MRTD full EAC v2
Public Security Target BAC
FQR No: 110 7607
FQR Issue: 4
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Legal Notice
© OT. All rights reserved.
Specifications and information are subject to change without notice.
The products described in this document are subject to continuous development and
All trademarks and service marks referred to herein, whether registered or not in specific countries, are the properties
of their respective owners.
** Printed versions of this document are uncontrolled **
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Specifications and information are subject to change without notice.
The products described in this document are subject to continuous development and improvement.
All trademarks and service marks referred to herein, whether registered or not in specific countries, are the properties
** Printed versions of this document are uncontrolled **
Public Security Target BAC
420, rue d’Estienne d’Orves - 92700
improvement.
All trademarks and service marks referred to herein, whether registered or not in specific countries, are the properties
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Document Management
A. Identification
Business Unit - Department ID R&D
Document type: FQR
Document Title: MRTD full EAC
FQR No: 110 7
FQR Issue: 4
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Document Management
ID R&D
FQR
MRTD full EAC v2 – Public Security Target BAC
110 7607
4
Public Security Target BAC
420, rue d’Estienne d’Orves -
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Table of contents
LIST OF FIGURES
LIST OF TABLES 9
1 SECURITY TARGET INTR
1.1 Purpose ................................
1.2 Objective of the security target
1.3 Security target identification
1.4 TOE technical identification
1.5 IC identification
2 TOE OVERVIEW
2.1 Product overvi
2.2 TOE overview................................
2.3 TOE usages................................
2.4 TOE definition
3 TOE ARCHITECTURE
3.1 Integrated Circuit
3.2 Low layer ................................
3.3 Tools modules
3.4 Applicative modules
3.5 Operating System
3.6 Application layer
4 TOE LIFE CYCLE
4.1 Life cycle overview
4.2 Phase 1 “Development”
4.3 Phase 2 “Manufacturing”
4.4 Phase 3 “Personalization of the travel document”
4.5 Phase 4 “Operational Use”
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
SECURITY TARGET INTRODUCTION
................................................................................................
Objective of the security target................................................................
Security target identification ................................................................
TOE technical identification................................................................
IC identification................................................................................................
Product overview................................................................................................
................................................................................................
................................................................................................
................................................................................................
Integrated Circuit - NXP P60................................................................
................................................................................................
................................................................................................
Applicative modules................................................................
Operating System................................................................................................
Application layer................................................................................................
overview ..............................................................................................
Phase 1 “Development”................................................................
Phase 2 “Manufacturing”................................................................
Phase 3 “Personalization of the travel document”................................
Phase 4 “Operational Use” ................................................................
Public Security Target BAC
420, rue d’Estienne d’Orves -
8
10
..............................................10
............................................10
...............................................11
.................................................12
...................................13
14
................................14
......................................15
..........................................16
.....................................17
19
.................................................19
............................................20
.....................................21
............................................................21
................................22
.................................22
23
..............................23
.......................................................25
.....................................................25
................................................26
..................................................27
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
5 CONFORMANCE CLAIMS
5.1 Common Criteria conformance
5.1.1 Overview of the SFR defined in this ST
5.1.2 Overview of the additional protocols
5.1.2.1 Chip Authentication
5.1.2.2 Active Authentication
5.1.2.3 Prepersonalization phase
5.2 Protection Profile conformance
5.3 Rationale for the additions
5.4 Non evaluated features
6 SECURITY PROBLEM DEF
6.1 Subjects ................................
6.1.1 PP BAC subjects
6.1.2 Additional Subjects
6.2 Assets ................................
6.3 Threats ................................
6.3.1 Threats from the PP BAC
6.3.2 Threats for CA
6.3.3 Threats for AA
6.3.4 Threats for Note 6
6.4 Organisational Security Policies
6.4.1 OSP from PP BAC
6.4.2 OSP for CA................................
6.4.3 OSP for AA................................
6.5 Assumptions ................................
6.5.1 Assumptions from PP BAC
6.5.2 Assumptions for Chip Authentication
6.5.3 Assumptions for Active Authentication
7 SECURITY OBJECTIVES
7.1 Security Objectives for the TOE
7.1.1 SO from PP BAC
7.1.2 SO for CA ................................
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
CONFORMANCE CLAIMS
Criteria conformance ................................................................
Overview of the SFR defined in this ST ................................................................
Overview of the additional protocols ................................................................
Chip Authentication ................................................................................................
Active Authentication................................................................................................
Prepersonalization phase................................................................................................
Protection Profile conformance ................................................................
Rationale for the additions ................................................................
Non evaluated features................................................................
SECURITY PROBLEM DEFINITION
................................................................................................
subjects................................................................................................
Additional Subjects ................................................................................................
................................................................................................
................................................................................................
he PP BAC................................................................
................................................................................................
................................................................................................
s for Note 6................................................................................................
Organisational Security Policies ................................................................
OSP from PP BAC................................................................................................
................................................................................................
................................................................................................
................................................................................................
Assumptions from PP BAC ................................................................
Assumptions for Chip Authentication................................................................
Assumptions for Active Authentication ................................................................
SECURITY OBJECTIVES
Security Objectives for the TOE................................................................
SO from PP BAC................................................................................................
................................................................................................
Public Security Target BAC
420, rue d’Estienne d’Orves -
28
............................................28
.................................... 29
...................................... 30
........................................ 30
...................................... 30
................................ 30
...........................................31
..................................................31
.......................................................31
32
..............................................32
........................................ 32
.................................. 33
.................................................34
...............................................35
.......................................................... 35
.......................................... 38
.......................................... 38
.................................... 38
...........................................39
...................................... 39
................................................ 40
................................................ 40
.......................................40
....................................................... 40
...................................... 41
................................... 42
43
............................................43
........................................ 43
.................................................. 44
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
7.1.3 SO for AA................................
7.1.4 SO for Note 6................................
7.2 Security objectives for the Operational Environment
7.2.1 OE from PP BAC
7.2.1.1 Issuing State or Organization
7.2.1.2 Receiving State or Organization
7.2.2 OE for CA................................
7.2.3 OE for AA................................
8 EXTENDED REQUIREMENT
8.1 Extended family FAU_SAS
8.1.1 Extended components FAU_SAS.1
8.2 Extended family FCS_RND
8.2.1 Extended component FCS_RND.1
8.3 Extended family FIA_API
8.3.1 Extended component FIA_API.1
8.4 Extended family FMT_LIM
8.4.1 Extended component FMT_LIM.1
8.4.2 Extended component FMT_LIM.2
8.5 Extended family FPT_EMS
8.5.1 Extended component FPT_EMS.1
9 SECURITY REQUIREMENT
9.1 Security Functional Requirements
9.1.1 Global SFR ................................
9.1.2 Product configuration SFR
9.1.2.1 SFR for additional code
9.1.2.2 Manufacturing and Personalization
9.1.3 Active Authentication SFR
9.1.4 Basic Access Control SFR
9.1.4.1 Common Basic Access Control SFR
9.1.4.2 Specific Basic Access Control SFR
9.1.5 Chip Authentication SFR
9.2 Security Assurance Requirements
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
................................................................................................
................................................................................................
Security objectives for the Operational Environment................................
OE from PP BAC................................................................................................
Issuing State or Organization ................................................................
Receiving State or Organization ................................................................
................................................................................................
................................................................................................
EXTENDED REQUIREMENTS
Extended family FAU_SAS - Audit data storage................................
Extended components FAU_SAS.1................................................................
Extended family FCS_RND - Generation of random numbers ................................
Extended component FCS_RND.1................................................................
Extended family FIA_API – Authentication proof of identity ................................
Extended component FIA_API.1 ................................................................
Extended family FMT_LIM - Limited capabilities and availability
Extended component FMT_LIM.1................................................................
Extended component FMT_LIM.2................................................................
Extended family FPT_EMS - TOE Emanation ................................
Extended component FPT_EMS.1................................................................
SECURITY REQUIREMENTS
Security Functional Requirements................................................................
................................................................................................
Product configuration SFR ................................................................
SFR for additional code ................................................................................................
Manufacturing and Personalization ................................................................
Active Authentication SFR................................................................
Basic Access Control SFR................................................................
Common Basic Access Control SFR................................................................
Specific Basic Access Control SFR................................................................
Chip Authentication SFR................................................................
Security Assurance Requirements................................................................
Public Security Target BAC
420, rue d’Estienne d’Orves -
.................................................. 45
............................................ 45
............................................46
........................................ 46
.......................................................... 46
...................................................... 48
.................................................. 48
.................................................. 49
51
.....................................................51
........................................... 51
................................51
............................................ 51
.................................51
.............................................. 51
Limited capabilities and availability...........................52
............................................ 52
............................................ 52
.........................................................53
............................................ 53
54
........................................54
................................................ 54
....................................................... 56
................................... 56
................................................ 59
........................................................ 67
.......................................................... 69
.................................................. 69
.................................................... 72
........................................................... 75
........................................81
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
10 TOE SUMMARY SPECIFIC
10.1 TOE Summary Specification
11 RATIONALES
12 REFERENCES
13 ACRONYMS
INDEX 90
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
TOE SUMMARY SPECIFICATION
TOE Summary Specification ................................................................
Public Security Target BAC
420, rue d’Estienne d’Orves -
82
.................................................82
85
86
89
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
List of Figures
Figure 1 - ID-One Native eDoc Overview
Figure 2 - Block 1 Overview
Figure 3 - TOE architecture
Figure 4: Smartcard product life-
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
One Native eDoc Overview
-cycle for the TOE
Public Security Target BAC
420, rue d’Estienne d’Orves -
15
15
19
23
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
List of tables
Table 1 - General Identification
Table 2 - TOE Technical Identification
Table 3 - Chip Identification
Table 4 - Block 1 Applications overview
Table 5 - OT Cryptographic library
Table 6 - Roles identification on the life cycle
Table 7 - Subjects identification following life cycle steps
Table 8 - Conformance Rationale
Table 9 -SFR from the PP
Table 10 - Additional SFR
Table 11 - User Data
Table 12 - TSF Data
Table 13- Threats and Security Objectives
Table 14 - OSPs and Security Objectives
Table 15 - Assumptions and OE –
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
TOE Technical Identification
Block 1 Applications overview
OT Cryptographic library
Roles identification on the life cycle
Subjects identification following life cycle steps
Conformance Rationale
Threats and Security Objectives – coverage
OSPs and Security Objectives – Coverage
– Coverage
Public Security Target BAC
420, rue d’Estienne d’Orves -
11
12
13
15
20
24
24
28
29
30
34
35
85
85
85
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
1 SECURITY TARGET INTRODUCTION
1.1 Purpose
The objective of this document is to present the
product on NXP components from
1.2 Objective of the security target
This security target describes the security needs for MRTD full EAC v2 product. The product is
conforming to PP BAC and adds requirements for prepersonalization and personalization.
This security target aims to satisfy the requirements of Common Criteria level EAL4 augmented
defined in §1.3 in defining the security enforcing functions of the
the environment in which it operates.
The objectives of this Security Target are:
- To describe the Target of Evaluation (TOE), its life cycle and to position it in the smart
card life cycle.
- To describe the security envi
the threats to be countered by the TOE and by the operational environment during the
platform active phases.
- To describe the security objectives of the TOE and its supporting environment in terms
integrity and confidentiality of sensitive information. It includes protection of the TOE
(and its documentation) during the product active phases.
- To specify the security requirements which include the TOE functional requirements, the
TOE assurance requirements and the security requirements for the
- To describe the summary of the TOE specification including a description of the security
functions and assurance measures that meet the TOE security requirements.
- To present evidence that this ST
TOE provides on an effective set of IT security countermeasures within the security
environment, and that the TOE summary specification addresses the requirements.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
INTRODUCTION
The objective of this document is to present the Public Security Target BAC of the
NXP components from P60 family.
Objective of the security target
This security target describes the security needs for MRTD full EAC v2 product. The product is
to PP BAC and adds requirements for prepersonalization and personalization.
This security target aims to satisfy the requirements of Common Criteria level EAL4 augmented
in defining the security enforcing functions of the Target Of Evaluation and describing
the environment in which it operates.
The objectives of this Security Target are:
To describe the Target of Evaluation (TOE), its life cycle and to position it in the smart
To describe the security environment of the TOE including the assets to be protected and
the threats to be countered by the TOE and by the operational environment during the
platform active phases.
To describe the security objectives of the TOE and its supporting environment in terms
integrity and confidentiality of sensitive information. It includes protection of the TOE
(and its documentation) during the product active phases.
To specify the security requirements which include the TOE functional requirements, the
uirements and the security requirements for the environment.
To describe the summary of the TOE specification including a description of the security
functions and assurance measures that meet the TOE security requirements.
To present evidence that this ST is a complete and cohesive set of requirements that the
TOE provides on an effective set of IT security countermeasures within the security
environment, and that the TOE summary specification addresses the requirements.
Public Security Target BAC
420, rue d’Estienne d’Orves -
f the MRTD full EAC v2
This security target describes the security needs for MRTD full EAC v2 product. The product is
to PP BAC and adds requirements for prepersonalization and personalization.
This security target aims to satisfy the requirements of Common Criteria level EAL4 augmented as
Target Of Evaluation and describing
To describe the Target of Evaluation (TOE), its life cycle and to position it in the smart
ronment of the TOE including the assets to be protected and
the threats to be countered by the TOE and by the operational environment during the
To describe the security objectives of the TOE and its supporting environment in terms of
integrity and confidentiality of sensitive information. It includes protection of the TOE
To specify the security requirements which include the TOE functional requirements, the
environment.
To describe the summary of the TOE specification including a description of the security
functions and assurance measures that meet the TOE security requirements.
is a complete and cohesive set of requirements that the
TOE provides on an effective set of IT security countermeasures within the security
environment, and that the TOE summary specification addresses the requirements.
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
1.3 Security target identification
Title: Security
Editor: Oberthur Technologies
CC version: 3.1 revision 4
EAL:
EAL4 augmented with:
- ADV_FSP.5, ADV_INT.2, ADV_TDS.4
- ALC_DVS.2, ALC_CMS.5, ALC_TAT.2
- ATE_DPT.3
PP(s): BSI-CC-PP
ST Reference: FQR 110 7216 Issue
ITSEF: LETI
Certification Body: ANSSI
Evaluation scheme: FR
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
identification
Security target BAC
Oberthur Technologies
3.1 revision 4
EAL4 augmented with:
ADV_FSP.5, ADV_INT.2, ADV_TDS.4
ALC_DVS.2, ALC_CMS.5, ALC_TAT.2
ATE_DPT.3
PP-055 [R11]
FQR 110 7216 Issue 11
Table 1 - General Identification
Public Security Target BAC
420, rue d’Estienne d’Orves -
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
1.4 TOE technical identification
Product name: ID-
Commercial name of
the TOE 1:
ID-
configuration with AA and CA
Commercial name of
the TOE 2:
ID-
with AA and CA
IC type
‘6C14
‘6014
‘6A15
‘6019
‘6A20
Additional code 1
Mandatory generic
Identification:
‘C96E449AD06093BB25395B4F2C4F63720C46F52E2D4D91BA00B84B098
6F7A738
Additional code 2
Optional DBI
Identification:
‘B765E230D3B932A3930445DF453B50CAA3EC0077C03ABD2F327D8606
532F51C2
Table
Nota Bene
- The additional code doesn’t depend on the IC and the memory size
- The additional code is encrypted with the LSK key
- An optional additional code (functional) can be loaded. This additional code, relative to the
Digitally Blurred Image process (DBI) is part of the product, but not in the scope of the
evaluation.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
identification
-One ePass Full EAC v2
-One ePass Full EAC v2 on P60x080 VC/VG
configuration with AA and CA
-One ePass Full EAC v2 on P60x144 VA in BAC configuration
with AA and CA
6C14’ (P60D080 VC)
6014’ (P60D080 VG)
6A15’ (P60D144 VA)
6019’ (P60C080 VG)
6A20’ (P60C144 VA)
C96E449AD06093BB25395B4F2C4F63720C46F52E2D4D91BA00B84B098
6F7A738’
B765E230D3B932A3930445DF453B50CAA3EC0077C03ABD2F327D8606
532F51C2’
Table 2 - TOE Technical Identification
The additional code doesn’t depend on the IC and the memory size
The additional code is encrypted with the LSK key
An optional additional code (functional) can be loaded. This additional code, relative to the
Digitally Blurred Image process (DBI) is part of the product, but not in the scope of the
Public Security Target BAC
420, rue d’Estienne d’Orves -
in BAC
VA in BAC configuration
C96E449AD06093BB25395B4F2C4F63720C46F52E2D4D91BA00B84B098
B765E230D3B932A3930445DF453B50CAA3EC0077C03ABD2F327D8606
An optional additional code (functional) can be loaded. This additional code, relative to the
Digitally Blurred Image process (DBI) is part of the product, but not in the scope of the
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
1.5 IC identification
IC Reference: NXP P60 chips
TOE 1:
NXP P60x080/052/040
EAL 6 + AVA_VAN.5 + ALC_DVS.2 + ASE_TSS.2
TOE 2:
NXP P60x144/080PVA/PVA (Y)
EAL 6 + ALC_FLR.1
Communication
protocol:
Contact, Contactless and Dual
Memory: ROM
Chip Manufacturer: NXP Semiconductors
Nota Bene
TOE 1 and TOE 2 possess the same source
NXP chips are driven from the NXP
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
NXP P60 chips
NXP P60x080/052/040 PVC/PVG [R19]
+ AVA_VAN.5 + ALC_DVS.2 + ASE_TSS.2
P60x144/080PVA/PVA (Y) [R18]
EAL 6 + ALC_FLR.1
Contact, Contactless and Dual
NXP Semiconductors
Table 3 - Chip Identification
the same source code, which is embedded on the two NXP chips. The two
NXP chips are driven from the NXP P60 chip family.
Public Security Target BAC
420, rue d’Estienne d’Orves -
is embedded on the two NXP chips. The two
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
2 TOE OVERVIEW
2.1 Product overview
The product ID-One Native eDoc
and/or contact-less smart card integrated circuits of different form factors. The product can be
configured to serve different use cases, during the
product. For more information on the
The product supports the storage and retrieval of structured information compliant to the Logical
Data Structure as specified in [R2]
Access Control [R11], Supplementary Access Control
[R13]), the Basic Access Protection
It can host four types of applications as mentioned above, namely the IDL,
Moreover, further configuration may also be done to each type of application to serve use ca
other than those behaviourally defined in the referenced normative documents.
This product is embedded on the ICs
The ID-One Native eDoc architecture can be viewed as shown in the following picture:
Platform
layer
Application
layer
Block 1:
MRTD - IDL
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
One Native eDoc is a multi-applicative native software, embedd
less smart card integrated circuits of different form factors. The product can be
configured to serve different use cases, during the Prepersonalization/personalization
product. For more information on the product, please refer to complete ST.
The product supports the storage and retrieval of structured information compliant to the Logical
[R2]. It also provides standard authentication protocols, namely Basic
, Supplementary Access Control [R17], Extended Access Control (
), the Basic Access Protection [R9] and Extended Access Protection (compliant to
It can host four types of applications as mentioned above, namely the IDL, MRTD
Moreover, further configuration may also be done to each type of application to serve use ca
defined in the referenced normative documents.
This product is embedded on the ICs described in §1.5 IC identification.
architecture can be viewed as shown in the following picture:
NXP P60
Low layer
Tools modules
Applicative modules
Operating System
Block 2:
eID
Block 3:
eSign
Public Security Target BAC
420, rue d’Estienne d’Orves -
applicative native software, embeddable in contact
less smart card integrated circuits of different form factors. The product can be
Prepersonalization/personalization phases of the
The product supports the storage and retrieval of structured information compliant to the Logical
. It also provides standard authentication protocols, namely Basic
, Extended Access Control ([R12] and
and Extended Access Protection (compliant to [R9]).
MRTD, eID and eSign.
Moreover, further configuration may also be done to each type of application to serve use cases
architecture can be viewed as shown in the following picture:
Block 4:
Dauth
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Figure
2.2 TOE overview
The TOE described in this security target is the BAC TOE of the
- IDL.
The block 1 of the ID-One Native eDoc is composed of the following
Applications PP
BAC with CA and AA [R11]
EAC with BAC and AA [R12]
EAC with PACE [R13]
PACE [R14]
BAP X
EAC and BAP X
PACE X
PACE and EAC X
Table
The BAC TOE is instantiated during the product prepersonalization, using the
creates the MF / DF required for the BAC configuration.
The TOE life cycle is described in
The TOE identification is described in
Block 1:
MRTD & IDL MRTD BAC
IDL BAP
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Figure 1 - ID-One Native eDoc Overview
The TOE described in this security target is the BAC TOE of the product, a subset of the Block 1 MRTD
One Native eDoc is composed of the following applications:
Targeted EAL
EAL4 + ADV_FSP.5 + ADV_INT.2 + ADV_TDS.4 + ALC_DVS.2 +
ALC_CMS.5 + ALC_TAT.2 + ATE_DPT.3
EAL5 + ALC_DVS.2 + AVA_VAN.5
EAL5 + ALC_DVS.2 + AVA_VAN.5
EAL5 + ALC_DVS.2 + AVA_VAN.5
EAL4 + ADV_FSP.5 + ADV_INT.2 + ADV_TDS.4 + ALC_DVS.2 +
ALC_CMS.5 + ALC_TAT.2 + ATE_DPT.3
EAL5 + ALC_DVS.2 + AVA_VAN.5
EAL5 + ALC_DVS.2 + AVA_VAN.5
EAL5 + ALC_DVS.2 + AVA_VAN.5
Table 4 - Block 1 Applications overview
Figure 2 - Block 1 Overview
The BAC TOE is instantiated during the product prepersonalization, using the operating system
creates the MF / DF required for the BAC configuration.
The TOE life cycle is described in §4 TOE life cycle.
The TOE identification is described in §1.4 TOE technical identification.
MRTD EAC MRTD EAC w
PACE
MRTD PACE
IDL BAP & EAC IDL PACE IDL PACE & EAC
Public Security Target BAC
420, rue d’Estienne d’Orves -
a subset of the Block 1 MRTD
EAL4 + ADV_FSP.5 + ADV_INT.2 + ADV_TDS.4 + ALC_DVS.2 +
+ ADV_FSP.5 + ADV_INT.2 + ADV_TDS.4 + ALC_DVS.2 +
operating system that
MRTD PACE
IDL PACE & EAC
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Nota bene
The TOE scope encompasses the following features:
- Basic Access Control
- Active Authentication
- Chip Authentication
- Prepersonalization phase
Nevertheless, the TOE can embed
TOE and subject to an evaluation in other TOEs.
2.3 TOE usages
State or organisation issues MRTDs
associated rights. For instance, it can be used to check identity at customs in an MRTD configuration,
verifying authenticity of electronic visa stored on th
In order to pass successfully the control, the holder presents its personal
system to first prove his/her identity. The inspection system is under control of an authorised agent
and can be either a desktop device such as those present in airports or a portable device to be used
on the field.
The MRTD in context of this security target contains:
- Visual (eye readable) biographical data and portrait of the holder printed in the booklet
- A separate data summary (MRZ or keydoc data) for visual and machine reading using OCR
methods in the Machine Readable Zone (MRZ or keydoc area)
- And data elements stored on the TOE’s chip for contact
The authentication of the holder is bas
- The possession of a valid
on the biographical data page and
- The Biometric matching performed on the Inspection system using the reference data stored
in the MRTD.
When holder has been authenticated the issuing State or Organization can performed extra
authentications in order to gain rights required to grant access to some sensitive information such as
“visa information”…
The issuing State or Organization ensures the authenticity
receiving State trusts a genuine MRTD
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
The TOE scope encompasses the following features:
Prepersonalization phase
embed other secure functionalities, but they are not in the scope of this
TOE and subject to an evaluation in other TOEs.
MRTDs to be used by the holder to prove his/her identity and claiming
associated rights. For instance, it can be used to check identity at customs in an MRTD configuration,
verifying authenticity of electronic visa stored on the card and correspondence with the holder.
In order to pass successfully the control, the holder presents its personal MRTD
system to first prove his/her identity. The inspection system is under control of an authorised agent
either a desktop device such as those present in airports or a portable device to be used
in context of this security target contains:
Visual (eye readable) biographical data and portrait of the holder printed in the booklet
rate data summary (MRZ or keydoc data) for visual and machine reading using OCR
methods in the Machine Readable Zone (MRZ or keydoc area)
And data elements stored on the TOE’s chip for contact-less machine reading.
The authentication of the holder is based on:
The possession of a valid MRTD personalized for a holder with the claimed identity as given
on the biographical data page and
The Biometric matching performed on the Inspection system using the reference data stored
been authenticated the issuing State or Organization can performed extra
authentications in order to gain rights required to grant access to some sensitive information such as
The issuing State or Organization ensures the authenticity of the data of genuine
MRTD of an issuing State or Organization.
Public Security Target BAC
420, rue d’Estienne d’Orves -
other secure functionalities, but they are not in the scope of this
to be used by the holder to prove his/her identity and claiming
associated rights. For instance, it can be used to check identity at customs in an MRTD configuration,
e card and correspondence with the holder.
MRTD to the inspection
system to first prove his/her identity. The inspection system is under control of an authorised agent
either a desktop device such as those present in airports or a portable device to be used
Visual (eye readable) biographical data and portrait of the holder printed in the booklet
rate data summary (MRZ or keydoc data) for visual and machine reading using OCR
less machine reading.
personalized for a holder with the claimed identity as given
The Biometric matching performed on the Inspection system using the reference data stored
been authenticated the issuing State or Organization can performed extra
authentications in order to gain rights required to grant access to some sensitive information such as
of the data of genuine MRTDs. The
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
The MRTD can be viewed as the combination:
- A physical MRTD in form of paper or plastic with an embedded chip and possibly an antenna.
It presents visual readable data including (but not limited to) personal data of the
holder
o The biographical data on the biographical
o The printed data in the Machine
the device
o The printed portrait
- A logical MRTD as data of the
specified by ICAO and extended in
presents contact or contact
the MRTD holder
o The digital Machine Readable Zone Data (digita
o The digitized portraits
o The optional biometric refer
o The other data according to LDS (up to DG24)
o The Document security object
The issuing State or Organization implements security features of the
authenticity and integrity of the
chip is uniquely identified by the document number.
The physical MRTD is protected by physical security measures (e.g. watermark on paper, security
printing), logical (e.g. authentication keys of
(e.g. control of materials, personalization procedures). These security measures include the binding
of the MRTD’s chip to the physical support.
The logical MRTD is protected in authenticity and integr
document signer acting for the issuing State or Organization and the security features of the
chip.
2.4 TOE definition
The Target of Evaluation (TOE) is the contactless integrated circuit chip of machine
documents (MRTD’s chip) programmed according to the Logical Data Structure (LDS) and
the Basic Access Control according to ‘ICAO Doc 9303’.
The TOE comprises at least:
- Circuitry of the MRTD’s chip (the integrated circuit, IC)
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
can be viewed as the combination:
in form of paper or plastic with an embedded chip and possibly an antenna.
visual readable data including (but not limited to) personal data of the
The biographical data on the biographical data page of the passport book
The printed data in the Machine-Readable Zone (MRZ) or keydoc are
printed portrait
as data of the MRTD holder stored according to the Logical Data Structure as
specified by ICAO and extended in [R7], [R8], [R9] on the contactless integrat
presents contact or contact-less readable data including (but not limited to) personal data of
The digital Machine Readable Zone Data (digital MRZ data or keydoc data, DG1)
The digitized portraits
The optional biometric reference data of finger(s) or iris image(s) or both
The other data according to LDS (up to DG24)
The Document security object
The issuing State or Organization implements security features of the MRTD
authenticity and integrity of the MRTD and its data. The MRTD as the physical device and the MRTD’s
chip is uniquely identified by the document number.
is protected by physical security measures (e.g. watermark on paper, security
printing), logical (e.g. authentication keys of the MRTD’s chip) and organisational security measures
(e.g. control of materials, personalization procedures). These security measures include the binding
chip to the physical support.
is protected in authenticity and integrity by a digital signature created by the
document signer acting for the issuing State or Organization and the security features of the
The Target of Evaluation (TOE) is the contactless integrated circuit chip of machine
documents (MRTD’s chip) programmed according to the Logical Data Structure (LDS) and
according to ‘ICAO Doc 9303’.
ircuitry of the MRTD’s chip (the integrated circuit, IC)
Public Security Target BAC
420, rue d’Estienne d’Orves -
in form of paper or plastic with an embedded chip and possibly an antenna.
visual readable data including (but not limited to) personal data of the MRTD
data page of the passport book
Readable Zone (MRZ) or keydoc area that identifies
holder stored according to the Logical Data Structure as
on the contactless integrated circuit. It
less readable data including (but not limited to) personal data of
l MRZ data or keydoc data, DG1)
ence data of finger(s) or iris image(s) or both
MRTD to maintain the
as the physical device and the MRTD’s
is protected by physical security measures (e.g. watermark on paper, security
chip) and organisational security measures
(e.g. control of materials, personalization procedures). These security measures include the binding
ity by a digital signature created by the
document signer acting for the issuing State or Organization and the security features of the MRTD’s
The Target of Evaluation (TOE) is the contactless integrated circuit chip of machine readable travel
documents (MRTD’s chip) programmed according to the Logical Data Structure (LDS) and providing
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
- IC Dedicated Software with the parts IC Dedicated Test Software and IC Dedicated
Software
- IC Embedded Software (operating system)
- MRTD application
- Associated guidance documentation
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Dedicated Software with the parts IC Dedicated Test Software and IC Dedicated
IC Embedded Software (operating system)
sociated guidance documentation
Public Security Target BAC
420, rue d’Estienne d’Orves -
Dedicated Software with the parts IC Dedicated Test Software and IC Dedicated Support
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
3 TOE ARCHITECTURE
The TOE is a smartcard, composed of various modul
3.1 Integrated Circuit - NXP
The TOE is embedded on NXP chips, as presented in
More information on the chips are given in the related
Integrated
Circuit
Application
layer
Block 1: MRTD & IDL
BAC EAC
eDoc Application
Platform
layer
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
TOE ARCHITECTURE
The TOE is a smartcard, composed of various modules and composed of the following components:
Figure 3 - TOE architecture
NXP P60
The TOE is embedded on NXP chips, as presented in Table 3 - Chip Identification
More information on the chips are given in the related security targets.
NXP P60
Resident Application
Block
2
MRTD & IDL
EAC w
PACE
PACE
IDL BAP
IDL BAP &
EAC
IDL PACE
IDL PACE &
EAC
Low layer
Tools modules
Applicative modules
Operating System
Public Security Target BAC
420, rue d’Estienne d’Orves -
es and composed of the following components:
Chip Identification.
Block
3
Block
4
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
3.2 Low layer
The low layer developed by Oberthur Technologies provides an efficient and easy way to access chip
features from the applications. Indeed, it is based on services organized according to a multi
design which allows applications to u
The main features of the OS are the following:
- EEPROM management including secure data processing,
- Other memories management,
- Transaction management,
- APDU protocol management,
- Low level T=0 ; T=1 and T=CL management,
- Error processing,
- Advanced securities activation.
A dedicated cryptographic library has been developed and designed by Oberthur Technologies
provide the highest security level and best tuned performances. It provides the followi
Cryptographic Feature
SHA1, SHA-224, SHA-256, SHA-384 and SHA
RSA CRT from 1024, to 4096 bits (by steps of 256 bits)
- signature/verification
- key pair generation
RSA SFM from 1024 to 4096 bits (by steps of 256
- signature/verification
- key pair generation
ECC with key sizes from 192 to 521 bits
- signature/verification (ECDSA)
- key agreement (ECDH)
- key pair generation
3DES with 112 bits key size
AES with 128, 192, 256 key sizes
Random Generator compliant AIS31
Diffie Hellman from 1024 to 2048
- key agreement
- key generation
Integrated mapping over prime field and Elliptic curves
Table
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Oberthur Technologies provides an efficient and easy way to access chip
features from the applications. Indeed, it is based on services organized according to a multi
design which allows applications to use a high level interface completely independent of the chip.
The main features of the OS are the following:
EEPROM management including secure data processing,
Other memories management,
Transaction management,
APDU protocol management,
and T=CL management,
Advanced securities activation.
A dedicated cryptographic library has been developed and designed by Oberthur Technologies
provide the highest security level and best tuned performances. It provides the followi
Embedded
384 and SHA-512 bits
RSA CRT from 1024, to 4096 bits (by steps of 256 bits):
RSA SFM from 1024 to 4096 bits (by steps of 256 bits):
ECC with key sizes from 192 to 521 bits :
Generator compliant AIS31
Diffie Hellman from 1024 to 2048 :
Integrated mapping over prime field and Elliptic curves
Table 5 - OT Cryptographic library
Public Security Target BAC
420, rue d’Estienne d’Orves -
Oberthur Technologies provides an efficient and easy way to access chip
features from the applications. Indeed, it is based on services organized according to a multi-layer
se a high level interface completely independent of the chip.
A dedicated cryptographic library has been developed and designed by Oberthur Technologies to
provide the highest security level and best tuned performances. It provides the following algorithms:
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
More information is available in complete ST
3.3 Tools modules
The tools modules provide MRTD full EAC v2 product:
- File system compliant with ISO/IEC 7816
recommendations [R2].
- ISO Secure Messaging as specified in
- PIN and BIO access rights
- Asymmetric Keys Management as storage, signature, verification, DH and generation.
- Symmetric Key management
- Access Control for ‘Change MSK’ and ‘PUT KEY’ APDU
- Authentication and secure messa
Personalization phases, based on Global Platform standard
More information is available in
3.4 Applicative modules
The applicative modules provide MRTD full EAC v2 product:
- Chip Authentication version
ephemeral-static Diffie
communication and unilateral authentication of the MRTD chip
- Terminal Authentication
two move challenge-response protocol t
terminal.
- PACE Protocol as specified in
protocol that provides secure communication and explicit password
the MRTD chip and the terminal.
- Access Conditions Engine
object) with a current context (CH
documents such as eMRTD, iDL, eID and eSign, the application embeds ROMed access
condition rules.
- Another applicative module is the Digital Blurred Image (DBI) module. It allows the blurring
of a JPG or JPEG2000 file stored in a transparent file.
patents owned by Oberthur Technologies.
scope of this present certification.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
complete ST.
The tools modules provide MRTD full EAC v2 product:
compliant with ISO/IEC 7816-4 and ISO/IEC 7816-9. It is also compliant with ICAO
ISO Secure Messaging as specified in [R20] and as described in annex E of
PIN and BIO access rights management as presented in § 2.5 of [R40] and B.6 of
Asymmetric Keys Management as storage, signature, verification, DH and generation.
Symmetric Key management
Access Control for ‘Change MSK’ and ‘PUT KEY’ APDU
Authentication and secure messaging to be used during Prepersonalization and
Personalization phases, based on Global Platform standard
complete ST.
Applicative modules
The applicative modules provide MRTD full EAC v2 product:
version 1 as described in [R39] and version 2 as described in
static Diffie-Hellman key agreement protocol that provides secure
communication and unilateral authentication of the MRTD chip.
Authentication version 1 as described in [R39] and version 2 as described in
response protocol that provides explicit unilateral authentication of the
s specified in [R17], a password authenticated Diffie-Hellman key
protocol that provides secure communication and explicit password-based authentication of
the MRTD chip and the terminal.
Access Conditions Engine that checks the AC rules attached to an object (file, key, data
object) with a current context (CHA, Role ID…). For applications already defined by normative
documents such as eMRTD, iDL, eID and eSign, the application embeds ROMed access
Another applicative module is the Digital Blurred Image (DBI) module. It allows the blurring
JPG or JPEG2000 file stored in a transparent file. This feature is the implementation of
patents owned by Oberthur Technologies. This module is part of the TOE and outside the
scope of this present certification.
Public Security Target BAC
420, rue d’Estienne d’Orves -
9. It is also compliant with ICAO
and as described in annex E of [R41].
and B.6 of [R41]
Asymmetric Keys Management as storage, signature, verification, DH and generation.
Prepersonalization and
and version 2 as described in [R40], an
Hellman key agreement protocol that provides secure
and version 2 as described in [R40], a
hat provides explicit unilateral authentication of the
Hellman key agreement
based authentication of
checks the AC rules attached to an object (file, key, data
For applications already defined by normative
documents such as eMRTD, iDL, eID and eSign, the application embeds ROMed access
Another applicative module is the Digital Blurred Image (DBI) module. It allows the blurring
This feature is the implementation of
is part of the TOE and outside the
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
More information is available in
3.5 Operating System
This application manages the TOE in pre
configure the TOE in the expected way. It implements and control access to Key management (MSK,
LSK), File management including da
addressed in clear mode for secure environment or non
More information is available in
3.6 Application layer
Two kinds of dispatcher are availa
for Personalization Phase and for
used during the Use Phase of MRTD Applications.
The application layer also manages
or Active Authentication. The protocol for Basic Access Control is specified by ICAO
Control checks that the terminal has physical access to the MRTD’s data page. This is enforced by
requiring the terminal to derive an authentication key from the optically read MRZ of the MRTD. The
protocol for Basic Access Control i
This protocol is also used to generate session keys that are used to protect the con
integrity) of the transmitted data.
The inspection system:
- Reads the printed data in the MRZ (for MRTD),
- Authenticates itself as inspection system by means of keys derived from MRZ data.
After successful 3DES based authentication, the T
rights by means of a private communication (secure messaging) with the inspection system.
The protocol for Basic Access Control is specified by ICAO. Basic Access Control checks that the
terminal has physical access to the MRTD’s data page. This is enforced by requiring the terminal to
derive an authentication key from the optically read MRZ of the MRTD. The protocol for Basic Access
Control is based on ISO/IEC 11770
to generate session keys that are used to protect the confidentiality (and integrity) of the transmitted
data.
More information is available in
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
complete ST.
This application manages the TOE in pre-personalization and personalization phases in order to
configure the TOE in the expected way. It implements and control access to Key management (MSK,
File management including data reading and writing or additional code loading
in clear mode for secure environment or non-sensitive commands, using SCP02 or SCP03
More information is available in complete ST.
are available on the top of the product: the resident application
for administration during Use Phase and the eDoc
the Use Phase of MRTD Applications.
manages protocols available during Use phase such as Basic Access Control
The protocol for Basic Access Control is specified by ICAO
Control checks that the terminal has physical access to the MRTD’s data page. This is enforced by
requiring the terminal to derive an authentication key from the optically read MRZ of the MRTD. The
protocol for Basic Access Control is based on ISO/IEC 11770-2 [R36] key establishment mechanism 6.
This protocol is also used to generate session keys that are used to protect the con
integrity) of the transmitted data.
eads the printed data in the MRZ (for MRTD),
Authenticates itself as inspection system by means of keys derived from MRZ data.
After successful 3DES based authentication, the TOE provides read access to data requiring BAC
rights by means of a private communication (secure messaging) with the inspection system.
The protocol for Basic Access Control is specified by ICAO. Basic Access Control checks that the
access to the MRTD’s data page. This is enforced by requiring the terminal to
derive an authentication key from the optically read MRZ of the MRTD. The protocol for Basic Access
Control is based on ISO/IEC 11770-2 [R36] key establishment mechanism 6. This protocol is also used
to generate session keys that are used to protect the confidentiality (and integrity) of the transmitted
ion is available in complete ST.
Public Security Target BAC
420, rue d’Estienne d’Orves -
personalization and personalization phases in order to
configure the TOE in the expected way. It implements and control access to Key management (MSK,
dditional code loading. It can be
sing SCP02 or SCP03.
ble on the top of the product: the resident application that is used
eDoc application that is
protocols available during Use phase such as Basic Access Control
The protocol for Basic Access Control is specified by ICAO [R2]. Basic Access
Control checks that the terminal has physical access to the MRTD’s data page. This is enforced by
requiring the terminal to derive an authentication key from the optically read MRZ of the MRTD. The
key establishment mechanism 6.
This protocol is also used to generate session keys that are used to protect the confidentiality (and
Authenticates itself as inspection system by means of keys derived from MRZ data.
OE provides read access to data requiring BAC
rights by means of a private communication (secure messaging) with the inspection system.
The protocol for Basic Access Control is specified by ICAO. Basic Access Control checks that the
access to the MRTD’s data page. This is enforced by requiring the terminal to
derive an authentication key from the optically read MRZ of the MRTD. The protocol for Basic Access
key establishment mechanism 6. This protocol is also used
to generate session keys that are used to protect the confidentiality (and integrity) of the transmitted
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
4 TOE LIFE CYCLE
4.1 Life cycle overview
Figure
Phase 1
Phase 2
Phase 3
Phase 4
Phase 5
Phase 6
Phase 7
TOE delivery point
Card printing
Embedding
Software development
Patch development
IC photomask
fabrication
IC manufacturing
Application
End of life
Application
End usage
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Figure 4: Smartcard product life-cycle for the TOE
Testing
Testing
Testing
AGD PRE
Micromodule
Prepersonalization
Personalization
Software development
Patch development
photomask
fabrication
IC database
construction
IC manufacturing IC testing
Smartcard
End of life
Application
Smartcard
product
Application
AGD OPE
Public Security Target BAC
420, rue d’Estienne d’Orves -
ALC
phase
AGD
phase
USE
phase
AGD PRE
AGD OPE
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
The TOE life-cycle is described in terms of four life
life-cycle is additionally subdivided into 7 steps.)
Additional codes are identified in §
The table below presents the TOE role:
Roles Subject
IC developer NXP Semiconductors
IC manufacturer NXP Semiconductors
TOE developer Oberthur Technologies
Manufacturer NXP Semiconductors
Oberthur Technologies or another agent
Prepersonalizer Oberthur Technologies or another agent
Personalization Agent Oberthur Technologies or another agent
Table 6 - Roles identification on the life cycle
The table below presents the subjects following TOE life cycle steps in accordance with the standard
smart card life cycle [R10], the Pr
coverage:
Steps Phase Subject
Step 1
Development
Oberthur Technologies
Step 2 Development NXP Semiconductors
Step 3 Manufacturing NXP Semiconductors
TOE delivery point
Step 4
Manufacturing MRD
(Prepersonalizer)
Step 5
Manufacturing MRD
(Prepersonalizer)
Step 6 Personalization Personalization Agent
Step 7 Operational Use End user
Table 7 - Subjects identification following life cycle steps
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
cycle is described in terms of four life-cycle phases. (With respect to the
cycle is additionally subdivided into 7 steps.)
Additional codes are identified in §1.5.
The table below presents the TOE role:
Subject
NXP Semiconductors
Semiconductors
Oberthur Technologies
NXP Semiconductors
Oberthur Technologies or another agent
Oberthur Technologies or another agent
Oberthur Technologies or another agent
Roles identification on the life cycle
The table below presents the subjects following TOE life cycle steps in accordance with the standard
, the Protection Profile lifecycle in phases, the TOE delivery point and the
Subject Covered by
Oberthur Technologies ALC R&D sites
NXP Semiconductors IC certification
NXP Semiconductors IC certification
TOE delivery point
MRD Manufacturer
(Prepersonalizer)
AGD_PRE
MRD Manufacturer
(Prepersonalizer)
AGD_PRE
Personalization Agent AGD_PRE
End user AGD_OPE
Subjects identification following life cycle steps
Public Security Target BAC
420, rue d’Estienne d’Orves -
cycle phases. (With respect to the [R10], the TOE
The table below presents the subjects following TOE life cycle steps in accordance with the standard
ses, the TOE delivery point and the
Sites
Pessac and
Colombes
IC certification
IC certification
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
4.2 Phase 1 “Development”
(Step1) The TOE is developed in phase 1. The IC developer develops the integrated circuit, the IC
Dedicated Software and the guidance documentation associated with these TOE components.
(Step2) The TOE developer uses the guidance documentation for the integrated
guidance documentation for relevant parts of the IC Dedicated Software and develops the IC
Embedded Software (operating system), the MRTD application and the guidance documentation
associated with these TOE components.
The manufacturing documentation of the IC including the IC Dedicated Software and the Embedded
Software in the non-volatile non
manufacturer. The IC Embedded Software in the non
application and the guidance documentation is securely delivered to the Manufacturer.
4.3 Phase 2 “Manufacturing”
(Step3) In a first step the TOE integrated circuit is produced containing the travel document’s chip
Dedicated Software and the parts of the travel
volatile non-programmable memories (ROM). The IC manufacturer writes the IC Identification Data
onto the chip to control the IC as travel document material during the IC manufacturing and the
delivery process to the Manufacturer. The IC is securely delivered from the IC manufacture to the
Manufacturer. If necessary the IC manufacturer adds the parts of the IC Embedded Software in the
non-volatile programmable memories (for instance EEPROM). The IC manufacturer
data in EEPROM and keys (MSK, LSK).
(Step4) The Manufacturer combines the IC with hardware for the contact based / contactless
interface in the travel document unless the travel document consists of the card only.
(Step5) The Manufacturer (i) adds the IC Embedded Software or part of it and the additional source
code in the non-volatile programmable memories if necessary, (ii) creates the eMRTD application,
and (iii) equips travel document’s chips with pre
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Phase 1 “Development”
The TOE is developed in phase 1. The IC developer develops the integrated circuit, the IC
Dedicated Software and the guidance documentation associated with these TOE components.
developer uses the guidance documentation for the integrated
guidance documentation for relevant parts of the IC Dedicated Software and develops the IC
Embedded Software (operating system), the MRTD application and the guidance documentation
associated with these TOE components.
cumentation of the IC including the IC Dedicated Software and the Embedded
volatile non-programmable memories is securely delivered to the IC
manufacturer. The IC Embedded Software in the non-volatile programmable memories, the eMRTD
plication and the guidance documentation is securely delivered to the Manufacturer.
Phase 2 “Manufacturing”
(Step3) In a first step the TOE integrated circuit is produced containing the travel document’s chip
Dedicated Software and the parts of the travel document’s chip Embedded Software in the non
programmable memories (ROM). The IC manufacturer writes the IC Identification Data
onto the chip to control the IC as travel document material during the IC manufacturing and the
o the Manufacturer. The IC is securely delivered from the IC manufacture to the
Manufacturer. If necessary the IC manufacturer adds the parts of the IC Embedded Software in the
volatile programmable memories (for instance EEPROM). The IC manufacturer
data in EEPROM and keys (MSK, LSK).
TOE delivery point
(Step4) The Manufacturer combines the IC with hardware for the contact based / contactless
interface in the travel document unless the travel document consists of the card only.
(Step5) The Manufacturer (i) adds the IC Embedded Software or part of it and the additional source
volatile programmable memories if necessary, (ii) creates the eMRTD application,
and (iii) equips travel document’s chips with pre-personalization Data.
Public Security Target BAC
420, rue d’Estienne d’Orves -
The TOE is developed in phase 1. The IC developer develops the integrated circuit, the IC
Dedicated Software and the guidance documentation associated with these TOE components.
developer uses the guidance documentation for the integrated circuit and the
guidance documentation for relevant parts of the IC Dedicated Software and develops the IC
Embedded Software (operating system), the MRTD application and the guidance documentation
cumentation of the IC including the IC Dedicated Software and the Embedded
programmable memories is securely delivered to the IC
volatile programmable memories, the eMRTD
plication and the guidance documentation is securely delivered to the Manufacturer.
(Step3) In a first step the TOE integrated circuit is produced containing the travel document’s chip
document’s chip Embedded Software in the non-
programmable memories (ROM). The IC manufacturer writes the IC Identification Data
onto the chip to control the IC as travel document material during the IC manufacturing and the
o the Manufacturer. The IC is securely delivered from the IC manufacture to the
Manufacturer. If necessary the IC manufacturer adds the parts of the IC Embedded Software in the
volatile programmable memories (for instance EEPROM). The IC manufacturer add initialization
(Step4) The Manufacturer combines the IC with hardware for the contact based / contactless
interface in the travel document unless the travel document consists of the card only.
(Step5) The Manufacturer (i) adds the IC Embedded Software or part of it and the additional source
volatile programmable memories if necessary, (ii) creates the eMRTD application,
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
The pre-personalised travel document together with the IC Identifier is securely delivered from the
Manufacturer to the Personalization Agent
guidance documentation to the Personalizat
Additional code loading is performed in Prepersonalization phase.
[R45].
The additional code loading process is performed by the
the Command LOAD SECURE:
- Additional code generation
- MSK authentication
- LSK derivation
- Memory area definition
- Loading of the additional code
- Secure activation of the additional code
The additional code loading is performed before the creation of the MF file during
Prepersonalization.
Identification of the additional code loading is given in
Additional code generation
The additional code is generated by
signed. After generation, it is sent to the MRTD manufacturer to that it can load it
Loading of the additional code
The additional code is loaded in the (initial) TOE by the Prepersonalizer that shall authenticate itself
to the TOE beforehand. Upon reception, the (intial) TOE checks it has been generated by Oberthur
Technologies (by verifying the signature) before activating it.
Identification of the TOE
After successful loading and activation of the additional code, the TOE update its identification data
to reflects the presence of the additional code.
4.4 Phase 3 “Personalization of the travel document”
(Step6) The personalization of the travel document includes (i) the survey of the travel document
holder’s biographical data, (ii) the enrolment of the travel document holder biometric reference data
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
personalised travel document together with the IC Identifier is securely delivered from the
Personalization Agent. The Manufacturer also provides the relevant parts of the
Personalization Agent.
Additional code loading is performed in Prepersonalization phase. It is compliant to ANSSI Note 6
rocess is performed by the Prepersonalizer in the following steps, via
Additional code generation
Loading of the additional code
Secure activation of the additional code
additional code loading is performed before the creation of the MF file during
Identification of the additional code loading is given in Table 2 - TOE Technical Identification
generated by Oberthur Technologies: developped, compiled, ciphered and
sent to the MRTD manufacturer to that it can load it
The additional code is loaded in the (initial) TOE by the Prepersonalizer that shall authenticate itself
to the TOE beforehand. Upon reception, the (intial) TOE checks it has been generated by Oberthur
Technologies (by verifying the signature) before activating it.
After successful loading and activation of the additional code, the TOE update its identification data
to reflects the presence of the additional code.
“Personalization of the travel document”
(Step6) The personalization of the travel document includes (i) the survey of the travel document
holder’s biographical data, (ii) the enrolment of the travel document holder biometric reference data
Public Security Target BAC
420, rue d’Estienne d’Orves -
personalised travel document together with the IC Identifier is securely delivered from the
. The Manufacturer also provides the relevant parts of the
It is compliant to ANSSI Note 6
in the following steps, via
additional code loading is performed before the creation of the MF file during
TOE Technical Identification.
: developped, compiled, ciphered and
sent to the MRTD manufacturer to that it can load it in the (initial) TOE.
The additional code is loaded in the (initial) TOE by the Prepersonalizer that shall authenticate itself
to the TOE beforehand. Upon reception, the (intial) TOE checks it has been generated by Oberthur
After successful loading and activation of the additional code, the TOE update its identification data
(Step6) The personalization of the travel document includes (i) the survey of the travel document
holder’s biographical data, (ii) the enrolment of the travel document holder biometric reference data
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
(i.e. the digitized portraits and the optional biometric reference data), (iii) the personalization of the
visual readable data onto the physical part of the travel document, (iv) the writing of the TOE User
Data and TSF Data into the logical travel document and (v) conf
step (iv) is performed by the Personalization Agent
(i) the digital MRZ data (EF.DG1), (ii) the digitized portrait (EF.DG2), and (iii) the Document security
object. The signing of the Document security object by the Document signer finalizes the
personalization of the genuine travel document for the travel document holder. The personalised
travel document (together with appropriate guidance for TOE use if necessary) is
travel document holder for operational use.
4.5 Phase 4 “Operational Use”
(Step7) The TOE is used as a travel document's chip by the traveller and the inspection systems in the
“Operational Use” phase. The user data can be read according t
State or Organisation and can be used according to the security policy of the issuing State but they
can never be modified.
Note that the personalization process and its environment may depend on specific security need
an issuing State or Organisation. All production, generation and installation procedures after TOE
delivery up to the “Operational Use” (phase 4) have to be considered in the product evaluation
process under AGD assurance class. Therefore, the Securit
P.Manufact, P.Personalization and the related security objectives into aspects relevant before vs.
after TOE delivery. Some production steps, e.g. Step 4 in Phase 2 may also take place in the Phase 3.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
ized portraits and the optional biometric reference data), (iii) the personalization of the
visual readable data onto the physical part of the travel document, (iv) the writing of the TOE User
Data and TSF Data into the logical travel document and (v) configuration of the TSF if necessary. The
Personalization Agent and includes but is not limited to the creation of
(i) the digital MRZ data (EF.DG1), (ii) the digitized portrait (EF.DG2), and (iii) the Document security
he signing of the Document security object by the Document signer finalizes the
personalization of the genuine travel document for the travel document holder. The personalised
travel document (together with appropriate guidance for TOE use if necessary) is
travel document holder for operational use.
Phase 4 “Operational Use”
(Step7) The TOE is used as a travel document's chip by the traveller and the inspection systems in the
“Operational Use” phase. The user data can be read according to the security policy of the issuing
State or Organisation and can be used according to the security policy of the issuing State but they
Note that the personalization process and its environment may depend on specific security need
an issuing State or Organisation. All production, generation and installation procedures after TOE
delivery up to the “Operational Use” (phase 4) have to be considered in the product evaluation
process under AGD assurance class. Therefore, the Security Target has to outline the split up of
P.Manufact, P.Personalization and the related security objectives into aspects relevant before vs.
after TOE delivery. Some production steps, e.g. Step 4 in Phase 2 may also take place in the Phase 3.
Public Security Target BAC
420, rue d’Estienne d’Orves -
ized portraits and the optional biometric reference data), (iii) the personalization of the
visual readable data onto the physical part of the travel document, (iv) the writing of the TOE User
iguration of the TSF if necessary. The
and includes but is not limited to the creation of
(i) the digital MRZ data (EF.DG1), (ii) the digitized portrait (EF.DG2), and (iii) the Document security
he signing of the Document security object by the Document signer finalizes the
personalization of the genuine travel document for the travel document holder. The personalised
travel document (together with appropriate guidance for TOE use if necessary) is handed over to the
(Step7) The TOE is used as a travel document's chip by the traveller and the inspection systems in the
o the security policy of the issuing
State or Organisation and can be used according to the security policy of the issuing State but they
Note that the personalization process and its environment may depend on specific security needs of
an issuing State or Organisation. All production, generation and installation procedures after TOE
delivery up to the “Operational Use” (phase 4) have to be considered in the product evaluation
y Target has to outline the split up of
P.Manufact, P.Personalization and the related security objectives into aspects relevant before vs.
after TOE delivery. Some production steps, e.g. Step 4 in Phase 2 may also take place in the Phase 3.
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
5 CONFORMANCE CLAIMS
5.1 Common Criteria conformance
This Security Target (ST) claims conformance to the Common Criteria version 3.1 revision 4
[R43] and [R44].
The conformance to the CC is claime
CC Conformance rationale
Part 1 Strict conformance
Part 2
Conformance to the extended
- FAU_SAS.1 “Audit Storage”
- FCS_RND.1 “Quality metric for random numbers”
- FMT_LIM.1 “Limited capabilities”
- FMT_LIM.2 “Limited availability”
- FPT_EMS.1 “TOE Emanation”
- FIA_API.1 “Authentication Proof of Identity”
Part 3
Strict conformance to Part 3.
The product claims conformance to
- ALC_DVS.2 “Sufficiency of security measures”
- ADV_FSP.5 “Complete semi
information”
- ADV_INT.2 “Well
- ADV_TDS.4 “Semiformal modular design”
- ALC_CMS.5 “Development tools CM coverage”
- ALC_TAT.2 “Compliance with implementation standards”
- ATE_DPT.3 “Testing: modular design”
Remark
For interoperability reasons it is assumed the receiving state cares for sufficient measures against
eavesdropping within the operating environment of the inspection systems. Otherwise the TOE may
1
The rationale for SFR addition is described in the relative PP
2
This EAL and its augmentations correspond to an EAL5+ALC_DVS.2 where AVA_VAN level is downgraded to
AVA_VAN.3 following constraint of [R10] about MRZ/keydoc
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
CLAIMS
Common Criteria conformance
This Security Target (ST) claims conformance to the Common Criteria version 3.1 revision 4
The conformance to the CC is claimed as follows:
Conformance rationale
Conformance to the extended1
part:
“Audit Storage”
“Quality metric for random numbers”
“Limited capabilities”
“Limited availability”
“TOE Emanation”
“Authentication Proof of Identity”
Part 3.
The product claims conformance to EAL 4, augmented2
with:
“Sufficiency of security measures”
“Complete semi-formal functional specification with additional error
“Well-structured internals”
“Semiformal modular design”
“Development tools CM coverage”
“Compliance with implementation standards”
“Testing: modular design”
Table 8 - Conformance Rationale
For interoperability reasons it is assumed the receiving state cares for sufficient measures against
eavesdropping within the operating environment of the inspection systems. Otherwise the TOE may
The rationale for SFR addition is described in the relative PP
This EAL and its augmentations correspond to an EAL5+ALC_DVS.2 where AVA_VAN level is downgraded to
AVA_VAN.3 following constraint of [R10] about MRZ/keydoc entropy
Public Security Target BAC
420, rue d’Estienne d’Orves -
This Security Target (ST) claims conformance to the Common Criteria version 3.1 revision 4 [R42],
pecification with additional error
For interoperability reasons it is assumed the receiving state cares for sufficient measures against
eavesdropping within the operating environment of the inspection systems. Otherwise the TOE may
This EAL and its augmentations correspond to an EAL5+ALC_DVS.2 where AVA_VAN level is downgraded to
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
protect the confidentiality of some less sensitive assets (
which are also printed on the physical TOE) for some specific attacks only against enhanced basic
attack potential (AVA_VAN.3).
FPT_EMSEC.1 from the Protection Profile has been renamed to FPT_EMS.1, in order to keep
formatting.
FIA_API.1 has been added to this security target for the needs of the Chip Authentication Protocol,
that is described in the PP EAC.
5.1.1 Overview of the SFR defined in this ST
SFR are presented in § 9.1 Security Functional Requ
- SFR (/Global) that are global to the product (shared between the various TOE)
- SFR (/MP_Add_code) that are dedicated for the patch loading
- SFR (/MP) that are dedicated for the Manufacturing and Personalization phases
- SFR (/AA) that are dedicated for Active Authen
- SFR (/BAC) that are dedicated for Basic Access Control
- SFR (/CA) that are dedicated for Chip Authentication
The following table presents all the SFR defined in the ST with the generic notation.
SFR from the PP
FAU_SAS.1 ; FCS_CKM.1 ; FCS_CKM.4; FCS_COP.1
FIA_UAU.4 ; FIA_UAU.5 ; FIA_UAU.6 ; FIA_AFL.1 ; FDP_ACC.1
FMT_LIM.1 ; FMT_LIM.2 ; FMT_MTD.1/INI_ENA
FPT_EMS.1 ; FPT_FLS.1; FPT_TST.1; FPT_PHP.3
Section Additional SFR
MP
FCS_CKM.1/MP ; FCS_COP.1/MP ; FDP_ACC.2/MP ; FDP_ACF.1/MP ; FDP_ITC.1/MP ;
FDP_UCT.1/MP ; FDP_UIT.1/MP ; FIA_AFL.1/MP ; FIA_UAU.1/MP ; FIA_UID.1/MP ;
FIA_UAU.4/MP
FMT_MTD.1/MP_KEY_READ ;
MP Add code
FAU_STG.2/MP_Add_code ; FTP_ITC.1/MP_Add_code ; FCS_CKM.1/
FCS_COP.1/MP_Add_code
FMT_MTD.1/MP_KEY_READ_Add_code ; FMT_SMR.1/MP_Add_code
Active Authentication
FCS_COP.1/AA ; FDP_DAU.1/AA ; FDP_ITC.1/AA ; FMT_MTD.1/AA_KEY_READ ;
FMT_MOF.1/AA ;
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
protect the confidentiality of some less sensitive assets (e.g. the personal data of the TOE holder
which are also printed on the physical TOE) for some specific attacks only against enhanced basic
FPT_EMSEC.1 from the Protection Profile has been renamed to FPT_EMS.1, in order to keep
FIA_API.1 has been added to this security target for the needs of the Chip Authentication Protocol,
Overview of the SFR defined in this ST
Security Functional Requirements:
Global) that are global to the product (shared between the various TOE)
SFR (/MP_Add_code) that are dedicated for the patch loading
SFR (/MP) that are dedicated for the Manufacturing and Personalization phases
SFR (/AA) that are dedicated for Active Authentication
SFR (/BAC) that are dedicated for Basic Access Control
SFR (/CA) that are dedicated for Chip Authentication
The following table presents all the SFR defined in the ST with the generic notation.
FCS_COP.1/SHA ; FCS_COP.1/SYM ; FCS_COP.1/MAC ; FCS_RND.1 ; FIA_UID.1; FIA_UAU.1
FIA_AFL.1 ; FDP_ACC.1 ; FDP_ACF.1 ; FDP_UCT.1 ; FDP_UIT.1 ; FMT_SMF.1; FMT_SMR.1
FMT_MTD.1/INI_ENA ; FMT_MTD.1/INI_DIS ; FMT_MTD.1/KEY_WRITE ; FMT_MTD.1/KEY_READ
FPT_PHP.3
Table 9 -SFR from the PP
Additional SFR
FCS_CKM.1/MP ; FCS_COP.1/MP ; FDP_ACC.2/MP ; FDP_ACF.1/MP ; FDP_ITC.1/MP ;
FDP_UCT.1/MP ; FDP_UIT.1/MP ; FIA_AFL.1/MP ; FIA_UAU.1/MP ; FIA_UID.1/MP ;
FIA_UAU.4/MP ; FIA_UAU.5/MP ; FMT_MTD.1/MP ; FTP_ITC.1/MP ;
FMT_MTD.1/MP_KEY_READ ; FMT_MTD.1/MP_KEY_WRITE
FAU_STG.2/MP_Add_code ; FTP_ITC.1/MP_Add_code ; FCS_CKM.1/MP_Add_code
CS_COP.1/MP_Add_code ; FDP_UIT.1/MP_Add_code ; FMT_MTD.1/MP_Add_code ;
FMT_MTD.1/MP_KEY_READ_Add_code ; FMT_SMR.1/MP_Add_code
FCS_COP.1/AA ; FDP_DAU.1/AA ; FDP_ITC.1/AA ; FMT_MTD.1/AA_KEY_READ ;
FMT_MOF.1/AA ; FMT_MTD.1/AA_KEY_WRITE
Public Security Target BAC
420, rue d’Estienne d’Orves -
e.g. the personal data of the TOE holder
which are also printed on the physical TOE) for some specific attacks only against enhanced basic
FPT_EMSEC.1 from the Protection Profile has been renamed to FPT_EMS.1, in order to keep the SFR
FIA_API.1 has been added to this security target for the needs of the Chip Authentication Protocol,
Global) that are global to the product (shared between the various TOE)
SFR (/MP) that are dedicated for the Manufacturing and Personalization phases
The following table presents all the SFR defined in the ST with the generic notation.
FIA_UID.1; FIA_UAU.1 ;
; FMT_SMF.1; FMT_SMR.1;
; FMT_MTD.1/KEY_READ ;
FCS_CKM.1/MP ; FCS_COP.1/MP ; FDP_ACC.2/MP ; FDP_ACF.1/MP ; FDP_ITC.1/MP ;
FDP_UCT.1/MP ; FDP_UIT.1/MP ; FIA_AFL.1/MP ; FIA_UAU.1/MP ; FIA_UID.1/MP ;
MP_Add_code ;
FDP_UIT.1/MP_Add_code ; FMT_MTD.1/MP_Add_code ;
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Section Additional SFR
Chip Authentication
FIA_API.1/CA ; FSC_CKM.1/CA
FIA_UID.1/CA ; FPT_TST.1/CA
FDP_UCT.1/CA
5.1.2 Overview of the additional protocols
5.1.2.1 Chip Authentication
The Chip Authentication has been added to this Security Target in order to reinforce the BAC
authentication mechanism by ensuring the verification of
the TOE SPD has been refined and contains the following additions:
- Additional Threats: § 6.3.2
- Additional Objective: § 7.1.2
- Additional OE: § 7.2.2 OE
5.1.2.2 Active Authentication
The additional functionality of Active Authentication
related on-card generation of RSA and ECC keys.
It implies the following addition to the standard PP:
- Additional Threats: § 6.3.3
- Additional Objective: § 7.1.3
- Additional OE: § 7.2.3 OE for AA
5.1.2.3 Prepersonalization phase
The prepersonalization phase has been reinforced in this Security Target, with the following
elements.
This functionality is usable in phase 5 and phase 6. Once the product is locked, stated as
personalized, it is no more possible to perform this operation.
performed:
- Additional Threats: § 6.3.4
- Additional Objective: § 7.1.4
The TOE is compliant to the last version (draft) of ANSSI Note 6
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Additional SFR
; FSC_CKM.1/CA ; FCS_COP.1/CA ; FIA_UAU.1/CA ; FIA_UAU.5/CA ; FIA_UAU.6/CA
; FPT_TST.1/CA ; FMT_MTD.1/CA_KEY_WRITE ; FMT_MTD.1/CA_KEY_READ
FDP_UCT.1/CA ; FDP_UIT.1/CA
Table 10 - Additional SFR
Overview of the additional protocols
The Chip Authentication has been added to this Security Target in order to reinforce the BAC
authentication mechanism by ensuring the verification of the Card by the Terminal. For this addition,
the TOE SPD has been refined and contains the following additions:
6.3.2 Threats for CA
7.1.2 SO for CA
OE for CA
Active Authentication (AA) is based on the ICAO PKI V1.1 and the
of RSA and ECC keys.
the following addition to the standard PP:
6.3.3 Threats for AA
7.1.3 SO for AA
OE for AA
Prepersonalization phase
phase has been reinforced in this Security Target, with the following
This functionality is usable in phase 5 and phase 6. Once the product is locked, stated as
personalized, it is no more possible to perform this operation. The following additi
6.3.4 Threats for Note 6
7.1.4 SO for Note 6
The TOE is compliant to the last version (draft) of ANSSI Note 6 [R45].
Public Security Target BAC
420, rue d’Estienne d’Orves -
; FCS_COP.1/CA ; FIA_UAU.1/CA ; FIA_UAU.5/CA ; FIA_UAU.6/CA ;
; FMT_MTD.1/CA_KEY_READ ;
The Chip Authentication has been added to this Security Target in order to reinforce the BAC
the Card by the Terminal. For this addition,
(AA) is based on the ICAO PKI V1.1 and the
phase has been reinforced in this Security Target, with the following
This functionality is usable in phase 5 and phase 6. Once the product is locked, stated as
The following addition has been
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
5.2 Protection Profile conformance
The Security Target claims strict conformance to the following PP written in CC3.1 revision 2:
- Machine Readable Travel Documents with “ICAO Application”, Basic Access Control
5.3 Rationale for the additions
The rationales are available in the complete ST.
5.4 Non evaluated features
Some features may be part of the TOE but are not evaluated as they are not relevant for t
- Standard and biometric PIN management
- File system management
- PACE
- DBI
The TOE may also contain other applications such as eID, eSign, …..The current evaluation covers any
combination of application.
Last but not least, the TOE may also contain P
gain access to the TOE and its assets in the same manner as BAC, but resists to attacker with high
potential, unlike BAC (that only resists to attacker with moderate potential).
Strictly speaking, as PACE affects the TSF (access control policies,…) it should be included in the
evaluation. However, the evaluation of PACE will be fully performed through the evaluation of another
configuration of the TOE claiming conformance with [R30]. Therefore, PACE is cons
part of the TOE as non evaluated feature.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Protection Profile conformance
Target claims strict conformance to the following PP written in CC3.1 revision 2:
Machine Readable Travel Documents with “ICAO Application”, Basic Access Control
Rationale for the additions
The rationales are available in the complete ST.
Non evaluated features
may be part of the TOE but are not evaluated as they are not relevant for t
Standard and biometric PIN management
The TOE may also contain other applications such as eID, eSign, …..The current evaluation covers any
Last but not least, the TOE may also contain PACE together with BAC. PACE allows the terminal to
gain access to the TOE and its assets in the same manner as BAC, but resists to attacker with high
potential, unlike BAC (that only resists to attacker with moderate potential).
affects the TSF (access control policies,…) it should be included in the
evaluation. However, the evaluation of PACE will be fully performed through the evaluation of another
configuration of the TOE claiming conformance with [R30]. Therefore, PACE is cons
part of the TOE as non evaluated feature.
Public Security Target BAC
420, rue d’Estienne d’Orves -
Target claims strict conformance to the following PP written in CC3.1 revision 2:
Machine Readable Travel Documents with “ICAO Application”, Basic Access Control [R11].
may be part of the TOE but are not evaluated as they are not relevant for the TSFs:
The TOE may also contain other applications such as eID, eSign, …..The current evaluation covers any
ACE together with BAC. PACE allows the terminal to
gain access to the TOE and its assets in the same manner as BAC, but resists to attacker with high
affects the TSF (access control policies,…) it should be included in the
evaluation. However, the evaluation of PACE will be fully performed through the evaluation of another
configuration of the TOE claiming conformance with [R30]. Therefore, PACE is considered as being
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
6 SECURITY PROBLEM DEF
6.1 Subjects
6.1.1 PP BAC subjects
Manufacturer
The generic term for the IC Manufacturer producing the integrated circuit and the MRTD
Manufacturer completing the IC to the MRTD’s chip. The Manufacturer is the default user of the TOE
during the Phase 2 Manufacturing. The TOE does not distinguish between the users IC Manufacturer
and MRTD Manufacturer using this role Manufacturer.
Personalization Agent
The agent is acting on behalf of the issuing State or Organization to personalize the MRTD for the
holder by some or all of the following activities (i) establishing the identity the holder for the
biographic data in the MRTD, (ii) enrolling the biometric reference data of the MRTD holder i.e. the
portrait, the encoded finger image(s) and/or the encoded iris image(s) (iii) writing these data on the
physical and logical MRTD for the holder as defined for global, international
interoperability, (iv) writing the initial TSF data and (iv) signing the Document Security Object defined
in [R2].
Application Note
Personalization Agent is refered as the
Terminal
A terminal is any technical system communicating with the TOE through the contactless interface.
Inspection System (IS)
A technical system used by the border control officer of the receiving State (i) examining an MRTD
presented by the traveler and verifying its authenticity and (ii) verifying the traveler as MRTD holder.
The Basic Inspection System (BIS) (i) contains a termina
MRTD’s chip, (ii) implements the terminals part of the Basic Access Control Mechanism and (iii) gets
the authorization to read the logical MRTD under the Basic Access Control by optical reading the
MRTD or other parts of the passport book providing this information. The General Inspection System
(GIS) is a Basic Inspection System which implements additionally the
The Extended Inspection System (EIS) in addition to the General Inspec
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
SECURITY PROBLEM DEFINITION
The generic term for the IC Manufacturer producing the integrated circuit and the MRTD
completing the IC to the MRTD’s chip. The Manufacturer is the default user of the TOE
during the Phase 2 Manufacturing. The TOE does not distinguish between the users IC Manufacturer
and MRTD Manufacturer using this role Manufacturer.
The agent is acting on behalf of the issuing State or Organization to personalize the MRTD for the
holder by some or all of the following activities (i) establishing the identity the holder for the
TD, (ii) enrolling the biometric reference data of the MRTD holder i.e. the
portrait, the encoded finger image(s) and/or the encoded iris image(s) (iii) writing these data on the
physical and logical MRTD for the holder as defined for global, international
interoperability, (iv) writing the initial TSF data and (iv) signing the Document Security Object defined
Personalization Agent is refered as the Personalizer in the Security Target
A terminal is any technical system communicating with the TOE through the contactless interface.
chnical system used by the border control officer of the receiving State (i) examining an MRTD
presented by the traveler and verifying its authenticity and (ii) verifying the traveler as MRTD holder.
The Basic Inspection System (BIS) (i) contains a terminal for the contactless communication with the
MRTD’s chip, (ii) implements the terminals part of the Basic Access Control Mechanism and (iii) gets
the authorization to read the logical MRTD under the Basic Access Control by optical reading the
parts of the passport book providing this information. The General Inspection System
(GIS) is a Basic Inspection System which implements additionally the Chip Authentication
The Extended Inspection System (EIS) in addition to the General Inspection System (i) implements the
Public Security Target BAC
420, rue d’Estienne d’Orves -
The generic term for the IC Manufacturer producing the integrated circuit and the MRTD
completing the IC to the MRTD’s chip. The Manufacturer is the default user of the TOE
during the Phase 2 Manufacturing. The TOE does not distinguish between the users IC Manufacturer
The agent is acting on behalf of the issuing State or Organization to personalize the MRTD for the
holder by some or all of the following activities (i) establishing the identity the holder for the
TD, (ii) enrolling the biometric reference data of the MRTD holder i.e. the
portrait, the encoded finger image(s) and/or the encoded iris image(s) (iii) writing these data on the
physical and logical MRTD for the holder as defined for global, international and national
interoperability, (iv) writing the initial TSF data and (iv) signing the Document Security Object defined
A terminal is any technical system communicating with the TOE through the contactless interface.
chnical system used by the border control officer of the receiving State (i) examining an MRTD
presented by the traveler and verifying its authenticity and (ii) verifying the traveler as MRTD holder.
l for the contactless communication with the
MRTD’s chip, (ii) implements the terminals part of the Basic Access Control Mechanism and (iii) gets
the authorization to read the logical MRTD under the Basic Access Control by optical reading the
parts of the passport book providing this information. The General Inspection System
Chip Authentication Mechanism.
tion System (i) implements the
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Terminal Authentication Protocol and (ii) is authorized by the issuing State or Organization through
the Document Verifier of the receiving State to read the sensitive biometric reference data. The
security attributes of the EIS are defined of the Inspection System Certificates.
Application Note
This security target does not distinguish between the BIS, GIS and EIS because the Extended Access
Control is outside the scope.
MRTD Holder
The rightful holder of the MRTD for whom the issuing State or Organization personalized the MRTD.
Traveler
Person presenting the MRTD to the inspection system and claiming the identity of the MRTD holder.
Attacker
A threat agent trying (i) to identify and to trace the movement of the MRTD’s chip remotely (i.e.
without knowing or optically reading the printed MRZ data), (ii) to read or to manipulate the logical
MRTD without authorization, or (iii) to forge a genuine MRTD.
Application Note
An impostor is attacking the inspection system as TOE IT environment independent on using a
genuine, counterfeit or forged MRTD. Therefore the impostor may use results of successful attacks
against the TOE but the attack itself is not relevant for the TOE.
6.1.2 Additional Subjects
IC Developer
Developer of the IC.
TOE Developer
Developer of part of the TOE source code.
Prepersonalizer
Agent in charge of the Prepersonalization.
described in [R11].
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Terminal Authentication Protocol and (ii) is authorized by the issuing State or Organization through
the Document Verifier of the receiving State to read the sensitive biometric reference data. The
EIS are defined of the Inspection System Certificates.
does not distinguish between the BIS, GIS and EIS because the Extended Access
of the MRTD for whom the issuing State or Organization personalized the MRTD.
Person presenting the MRTD to the inspection system and claiming the identity of the MRTD holder.
) to identify and to trace the movement of the MRTD’s chip remotely (i.e.
without knowing or optically reading the printed MRZ data), (ii) to read or to manipulate the logical
MRTD without authorization, or (iii) to forge a genuine MRTD.
An impostor is attacking the inspection system as TOE IT environment independent on using a
genuine, counterfeit or forged MRTD. Therefore the impostor may use results of successful attacks
against the TOE but the attack itself is not relevant for the TOE.
Additional Subjects
Developer of part of the TOE source code.
Agent in charge of the Prepersonalization. This agent corresponds to the MRTD manufacturer as
Public Security Target BAC
420, rue d’Estienne d’Orves -
Terminal Authentication Protocol and (ii) is authorized by the issuing State or Organization through
the Document Verifier of the receiving State to read the sensitive biometric reference data. The
does not distinguish between the BIS, GIS and EIS because the Extended Access
of the MRTD for whom the issuing State or Organization personalized the MRTD.
Person presenting the MRTD to the inspection system and claiming the identity of the MRTD holder.
) to identify and to trace the movement of the MRTD’s chip remotely (i.e.
without knowing or optically reading the printed MRZ data), (ii) to read or to manipulate the logical
An impostor is attacking the inspection system as TOE IT environment independent on using a
genuine, counterfeit or forged MRTD. Therefore the impostor may use results of successful attacks
ent corresponds to the MRTD manufacturer as
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
6.2 Assets
Logical MRTD data
The logical MRTD data consists of the EF.COM, EF.DG1 to EF.DG16 (with different security needs) and
the Document Security Object EF.SOD
The EF.COM lists the existing elementary files (EF) with the user data. The EF.DG1 to E
EF.DG 16 contain personal data of the MRTD holder. The
EF.DG 14 is used by the inspection system for the
inspection system for Passive Authentication of the
The Active Authentication Public Key (AAPK) Info in DG 15 is used by the inspection system for
Authentication of the chip.
All these data may be sorted out in two different categories:
- If they are specific to the user, they are User da
- If they ensure the correct behaviour of the application, they are TSF Data.
User Data
CPLC Data
Personnal Data of the MRTD holder (EF.DGx,
except EF.DG15)
Document Security Object (SOD) in EF.SOD
Common data in EF.COM
Active Authentication Public Key in EF.DG15
(AAPK)
Chip Authentication Public Key in EF.DG14
(CAPK)
TSF Data
TOE_ID
Prepersonalizer reference authentication
data
Personalization Agent reference
authentication Data
Basic Access Control (BAC) Key
Active Authentication private key (AAK)
Chip Authentication private key (CAK)
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
The logical MRTD data consists of the EF.COM, EF.DG1 to EF.DG16 (with different security needs) and
the Document Security Object EF.SOD according to LDS [R2]. These data are user data of the TOE.
The EF.COM lists the existing elementary files (EF) with the user data. The EF.DG1 to E
EF.DG 16 contain personal data of the MRTD holder. The Chip Authentication
EF.DG 14 is used by the inspection system for the Chip Authentication. The EF.SOD is used by the
inspection system for Passive Authentication of the logical MRTD.
Public Key (AAPK) Info in DG 15 is used by the inspection system for
All these data may be sorted out in two different categories:
If they are specific to the user, they are User data
the correct behaviour of the application, they are TSF Data.
Description
Data uniquely identifying the chip. They are considered as user data as they
enable to track the holder
EF.DGx,
Contains identification data of the holder
Document Security Object (SOD) in EF.SOD
Contain a certicate ensuring the integrity of the file stored within the MRTD
and their authenticity. It ensures the data are issued by a genuine country
Declare the data the travel document contains. This data is optional and
may be absent in the TOE
Active Authentication Public Key in EF.DG15 Contains public data enabling to authenticate the chip thanks to an Active
Authentication
Public Key in EF.DG14 Contains public data enabling to authenticate the chip thanks t
Authentication Protocol
Table 11 - User Data
Description
Data enabling to identify the TOE
Prepersonalizer reference authentication
Private key enabling to authenticate the Prepersonalizer
Private key enabling to authenticate the Personalization Agent
Master keys used to established a trusted channel between the Basic
Inspection Terminal and the travel document
Private key the chip uses to perform an Active Authentication
Private key the chip uses to perform a Chip Authentication
Public Security Target BAC
420, rue d’Estienne d’Orves -
The logical MRTD data consists of the EF.COM, EF.DG1 to EF.DG16 (with different security needs) and
. These data are user data of the TOE.
The EF.COM lists the existing elementary files (EF) with the user data. The EF.DG1 to EF.DG13 and
Public Key (CAPK) in
. The EF.SOD is used by the
Public Key (AAPK) Info in DG 15 is used by the inspection system for Active
the correct behaviour of the application, they are TSF Data.
Data uniquely identifying the chip. They are considered as user data as they
ensuring the integrity of the file stored within the MRTD
and their authenticity. It ensures the data are issued by a genuine country
Declare the data the travel document contains. This data is optional and
Contains public data enabling to authenticate the chip thanks to an Active
Contains public data enabling to authenticate the chip thanks to an the Chip
Private key enabling to authenticate the Prepersonalizer
Private key enabling to authenticate the Personalization Agent
Master keys used to established a trusted channel between the Basic
Private key the chip uses to perform an Active Authentication
Chip Authentication
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
TSF Data
Session keys for the secure channel
Life Cycle State
Additional Code
Authenticity of the MRTD's chip
The authenticity of the MRTD's chip personalized by
holder is used by the traveler to prove his possession of a genuine MRTD.
6.3 Threats
This section describes the threats to be averted by the TOE independently or in collaboration with its
IT environment. These threats result from the TOE method of use in the operational environment
and the assets stored in or protected by the TOE.
6.3.1 Threats from the PP BAC
T.Chip_ID
Adverse action: An attacker trying to trace the movement of the MRTD by
MRTD’s chip by establishing or listening to communications through the contactless communication
interface.
Threat agent: having enhanced basic attack potential, not knowing the optically readable MRZ data
printed on the MRTD data page in advance
Asset: Anonymity of user
T.Skimming
Adverse action: An attacker imitates an inspection system trying to establish a communication to
read the logical MRTD or parts of it via the contactless communication channel of the
Threat agent: having enhanced basic attack potential, not knowing the optically readable MRZ data
printed on the MRTD data page in advance.
Asset: confidentiality of logical MRTD data.
T.Eavesdropping
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Description
Session keys used to protect the communication in confidentiality,
authenticity and integrity
Life Cycle state of the TOE
Additional code to be loaded on the initial TOE during prepersonalization by
the Prepersonalizer. The loading of the additional code on the initial TOE
constitures the final TOE
Table 12 - TSF Data
Authenticity of the MRTD's chip
The authenticity of the MRTD's chip personalized by the issuing State or Organization for the MRTD
holder is used by the traveler to prove his possession of a genuine MRTD.
This section describes the threats to be averted by the TOE independently or in collaboration with its
hreats result from the TOE method of use in the operational environment
and the assets stored in or protected by the TOE.
Threats from the PP BAC
: An attacker trying to trace the movement of the MRTD by identifying remotely the
MRTD’s chip by establishing or listening to communications through the contactless communication
: having enhanced basic attack potential, not knowing the optically readable MRZ data
page in advance
: An attacker imitates an inspection system trying to establish a communication to
read the logical MRTD or parts of it via the contactless communication channel of the
: having enhanced basic attack potential, not knowing the optically readable MRZ data
printed on the MRTD data page in advance.
: confidentiality of logical MRTD data.
Public Security Target BAC
420, rue d’Estienne d’Orves -
used to protect the communication in confidentiality,
Additional code to be loaded on the initial TOE during prepersonalization by
. The loading of the additional code on the initial TOE
the issuing State or Organization for the MRTD
This section describes the threats to be averted by the TOE independently or in collaboration with its
hreats result from the TOE method of use in the operational environment
identifying remotely the
MRTD’s chip by establishing or listening to communications through the contactless communication
: having enhanced basic attack potential, not knowing the optically readable MRZ data
: An attacker imitates an inspection system trying to establish a communication to
read the logical MRTD or parts of it via the contactless communication channel of the TOE.
: having enhanced basic attack potential, not knowing the optically readable MRZ data
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Adverse action: An attacker is listening to an existing communication between the MRTD’s chip and
an inspection system to gain the logical MRTD or parts of it. The inspection system uses the MRZ data
printed on the MRTD data page but the attacker does not know these data in advan
Threat agent: having enhanced basic attack potential, not knowing the optically readable MRZ data
printed on the MRTD data page in advance.
Asset: confidentiality of logical MRTD data.
T.Forgery
Adverse action: An attacker alters fr
including its security related data in order to deceive on an inspection system by means of the
changed MRTD holder"s identity or biometric reference data. This threat comprises several attack
scenarios of MRTD forgery. The attacker may alter the biographical data on the biographical data
page of the passport book, in the printed MRZ and in the digital MRZ to claim another identity of the
traveler. The attacker may alter the printed portrait and
inspection of the inspection officer and the automated biometric authentication mechanism by face
recognition. The attacker may alter the biometric reference data to defeat automated biometric
authentication mechanism of the inspection system. The attacker may combine data groups of
different logical MRTDs to create a new forged MRTD, e.g. the attacker writes the digitized portrait
and optional biometric reference finger data read from the logical MRTD of a trav
MRTD’s chip leaving their digital MRZ unchanged to claim the identity of the holder this MRTD. The
attacker may also copy the complete unchanged logical MRTD to another contactless chip.
Threat agent: having enhanced basic attack potentia
MRTDs.
Asset: authenticity of logical MRTD data.
T.Abuse-Func
Adverse action: An attacker may use functions of the TOE which shall not be used in the phase
"Operational Use" in order (i) to manipulate User Data, (ii) to manipulate (explore, bypass, deactivate
or change) security features or functions of the TOE or (iii) to disclose or to manipulate TSF Data.
This threat addresses the misuse of the functions for the initialization and th
operational state after delivery to MRTD holder.
Threat agent: having enhanced basic attack potential, being in possession of a legitimate MRTD.
Asset: confidentiality and authenticity of logical MRTD and TSF data, correctness of
T.Information_Leakage
Adverse action: An attacker may exploit information which is leaked from the TOE during its usage in
order to disclose confidential TSF data. The information leakage may be inherent in the normal
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
ker is listening to an existing communication between the MRTD’s chip and
an inspection system to gain the logical MRTD or parts of it. The inspection system uses the MRZ data
printed on the MRTD data page but the attacker does not know these data in advan
: having enhanced basic attack potential, not knowing the optically readable MRZ data
printed on the MRTD data page in advance.
: confidentiality of logical MRTD data.
: An attacker alters fraudulently the complete stored logical MRTD or any part of it
including its security related data in order to deceive on an inspection system by means of the
changed MRTD holder"s identity or biometric reference data. This threat comprises several attack
cenarios of MRTD forgery. The attacker may alter the biographical data on the biographical data
page of the passport book, in the printed MRZ and in the digital MRZ to claim another identity of the
traveler. The attacker may alter the printed portrait and the digitized portrait to overcome the visual
inspection of the inspection officer and the automated biometric authentication mechanism by face
recognition. The attacker may alter the biometric reference data to defeat automated biometric
chanism of the inspection system. The attacker may combine data groups of
different logical MRTDs to create a new forged MRTD, e.g. the attacker writes the digitized portrait
and optional biometric reference finger data read from the logical MRTD of a trav
MRTD’s chip leaving their digital MRZ unchanged to claim the identity of the holder this MRTD. The
attacker may also copy the complete unchanged logical MRTD to another contactless chip.
: having enhanced basic attack potential, being in possession of one or more legitimate
: authenticity of logical MRTD data.
: An attacker may use functions of the TOE which shall not be used in the phase
i) to manipulate User Data, (ii) to manipulate (explore, bypass, deactivate
or change) security features or functions of the TOE or (iii) to disclose or to manipulate TSF Data.
This threat addresses the misuse of the functions for the initialization and the personalization in the
operational state after delivery to MRTD holder.
: having enhanced basic attack potential, being in possession of a legitimate MRTD.
: confidentiality and authenticity of logical MRTD and TSF data, correctness of
: An attacker may exploit information which is leaked from the TOE during its usage in
order to disclose confidential TSF data. The information leakage may be inherent in the normal
Public Security Target BAC
420, rue d’Estienne d’Orves -
ker is listening to an existing communication between the MRTD’s chip and
an inspection system to gain the logical MRTD or parts of it. The inspection system uses the MRZ data
printed on the MRTD data page but the attacker does not know these data in advance.
: having enhanced basic attack potential, not knowing the optically readable MRZ data
audulently the complete stored logical MRTD or any part of it
including its security related data in order to deceive on an inspection system by means of the
changed MRTD holder"s identity or biometric reference data. This threat comprises several attack
cenarios of MRTD forgery. The attacker may alter the biographical data on the biographical data
page of the passport book, in the printed MRZ and in the digital MRZ to claim another identity of the
the digitized portrait to overcome the visual
inspection of the inspection officer and the automated biometric authentication mechanism by face
recognition. The attacker may alter the biometric reference data to defeat automated biometric
chanism of the inspection system. The attacker may combine data groups of
different logical MRTDs to create a new forged MRTD, e.g. the attacker writes the digitized portrait
and optional biometric reference finger data read from the logical MRTD of a traveler into another
MRTD’s chip leaving their digital MRZ unchanged to claim the identity of the holder this MRTD. The
attacker may also copy the complete unchanged logical MRTD to another contactless chip.
l, being in possession of one or more legitimate
: An attacker may use functions of the TOE which shall not be used in the phase
i) to manipulate User Data, (ii) to manipulate (explore, bypass, deactivate
or change) security features or functions of the TOE or (iii) to disclose or to manipulate TSF Data.
e personalization in the
: having enhanced basic attack potential, being in possession of a legitimate MRTD.
: confidentiality and authenticity of logical MRTD and TSF data, correctness of TSF.
: An attacker may exploit information which is leaked from the TOE during its usage in
order to disclose confidential TSF data. The information leakage may be inherent in the normal
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
operation or caused by the attacker. Leakage may occur through emanations, variations in power
consumption, I/O characteristics, clock frequency, or by changes in processing time requirements.
This leakage may be interpreted as a covert channel transmissio
measurement of operating parameters, which may be derived either from measurements of the
contactless interface (emanation) or direct measurements (by contact to the chip still available even
for a contactless chip) and can then be related to the specific operation being performed. Examples
are the Differential Electromagnetic Analysis (DEMA) and the Differential Power Analysis (DPA).
Moreover the attacker may try actively to enforce information leakage by fault injection (e
Differential Fault Analysis).
Threat agent: having enhanced basic attack potential, being in possession of a legitimate MRTD.
Asset: confidentiality of logical MRTD and TSF data.
T.Phys-Tamper
Adverse action: An attacker may per
TSF Data or (ii) to disclose/reconstruct the MRTD’s chip Embedded Software. An attacker may
physically modify the MRTD’s chip in order to (i) modify security features or functions of the MRT
chip, (ii) modify security functions of the MRTD’s chip Embedded Software, (iii) modify User Data or
(iv) to modify TSF data.
The physical tampering may be focused directly on the disclosure or manipulation of TOE User Data
(e.g. the biometric reference data for the inspection system) or TSF Data (e.g. authentication key of
the MRTD’s chip) or indirectly by preparation of the TOE to following attack methods by modification
of security features (e.g. to enable information leakage through power analysis).
requires direct interaction with the MRTD’s chip internals. Techniques commonly employed in IC
failure analysis and IC reverse engineering efforts may be used. Before that, the hardware security
mechanisms and layout characteristics nee
including treatment of User Data and TSF Data may also be a pre
result in the deactivation of a security function. Changes of circuitry or data can be permanent or
temporary.
Threat agent: having enhanced basic attack potential, being in possession of a legitimate MRTD.
Asset: confidentiality and authenticity of logical MRTD and TSF data, correctness of TSF.
T.Malfunction
Adverse action: An attacker may cause a malfunction of TSF or of the MRTD’s chip Embedded
Software by applying environmental stress in order to (i) deactivate or modify security features or
functions of the TOE or (ii) circumvent, deactivate or modify security functions of the MRTD’s
Embedded Software.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
operation or caused by the attacker. Leakage may occur through emanations, variations in power
consumption, I/O characteristics, clock frequency, or by changes in processing time requirements.
This leakage may be interpreted as a covert channel transmission but is more closely related to
measurement of operating parameters, which may be derived either from measurements of the
contactless interface (emanation) or direct measurements (by contact to the chip still available even
then be related to the specific operation being performed. Examples
are the Differential Electromagnetic Analysis (DEMA) and the Differential Power Analysis (DPA).
Moreover the attacker may try actively to enforce information leakage by fault injection (e
: having enhanced basic attack potential, being in possession of a legitimate MRTD.
: confidentiality of logical MRTD and TSF data.
: An attacker may perform physical probing of the MRTD’s chip in order (i) to disclose
TSF Data or (ii) to disclose/reconstruct the MRTD’s chip Embedded Software. An attacker may
physically modify the MRTD’s chip in order to (i) modify security features or functions of the MRT
chip, (ii) modify security functions of the MRTD’s chip Embedded Software, (iii) modify User Data or
The physical tampering may be focused directly on the disclosure or manipulation of TOE User Data
e data for the inspection system) or TSF Data (e.g. authentication key of
the MRTD’s chip) or indirectly by preparation of the TOE to following attack methods by modification
of security features (e.g. to enable information leakage through power analysis).
requires direct interaction with the MRTD’s chip internals. Techniques commonly employed in IC
failure analysis and IC reverse engineering efforts may be used. Before that, the hardware security
mechanisms and layout characteristics need to be identified. Determination of software design
including treatment of User Data and TSF Data may also be a pre-requisite. The modification may
result in the deactivation of a security function. Changes of circuitry or data can be permanent or
: having enhanced basic attack potential, being in possession of a legitimate MRTD.
: confidentiality and authenticity of logical MRTD and TSF data, correctness of TSF.
may cause a malfunction of TSF or of the MRTD’s chip Embedded
Software by applying environmental stress in order to (i) deactivate or modify security features or
functions of the TOE or (ii) circumvent, deactivate or modify security functions of the MRTD’s
Public Security Target BAC
420, rue d’Estienne d’Orves -
operation or caused by the attacker. Leakage may occur through emanations, variations in power
consumption, I/O characteristics, clock frequency, or by changes in processing time requirements.
n but is more closely related to
measurement of operating parameters, which may be derived either from measurements of the
contactless interface (emanation) or direct measurements (by contact to the chip still available even
then be related to the specific operation being performed. Examples
are the Differential Electromagnetic Analysis (DEMA) and the Differential Power Analysis (DPA).
Moreover the attacker may try actively to enforce information leakage by fault injection (e.g.
: having enhanced basic attack potential, being in possession of a legitimate MRTD.
form physical probing of the MRTD’s chip in order (i) to disclose
TSF Data or (ii) to disclose/reconstruct the MRTD’s chip Embedded Software. An attacker may
physically modify the MRTD’s chip in order to (i) modify security features or functions of the MRTD’s
chip, (ii) modify security functions of the MRTD’s chip Embedded Software, (iii) modify User Data or
The physical tampering may be focused directly on the disclosure or manipulation of TOE User Data
e data for the inspection system) or TSF Data (e.g. authentication key of
the MRTD’s chip) or indirectly by preparation of the TOE to following attack methods by modification
of security features (e.g. to enable information leakage through power analysis). Physical tampering
requires direct interaction with the MRTD’s chip internals. Techniques commonly employed in IC
failure analysis and IC reverse engineering efforts may be used. Before that, the hardware security
d to be identified. Determination of software design
requisite. The modification may
result in the deactivation of a security function. Changes of circuitry or data can be permanent or
: having enhanced basic attack potential, being in possession of a legitimate MRTD.
: confidentiality and authenticity of logical MRTD and TSF data, correctness of TSF.
may cause a malfunction of TSF or of the MRTD’s chip Embedded
Software by applying environmental stress in order to (i) deactivate or modify security features or
functions of the TOE or (ii) circumvent, deactivate or modify security functions of the MRTD’s chip
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
This may be achieved e.g. by operating the MRTD’s chip outside the normal operating conditions,
exploiting errors in the MRTD’s chip Embedded Software or misusing administration function. To
exploit these vulnerabilities an attacke
Threat agent: having enhanced basic attack potential, being in possession of a legitimate MRTD.
Asset: confidentiality and authenticity of logical MRTD and TSF data, correctness of TSF.
6.3.2 Threats for CA
T.Counterfeit
Adverse action: An attacker with high attack potential produces an unauthorized copy or
reproduction of a genuine MRTD's chip to be used as part of a counterfeit MRTD. This violates the
authenticity of the MRTD's chip us
attacker may generate a new data set or extract completely or partially the data from a genuine
MRTD's chip and copy them on another appropriate chip to imitate this genuine MRTD's chip.
Threat agent: having high attack potential, being in possession of one or more legitimate
Asset: authenticity of logical MRTD data
6.3.3 Threats for AA
T.Counterfeit
6.3.4 Threats for Note 6
T.Unauthorized_Load
Adverse action: An attacker tries to load an additional code that is not intended to be assembled with
the initial TOE, ie the evidence of authenticity or integrity is not correct.
Threat agent: having high attack potential, knowing the MSK, LSK and deri
possession of a legitimate MRTD
Asset: Logical MRTD data
T.Bad_Activation
Adverse action: An attacker tries to perturbate the additional code activation such as the final TOE is
different than the expected one (initial TOE or perturbated TOE).
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
This may be achieved e.g. by operating the MRTD’s chip outside the normal operating conditions,
exploiting errors in the MRTD’s chip Embedded Software or misusing administration function. To
exploit these vulnerabilities an attacker needs information about the functional operation.
: having enhanced basic attack potential, being in possession of a legitimate MRTD.
: confidentiality and authenticity of logical MRTD and TSF data, correctness of TSF.
An attacker with high attack potential produces an unauthorized copy or
reproduction of a genuine MRTD's chip to be used as part of a counterfeit MRTD. This violates the
authenticity of the MRTD's chip used for authentication of a traveller by possession of a MRTD. The
attacker may generate a new data set or extract completely or partially the data from a genuine
MRTD's chip and copy them on another appropriate chip to imitate this genuine MRTD's chip.
having high attack potential, being in possession of one or more legitimate
authenticity of logical MRTD data
Threats for Note 6
An attacker tries to load an additional code that is not intended to be assembled with
the initial TOE, ie the evidence of authenticity or integrity is not correct.
having high attack potential, knowing the MSK, LSK and derivation data, being in
possession of a legitimate MRTD
An attacker tries to perturbate the additional code activation such as the final TOE is
ne (initial TOE or perturbated TOE).
Public Security Target BAC
420, rue d’Estienne d’Orves -
This may be achieved e.g. by operating the MRTD’s chip outside the normal operating conditions,
exploiting errors in the MRTD’s chip Embedded Software or misusing administration function. To
r needs information about the functional operation.
: having enhanced basic attack potential, being in possession of a legitimate MRTD.
: confidentiality and authenticity of logical MRTD and TSF data, correctness of TSF.
An attacker with high attack potential produces an unauthorized copy or
reproduction of a genuine MRTD's chip to be used as part of a counterfeit MRTD. This violates the
ed for authentication of a traveller by possession of a MRTD. The
attacker may generate a new data set or extract completely or partially the data from a genuine
MRTD's chip and copy them on another appropriate chip to imitate this genuine MRTD's chip.
having high attack potential, being in possession of one or more legitimate MRTDs
An attacker tries to load an additional code that is not intended to be assembled with
vation data, being in
An attacker tries to perturbate the additional code activation such as the final TOE is
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Threat agent: having high attack potential, knowing the MSK, LSK and derivation data, being in
possession of a legitimate MRTD, being in possession of an additional code that is authorized to be
load
Asset: Logical MRTD data
T.TOE_Identification_Forgery
Adverse action: An attacker tries to perturbate the TOE identification and in particular the additional
code identification.
Threat agent: having high attack potential, being in poss
Asset: TOE_ID
Application Note
This threat is not applicable in phase 7, as the TOE identification is not possible in phase 7.
6.4 Organisational Security Policies
6.4.1 OSP from PP BAC
P.Manufact
The Initialization Data are written by the IC Manufacturer to identify the IC uniquely. The MRTD
Manufacturer writes the Pre-personalization Data which contains at least the
Key.
P.Personalization
The issuing State or Organization guarantees the correctness of the biographical data, the printed
portrait and the digitized portrait, the biometric reference data and other data of the logical MRTD
with respect to the MRTD holder. The personalization of the MRTD
agent authorized by the issuing State or Organization only.
P.Personal_Data
The biographical data and their summary printed in the MRZ and stored on the MRTD’s chip
(EF.DG1), the printed portrait and the digitized portrait (EF.DG2), the biometric reference data of
finger(s) (EF.DG3), the biometric reference data of iris image(s) (EF.DG4)3 and data according to LDS
(EF.DG5 to EF.DG13, EF.DG16) stored on the MRTD’s chip are personal data of the MRTD
These data groups are intended to be used only with agreement of the MRTD holder by inspection
systems to which the MRTD is presented. The MRTD’s chip shall provide the possibility for the Basic
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
having high attack potential, knowing the MSK, LSK and derivation data, being in
possession of a legitimate MRTD, being in possession of an additional code that is authorized to be
An attacker tries to perturbate the TOE identification and in particular the additional
having high attack potential, being in possession of a legitimate MRTD
This threat is not applicable in phase 7, as the TOE identification is not possible in phase 7.
Organisational Security Policies
The Initialization Data are written by the IC Manufacturer to identify the IC uniquely. The MRTD
personalization Data which contains at least the Personalization Agent
ng State or Organization guarantees the correctness of the biographical data, the printed
portrait and the digitized portrait, the biometric reference data and other data of the logical MRTD
with respect to the MRTD holder. The personalization of the MRTD for the holder is performed by an
agent authorized by the issuing State or Organization only.
The biographical data and their summary printed in the MRZ and stored on the MRTD’s chip
and the digitized portrait (EF.DG2), the biometric reference data of
finger(s) (EF.DG3), the biometric reference data of iris image(s) (EF.DG4)3 and data according to LDS
(EF.DG5 to EF.DG13, EF.DG16) stored on the MRTD’s chip are personal data of the MRTD
These data groups are intended to be used only with agreement of the MRTD holder by inspection
systems to which the MRTD is presented. The MRTD’s chip shall provide the possibility for the Basic
Public Security Target BAC
420, rue d’Estienne d’Orves -
having high attack potential, knowing the MSK, LSK and derivation data, being in
possession of a legitimate MRTD, being in possession of an additional code that is authorized to be
An attacker tries to perturbate the TOE identification and in particular the additional
ession of a legitimate MRTD
This threat is not applicable in phase 7, as the TOE identification is not possible in phase 7.
The Initialization Data are written by the IC Manufacturer to identify the IC uniquely. The MRTD
Personalization Agent
ng State or Organization guarantees the correctness of the biographical data, the printed
portrait and the digitized portrait, the biometric reference data and other data of the logical MRTD
for the holder is performed by an
The biographical data and their summary printed in the MRZ and stored on the MRTD’s chip
and the digitized portrait (EF.DG2), the biometric reference data of
finger(s) (EF.DG3), the biometric reference data of iris image(s) (EF.DG4)3 and data according to LDS
(EF.DG5 to EF.DG13, EF.DG16) stored on the MRTD’s chip are personal data of the MRTD holder.
These data groups are intended to be used only with agreement of the MRTD holder by inspection
systems to which the MRTD is presented. The MRTD’s chip shall provide the possibility for the Basic
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Access Control to allow read access to these data onl
on knowledge of the Document Basic Access Keys as defined in
6.4.2 OSP for CA
P.Chip_Auth
The terminal implements the Chip Authentication
6.4.3 OSP for AA
P.Activ_Auth
The terminal implements the Active Authentication
6.5 Assumptions
The assumptions describe the security aspects of the environment in which the TOE will be used or is
intended to be used.
6.5.1 Assumptions from PP BAC
A.MRTD_Manufact
It is assumed that appropriate functionality testing of the MRTD is used. It is assumed that security
procedures are used during all manufacturing and test operations to maintain confidentiality and
integrity of the MRTD and of its manufacturing
modification, retention, theft or unauthorized use).
A.MRTD_Delivery
Procedures shall guarantee the control of the TOE delivery and storage process and conformance to
its objectives:
- Procedures shall ensure protection of TOE material/information under delivery and storage.
- Procedures shall ensure that corrective actions are taken in case of improper operation in
the delivery process and storage.
- Procedures shall ensure that people deal
required skill.
A.Pers_Agent
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Access Control to allow read access to these data only for terminals successfully authenticated based
on knowledge of the Document Basic Access Keys as defined in [R11].
Chip Authentication protocol as described in [R39].
Active Authentication protocol as described in [R39]
The assumptions describe the security aspects of the environment in which the TOE will be used or is
Assumptions from PP BAC
It is assumed that appropriate functionality testing of the MRTD is used. It is assumed that security
procedures are used during all manufacturing and test operations to maintain confidentiality and
integrity of the MRTD and of its manufacturing and test data (to prevent any possible copy,
modification, retention, theft or unauthorized use).
Procedures shall guarantee the control of the TOE delivery and storage process and conformance to
Procedures shall ensure protection of TOE material/information under delivery and storage.
Procedures shall ensure that corrective actions are taken in case of improper operation in
the delivery process and storage.
Procedures shall ensure that people dealing with the procedure for delivery have got the
Public Security Target BAC
420, rue d’Estienne d’Orves -
y for terminals successfully authenticated based
.
[R39].
The assumptions describe the security aspects of the environment in which the TOE will be used or is
It is assumed that appropriate functionality testing of the MRTD is used. It is assumed that security
procedures are used during all manufacturing and test operations to maintain confidentiality and
and test data (to prevent any possible copy,
Procedures shall guarantee the control of the TOE delivery and storage process and conformance to
Procedures shall ensure protection of TOE material/information under delivery and storage.
Procedures shall ensure that corrective actions are taken in case of improper operation in
ing with the procedure for delivery have got the
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
The Personalization Agent ensures the correctness of(i) the logical MRTD with respect to the MRTD
holder, (ii) the Document Basic Access Keys, (iii) the
stored on the MRTD’s chip, and (iv) the Document Signer Public Key Certificate (if stored on the
MRTD’s chip). The Personalization Agent
Agent bears the Personalization Agent
symmetric cryptographic mechanisms.
A.Insp_Sys
The Inspection System is used by the border control officer of the receiving State (i) examining an
MRTD presented by the traveler and verifying its authenticity and (ii) verifying the traveler as MRTD
holder. The Basic Inspection System for global interoperability (i) includes the Country Signing Public
Key and the Document Signer Public Key of each issuing State or Orga
the terminal part of the Basic Access Control
MRTD under Basic Access Control and performs the Passive Authentication to verify the logical
MRTD.
A.BAC-Keys
The Document Basic Access Control Keys being generated and imported by the issuing State or
Organization have to provide sufficient cryptographi
9303" [R2], the Document Basic Access Control Keys are derived from a defined subset of the
individual printed MRZ data. It has to be ensured that these data provide sufficient entropy to
withstand any attack based on the decision that the inspection system has to derive Document
Access Keys from the printed MRZ data with enhanced basic attack potential.
6.5.2 Assumptions for Chip Authentication
A.Insp_Sys_CA
The Inspection System implements the
verifies the authenticity of the MRTD’s chip during inspection and establishes secure messag
keys established by the Chip Authentication
A.Signature_PKI
The issuing and receiving States or Organizations establish a public key infrastructure for passive
authentication i.e. digital signature creation and verification fo
or Organization runs a Certification Authority (CA) which securely generates, stores and
Country Signing CA Key pair. The CA keeps the Country Signing CA Private Key secret
recommended to distribute the Country
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
ensures the correctness of(i) the logical MRTD with respect to the MRTD
holder, (ii) the Document Basic Access Keys, (iii) the Chip Authentication Public Key (EF.DG14) if
stored on the MRTD’s chip, and (iv) the Document Signer Public Key Certificate (if stored on the
Personalization Agent signs the Document Security Object. The
nalization Agent Authentication to authenticate himself to the TOE by
symmetric cryptographic mechanisms.
The Inspection System is used by the border control officer of the receiving State (i) examining an
the traveler and verifying its authenticity and (ii) verifying the traveler as MRTD
holder. The Basic Inspection System for global interoperability (i) includes the Country Signing Public
Key and the Document Signer Public Key of each issuing State or Organization, and (ii) implements
the terminal part of the Basic Access Control [R2]. The Basic Inspection System reads the logical
ess Control and performs the Passive Authentication to verify the logical
The Document Basic Access Control Keys being generated and imported by the issuing State or
Organization have to provide sufficient cryptographic strength. As a consequence of the "ICAO Doc
, the Document Basic Access Control Keys are derived from a defined subset of the
printed MRZ data. It has to be ensured that these data provide sufficient entropy to
withstand any attack based on the decision that the inspection system has to derive Document
Access Keys from the printed MRZ data with enhanced basic attack potential.
Chip Authentication
The Inspection System implements the Chip Authentication Mechanism. The Inspection System
verifies the authenticity of the MRTD’s chip during inspection and establishes secure messag
Chip Authentication Mechanism.
The issuing and receiving States or Organizations establish a public key infrastructure for passive
authentication i.e. digital signature creation and verification for the logical MRTD. The issuing
or Organization runs a Certification Authority (CA) which securely generates, stores and
Country Signing CA Key pair. The CA keeps the Country Signing CA Private Key secret
recommended to distribute the Country Signing CA Public Key to ICAO, all receiving
Public Security Target BAC
420, rue d’Estienne d’Orves -
ensures the correctness of(i) the logical MRTD with respect to the MRTD
Public Key (EF.DG14) if
stored on the MRTD’s chip, and (iv) the Document Signer Public Key Certificate (if stored on the
signs the Document Security Object. The Personalization
Authentication to authenticate himself to the TOE by
The Inspection System is used by the border control officer of the receiving State (i) examining an
the traveler and verifying its authenticity and (ii) verifying the traveler as MRTD
holder. The Basic Inspection System for global interoperability (i) includes the Country Signing Public
nization, and (ii) implements
. The Basic Inspection System reads the logical
ess Control and performs the Passive Authentication to verify the logical
The Document Basic Access Control Keys being generated and imported by the issuing State or
c strength. As a consequence of the "ICAO Doc
, the Document Basic Access Control Keys are derived from a defined subset of the
printed MRZ data. It has to be ensured that these data provide sufficient entropy to
withstand any attack based on the decision that the inspection system has to derive Document
Mechanism. The Inspection System
verifies the authenticity of the MRTD’s chip during inspection and establishes secure messaging with
The issuing and receiving States or Organizations establish a public key infrastructure for passive
ical MRTD. The issuing State
or Organization runs a Certification Authority (CA) which securely generates, stores and uses the
Country Signing CA Key pair. The CA keeps the Country Signing CA Private Key secret and is
Signing CA Public Key to ICAO, all receiving States
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
maintaining its integrity. The Document Signer (i) generates the Document Signer Key
over the Document Signer Public Key to the CA for certification, (iii) keeps the
Private Key secret and (iv) uses securely the Document Signer Private Key for
Security Objects of the MRTDs. The CA creates the Document Signer
Signer Public Keys that are distributed to the receiving States an
6.5.3 Assumptions for Active Authentication
A.Insp_Sys_AA
The Inspection System implements the
verifies the authenticity of the MRTD’s chip during inspection
TOE during Active Authentication.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
maintaining its integrity. The Document Signer (i) generates the Document Signer Key
over the Document Signer Public Key to the CA for certification, (iii) keeps the
te Key secret and (iv) uses securely the Document Signer Private Key for signing the Document
Security Objects of the MRTDs. The CA creates the Document Signer Certificates for the Document
Signer Public Keys that are distributed to the receiving States and Organizations.
Active Authentication
The Inspection System implements the Active Authentication Mechanism. The Inspection System
verifies the authenticity of the MRTD’s chip during inspection using the signature returned by the
TOE during Active Authentication.
Public Security Target BAC
420, rue d’Estienne d’Orves -
maintaining its integrity. The Document Signer (i) generates the Document Signer Key Pair, (ii) hands
over the Document Signer Public Key to the CA for certification, (iii) keeps the Document Signer
signing the Document
Certificates for the Document
The Inspection System
using the signature returned by the
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
7 SECURITY OBJECTIVES
7.1 Security Objectives for the TOE
This section describes the security objectives for the TOE addressing the aspects of identified threats
to be countered by the TOE and organizational security policies to be met by the TOE.
7.1.1 SO from PP BAC
OT.AC_Pers
The TOE must ensure that the logical MRTD data in EF.DG1 to EF.DG16, the Document security object
according to LDS [R2] and the TSF data can be written by authorized
logical MRTD data in EF.DG1 to EF.DG16 and the TSF data may be wri
changed after its personalization. The Document security object can be updated by authorized
Personalization Agents if data in the data groups EF.DG 3 to EF.DG16 are added.
OT.Data_Int
The TOE must ensure the integrity of the logical MRTD stored on the MRTD's chip against physical
manipulation and unauthorized writing. The TOE must ensure that the inspection system is able to
detect any modification of the transmitted logical MRTD data.
OT.Data_Conf
The TOE must ensure the confidentiality of the logical MRTD data groups EF.DG1 to EF.DG16. Read
access to EF.DG1 to EF.DG16 is granted to terminals successfully authenticated as
Agent. Read access to EF.DG1, EF.DG2 and EF.
authenticated as Basic Inspection System. The Basic Inspection System shall authenticate itself by
means of the Basic Access Control based on knowledge of the Document Basic Access Key. The TOE
must ensure the confidentiality of the logical MRTD data during their transmission to the Basic
Inspection System.
OT.Identification
The TOE must provide means to store IC Identification and Pre
memory. The IC Identification Data must provide a unique identification of the IC during Phase 2
"Manufacturing" and Phase 3 "Personalization of the MRTD". The storage of the Pre
data includes writing of the Personalization Agent
identify itself only to a successful authenticated Basic Inspection System or
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
SECURITY OBJECTIVES
Security Objectives for the TOE
This section describes the security objectives for the TOE addressing the aspects of identified threats
E and organizational security policies to be met by the TOE.
The TOE must ensure that the logical MRTD data in EF.DG1 to EF.DG16, the Document security object
and the TSF data can be written by authorized Personalization Agent
logical MRTD data in EF.DG1 to EF.DG16 and the TSF data may be written only during and cannot be
changed after its personalization. The Document security object can be updated by authorized
s if data in the data groups EF.DG 3 to EF.DG16 are added.
e the integrity of the logical MRTD stored on the MRTD's chip against physical
manipulation and unauthorized writing. The TOE must ensure that the inspection system is able to
detect any modification of the transmitted logical MRTD data.
The TOE must ensure the confidentiality of the logical MRTD data groups EF.DG1 to EF.DG16. Read
access to EF.DG1 to EF.DG16 is granted to terminals successfully authenticated as
. Read access to EF.DG1, EF.DG2 and EF.DG5 to EF.DG16 is granted to terminals successfully
authenticated as Basic Inspection System. The Basic Inspection System shall authenticate itself by
means of the Basic Access Control based on knowledge of the Document Basic Access Key. The TOE
e the confidentiality of the logical MRTD data during their transmission to the Basic
The TOE must provide means to store IC Identification and Pre-Personalization Data in its nonvolatile
ory. The IC Identification Data must provide a unique identification of the IC during Phase 2
"Manufacturing" and Phase 3 "Personalization of the MRTD". The storage of the Pre
Personalization Agent Key(s). In Phase 4 "Operational Use" the TOE shall
identify itself only to a successful authenticated Basic Inspection System or Personalization Agent
Public Security Target BAC
420, rue d’Estienne d’Orves -
This section describes the security objectives for the TOE addressing the aspects of identified threats
E and organizational security policies to be met by the TOE.
The TOE must ensure that the logical MRTD data in EF.DG1 to EF.DG16, the Document security object
Personalization Agents only. The
tten only during and cannot be
changed after its personalization. The Document security object can be updated by authorized
e the integrity of the logical MRTD stored on the MRTD's chip against physical
manipulation and unauthorized writing. The TOE must ensure that the inspection system is able to
The TOE must ensure the confidentiality of the logical MRTD data groups EF.DG1 to EF.DG16. Read
access to EF.DG1 to EF.DG16 is granted to terminals successfully authenticated as Personalization
DG5 to EF.DG16 is granted to terminals successfully
authenticated as Basic Inspection System. The Basic Inspection System shall authenticate itself by
means of the Basic Access Control based on knowledge of the Document Basic Access Key. The TOE
e the confidentiality of the logical MRTD data during their transmission to the Basic
Personalization Data in its nonvolatile
ory. The IC Identification Data must provide a unique identification of the IC during Phase 2
"Manufacturing" and Phase 3 "Personalization of the MRTD". The storage of the Pre- Personalization
hase 4 "Operational Use" the TOE shall
Personalization Agent.
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
OT.Prot_Abuse-Func
After delivery of the TOE to the MRTD Holder, the TOE must prevent t
functions that may be maliciously used to (i) disclose critical User Data, (ii) manipulate critical User
Data of the IC Embedded Software, (iii) manipulate Soft
deactivate, change or explore security features or functions of the TOE. Details of the relevant attack
scenarios depend, for instance, on the capabilities of the Test Features provided by the IC Dedicated
Test Software which are not specified here.
OT.Prot_Inf_Leak
The TOE must provide protection against disclosure of confidential TSF data stored and/or processed
in the MRTD's chip:
- by measurement and analysis of the shape and amplitude of signals or the time between
events found by measurin
or I/O lines and
- by forcing a malfunction of the TOE and/or
- by a physical manipulation of the TOE.
OT.Prot_Phys-Tamper
The TOE must provide protection of the co
and the MRTD's chip Embedded Software. This includes protection against attacks with enhanced
basic attack potential by means of
- measuring through galvanic contacts which is direct physical probi
except on pads being bonded (using standard tools for measuring voltage and current) or
- measuring not using galvanic contacts but other types of physical interaction between
charges (using tools used in solid
- manipulation of the hardware and its security features, as well as
- controlled manipulation of memory contents (User Data, TSF Data)
with a prior
- reverse-engineering to understand the design and its properties and functions.
OT.Prot_Malfunction
The TOE must ensure its correct operation. The TOE must prevent its operation outside the normal
operating conditions where reliability and secure operation has not been proven or tested. This is to
prevent errors. The environmental conditions may include external energy (esp. electromagnetic)
fields, voltage (on any contacts), clock frequency, or temperature.
7.1.2 SO for CA
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
After delivery of the TOE to the MRTD Holder, the TOE must prevent the abuse of test and support
functions that may be maliciously used to (i) disclose critical User Data, (ii) manipulate critical User
Data of the IC Embedded Software, (iii) manipulate Soft-coded IC Embedded Software or (iv) bypass,
xplore security features or functions of the TOE. Details of the relevant attack
scenarios depend, for instance, on the capabilities of the Test Features provided by the IC Dedicated
Test Software which are not specified here.
The TOE must provide protection against disclosure of confidential TSF data stored and/or processed
by measurement and analysis of the shape and amplitude of signals or the time between
events found by measuring signals on the electromagnetic field, power consumption, clock,
by forcing a malfunction of the TOE and/or
by a physical manipulation of the TOE.
The TOE must provide protection of the confidentiality and integrity of the User Data, the TSF Data,
and the MRTD's chip Embedded Software. This includes protection against attacks with enhanced
basic attack potential by means of
measuring through galvanic contacts which is direct physical probing on the chips surface
except on pads being bonded (using standard tools for measuring voltage and current) or
measuring not using galvanic contacts but other types of physical interaction between
charges (using tools used in solid-state physics research and IC failure analysis)
manipulation of the hardware and its security features, as well as
controlled manipulation of memory contents (User Data, TSF Data)
engineering to understand the design and its properties and functions.
The TOE must ensure its correct operation. The TOE must prevent its operation outside the normal
operating conditions where reliability and secure operation has not been proven or tested. This is to
ors. The environmental conditions may include external energy (esp. electromagnetic)
fields, voltage (on any contacts), clock frequency, or temperature.
Public Security Target BAC
420, rue d’Estienne d’Orves -
he abuse of test and support
functions that may be maliciously used to (i) disclose critical User Data, (ii) manipulate critical User
coded IC Embedded Software or (iv) bypass,
xplore security features or functions of the TOE. Details of the relevant attack
scenarios depend, for instance, on the capabilities of the Test Features provided by the IC Dedicated
The TOE must provide protection against disclosure of confidential TSF data stored and/or processed
by measurement and analysis of the shape and amplitude of signals or the time between
g signals on the electromagnetic field, power consumption, clock,
nfidentiality and integrity of the User Data, the TSF Data,
and the MRTD's chip Embedded Software. This includes protection against attacks with enhanced-
ng on the chips surface
except on pads being bonded (using standard tools for measuring voltage and current) or
measuring not using galvanic contacts but other types of physical interaction between
and IC failure analysis)
engineering to understand the design and its properties and functions.
The TOE must ensure its correct operation. The TOE must prevent its operation outside the normal
operating conditions where reliability and secure operation has not been proven or tested. This is to
ors. The environmental conditions may include external energy (esp. electromagnetic)
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
OT.CA_Proof
The TOE must support the Inspection Systems to verify the identity and authenticity of the MRTD’s
chip as issued by the identified issuing State or Organization by means of the
defined in [R39]. The authenticity proof provided by the MRTD’s chip shall be protected against
attacks with high attack potential.
Application note
The objective implies the MRTD’s to have (i) a unique
Number, (ii) a secret to prove its identity by knowledge i.e. a private authentication key as TSF data.
The TOE shall protect this TSF data to prevent their misuse. The terminal shall have the reference
data to verify the authentication attempt of MRTD’s chip i.e. a certificate for the
Public Key that matches the Chip Authentication
provided by (i) the Chip Authentication
the Chip Authentication Public Key in the Document Security Object signed by the Document Signer.
OT.Data_Int_CA
The TOE must ensure the integrity of the logical MRTD stored on the MRTD's chip against physical
manipulation and unauthorized writing. The TOE must ensure the integrity of the logical MRTD data
during their transmission to the General Inspection System after
7.1.3 SO for AA
OT.AA_Proof
The TOE must support the Inspection Systems to verify the identity and authenticity of MRTD’s chip
as issued by the identified issuing State or Org
defined in [R2]. The authenticity proof through AA provided by MRTD’s chip shall be protected
against attacks with high attack potential.
OT.Data_Int_AA
The TOE must ensure the integrity of the logical MRTD stored on the MRTD's chip against physical
manipulation and unauthorized writing. The TOE must ensure the integrity of the
during their transmission to the General Inspection System after
7.1.4 SO for Note 6
OT.Secure_Load_ACode
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
The TOE must support the Inspection Systems to verify the identity and authenticity of the MRTD’s
chip as issued by the identified issuing State or Organization by means of the Chip Authentication
. The authenticity proof provided by the MRTD’s chip shall be protected against
attacks with high attack potential.
The objective implies the MRTD’s to have (i) a unique identity as given by the MRTD’s Document
Number, (ii) a secret to prove its identity by knowledge i.e. a private authentication key as TSF data.
The TOE shall protect this TSF data to prevent their misuse. The terminal shall have the reference
fy the authentication attempt of MRTD’s chip i.e. a certificate for the
Chip Authentication Private Key of the MRTD’s chip. This certificate is
Chip Authentication Public Key (EF.DG14) in the LDS [R2] and (ii) the hash value of
Public Key in the Document Security Object signed by the Document Signer.
The TOE must ensure the integrity of the logical MRTD stored on the MRTD's chip against physical
manipulation and unauthorized writing. The TOE must ensure the integrity of the logical MRTD data
ion to the General Inspection System after Chip Authentication
The TOE must support the Inspection Systems to verify the identity and authenticity of MRTD’s chip
as issued by the identified issuing State or Organization by means of the Active Authentication
. The authenticity proof through AA provided by MRTD’s chip shall be protected
inst attacks with high attack potential.
The TOE must ensure the integrity of the logical MRTD stored on the MRTD's chip against physical
manipulation and unauthorized writing. The TOE must ensure the integrity of the
during their transmission to the General Inspection System after Active Authentication
Public Security Target BAC
420, rue d’Estienne d’Orves -
The TOE must support the Inspection Systems to verify the identity and authenticity of the MRTD’s
Chip Authentication as
. The authenticity proof provided by the MRTD’s chip shall be protected against
identity as given by the MRTD’s Document
Number, (ii) a secret to prove its identity by knowledge i.e. a private authentication key as TSF data.
The TOE shall protect this TSF data to prevent their misuse. The terminal shall have the reference
fy the authentication attempt of MRTD’s chip i.e. a certificate for the Chip Authentication
Private Key of the MRTD’s chip. This certificate is
and (ii) the hash value of
Public Key in the Document Security Object signed by the Document Signer.
The TOE must ensure the integrity of the logical MRTD stored on the MRTD's chip against physical
manipulation and unauthorized writing. The TOE must ensure the integrity of the logical MRTD data
Chip Authentication.
The TOE must support the Inspection Systems to verify the identity and authenticity of MRTD’s chip
Active Authentication as
. The authenticity proof through AA provided by MRTD’s chip shall be protected
The TOE must ensure the integrity of the logical MRTD stored on the MRTD's chip against physical
manipulation and unauthorized writing. The TOE must ensure the integrity of the logical MRTD data
Active Authentication.
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
The Loader of the Initial TOE shall check an evidence of authenticity and integrity of the loaded
Additional Code. The Loader enforces that only the allowed version of the Additional Code can be
loaded on the Initial TOE. The Loader shall forbid the loadin
be assembled with the Initial TOE.
During the Load Phase of an Additional Code, the TOE shall remain secure.
OT.Secure_AC_Activation
Activation of the Additional Code and update of
same time in an Atomic way. All the operations needed for the code to be able to operate as in the
Final TOE shall be completed before activation.
If the Atomic Activation is successful, then the resulting
of interruption or incident which prevents the forming of the Final TOE), the Initial TOE shall remain
in its initial state or fail secure.
OT.TOE_Identification
The Identification Data identifies the Initial TOE and Additional Code. The TOE provides means to
store Identification Data in its non
Atomic Activation of the Additional Code, the Identification Data of the
identifications of Initial TOE and Additional Code. The user must be able to uniquely identify Initial
TOE and Addtitional Code(s) which are embedded in the Final TOE. TOE must support the Inspection
Systems to verify the authenticity
7.2 Security objectives for the Operational Environment
7.2.1 OE from PP BAC
7.2.1.1 Issuing State or Organization
The issuing State or Organization will implement the following security objectives of the TOE
environment.
OE.MRTD_Manufact
Appropriate functionality testing of the TOE shall be used in step 4 to 6.
During all manufacturing and test operations, security procedures shall be used through phases 4, 5
and 6 to maintain confidentiality and integrity of the TOE and its manufacturing and tes
OE.MRTD_ Delivery
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
The Loader of the Initial TOE shall check an evidence of authenticity and integrity of the loaded
Additional Code. The Loader enforces that only the allowed version of the Additional Code can be
loaded on the Initial TOE. The Loader shall forbid the loading of an Additional Code not intended to
be assembled with the Initial TOE.
During the Load Phase of an Additional Code, the TOE shall remain secure.
Activation of the Additional Code and update of the Identification Data shall be performed at the
same time in an Atomic way. All the operations needed for the code to be able to operate as in the
Final TOE shall be completed before activation.
If the Atomic Activation is successful, then the resulting product is the Final TOE, otherwise (in case
of interruption or incident which prevents the forming of the Final TOE), the Initial TOE shall remain
n Data identifies the Initial TOE and Additional Code. The TOE provides means to
store Identification Data in its non-volatile memory and guarantees the integrity of these data. After
Atomic Activation of the Additional Code, the Identification Data of the
identifications of Initial TOE and Additional Code. The user must be able to uniquely identify Initial
TOE and Addtitional Code(s) which are embedded in the Final TOE. TOE must support the Inspection
Systems to verify the authenticity.
Security objectives for the Operational Environment
Issuing State or Organization
The issuing State or Organization will implement the following security objectives of the TOE
iate functionality testing of the TOE shall be used in step 4 to 6.
During all manufacturing and test operations, security procedures shall be used through phases 4, 5
and 6 to maintain confidentiality and integrity of the TOE and its manufacturing and tes
Public Security Target BAC
420, rue d’Estienne d’Orves -
The Loader of the Initial TOE shall check an evidence of authenticity and integrity of the loaded
Additional Code. The Loader enforces that only the allowed version of the Additional Code can be
g of an Additional Code not intended to
the Identification Data shall be performed at the
same time in an Atomic way. All the operations needed for the code to be able to operate as in the
product is the Final TOE, otherwise (in case
of interruption or incident which prevents the forming of the Final TOE), the Initial TOE shall remain
n Data identifies the Initial TOE and Additional Code. The TOE provides means to
volatile memory and guarantees the integrity of these data. After
Atomic Activation of the Additional Code, the Identification Data of the Final TOE allows
identifications of Initial TOE and Additional Code. The user must be able to uniquely identify Initial
TOE and Addtitional Code(s) which are embedded in the Final TOE. TOE must support the Inspection
The issuing State or Organization will implement the following security objectives of the TOE
During all manufacturing and test operations, security procedures shall be used through phases 4, 5
and 6 to maintain confidentiality and integrity of the TOE and its manufacturing and test data.
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Procedures shall ensure protection of TOE material/information under delivery including the
following objectives:
- non-disclosure of any security relevant information
- identification of the element unde
- meet confidentiality rules (confidentiality level, transmittal form, reception
acknowledgment)
- physical protection to prevent external damage
- secure storage and handling procedures (including rejectd TOE"s)
- traceability of TOE during delivery in
o origin and shipment details
o reception, reception acknowledgement
o location material/information.
Procedures shall ensure that corrective actions are taken in case of improper operation in the
delivery process (including if applicable any non
highlight all non-conformance to this process.
Procedures shall ensure that people (shipping department, carrier, reception
with the procedure for delivery have got the required skill, training and knowledge to meet the
procedure requirements and be able to act fully in accordance with the above expectations.
OE.Personalization
The issuing State or Organization must ensure that the
issuing State or Organization (i) establish the correct identity of the holder and create biographical
data for the MRTD, (ii) enroll the biometric refere
encoded finger image(s) and/or the encoded iris image(s) and (iii) personalize the MRTD for the
holder together with the defined physical and logical security measures to protect the confidentiality
and integrity of these data.
OE.Pass_Auth_Sign
The issuing State or Organization must (i) generate a cryptographic secure Country Signing CA Key
Pair, (ii) ensure the secrecy of the Country Signing CA Private Key and sign Document Sig
Certificates in a secure operational environment, and (iii) distribute the Certificate of the Country
Signing CA Public Key to receiving States and Organizations maintaining its authenticity and integrity.
The issuing State or Organization must (i) gen
and ensure the secrecy of the Document Signer Private Keys, (ii) sign Document Security Objects of
genuine MRTD in a secure operational environment only and (iii) distribute the Certificate of the
Document Signer Public Key to receiving States and Organizations. The digital signature in the
Document Security Object relates all data in the data in EF.DG1 to EF.DG16 if stored in the LDS
according to [R2].
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Procedures shall ensure protection of TOE material/information under delivery including the
disclosure of any security relevant information
identification of the element under delivery
meet confidentiality rules (confidentiality level, transmittal form, reception
physical protection to prevent external damage
secure storage and handling procedures (including rejectd TOE"s)
traceability of TOE during delivery including the following parameters:
origin and shipment details
reception, reception acknowledgement
location material/information.
Procedures shall ensure that corrective actions are taken in case of improper operation in the
applicable any non-conformance to the confidentiality convention) and
conformance to this process.
Procedures shall ensure that people (shipping department, carrier, reception
with the procedure for delivery have got the required skill, training and knowledge to meet the
procedure requirements and be able to act fully in accordance with the above expectations.
The issuing State or Organization must ensure that the Personalization Agents acting on behalf of the
issuing State or Organization (i) establish the correct identity of the holder and create biographical
data for the MRTD, (ii) enroll the biometric reference data of the MRTD holder i.e. the portrait, the
encoded finger image(s) and/or the encoded iris image(s) and (iii) personalize the MRTD for the
holder together with the defined physical and logical security measures to protect the confidentiality
The issuing State or Organization must (i) generate a cryptographic secure Country Signing CA Key
Pair, (ii) ensure the secrecy of the Country Signing CA Private Key and sign Document Sig
Certificates in a secure operational environment, and (iii) distribute the Certificate of the Country
Signing CA Public Key to receiving States and Organizations maintaining its authenticity and integrity.
The issuing State or Organization must (i) generate a cryptographic secure Document Signer Key Pair
and ensure the secrecy of the Document Signer Private Keys, (ii) sign Document Security Objects of
genuine MRTD in a secure operational environment only and (iii) distribute the Certificate of the
ent Signer Public Key to receiving States and Organizations. The digital signature in the
Document Security Object relates all data in the data in EF.DG1 to EF.DG16 if stored in the LDS
Public Security Target BAC
420, rue d’Estienne d’Orves -
Procedures shall ensure protection of TOE material/information under delivery including the
meet confidentiality rules (confidentiality level, transmittal form, reception
Procedures shall ensure that corrective actions are taken in case of improper operation in the
conformance to the confidentiality convention) and
department) dealing
with the procedure for delivery have got the required skill, training and knowledge to meet the
procedure requirements and be able to act fully in accordance with the above expectations.
s acting on behalf of the
issuing State or Organization (i) establish the correct identity of the holder and create biographical
nce data of the MRTD holder i.e. the portrait, the
encoded finger image(s) and/or the encoded iris image(s) and (iii) personalize the MRTD for the
holder together with the defined physical and logical security measures to protect the confidentiality
The issuing State or Organization must (i) generate a cryptographic secure Country Signing CA Key
Pair, (ii) ensure the secrecy of the Country Signing CA Private Key and sign Document Signer
Certificates in a secure operational environment, and (iii) distribute the Certificate of the Country
Signing CA Public Key to receiving States and Organizations maintaining its authenticity and integrity.
erate a cryptographic secure Document Signer Key Pair
and ensure the secrecy of the Document Signer Private Keys, (ii) sign Document Security Objects of
genuine MRTD in a secure operational environment only and (iii) distribute the Certificate of the
ent Signer Public Key to receiving States and Organizations. The digital signature in the
Document Security Object relates all data in the data in EF.DG1 to EF.DG16 if stored in the LDS
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
OE.BAC-Keys
The Document Basic Access Control Keys being generated and imported by the issuing State or
Organization have to provide sufficient cryptographic strength.
9303" [R2] the Document Basic Access Control Keys are derived from a defined subset of the
individual printed MRZ data. It has to be ensured that these data provide sufficient entropy to
withstand any attack based on the decision that the inspection system has to derive Document Basic
Access Keys from the printed MRZ data with enhanced basic attack potential.
7.2.1.2 Receiving State or Organization
The receiving State or Organization will implement the following security objectives of the TOE
environment.
OE.Exam_MRTD
The inspection system of the receiving State or Organization must examine the MRTD pr
the traveler to verify its authenticity by means of the physical security measures and to detect any
manipulation of the physical MRTD. The Basic Inspection System for global interoperability (i)
includes the Country Signing Public Key and the D
Organization, and (ii) implements the terminal part of the Basic Access Control
OE.Passive_Auth_Verif
The border control officer of the receiving State uses the inspection system to verify the traveler as
MRTD holder. The inspection systems must have successfully verified the signature of Document
Security Objects and the integrity data elements of the logical MRTD before they are used. The
receiving States and Organizations must manage the Country Signing Public Key and the Document
Signer Public Key maintaining their authenticity and availability in all inspecti
OE.Prot_Logical_MRTD
The inspection system of the receiving State or Organization ensures the confidentiality and integrity
of the data read from the logical MRTD. The receiving State examining the logical MRTD be
Basic Access Control will use inspection systems which implement the terminal part of the Basic
Access Control and use the secure messaging with fresh generated keys for the protection of the
transmitted data (i.e. Basic Inspection Systems).
7.2.2 OE for CA
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
The Document Basic Access Control Keys being generated and imported by the issuing State or
Organization have to provide sufficient cryptographic strength. As a consequence of the "ICAO Doc
the Document Basic Access Control Keys are derived from a defined subset of the
data. It has to be ensured that these data provide sufficient entropy to
withstand any attack based on the decision that the inspection system has to derive Document Basic
Access Keys from the printed MRZ data with enhanced basic attack potential.
ng State or Organization
The receiving State or Organization will implement the following security objectives of the TOE
The inspection system of the receiving State or Organization must examine the MRTD pr
the traveler to verify its authenticity by means of the physical security measures and to detect any
manipulation of the physical MRTD. The Basic Inspection System for global interoperability (i)
includes the Country Signing Public Key and the Document Signer Public Key of each issuing State or
Organization, and (ii) implements the terminal part of the Basic Access Control [R2]
The border control officer of the receiving State uses the inspection system to verify the traveler as
MRTD holder. The inspection systems must have successfully verified the signature of Document
s and the integrity data elements of the logical MRTD before they are used. The
receiving States and Organizations must manage the Country Signing Public Key and the Document
Signer Public Key maintaining their authenticity and availability in all inspection systems.
The inspection system of the receiving State or Organization ensures the confidentiality and integrity
of the data read from the logical MRTD. The receiving State examining the logical MRTD be
Basic Access Control will use inspection systems which implement the terminal part of the Basic
Access Control and use the secure messaging with fresh generated keys for the protection of the
transmitted data (i.e. Basic Inspection Systems).
Public Security Target BAC
420, rue d’Estienne d’Orves -
The Document Basic Access Control Keys being generated and imported by the issuing State or
As a consequence of the "ICAO Doc
the Document Basic Access Control Keys are derived from a defined subset of the
data. It has to be ensured that these data provide sufficient entropy to
withstand any attack based on the decision that the inspection system has to derive Document Basic
The receiving State or Organization will implement the following security objectives of the TOE
The inspection system of the receiving State or Organization must examine the MRTD presented by
the traveler to verify its authenticity by means of the physical security measures and to detect any
manipulation of the physical MRTD. The Basic Inspection System for global interoperability (i)
ocument Signer Public Key of each issuing State or
[R2].
The border control officer of the receiving State uses the inspection system to verify the traveler as
MRTD holder. The inspection systems must have successfully verified the signature of Document
s and the integrity data elements of the logical MRTD before they are used. The
receiving States and Organizations must manage the Country Signing Public Key and the Document
on systems.
The inspection system of the receiving State or Organization ensures the confidentiality and integrity
of the data read from the logical MRTD. The receiving State examining the logical MRTD being under
Basic Access Control will use inspection systems which implement the terminal part of the Basic
Access Control and use the secure messaging with fresh generated keys for the protection of the
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
OE.Auth_Key_MRTD
The issuing State or Organization has to establish the necessary public key infrastructure in order to
- (i) Generate the MRTD's Chip Authentication Key Pair
- (ii) Sign and store the Chip Authentication
data in EF.DG14
- (iii) Support inspection systems of receiving States or organizations to verify the authenticity
of the MRTD's chip used for genuine MRTD by certification of the Chip Authentication Public
Key by means of the Document Security Object.
OE.Exam_MRTD_CA
Aditionally to the OE.Exam_MRTD, the inspection systems perform the
to verify the Authenticity of the presented MRTD’s chip.
OE.Prot_Logical_MRTD_CA
Aditionally to the OE.Prot_Logical_MRTD, the inspection system prevents eavesdropping to their
communication with the TOE before secure messaging is successfully established based on the
Authentication Protocol.
Application note
The Inspection Systems follow the order (i) running the Basic Access Control Protocol, (ii) reading and
verifying only those parts of the logical MRTD that are necessary to know for the
Mechanism (i.e. Document Security Obj
Authentication Protocol, and (iv) reading and verifying the less
after Chip Authentication. The supposed sequence has the advantage that the less
protected by secure messaging with cryptographic keys based on the
which quality is under control of the TOE. The inspection system will prevent additionally
eavesdropping to their communication with the TOE before secu
established based on the Chip Authentication
directly after Basic Access Control Mechanism is allowed and is not assumed as threat in this PP. But
the TOE ensures that reading of sensitive data is possible after successful
7.2.3 OE for AA
OE.Exam_MRTD_AA
Aditionally to the OE.Exam_MRTD, the inspection systems perform the
protocol to verify the Authenticity of the prese
OE.Prot_Logical_MRTD_AA
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
The issuing State or Organization has to establish the necessary public key infrastructure in order to
s Chip Authentication Key Pair
ign and store the Chip Authentication Public Key in the Chip Authentica
upport inspection systems of receiving States or organizations to verify the authenticity
of the MRTD's chip used for genuine MRTD by certification of the Chip Authentication Public
y by means of the Document Security Object.
Aditionally to the OE.Exam_MRTD, the inspection systems perform the Chip Authentication
to verify the Authenticity of the presented MRTD’s chip.
Aditionally to the OE.Prot_Logical_MRTD, the inspection system prevents eavesdropping to their
communication with the TOE before secure messaging is successfully established based on the
The Inspection Systems follow the order (i) running the Basic Access Control Protocol, (ii) reading and
verifying only those parts of the logical MRTD that are necessary to know for the
Mechanism (i.e. Document Security Object and Chip Authentication Public Key), (iii) running the
Protocol, and (iv) reading and verifying the less-sensitive data of the logical MRTD
. The supposed sequence has the advantage that the less
protected by secure messaging with cryptographic keys based on the Chip Authentication
which quality is under control of the TOE. The inspection system will prevent additionally
eavesdropping to their communication with the TOE before secure messaging is successfully
Chip Authentication Protocol. Note that reading the less sensitive data
directly after Basic Access Control Mechanism is allowed and is not assumed as threat in this PP. But
of sensitive data is possible after successful Chip Authentication
Aditionally to the OE.Exam_MRTD, the inspection systems perform the Active Authentication
protocol to verify the Authenticity of the presented MRTD’s chip.
Public Security Target BAC
420, rue d’Estienne d’Orves -
The issuing State or Organization has to establish the necessary public key infrastructure in order to:
Public Key in the Chip Authentication Public Key
upport inspection systems of receiving States or organizations to verify the authenticity
of the MRTD's chip used for genuine MRTD by certification of the Chip Authentication Public
Chip Authentication protocol
Aditionally to the OE.Prot_Logical_MRTD, the inspection system prevents eavesdropping to their
communication with the TOE before secure messaging is successfully established based on the Chip
The Inspection Systems follow the order (i) running the Basic Access Control Protocol, (ii) reading and
verifying only those parts of the logical MRTD that are necessary to know for the Chip Authentication
Public Key), (iii) running the Chip
sensitive data of the logical MRTD
. The supposed sequence has the advantage that the less-sensitive data are
Chip Authentication Protocol
which quality is under control of the TOE. The inspection system will prevent additionally
re messaging is successfully
Protocol. Note that reading the less sensitive data
directly after Basic Access Control Mechanism is allowed and is not assumed as threat in this PP. But
Chip Authentication.
Active Authentication
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Aditionally to the OE.Prot_Logical_MRTD
communication with the TOE before secure messaging is successfully established based on the
Authentication Protocol.
OE.Activ_Auth_Verif
In addition to the verification by
verification by Active Authentication
MRTD.
OE.Activ_Auth_Sign
The issuing State or Organization has to establish
(i) generate the MRTD’s Active Authentication
Authentication Private Key, sign and store the
Authentication Public Key data in EF.DG15 and (iii) support inspection systems of receiving States or
organizations to verify the authenticity of the MRTD’s chip used for genuine MRTD by certification of
the Active Authentication Public Key by means of the Docume
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Aditionally to the OE.Prot_Logical_MRTD, the inspection system prevents eavesdropping to their
communication with the TOE before secure messaging is successfully established based on the
In addition to the verification by passive authentication, the inspection systems may use the
Active Authentication, which offers a stronger guaranty of the authenticity of the
The issuing State or Organization has to establish the necessary public key infrastructure in order to
Active Authentication Key Pair, (ii) ensure the secrecy of the MRTD’s
Private Key, sign and store the Active Authentication Public Key in the Active
ication Public Key data in EF.DG15 and (iii) support inspection systems of receiving States or
organizations to verify the authenticity of the MRTD’s chip used for genuine MRTD by certification of
Public Key by means of the Document Security Object.
Public Security Target BAC
420, rue d’Estienne d’Orves -
, the inspection system prevents eavesdropping to their
communication with the TOE before secure messaging is successfully established based on the Active
passive authentication, the inspection systems may use the
, which offers a stronger guaranty of the authenticity of the
the necessary public key infrastructure in order to
Key Pair, (ii) ensure the secrecy of the MRTD’s Active
Public Key in the Active
ication Public Key data in EF.DG15 and (iii) support inspection systems of receiving States or
organizations to verify the authenticity of the MRTD’s chip used for genuine MRTD by certification of
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
8 EXTENDED REQUIREMENT
8.1 Extended family FAU_SAS
8.1.1 Extended components FAU_SAS.1
Description: see [R11].
FAU_SAS.1 Audit storage
FAU_SAS.1.1 The TSF shall provide [assignment: authorized users] with the capability to store
[assignment: list of audit information] in the audit records.
Dependencies: No dependencies.
Rationale: see [R11]
8.2 Extended family FCS_RND
8.2.1 Extended component FCS_RND.1
Description: see [R11]
FCS_RND.1 Quality metric for random numbers
FCS_RND.1.1 The TSF shall provide a mechanism to generate random numbers that meet
[assignment: a defined quality metric].
Dependencies: No dependencies.
Rationale: See [R11]
8.3 Extended family FIA_API
8.3.1 Extended component FIA_API.1
Description: see [R12]
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
EXTENDED REQUIREMENTS
Extended family FAU_SAS - Audit data storage
Extended components FAU_SAS.1
The TSF shall provide [assignment: authorized users] with the capability to store
[assignment: list of audit information] in the audit records.
: No dependencies.
Extended family FCS_RND - Generation of random numbers
Extended component FCS_RND.1
FCS_RND.1 Quality metric for random numbers
The TSF shall provide a mechanism to generate random numbers that meet
ent: a defined quality metric].
: No dependencies.
Extended family FIA_API – Authentication proof of identity
Extended component FIA_API.1
Public Security Target BAC
420, rue d’Estienne d’Orves -
The TSF shall provide [assignment: authorized users] with the capability to store
Generation of random numbers
The TSF shall provide a mechanism to generate random numbers that meet
of identity
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FIA_API.1 Quality metric for random numbers
FIA_API.1.1 The TSF shall provide a [assignment: authentication mechanism] to prove the identity of
the [assignment: authorized user or role].
Dependencies: No dependencies.
Rationale: See [R12]
8.4 Extended family FMT_LIM
8.4.1 Extended component FMT_LIM.1
Description: see [R11]
FMT_LIM.1 Limited capabilities
FMT_LIM.1.1 The TSF shall be designed in a manner that limits their capabilities so that in
conjunction with "Limited availability (FMT_LIM.2)" the following policy is enforced [assignment:
Limited capability and availability policy].
Dependencies: (FMT_LIM.2)
Rationale: See [R11]
8.4.2 Extended component FMT_LIM.2
Description: See [R11]
FMT_LIM.2 Limited availability
FMT_LIM.2.1 The TSF shall be designed in a manner that limits their availability so that in
conjunction with "Limited capabilities (FMT_LIM.1)" the following policy is enforced [assignment:
Limited capability and availability policy].
Dependencies: (FMT_LIM.1)
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
FIA_API.1 Quality metric for random numbers
The TSF shall provide a [assignment: authentication mechanism] to prove the identity of
the [assignment: authorized user or role].
: No dependencies.
Extended family FMT_LIM - Limited capabilities and availability
Extended component FMT_LIM.1
FMT_LIM.1 Limited capabilities
The TSF shall be designed in a manner that limits their capabilities so that in
conjunction with "Limited availability (FMT_LIM.2)" the following policy is enforced [assignment:
Limited capability and availability policy].
Extended component FMT_LIM.2
FMT_LIM.2 Limited availability
TSF shall be designed in a manner that limits their availability so that in
conjunction with "Limited capabilities (FMT_LIM.1)" the following policy is enforced [assignment:
Limited capability and availability policy].
Public Security Target BAC
420, rue d’Estienne d’Orves -
The TSF shall provide a [assignment: authentication mechanism] to prove the identity of
Limited capabilities and availability
The TSF shall be designed in a manner that limits their capabilities so that in
conjunction with "Limited availability (FMT_LIM.2)" the following policy is enforced [assignment:
TSF shall be designed in a manner that limits their availability so that in
conjunction with "Limited capabilities (FMT_LIM.1)" the following policy is enforced [assignment:
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Rationale: See [R11]
8.5 Extended family FPT_EMS
8.5.1 Extended component FPT_EMS.1
Description: see [R11]
FPT_EMS.1 TOE Emanation
FPT_EMS.1.1 The TOE shall not emit [assignment: types of emissions] in excess of [assignment:
specified limits] enabling access to [assignment: list of types
types of user data].
FPT_EMS.1.2 The TSF shall ensure [assignment: type of users] are unable to use the following
interface [assignment: type of connection] to gain access to [assignment: list of types of TSF data]
and [assignment: list of types of user data].
Dependencies: No dependencies.
Rationale: See [R11]
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Extended family FPT_EMS - TOE Emanation
Extended component FPT_EMS.1
FPT_EMS.1 TOE Emanation
The TOE shall not emit [assignment: types of emissions] in excess of [assignment:
specified limits] enabling access to [assignment: list of types of TSF data] and [assignment: list of
The TSF shall ensure [assignment: type of users] are unable to use the following
interface [assignment: type of connection] to gain access to [assignment: list of types of TSF data]
nd [assignment: list of types of user data].
No dependencies.
Public Security Target BAC
420, rue d’Estienne d’Orves -
The TOE shall not emit [assignment: types of emissions] in excess of [assignment:
of TSF data] and [assignment: list of
The TSF shall ensure [assignment: type of users] are unable to use the following
interface [assignment: type of connection] to gain access to [assignment: list of types of TSF data]
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
9 SECURITY REQUIREMENT
9.1 Security Functional Requ
This chapter presents the Security Functional Requirements to take into account within the TOE
configuration presented in this security target. It is composed of the following elements:
- Global SFR that are applicable to all the passports configuration
- MP SFR for covering the phase Manufacturing and Personalization described in the Passport
Protection Profile and also the coverage of Additional Code.
- Active Authentication SFR
- BAC SFR that cover the Basic Access Control
- CA SFR that cover the Chip Authentication Protocol
9.1.1 Global SFR
This chapter covers the common SFR that are shared between the different applications that are
embedded on the product.
FCS_CKM.4/Global Cryptographic key destruction
FCS_CKM.4.1/Global The TSF shall destroy cryptographic keys in accordance with a specified
cryptographic key destruction method
FCS_RND.1/Global Quality metric for random numbers
FCS_RND.1.1/Global The TSF shall provide a mechanism to generate random numbers that meet
1. The requirement to provide an
and
2. The requirement of RGS_B1 for random number generation.
FMT_LIM.1/Global Limited capabilities
FMT_LIM.1.1/Global The TSF shall be designed in a manner that limits their capabilities so that in
conjunction with "Limited availability (FMT_LIM.2)" the following policy is enforced
Deploying Test Features after
1. User Data to be manipulated
2. TSF data to be disclosed or
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
SECURITY REQUIREMENTS
Security Functional Requirements
This chapter presents the Security Functional Requirements to take into account within the TOE
configuration presented in this security target. It is composed of the following elements:
that are applicable to all the passports configuration
for covering the phase Manufacturing and Personalization described in the Passport
Protection Profile and also the coverage of Additional Code.
Active Authentication SFR that cover the Active Authentication Protocol
that cover the Basic Access Control
that cover the Chip Authentication Protocol
This chapter covers the common SFR that are shared between the different applications that are
Cryptographic key destruction
The TSF shall destroy cryptographic keys in accordance with a specified
cryptographic key destruction method zeroisation that meets the following: none
Quality metric for random numbers
The TSF shall provide a mechanism to generate random numbers that meet
an entropy of at least 7.976 bits in each byte, following
2. The requirement of RGS_B1 for random number generation.
Limited capabilities
The TSF shall be designed in a manner that limits their capabilities so that in
conjunction with "Limited availability (FMT_LIM.2)" the following policy is enforced
after TOE Delivery does not allow
manipulated
or manipulated
Public Security Target BAC
420, rue d’Estienne d’Orves -
This chapter presents the Security Functional Requirements to take into account within the TOE
configuration presented in this security target. It is composed of the following elements:
for covering the phase Manufacturing and Personalization described in the Passport
uthentication Protocol
This chapter covers the common SFR that are shared between the different applications that are
The TSF shall destroy cryptographic keys in accordance with a specified
none.
The TSF shall provide a mechanism to generate random numbers that meet
following AIS 31 [R37]
The TSF shall be designed in a manner that limits their capabilities so that in
conjunction with "Limited availability (FMT_LIM.2)" the following policy is enforced:
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
3. Software to be reconstructed
4. Substantial information about
other attacks
FMT_LIM.2/Global Limited availability
FMT_LIM.2.1/Global The TSF shall be designed in a manner that limits their availability so that in
conjunction with "Limited capabilities (FMT_LIM.1)" the following policy is enforced
Deploying Test Features after TOE
1. User Data to be manipulated
2. TSF data to be disclosed or
3. Software to be reconstructed
4. Substantial information about
other attacks
FPT_EMS.1/Global TOE Emanation
FPT_EMS.1.1/Global The TOE shall not emit
execution in excess of non useful information
1. EF.COM, EF.SOD and EF.DG1 to EF.DG16
FPT_EMS.1.2/Global The TSF shall ensure
interface smart card circuit contacts
1. EF.COM, EF.SOD and EF.DG1 to EF.DG16
FPT_FLS.1/Global Failure with preservation of secure state
FPT_FLS.1.1/Global The TSF shall preserve
1. Exposure to out-of-range operating
2. Failure detected by TSF according
FPT_TST.1/Global TSF testing
FPT_TST.1.1/Global The TSF shall run a suite of self tests
TSF, at the conditions:
- At reset
- Before any cryptographic
- When accessing a DG or any EF
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
reconstructed
about construction of TSF to be gathered
Limited availability
The TSF shall be designed in a manner that limits their availability so that in
conjunction with "Limited capabilities (FMT_LIM.1)" the following policy is enforced
TOE Delivery does not allow
manipulated
or manipulated
reconstructed
about construction of TSF to be gathered
TOE Emanation
The TOE shall not emit power variations, timing variations during command
non useful information enabling access to
1. EF.COM, EF.SOD and EF.DG1 to EF.DG16
The TSF shall ensure any unauthorized users are unable to use the following
contacts to gain access to
1. EF.COM, EF.SOD and EF.DG1 to EF.DG16
Failure with preservation of secure state
The TSF shall preserve a secure state when the following types of failures occur:
operating conditions where therefore a malfunction
according to FPT_TST.1.
TSF testing
The TSF shall run a suite of self tests to demonstrate the correct operation of
cryptographic operation
DG or any EF
Public Security Target BAC
420, rue d’Estienne d’Orves -
which may enable
The TSF shall be designed in a manner that limits their availability so that in
conjunction with "Limited capabilities (FMT_LIM.1)" the following policy is enforced:
which may enable
variations, timing variations during command
are unable to use the following
a secure state when the following types of failures occur:
malfunction could occur
to demonstrate the correct operation of the
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
- Prior to any use of TSF data
- Before execution of any
FPT_TST.1.2/Global The TSF shall provide authorised users with the capability to verify the integrity
of TSF data.
FPT_TST.1.3/Global The TSF shall provide authorised users with the capability to verify the integrity
of stored TSF executable code.
FPT_PHP.3/Global Resistance to physical attack
FPT_PHP.3.1/Global The TSF shall resist
responding automatically such that the SFRs are always enforced.
9.1.2 Product configurat
This chapter covers the Manufacturing and Personalization SFR. It also includes additional SFR for the
compliance to Note 6.
9.1.2.1 SFR for additional code
FAU_STG.2/MP_Add_code
FAU_STG.2.1/MP_Add_code The TSF shall protect the stored audit records in the audit trail from
unauthorized deletion.
FAU_STG.2.2/MP_Add_code The TSF shall be able to
stored audit records in the audit trail.
FAU_STG.2.3/MP_Add_code The TSF shall ensure that
records will be maintained when the following conditions occur:
Application Note:
Additional code code is loaded with its integrity information.
the TOE after the loading, and before the writing of the identification information by calculating the
signature and comparing to the expected value. The signature is protected in integrity through the
TOE life cycle, at each power on, the card verifies the integrity of this signature.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
data
any command
The TSF shall provide authorised users with the capability to verify the integrity
The TSF shall provide authorised users with the capability to verify the integrity
Resistance to physical attack
The TSF shall resist physical manipulation and physical probing
responding automatically such that the SFRs are always enforced.
Product configuration SFR
This chapter covers the Manufacturing and Personalization SFR. It also includes additional SFR for the
SFR for additional code
_Add_code Guarantees of audit data availability
The TSF shall protect the stored audit records in the audit trail from
The TSF shall be able to prevent unauthorized modifications to the
stored audit records in the audit trail.
The TSF shall ensure that Additional code identification
records will be maintained when the following conditions occur: failure and attack
Additional code code is loaded with its integrity information. This integrity information is verified by
the TOE after the loading, and before the writing of the identification information by calculating the
signature and comparing to the expected value. The signature is protected in integrity through the
le, at each power on, the card verifies the integrity of this signature.
Public Security Target BAC
420, rue d’Estienne d’Orves -
The TSF shall provide authorised users with the capability to verify the integrity
The TSF shall provide authorised users with the capability to verify the integrity
probing to the TSF by
This chapter covers the Manufacturing and Personalization SFR. It also includes additional SFR for the
The TSF shall protect the stored audit records in the audit trail from
unauthorized modifications to the
Additional code identification stored audit
failure and attack.
This integrity information is verified by
the TOE after the loading, and before the writing of the identification information by calculating the
signature and comparing to the expected value. The signature is protected in integrity through the
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FCS_CKM.1/MP_Add_code
FCS_CKM.1.1/MP_Add_code The TSF shall generate cryptographic keys in accordance with a
specified cryptographic key generation algorithm
specified cryptographic key sizes
Cryptographic key generation algorithm
Calculation of LSK_LOAD, from initial LSK and derivation data
entered - AES 128 ECB
FCS_COP.1/MP_ENC_Add_code
FCS_COP.1.1/MP_ENC_Add_code
with a specified cryptographic algorithm
[cryptographic key sizes] that meet the following
Cryptographic operation
Encryption of the additional code (ciphered with
LSK_LOAD) and signature verification
FCS_COP.1/MP_MAC_Add_code
FCS_COP.1.1/MP_MAC_Add_code
with a specified cryptographic algorithm
[cryptographic key sizes] that meet the following
Cryptographic operation
Secure Messaging with BAC - 3DES
Secure Messaging with BAC - AES
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
/MP_Add_code Cryptographic key generation
The TSF shall generate cryptographic keys in accordance with a
specified cryptographic key generation algorithm [cryptographic key generation algorithm]
specified cryptographic key sizes [key length] that meet the following [standard]
key generation algorithm Key length (bits)
Calculation of LSK_LOAD, from initial LSK and derivation data
128
/MP_ENC_Add_code Cryptographic operation
MP_ENC_Add_code The TSF shall perform [cryptographic operation]
with a specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Algo
Key length
(bits)
of the additional code (ciphered with
LSK_LOAD) and signature verification
AES 128
/MP_MAC_Add_code Cryptographic operation
/MP_MAC_Add_code The TSF shall perform [cryptographic operation]
with a specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Algo
Key length
(bits)
3DES 3DES Retail MAC 112
AES AES CMAC 128, 192 or 256
Public Security Target BAC
420, rue d’Estienne d’Orves -
The TSF shall generate cryptographic keys in accordance with a
[cryptographic key generation algorithm] and
[standard]:
Key length (bits) Standards
None
[cryptographic operation] in accordance
and cryptographic key sizes
Key length
Standard
[R35]
[cryptographic operation] in accordance
and cryptographic key sizes
Standard
[R35]
, 192 or 256 [R35]
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FDP_UIT.1/MP_Add_code
FDP_UIT.1.1/MP_Add_code The TSF shall enforce the
receive user data in a manner protected from
FDP_UIT.1.2/MP_Add_code [Editorially
user data, whether modification
has occurred.
Application Note
Modification errors should be understood as modification, substitution, unrecoverable ordering
change of data and any other integrity error that may cause the additional code to be installed on the
card to be different from the one sent by
This SFR control integrity of data
FMT_MTD.1/MP_Add_code
FMT_MTD.1.1/MP_Add_code The TSF shall restrict the ability to
[authorized identified roles]:
List of TSF data
Activate Additional code
Application note
The Activation of the additional code modify
LSK_LOAD (LSK and Derivation Data) and
FMT_MTD.1/MP_KEY_READ
FMT_MTD.1.1/MP_KEY_READ_Add_code
[authorized identified roles]:
TSF Data Authorized Identified roles
LSK None
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
/MP_Add_code Data exchange integrity
The TSF shall enforce the Prepersonalization access
manner protected from modification errors.
[Editorially Refined] The TSF shall be able to determine on receipt of
modification of some of the pieces of the application sent by
Modification errors should be understood as modification, substitution, unrecoverable ordering
change of data and any other integrity error that may cause the additional code to be installed on the
card to be different from the one sent by the TOE Developer.
control integrity of data import in phase 5, including the additional code but not only.
/MP_Add_code Management of TSF data
The TSF shall restrict the ability to [selection the
Authorised role
TOE developer
of the additional code modify the TOE. This additional code is ciphered with the
LSK_LOAD (LSK and Derivation Data) and activated after the authentication of the
KEY_READ_Add_code Management of TSF data
_Add_code The TSF shall restrict the ability to
Authorized Identified roles
Public Security Target BAC
420, rue d’Estienne d’Orves -
access control SFP to
The TSF shall be able to determine on receipt of
by the TOE developer
Modification errors should be understood as modification, substitution, unrecoverable ordering
change of data and any other integrity error that may cause the additional code to be installed on the
code but not only.
the [list of TSF data] to
the TOE. This additional code is ciphered with the
after the authentication of the TOE developer.
The TSF shall restrict the ability to read the [data] to
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FMT_SMR.1/MP_Add_code
FMT_SMR.1.1/MP_Add_code The TSF shall maintain the roles
1. TOE developper
FMT_SMR.1.2/MP_Add_code The TSF shall be able to associate users with roles.
FPT_EMS.1/MP_Add_code
FPT_EMS.1.1/MP_Add_code The TOE shall not emit
command execution in excess of
1. LSK
FPT_EMS.1.2/MP_Add_code The TSF shall ensure
following interface smart card circuit
1. LSK
FTP_ITC.1/MP_Add_code
FTP_ITC.1.1/MP_Add_code The TSF shall provide a communication channel between itself and
another trusted IT product that is logically distinct from other communication channels and provides
assured identification of its end points and protection of the channel data from modification or
disclosure.
FTP_ITC.1.2/MP_Add_code [Editorially
Prepersonalizer to initiate communication via the trusted channel.
FTP_ITC.1.3/MP_Add_code The TSF shall initiate communication via the trusted channel for:
1. Additional code loading
9.1.2.2 Manufacturing and Personalization
FCS_CKM.1/MP Cryptographic key generation
FCS_CKM.1.1 The TSF shall generate cryptographic keys in accordance with a specified cryptographic
key generation algorithm [cryptographic key generation algorithm]
sizes [key length] that meet the following
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
/MP_Add_code Security roles
The TSF shall maintain the roles
The TSF shall be able to associate users with roles.
/MP_Add_code TOE Emanation
The TOE shall not emit power variations, timing variations during
in excess of non useful information enabling access to
The TSF shall ensure any unauthorized users are unable to use the
circuit contacts to gain access to
Inter-TSF trusted channel
The TSF shall provide a communication channel between itself and
product that is logically distinct from other communication channels and provides
assured identification of its end points and protection of the channel data from modification or
[Editorially Refined] The TSF shall permit the TOE Developer and
to initiate communication via the trusted channel.
The TSF shall initiate communication via the trusted channel for:
Manufacturing and Personalization
Cryptographic key generation
The TSF shall generate cryptographic keys in accordance with a specified cryptographic
[cryptographic key generation algorithm] and specified cryptographic key
that meet the following [standard]:
Public Security Target BAC
420, rue d’Estienne d’Orves -
The TSF shall be able to associate users with roles.
variations, timing variations during
are unable to use the
The TSF shall provide a communication channel between itself and
product that is logically distinct from other communication channels and provides
assured identification of its end points and protection of the channel data from modification or
TOE Developer and
The TSF shall initiate communication via the trusted channel for:
The TSF shall generate cryptographic keys in accordance with a specified cryptographic
and specified cryptographic key
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Cryptographic key generation algorithm
MSK derivation from initial MSK loaded in phase 1 using SHA 256
FCS_COP.1/MP_ENC_3DES
FCS_COP.1.1/MP_ENC_3DES The TSF shall perform
specified cryptographic algorithm
[cryptographic key sizes] that meet the following
Cryptographic operation
Secure Messaging – encryption and
decryption
FCS_COP.1/MP_ENC_AES
FCS_COP.1.1/MP_ENC_AES The TSF shall perform
specified cryptographic algorithm
[cryptographic key sizes] that meet the following
Cryptographic operation
Secure Messaging – encryption and
decryption
FCS_COP.1/MP_MAC_3DES
FCS_COP.1.1/MP_MAC_3DES The TSF shall perform
specified cryptographic algorithm
[cryptographic key sizes] that meet the following
Cryptographic operation
Secure Messaging – MAC
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Cryptographic key generation algorithm
Key length
(bits)
MSK derivation from initial MSK loaded in phase 1 using SHA 256 256
FCS_COP.1/MP_ENC_3DES Cryptographic operation
The TSF shall perform [cryptographic operation] in accordance with a
specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Algo
Key length
(bits)
encryption and
3DES in CBC mode 112
Cryptographic operation
The TSF shall perform [cryptographic operation] in accordance with a
specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Algo
Key length
(bits)
encryption and
AES in CBC mode 128, 192 and 256
/MP_MAC_3DES Cryptographic operation
The TSF shall perform [cryptographic operation]
specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Algo
Key length
(bits)
Standard
3DES RMAC 112 [R32]
Public Security Target BAC
420, rue d’Estienne d’Orves -
Key length
Standards
None
in accordance with a
and cryptographic key sizes
Key length
Standard
[R32]
in accordance with a
and cryptographic key sizes
Standard
128, 192 and 256 [R35]
in accordance with a
and cryptographic key sizes
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FCS_COP.1/MP_MAC_AES
FCS_COP.1.1/MP_MAC_AES The TSF shall perform
specified cryptographic algorithm
[cryptographic key sizes] that meet the following
Cryptographic operation
Secure Messaging MAC
FCS_COP.1/MP_AUTH_3DES
FCS_COP.1.1/MP_AUTH_3DES The TSF shall perform
specified cryptographic algorithm
[cryptographic key sizes] that meet the following
Cryptographic operation
Card Manufacturer Authentication (MSK)
FCS_COP.1/MP_AUTH_AES
FCS_COP.1.1/MP_AUTH_AES The TSF shall perform
specified cryptographic algorithm
[cryptographic key sizes] that meet the following
Cryptographic operation
Card Manufacturer Authentication (MSK)
FCS_COP.1/MP_SHA Cryptographic operation
FCS_COP.1.1/MP_SHA The TSF shall perform
specified cryptographic algorithm
[cryptographic key sizes] that meet the following
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
/MP_MAC_AES Cryptographic operation
The TSF shall perform [cryptographic operation] in accordance with a
specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Algo
Key length
(bits)
Standard
AES 128, 192 and 256 [R35]
/MP_AUTH_3DES Cryptographic operation
The TSF shall perform [cryptographic operation]
specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Algo
Key length
(bits)
Standard
Card Manufacturer Authentication (MSK) 3DES 112 [R32]
/MP_AUTH_AES Cryptographic operation
The TSF shall perform [cryptographic operation] in accordance with a
specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Algo
Key length
(bits)
Authentication (MSK) AES 128, 192 and 256
Cryptographic operation
The TSF shall perform [cryptographic operation] in accordance with a
specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Public Security Target BAC
420, rue d’Estienne d’Orves -
in accordance with a
and cryptographic key sizes
in accordance with a
and cryptographic key sizes
Standard
[R32]
in accordance with a
and cryptographic key sizes
Standard
[R35]
in accordance with a
and cryptographic key sizes
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Cryptographic operation
Hashing
FDP_ACC.2/MP Complete access control
FDP_ACC.2.1/MP The TSF shall enforce the
objects and all operations among subjects and objects covered by the SFP.
FDP_ACC.2.2/MP The TSF shall ensure that all operations between any subject controlled by the TSF
and any object controlled by the TSF are covered by an acc
Application Note
This SFR enforces access control over
code loading but not only.
FDP_ACF.1/MP Security attribute based access control
FDP_ACF.1.1/MP The TSF shall enforce the
the following Prepersonalizer Authentication (AS_AUTH_MSK_STATUS)
FDP_ACF.1.2/MP The TSF shall enforce the following rules to determine if an operation among
controlled subjects and controlled objects is allowed:
AUTHENTICATE).
FDP_ACF.1.3/MP The TSF shall explicitly authorise access of subjects to objects based on the
following additional rules: none.
FDP_ACF.1.4/MP The TSF shall explicitly deny access of subjects to objects based on the following
additional rules: none.
Application Note
This SFR enforces access control over
but not only.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Algo
Key length
(bits)
Standard
SHA256 None [R27]
Complete access control
The TSF shall enforce the Prepersonalization Access Control on
and all operations among subjects and objects covered by the SFP.
The TSF shall ensure that all operations between any subject controlled by the TSF
and any object controlled by the TSF are covered by an access control SFP.
enforces access control over all the operation performed in phase 5, including
Security attribute based access control
SF shall enforce the Prepersonalization Access Control
Prepersonalizer Authentication (AS_AUTH_MSK_STATUS).
The TSF shall enforce the following rules to determine if an operation among
controlled subjects and controlled objects is allowed: AS_AUTH_MSK_STATUS=TRUE (EXTERNAL
The TSF shall explicitly authorise access of subjects to objects based on the
.
The TSF shall explicitly deny access of subjects to objects based on the following
enforces access control over all the operation in phase 5, including additional
Public Security Target BAC
420, rue d’Estienne d’Orves -
on all subjects and all
The TSF shall ensure that all operations between any subject controlled by the TSF
all the operation performed in phase 5, including additional
to objects based on
The TSF shall enforce the following rules to determine if an operation among
AS_AUTH_MSK_STATUS=TRUE (EXTERNAL
The TSF shall explicitly authorise access of subjects to objects based on the
The TSF shall explicitly deny access of subjects to objects based on the following
additional code loading
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FDP_ITC.1/MP Import of user data without security attributes
FDP_ITC.1.1/MP The TSF shall enforce the
data, controlled under the SFP, from outside of the TOE.
FDP_ITC.1.2/MP The TSF shall ignore any security attributes associated with the user data when
imported from outside the TOE.
FDP_ITC.1.3/MP The TSF shall enforce the following rules when importing user data controlled under
the SFP from outside the TOE: none
Application Note
This SFR control import of data in phase 5, including
This SFR ensures also the MSK diviersification, which is performs once, at first command, without any
security requirements preliminary to this action.
FDP_UCT.1/MP Basic data exchange confidentiality
FDP_UCT.1.1/MP The TSF shall enforce the
a manner protected from unauthorised disclosure
Application note
For the Additional code loading access control, the LSK_LOAD is used to cipher the data transmitted.
This SFR control confidentiality of data
FDP_UIT.1/MP Data exchange integrity
FDP_UIT.1.1/MP The TSF shall enforce the
data in a manner protected from
FDP_UIT.1.2/MP [Editorially refined]
whether modification of some pieces of the application sent by the Prepersonalizer
FIA_AFL.1/MP Authentication failure handling
FIA_AFL.1.1/MP The TSF shall detect when
authentication of
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Import of user data without security attributes
The TSF shall enforce the Prepersonalization access control when importing user
data, controlled under the SFP, from outside of the TOE.
The TSF shall ignore any security attributes associated with the user data when
The TSF shall enforce the following rules when importing user data controlled under
none.
in phase 5, including the additional code but not only.
diviersification, which is performs once, at first command, without any
security requirements preliminary to this action.
Basic data exchange confidentiality
The TSF shall enforce the Prepersonalization access control to
unauthorised disclosure.
For the Additional code loading access control, the LSK_LOAD is used to cipher the data transmitted.
control confidentiality of data import in phase 5, including the additional
Data exchange integrity
The TSF shall enforce the Prepersonalization Access Control SFP
data in a manner protected from modification errors
/MP [Editorially refined] The TSF shall be able to determine on receipt of user data,
of some pieces of the application sent by the Prepersonalizer
Authentication failure handling
The TSF shall detect when 3 unsuccessful authentication attempts occur related to
Public Security Target BAC
420, rue d’Estienne d’Orves -
when importing user
The TSF shall ignore any security attributes associated with the user data when
The TSF shall enforce the following rules when importing user data controlled under
code but not only.
diviersification, which is performs once, at first command, without any
to receive user data in
For the Additional code loading access control, the LSK_LOAD is used to cipher the data transmitted.
additional code but not only.
ccess Control SFP to receive user
The TSF shall be able to determine on receipt of user data,
of some pieces of the application sent by the Prepersonalizer has occurred
unsuccessful authentication attempts occur related to
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
1. Prepersonalizer
FIA_AFL.1.2/MP When the defined number of unsuccessful authentication attempts has been
the TSF shall forbid any authentication attempt as Personalizer
FIA_UAU.1/MP Timing of authentication
FIA_UAU.1.1/MP The TSF shall allow
before the user is authenticated.
FIA_UAU.1.2/MP The TSF shall require each user to be successfully authenticated before allowing
any other TSF-mediated actions on behalf of that user.
FIA_UID.1/MP Timing of identification
FIA_UID.1.1/MP The TSF shall allow
before the user is identified.
FIA_UID.1.2/MP The TSF shall require each user to be successfully identified before allowing any
other TSF-mediated actions on behalf of that user.
FIA_UAU.4/MP_3DES Single
FIA_UAU.4.1/MP_3DES The TSF shall prevent reuse of authentication data related to
1. Authentication Mechanisms based on
FIA_UAU.4/MP_AES Single
FIA_UAU.4.1/MP_AES The TSF shall prevent reuse of authentication data related to
1. Authentication Mechanisms based on
FIA_UAU.5/MP_3DES Multiple authentication mechanisms
FIA_UAU.5.1/MP_3DES The TSF shall provide
1. Symmetric Authentication Mechanism based on
to support user authentication.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
When the defined number of unsuccessful authentication attempts has been
forbid any authentication attempt as Personalizer.
Timing of authentication
The TSF shall allow GET DATA, SELECT FILE on behalf of the user to be performed
before the user is authenticated.
The TSF shall require each user to be successfully authenticated before allowing
mediated actions on behalf of that user.
Timing of identification
The TSF shall allow GET DATA, SELECT FILE on behalf of the user to be performed
The TSF shall require each user to be successfully identified before allowing any
mediated actions on behalf of that user.
Single-use authentication mechanisms
The TSF shall prevent reuse of authentication data related to
1. Authentication Mechanisms based on 3DES
Single-use authentication mechanisms
The TSF shall prevent reuse of authentication data related to
1. Authentication Mechanisms based on AES
tiple authentication mechanisms
The TSF shall provide
1. Symmetric Authentication Mechanism based on 3DES
Public Security Target BAC
420, rue d’Estienne d’Orves -
When the defined number of unsuccessful authentication attempts has been met,
on behalf of the user to be performed
The TSF shall require each user to be successfully authenticated before allowing
on behalf of the user to be performed
The TSF shall require each user to be successfully identified before allowing any
The TSF shall prevent reuse of authentication data related to
The TSF shall prevent reuse of authentication data related to
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FIA_UAU.5.2/MP_3DES The TSF shall authenticate any user's cl
1. The TOE accepts the authentication
Authentication Mechanism with
FIA_UAU.5/MP_AES Multiple authentication mechanisms
FIA_UAU.5.1/MP_AES The TSF shall
1. Symmetric Authentication Mechanism based on AES
to support user authentication.
FIA_UAU.5.2/MP_AES The TSF shall authenticate any user's claimed identity according to the
1. The TOE accepts the authentication
Authentication Mechanism with
FMT_MTD.1/MP Management of TSF data
FMT_MTD.1.1/MP The TSF shall
phase 6 to the Prepersonalizer.
FTP_ITC.1/MP Inter-TSF trusted channel
FTP_ITC.1.1/MP The TSF shall provide a communication channel between itself and another trusted
IT product that is logically distinct from other communication channels and provides assured
identification of its end points and protection of the channel data from modification or disclosure.
FTP_ITC.1.2/MP [Editorially Refined]
communication via the trusted channel.
FTP_ITC.1.3/MP The TSF shall initiate communication via the trusted channel for:
1. Personalization Agent key storage
2. Life cycle transition from Prepersonalization to Personalization phase
FMT_MTD.1/MP_INI_ENA Management of TSF data
FMT_MTD.1.1/MP_INI_ENA The TSF shall
Prepersonalization Data to the Prepersonalizer
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
The TSF shall authenticate any user's claimed identity according to the
authentication attempt as Personalization Agent
with the Personalization Agent Key
Multiple authentication mechanisms
The TSF shall provide
1. Symmetric Authentication Mechanism based on AES
The TSF shall authenticate any user's claimed identity according to the
authentication attempt as Personalization Agent
with Personalization Agent Key
Management of TSF data
The TSF shall restrict the ability to switch the TOE life cycle from phase 5 to
TSF trusted channel
The TSF shall provide a communication channel between itself and another trusted
IT product that is logically distinct from other communication channels and provides assured
identification of its end points and protection of the channel data from modification or disclosure.
Refined] The TSF shall permit the Prepersonalizer
communication via the trusted channel.
hall initiate communication via the trusted channel for:
Personalization Agent key storage
2. Life cycle transition from Prepersonalization to Personalization phase
INI_ENA Management of TSF data
The TSF shall restrict the ability to write the Initialization Data and
the Prepersonalizer.
Public Security Target BAC
420, rue d’Estienne d’Orves -
aimed identity according to the
Personalization Agent by the Symmetric
The TSF shall authenticate any user's claimed identity according to the
Personalization Agent by the Symmetric
TOE life cycle from phase 5 to
The TSF shall provide a communication channel between itself and another trusted
IT product that is logically distinct from other communication channels and provides assured
identification of its end points and protection of the channel data from modification or disclosure.
Prepersonalizer to initiate
hall initiate communication via the trusted channel for:
Initialization Data and
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FMT_MTD.1/MP_INI_DIS Management of TSF data
FMT_MTD.1.1/MP_INI_DIS The TSF shall
Initialization Data to the Personalization Agent
FMT_MTD.1/MP_KEY_READ Management of TSF data
FMT_MTD.1.1/MP_KEY_READ The TSF shall restrict the ability to
identified roles]:
TSF Data
MSK
Personalization Agent Keys
FMT_MTD.1/MP_KEY_WRITE Management of TSF data
FMT_MTD.1.1/MP_KEY_WRITE
identified roles]:
TSF Data
MSK
Personalization Agent Keys
FAU_SAS.1/MP Audit storage
FAU_SAS.1.1/MP The TSF shall provide
Identification Data in the audit records.
FMT_SMF.1/MP Specification of Management Functions
FMT_SMF.1.1/MP The TSF shall be
1. Initialization
2. Pre-personalization
3. Personalization
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
INI_DIS Management of TSF data
The TSF shall restrict the ability to disable read access for users
the Personalization Agent.
KEY_READ Management of TSF data
The TSF shall restrict the ability to read the [data]
Authorized Identified roles
None
None
KEY_WRITE Management of TSF data
The TSF shall restrict the ability to write the [data]
Authorized Identified roles
IC manufacturer (created by the developer)
None
Audit storage
The TSF shall provide the Manufacturer with the capability to store
in the audit records.
Specification of Management Functions
The TSF shall be capable of performing the following management functions:
Public Security Target BAC
420, rue d’Estienne d’Orves -
to disable read access for users to the
[data] to [authorized
[data] to [authorized
IC manufacturer (created by the developer)
with the capability to store the IC
capable of performing the following management functions:
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FMT_SMR.1/MP Security roles
FMT_SMR.1.1/MP The TSF shall maintain the roles
1. Manufacturer
FMT_SMR.1.2/MP The TSF shall be able to associate users with roles.
FPT_EMS.1/MP TOE Emanation
FPT_EMS.1.1/MP The TOE shall not emit
execution in excess of non useful information
1. Prepersonalizer Key
2. Personalization Agent Key
3. MSK
FPT_EMS.1.2/MP The TSF shall ensure
interface smart card circuit contacts
1. Prepersonalizer Key
2. Personalization Agent Key
3. MSK
9.1.3 Active Authentication SFR
FCS_COP.1/AA_DSA Cryptographic operation
FCS_COP.1.1/AA_DSA The TSF shall perform
specified cryptographic algorithm
[cryptographic key sizes] that meet the following
Operation Algorithm
Digital Signature
Creation
RSA signature (CRT or SFM) with
SHA1, 224, 256, 384, 512
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Security roles
The TSF shall maintain the roles
shall be able to associate users with roles.
TOE Emanation
The TOE shall not emit power variations, timing variations during command
non useful information enabling access to
The TSF shall ensure any unauthorized users are unable to use the following
contacts to gain access to
Active Authentication SFR
Cryptographic operation
The TSF shall perform [cryptographic operation] in accordance with a
specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Key length
(bits)
RSA signature (CRT or SFM) with
SHA1, 224, 256, 384, 512
1024 to 4096 with a step
of 256 bits
Public Security Target BAC
420, rue d’Estienne d’Orves -
variations, timing variations during command
are unable to use the following
in accordance with a
and cryptographic key sizes
Standard
1024 to 4096 with a step
[R25]
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FCS_COP.1/AA_ECDSA Cryptographic operation
FCS_COP.1.1/AA_ECDSA The TSF shall perform
specified cryptographic algorithm
[cryptographic key sizes] that meet the following
Operation Algo
Digital Signature
Creation
ECDSA with SHA1, 224, 256, 384,
512
FDP_DAU.1/AA Basic Data Authentication
FDP_DAU.1.1/AA The TSF shall provide a capability to generate evidence that can be used as a
guarantee of the validity of the TOE
FDP_DAU.1.2/AA The TSF shall provide
the indicated information.
Refinement:
Evidence generation and ability of verfying it, constitute the
FDP_ITC.1/AA Import of user data without security attributes
FDP_ITC.1.1/AA The TSF shall enforce the
user data, controlled under the SFP, from outside of the TOE.
FDP_ITC.1.2/AA The TSF shall ignore any security attributes associated with the user data when
imported from outside the TOE.
FDP_ITC.1.3/AA The TSF shall enforc
the SFP from outside the TOE: none
FMT_MTD.1/AA_KEY_READ Management of TSF data
FMT_MTD.1.1/AA_KEY_READ The TSF shall restrict the ability to
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Cryptographic operation
The TSF shall perform [cryptographic operation] in accordance with a
specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Key length
(bits)
ECDSA with SHA1, 224, 256, 384, 192 to 521 over prime
field curves
FDP_DAU.1/AA Basic Data Authentication
The TSF shall provide a capability to generate evidence that can be used as a
TOE itself.
The TSF shall provide any users with the ability to verify evidence of the validity of
Evidence generation and ability of verfying it, constitute the Active Authentication
FDP_ITC.1/AA Import of user data without security attributes
The TSF shall enforce the Active Authentication Access Control
user data, controlled under the SFP, from outside of the TOE.
The TSF shall ignore any security attributes associated with the user data when
The TSF shall enforce the following rules when importing user data controlled under
none.
KEY_READ Management of TSF data
The TSF shall restrict the ability to read the AAK to
Public Security Target BAC
420, rue d’Estienne d’Orves -
in accordance with a
and cryptographic key sizes
Standard
192 to 521 over prime [R25] [R26]
[R27] [R28]
The TSF shall provide a capability to generate evidence that can be used as a
with the ability to verify evidence of the validity of
Active Authentication protocol.
Control SFP when importing
The TSF shall ignore any security attributes associated with the user data when
e the following rules when importing user data controlled under
to none.
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FPT_EMS.1/AA TOE Emanation
FPT_EMS.1.1/AA The TOE shall not emit
execution in excess of non useful information
1. Active Authentication: Private Key (AAK)
FPT_EMS.1.2/AA The TSF shall ensure
interface smart card circuit contacts
1. Active Authentication: Private Key (AAK)
FMT_MOF.1/AA Management of security functi
FMT_MOF.1.1/AA The TSF shall restrict the ability to
Authentication to Personalization Agent
FMT_MTD.1/AA_KEY_WRITE Management of TSF data
FMT_MTD.1.1/AA_KEY_WRITE T
Agent.
9.1.4 Basic Access Control SFR
9.1.4.1 Common Basic Access Control SFR
FCS_CKM.1/BAC Cryptographic key generation
FCS_CKM.1.1/BAC The TSF shall generate cryptographic keys in accordance with a specified
cryptographic key generation algorithm
cryptographic key sizes [key length]
Cryptographic key generation algorithm
Document Basic Access Key Derivation Algorithm
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
TOE Emanation
The TOE shall not emit power variations, timing variations during command
non useful information enabling access to
1. Active Authentication: Private Key (AAK)
The TSF shall ensure any unauthorized users are unable to use the following
contacts to gain access to
1. Active Authentication: Private Key (AAK)
FMT_MOF.1/AA Management of security functions behaviour
The TSF shall restrict the ability to disable and enable the functions
Personalization Agent.
KEY_WRITE Management of TSF data
The TSF shall restrict the ability to write the AAK
Basic Access Control SFR
Common Basic Access Control SFR
Cryptographic key generation
The TSF shall generate cryptographic keys in accordance with a specified
cryptographic key generation algorithm [cryptographic key generation algorithm]
[key length] that meet the following [standard]:
key generation algorithm
Key length
(bits)
Document Basic Access Key Derivation Algorithm 112
Public Security Target BAC
420, rue d’Estienne d’Orves -
variations, timing variations during command
are unable to use the following
the functions TSF Active
AAK to Personalization
The TSF shall generate cryptographic keys in accordance with a specified
[cryptographic key generation algorithm] and specified
Standards
[R2]
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FCS_COP.1/BAC_AUTH Cryptographic operation
FCS_COP.1.1/BAC_AUTH The TSF shall perform
specified cryptographic algorithm
[cryptographic key sizes] that meet the following
Cryptographic operation
Symmetric authentication, encryption and decryption
FCS_COP.1/BAC_SHA Cryptographic operation
FCS_COP.1.1/BAC_SHA The TSF shall perform
specified cryptographic algorithm
[cryptographic key sizes] that meet the following
Cryptographic operation
Hashing
FCS_COP.1/BAC_ENC Cryptographic operation
FCS_COP.1.1/BAC_ENC The TSF shall perform
specified cryptographic algorithm
[cryptographic key sizes] that meet the following
Cryptographic operation
Secure Messaging (BAC) – encryption and
decryption
FCS_COP.1/BAC_MAC Cryptographic operation
FCS_COP.1.1/BAC_MAC The TSF shall perform
specified cryptographic algorithm
[cryptographic key sizes] that meet the following
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Cryptographic operation
The TSF shall perform [cryptographic operation] in accordance with a
specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Algo
Key length
(bits)
encryption and decryption 3DES 112
Cryptographic operation
The TSF shall perform [cryptographic operation] in accordance with a
specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Algo
Key length
(bits)
SHA1 None
Cryptographic operation
The TSF shall perform [cryptographic operation] in accordance with a
specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Algo
Key length
(bits)
encryption and
3DES in CBC mode 112
Cryptographic operation
The TSF shall perform [cryptographic operation] in accordance with a
specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
that meet the following [standard]:
Public Security Target BAC
420, rue d’Estienne d’Orves -
in accordance with a
and cryptographic key sizes
Key length
Standard
[R35]
in accordance with a
and cryptographic key sizes
Key length
Standard
[R27]
in accordance with a
and cryptographic key sizes
Key length
Standard
[R35][R32]
in accordance with a
and cryptographic key sizes
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Cryptographic operation
Secure Messaging MAC
FDP_UCT.1/BAC Basic data exchange confidentiality
FDP_UCT.1.1/BAC The TSF shall enforce the
data in a manner protected from
FDP_UIT.1/BAC Data exchange integrity
FDP_UIT.1.1/BAC The TSF shall enforce the
data in a manner protected from
FDP_UIT.1.2/BAC The TSF shall be able to determine on receipt of user data, whether
deletion, insertion and replay has occurred
FMT_MTD.1/BAC_KEY_RE
FMT_MTD.1.1/BAC_KEY_READ The TSF shall restrict the ability to
identified roles]:
TSF Data
Document Access Keys
FMT_LIM.1/BAC Limited capabilities
FMT_LIM.1.1/BAC The TSF shall be designed in a manner that limits their capabilities so that in
conjunction with "Limited availability (FMT_LIM.2)" the following policy is enforced
Deploying Test Features after
1. User Data to be disclosed
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Algo
Key length
(bits)
Standard
Retail MAC 112 [R32]
Basic data exchange confidentiality
The TSF shall enforce the Basic Access Control SFP to transmit and r
data in a manner protected from unauthorised disclosure.
Data exchange integrity
The TSF shall enforce the Basic Access Control SFP to transmit and r
nner protected from modification, deletion, insertion and replay errors
The TSF shall be able to determine on receipt of user data, whether
has occurred
KEY_READ Management of TSF data
The TSF shall restrict the ability to read the [data]
Authorized Identified roles
None
Limited capabilities
The TSF shall be designed in a manner that limits their capabilities so that in
conjunction with "Limited availability (FMT_LIM.2)" the following policy is enforced
after TOE Delivery does not allow
Public Security Target BAC
420, rue d’Estienne d’Orves -
transmit and receive user
transmit and receive user
errors
The TSF shall be able to determine on receipt of user data, whether modification,
[data] to [authorized
The TSF shall be designed in a manner that limits their capabilities so that in
conjunction with "Limited availability (FMT_LIM.2)" the following policy is enforced:
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FMT_LIM.2/BAC Limited availability
FMT_LIM.2.1/BAC The TSF shall be designed in a manner that limits their availability so that in
conjunction with "Limited capabilities (FMT_LIM.1
Deploying Test Features after TOE
1. User Data to be disclosed
FPT_TST.1/BAC TSF testing
FPT_TST.1.1/BAC The TSF shall run a suite of self tests
TSF, at the conditions:
- When performing a BAC authentication
FPT_TST.1.2/BAC The TSF shall provide authorised users with the capability to verify the integrity of
TSF data.
FPT_TST.1.3/BAC The TSF shall provide authorised users with the capability to verify the integrity of
stored TSF executable code.
FMT_MTD.1/BAC_KEY_WRITE
FMT_MTD.1.1/BAC_KEY_WRITE
[authorized identified roles]:
List of TSF data
Write Document Basic Access Keys
9.1.4.2 Specific Basic Access Control SFR
FDP_ACC.1/BAC Complete access control
FDP_ACC.1.1/BAC The TSF shall enforce the
read and modification access to data in the EF.COM, EF.SOD, EF.DG1 to EF.DG16
among subjects and objects covered by t
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Limited availability
The TSF shall be designed in a manner that limits their availability so that in
conjunction with "Limited capabilities (FMT_LIM.1)" the following policy is enforced
TOE Delivery does not allow
TSF testing
The TSF shall run a suite of self tests to demonstrate the correct operation of
performing a BAC authentication
The TSF shall provide authorised users with the capability to verify the integrity of
The TSF shall provide authorised users with the capability to verify the integrity of
/BAC_KEY_WRITE Management of TSF data
/BAC_KEY_WRITE The TSF shall restrict the ability to [selection the
Authorised role
Document Basic Access Keys Personalization Agent
Specific Basic Access Control SFR
Complete access control
The TSF shall enforce the Basic Access Control SFP on terminals gaining write,
read and modification access to data in the EF.COM, EF.SOD, EF.DG1 to EF.DG16
among subjects and objects covered by the SFP.
Public Security Target BAC
420, rue d’Estienne d’Orves -
The TSF shall be designed in a manner that limits their availability so that in
)" the following policy is enforced:
to demonstrate the correct operation of the
The TSF shall provide authorised users with the capability to verify the integrity of
The TSF shall provide authorised users with the capability to verify the integrity of
the [list of TSF data] to
terminals gaining write,
read and modification access to data in the EF.COM, EF.SOD, EF.DG1 to EF.DG16 and all operations
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FDP_ACF.1/BAC Security attribute based access control
FDP_ACF.1.1/BAC The TSF shall enforce the
following:
1. Subjects:
a. Personalization Agent
b. Basic Inspection System
c. Terminal
2. Objects:
a. data EF.DG1 to EF.DG16 of the logical MRTD
b. data in EF.COM
c. data in EF.SOD
3. Security attributes:
a. authentication status of terminals
FDP_ACF.1.2/BAC The TSF shall enforce the following rules to determine if an operation
controlled subjects and controlled objects is allowed:
1. the successfully authenticated Personalization Agent is allowed to write and read the data of the
EF.COM, EF.SOD, EF.DG1 to EF.DG16 of the logical MRTD
2. the successfully authenticated Basic
EF.SOD, EF.DG1, EF.DG2 and EF.DG5 to EF.DG16 of the logical MRTD
FDP_ACF.1.3/BAC The TSF shall explicitly authorise access of subjects to objects based on the
following additional rules: none.
FDP_ACF.1.4/BAC The TSF shall explicitly deny access of subjects to objects based on the following
additional rules:
1. Any terminal is not allowed to modify any of the EF.DG1 to EF.DG16 of the logical MRTD
2. Any terminal is not allowed to read any of the EF
3. The Basic Inspection System is not allowed to read the data in EF.DG3 and EF.DG4.
FMT_SMR.1/BAC Security roles
FMT_SMR.1.1/BAC The TSF shall maintain the roles
1. Basic Inspection System
FMT_SMR.1.2/BAC The TSF shall be able to associate users with roles.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Security attribute based access control
The TSF shall enforce the Basic Access Control SFP to objects based on the
a. Personalization Agent
b. Basic Inspection System
o EF.DG16 of the logical MRTD
a. authentication status of terminals
The TSF shall enforce the following rules to determine if an operation
controlled subjects and controlled objects is allowed:
1. the successfully authenticated Personalization Agent is allowed to write and read the data of the
EF.COM, EF.SOD, EF.DG1 to EF.DG16 of the logical MRTD
2. the successfully authenticated Basic Inspection System is allowed to read the data in EF.COM,
EF.SOD, EF.DG1, EF.DG2 and EF.DG5 to EF.DG16 of the logical MRTD
The TSF shall explicitly authorise access of subjects to objects based on the
none.
The TSF shall explicitly deny access of subjects to objects based on the following
1. Any terminal is not allowed to modify any of the EF.DG1 to EF.DG16 of the logical MRTD
2. Any terminal is not allowed to read any of the EF.DG1 to EF.DG16 of the logical MRTD
3. The Basic Inspection System is not allowed to read the data in EF.DG3 and EF.DG4.
Security roles
The TSF shall maintain the roles
The TSF shall be able to associate users with roles.
Public Security Target BAC
420, rue d’Estienne d’Orves -
to objects based on the
The TSF shall enforce the following rules to determine if an operation among
1. the successfully authenticated Personalization Agent is allowed to write and read the data of the
Inspection System is allowed to read the data in EF.COM,
The TSF shall explicitly authorise access of subjects to objects based on the
The TSF shall explicitly deny access of subjects to objects based on the following
1. Any terminal is not allowed to modify any of the EF.DG1 to EF.DG16 of the logical MRTD
.DG1 to EF.DG16 of the logical MRTD
3. The Basic Inspection System is not allowed to read the data in EF.DG3 and EF.DG4..
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FIA_AFL.1/BAC Authentication failure handling
FIA_AFL.1.1/BAC The TSF shall detect when
range of acceptable values 0 to 255 consecutive
to BAC authentication protocol
FIA_AFL.1.2/BAC When the defined number of unsuccessful authentication attempts has been
or surpassed the TSF shall wait for an increasing time betw
and sending of the TSF response during the BAC authentication attempts
FIA_UAU.6/BAC Re-authenticating
FIA_UAU.6.1/BAC The TSF shall re
to the TOE after successful authentication of the terminal with Basic Access Control Authentication
Mechanism
FIA_UID.1/BAC Timing of identification
FIA_UID.1.1/BAC The TSF shall allow
1. To read the Initialization Data in Phase 2 “Manufacturing”
2. To read the random identifier in Phase 3 “Personalization of the MRTD”
3. To read the random identifier in Phase 4 “Operational Use”
on behalf of the user to be performed before the user is identified.
FIA_UID.1.2/BAC The TSF shall require each user to be successfully identified before allowing any
other TSF-mediated actions on behalf of that user
FIA_UAU.1/BAC Timing of authentication
FIA_UAU.1.1/BAC The TSF shall allow
1. To read the Initialization Data in Phase 2 “Manufacturing”
2. To read the random identifier in Phase 3 “Personalization of the MRTD”
3. To read the random identifier in Phase 4 “ Operationa Use”
on behalf of the user to be performed before the user is authenticated.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Authentication failure handling
The TSF shall detect when an administrator configurable positive integer within
0 to 255 consecutive unsuccessful authentication attempts occur related
When the defined number of unsuccessful authentication attempts has been
wait for an increasing time between receiving of the terminal challenge
and sending of the TSF response during the BAC authentication attempts
authenticating
The TSF shall re-authenticate the user under the conditions
after successful authentication of the terminal with Basic Access Control Authentication
Timing of identification
The TSF shall allow
Data in Phase 2 “Manufacturing”
2. To read the random identifier in Phase 3 “Personalization of the MRTD”
3. To read the random identifier in Phase 4 “Operational Use”
on behalf of the user to be performed before the user is identified.
The TSF shall require each user to be successfully identified before allowing any
mediated actions on behalf of that user
Timing of authentication
The TSF shall allow
ation Data in Phase 2 “Manufacturing”
2. To read the random identifier in Phase 3 “Personalization of the MRTD”
3. To read the random identifier in Phase 4 “ Operationa Use”
on behalf of the user to be performed before the user is authenticated.
Public Security Target BAC
420, rue d’Estienne d’Orves -
an administrator configurable positive integer within
unsuccessful authentication attempts occur related
When the defined number of unsuccessful authentication attempts has been met
een receiving of the terminal challenge
authenticate the user under the conditions each command sent
after successful authentication of the terminal with Basic Access Control Authentication
The TSF shall require each user to be successfully identified before allowing any
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FIA_UAU.1.2/BAC The TSF shall require each user to be successfully authenticated before allowing
any other TSF-mediated actions on behalf of that user.
FIA_UAU.4/BAC Single-use authentication mechanisms
FIA_UAU.4.1/BAC The TSF shall prevent r
1. Basic Access Control Authentication Mechanism
FIA_UAU.5/BAC Multiple authentication mechanisms
FIA_UAU.5.1/BAC The TSF shall provide
1. Basic Access Control Authentication Mechanism
to support user authentication.
FIA_UAU.5.2/BAC The TSF shall authenticate any user's cl
1. The TOE accepts the authentication
Basic Access Control Authentication Mechani
9.1.5 Chip Authentication SFR
FIA_API.1/CA Authentication Proof of Identity
FIA_API.1.1/CA The TSF shall provide a
identity of the TOE.
FCS_CKM.1/CA_DH_SM_3DES
FCS_CKM.1.1/CA_DH_SM_3DES
specified cryptographic key generation algorithm
specified cryptographic key sizes
Cryptographic key generation algorithm
Algorithm based on the Key Diffie
protocol compliant to PKCS#3
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
The TSF shall require each user to be successfully authenticated before allowing
mediated actions on behalf of that user.
use authentication mechanisms
The TSF shall prevent reuse of authentication data related to
Basic Access Control Authentication Mechanism
Multiple authentication mechanisms
The TSF shall provide
Authentication Mechanism
The TSF shall authenticate any user's claimed identity according to the
authentication attempt as Basic Inspection System only by means of the
Basic Access Control Authentication Mechanism with the Document Basic Access Keys
Chip Authentication SFR
FIA_API.1/CA Authentication Proof of Identity
The TSF shall provide a Chip Authentication protocol according to
/CA_DH_SM_3DES Cryptographic key generation
ES The TSF shall generate cryptographic keys in accordance with a
specified cryptographic key generation algorithm [cryptographic key generation algorithm]
specified cryptographic key sizes [key length] that meet the following [standard]
Cryptographic key generation algorithm Key length (bits)
Algorithm based on the Key Diffie-Hellman key derivation
112
Public Security Target BAC
420, rue d’Estienne d’Orves -
The TSF shall require each user to be successfully authenticated before allowing
aimed identity according to the
Basic Inspection System only by means of the
sm with the Document Basic Access Keys
protocol according to [R39] to prove the
The TSF shall generate cryptographic keys in accordance with a
[cryptographic key generation algorithm] and
[standard]:
Key length (bits) Standards
[R2]
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FCS_CKM.1/CA_DH_SM_AES
FCS_CKM.1.1/CA_DH_SM_AES The TSF shall generate cryptographic keys in accordance with a
specified cryptographic key generation algorithm
specified cryptographic key sizes
Cryptographic key generation algorithm
Algorithm based on the Key Diffie
protocol compliant to PKCS#3
FCS_CKM.1/CA_ECDH_SM_3DES
FCS_CKM.1.1/CA_ECDH_SM_3DES
specified cryptographic key generation algorithm
specified cryptographic key sizes
Cryptographic key generation algorithm
Algorithm based on ECDH key derivation protocol compliant to
ISO 15946
FCS_CKM.1/CA_ECDH_SM_AES
FCS_CKM.1.1/CA_ECDH_SM_AES
specified cryptographic key generation algorithm
specified cryptographic key sizes
Cryptographic key generation algorithm
Algorithm based on ECDH key derivation protocol compliant to
ISO 15946
FCS_COP.1/CA_SHA_SM_3DES
FCS_COP.1.1/CA_SHA_SM_3DES
cryptographic algorithm [cryptographic algorithm]
meet the following [standard]:
Cryptographic algorithm Key length
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
/CA_DH_SM_AES Cryptographic key generation
The TSF shall generate cryptographic keys in accordance with a
specified cryptographic key generation algorithm [cryptographic key generation algorithm]
specified cryptographic key sizes [key length] that meet the following [standard]
key generation algorithm Key length (bits)
Algorithm based on the Key Diffie-Hellman key derivation
128, 192, 256
/CA_ECDH_SM_3DES Cryptographic key generation
/CA_ECDH_SM_3DES The TSF shall generate cryptographic keys in accordance with a
specified cryptographic key generation algorithm [cryptographic key generation algorithm]
specified cryptographic key sizes [key length] that meet the following [standard]
key generation algorithm Key length (bits)
Algorithm based on ECDH key derivation protocol compliant to
112
/CA_ECDH_SM_AES Cryptographic key generation
/CA_ECDH_SM_AES The TSF shall generate cryptographic keys in accordance with a
specified cryptographic key generation algorithm [cryptographic key generation algorithm]
specified cryptographic key sizes [key length] that meet the following [standard]
key generation algorithm Key length (bits)
Algorithm based on ECDH key derivation protocol compliant to
128, 192, 256
/CA_SHA_SM_3DES Cryptographic key generation
/CA_SHA_SM_3DES The TSF shall perform hashing in accordance with a specified
[cryptographic algorithm] and cryptographic key sizes
Key length Standards
Public Security Target BAC
420, rue d’Estienne d’Orves -
The TSF shall generate cryptographic keys in accordance with a
[cryptographic key generation algorithm] and
[standard]:
Key length (bits) Standards
128, 192, 256 [R2]
The TSF shall generate cryptographic keys in accordance with a
[cryptographic key generation algorithm] and
[standard]:
Key length (bits) Standards
[R2]
The TSF shall generate cryptographic keys in accordance with a
[cryptographic key generation algorithm] and
[standard]:
Key length (bits) Standards
128, 192, 256 [R2]
in accordance with a specified
cryptographic key sizes [key length] that
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
(bits)
SHA1 None
FCS_COP.1/CA_SHA_SM_AES
FCS_COP.1.1/CA_SHA_SM_AES
cryptographic algorithm [cryptographic algorithm]
meet the following [standard]:
Cryptographic algorithm
Key length
(bits)
SHA1 and SHA256 None
FCS_COP.1/CA_SYM_SM_3DES
FCS_COP.1.1/CA_SYM_SM_3DES
accordance with a specified cryptographic algorithm
key sizes [key length] that meet the following
Cryptographic algorithm
Key length
(bits)
3DES CBC mode 112
FCS_COP.1/CA_SYM_SM_AES
FCS_COP.1.1/CA_SYM_SM_AES
with a specified cryptographic algorithm
length] that meet the following [standard]
Cryptographic algorithm
Key length
(bits)
AES 128, 192 and 256
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
(bits)
None [R27]
/CA_SHA_SM_AES Cryptographic key generation
The TSF shall perform hashing in accordance with a specified
[cryptographic algorithm] and cryptographic key sizes
Key length
(bits)
Standards
None [R27]
/CA_SYM_SM_3DES Cryptographic key generation
/CA_SYM_SM_3DES The TSF shall perform SM encryption and
accordance with a specified cryptographic algorithm [cryptographic algorithm]
that meet the following [standard]:
Key length
(bits)
Standards
112 [R27]
/CA_SYM_SM_AES Cryptographic key generation
The TSF shall perform SM encryption and decryption
with a specified cryptographic algorithm [cryptographic algorithm] and cryptographic key sizes
[standard]:
Key length
(bits)
Standards
128, 192 and 256 [R27]
Public Security Target BAC
420, rue d’Estienne d’Orves -
in accordance with a specified
cryptographic key sizes [key length] that
SM encryption and decryption in
[cryptographic algorithm] and cryptographic
decryption in accordance
cryptographic key sizes [key
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FCS_COP.1/CA_MAC_SM_3DES
FCS_COP.1.1/CA_MAC_SM_3DES
accordance with a specified cryptographic algorithm
key sizes [key length] that meet the following
Cryptographic algorithm
Key length
(bits)
3DES Retail MAC 112
FCS_COP.1/CA_MAC_SM_AES
FCS_COP.1.1/CA_MAC_SM_AES
accordance with a specified cryptographic algorithm
key sizes [key length] that meet the following
Cryptographic algorithm
Key length
(bits)
AES CMAC 128, 192 and 256
FDP_ITC.1/CA Import of user data without security attributes
FDP_ITC.1.1/CA The TSF shall enforce the
user data, controlled under the SFP, from outside of the TOE.
FDP_ITC.1.2/CA The TSF shall ignore any security attributes associated with the user data when
imported from outside the TOE.
FDP_ITC.1.3/CA The TSF shall enforce th
the SFP from outside the TOE: none
FIA_UAU.1/CA Timing of authentication
FIA_UAU.1.1/CA The TSF shall allow:
1. To establish the communication channel
2. To read the Initialization Data if it is not disabled by TSF according to FMT_MTD.1/INI_DIS
3. To identify themselves by selection of the authentication key
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
/CA_MAC_SM_3DES Cryptographic key generation
/CA_MAC_SM_3DES The TSF shall perform SM message authentication code
accordance with a specified cryptographic algorithm [cryptographic algorithm]
that meet the following [standard]:
Key length
(bits)
Standards
112 [R39]
/CA_MAC_SM_AES Cryptographic key generation
/CA_MAC_SM_AES The TSF shall perform SM message authentication code
accordance with a specified cryptographic algorithm [cryptographic algorithm]
that meet the following [standard]:
Key length
(bits)
Standards
128, 192 and 256 [R39]
FDP_ITC.1/CA Import of user data without security attributes
The TSF shall enforce the Chip Authentication Access Control
user data, controlled under the SFP, from outside of the TOE.
The TSF shall ignore any security attributes associated with the user data when
The TSF shall enforce the following rules when importing user data controlled under
none.
Timing of authentication
The TSF shall allow:
1. To establish the communication channel
ization Data if it is not disabled by TSF according to FMT_MTD.1/INI_DIS
3. To identify themselves by selection of the authentication key
Public Security Target BAC
420, rue d’Estienne d’Orves -
authentication code in
[cryptographic algorithm] and cryptographic
SM message authentication code in
[cryptographic algorithm] and cryptographic
SFP when importing
The TSF shall ignore any security attributes associated with the user data when
e following rules when importing user data controlled under
ization Data if it is not disabled by TSF according to FMT_MTD.1/INI_DIS
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
4. To carry out the Chip Authentication Protocol
on behalf of the user to be performed before the user is authenticated.
FIA_UAU.1.2/CA The TSF shall require each user to be successfully authenticated before allowing any
other TSF-mediated actions on behalf of that user.
FIA_UAU.5/CA_3DES Multiple authentication mechanisms
FIA_UAU.5.1/CA_3DES The TSF shall provide
1. Secure Messaging in MAC-ENC mode
2. Symmetric Authentication Mechanism based on 3DES
to support user authentication.
FIA_UAU.5.2/CA_3DES The TSF shall authen
1. After run of the Chip Authentication Protocol the TOE accepts only received commands with
correct message authentication code sent by means of secure messaging with key agreed with the
terminal by means of the Chip Authentication Mechanism
FIA_UAU.5/CA_AES Multiple authentication mechanisms
FIA_UAU.5.1/CA_AES The TSF shall provide
1. Secure Messaging in MAC-ENC mode
2. Symmetric Authentication Mechanism based on AES
to support user authentication.
FIA_UAU.5.2/CA_AES The TSF shall authenticate any user's claimed identity according to the
1. After run of the Chip Authentication Protocol the TOE accepts only received commands with
correct message authentication code sent
terminal by means of the Chip Authentication Mechanism
FIA_UAU.6/CA Re-authenticating
FIA_UAU.6.1/CA The TSF shall re
the TOE after successful run of the CA shall be verified as being sent by the inspection system
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
4. To carry out the Chip Authentication Protocol
behalf of the user to be performed before the user is authenticated.
The TSF shall require each user to be successfully authenticated before allowing any
mediated actions on behalf of that user.
FIA_UAU.5/CA_3DES Multiple authentication mechanisms
The TSF shall provide
ENC mode
2. Symmetric Authentication Mechanism based on 3DES
The TSF shall authenticate any user's claimed identity according to the
After run of the Chip Authentication Protocol the TOE accepts only received commands with
correct message authentication code sent by means of secure messaging with key agreed with the
s of the Chip Authentication Mechanism
Multiple authentication mechanisms
The TSF shall provide
ENC mode
2. Symmetric Authentication Mechanism based on AES
The TSF shall authenticate any user's claimed identity according to the
After run of the Chip Authentication Protocol the TOE accepts only received commands with
correct message authentication code sent by means of secure messaging with key agreed with the
terminal by means of the Chip Authentication Mechanism
authenticating
The TSF shall re-authenticate the user under the conditions each command sent t
after successful run of the CA shall be verified as being sent by the inspection system
Public Security Target BAC
420, rue d’Estienne d’Orves -
The TSF shall require each user to be successfully authenticated before allowing any
aimed identity according to the
After run of the Chip Authentication Protocol the TOE accepts only received commands with
correct message authentication code sent by means of secure messaging with key agreed with the
The TSF shall authenticate any user's claimed identity according to the
After run of the Chip Authentication Protocol the TOE accepts only received commands with
by means of secure messaging with key agreed with the
each command sent to
after successful run of the CA shall be verified as being sent by the inspection system
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FIA_UID.1/CA Timing of identification
FIA_UID.1.1/CA The TSF shall allow
1. To establish the communication channel
2. To read the Initialization Data if it is not disbled by TSF according to FMT_MTD.1/INI_DIS
3. To carry out th Chip Authentication Protocol
on behalf of the user to be performed before the user is identified.
FIA_UID.1.2/CA The TSF shall require each
other TSF-mediated actions on behalf of that user.
FPT_EMS.1/CA TOE Emanation
FPT_EMS.1.1/CA The TOE shall not emit
execution in excess of non useful information
1. Chip Authentication: Session Keys, Private Key (CAK)
FPT_EMS.1.2/CA The TSF shall ensure
interface smart card circuit contacts
1. Active Authentication: Session Keys, Private Key (CAK)
FPT_TST.1/CA TSF testing
FPT_TST.1.1/CA The TSF shall run a suite of self tests
TSF, at the conditions:
- When performing the Chip Authentication
FPT_TST.1.2/CA The TSF shall provide authorised users with the capability to verify the integrity of
TSF data.
FPT_TST.1.3/CA The TSF shall provide authorised users with the capability to verify the integrity of
stored TSF executable code.
FMT_MTD.1/CA_KEY_WRITE
FMT_MTD.1.1/CA_KEY_WRITE The TSF shall restrict the ability to
Agent.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Timing of identification
The TSF shall allow
1. To establish the communication channel
2. To read the Initialization Data if it is not disbled by TSF according to FMT_MTD.1/INI_DIS
3. To carry out th Chip Authentication Protocol
on behalf of the user to be performed before the user is identified.
The TSF shall require each user to be successfully identified before allowing any
mediated actions on behalf of that user.
TOE Emanation
The TOE shall not emit power variations, timing variations during command
non useful information enabling access to
1. Chip Authentication: Session Keys, Private Key (CAK)
The TSF shall ensure any unauthorized users are unable to use the following
contacts to gain access to
1. Active Authentication: Session Keys, Private Key (CAK)
TSF testing
The TSF shall run a suite of self tests to demonstrate the correct operation of
performing the Chip Authentication
The TSF shall provide authorised users with the capability to verify the integrity of
The TSF shall provide authorised users with the capability to verify the integrity of
WRITE Management of TSF data
The TSF shall restrict the ability to write the CAK
Public Security Target BAC
420, rue d’Estienne d’Orves -
2. To read the Initialization Data if it is not disbled by TSF according to FMT_MTD.1/INI_DIS
user to be successfully identified before allowing any
variations, timing variations during command
are unable to use the following
to demonstrate the correct operation of the
The TSF shall provide authorised users with the capability to verify the integrity of
The TSF shall provide authorised users with the capability to verify the integrity of
AK to Personalization
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FMT_MTD.1/CA_KEY_READ
FMT_MTD.1.1/CA_KEY_READ The TSF shall restrict the ability to
FDP_UCT.1/CA Basic data exchange confidentiality
FDP_UCT.1.1/CA [Editorially Refined]
receive user data in a manner protected from
protocol.
FDP_UIT.1/CA Data exchange integrity
FDP_UIT.1.1/CA [Editorially Refined]
receive user data in a manner protected from
after Chip Authentication protocol
FDP_UIT.1.2/CA [Editorially Refined]
whether modification, deletion, insertion and replay
protocol
9.2 Security Assurance Requirements
The security assurance requirement level is EAL4 augmented with ALC_DVS.2, ADV_FSP.5,
ADV_INT.2, ADV_TDS.4, ALC_CMS.5, ALC_TAT.2 and ATE_DPT.3.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
KEY_READ Management of TSF data
The TSF shall restrict the ability to read the CAK to
Basic data exchange confidentiality
[Editorially Refined] The TSF shall enforce the Access Control
user data in a manner protected from unauthorised disclosure after Chip Authentication
Data exchange integrity
[Editorially Refined] The TSF shall enforce the Access Control SFP
user data in a manner protected from modification, deletion, insertion and replay
after Chip Authentication protocol
[Editorially Refined] The TSF shall be able to determine on receipt of user data
, deletion, insertion and replay has occurred after Chip Authentication
Security Assurance Requirements
The security assurance requirement level is EAL4 augmented with ALC_DVS.2, ADV_FSP.5,
ADV_TDS.4, ALC_CMS.5, ALC_TAT.2 and ATE_DPT.3.
Public Security Target BAC
420, rue d’Estienne d’Orves -
to none.
SFP to transmit and
after Chip Authentication
Control SFP to transmit and
, deletion, insertion and replay errors
The TSF shall be able to determine on receipt of user data,
after Chip Authentication
The security assurance requirement level is EAL4 augmented with ALC_DVS.2, ADV_FSP.5,
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
10 TOE SUMMARY SPECIFIC
10.1 TOE Summary Specification
Access Control in reading
This function controls access to read functions and enforces the security policy for data
Prior to any data retrieval, it authenticates the actor trying to access the data, and checks the access
conditions are fulfilled as well as the life cycle state.
It ensures that at any time, the following keys are never readable:
- BAC keys
- Chip Authentication keys,
- Active Authentication private key
- Personalization Agent keys
- MSK and LSK
It controls access to the CPLC data as well:
- It ensures the CPLC data can be read during the personalization phase
- It ensures it can not be readable in free mode
Regarding the file structure:
In the operational use:
- The terminal can read user data, the Document Security Object, EF.COM only after BAC
authentication and through a valid secure channel.
In the personalization phase
- The Personalization Agent
the TOE (using its authentication keys).
It ensures as well that no other part of the
Access Control in writing
This function controls access to write functions (in EEPROM) and enforces the security policy for data
writing. Prior to any data update, it authenticates the actor, and checks the access conditions are
fulfilled as well as the life cycle state.
It ensures as well the CPLC data can not be written anymore once the TOE is personalized and that it
is not possible to load an additional code.
Regarding the file structure
In the operational use: It is not possible to create any files (s
not possible to update any system files. However
- the application data is still accessed internally by the application for its own needs
In the personalization phase
- The Personalization Agent
files it needs after it is authenticated by the TOE (using its authentication keys.
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
TOE SUMMARY SPECIFICATION
TOE Summary Specification
This function controls access to read functions and enforces the security policy for data
Prior to any data retrieval, it authenticates the actor trying to access the data, and checks the access
conditions are fulfilled as well as the life cycle state.
It ensures that at any time, the following keys are never readable:
keys,
private key
keys
It controls access to the CPLC data as well:
It ensures the CPLC data can be read during the personalization phase
It ensures it can not be readable in free mode at the end of the personalization step
The terminal can read user data, the Document Security Object, EF.COM only after BAC
authentication and through a valid secure channel.
Personalization Agent can read all the data stored in the TOE after it is authenticated by
the TOE (using its authentication keys).
It ensures as well that no other part of the memory can be accessed at anytime
This function controls access to write functions (in EEPROM) and enforces the security policy for data
writing. Prior to any data update, it authenticates the actor, and checks the access conditions are
fe cycle state.
It ensures as well the CPLC data can not be written anymore once the TOE is personalized and that it
is not possible to load an additional code.
In the operational use: It is not possible to create any files (system or data files). Furthermore, it is
not possible to update any system files. However
the application data is still accessed internally by the application for its own needs
Personalization Agent can create and write through a valid secure channel all the data
files it needs after it is authenticated by the TOE (using its authentication keys.
Public Security Target BAC
420, rue d’Estienne d’Orves -
This function controls access to read functions and enforces the security policy for data retrieval.
Prior to any data retrieval, it authenticates the actor trying to access the data, and checks the access
at the end of the personalization step
The terminal can read user data, the Document Security Object, EF.COM only after BAC
can read all the data stored in the TOE after it is authenticated by
This function controls access to write functions (in EEPROM) and enforces the security policy for data
writing. Prior to any data update, it authenticates the actor, and checks the access conditions are
It ensures as well the CPLC data can not be written anymore once the TOE is personalized and that it
ystem or data files). Furthermore, it is
the application data is still accessed internally by the application for its own needs
ough a valid secure channel all the data
files it needs after it is authenticated by the TOE (using its authentication keys.
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
Active Authentication
This security functionality ensures the
is activated by the personnalizer).
BAC mechanism
This security functionality ensures the BAC is correctly performed. It can only be performed once the
TOE is personalized with the symmetric BAC keys the
during the personalization phase. Furthermore, this security f
are destroyed at the end of each BAC session.
Chip Authentication
This security functionality ensures the
activated by the personnalizer). It could be used as an alternative of
reinforce the Authentication of the Chip. It differs from an EAC not performing the Terminal
Authentication.
Personalization
This security functionality ensures the TOE, when delivered to the Personnali
an authentication prior to any data exchange. This authentication is based on a symmetric
Authentication mechanism based on a Triple DES or AES algorithm.
Messaging described in the TSF Secure Messaging.
Physical protection
This security functionality protects the TOE against physical attacks.
Prepersonalization
This security functionality ensures the TOE, when delivered to the P
demands an authentication prior to any data exchange. This authentication is based on a symmetric
Authentication mechanism based on a Triple DES or AES algorithm.
initializing the product and loading additional code
TSF can use a Secure Messaging described in the TSF Secure Messaging.
Safe state management
This security functionalities ensures th
- an integrity error is detected by F.SELFTESTS
- a tearing occurs (during a copy of data in EEPROM)
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
This security functionality ensures the Active Authentication is performed as described in
ctivated by the personnalizer).
This security functionality ensures the BAC is correctly performed. It can only be performed once the
TOE is personalized with the symmetric BAC keys the Personalization Agent
during the personalization phase. Furthermore, this security functionalities ensures the session keys
of each BAC session.
This security functionality ensures the Chip Authentication is performed as described in
activated by the personnalizer). It could be used as an alternative of Active Authentication
reinforce the Authentication of the Chip. It differs from an EAC not performing the Terminal
This security functionality ensures the TOE, when delivered to the Personnalization Agent, demands
an authentication prior to any data exchange. This authentication is based on a symmetric
Authentication mechanism based on a Triple DES or AES algorithm. This TSF can use a Secure
Messaging described in the TSF Secure Messaging.
This security functionality protects the TOE against physical attacks.
This security functionality ensures the TOE, when delivered to the Prepersonnalization A
demands an authentication prior to any data exchange. This authentication is based on a symmetric
Authentication mechanism based on a Triple DES or AES algorithm. This function is in charge of pre
initializing the product and loading additional code if needed. This TSF is conformant with
TSF can use a Secure Messaging described in the TSF Secure Messaging.
This security functionalities ensures that the TOE gets back to a secure state when
an integrity error is detected by F.SELFTESTS
a tearing occurs (during a copy of data in EEPROM)
Public Security Target BAC
420, rue d’Estienne d’Orves -
s described in [R39]. (if it
This security functionality ensures the BAC is correctly performed. It can only be performed once the
Personalization Agent loaded beforehand
unctionalities ensures the session keys
is performed as described in [R39] (if it is
Active Authentication to
reinforce the Authentication of the Chip. It differs from an EAC not performing the Terminal
zation Agent, demands
an authentication prior to any data exchange. This authentication is based on a symmetric
This TSF can use a Secure
ersonnalization Agent,
demands an authentication prior to any data exchange. This authentication is based on a symmetric
This function is in charge of pre-
This TSF is conformant with [R45]. This
k to a secure state when
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
This security functionality ensures that such
card" or becomes mute.
Secure Messaging
This security functionality ensures the confidentiality
between the TOE and the IFD. After a successful BAC authentication, a secure channel is establishe
based on Triple DES algorithm, and after a successful Chip Authentication, a
established based on Triple DES/AES
This security functionality ensures
- No commands were inserted
- The data exchanged remain confidential
If an error occurs in the secure messaging layer, the session keys are destroyed
This Secure Messaging can be combined with the
This TSF can provide a GP Secure Messaging (SCP02 or SCP03) for the Prepersonalization or
Personalization.
Self tests
The TOE performs self tests to verify the integrity
- Before the TSF data usage
- The additional code integrity
- The integrity of keys and sensitive data is ensured
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
This security functionality ensures that such a case occurs, the TOE is either switched in the state "kill
This security functionality ensures the confidentiality, authenticity & integrity of
IFD. After a successful BAC authentication, a secure channel is establishe
based on Triple DES algorithm, and after a successful Chip Authentication, a
/AES algorithms.
This security functionality ensures
No commands were inserted, modified nor deleted within the data flow
The data exchanged remain confidential
If an error occurs in the secure messaging layer, the session keys are destroyed.
This Secure Messaging can be combined with the Active Authentication.
This TSF can provide a GP Secure Messaging (SCP02 or SCP03) for the Prepersonalization or
to verify the integrity on the TSF data:
usage
integrity is checked at each POWER ON of the card
The integrity of keys and sensitive data is ensured
Public Security Target BAC
420, rue d’Estienne d’Orves -
a case occurs, the TOE is either switched in the state "kill
& integrity of the communication
IFD. After a successful BAC authentication, a secure channel is established
based on Triple DES algorithm, and after a successful Chip Authentication, a secure channel is
This TSF can provide a GP Secure Messaging (SCP02 or SCP03) for the Prepersonalization or
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
11 RATIONALES
Threats Security Objectives
T.Chip_ID OT.Identification
T.Skimming OT.Data_Conf
T.Eavesdropping OT.Data_Conf
T.Forgery
OT.AC_Pers
OE.Exam_MRTD
OE.Pass_Auth_Sign
T.Abuse-Func OT.Prot_Abuse
T.Information_Leakage OT.Prot_Inf_Leak
T.Phys-Tamper OT.Prot_Phys
T.Malfunction OT.Prot_Malfunction
T.Counterfeit
OT.AA_Proof
OE.Exam_MRTD_CA
T.Unauthorized_Load OT.Secure _Load_ACode
T.Bad_Activation OT.Secure _AC_Activation
T.TOE_Identification_Forgery OT.TOE_Identification
Table 13- Threats and Security Objectives
OSP Security Objectives
P.Manufact OT.Identification
P.Personalization OT.AC_Pers, OT.Identification
P.Personal_Data OT.Data_Int, OT.Data_Conf
P.Activ_Auth OT.AA_Proof
P.Chip_Auth OT.CA_Proof
Table 14 - OSPs and Security Objectives
Assumptions OE
A.MRTD_Manufact OE.MRTD_Manufact
A.MRTD_Delivery OE.MRTD_ Delivery
A.Pers_Agent OE.Personalization
A.Insp_Sys OE.Exam_MRTD,
A.BAC-Keys OE.BAC-Keys
A.Insp_Sys_CA OE.Prot_Logical_MRTD_CA
A.Insp_Sys_AA OE.Exam_MRTD_AA
A.Signature_PKI OE.Exam_MRTD_
Table 15 - Assumptions and OE
The other rationales are available in the complete ST
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Security Objectives
OT.Identification, OE.BAC-Keys, OT.TOE_Identification
OT.Data_Conf, OE.BAC-Keys
OT.Data_Conf, OE.BAC-Keys
OT.AC_Pers, OE.Personalization, OT.Data_Int, OT.Prot_Phys-Tamper,
Exam_MRTD, OE.Exam_MRTD_CA, OE.Exam_MRTD_AA,
OE.Pass_Auth_Sign, OE.Passive_Auth_Verif
OT.Prot_Abuse-Func, OE.Personalization
OT.Prot_Inf_Leak
OT.Prot_Phys-Tamper
OT.Prot_Malfunction
OT.AA_Proof, OT.Data_Int_AA, OT.CA_Proof, OT.Data_Int_CA,
Exam_MRTD_CA, OE.Activ_Auth_Verif, OE.Auth_Key_MRTD
OT.Secure _Load_ACode
OT.Secure _AC_Activation
OT.TOE_Identification
Threats and Security Objectives – coverage
Security Objectives
OT.Identification, OE.Personalization
OT.Data_Conf, OT.Data_Int_CA, OT.Data_Int_AA
OSPs and Security Objectives – Coverage
OE.MRTD_Manufact
OE.MRTD_ Delivery
OE.Personalization
, OE.Prot_Logical_MRTD
OE.Prot_Logical_MRTD_CA, OE.Exam_MRTD_CA
OE.Exam_MRTD_AA, OE.Prot_Logical_MRTD_AA
OE.Exam_MRTD_CA, OE.Passive_Auth_Verif, OE.Activ_Auth_Sign
Assumptions and OE – Coverage
rationales are available in the complete ST.
Public Security Target BAC
420, rue d’Estienne d’Orves -
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
12 REFERENCES
MRTD specifications
[R1] Machine Readable Travel Documents Technical Report, PKI for Machine Readable Travel
Documents Offering ICC Read
published by authority of the secretary general, International Civil Aviation Organization
[R2] ICAO Doc 9303, Machine Readable Travel Documents, part 1
Passports, Sixth Edition, 2006, International Civil Aviation Organization
[R3] ICAO Doc 9303, Machine Readab
Travel Documents, Specifications for electronically enabled offical travel documents with
biometric identification capabilities (including supplement), ICAO doc 93003, 2008
[R4] Development of a logical
technologies Machine Readable Travel Documents Technical Report, Development of a
Logical Data Structure
1.7, published by authority of the
Organization, LDS 1.7, 2004
[R5] Advanced Security Mechanisms for Machine readable travel documents
Access control (EAC)
[R6] Annex to Section III Security Standards for Machine Reada
from ICAO Doc 9303, Part 1
IDL specifications
[R7] Information Technology
1:Physical characteristics and basic da
[R8] Information Technology
2: Machine-readable technologies, ISO/IEC 18013
[R9] Information Technology
3: Access control, authentication and integrity validation, ISO/IEC 18013
Protection Profiles
[R10] Smartcard IC Platform Protection Profile v 1.0
[R11] Machine readable travel documents with “ICAO Application”, Basic Access contro
PP-0055 v1.10 25th
march 2009
[R12] Machine readable travel documents with “ICAO Application”, Extended Access control
BSI-PP-0056 v1.10 25
[R13] Machine readable travel documents with “ICAO Application”, Extended Access Control
with PACE (EAC PP)
[R14] MRTD with PACE – PP
[R15] E-passport: adaptation and interpretation of e
SGDN/DCSSI/SDR, ref. 10.0.1, February 2007
[R16] Embedded Software for Smart Security Devices, Basic and Extended Configurations,
ANSSi-CC-PP-2009/02, 1/12/2009
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Machine Readable Travel Documents Technical Report, PKI for Machine Readable Travel
Documents Offering ICC Read-Only Access, Version - 1.1, Date
uthority of the secretary general, International Civil Aviation Organization
ICAO Doc 9303, Machine Readable Travel Documents, part 1 –
Passports, Sixth Edition, 2006, International Civil Aviation Organization
ICAO Doc 9303, Machine Readable Travel Documents, part 3 – Machine Readable Offical
Travel Documents, Specifications for electronically enabled offical travel documents with
biometric identification capabilities (including supplement), ICAO doc 93003, 2008
Development of a logical data structure – LDS for optional capacity expansion
technologies Machine Readable Travel Documents Technical Report, Development of a
Logical Data Structure – LDS, For Optional Capacity Expansion Technologies, Revision
1.7, published by authority of the secretary general, International Civil Aviation
Organization, LDS 1.7, 2004-05-18
Advanced Security Mechanisms for Machine readable travel documents
Access control (EAC) – TR03110 – v1.11
Annex to Section III Security Standards for Machine Readable Travel Documents Excerpts
from ICAO Doc 9303, Part 1 - Machine Readable Passports, Fifth Edition
Information Technology - Personal Identification — ISO Compliant Driving Licence
1:Physical characteristics and basic data set, ISO/IEC 18013-1:2005
Information Technology - Personal Identification — ISO Compliant Driving Licence
readable technologies, ISO/IEC 18013-2:2008
Information Technology - Personal Identification — ISO Compliant Driving Licence
3: Access control, authentication and integrity validation, ISO/IEC 18013
Smartcard IC Platform Protection Profile v 1.0 - BSI-PP-0035 15/06/2007
Machine readable travel documents with “ICAO Application”, Basic Access contro
march 2009
Machine readable travel documents with “ICAO Application”, Extended Access control
0056 v1.10 25th
march 2009
Machine readable travel documents with “ICAO Application”, Extended Access Control
P) – BSI-PP-0056 V2 – 2012
PP-0068v2
passport: adaptation and interpretation of e-passport Protection Profiles,
SGDN/DCSSI/SDR, ref. 10.0.1, February 2007
Embedded Software for Smart Security Devices, Basic and Extended Configurations,
2009/02, 1/12/2009
Public Security Target BAC
420, rue d’Estienne d’Orves -
Machine Readable Travel Documents Technical Report, PKI for Machine Readable Travel
- October 01, 2004,
uthority of the secretary general, International Civil Aviation Organization
– Machine Readable
Passports, Sixth Edition, 2006, International Civil Aviation Organization
Machine Readable Offical
Travel Documents, Specifications for electronically enabled offical travel documents with
biometric identification capabilities (including supplement), ICAO doc 93003, 2008
LDS for optional capacity expansion
technologies Machine Readable Travel Documents Technical Report, Development of a
LDS, For Optional Capacity Expansion Technologies, Revision –
secretary general, International Civil Aviation
Advanced Security Mechanisms for Machine readable travel documents – Extended
ble Travel Documents Excerpts
Machine Readable Passports, Fifth Edition – 2003
ISO Compliant Driving Licence — Part
ISO Compliant Driving Licence — Part
ISO Compliant Driving Licence — Part
3: Access control, authentication and integrity validation, ISO/IEC 18013-3:2009
0035 15/06/2007
Machine readable travel documents with “ICAO Application”, Basic Access control – BSI-
Machine readable travel documents with “ICAO Application”, Extended Access control –
Machine readable travel documents with “ICAO Application”, Extended Access Control
passport Protection Profiles,
Embedded Software for Smart Security Devices, Basic and Extended Configurations,
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
[R17] Technical Report, Supplemental Access Control for Machine Readable Travel Documents
– version v1.01
Chips References
[R18] Certification report
Controller P60x144/080
[R19] Certification report
Controller P60x080/052/040PVC(Y/Z/A)/PVG with IC Dedicated Software
Standards
[R20] ISO/IEC 7816-4:2013
[R21] Technical Guideline: Elliptic Curve Cryptography according to
2006
[R22] ISO/IEC 15946-1. Information technology
techniques based on elliptic c
[R23] ISO/IEC 15946-2. Information technology
techniques based on elliptic curves
[R24] ISO/IEC 15946: Information technology
techniques based on elliptic curves
[R25] ISO/IEC 9796-2:2002
schemes giving message recovery
[R26] PKCS #3: Diffie-Hellman
Version 1.4 Revised November 1, 1993
[R27] Federal Information Processing Standards Publication 180
Change Notice to include SHA
of Standards and Technology, 2002 August 1
[R28] AMERICAN NATIONAL STANDARD X9.62
Financial Services Industry (rDSA), 9 septembre 1998
[R29] Jakob Jonsson and Burt Kaliski. Public
cryptography specifications version 2.1. RFC 3447, 2003
[R30] RSA Laboratories. PKCS#1 v2.1: RSA cryptography standard. RSA Laboratories Technical
Note, 2002
[R31] ANSI X9.31 - Digital Signatures Using Reversible Public Key Cryptography for the
Financial Services Industry (rDSA), 1998.
[R32] FIPS 46-3 Data Encryption Standard (DES)
[R33] ISO/IEC 9797-1:1999 "Codes d'authentification de message (MAC) Partie 1: Mécanismes
utilisant un cryptogramme bloc"
[R34] NIST SP 800-90 – Recommendation for Random Number Generation Using Determini
Random Bit Generators (Revised)
[R35] FIPS 197 – Advance Encryption Standard (AES)
[R36] ISO/IEC 11770-2. Information Technology
part 2: Mechanisms using symmetric techniques, 1996
Misc
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Technical Report, Supplemental Access Control for Machine Readable Travel Documents
Certification report - BSI-DSZ-CC-0845-V2-2013-MA-02 - NXP Secure Smart Card
144/080PVA/PVA(Y/B) with IC dedicated software FW5.0
Certification report - BSI-DSZ-CC-0837-v2-2014 - NXP Secure Smart Card Controller
Controller P60x080/052/040PVC(Y/Z/A)/PVG with IC Dedicated Software
:2013 – Organization, security and commands for interchange
Technical Guideline: Elliptic Curve Cryptography according to ISO/IEC
1. Information technology – Security techniques
techniques based on elliptic curves – Part 1: General, 2002
2. Information technology – Security techniques
techniques based on elliptic curves – Part 2: Digital signatures, 2002
ISO/IEC 15946: Information technology — Security techniques
echniques based on elliptic curves — Part 3: Key establishment, 2002
2002 - Information technology - Security techniques
schemes giving message recovery - Part 2: Mechanisms using a hash
Hellman Key-Agreement Standard, An RSA Laboratories Technical Note,
Version 1.4 Revised November 1, 1993
Federal Information Processing Standards Publication 180-2 Secure Hash Standard (+
Change Notice to include SHA-224), U.S. DEPARTMENT OF COMMERCE/National Inst
of Standards and Technology, 2002 August 1
AMERICAN NATIONAL STANDARD X9.62-1998: Public Key Cryptography For The
Financial Services Industry (rDSA), 9 septembre 1998
Jakob Jonsson and Burt Kaliski. Public-key cryptography standards (PKCS) #1: RSA
yptography specifications version 2.1. RFC 3447, 2003
RSA Laboratories. PKCS#1 v2.1: RSA cryptography standard. RSA Laboratories Technical
Digital Signatures Using Reversible Public Key Cryptography for the
Industry (rDSA), 1998.
3 Data Encryption Standard (DES)
1:1999 "Codes d'authentification de message (MAC) Partie 1: Mécanismes
utilisant un cryptogramme bloc"
Recommendation for Random Number Generation Using Determini
Random Bit Generators (Revised)
Advance Encryption Standard (AES)
2. Information Technology – Security techniques –
part 2: Mechanisms using symmetric techniques, 1996
Public Security Target BAC
420, rue d’Estienne d’Orves -
Technical Report, Supplemental Access Control for Machine Readable Travel Documents
NXP Secure Smart Card
/B) with IC dedicated software FW5.0
NXP Secure Smart Card Controller
Controller P60x080/052/040PVC(Y/Z/A)/PVG with IC Dedicated Software
Organization, security and commands for interchange
ISO/IEC 15946.TR-ECC, BSI
Security techniques – Cryptographic
Security techniques – Cryptographic
Security techniques — Cryptographic
Part 3: Key establishment, 2002
Security techniques - Digital signature
Part 2: Mechanisms using a hash-function
Agreement Standard, An RSA Laboratories Technical Note,
2 Secure Hash Standard (+
224), U.S. DEPARTMENT OF COMMERCE/National Institute
1998: Public Key Cryptography For The
key cryptography standards (PKCS) #1: RSA
RSA Laboratories. PKCS#1 v2.1: RSA cryptography standard. RSA Laboratories Technical
Digital Signatures Using Reversible Public Key Cryptography for the
1:1999 "Codes d'authentification de message (MAC) Partie 1: Mécanismes
Recommendation for Random Number Generation Using Deterministic
– Key management –
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
[R37] Anwendungshinweise und Interpretati
und Evaluationsmethodologie für physikalische Zufallszahlengeneratoren, Version 1,
25.09.2001, Bundesamt für Sicherheit in der Informationstechnik
[R38] NOTE-10 - Interpretation with e
[R39] Advanced Security Mechanisms for Machine Readable Travel Documents part 1
Technical Guideline TR
[R40] Advanced Security Mechanisms for Machine Readable Travel Documents part 2
Technical Guideline TR
[R41] Advanced Security Mechanisms for Machine Readable Travel Documents part 3
Technical Guideline TR
CC
[R42] Common Criteria for Information Technology security Evaluation Part 1: Introduction and
general model, CCMB
[R43] Common Criteria for Information Technology security Evaluation Part 2: Security
Functional Components, CCMB
2012
[R44] Common Criteria for
Assurance Components, CCMB
2012
[R45] ANSSI-CC note 6 – v0.91
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Anwendungshinweise und Interpretationen zum Schema, AIS31: Funktionalitätsklassen
und Evaluationsmethodologie für physikalische Zufallszahlengeneratoren, Version 1,
25.09.2001, Bundesamt für Sicherheit in der Informationstechnik
Interpretation with e-passport PP_courtesy translation-draft v0.1
Advanced Security Mechanisms for Machine Readable Travel Documents part 1
Technical Guideline TR-03110-1 – version 2.10 March 2012
Advanced Security Mechanisms for Machine Readable Travel Documents part 2
Technical Guideline TR-03110-2 – version 2.10 March 2012
Advanced Security Mechanisms for Machine Readable Travel Documents part 3
Technical Guideline TR-03110-3 – version 2.10 March 2012
Common Criteria for Information Technology security Evaluation Part 1: Introduction and
model, CCMB-2012-09-001, version 3.1 Revision 4 Final, September 2012
Common Criteria for Information Technology security Evaluation Part 2: Security
Functional Components, CCMB-2012-09-002, version 3.1 Revision 4 Final, September
Common Criteria for Information Technology security Evaluation Part 3: Security
Assurance Components, CCMB-2012-09-003, version 3.1 Revision 4 Final, September
v0.91
Public Security Target BAC
420, rue d’Estienne d’Orves -
onen zum Schema, AIS31: Funktionalitätsklassen
und Evaluationsmethodologie für physikalische Zufallszahlengeneratoren, Version 1,
draft v0.1
Advanced Security Mechanisms for Machine Readable Travel Documents part 1 –
Advanced Security Mechanisms for Machine Readable Travel Documents part 2 –
Advanced Security Mechanisms for Machine Readable Travel Documents part 3 –
Common Criteria for Information Technology security Evaluation Part 1: Introduction and
001, version 3.1 Revision 4 Final, September 2012
Common Criteria for Information Technology security Evaluation Part 2: Security
002, version 3.1 Revision 4 Final, September
Information Technology security Evaluation Part 3: Security
003, version 3.1 Revision 4 Final, September
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
92700 Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
13 ACRONYMS
AA Active Authentication
BAC Basic Access Control
CC Common Criteria Vers
CPLC Card personalization life cycle
DF Dedicated File
DFA Differential Fault Analysis
DG Data Group
EAL Evaluation Assurance Level
EF Elementary File
EFID File Identifier
DES Digital encryption standard
DH Diffie Hellmann
I/0 Input/Output
IC Integrated Circuit
ICAO International Civil Aviation organization
ICC Integrated Circuit Card
IFD Interface device
LDS Logical Data structure
MF Master File
MRTD Machine readable Travel Document
MRZ Machine readable Zone
MSK Manufacturer Secret Key
OCR Optical Character Recognition
OS Operating System
PKI Public Key Infrastructure
PP Protection Profile
SFI Short File identifier
SHA Secure hashing Algorithm
SOD Security object Data
TOE Target of Evaluation
TSF TOE Security function
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
Active Authentication
Basic Access Control
Common Criteria Version 3.1 revision 4
Card personalization life cycle
Differential Fault Analysis
Evaluation Assurance Level
Digital encryption standard
International Civil Aviation organization
Integrated Circuit Card
Logical Data structure
Machine readable Travel Document
Machine readable Zone
Manufacturer Secret Key
Optical Character Recognition
Public Key Infrastructure
Secure hashing Algorithm
Security object Data
Target of Evaluation
rity function
Public Security Target BAC
420, rue d’Estienne d’Orves -
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
INDEX
A
A.BAC-Keys ....................................................
A.Insp_Sys......................................................
A.Insp_Sys_AA................................
A.Insp_Sys_CA ................................
A.MRTD_Delivery ................................
A.MRTD_Manufact................................
A.Pers_Agent................................
Access__Control__in__reading.....................
Access__Control__in__writing......................
Active__Authentication................................
Attacker.........................................................
Authenticity__of__the__MRTD's__chip
B
BAC__mechanism................................
F
FAU_SAS.1/MP................................
FAU_STG.2/MP_Add_code ...........................
FCS_CKM.1/BAC ................................
FCS_CKM.1/CA_DH_SM_3DES......................
FCS_CKM.1/CA_DH_SM_AES ........................
FCS_CKM.1/CA_ECDH_SM_3DES
FCS_CKM.1/CA_ECDH_SM_AES ....................
FCS_CKM.1/MP ................................
FCS_CKM.1/MP_Add_code...........................
FCS_CKM.4/Global ................................
FCS_COP.1/AA_DSA ................................
FCS_COP.1/AA_ECDSA ................................
FCS_COP.1/BAC_AUTH................................
FCS_COP.1/BAC_ENC ................................
FCS_COP.1/BAC_MAC ................................
FCS_COP.1/BAC_SHA ................................
FCS_COP.1/CA_MAC_SM_3DES....................
FCS_COP.1/CA_MAC_SM_AES ......................
FCS_COP.1/CA_SHA_SM_3DES .....................
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
....................40
......................39
...............................................40
...............................................40
..........................................39
........................................39
.................................................39
.....................71
......................71
.................................71
.........................34
Authenticity__of__the__MRTD's__chip.......35
..........................................71
..............................................59
...........................52
............................................61
......................66
........................66
FCS_CKM.1/CA_ECDH_SM_3DES..................66
....................67
.............................................54
...........................52
........................................50
......................................60
..................................60
..................................62
....................................62
...................................62
....................................62
....................68
......................68
.....................67
FCS_COP.1/CA_SHA_SM_AES
FCS_COP.1/CA_SYM_SM_3DES
FCS_COP.1/CA_SYM_SM_AES
FCS_COP.1/MP_AUTH_3DES
FCS_COP.1/MP_AUTH_AES
FCS_COP.1/MP_ENC_3DES
FCS_COP.1/MP_Enc_Add_code
FCS_COP.1/MP_ENC_AES
FCS_COP.1/MP_MAC_3DES
FCS_COP.1/MP_MAC_Add_code
FCS_COP.1/MP_MAC_AES
FCS_COP.1/MP_SHA................................
FCS_RND.1/Global ................................
FDP_ACC.1/BAC................................
FDP_ACC.2/MP ................................
FDP_ACF.1/BAC ................................
FDP_ACF.2/MP................................
FDP_DAU.1/AA ................................
FDP_ITC.1/AA................................
FDP_ITC.1/CA................................
FDP_ITC.1/MP................................
FDP_UCT.1/BAC................................
FDP_UCT.1/MP................................
FDP_UIT.1/BAC................................
FDP_UIT.1/CA ................................
FDP_UIT.1/MP ................................
FDP_UIT.1/MP_Add_code
FIA_AFL.1/BAC................................
FIA_AFL.1/MP ................................
FIA_API.1/CA................................
FIA_UAU.1/BAC ................................
FIA_UAU.1/CA................................
FIA_UAU.1/MP................................
FIA_UAU.4/BAC ................................
FIA_UAU.4/MP_3DES ................................
FIA_UAU.4/MP_AES ................................
FIA_UAU.5/BAC ................................
FIA_UAU.5/CA_3DES ................................
FIA_UAU.5/MP_3DES ................................
FIA_UAU.5/MP_AES ...............................
Public Security Target BAC
420, rue d’Estienne d’Orves - 92700
FCS_COP.1/CA_SHA_SM_AES....................... 67
FCS_COP.1/CA_SYM_SM_3DES.................... 67
FCS_COP.1/CA_SYM_SM_AES...................... 67
FCS_COP.1/MP_AUTH_3DES........................ 55
FCS_COP.1/MP_AUTH_AES .......................... 55
FCS_COP.1/MP_ENC_3DES........................... 54
FCS_COP.1/MP_Enc_Add_code ................... 52
FCS_COP.1/MP_ENC_AES............................. 54
3DES ......................... 55
FCS_COP.1/MP_MAC_Add_code ................. 52
FCS_COP.1/MP_MAC_AES............................ 55
..................................... 56
........................................ 50
............................................ 64
............................................. 56
............................................ 64
.............................................. 56
............................................. 60
................................................ 61
................................................ 68
............................................... 56
...................................... 62, 70
............................................. 57
............................................. 63
............................................... 70
.............................................. 57
FDP_UIT.1/MP_Add_code............................ 53
.............................................. 65
............................................... 57
................................................. 66
............................................ 65
............................................... 68
.............................................. 57
............................................ 65
................................... 58
..................................... 58
............................................ 65
.................................... 68
................................... 58
............................... 58, 69
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
FIA_UAU.6/BAC................................
FIA_UAU.6/CA ................................
FIA_UID.1/BAC................................
FIA_UID.1/CA................................
FIA_UID.1/MP................................
FMT_LIM.1/BAC ................................
FMT_LIM.1/Global................................
FMT_LIM.2/BAC ................................
FMT_LIM.2/Global................................
FMT_MOF.1/AA................................
FMT_MTD.1/AA_KEY_READ..........................
FMT_MTD.1/AA_KEY_WRITE ........................
FMT_MTD.1/BAC_KEY_READ........................
FMT_MTD.1/BAC_KEY_WRITE ......................
FMT_MTD.1/CA_KEY_READ..........................
FMT_MTD.1/CA_KEY_WRITE ........................
FMT_MTD.1/MP................................
FMT_MTD.1/MP_Add_code .........................
FMT_MTD.1/MP_INI_DIS..............................
FMT_MTD.1/MP_INI_ENA ............................
FMT_MTD.1/MP_KEY_READ.........................
FMT_MTD.1/MP_KEY_READ_Add_code
FMT_MTD.1/MP_KEY_WRITE .......................
FMT_MTD.1/MP_KEY_WRITE_Add_code
FMT_SMF.1/MP................................
FMT_SMR.1/BAC................................
FMT_SMR.1/MP ................................
FMT_SMR.1/MP_Add_code..........................
FPT_EMS.1/AA................................
FPT_EMS.1/CA................................
FPT_EMS.1/Global................................
FPT_EMS.1/MP................................
FPT_EMS.1/MP_Add_code ...........................
FPT_FLS.1/Global................................
FPT_PHP.3/Global ................................
FPT_TST.1/BAC................................
FPT_TST.1/Global ................................
FTP_ITC.1/MP................................
FTP_ITC.1/MP_Add_code ..........................
FTP_ITC.1/PP................................
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
.............................................65
...............................................69
...............................................65
.................................................69
................................................57
............................................63
.........................................50
............................................63
.........................................50
.............................................61
..........................61
........................61
........................63
......................63
..........................70
........................70
............................................58
.........................53
..............................59
............................59
.........................59
FMT_MTD.1/MP_KEY_READ_Add_code.......53
.......................59
FMT_MTD.1/MP_KEY_WRITE_Add_code.....53
.............................................59
...........................................64
............................................59
..........................53
...............................................61
...............................................69
.........................................51
..............................................60
...........................53
...........................................51
.........................................51
..............................................63
....................................51, 69
..............................................58
..........................54
...............................................70
IC_developer................................
Inspection_System................................
Logical__MRTD__data
Manufacturer................................
MRTD_Holder ................................
OE.Auth_Key_MRTD................................
OE.BAC-Keys ................................
OE.Exam_MRTD...........................
OE.MRTD___Delivery ................................
OE.MRTD_Manufact................................
OE.Pass_Auth_Sign................................
OE.Passive_Auth_Verif
OE.Personalization................................
OE.Prot_Logical_MRTD
OT.AA_Proof................................
OT.AC_Pers................................
OT.CA_Proof ................................
OT.Data_Conf ................................
OT.Data_Int................................
OT.Data_Int_AA................................
OT.Data_Int_CA................................
OT.Identification................................
OT.Prot_Abuse-Func................................
OT.Prot_Inf_Leak................................
OT.Prot_Malfunction................................
OT.Prot_Phys-Tamper
OT.Secure_AC_Activation
OT.Secure_Load_ACode
OT.TOE_Identification
P.Activ_Auth ................................
P.Chip_Auth................................
Public Security Target BAC
420, rue d’Estienne d’Orves - 92700
I
................................................. 34
........................................ 33
L
.................................. 34
M
................................................ 33
............................................... 34
O
..................................... 45
................................................. 44
...........................31, 44, 45, 46
................................... 43
..................................... 43
....................................... 44
OE.Passive_Auth_Verif ................................. 44
........................................ 44
OE.Prot_Logical_MRTD................................. 45
................................................. 42
................................................... 41
................................................. 42
............................................... 41
................................................... 41
............................................ 42
............................................ 42
........................................... 41
..................................... 41
.......................................... 41
.................................... 42
.................................. 42
OT.Secure_AC_Activation............................. 43
OT.Secure_Load_ACode ............................... 43
.................................. 43
P
................................................. 39
.................................................. 39
T. +33 (0)1 78 01 70 00 I F. +33 (0)1 78 01 70 20
Colombes - France I info@oberthur.com
S.A. AU CAPITAL de 22 310 409,20€
P.Manufact....................................................
P.Personal_Data ................................
P.Personalization................................
Personalisation__Agent__Authentication
Personalization_Agent ................................
Physical__protection................................
Prepersonalizer ................................
S
Safe__state__management ..........................
Secure__Messaging................................
Self__tests.....................................................
Software_developer................................
T
T.Abuse-Func................................
T.Bad_Activation ................................
T.Chip_ID .......................................................
T.Counterfeit ................................
T.Eavesdropping................................
T.Forgery........................................................
T.Information_Leakage ................................
T.Malfunction................................
T.Phys-Tamper................................
T.Skimming....................................................
T.TOE_Identification_Forgery .......................
T.Unauthorized_load................................
Terminal ........................................................
Traveler..........................................................
MRTD full EAC v2 – Public Securi
F. +33 (0)1 78 01 70 20 I Oberthur Technologies - 420, rue d’Estienne d’Orves
info@oberthur.com
€ - RCS NANTERRE 340 709 534
....................38
............................................38
...........................................38
Personalisation__Agent__Authentication ....72
..................................33
.....................................72
.............................................34
..........................72
.......................................72
.....................72
......................................34
.................................................36
...........................................38
.......................36
...........................................37, 38
............................................36
........................36
.................................36
................................................37
...............................................37
....................36
.......................38
.....................................38
........................33
..........................34
Public Security Target BAC
420, rue d’Estienne d’Orves - 92700