Final Interpretation for RI # 220 - FCS_CKM/COP dependency on FDP_ITC.1

Date:	04/04/2005
Subject:	FCS_CKM/COP dependency on FDP_ITC.1
CC Part #1 Reference:
CC Part #2 Reference:	v2.1, Chapter 5 – Class: FCS Cryptographic Support
CC Part #3 Reference:
CEM Reference:

Issue

 

FCS_CKM.2/3/4 and FCS_COP.1 all have a dependency on FDP_ITC.1. However, they do not have a dependency on FDP_ITC.2. It seems that FCS_CKM.2/3/4 and FCS_COP.1 should also include FDP_ITC.2 in their dependency lists.

Interpretation

The dependency on FDP_ITC.1 is included for the cryptographic SFRs FCS_CKM.2/3/4 and FCS_COP.1 due to the need to have a cryptographic key supplied in order to perform the operations specified – the TOE must either generate the key (FCS_CKM.1) or import the key (FDP_ITC.1). At issue is the omittance of FTP_ITC.2 from the dependency list.

The FDP_ITC family defines mechanisms for importing user data from outside the TSF Scope of Control into the TOE.  FDP_ITC.1 is used where there are no security attributes associated with the imported data, while FDP_ITC.2 is used where there are security attributes associated with the imported data.

In regard to the import of cryptographic keys, FDP_ITC.1 or FDP_ITC.2 could be specified depending on the implementation of the import mechanism.

Specific Changes

To address this interpretation, the following changes are made to CC v2.1, Part 2:

• FCS_CKM.2 Cryptographic key distribution dependencies list is replaced as follows:

Dependencies:

 

[FDP_ITC.1 Import of user data without security attributes, or

FDP_ITC.2 Import of user data with security attributes, or

FCS_CKM.1 Cryptographic key generation]

 

FCS_CKM.4 Cryptographic key destruction

FMT_MSA.2 Secure security attributes

•  FCS_CKM.3 Cryptographic key access dependencies list is replaced as follows:

Dependencies:

 

[FDP_ITC.1 Import of user data without security attributes, or

FDP_ITC.2 Import of user data with security attributes, or

FCS_CKM.1 Cryptographic key generation]

 

FCS_CKM.4 Cryptographic key destruction

FMT_MSA.2 Secure security attributes

 

• FCS_CKM.4 Cryptographic key destruction dependencies list is replaced as follows:

Dependencies:

 

[FDP_ITC.1 Import of user data without security attributes, or

FDP_ITC.2 Import of user data with security attributes, or

FCS_CKM.1 Cryptographic key generation]

 

FMT_MSA.2 Secure security attributes
 

• FCS_COP.1 Cryptographic operation dependencies list is replaced as follows:

Dependencies:

 

[FDP_ITC.1 Import of user data without security attributes, or

FDP_ITC.2 Import of user data with security attributes, or

FCS_CKM.1 Cryptographic key generation]

 

FCS_CKM.4 Cryptographic key destruction

FMT_MSA.2 Secure security attributes

 

Rationale

 

This interpretation allows for key import either with (FDP_ITC.2) or without (FDP_ITC,1) security attributes, by modifying the FCS_CKM.2-4 and FCS_COP.1 dependencies.