Kinibi v311A on Exynos 7870 Référence t-base-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854
CSV information ?
Status | archived |
---|---|
Valid from | 17.02.2017 |
Valid until | 17.02.2022 |
Scheme | 🇫🇷 FR |
Manufacturer | TRUSTONIC |
Category | Trusted Computing |
Security level | EAL2+ |
Heuristics summary ?
Certificate ?
Certification report ?
Extracted keywords
Symmetric Algorithms
AES, DESAsymmetric Algorithms
ECC, DSASchemes
MACRandomness
RNGTrusted Execution Environments
Kinibi, TEESecurity level
EAL 2, EAL2, EAL4, EAL 1, EAL 3, EAL 5, EAL 7, ITSEC E3 ElémentaireClaims
OE.INTEGRATION_CONFIGURATION, OE.PROTECTION_AFTER_DELIVERY, OE.ROLLBACK, OE.SECRETS, OE.TA_DEVELOPMENT, OE.UNIQUE_TEE_ID, OE.CONFIGURATION, OE.TRUSTED_HARDWARE, OE.TRUSTED_FIRMWARE, OE.TA_MANAGEMENT, OE.RNG, OE.INITIALIZATIONSecurity Assurance Requirements (SAR)
ADV_ARC, ADV_FSP, ADV_IMP, ADV_INT, ADV_SPM, ADV_TDS, AGD_OPE, AGD_PRE, ALC_FLR, ALC_CMC, ALC_CMS, ALC_DEL, ALC_DVS, ALC_TAT, ALC_CMC_CMS, ATE_COV, ATE_DPT, ATE_FUN, ATE_IND, AVA_TEE.2, AVA_TEE, AVA_VAN.2, AVA_VAN, ASE_CCL, ASE_ECD, ASE_INT, ASE_OBJ, ASE_REQ, ASE_SPD, ASE_TSSProtection profiles
ANSSI-CC-PP-2014/01, ANSSI-CC-PP-2014/01-M01Certificates
ANSSI-CC-2017/03Standards
NIST SP 800-90A, CCMB-2012-09-001, CCMB-2012-09-002, CCMB-2012-09-003, CCMB-2012-09-004File metadata
Title: | ANSSI-CC-2017-03 |
---|---|
Pages: | 18 |
Creator: | PDFCreator Version 1.2.1 |
Producer: | GPL Ghostscript 9.02 |
Frontpage
Certificate ID: | ANSSI-CC-2017/03 |
---|---|
Certified item: | Kinibi v311A on Exynos 7870 |
Certification lab: | THALES (TCS – CNES) 18 avenue Edouard Belin, BPI1414, 31401 Toulouse Cedex 9 France |
Developer: | Trustonic 20 Station Road Cambridge BD1 2ID United Kingdom Commanditaire Trustonic 20 Station Road Cambridge BD1 2ID United Kingdom |
References
No references.
Security target ?
Extracted keywords
Symmetric Algorithms
AES, DES, Triple-DES, HMACAsymmetric Algorithms
DSASchemes
MACProtocols
SSL, TLS, IPsec, VPNRandomness
PRNG, RNGTrusted Execution Environments
ARM TrustZone, TrustZone, Kinibi, TEEVendor
Samsung, ThalesSecurity level
EAL2, EAL 2, EAL2 augmentedClaims
O.CA_TA_IDENTIFICATIO, O.KEYS_USAGE, O.TEE_ID, O.INITIALIZATION, O.INSTANCE_TIME, O.OPERATION, O.RNG, O.RUNTIME_CONFIDENTI, O.RUNTIME_INTEGRITY, O.TA_AUTHENTICITY, O.TA_ISOLATION, O.TEE_DATA_PROTECTIO, O.TEE_FIRMWARE_UPGRA, O.TEE_ISOLATION, O.TRUSTED_STORAGE, O.CA_TA_IDENTIFICATION, O.RUNTIME_CONFIDENTIALITY, O.TEE_DATA_PROTECTION, T.ABUSE_FUNCT, T.CLONE, T.FLASH_DUMP, T.IMPERSONATION, T.ROGUE_CODE_EXECUTI, T.PERTURBATION, T.RAM, T.RNG, T.SPY, T.TEE_FIRMWARE_ROLLB, T.STORAGE_CORRUPTION, T.ROGUE_CODE_EXECUTION, A.PROTECTION_AFTER_D, A.ROLLBACK, A.TA_DEVELOPMENT, A.CONNECT, A.PEER, A.RNG, A.PROTECTION_AFTER_DELIVERY, OP.LOAD, OP.STORE, OE.TEE_FIRMWARE_UPGRADE, OE.INTEGRATION_CONFI, OE.PROTECTION_AFTER_, OE.ROLLBACK, OE.SECRETS, OE.TA_DEVELOPMENT, OE.TEE_FIRMWARE_UPGR, OE.UNIQUE_TEE_ID, OE.TRUSTED_HARDWARE, OE.TRUSTED_FIRMWARE, OE.TA_MANAGEMENT, OE.RNG, OE.INITIALIZATION, OE.INTEGRATION_CONFIGURATION, OE.PROTECTION_AFTER_DELIVERY, OE.DEBUG, OE.CRYPTOGRAPHY, OSP.TEE_ID, OSP.INTEGRATION_CONFI, OSP.SECRETS, OSP.TEE_FIRMWARE_UPG, OSP.INTEGRATION_CONFIGURATION, OSP.TA_MANAGEMENTSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.2, ADV_TDS.1, ADV_FSP.1, AGD_OPE, AGD_PRE, AGD_OPE.1, AGD_PRE.1, ALC_CMC.2, ALC_CMS.1, ALC_CMS.2, ALC_DEL.1, ATE_COV.1, ATE_FUN.1, AVA_TEE, AVA_TEE.2, AVA_VAN.2, AVA_VAN, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_REQ.1, ASE_REQ.2, ASE_OBJ.2, ASE_SPD.1, ASE_TSS.1Security Functional Requirements (SFR)
FAU_ARP.1, FAU_SAR.1, FAU_STG.1, FAU_SAR.1.1, FAU_SAR.1.2, FAU_STG.1.1, FAU_STG.1.2, FAU_ARP.1.1, FAU_GEN.1, FAU_SAA.1, FCS_RNG, FCS_RNG.1, FCS_COP.1, FCS_CKM.1, FCS_CKM.4, FCS_RNG.1.1, FCS_RNG.1.2, FCS_CKM.1.1, FCS_CKM.4.1, FCS_COP.1.1, FCS_CKM.2, FDP_IFC, FDP_IFF, FDP_ITT, FDP_RIP, FDP_ACC, FDP_ACF, FDP_SDI.2, FDP_ROL, FDP_ACC.1, FDP_ACF.1, FDP_IFC.2, FDP_IFF.1, FDP_RIP.1, FDP_ROL.1, FDP_SDI.2.1, FDP_SDI.2.2, FDP_IFC.1, FDP_ITC.1, FDP_ITC.2, FIA_ATD.1, FIA_UID.2, FIA_USB.1, FIA_UID.2.1, FIA_USB.1.1, FIA_USB.1.2, FIA_USB.1.3, FIA_ATD.1.1, FIA_UID.1, FMT_SMR.1, FMT_MSA, FMT_SMF.1, FMT_MSA.1, FMT_MSA.3, FMT_MTD.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_SMF.1.1, FPT_INI, FPT_INI.1, FPT_ITT, FPT_FLS.1, FPT_STM, FPT_INI.1.1, FPT_INI.1.2, FPT_INI.1.3, FPT_ITT.1, FPT_STM.1, FPT_TEE.1, FPT_TEE.1.1, FPT_TEE.1.2, FPT_FLS.1.1, FTP_TEE.1Evaluation facilities
Trusted LabsCertification process
out of scope, System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE, Service Provider TAs and Installed TAs). Such components are out of scope of the TOE, which is out of scope of the present Security Target, Informative — out of scope for ALC, 1.4 2016-06-01 Updated to PP 1.2; aligned most SFR to the PP 1.5 2016-06-07 Mention TA management (out of scope); reference crypto algorithms document 1.6 2016-08-29 Added the file name of the ATE cover sheet, the exact version string to the TOE description. 1.7 2016-11-22 Lifecycle: note that phase 0 is out of scope. TOE overview: mention all embedded TAs, and TAs outside the TOE. List all known TAs/drivers and, Version of Chipset EVT0_REV0.0 Note that the TOE consists of software only. The chipset is out of scope of the evaluation. Kinibi Security Target ST PUBLIC 10 1.3 Diffusion List Trustonic employees , space of its callers. Additional Trusted Applications provided by Trustonic. Such components are out of scope of the TOE. o Content Management Trusted Application (version 3.6) (System TA responsible for, and Trusted Applications (System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE. Additional trusted applications installed via Content Management (Service Provider, and Installed TAs). Such components are out of scope of the TOE. The TOE components are as follows (Table 4): Kinibi Component Descriptions MTK, Storage Upgrade Service, to convert secure storage from previous versions of Kinibi. Upgrade is out of scope of the present Security Target. SPT2 ‹ Secure Storage Proxy, a communication relay between the, proxy, a communication relay between STH2 and a rollb ack-protected storage driver (which is out of scope of the present Security Target). Table 4 TOE Architecture 4.3 TOE Environment: Required, to other entities provided the overall security level is met. Phases Actors (Informative — out of scope for ALC) Phase 0: Firmware/Hardware design, REE development The TEE hardware designer is in charge, The silicon vendor designs the ROM code and the secure portion of the TEE chipset. This phase is out of scope for this security target since it only concerns the preparation of the hardware which not part ofSide-channel analysis
side-channelsCertification process
out of scope, System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE, Service Provider TAs and Installed TAs). Such components are out of scope of the TOE, which is out of scope of the present Security Target, Informative — out of scope for ALC, 1.4 2016-06-01 Updated to PP 1.2; aligned most SFR to the PP 1.5 2016-06-07 Mention TA management (out of scope); reference crypto algorithms document 1.6 2016-08-29 Added the file name of the ATE cover sheet, the exact version string to the TOE description. 1.7 2016-11-22 Lifecycle: note that phase 0 is out of scope. TOE overview: mention all embedded TAs, and TAs outside the TOE. List all known TAs/drivers and, Version of Chipset EVT0_REV0.0 Note that the TOE consists of software only. The chipset is out of scope of the evaluation. Kinibi Security Target ST PUBLIC 10 1.3 Diffusion List Trustonic employees , space of its callers. Additional Trusted Applications provided by Trustonic. Such components are out of scope of the TOE. o Content Management Trusted Application (version 3.6) (System TA responsible for, and Trusted Applications (System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE. Additional trusted applications installed via Content Management (Service Provider, and Installed TAs). Such components are out of scope of the TOE. The TOE components are as follows (Table 4): Kinibi Component Descriptions MTK, Storage Upgrade Service, to convert secure storage from previous versions of Kinibi. Upgrade is out of scope of the present Security Target. SPT2 ‹ Secure Storage Proxy, a communication relay between the, proxy, a communication relay between STH2 and a rollb ack-protected storage driver (which is out of scope of the present Security Target). Table 4 TOE Architecture 4.3 TOE Environment: Required, to other entities provided the overall security level is met. Phases Actors (Informative — out of scope for ALC) Phase 0: Firmware/Hardware design, REE development The TEE hardware designer is in charge, The silicon vendor designs the ROM code and the secure portion of the TEE chipset. This phase is out of scope for this security target since it only concerns the preparation of the hardware which not part ofStandards
FIPS PUB 197, FIPS PUB 46-3, FIPS PUB 180-4, NIST SP 800-90A, PKCS5, ISO/IEC 15408:2005, CCMB-2012-09-001, CCMB-2012-09-002, CCMB-2012-09-003, CCMB-2012-09-004File metadata
Title: | Kinibi v311A Security Target |
---|---|
Author: | lukas.hanel@trustonic.com |
Creation date: | D:20170110164007+01'00' |
Modification date: | D:20170110164007+01'00' |
Pages: | 93 |
Creator: | Microsoft® Word 2010 Subscription |
Producer: | Microsoft® Word 2010 Subscription |
References
No references.
Heuristics ?
Extracted SARs
AGD_PRE.1, ASE_REQ.2, ASE_OBJ.2, AGD_OPE.1, ALC_CMS.2, ALC_CMC.2, ASE_TSS.1, AVA_VAN.2, ASE_CCL.1, ASE_INT.1, ALC_DEL.1, ASE_ECD.1, ATE_FUN.1, ATE_COV.1, AVA_TEE.2, ASE_SPD.1, ADV_TDS.1, ADV_ARC.1, ADV_FSP.2Scheme data ?
Product | Kinibi v311A on Exynos 7870 (Référence t-base-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854) | |
---|---|---|
Url | https://cyber.gouv.fr/produits-certifies/kinibi-v311a-exynos-7870-reference-t-base-exynos64-android-311a-v004 | |
Description | Le produit certifié est le système d’exploitation « Kinibi v311A on Exynos 7870, référence tbase-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854, version 311A »développé par TRUSTONIC. Le produit Kinibi est l’implémentation par TRUSTONIC d’un système d’exploitation (Trusted OS), conçu pour être exécuté par un environnement d’exécution de confiance (TEE - Trusted Execution Environnement) | |
Sponsor | Trustonic | |
Developer | Trustonic | |
Cert Id | 2017/03 | |
Level | EAL2+ | |
Enhanced | ||
Cert Id | 2017/03 | |
Certification Date | 17/02/2017 | |
Category | Divers | |
Cc Version | Critères Communs version 3.1r4 | |
Developer | Trustonic | |
Sponsor | Trustonic | |
Evaluation Facility | THALES (TCS – CNES) | |
Level | EAL2+ | |
Protection Profile | ||
Mutual Recognition | SOG-IS CCRA | |
Augmented | AVA_TEE.2 | |
Target Link | https://cyber.gouv.fr/sites/default/files/2017/02/anssi_cc-2017_03-cible-publique.pdf | |
Report Link | https://cyber.gouv.fr/sites/default/files/2017/02/anssi-cc-2017-03.pdf |
References ?
No references are available for this certificate.
Updates ?
-
15.02.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The following values were inserted:
{'report': {'_type': 'sec_certs.sample.cc.CCCertificate.DocumentState', 'download_ok': True, 'convert_garbage': False, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '107ef7a6468e15116c19fd2cef20902b2a63c75c0b61bb1d12054727915ac84e', 'txt_hash': '6215bd0f735df8d5f26a05010d6c4435e227a6230229ddeaa184b760d1d00d42'}, 'st': {'_type': 'sec_certs.sample.cc.CCCertificate.DocumentState', 'download_ok': True, 'convert_garbage': False, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'f4eaa5348a5e8868d4e267b981596d63acdd54a316bc57536c42c42eb27d6d53', 'txt_hash': '968f29d69dd98afe1abe3e225c1b24ca9148816a1b50a76db1a492e374daa63b'}, 'cert': {'_type': 'sec_certs.sample.cc.CCCertificate.DocumentState', 'download_ok': False, 'convert_garbage': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}}
. - The following properties were deleted:
['st_download_ok', 'report_download_ok', 'st_convert_garbage', 'report_convert_garbage', 'st_convert_ok', 'report_convert_ok', 'st_extract_ok', 'report_extract_ok', 'st_pdf_hash', 'report_pdf_hash', 'st_txt_hash', 'report_txt_hash']
.
The PDF extraction data was updated.
- The following values were inserted:
{'cert_metadata': None, 'cert_frontpage': None, 'cert_keywords': None, 'cert_filename': None}
. - The report_frontpage property was set to
{'FR': {'match_rules': ['Référence du rapport de certification(.+)Nom du produit(.+)Référence/version du produit(.+)Conformité à un profil de protection(.+)Critères d’évaluation et version(.+)Niveau d’évaluation(.+)Développeur\\(s\\)(.+)Centre d’évaluation(.+)Accords de reconnaissance applicables'], 'cert_id': 'ANSSI-CC-2017/03', 'cert_item': 'Kinibi v311A on Exynos 7870', 'cert_item_version': 'Référence t-base-EXYNOS64-Android-311A-V004- 20160527_225213_11082_38854, Version 311A', 'ref_protection_profiles': 'Néant', 'cc_version': 'Critères Communs version 3.1 révision 4', 'cc_security_level': 'EAL 2 augmenté AVA_TEE.2', 'developer': 'Trustonic 20 Station Road Cambridge BD1 2ID United Kingdom Commanditaire Trustonic 20 Station Road Cambridge BD1 2ID United Kingdom', 'cert_lab': 'THALES (TCS – CNES) 18 avenue Edouard Belin, BPI1414, 31401 Toulouse Cedex 9 France'}}
. - The st_frontpage property was set to
None
. - The report_keywords property was updated, with the
{'cc_cert_id': {'__update__': {'FR': {'__update__': {'ANSSI-CC-2017/03': 19}}}}}
data.
- The following values were inserted:
-
13.02.2024 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The report_keywords property was updated, with the
{'cc_cert_id': {'__update__': {'FR': {'__update__': {'ANSSI-CC-2017/03': 38}}}}}
data.
- The report_keywords property was updated, with the
-
07.02.2024 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The report_keywords property was updated, with the
{'cc_cert_id': {'__delete__': ['CA']}}
data.
The computed heuristics were updated.
- The report_references property was updated, with the
{'directly_referencing': None, 'indirectly_referencing': None}
data.
- The report_keywords property was updated, with the
-
07.02.2024 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The report_keywords property was updated, with the
{'cc_cert_id': {'__insert__': {'CA': {'1 1 1': 21, '1 2 3': 6, '5 5 6': 1, '1 1 2': 1, '2 3 3': 1, '5 6 1': 1, '4 5 5': 2, '5 5 5': 1, '1 2 2': 5, '2 2 2': 2, '3 3 1': 1, '2 2 1': 1, '2 2 3': 1}}, '__update__': {'FR': {'__update__': {'ANSSI-CC-2017/03': 19}}}}}
data.
The computed heuristics were updated.
- The report_references property was updated, with the
{'directly_referencing': {'_type': 'Set', 'elements': ['5-6-1']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['5-6-1']}}
data.
- The report_keywords property was updated, with the
-
05.02.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
{'product': 'Kinibi v311A on Exynos 7870 (Référence t-base-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854)', 'url': 'https://cyber.gouv.fr/produits-certifies/kinibi-v311a-exynos-7870-reference-t-base-exynos64-android-311a-v004', 'description': 'Le produit certifié est le système d’exploitation « Kinibi v311A on Exynos 7870, référence tbase-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854, version 311A »développé par TRUSTONIC.\n\nLe produit Kinibi est l’implémentation par TRUSTONIC d’un système d’exploitation (Trusted OS), conçu pour être exécuté par un environnement d’exécution de confiance (TEE - Trusted Execution Environnement)', 'sponsor': 'Trustonic', 'developer': 'Trustonic', 'cert_id': '2017/03', 'level': 'EAL2+', 'enhanced': {'cert_id': '2017/03', 'certification_date': '17/02/2017', 'category': 'Divers', 'cc_version': 'Critères Communs version 3.1r4', 'developer': 'Trustonic', 'sponsor': 'Trustonic', 'evaluation_facility': 'THALES (TCS – CNES)', 'level': 'EAL2+', 'protection_profile': '', 'mutual_recognition': 'SOG-IS\n CCRA', 'augmented': 'AVA_TEE.2', 'target_link': 'https://cyber.gouv.fr/sites/default/files/2017/02/anssi_cc-2017_03-cible-publique.pdf', 'report_link': 'https://cyber.gouv.fr/sites/default/files/2017/02/anssi-cc-2017-03.pdf'}}
.
- The scheme_data property was set to
-
04.01.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'annotated_references': None}
.
- The following values were inserted:
-
26.04.2023 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'scheme_data': None}
.
- The following values were inserted:
-
11.02.2023 The certificate data changed.
Certificate changed
The _type was updated.
- The new value is
sec_certs.sample.cc.CCCertificate
.
The state of the certificate object was updated.
- The _type property was set to
sec_certs.sample.cc.CCCertificate.InternalState
. - The following properties were deleted:
['errors']
.
The PDF extraction data was updated.
- The _type property was set to
sec_certs.sample.cc.CCCertificate.PdfData
.
The computed heuristics were updated.
- The following values were inserted:
{'direct_transitive_cves': None, 'indirect_transitive_cves': None}
. - The _type property was set to
sec_certs.sample.cc.CCCertificate.Heuristics
. - The following properties were deleted:
['direct_dependency_cves', 'indirect_dependency_cves']
.
- The new value is
-
25.12.2022 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The errors property was set to
[]
.
- The errors property was set to
-
25.12.2022 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The errors property was set to
['failed to download report from https://www.commoncriteriaportal.org/files/epfiles/ANSSI-CC-2017-03.pdf, code: nok']
.
- The errors property was set to
-
05.10.2022 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The following values were inserted:
{'st_convert_garbage': False, 'report_convert_garbage': False}
.
- The following values were inserted:
-
26.09.2022 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The st_keywords property was updated, with the
{'crypto_protocol': {'__insert__': {'VPN': {'VPN': 2}}}}
data.
- The st_keywords property was updated, with the
-
24.09.2022 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The following values were inserted:
{'report_filename': 'ANSSI-CC-2017-03.pdf', 'st_filename': 'ANSSI_CC-2017_03 Cible publique.pdf'}
. - The report_keywords property was updated, with the
{'cc_security_level': {'__update__': {'EAL': {'__update__': {'EAL 2': 2, 'EAL2': 3}, '__delete__': ['EAL 4', 'EAL 6', 'EAL 2+']}}}, 'cc_sar': {'__update__': {'ALC': {'__update__': {'ALC_CMS': 1, 'ALC_FLR': 2}, '__delete__': ['ALC_LCD']}, 'AVA': {'__insert__': {'AVA_VAN.2': 1}, '__update__': {'AVA_TEE.2': 5}}}}, 'cc_claims': {'__delete__': ['T']}, 'symmetric_crypto': {'__update__': {'DES': {'__update__': {'DES': {'__update__': {'DES': 2}}}}}}, 'tee_name': {'__update__': {'other': {'__update__': {'Kinibi': 31, 'TEE': 33}}}, '__delete__': ['IBM']}, 'standard_id': {'__update__': {'CC': {'__insert__': {'CCMB-2012-09-003': 1, 'CCMB-2012-09-004': 1}}}}}
data. - The st_keywords property was updated, with the
{'cc_security_level': {'__update__': {'EAL': {'__update__': {'EAL 2': 4}}}}, 'cc_sar': {'__update__': {'ADV': {'__update__': {'ADV_FSP.2': 14, 'ADV_TDS.1': 9}}, 'AGD': {'__insert__': {'AGD_OPE': 2}}, 'ALC': {'__update__': {'ALC_CMS.2': 1}}, 'ATE': {'__update__': {'ATE_FUN.1': 4}, '__delete__': ['ATE_IND.2']}, 'AVA': {'__update__': {'AVA_TEE.2': 22}}, 'ASE': {'__update__': {'ASE_ECD.1': 4, 'ASE_REQ.2': 2, 'ASE_SPD.1': 2}}}}, 'cc_sfr': {'__update__': {'FAU': {'__update__': {'FAU_ARP.1': 13}}, 'FCS': {'__update__': {'FCS_COP.1': 20, 'FCS_CKM.4': 10}}, 'FDP': {'__insert__': {'FDP_IFC': 21, 'FDP_IFF': 19, 'FDP_ITT': 3, 'FDP_RIP': 9, 'FDP_ACC': 18, 'FDP_ACF': 16, 'FDP_ROL': 10}, '__update__': {'FDP_SDI.2': 17, 'FDP_ACC.1': 6, 'FDP_ACF.1': 6, 'FDP_IFC.2': 3, 'FDP_IFF.1': 8, 'FDP_RIP.1': 2, 'FDP_ROL.1': 3}}, 'FIA': {'__update__': {'FIA_ATD.1': 13, 'FIA_USB.1': 8}}, 'FMT': {'__insert__': {'FMT_MSA': 68}, '__update__': {'FMT_SMR.1': 17, 'FMT_SMF.1': 17, 'FMT_MSA.1': 5, 'FMT_MSA.3': 9}}, 'FPT': {'__insert__': {'FPT_ITT': 14, 'FPT_STM': 6}, '__update__': {'FPT_FLS.1': 17, 'FPT_ITT.1': 2, 'FPT_STM.1': 2}}}}, 'cc_claims': {'__update__': {'O': {'__update__': {'O.TEE_ID': 12, 'O.OPERATION': 25, 'O.RUNTIME_INTEGRITY': 24, 'O.TRUSTED_STORAGE': 24, 'O.TEE_DATA_PROTECTION': 17}}, 'A': {'__insert__': {'A.PEER': 12}, '__delete__': ['A.PEER.FUNC', 'A.PEER.MGT']}, 'OE': {'__update__': {'OE.ROLLBACK': 8, 'OE.TA_DEVELOPMENT': 7, 'OE.UNIQUE_TEE_ID': 8, 'OE.TRUSTED_FIRMWARE': 5, 'OE.RNG': 6, 'OE.INITIALIZATION': 17, 'OE.PROTECTION_AFTER_DELIVERY': 7}}}, '__delete__': ['R']}, 'vendor': {'__delete__': ['STMicroelectronics']}, 'symmetric_crypto': {'__update__': {'AES_competition': {'__update__': {'AES': {'__update__': {'AES': 7}}}}, 'DES': {'__update__': {'DES': {'__update__': {'DES': 5}}}}, 'constructions': {'__update__': {'MAC': {'__delete__': ['CMAC']}}}}}, 'asymmetric_crypto': {'__update__': {'FF': {'__update__': {'DSA': {'__update__': {'DSA': 2}}}}}, '__delete__': ['ECC']}, 'hash_function': {}, 'crypto_scheme': {'__update__': {'MAC': {'__update__': {'MAC': 3}}}}, 'crypto_protocol': {'__update__': {'TLS': {'__update__': {'TLS': {'__update__': {'TLS': 1}}}}}}, 'randomness': {'__update__': {'RNG': {'__update__': {'RNG': 48}}}}, 'cipher_mode': {}, 'tee_name': {'__update__': {'other': {'__update__': {'Kinibi': 110, 'TEE': 341}}}, '__delete__': ['AMD', 'IBM']}, 'standard_id': {'__insert__': {'FIPS': {'FIPS PUB 197': 1, 'FIPS PUB 46-3': 1, 'FIPS PUB 180-4': 1}, 'NIST': {'NIST SP 800-90A': 6}}, '__update__': {'PKCS': {'__update__': {'PKCS5': 2}, '__delete__': ['PKCS7', 'PKCS1']}, 'CC': {'__update__': {'CCMB-2012-09-001': 2, 'CCMB-2012-09-002': 2, 'CCMB-2012-09-003': 2}}}}, 'javacard_api_const': {}, 'certification_process': {'__update__': {'OutOfScope': {'__insert__': {'System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE': 1, 'Service Provider TAs and Installed TAs). Such components are out of scope of the TOE': 1, 'which is out of scope of the present Security Target': 1, 'Informative — out of scope for ALC': 1, 'the exact version string to the TOE description. 1.7 2016-11-22 Lifecycle: note that phase 0 is out of scope. TOE overview: mention all embedded TAs, and TAs outside the TOE. List all known TAs/drivers and': 1, 'Version of Chipset EVT0_REV0.0 Note that the TOE consists of software only. The chipset is out of scope of the evaluation. Kinibi Security Target ST PUBLIC 10 1.3 Diffusion List Trustonic employees ': 1, 'and Installed TAs). Such components are out of scope of the TOE. The TOE components are as follows (Table 4): Kinibi Component Descriptions MTK': 1, 'Storage Upgrade Service, to convert secure storage from previous versions of Kinibi. Upgrade is out of scope of the present Security Target. SPT2 ‹ Secure Storage Proxy, a communication relay between the': 1, 'proxy, a communication relay between STH2 and a rollb ack-protected storage driver (which is out of scope of the present Security Target). Table 4 TOE Architecture 4.3 TOE Environment: Required': 1, 'to other entities provided the overall security level is met. Phases Actors (Informative — out of scope for ALC) Phase 0: Firmware/Hardware design, REE development The TEE hardware designer is in charge': 1, 'The silicon vendor designs the ROM code and the secure portion of the TEE chipset. This phase is out of scope for this security target since it only concerns the preparation of the hardware which not part of': 1}, '__update__': {'out of scope': 10}, '__delete__': ['.4 2016-06-01 Updated to PP 1.2; aligned most SFR to the PP 1.5 2016-06-07 Mention TA management (out of scope); reference crypto algorithms document 1.6 2016-08-29 Added the file name of the ATE cover sheet', '. 1.7 2016-11-22 Lifecycle: note that phase 0 is out of scope. TOE overview: mention all embedded TAs, and TAs outside the TOE', '.0 Note that the TOE consists of software only. The chipset is out of scope of the evaluation', '. Additional Trusted Applications provided by Trustonic. Such components are out of scope of the TOE', '(System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE', '(Service Provider TAs and Installed TAs). Such components are out of scope of the TOE', '. Upgrade is out of scope of the present Security Target', '(which is out of scope of the present Security Target', '. Phases Actors (Informative — out of scope for ALC', 'ded the exact version string to the TOE description. 1.7 2016-11-22 Lifecycle: note that phase 0 is out of scope. TOE overview: mention all embedded TAs, and TAs outside the TOE. List all known TAs/drivers and', 'ynos7870 Version of Chipset EVT0_REV0.0 Note that the TOE consists of software only. The chipset is out of scope of the evaluation. Kinibi Security Target ST PUBLIC 10 1.3 Diffusion List Trustonic employees ', 'TAs and Installed TAs). Such components are out of scope of the TOE. The TOE components are as follows (Table 4): Kinibi Component Descriptions MTK', 'ure Storage Upgrade Service, to convert secure storage from previous versions of Kinibi. Upgrade is out of scope of the present Security Target. SPT2 ‹ Secure Storage Proxy, a communication relay between the', 'torage proxy, a communication relay between STH2 and a rollb ack-protected storage driver (which is out of scope of the present Security Target). Table 4 TOE Architecture 4.3 TOE Environment: Required', 'erations to other entities provided the overall security level is met. Phases Actors (Informative — out of scope for ALC) Phase 0: Firmware/Hardware design, REE development The TEE hardware designer is in charge', 'E. The silicon vendor designs the ROM code and the secure portion of the TEE chipset. This phase is out of scope for this security target since it only concerns the preparation of the hardware which not part of']}}}}
data.
The computed heuristics were updated.
- The extracted_sars property was updated, with the
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}]}
values discarded.
- The following values were inserted:
-
18.07.2022 The certificate data changed.
Certificate changed
The _type was updated.
- The new value is
sec_certs.sample.common_criteria.CommonCriteriaCert
.
The state of the certificate object was updated.
- The _type property was set to
sec_certs.sample.common_criteria.CommonCriteriaCert.InternalState
.
The PDF extraction data was updated.
- The _type property was set to
sec_certs.sample.common_criteria.CommonCriteriaCert.PdfData
.
The computed heuristics were updated.
- The _type property was set to
sec_certs.sample.common_criteria.CommonCriteriaCert.Heuristics
. - The st_references property was updated, with the
{'_type': 'sec_certs.sample.certificate.References'}
data. - The report_references property was updated, with the
{'_type': 'sec_certs.sample.certificate.References'}
data. - The extracted_sars property was set to
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_TEE', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 2}]}
.
- The new value is
-
17.07.2022 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The report_metadata property was updated, with the
{'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}
values inserted. - The st_metadata property was updated, with the
{'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}
values inserted. - The report_keywords property was set to
{'cc_cert_id': {'FR': {'ANSSI-CC-2017/03': 38}}, 'cc_protection_profile_id': {'ANSSI': {'ANSSI-CC-PP-2014/01': 1, 'ANSSI-CC-PP-2014/01-M01': 1}}, 'cc_security_level': {'EAL': {'EAL 2': 3, 'EAL4': 1, 'EAL2': 1, 'EAL 1': 1, 'EAL 3': 1, 'EAL 4': 1, 'EAL 5': 1, 'EAL 6': 1, 'EAL 7': 1, 'EAL 2+': 1}, 'ITSEC': {'ITSEC E3 Elémentaire': 1}}, 'cc_sar': {'ADV': {'ADV_ARC': 1, 'ADV_FSP': 1, 'ADV_IMP': 1, 'ADV_INT': 1, 'ADV_SPM': 1, 'ADV_TDS': 1}, 'AGD': {'AGD_OPE': 2, 'AGD_PRE': 2}, 'ALC': {'ALC_CMC': 2, 'ALC_CMS': 2, 'ALC_DEL': 1, 'ALC_DVS': 1, 'ALC_FLR': 1, 'ALC_LCD': 1, 'ALC_TAT': 1, 'ALC_CMC_CMS': 1}, 'ATE': {'ATE_COV': 1, 'ATE_DPT': 1, 'ATE_FUN': 1, 'ATE_IND': 1}, 'AVA': {'AVA_TEE.2': 4, 'AVA_TEE': 2, 'AVA_VAN': 1}, 'ASE': {'ASE_CCL': 1, 'ASE_ECD': 1, 'ASE_INT': 1, 'ASE_OBJ': 1, 'ASE_REQ': 1, 'ASE_SPD': 1, 'ASE_TSS': 1}}, 'cc_sfr': {}, 'cc_claims': {'T': {'T': 1}, 'OE': {'OE.INTEGRATION_CONFIGURATION': 1, 'OE.PROTECTION_AFTER_DELIVERY': 1, 'OE.ROLLBACK': 1, 'OE.SECRETS': 1, 'OE.TA_DEVELOPMENT': 1, 'OE.UNIQUE_TEE_ID': 1, 'OE.CONFIGURATION': 1, 'OE.TRUSTED_HARDWARE': 1, 'OE.TRUSTED_FIRMWARE': 1, 'OE.TA_MANAGEMENT': 1, 'OE.RNG': 1, 'OE.INITIALIZATION': 1}}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 1}}, 'DES': {'DES': {'DES': 8}}}, 'asymmetric_crypto': {'ECC': {'ECC': {'ECC': 1}}, 'FF': {'DSA': {'DSA': 1}}}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {'MAC': {'MAC': 1}}, 'crypto_protocol': {}, 'randomness': {'RNG': {'RNG': 1}}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 2}, 'other': {'Kinibi': 37, 'TEE': 36}}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'NIST': {'NIST SP 800-90A': 4}, 'CC': {'CCMB-2012-09-001': 1, 'CCMB-2012-09-002': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}
. - The st_keywords property was set to
{'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL2': 3, 'EAL 2': 3, 'EAL2 augmented': 1}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 6, 'ADV_FSP.2': 15, 'ADV_TDS.1': 10, 'ADV_FSP.1': 3}, 'AGD': {'AGD_PRE': 1, 'AGD_OPE.1': 8, 'AGD_PRE.1': 8}, 'ALC': {'ALC_CMC.2': 1, 'ALC_CMS.1': 1, 'ALC_CMS.2': 2, 'ALC_DEL.1': 1}, 'ATE': {'ATE_COV.1': 5, 'ATE_FUN.1': 5, 'ATE_IND.2': 1}, 'AVA': {'AVA_TEE': 5, 'AVA_TEE.2': 14, 'AVA_VAN.2': 8, 'AVA_VAN': 2}, 'ASE': {'ASE_CCL.1': 1, 'ASE_ECD.1': 5, 'ASE_INT.1': 5, 'ASE_REQ.1': 2, 'ASE_REQ.2': 3, 'ASE_OBJ.2': 3, 'ASE_SPD.1': 3, 'ASE_TSS.1': 1}}, 'cc_sfr': {'FAU': {'FAU_ARP.1': 12, 'FAU_SAR.1': 11, 'FAU_STG.1': 10, 'FAU_SAR.1.1': 1, 'FAU_SAR.1.2': 1, 'FAU_STG.1.1': 1, 'FAU_STG.1.2': 1, 'FAU_ARP.1.1': 1, 'FAU_GEN.1': 4, 'FAU_SAA.1': 2}, 'FCS': {'FCS_RNG': 4, 'FCS_RNG.1': 15, 'FCS_COP.1': 21, 'FCS_CKM.1': 12, 'FCS_CKM.4': 11, 'FCS_RNG.1.1': 2, 'FCS_RNG.1.2': 2, 'FCS_CKM.1.1': 1, 'FCS_CKM.4.1': 1, 'FCS_COP.1.1': 1, 'FCS_CKM.2': 1}, 'FDP': {'FDP_SDI.2': 16, 'FDP_ACC.1': 5, 'FDP_ACF.1': 2, 'FDP_IFC.2': 1, 'FDP_IFF.1': 2, 'FDP_RIP.1': 1, 'FDP_ROL.1': 1, 'FDP_SDI.2.1': 1, 'FDP_SDI.2.2': 1, 'FDP_IFC.1': 4, 'FDP_ITC.1': 2, 'FDP_ITC.2': 2}, 'FIA': {'FIA_ATD.1': 14, 'FIA_UID.2': 13, 'FIA_USB.1': 9, 'FIA_UID.2.1': 1, 'FIA_USB.1.1': 1, 'FIA_USB.1.2': 1, 'FIA_USB.1.3': 1, 'FIA_ATD.1.1': 1, 'FIA_UID.1': 1}, 'FMT': {'FMT_SMR.1': 18, 'FMT_SMF.1': 15, 'FMT_MSA.1': 3, 'FMT_MSA.3': 5, 'FMT_MTD.1': 1, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1, 'FMT_SMF.1.1': 1}, 'FPT': {'FPT_INI': 3, 'FPT_INI.1': 15, 'FPT_FLS.1': 15, 'FPT_INI.1.1': 2, 'FPT_INI.1.2': 2, 'FPT_INI.1.3': 2, 'FPT_ITT.1': 1, 'FPT_STM.1': 1, 'FPT_TEE.1': 8, 'FPT_TEE.1.1': 1, 'FPT_TEE.1.2': 1, 'FPT_FLS.1.1': 1}, 'FTP': {'FTP_TEE.1': 1}}, 'cc_claims': {'O': {'O.CA_TA_IDENTIFICATIO': 1, 'O.KEYS_USAGE': 1, 'O.TEE_ID': 13, 'O.INITIALIZATION': 3, 'O.INSTANCE_TIME': 9, 'O.OPERATION': 26, 'O.RNG': 11, 'O.RUNTIME_CONFIDENTI': 1, 'O.RUNTIME_INTEGRITY': 25, 'O.TA_AUTHENTICITY': 14, 'O.TA_ISOLATION': 21, 'O.TEE_DATA_PROTECTIO': 1, 'O.TEE_FIRMWARE_UPGRA': 1, 'O.TEE_ISOLATION': 18, 'O.TRUSTED_STORAGE': 25, 'O.CA_TA_IDENTIFICATION': 10, 'O.RUNTIME_CONFIDENTIALITY': 25, 'O.TEE_DATA_PROTECTION': 18}, 'T': {'T.ABUSE_FUNCT': 11, 'T.CLONE': 11, 'T.FLASH_DUMP': 5, 'T.IMPERSONATION': 7, 'T.ROGUE_CODE_EXECUTI': 1, 'T.PERTURBATION': 13, 'T.RAM': 9, 'T.RNG': 8, 'T.SPY': 8, 'T.TEE_FIRMWARE_ROLLB': 1, 'T.STORAGE_CORRUPTION': 8, 'T.ROGUE_CODE_EXECUTION': 11}, 'A': {'A.PROTECTION_AFTER_D': 1, 'A.ROLLBACK': 5, 'A.TA_DEVELOPMENT': 5, 'A.CONNECT': 5, 'A.PEER.FUNC': 7, 'A.PEER.MGT': 5, 'A.RNG': 6, 'A.PROTECTION_AFTER_DELIVERY': 4}, 'R': {'R.FUNC': 7, 'R.MGT': 5}, 'OP': {'OP.LOAD': 4, 'OP.STORE': 5}, 'OE': {'OE.TEE_FIRMWARE_UPGRADE': 1, 'OE.INTEGRATION_CONFI': 1, 'OE.PROTECTION_AFTER_': 1, 'OE.ROLLBACK': 9, 'OE.SECRETS': 7, 'OE.TA_DEVELOPMENT': 9, 'OE.TEE_FIRMWARE_UPGR': 1, 'OE.UNIQUE_TEE_ID': 9, 'OE.TRUSTED_HARDWARE': 11, 'OE.TRUSTED_FIRMWARE': 7, 'OE.TA_MANAGEMENT': 9, 'OE.RNG': 8, 'OE.INITIALIZATION': 18, 'OE.INTEGRATION_CONFIGURATION': 8, 'OE.PROTECTION_AFTER_DELIVERY': 8, 'OE.DEBUG': 1, 'OE.CRYPTOGRAPHY': 1}, 'OSP': {'OSP.TEE_ID': 7, 'OSP.INTEGRATION_CONFI': 1, 'OSP.SECRETS': 5, 'OSP.TEE_FIRMWARE_UPG': 1, 'OSP.INTEGRATION_CONFIGURATION': 4, 'OSP.TA_MANAGEMENT': 4}}, 'vendor': {'Samsung': {'Samsung': 3}, 'STMicroelectronics': {'STM': 8}, 'Thales': {'Thales': 3}}, 'eval_facility': {'TrustedLabs': {'Trusted Labs': 1}}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 8}}, 'DES': {'DES': {'DES': 7}, '3DES': {'Triple-DES': 1}}, 'constructions': {'MAC': {'HMAC': 1, 'CMAC': 1}}}, 'asymmetric_crypto': {'ECC': {'ECDSA': {'ECDSA': 1}}, 'FF': {'DSA': {'DSA': 3}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA1': 7}, 'SHA2': {'SHA224': 7, 'SHA256': 7, 'SHA384': 6, 'SHA512': 6}}, 'MD': {'MD5': {'MD5': 4}}}, 'crypto_scheme': {'MAC': {'MAC': 5}}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 1}, 'TLS': {'TLS': 2}}, 'IPsec': {'IPsec': 2}}, 'randomness': {'PRNG': {'PRNG': 1}, 'RNG': {'RNG': 50}}, 'cipher_mode': {'CTR': {'CTR': 1}, 'GCM': {'GCM': 1}, 'CCM': {'CCM': 1}, 'XTS': {'XTS': 1}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'side-channels': 1}}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {'ARM': {'ARM TrustZone': 3, 'TrustZone': 1}, 'AMD': {'PSP': 3}, 'IBM': {'SE': 1}, 'other': {'Kinibi': 198, 'TEE': 336}}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'PKCS': {'PKCS5': 18, 'PKCS7': 9, 'PKCS1': 7}, 'ISO': {'ISO/IEC 15408:2005': 2}, 'CC': {'CCMB-2012-09-001': 1, 'CCMB-2012-09-002': 1, 'CCMB-2012-09-003': 1, 'CCMB-2012-09-004': 1}}, 'javacard_version': {}, 'javacard_api_const': {'ALG': {'DES': {'ALG_DES_ECB_NOPAD': 2, 'ALG_DES_CBC_NOPAD': 2, 'ALG_DES_CBC_MAC_NOPAD': 1, 'ALG_DES_CBC_MAC_PKCS5': 1, 'ALG_DES_CBC_ISO9797_M1': 1, 'ALG_DES_CBC_ISO9797_M2': 1, 'ALG_DES_CBC_PKCS5': 1, 'ALG_DES_ECB_ISO9797_M1': 1, 'ALG_DES_ECB_ISO9797_M2': 1, 'ALG_DES_ECB_PKCS5': 1, 'ALG_DES_MAC4_NOPAD': 1, 'ALG_DES_MAC4_PKCS5': 1, 'ALG_DES_MAC8_ISO9797_1_M2_ALG3': 1, 'ALG_DES_MAC8_ISO9797_M1': 1, 'ALG_DES_MAC8_ISO9797_M2': 1, 'ALG_DES_MAC8_NOPAD': 1, 'ALG_DES_MAC8_PKCS5': 1}, 'RSA': {'ALG_RSA_NOPAD': 2, 'ALG_RSA_ISO14888': 1, 'ALG_RSA_PKCS1': 1, 'ALG_RSA_SHA1_OAEP': 1, 'ALG_RSA_SHA224_OAEP': 1, 'ALG_RSA_SHA256_OAEP': 1, 'ALG_RSA_SHA384_OAEP': 1, 'ALG_RSA_SHA512_OAEP': 1}, 'DSA': {'ALG_DSA_SHA1': 1, 'ALG_DSA_SHA224': 1, 'ALG_DSA_SHA256': 1}, 'AES': {'ALG_AES_ECB_NOPAD': 1, 'ALG_AES_CBC_NOPAD': 1, 'ALG_AES_CTR': 1, 'ALG_AES_CTS': 1, 'ALG_AES_XTS': 1, 'ALG_AES_CCM': 1, 'ALG_AES_GCM': 1, 'ALG_AES_CBC_MAC_NOPAD': 1, 'ALG_AES_CBC_MAC_PKCS5': 1, 'ALG_AES_CMAC': 1, 'ALG_AES_128_CBC_NOPAD': 1, 'ALG_AES_128_CBC_ISO9797_M1': 1, 'ALG_AES_128_CBC_ISO9797_M2': 1, 'ALG_AES_128_CBC_PKCS5': 3, 'ALG_AES_128_CBC_PKCS7': 3, 'ALG_AES_128_ECB_NOPAD': 3, 'ALG_AES_128_ECB_ISO9797_M1': 2, 'ALG_AES_128_ECB_ISO9797_M2': 2, 'ALG_AES_128_ECB_PKCS5': 2, 'ALG_AES_128_ECB_PKCS7': 2, 'ALG_AES_128_CTR_NOPAD': 2, 'ALG_AES_256_CBC_NOPAD': 2, 'ALG_AES_256_CBC_ISO9797_M1': 2, 'ALG_AES_256_CBC_ISO9797_M2': 2, 'ALG_AES_256_CBC_PKCS5': 2, 'ALG_AES_256_CBC_PKCS7': 2, 'ALG_AES_256_ECB_NOPAD': 2, 'ALG_AES_256_ECB_ISO9797_M1': 2, 'ALG_AES_256_ECB_ISO9797_M2': 2, 'ALG_AES_256_ECB_PKCS5': 2, 'ALG_AES_256_ECB_PKCS7': 2, 'ALG_AES_256_CTR_NOPAD': 2}, 'HMAC': {'ALG_HMAC_SHA_256': 1, 'ALG_HMAC_SHA1': 1, 'ALG_HMAC_SHA224': 1, 'ALG_HMAC_SHA256': 1, 'ALG_HMAC_SHA384': 1, 'ALG_HMAC_SHA512': 1, 'ALG_HMAC_MD5': 1}, 'MD': {'ALG_MD5': 1}}, 'misc': {'TYPE_AES': 1, 'TYPE_DES': 1, 'TYPE_DES3': 1, 'TYPE_HMAC_MD5': 1, 'TYPE_HMAC_SHA1': 1, 'TYPE_HMAC_SHA224': 1, 'TYPE_HMAC_SHA256': 1, 'TYPE_HMAC_SHA384': 1, 'TYPE_HMAC_SHA512': 1, 'TYPE_RSA_PUBLIC_KEY': 1, 'TYPE_RSA_KEYPAIR': 1, 'TYPE_DSA_PUBLIC_KEY': 1, 'TYPE_DSA_KEYPAIR': 1, 'TYPE_DH_KEYPAIR': 1, 'TYPE_ECDSA_PUBLIC_KEY': 1, 'TYPE_ECDSA_KEYPAIR': 1, 'TYPE_ECDH_PUBLIC_KEY': 1, 'TYPE_ECDH_KEYPAIR': 1}}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 9, '.4 2016-06-01 Updated to PP 1.2; aligned most SFR to the PP 1.5 2016-06-07 Mention TA management (out of scope); reference crypto algorithms document 1.6 2016-08-29 Added the file name of the ATE cover sheet': 1, '. 1.7 2016-11-22 Lifecycle: note that phase 0 is out of scope. TOE overview: mention all embedded TAs, and TAs outside the TOE': 1, '.0 Note that the TOE consists of software only. The chipset is out of scope of the evaluation': 1, '. Additional Trusted Applications provided by Trustonic. Such components are out of scope of the TOE': 1, '(System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE': 1, '(Service Provider TAs and Installed TAs). Such components are out of scope of the TOE': 1, '. Upgrade is out of scope of the present Security Target': 1, '(which is out of scope of the present Security Target': 1, '. Phases Actors (Informative — out of scope for ALC': 1, '1.4 2016-06-01 Updated to PP 1.2; aligned most SFR to the PP 1.5 2016-06-07 Mention TA management (out of scope); reference crypto algorithms document 1.6 2016-08-29 Added the file name of the ATE cover sheet': 1, 'ded the exact version string to the TOE description. 1.7 2016-11-22 Lifecycle: note that phase 0 is out of scope. TOE overview: mention all embedded TAs, and TAs outside the TOE. List all known TAs/drivers and': 1, 'ynos7870 Version of Chipset EVT0_REV0.0 Note that the TOE consists of software only. The chipset is out of scope of the evaluation. Kinibi Security Target ST PUBLIC 10 1.3 Diffusion List Trustonic employees ': 1, 'space of its callers. Additional Trusted Applications provided by Trustonic. Such components are out of scope of the TOE. o Content Management Trusted Application (version 3.6) (System TA responsible for': 1, 'and Trusted Applications (System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE. Additional trusted applications installed via Content Management (Service Provider': 1, 'TAs and Installed TAs). Such components are out of scope of the TOE. The TOE components are as follows (Table 4): Kinibi Component Descriptions MTK': 1, 'ure Storage Upgrade Service, to convert secure storage from previous versions of Kinibi. Upgrade is out of scope of the present Security Target. SPT2 ‹ Secure Storage Proxy, a communication relay between the': 1, 'torage proxy, a communication relay between STH2 and a rollb ack-protected storage driver (which is out of scope of the present Security Target). Table 4 TOE Architecture 4.3 TOE Environment: Required': 1, 'erations to other entities provided the overall security level is met. Phases Actors (Informative — out of scope for ALC) Phase 0: Firmware/Hardware design, REE development The TEE hardware designer is in charge': 1, 'E. The silicon vendor designs the ROM code and the secure portion of the TEE chipset. This phase is out of scope for this security target since it only concerns the preparation of the hardware which not part of': 1}}}
.
The computed heuristics were updated.
- The _type property was set to
Heuristics
.
- The report_metadata property was updated, with the
-
14.06.2022 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The following values were inserted:
{'report_pdf_hash': '107ef7a6468e15116c19fd2cef20902b2a63c75c0b61bb1d12054727915ac84e', 'st_pdf_hash': 'f4eaa5348a5e8868d4e267b981596d63acdd54a316bc57536c42c42eb27d6d53', 'report_txt_hash': '6215bd0f735df8d5f26a05010d6c4435e227a6230229ddeaa184b760d1d00d42', 'st_txt_hash': '968f29d69dd98afe1abe3e225c1b24ca9148816a1b50a76db1a492e374daa63b'}
.
The PDF extraction data was updated.
- The report_keywords property was updated, with the
{'rules_symmetric_crypto': {'AES': 1, 'DES': 8}, 'rules_asymmetric_crypto': {'ECC': 1, 'DSA': 1}, 'rules_pq_crypto': {}, 'rules_hashes': {}, 'rules_crypto_schemes': {'MAC': 1}, 'rules_randomness': {'RNG': 1}, 'rules_tee': {'TEE': 36, 'Kinibi': 37, 'SE': 2}, 'rules_side_channels': {}}
values inserted. - The st_keywords property was updated, with the
{'rules_block_cipher_modes': {'__insert__': {'CCM': 1, 'XTS': 1}}}
data.
- The following values were inserted:
-
13.05.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'extracted_sars': {'_type': 'Set', 'elements': [{'_type': 'SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_FSP', 'level': 2}, {'_type': 'SAR', 'family': 'AVA_TEE', 'level': 2}, {'_type': 'SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'SAR', 'family': 'ATE_COV', 'level': 1}, {'_type': 'SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'SAR', 'family': 'AVA_VAN', 'level': 2}, {'_type': 'SAR', 'family': 'ADV_TDS', 'level': 1}, {'_type': 'SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_CMC', 'level': 2}, {'_type': 'SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'SAR', 'family': 'ALC_CMS', 'level': 2}, {'_type': 'SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_REQ', 'level': 2}]}}
.
- The following values were inserted:
-
24.04.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'direct_dependency_cves': None, 'indirect_dependency_cves': None}
.
- The following values were inserted:
-
08.03.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'st_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'report_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}}
. - The following properties were deleted:
['directly_affected_by', 'indirectly_affected_by', 'directly_affecting', 'indirectly_affecting']
.
- The following values were inserted:
-
18.02.2022 The certificate data changed.
Certificate changed
The Status was updated.
- The new value is
archived
.
The PDF extraction data was updated.
- The report_frontpage property was updated, with the
{'nscib': {}, 'niap': {}, 'canada': {}}
values inserted. - The st_frontpage property was updated, with the
{'nscib': {}, 'niap': {}, 'canada': {}}
values inserted.
The computed heuristics were updated.
- The extracted_versions property was set to
{'_type': 'Set', 'elements': ['7870']}
.
- The new value is
-
28.01.2022 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name Kinibi v311A on Exynos 7870 Référence t-base-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854 was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Trusted Computing",
"cert_link": null,
"dgst": "1b74c9c96976e410",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "ANSSI-CC-2017/03",
"cert_lab": [
"THALES"
],
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_TEE",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"7870"
]
},
"indirect_transitive_cves": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"scheme_data": {
"cert_id": "2017/03",
"description": "Le produit certifi\u00e9 est le syst\u00e8me d\u2019exploitation \u00ab Kinibi v311A on Exynos 7870, r\u00e9f\u00e9rence tbase-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854, version 311A \u00bbd\u00e9velopp\u00e9 par TRUSTONIC.\n\nLe produit Kinibi est l\u2019impl\u00e9mentation par TRUSTONIC d\u2019un syst\u00e8me d\u2019exploitation (Trusted OS), con\u00e7u pour \u00eatre ex\u00e9cut\u00e9 par un environnement d\u2019ex\u00e9cution de confiance (TEE - Trusted Execution Environnement)",
"developer": "Trustonic",
"enhanced": {
"augmented": "AVA_TEE.2",
"category": "Divers",
"cc_version": "Crit\u00e8res Communs version 3.1r4",
"cert_id": "2017/03",
"certification_date": "17/02/2017",
"developer": "Trustonic",
"evaluation_facility": "THALES (TCS \u2013 CNES)",
"level": "EAL2+",
"mutual_recognition": "SOG-IS\n CCRA",
"protection_profile": "",
"report_link": "https://cyber.gouv.fr/sites/default/files/2017/02/anssi-cc-2017-03.pdf",
"sponsor": "Trustonic",
"target_link": "https://cyber.gouv.fr/sites/default/files/2017/02/anssi_cc-2017_03-cible-publique.pdf"
},
"level": "EAL2+",
"product": "Kinibi v311A on Exynos 7870 (R\u00e9f\u00e9rence t-base-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854)",
"sponsor": "Trustonic",
"url": "https://cyber.gouv.fr/produits-certifies/kinibi-v311a-exynos-7870-reference-t-base-exynos64-android-311a-v004"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "TRUSTONIC",
"manufacturer_web": "https://www.trustonic.com/",
"name": "Kinibi v311A on Exynos 7870 R\u00e9f\u00e9rence t-base-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854",
"not_valid_after": "2022-02-17",
"not_valid_before": "2017-02-17",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": null,
"cert_frontpage": null,
"cert_keywords": null,
"cert_metadata": null,
"report_filename": "ANSSI-CC-2017-03.pdf",
"report_frontpage": {
"FR": {
"cc_security_level": "EAL 2 augment\u00e9 AVA_TEE.2",
"cc_version": "Crit\u00e8res Communs version 3.1 r\u00e9vision 4",
"cert_id": "ANSSI-CC-2017/03",
"cert_item": "Kinibi v311A on Exynos 7870",
"cert_item_version": "R\u00e9f\u00e9rence t-base-EXYNOS64-Android-311A-V004- 20160527_225213_11082_38854, Version 311A",
"cert_lab": "THALES (TCS \u2013 CNES) 18 avenue Edouard Belin, BPI1414, 31401 Toulouse Cedex 9 France",
"developer": "Trustonic 20 Station Road Cambridge BD1 2ID United Kingdom Commanditaire Trustonic 20 Station Road Cambridge BD1 2ID United Kingdom",
"match_rules": [
"R\u00e9f\u00e9rence du rapport de certification(.+)Nom du produit(.+)R\u00e9f\u00e9rence/version du produit(.+)Conformit\u00e9 \u00e0 un profil de protection(.+)Crit\u00e8res d\u2019\u00e9valuation et version(.+)Niveau d\u2019\u00e9valuation(.+)D\u00e9veloppeur\\(s\\)(.+)Centre d\u2019\u00e9valuation(.+)Accords de reconnaissance applicables"
],
"ref_protection_profiles": "N\u00e9ant"
}
},
"report_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
}
},
"FF": {
"DSA": {
"DSA": 1
}
}
},
"cc_cert_id": {
"FR": {
"ANSSI-CC-2017/03": 19
}
},
"cc_claims": {
"OE": {
"OE.CONFIGURATION": 1,
"OE.INITIALIZATION": 1,
"OE.INTEGRATION_CONFIGURATION": 1,
"OE.PROTECTION_AFTER_DELIVERY": 1,
"OE.RNG": 1,
"OE.ROLLBACK": 1,
"OE.SECRETS": 1,
"OE.TA_DEVELOPMENT": 1,
"OE.TA_MANAGEMENT": 1,
"OE.TRUSTED_FIRMWARE": 1,
"OE.TRUSTED_HARDWARE": 1,
"OE.UNIQUE_TEE_ID": 1
}
},
"cc_protection_profile_id": {
"ANSSI": {
"ANSSI-CC-PP-2014/01": 1,
"ANSSI-CC-PP-2014/01-M01": 1
}
},
"cc_sar": {
"ADV": {
"ADV_ARC": 1,
"ADV_FSP": 1,
"ADV_IMP": 1,
"ADV_INT": 1,
"ADV_SPM": 1,
"ADV_TDS": 1
},
"AGD": {
"AGD_OPE": 2,
"AGD_PRE": 2
},
"ALC": {
"ALC_CMC": 2,
"ALC_CMC_CMS": 1,
"ALC_CMS": 1,
"ALC_DEL": 1,
"ALC_DVS": 1,
"ALC_FLR": 2,
"ALC_TAT": 1
},
"ASE": {
"ASE_CCL": 1,
"ASE_ECD": 1,
"ASE_INT": 1,
"ASE_OBJ": 1,
"ASE_REQ": 1,
"ASE_SPD": 1,
"ASE_TSS": 1
},
"ATE": {
"ATE_COV": 1,
"ATE_DPT": 1,
"ATE_FUN": 1,
"ATE_IND": 1
},
"AVA": {
"AVA_TEE": 2,
"AVA_TEE.2": 5,
"AVA_VAN": 1,
"AVA_VAN.2": 1
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 1,
"EAL 2": 2,
"EAL 3": 1,
"EAL 5": 1,
"EAL 7": 1,
"EAL2": 3,
"EAL4": 1
},
"ITSEC": {
"ITSEC E3 El\u00e9mentaire": 1
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"CC": {
"CCMB-2012-09-001": 1,
"CCMB-2012-09-002": 1,
"CCMB-2012-09-003": 1,
"CCMB-2012-09-004": 1
},
"NIST": {
"NIST SP 800-90A": 4
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 1
}
},
"DES": {
"DES": {
"DES": 2
}
}
},
"technical_report_id": {},
"tee_name": {
"other": {
"Kinibi": 31,
"TEE": 33
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/Author": "",
"/CreationDate": "",
"/Creator": "PDFCreator Version 1.2.1",
"/Keywords": "",
"/ModDate": "",
"/Producer": "GPL Ghostscript 9.02",
"/Subject": "",
"/Title": "ANSSI-CC-2017-03",
"pdf_file_size_bytes": 589101,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 18
},
"st_filename": "ANSSI_CC-2017_03 Cible publique.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"FF": {
"DSA": {
"DSA": 2
}
}
},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.CONNECT": 5,
"A.PEER": 12,
"A.PROTECTION_AFTER_D": 1,
"A.PROTECTION_AFTER_DELIVERY": 4,
"A.RNG": 6,
"A.ROLLBACK": 5,
"A.TA_DEVELOPMENT": 5
},
"O": {
"O.CA_TA_IDENTIFICATIO": 1,
"O.CA_TA_IDENTIFICATION": 10,
"O.INITIALIZATION": 3,
"O.INSTANCE_TIME": 9,
"O.KEYS_USAGE": 1,
"O.OPERATION": 25,
"O.RNG": 11,
"O.RUNTIME_CONFIDENTI": 1,
"O.RUNTIME_CONFIDENTIALITY": 25,
"O.RUNTIME_INTEGRITY": 24,
"O.TA_AUTHENTICITY": 14,
"O.TA_ISOLATION": 21,
"O.TEE_DATA_PROTECTIO": 1,
"O.TEE_DATA_PROTECTION": 17,
"O.TEE_FIRMWARE_UPGRA": 1,
"O.TEE_ID": 12,
"O.TEE_ISOLATION": 18,
"O.TRUSTED_STORAGE": 24
},
"OE": {
"OE.CRYPTOGRAPHY": 1,
"OE.DEBUG": 1,
"OE.INITIALIZATION": 17,
"OE.INTEGRATION_CONFI": 1,
"OE.INTEGRATION_CONFIGURATION": 8,
"OE.PROTECTION_AFTER_": 1,
"OE.PROTECTION_AFTER_DELIVERY": 7,
"OE.RNG": 6,
"OE.ROLLBACK": 8,
"OE.SECRETS": 7,
"OE.TA_DEVELOPMENT": 7,
"OE.TA_MANAGEMENT": 9,
"OE.TEE_FIRMWARE_UPGR": 1,
"OE.TEE_FIRMWARE_UPGRADE": 1,
"OE.TRUSTED_FIRMWARE": 5,
"OE.TRUSTED_HARDWARE": 11,
"OE.UNIQUE_TEE_ID": 8
},
"OP": {
"OP.LOAD": 4,
"OP.STORE": 5
},
"OSP": {
"OSP.INTEGRATION_CONFI": 1,
"OSP.INTEGRATION_CONFIGURATION": 4,
"OSP.SECRETS": 5,
"OSP.TA_MANAGEMENT": 4,
"OSP.TEE_FIRMWARE_UPG": 1,
"OSP.TEE_ID": 7
},
"T": {
"T.ABUSE_FUNCT": 11,
"T.CLONE": 11,
"T.FLASH_DUMP": 5,
"T.IMPERSONATION": 7,
"T.PERTURBATION": 13,
"T.RAM": 9,
"T.RNG": 8,
"T.ROGUE_CODE_EXECUTI": 1,
"T.ROGUE_CODE_EXECUTION": 11,
"T.SPY": 8,
"T.STORAGE_CORRUPTION": 8,
"T.TEE_FIRMWARE_ROLLB": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 6,
"ADV_FSP.1": 3,
"ADV_FSP.2": 14,
"ADV_TDS.1": 9
},
"AGD": {
"AGD_OPE": 2,
"AGD_OPE.1": 8,
"AGD_PRE": 1,
"AGD_PRE.1": 8
},
"ALC": {
"ALC_CMC.2": 1,
"ALC_CMS.1": 1,
"ALC_CMS.2": 1,
"ALC_DEL.1": 1
},
"ASE": {
"ASE_CCL.1": 1,
"ASE_ECD.1": 4,
"ASE_INT.1": 5,
"ASE_OBJ.2": 3,
"ASE_REQ.1": 2,
"ASE_REQ.2": 2,
"ASE_SPD.1": 2,
"ASE_TSS.1": 1
},
"ATE": {
"ATE_COV.1": 5,
"ATE_FUN.1": 4
},
"AVA": {
"AVA_TEE": 5,
"AVA_TEE.2": 22,
"AVA_VAN": 2,
"AVA_VAN.2": 8
}
},
"cc_security_level": {
"EAL": {
"EAL 2": 4,
"EAL2": 3,
"EAL2 augmented": 1
}
},
"cc_sfr": {
"FAU": {
"FAU_ARP.1": 13,
"FAU_ARP.1.1": 1,
"FAU_GEN.1": 4,
"FAU_SAA.1": 2,
"FAU_SAR.1": 11,
"FAU_SAR.1.1": 1,
"FAU_SAR.1.2": 1,
"FAU_STG.1": 10,
"FAU_STG.1.1": 1,
"FAU_STG.1.2": 1
},
"FCS": {
"FCS_CKM.1": 12,
"FCS_CKM.1.1": 1,
"FCS_CKM.2": 1,
"FCS_CKM.4": 10,
"FCS_CKM.4.1": 1,
"FCS_COP.1": 20,
"FCS_COP.1.1": 1,
"FCS_RNG": 4,
"FCS_RNG.1": 15,
"FCS_RNG.1.1": 2,
"FCS_RNG.1.2": 2
},
"FDP": {
"FDP_ACC": 18,
"FDP_ACC.1": 6,
"FDP_ACF": 16,
"FDP_ACF.1": 6,
"FDP_IFC": 21,
"FDP_IFC.1": 4,
"FDP_IFC.2": 3,
"FDP_IFF": 19,
"FDP_IFF.1": 8,
"FDP_ITC.1": 2,
"FDP_ITC.2": 2,
"FDP_ITT": 3,
"FDP_RIP": 9,
"FDP_RIP.1": 2,
"FDP_ROL": 10,
"FDP_ROL.1": 3,
"FDP_SDI.2": 17,
"FDP_SDI.2.1": 1,
"FDP_SDI.2.2": 1
},
"FIA": {
"FIA_ATD.1": 13,
"FIA_ATD.1.1": 1,
"FIA_UID.1": 1,
"FIA_UID.2": 13,
"FIA_UID.2.1": 1,
"FIA_USB.1": 8,
"FIA_USB.1.1": 1,
"FIA_USB.1.2": 1,
"FIA_USB.1.3": 1
},
"FMT": {
"FMT_MSA": 68,
"FMT_MSA.1": 5,
"FMT_MSA.3": 9,
"FMT_MTD.1": 1,
"FMT_SMF.1": 17,
"FMT_SMF.1.1": 1,
"FMT_SMR.1": 17,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
},
"FPT": {
"FPT_FLS.1": 17,
"FPT_FLS.1.1": 1,
"FPT_INI": 3,
"FPT_INI.1": 15,
"FPT_INI.1.1": 2,
"FPT_INI.1.2": 2,
"FPT_INI.1.3": 2,
"FPT_ITT": 14,
"FPT_ITT.1": 2,
"FPT_STM": 6,
"FPT_STM.1": 2,
"FPT_TEE.1": 8,
"FPT_TEE.1.1": 1,
"FPT_TEE.1.2": 1
},
"FTP": {
"FTP_TEE.1": 1
}
},
"certification_process": {
"OutOfScope": {
"1.4 2016-06-01 Updated to PP 1.2; aligned most SFR to the PP 1.5 2016-06-07 Mention TA management (out of scope); reference crypto algorithms document 1.6 2016-08-29 Added the file name of the ATE cover sheet": 1,
"Informative \u2014 out of scope for ALC": 1,
"Service Provider TAs and Installed TAs). Such components are out of scope of the TOE": 1,
"Storage Upgrade Service, to convert secure storage from previous versions of Kinibi. Upgrade is out of scope of the present Security Target. SPT2 \u2039 Secure Storage Proxy, a communication relay between the": 1,
"System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE": 1,
"The silicon vendor designs the ROM code and the secure portion of the TEE chipset. This phase is out of scope for this security target since it only concerns the preparation of the hardware which not part of": 1,
"Version of Chipset EVT0_REV0.0 Note that the TOE consists of software only. The chipset is out of scope of the evaluation. Kinibi Security Target ST PUBLIC 10 1.3 Diffusion List Trustonic employees ": 1,
"and Installed TAs). Such components are out of scope of the TOE. The TOE components are as follows (Table 4): Kinibi Component Descriptions MTK": 1,
"and Trusted Applications (System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE. Additional trusted applications installed via Content Management (Service Provider": 1,
"out of scope": 10,
"proxy, a communication relay between STH2 and a rollb ack-protected storage driver (which is out of scope of the present Security Target). Table 4 TOE Architecture 4.3 TOE Environment: Required": 1,
"space of its callers. Additional Trusted Applications provided by Trustonic. Such components are out of scope of the TOE. o Content Management Trusted Application (version 3.6) (System TA responsible for": 1,
"the exact version string to the TOE description. 1.7 2016-11-22 Lifecycle: note that phase 0 is out of scope. TOE overview: mention all embedded TAs, and TAs outside the TOE. List all known TAs/drivers and": 1,
"to other entities provided the overall security level is met. Phases Actors (Informative \u2014 out of scope for ALC) Phase 0: Firmware/Hardware design, REE development The TEE hardware designer is in charge": 1,
"which is out of scope of the present Security Target": 1
}
},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IPsec": {
"IPsec": 2
},
"TLS": {
"SSL": {
"SSL": 1
},
"TLS": {
"TLS": 1
}
},
"VPN": {
"VPN": 2
}
},
"crypto_scheme": {
"MAC": {
"MAC": 3
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"TrustedLabs": {
"Trusted Labs": 1
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"PRNG": 1
},
"RNG": {
"RNG": 48
}
},
"side_channel_analysis": {
"SCA": {
"side-channels": 1
}
},
"standard_id": {
"CC": {
"CCMB-2012-09-001": 2,
"CCMB-2012-09-002": 2,
"CCMB-2012-09-003": 2,
"CCMB-2012-09-004": 1
},
"FIPS": {
"FIPS PUB 180-4": 1,
"FIPS PUB 197": 1,
"FIPS PUB 46-3": 1
},
"ISO": {
"ISO/IEC 15408:2005": 2
},
"NIST": {
"NIST SP 800-90A": 6
},
"PKCS": {
"PKCS5": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 7
}
},
"DES": {
"3DES": {
"Triple-DES": 1
},
"DES": {
"DES": 5
}
},
"constructions": {
"MAC": {
"HMAC": 1
}
}
},
"technical_report_id": {},
"tee_name": {
"ARM": {
"ARM TrustZone": 3,
"TrustZone": 1
},
"other": {
"Kinibi": 110,
"TEE": 341
}
},
"tls_cipher_suite": {},
"vendor": {
"Samsung": {
"Samsung": 3
},
"Thales": {
"Thales": 3
}
},
"vulnerability": {}
},
"st_metadata": {
"/Author": "lukas.hanel@trustonic.com",
"/CreationDate": "D:20170110164007+01\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2010 Subscription",
"/ModDate": "D:20170110164007+01\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2010 Subscription",
"/Title": "Kinibi v311A Security Target",
"pdf_file_size_bytes": 1581958,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 93
}
},
"protection_profiles": {
"_type": "Set",
"elements": []
},
"report_link": "https://www.commoncriteriaportal.org/files/epfiles/ANSSI-CC-2017-03.pdf",
"scheme": "FR",
"security_level": {
"_type": "Set",
"elements": [
"EAL2+"
]
},
"st_link": "https://www.commoncriteriaportal.org/files/epfiles/ANSSI_CC-2017_03%20Cible%20publique.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": false,
"download_ok": false,
"extract_ok": false,
"pdf_hash": null,
"txt_hash": null
},
"report": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "107ef7a6468e15116c19fd2cef20902b2a63c75c0b61bb1d12054727915ac84e",
"txt_hash": "6215bd0f735df8d5f26a05010d6c4435e227a6230229ddeaa184b760d1d00d42"
},
"st": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "f4eaa5348a5e8868d4e267b981596d63acdd54a316bc57536c42c42eb27d6d53",
"txt_hash": "968f29d69dd98afe1abe3e225c1b24ca9148816a1b50a76db1a492e374daa63b"
}
},
"status": "archived"
}