输入数据均能给出明确的结果或响应。 b)安全芯片支持的公钥密码算法的核心运算环节须采用专用硬件电路实现。 5.3.3安全等级3 在安全等级2的基础上; a)安全芯片支持的公钥密码算法须采用专用硬件电路实现。 b)安全芯片自身可以验证支持的公钥密码算法在各种应用模式下的正确性。 5.4杂凑密码算法 5.4.1安全等级1 a)安全芯片支持的杂凑密码算法实现正确。 b)安全芯片须测定杂凑密码算法的运算速率。 5.4.2安全等级2 在安全等级1的基础上: a)安全芯片对于任何输入数据均能给出明确的结果或响应。 b)安全芯片支持的杂凑密码算法的核心运算环节须采用专用硬件电路实现。 5.4.3安全等级3 在安全等级2的基础上: a)安全芯片支持的杂凑密码算法须采用专用硬件电路实现。 b)安全芯片自身可以验证支持的杂凑密码算法的正确性。 5.5序列密码算法 5.5.1安全等级1 a)安全芯片支持的各种序列密码算法实现正确。 b)安全芯片须测定序列密码算法的运算速率。 5.5.2安全等级2 在安全等级1的基础上: a)安全芯片能够正确处理序列密码算法的非规范的种子密钥。 b)安全芯片支持的序列密码算法的核心运算环节须采用专用硬件电路实现。 5.5.3安全等级3 在安全等级2的基础上: a)安全芯片支持的序列密码算法须采用专用硬件电路实现。 b)安全芯片自身可以验证支持的序列密码算法的正确性。 6安全芯片接口 6.1物理接口 6.1.1安全等级1 a)安全芯片支持的物理接口中不得含有隐式通道。 b)安全芯片支持的各种不同物理接口输入输出的密码算法的运算数据须一致。 c)若安全芯片支持随机数生成功能,则通过安全芯片支持的物理接口输出的随机数均能够通过随机性检测。 6.1.2安全等级2 在安全等级1的基础上,安全芯片不得含有除声明的物理接口之外的物理接口。 6.1.3安全等级3 在安全等级2的基础上: a)安全芯片须支持关闭非工作状态的物理接口。 b)安全芯片不得含有可能旁路安全芯片定义的安全机制的物理接口。 6.2逻辑接口 6.2.1安全等级1 a)安全芯片支持的逻辑接口中不得含有隐式通道。 b)安全芯片支持的逻辑接口输入输出的密码算法的运算数据须一致。 c)若安全芯片支持随机数生成功能,则通过安全芯片支持的逻辑接口得到的随机数均能够通过随机性检测。 6.2.2安全等级2 在安全等级1的基础上,安全芯片不得含有除声明的逻辑接口之外的逻辑接口。 6.2.3安全等级3 在安全等级2的基础上,安全芯片不得含有逻辑调试接口或其他可能旁路安全芯片定义的安全机制的逻辑接口。 7密钥管理 7.1生成 7.1.1安全等级1 a)安全芯片能够正确、有效地生成密钥。 b)安全芯片生成的密钥不可预测、不可逆推。 c)若安全芯片在密钥生成过程中需使用非确定性数据,则须使用随机数;若安全芯片能够生成随机数,则须使用安全芯片自身生成的随机数。 7.1.2安全等级2 在安全等级1的基础上: a)安全芯片在密钥生成过程中,不得通过物理接口和逻辑接口泄露密钥的相关信息。 b)安全芯片在密钥生成后立即清除密钥生成过程中使用过且不再需要使用的相关数据和临时信息。 7.1.3安全等级3 同安全等级2。 7.2存储 7.2.1安全等级1 安全芯片能够正确、有效地存储密钥。 7.2.2安全等级2 在安全等级1的基础上: a)安全芯片须支持带校验的密钥存储。 b)安全芯片内存储的密钥及密钥相关信息须存放在可控且专用的存储区域,具有防止通过安全芯片的物理接口和逻辑接口对密钥进行非法访问的安全机制。 7.2.3安全等级3 在安全等级2的基础上,安全芯片须支持以密文形式存储密钥。 7.3使用 7.3.1安全等级1 安全芯片能够根据密钥的类型和使用场合等情况正确、有效地使用密钥。 7.3.2安全等级2 在安全等级1的基础上: a)安全芯片在密钥使用过程中存放密钥及密钥相关信息的存储区域可控且专用。 b)安全芯片在密钥使用过程中,安全芯片的物理接口和逻辑接口不得泄露密钥及密钥相关信息。 7.3.3安全等级3 在安全等级2的基础上,安全芯片在每次使用完密钥后,除密钥的固定存储区域外,须将密钥及密钥相关信息在使用过程中涉及的存储区域立即自行清零。 7.4更新 7.4.1安全等级1 安全芯片能够正确、有效地更新密钥。 7.4.2安全等级2 在安全等级1的基础上: a)密钥更新需要相应的权限。 b)安全芯片完成密钥更新后须立即将原密钥安全清除。 c)若密钥更新过程需要与外部交换密钥的部分或全部信息,则安全芯片须支持安全的密钥协商机制来保证密钥更新过程的安全,且更新过程中传输的密钥的部分或全部信息应是密文形式。 7.4.3安全等级3 同安全等级2。 7.5导入 7.5.1安全等级1 安全芯片能够正确、有效地导入密钥。 7.5.2安全等级2 在安全等级1的基础上: a)密钥导入需要相应的权限。 b)安全芯片须支持以密文形式导入密钥。 7.5.3安全等级3 同安全等级2。 7.6导出 7.6.1 安全等级1 安全芯片能够正确、有效地导出密钥。 7.6.2安全等级2 在安全等级1的基础上: a)密钥导出需要相应的权限。 b)安全芯片须支持以密文形式导出密钥。 7.6.3安全等级3 同安全等级2。 7.7清除 7.7.1安全等级1 安全芯片能够根据需要正确、有效地清除所存储的密钥。 7.7.2安全等级2 在安全等级1的基础上: a)密钥清除需要相应的权限。 b)密钥清除不得泄露密钥及密钥相关信息。 7.7.3安全等级3 在安全等级2的基础上,安全芯片须支持反复擦写等手段实现安全的密钥清除机制。 8敏感信息保护 8.1存储 8.1.1 安全等级1 安全芯片能够正确、有效地存储敏感信息。 8.1.2安全等级2 在安全等级1的基础上: a)安全芯片须支持敏感信息以密文形式存储。 b)安全芯片须具有对敏感信息的访问控制机制。 8.1.3安全等级3 在安全等级2的基础上: a)安全芯片须具有以硬件实现的对敏感信息的访问控制机制。 b)不再转移的敏感信息不能从安全芯片读出。 8.2清除 8.2.1安全等级1 安全芯片能够根据需要正确、有效地清除敏感信息。 8.2.2安全等级2 在安全等级1的基础上: a)敏感信息清除需要有相应的权限。 b)敏感信息清除不得泄露敏感信息本身。
|
联系我们
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
微信联系客服
|
| 关于我们 | 联系我们 | 收费付款 |
| 服务热线:400-001-5431 | 电话:010-8572 5110 | 传真:010-8581 9515 | Email: bz@bzfyw.com | |
版权所有: 北京悦尔信息技术有限公司 2008-2020 京ICP备17065875号-1
51La
|
| 本页关键词: |
| GM/T 0008-2012, GM 0008-2012, GMT 0008-2012, GM/T0008-2012, GM/T 0008, GM/T0008, GM0008-2012, GM 0008, GM0008, GMT0008-2012, GMT 0008, GMT0008 |