Dencrypt Server System 5.0

CSV information ?

Status active
Valid from 09.07.2021
Valid until 09.07.2026
Scheme 🇸🇪 SE
Manufacturer Dencrypt A/S
Category Mobility
Security level EAL2, ALC_FLR.2

Heuristics summary ?

Certificate ID: CSEC2020003

Certification report ?

Extracted keywords

Symmetric Algorithms
AES
Protocols
SSH, TLS, TLS 1.2, VPN

Security level
EAL2, EAL 2, EAL3, EAL 2 augmented
Claims
T.COMMUNICATION, T.MASQUERADE, T.UNAUTH, T.UNDETECTED, T.BRIDGE, A.NOEVIL, A.REVIEW, A.LINK, A.USER, A.NETWORK, A.PHYSICAL, A.TIME, A.WORKSTATION, A.TRUSTANCHOR, A.FIREWALL, A.CROSS-SYSTEM, OSP.MANAGE, OSP.SERVICE, OSP.ACCOUNT, OSP.PROVISIONING, OSP.CA, OSP.CLIENTKEY, OSP.TUNNEL
Security Assurance Requirements (SAR)
ADV_ARC.1, ADV_TDS.1, AGD_OPE.1, ALC_FLR.2, ALC_CMC.2, ALC_DEL.1, ATE_COV.1, ATE_IND.2, AVA_VAN.2, ASE_INT.1, ASE_SPD.1, ASE_ECD.1, ASE_TSS.1
Certificates
CSEC2020003
Evaluation facilities
atsec

Standards
ISO/IEC 17025, CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004

File metadata

Title: Microsoft Word - Dencrypt_Server_5.0_Certification Report
Author: MAAVA
Creation date: D:20210712153905+02'00'
Modification date: D:20210712153905+02'00'
Pages: 20
Producer: Microsoft: Print To PDF

References

Security target ?

Extracted keywords

Symmetric Algorithms
AES-256, AES, HMAC, HMAC-SHA-384, HMAC-SHA-512
Asymmetric Algorithms
RSA 4096, ECDHE, Diffie-Hellman, DH
Hash functions
SHA384, SHA512
Schemes
MAC
Protocols
SSH, SSL, SSL 2.0, SSL 3.0, TLS, TLS 1.2, TLS 1.1, TLS 1.0, TLS v1.0, TLS v1.2, DTLS, VPN
Randomness
RNG
Libraries
OpenSSL
Elliptic Curves
secp256r1, secp384r1, secp521r1
Block cipher modes
CFB, GCM
TLS cipher suites
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

Security level
EAL4+, EAL2, EAL2 augmented
Claims
O.ACCESS, O.AUDIT, O.CA, O.CHANNEL, O.MANAGE, O.PROVISIONING, O.REMOTE, O.REVIEW, O.SERVICE, O.CLIENTKEY, O.PUSH, O.BRIDGE, O.TUNNEL, O.BRDIGE, T.COMMUNICATION, T.MASQUERADE, T.UNAUTH, T.UNDETECTED, T.BRIDGE, A.NETWORK, A.NOEVIL, A.PHYSICAL, A.REVIEW, A.TIME, A.WORKSTATION, A.LINK, A.TRUSTANCHOR, A.USER, A.FIREWALL, A.CROSS-SYSTEM, OE.LINK, OE.NETWORK, OE.NOEVIL, OE.PHYSICAL, OE.REVIEW, OE.TIME, OE.WORKSTATION, OE.TRUSTANCHOR, OE.USER, OE.FIREWALL, OE.CROSS-SYSTEM, OSP.MANAGE, OSP.SERVICE, OSP.ACCOUNT, OSP.PROVISIONING, OSP.CA, OSP.CLIENTKEY, OSP.TUNNEL
Security Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.2, ADV_TDS.1, AGD_OPE.1, AGD_PRE.1, ALC_FLR.2, ALC_CMC.2, ALC_CMS.2, ALC_DEL.1, ATE_COV.1, ATE_FUN.1, ATE_IND.2, AVA_VAN.2, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1
Security Functional Requirements (SFR)
FAU_GEN, FAU_GEN.1, FAU_GEN.1.1, FAU_GEN.1.2, FAU_SAR.1, FAU_SAR.1.1, FAU_SAR.1.2, FAU_SAR.2, FAU_SAR.2.1, FAU_STG.2, FAU_STG.2.1, FAU_STG.2.2, FAU_STG.2.3, FCS_TLSS_EXT.1, FCS_TLSS_EXT.2, FCS_TLSC_EXT.2, FCS_RNG.1, FCS_TLSS_EXT, FCS_TLSC_EXT, FCS_SSHS_EXT, FCS_TLSC_EXT.1, FCS_SSHS_EXT.1, FCS_CKM, FCS_CKM.2, FCS_COP, FCS_RBG_EXT.1, FCS_SSHS_EXT.1.1, FCS_SSHS_EXT.1.3, FCS_SSHS_EXT.1.4, FCS_SSHS_EXT.1.5, FCS_SSHS_EXT.1.6, FCS_SSHS_EXT.1.7, FCS_SSHS_EXT.1.8, FCS_TLSC_EXT.1.1, FCS_TLSC_EXT.1.2, FCS_TLSC_EXT.1.3, FCS_TLSC_EXT.1.4, FCS_TLS_EXT.1.1, FCS_CKM.1, FCS_TLSC_EXT.2.1, FCS_TLSC_EXT.2.2, FCS_TLSC_EXT.2.3, FCS_TLSC_EXT.2.4, FCS_TLSC_EXT.2.5, FCS_TLSS_EXT.1.1, FCS_TLSS_EXT.1.2, FCS_TLSS_EXT.1.3, FCS_TLSS_EXT.2.1, FCS_TLSS_EXT.2.2, FCS_TLSS_EXT.2.3, FCS_TLSS_EXT.2.4, FCS_TLSS_EXT.2.5, FCS_TLSS_EXT.2.6, FCS_RNG, FCS_RNG.1.1, FCS_RNG.1.2, FCS_CKM.1.1, FCS_CKM.2.1, FCS_CKM.4, FCS_CKM.4.1, FCS_COP.1.1, FCS_SSHS_EXT.1.2, FCS_COP.1, FDP_ITC.2, FDP_ITC.2.1, FDP_ITC.2.2, FDP_ITC.2.3, FDP_ITC.2.4, FDP_ITC.2.5, FDP_ACC, FDP_ACF, FDP_ITC.1, FDP_ACC.1, FDP_IFC.1, FIA_UAU.2, FIA_UAU.2.1, FIA_UAU.4, FIA_UAU.4.1, FIA_UID.2, FIA_UID.2.1, FIA_UID.1, FMT_MTD.1, FMT_MTD.1.1, FMT_MTD, FMT_SMF.1, FMT_SMF.1.1, FMT_SMR.1, FMT_SMR.1.1, FMT_SMR.1.2, FPT_STM.1, FPT_TDC.1, FTP_ITC.1, FTP_TRP.1, FTP_ITC.1.1, FTP_ITC.1.2, FTP_ITC.1.3
Certification process
out of scope, indicated as “REQUIRED” but not listed in the later elements of this component are implemented is out of scope of the evaluation activity for this requirement. RFC 5647 only applies to the RFC compliant

Certification process
out of scope, indicated as “REQUIRED” but not listed in the later elements of this component are implemented is out of scope of the evaluation activity for this requirement. RFC 5647 only applies to the RFC compliant

Standards
FIPS PUB 186-4, FIPS197, FIPS186-4, FIPS 140-2, NIST SP 800-38D, NIST SP 800-38A, NIST SP 800-56A, PKCS #1, RFC 2818, RFC 4253, RFC 5647, RFC 5246, RFC 4346, RFC 6125, RFC5246, RFC4253, RFC 5289, RFC 5280, RFC4252, RFC3261, RFC3711, RFC5289, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004

File metadata

Author: Rolf
Creation date: D:20210707143333+02'00'
Pages: 64
Creator: Writer
Producer: LibreOffice 7.1

Frontpage

Certified item: a) assumptions regarding the TOE's intended usage and environment of use Security Target for Dencrypt Server System version 5.0 ST Version 0.17 Executive summary This document is the Common Criteria Security Target for Dencrypt Server System. It is following the specification given in Part 1 annex A of the Common Criteria version 3.1 Revision 5. Dencrypt A/S Page 1 Contents 1 Introduction..................................................................................................................3 1.1 Security Target identification and organisation...........................................................3 1.2 TOE identification.......................................................................................................3 1.3 TOE type.....................................................................................................................4 1.4 TOE overview.............................................................................................................4 1.5 TOE description..........................................................................................................4 2 Conformance claims....................................................................................................13 2.1 CC conformance claim..............................................................................................13 2.2 Conformance rationale.............................................................................................13 3 Security problem definition.........................................................................................14 3.1 Threats.....................................................................................................................14 3.2 Organisational security policies................................................................................15 3.3 Assumptions.............................................................................................................15 4 Security objectives......................................................................................................17 4.1 Security objectives for the TOE.................................................................................17 4.2 Security objectives for the TOE environment...........................................................18 4.3 Security objectives rationale....................................................................................19 5 Extended components definition................................................................................22 5.1 Cryptographic Support (FCS)....................................................................................22 6 Security requirements.................................................................................................31 6.1 Security functional policy.........................................................................................31 6.2 Security functional requirements.............................................................................31 6.3 Security functional requirements rationale..............................................................40 6.4 Security assurance requirements.............................................................................47 6.5 Security assurance requirements rationale..............................................................48 7 TOE Summary Specification.........................................................................................49 7.1 Administration..........................................................................................................50 7.2 Security functions provided to clients......................................................................57 7.3 Other security functions...........................................................................................60 7.4 Cryptographic functions and parameters.................................................................60 8 Abbreviations, terminology and references.................................................................62 8.1 Abbreviations...........................................................................................................62 8.2 References................................................................................................................63 Dencrypt A/S Page 2 1 Introduction 1.1 Security Target identification and organisation Title: Security Target for Dencrypt Server System version 5.0 ST Version: 0.17 Status: Released Date: 2021-06-11
Developer: Dencrypt A/S

References

Heuristics ?

Certificate ID: CSEC2020003

Extracted SARs

ASE_OBJ.2, ADV_TDS.1, ASE_TSS.1, ALC_FLR.2, ADV_ARC.1, ALC_DEL.1, ASE_REQ.2, ATE_FUN.1, ADV_FSP.2, AVA_VAN.2, ASE_CCL.1, ALC_CMC.2, ASE_ECD.1, AGD_OPE.1, ATE_COV.1, AGD_PRE.1, ALC_CMS.2, ASE_SPD.1, ATE_IND.2, ASE_INT.1

References ?

Updates ?

  • 28.01.2022 The certificate was first processed.
    New certificate

    A new Common Criteria certificate with the product name Dencrypt Server System 5.0 was processed.

  • 18.02.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The report_frontpage property was updated, with the {'nscib': {}, 'niap': {}, 'canada': {}} values inserted.
    • The st_frontpage property was updated, with the {'nscib': {'cert_id': '', 'cert_item': "a) assumptions regarding the TOE's intended usage and environment of use Security Target for Dencrypt Server System version 5.0 ST Version 0.17 Executive summary This document is the Common Criteria Security Target for Dencrypt Server System. It is following the specification given in Part 1 annex A of the Common Criteria version 3.1 Revision 5. Dencrypt A/S Page 1 Contents 1 Introduction..................................................................................................................3 1.1 Security Target identification and organisation...........................................................3 1.2 TOE identification.......................................................................................................3 1.3 TOE type.....................................................................................................................4 1.4 TOE overview.............................................................................................................4 1.5 TOE description..........................................................................................................4 2 Conformance claims....................................................................................................13 2.1 CC conformance claim..............................................................................................13 2.2 Conformance rationale.............................................................................................13 3 Security problem definition.........................................................................................14 3.1 Threats.....................................................................................................................14 3.2 Organisational security policies................................................................................15 3.3 Assumptions.............................................................................................................15 4 Security objectives......................................................................................................17 4.1 Security objectives for the TOE.................................................................................17 4.2 Security objectives for the TOE environment...........................................................18 4.3 Security objectives rationale....................................................................................19 5 Extended components definition................................................................................22 5.1 Cryptographic Support (FCS)....................................................................................22 6 Security requirements.................................................................................................31 6.1 Security functional policy.........................................................................................31 6.2 Security functional requirements.............................................................................31 6.3 Security functional requirements rationale..............................................................40 6.4 Security assurance requirements.............................................................................47 6.5 Security assurance requirements rationale..............................................................48 7 TOE Summary Specification.........................................................................................49 7.1 Administration..........................................................................................................50 7.2 Security functions provided to clients......................................................................57 7.3 Other security functions...........................................................................................60 7.4 Cryptographic functions and parameters.................................................................60 8 Abbreviations, terminology and references.................................................................62 8.1 Abbreviations...........................................................................................................62 8.2 References................................................................................................................63 Dencrypt A/S Page 2 1 Introduction 1.1 Security Target identification and organisation Title: Security Target for Dencrypt Server System version 5.0 ST Version: 0.17 Status: Released Date: 2021-06-11", 'developer': 'Dencrypt A/S', 'cert_lab': ''}, 'niap': {}, 'canada': {}} values inserted.
    • The report_keywords property was updated, with the {'rules_cert_id': {'CSEC2020003': 1}} data.

    The computed heuristics were updated.

    • The extracted_versions property was set to {'_type': 'Set', 'elements': ['5.0']}.
    • The cert_id property was set to CSEC2020003.
  • 08.03.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'st_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'report_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}}.
    • The following properties were deleted: ['directly_affected_by', 'indirectly_affected_by', 'directly_affecting', 'indirectly_affecting'].
  • 24.04.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'direct_dependency_cves': None, 'indirect_dependency_cves': None}.
  • 13.05.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'extracted_sars': {'_type': 'Set', 'elements': [{'_type': 'SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'SAR', 'family': 'ATE_COV', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_CMC', 'level': 2}, {'_type': 'SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_CMS', 'level': 2}, {'_type': 'SAR', 'family': 'ADV_TDS', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'SAR', 'family': 'ALC_FLR', 'level': 2}, {'_type': 'SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_FSP', 'level': 2}, {'_type': 'SAR', 'family': 'AVA_VAN', 'level': 2}]}}.
  • 14.06.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The following values were inserted: {'report_pdf_hash': '519bbc67140e92349d72d09daa3f76f61159f2f9ae2d771079cc7406d3dfb7f2', 'st_pdf_hash': 'e81ba79c86e9564cbd16c99182423fd54bb5893c4464a9f84254df094c5a865d', 'report_txt_hash': '81b5bea0f16b10ca29add4c6e8eb6bbfaa79355ac588145fdef0927c74548c4a', 'st_txt_hash': '62f2b47cefc2f2bed20eadb0a7ae30bee70d963f84772ee7e4e26c31ad155db8'}.

    The PDF extraction data was updated.

    • The report_keywords property was updated, with the {'rules_ecc_curves': {'P-002': 2, 'P-188': 2}} data.
    • The st_keywords property was updated, with the {'rules_symmetric_crypto': {'AES-256': 6, 'AES': 25, 'HMAC': 1, 'HMAC-SHA-384': 1, 'HMAC-SHA-512': 1}, 'rules_asymmetric_crypto': {'RSA 4096': 2, 'ECDHE': 1, 'DHE': 1, 'DH': 3, 'Diffie-Hellman': 9}, 'rules_pq_crypto': {}, 'rules_hashes': {'SHA384': 5, 'SHA512': 2, 'SHA-384': 1, 'SHA-512': 1}, 'rules_crypto_schemes': {'MAC': 7, 'TLS': 181, 'SSL': 24}, 'rules_randomness': {'RNG': 14}, 'rules_tee': {}, 'rules_side_channels': {}} values inserted.
  • 17.07.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The report_metadata property was updated, with the {'pdf_hyperlinks': {'_type': 'Set', 'elements': []}} values inserted.
    • The st_metadata property was updated, with the {'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL?rev=1.31', 'http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf', 'http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf', 'https://www.teletrust.de/fileadmin/files/oid/oid_pkcs-1v2-1.pdf', 'http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf']}} values inserted.
    • The report_keywords property was set to {'cc_cert_id': {'SE': {'CSEC2020003': 1}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL2': 1, 'EAL 2': 2, 'EAL 2 augmented': 1}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 1, 'ADV_FSP.2': 1, 'ADV_TDS.1': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1}, 'ALC': {'ALC_FLR.2': 2, 'ALC_CMC.2': 1, 'ALC_CMS.2': 1, 'ALC_DEL.1': 1}, 'ATE': {'ATE_COV.1': 1, 'ATE_FUN.1': 1, 'ATE_IND.2': 1}, 'AVA': {'AVA_VAN.2': 1}, 'ASE': {'ASE_INT.1': 1, 'ASE_CCL.1': 1, 'ASE_SPD.1': 1, 'ASE_OBJ.2': 1, 'ASE_ECD.1': 1, 'ASE_REQ.2': 1, 'ASE_TSS.1': 1}}, 'cc_sfr': {}, 'cc_claims': {'T': {'T.COMMUNICATION': 1, 'T.MASQUERADE': 1, 'T.UNAUTH': 1, 'T.UNDETECTED': 1, 'T.BRIDGE': 1}, 'A': {'A.NOEVIL': 1, 'A.REVIEW': 1, 'A.LINK': 1, 'A.USER': 1, 'A.NETWORK': 1, 'A.PHYSICAL': 1, 'A.TIME': 1, 'A.WORKSTATION': 1, 'A.TRUSTANCHOR': 1, 'A.FIREWALL': 1, 'A.CROSS-SYSTEM': 1}, 'OSP': {'OSP.MANAGE': 1, 'OSP.SERVICE': 1, 'OSP.ACCOUNT': 1, 'OSP.PROVISIONING': 1, 'OSP.CA': 1, 'OSP.CLIENTKEY': 1, 'OSP.TUNNEL': 1}}, 'vendor': {}, 'eval_facility': {'atsec': {'atsec': 5}}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 1}}}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {'SSH': {'SSH': 1}, 'TLS': {'TLS': {'TLS': 20, 'TLS 1.2': 1}}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {'NIST': {'P-002': 2, 'P-188': 2}}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 1}}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'ISO': {'ISO/IEC 17025': 2}, 'CC': {'CCMB-2017-04-001': 1, 'CCMB-2017-04-002': 1, 'CCMB-2017-04-003': 1, 'CCMB-2017-04-004': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.
    • The st_keywords property was set to {'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL4+': 1, 'EAL2': 7, 'EAL2 augmented': 1}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 1, 'ADV_FSP.2': 1, 'ADV_TDS.1': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1}, 'ALC': {'ALC_CMC.2': 1, 'ALC_CMS.2': 1, 'ALC_DEL.1': 1, 'ALC_FLR.2': 2}, 'ATE': {'ATE_COV.1': 1, 'ATE_FUN.1': 1, 'ATE_IND.2': 1}, 'AVA': {'AVA_VAN.2': 1}, 'ASE': {'ASE_CCL.1': 1, 'ASE_ECD.1': 1, 'ASE_INT.1': 1, 'ASE_OBJ.2': 1, 'ASE_REQ.2': 1, 'ASE_SPD.1': 1, 'ASE_TSS.1': 1}}, 'cc_sfr': {'FAU': {'FAU_GEN': 4, 'FAU_GEN.1': 9, 'FAU_GEN.1.1': 1, 'FAU_GEN.1.2': 1, 'FAU_SAR.1': 9, 'FAU_SAR.1.1': 1, 'FAU_SAR.1.2': 1, 'FAU_SAR.2': 7, 'FAU_SAR.2.1': 1, 'FAU_STG.2': 6, 'FAU_STG.2.1': 1, 'FAU_STG.2.2': 1, 'FAU_STG.2.3': 1}, 'FCS': {'FCS_TLSS_EXT.1': 17, 'FCS_TLSS_EXT.2': 17, 'FCS_TLSC_EXT.2': 9, 'FCS_RNG.1': 16, 'FCS_TLSS_EXT': 2, 'FCS_TLSC_EXT': 2, 'FCS_SSHS_EXT': 2, 'FCS_TLSC_EXT.1': 7, 'FCS_SSHS_EXT.1': 11, 'FCS_CKM.2': 11, 'FCS_RBG_EXT.1': 12, 'FCS_SSHS_EXT.1.1': 2, 'FCS_SSHS_EXT.1.2': 2, 'FCS_SSHS_EXT.1.3': 2, 'FCS_SSHS_EXT.1.4': 2, 'FCS_SSHS_EXT.1.5': 2, 'FCS_SSHS_EXT.1.6': 2, 'FCS_SSHS_EXT.1.7': 2, 'FCS_SSHS_EXT.1.8': 2, 'FCS_TLSC_EXT.1.1': 3, 'FCS_TLSC_EXT.1.2': 1, 'FCS_TLSC_EXT.1.3': 1, 'FCS_TLSC_EXT.1.4': 1, 'FCS_TLS_EXT.1.1': 2, 'FCS_CKM.1': 19, 'FCS_TLSC_EXT.2.1': 2, 'FCS_TLSC_EXT.2.2': 2, 'FCS_TLSC_EXT.2.3': 2, 'FCS_TLSC_EXT.2.4': 2, 'FCS_TLSC_EXT.2.5': 2, 'FCS_TLSS_EXT.1.1': 3, 'FCS_TLSS_EXT.1.2': 2, 'FCS_TLSS_EXT.1.3': 2, 'FCS_TLSS_EXT.2.1': 3, 'FCS_TLSS_EXT.2.2': 2, 'FCS_TLSS_EXT.2.3': 2, 'FCS_TLSS_EXT.2.4': 3, 'FCS_TLSS_EXT.2.5': 2, 'FCS_TLSS_EXT.2.6': 2, 'FCS_RNG': 2, 'FCS_RNG.1.1': 2, 'FCS_RNG.1.2': 2, 'FCS_CKM.1.1': 2, 'FCS_CKM.2.1': 3, 'FCS_CKM.4': 25, 'FCS_CKM.4.1': 1, 'FCS_COP.1.1': 6, 'FCS_COP.1': 2}, 'FDP': {'FDP_ITC.2': 19, 'FDP_ITC.2.1': 1, 'FDP_ITC.2.2': 1, 'FDP_ITC.2.3': 1, 'FDP_ITC.2.4': 1, 'FDP_ITC.2.5': 1, 'FDP_ACC': 1, 'FDP_ACF': 1, 'FDP_ITC.1': 10, 'FDP_ACC.1': 1, 'FDP_IFC.1': 1}, 'FIA': {'FIA_UAU.2': 7, 'FIA_UAU.2.1': 1, 'FIA_UAU.4': 5, 'FIA_UAU.4.1': 1, 'FIA_UID.2': 9, 'FIA_UID.2.1': 1, 'FIA_UID.1': 2}, 'FMT': {'FMT_MTD.1': 5, 'FMT_MTD.1.1': 1, 'FMT_MTD': 1, 'FMT_SMF.1': 8, 'FMT_SMF.1.1': 1, 'FMT_SMR.1': 7, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1}, 'FPT': {'FPT_STM.1': 1, 'FPT_TDC.1': 1}, 'FTP': {'FTP_ITC.1': 20, 'FTP_TRP.1': 2, 'FTP_ITC.1.1': 1, 'FTP_ITC.1.2': 1, 'FTP_ITC.1.3': 1}}, 'cc_claims': {'O': {'O.ACCESS': 6, 'O.AUDIT': 9, 'O.CA': 6, 'O.CHANNEL': 7, 'O.MANAGE': 6, 'O.PROVISIONING': 7, 'O.REMOTE': 6, 'O.REVIEW': 7, 'O.SERVICE': 6, 'O.CLIENTKEY': 6, 'O.PUSH': 6, 'O.BRIDGE': 5, 'O.TUNNEL': 6, 'O.BRDIGE': 1}, 'T': {'T.COMMUNICATION': 3, 'T.MASQUERADE': 3, 'T.UNAUTH': 3, 'T.UNDETECTED': 3, 'T.BRIDGE': 3}, 'A': {'A.NETWORK': 3, 'A.NOEVIL': 3, 'A.PHYSICAL': 3, 'A.REVIEW': 3, 'A.TIME': 3, 'A.WORKSTATION': 2, 'A.LINK': 3, 'A.TRUSTANCHOR': 3, 'A.USER': 3, 'A.FIREWALL': 3, 'A.CROSS-SYSTEM': 3}, 'OE': {'OE.LINK': 5, 'OE.NETWORK': 3, 'OE.NOEVIL': 3, 'OE.PHYSICAL': 3, 'OE.REVIEW': 5, 'OE.TIME': 6, 'OE.WORKSTATION': 3, 'OE.TRUSTANCHOR': 4, 'OE.USER': 3, 'OE.FIREWALL': 3, 'OE.CROSS-SYSTEM': 3}, 'OSP': {'OSP.MANAGE': 3, 'OSP.SERVICE': 3, 'OSP.ACCOUNT': 3, 'OSP.PROVISIONING': 3, 'OSP.CA': 3, 'OSP.CLIENTKEY': 3, 'OSP.TUNNEL': 3}}, 'vendor': {'STMicroelectronics': {'STM': 1}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES-256': 6, 'AES': 25}}, 'constructions': {'MAC': {'HMAC': 1, 'HMAC-SHA-384': 1, 'HMAC-SHA-512': 1}}}, 'asymmetric_crypto': {'RSA': {'RSA 4096': 2}, 'ECC': {'ECDH': {'ECDHE': 1}}, 'FF': {'DH': {'DHE': 1, 'DH': 3, 'Diffie-Hellman': 9}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA384': 5, 'SHA512': 2, 'SHA-384': 1, 'SHA-512': 1}}}, 'crypto_scheme': {'MAC': {'MAC': 7}}, 'crypto_protocol': {'SSH': {'SSH': 83}, 'TLS': {'SSL': {'SSL': 16, 'SSL 2.0': 4, 'SSL 3.0': 4}, 'TLS': {'TLS': 150, 'TLS 1.2': 19, 'TLS 1.1': 6, 'TLS 1.0': 4, 'TLS v1.0': 2}}}, 'randomness': {'RNG': {'RNG': 14}}, 'cipher_mode': {'CFB': {'CFB': 2}, 'GCM': {'GCM': 7}}, 'ecc_curve': {'NIST': {'secp256r1': 4, 'secp384r1': 8, 'secp521r1': 4}}, 'crypto_engine': {}, 'tls_cipher_suite': {'TLS': {'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384': 4}}, 'crypto_library': {'OpenSSL': {'OpenSSL': 7}}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS PUB 186-4': 2, 'FIPS197': 4, 'FIPS186-4': 2, 'FIPS 140-2': 1}, 'NIST': {'NIST SP 800-38D': 3, 'NIST SP 800-38A': 2, 'NIST SP 800-56A': 1}, 'PKCS': {'PKCS #1': 2}, 'RFC': {'RFC 2818': 1, 'RFC 4253': 5, 'RFC 5647': 1, 'RFC 5246': 7, 'RFC 4346': 4, 'RFC 6125': 3, 'RFC 5289': 3, 'RFC4253': 7, 'RFC4252': 5, 'RFC3261': 1, 'RFC3711': 1, 'RFC5246': 1, 'RFC5289': 1}, 'CC': {'CCMB-2017-04-002': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 1, 's indicated as “REQUIRED” but not listed in the later elements of this component are implemented is out of scope of the evaluation activity for this requirement. RFC 5647 only applies to the RFC compliant': 1}}}.

    The computed heuristics were updated.

    • The _type property was set to Heuristics.
  • 18.07.2022 The certificate data changed.
    Certificate changed

    The _type was updated.

    • The new value is sec_certs.sample.common_criteria.CommonCriteriaCert.

    The state of the certificate object was updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.InternalState.

    The PDF extraction data was updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.PdfData.

    The computed heuristics were updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.Heuristics.
    • The st_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.
    • The report_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.
    • The extracted_sars property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}]}.
  • 24.09.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The following values were inserted: {'report_filename': 'Certification Report - Dencrypt Server System 5.0.pdf', 'st_filename': 'ST - Dencrypt Server.pdf'}.
    • The report_keywords property was updated, with the {'cc_security_level': {'__update__': {'EAL': {'__insert__': {'EAL3': 1}}}}, 'cc_sar': {'__update__': {'ADV': {'__delete__': ['ADV_FSP.2']}, 'AGD': {'__delete__': ['AGD_PRE.1']}, 'ALC': {'__update__': {'ALC_FLR.2': 3}, '__delete__': ['ALC_CMS.2']}, 'ATE': {'__delete__': ['ATE_FUN.1']}, 'ASE': {'__delete__': ['ASE_CCL.1', 'ASE_OBJ.2', 'ASE_REQ.2']}}}, 'crypto_protocol': {'__update__': {'TLS': {'__update__': {'TLS': {'__update__': {'TLS 1.2': 2}}}}}}, 'ecc_curve': {}, 'tee_name': {}} data.
    • The st_keywords property was updated, with the {'cc_sar': {'__update__': {'ALC': {'__update__': {'ALC_FLR.2': 4}}}}, 'cc_sfr': {'__update__': {'FAU': {'__update__': {'FAU_GEN.1': 8, 'FAU_SAR.2': 4, 'FAU_STG.2': 5}}, 'FCS': {'__insert__': {'FCS_CKM': 52, 'FCS_COP': 95}, '__update__': {'FCS_TLSS_EXT.2': 19, 'FCS_TLSC_EXT.2': 10, 'FCS_RNG.1': 18, 'FCS_TLSS_EXT': 3, 'FCS_SSHS_EXT.1': 13, 'FCS_CKM.2': 10, 'FCS_SSHS_EXT.1.2': 1, 'FCS_CKM.1': 18, 'FCS_TLSS_EXT.1.1': 4, 'FCS_TLSS_EXT.2.1': 4, 'FCS_CKM.4': 24}}, 'FIA': {'__update__': {'FIA_UAU.4': 4, 'FIA_UID.2': 7, 'FIA_UID.1': 1}}, 'FMT': {'__update__': {'FMT_SMF.1': 7, 'FMT_SMR.1': 6}}, 'FTP': {'__update__': {'FTP_ITC.1': 21}}}}, 'cc_claims': {'__update__': {'O': {'__update__': {'O.ACCESS': 5, 'O.AUDIT': 8, 'O.CA': 5, 'O.CHANNEL': 6, 'O.MANAGE': 5, 'O.PROVISIONING': 6, 'O.REMOTE': 5, 'O.REVIEW': 6, 'O.SERVICE': 5, 'O.CLIENTKEY': 5, 'O.PUSH': 5, 'O.BRIDGE': 4, 'O.TUNNEL': 5}}, 'T': {'__update__': {'T.MASQUERADE': 2, 'T.UNDETECTED': 2}}, 'A': {'__update__': {'A.NOEVIL': 2, 'A.REVIEW': 2, 'A.TRUSTANCHOR': 2, 'A.FIREWALL': 2}}, 'OSP': {'__update__': {'OSP.SERVICE': 2, 'OSP.ACCOUNT': 2, 'OSP.CLIENTKEY': 2}}}}, 'vendor': {}, 'symmetric_crypto': {'__update__': {'AES_competition': {'__update__': {'AES': {'__update__': {'AES': 26}}}}}}, 'asymmetric_crypto': {'__update__': {'FF': {'__update__': {'DH': {'__update__': {'DH': 2, 'Diffie-Hellman': 8}, '__delete__': ['DHE']}}}}}, 'hash_function': {'__update__': {'SHA': {'__update__': {'SHA2': {'__update__': {'SHA384': 1}, '__delete__': ['SHA-384', 'SHA-512']}}}}}, 'crypto_scheme': {'__update__': {'MAC': {'__update__': {'MAC': 5}}}}, 'crypto_protocol': {'__update__': {'SSH': {'__update__': {'SSH': 73}}, 'TLS': {'__update__': {'SSL': {'__update__': {'SSL': 9}}, 'TLS': {'__insert__': {'TLS v1.2': 1}, '__update__': {'TLS': 147, 'TLS 1.2': 20, 'TLS 1.1': 8}}}}}}, 'randomness': {'__update__': {'RNG': {'__update__': {'RNG': 11}}}}, 'ecc_curve': {'__update__': {'NIST': {'__update__': {'secp384r1': 9}}}}, 'crypto_library': {'__update__': {'OpenSSL': {'__update__': {'OpenSSL': 9}}}}, 'standard_id': {'__update__': {'RFC': {'__insert__': {'RFC 5280': 2}, '__update__': {'RFC 2818': 3, 'RFC 6125': 5, 'RFC4253': 8, 'RFC5246': 2}}, 'CC': {'__insert__': {'CCMB-2017-04-003': 1, 'CCMB-2017-04-004': 1}}}}, 'certification_process': {'__update__': {'OutOfScope': {'__insert__': {'indicated as “REQUIRED” but not listed in the later elements of this component are implemented is out of scope of the evaluation activity for this requirement. RFC 5647 only applies to the RFC compliant': 1}, '__delete__': ['s indicated as “REQUIRED” but not listed in the later elements of this component are implemented is out of scope of the evaluation activity for this requirement. RFC 5647 only applies to the RFC compliant']}}}} data.
  • 26.09.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The report_keywords property was updated, with the {'crypto_protocol': {'__insert__': {'VPN': {'VPN': 1}}}} data.
    • The st_keywords property was updated, with the {'crypto_protocol': {'__insert__': {'VPN': {'VPN': 2}}, '__update__': {'TLS': {'__insert__': {'DTLS': {'DTLS': 2}}}}}} data.
  • 05.10.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The following values were inserted: {'st_convert_garbage': False, 'report_convert_garbage': False}.

Raw data

{
  "_type": "sec_certs.sample.common_criteria.CommonCriteriaCert",
  "category": "Mobility",
  "cert_link": "https://www.commoncriteriaportal.org/files/epfiles/CCRA%20-%20Dencrypt%20Server%20System%205.0.pdf",
  "dgst": "fc5510b4f520bbd3",
  "heuristics": {
    "_type": "sec_certs.sample.common_criteria.CommonCriteriaCert.Heuristics",
    "cert_id": "CSEC2020003",
    "cert_lab": null,
    "cpe_matches": null,
    "direct_dependency_cves": null,
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_SPD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_OPE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMC",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_CCL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_INT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_FLR",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_TDS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_ARC",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_OBJ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_IND",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DEL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMS",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_PRE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_ECD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_REQ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_COV",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_FUN",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_FSP",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_TSS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VAN",
          "level": 2
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "5.0"
      ]
    },
    "indirect_dependency_cves": null,
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": []
  },
  "manufacturer": "Dencrypt A/S",
  "manufacturer_web": "https://www.dencrypt.dk/",
  "name": "Dencrypt Server System 5.0",
  "not_valid_after": "2026-07-09",
  "not_valid_before": "2021-07-09",
  "pdf_data": {
    "_type": "sec_certs.sample.common_criteria.CommonCriteriaCert.PdfData",
    "report_filename": "Certification Report - Dencrypt Server System 5.0.pdf",
    "report_frontpage": {
      "anssi": {},
      "bsi": {},
      "canada": {},
      "niap": {},
      "nscib": {}
    },
    "report_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "SE": {
          "CSEC2020003": 1
        }
      },
      "cc_claims": {
        "A": {
          "A.CROSS-SYSTEM": 1,
          "A.FIREWALL": 1,
          "A.LINK": 1,
          "A.NETWORK": 1,
          "A.NOEVIL": 1,
          "A.PHYSICAL": 1,
          "A.REVIEW": 1,
          "A.TIME": 1,
          "A.TRUSTANCHOR": 1,
          "A.USER": 1,
          "A.WORKSTATION": 1
        },
        "OSP": {
          "OSP.ACCOUNT": 1,
          "OSP.CA": 1,
          "OSP.CLIENTKEY": 1,
          "OSP.MANAGE": 1,
          "OSP.PROVISIONING": 1,
          "OSP.SERVICE": 1,
          "OSP.TUNNEL": 1
        },
        "T": {
          "T.BRIDGE": 1,
          "T.COMMUNICATION": 1,
          "T.MASQUERADE": 1,
          "T.UNAUTH": 1,
          "T.UNDETECTED": 1
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ADV": {
          "ADV_ARC.1": 1,
          "ADV_TDS.1": 1
        },
        "AGD": {
          "AGD_OPE.1": 1
        },
        "ALC": {
          "ALC_CMC.2": 1,
          "ALC_DEL.1": 1,
          "ALC_FLR.2": 3
        },
        "ASE": {
          "ASE_ECD.1": 1,
          "ASE_INT.1": 1,
          "ASE_SPD.1": 1,
          "ASE_TSS.1": 1
        },
        "ATE": {
          "ATE_COV.1": 1,
          "ATE_IND.2": 1
        },
        "AVA": {
          "AVA_VAN.2": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 2": 2,
          "EAL 2 augmented": 1,
          "EAL2": 1,
          "EAL3": 1
        }
      },
      "cc_sfr": {},
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "SSH": {
          "SSH": 1
        },
        "TLS": {
          "TLS": {
            "TLS": 20,
            "TLS 1.2": 2
          }
        },
        "VPN": {
          "VPN": 1
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "atsec": {
          "atsec": 5
        }
      },
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "CC": {
          "CCMB-2017-04-001": 1,
          "CCMB-2017-04-002": 1,
          "CCMB-2017-04-003": 1,
          "CCMB-2017-04-004": 1
        },
        "ISO": {
          "ISO/IEC 17025": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 1
          }
        }
      },
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "MAAVA",
      "/CreationDate": "D:20210712153905+02\u002700\u0027",
      "/ModDate": "D:20210712153905+02\u002700\u0027",
      "/Producer": "Microsoft: Print To PDF",
      "/Title": "Microsoft Word - Dencrypt_Server_5.0_Certification Report",
      "pdf_file_size_bytes": 974794,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 20
    },
    "st_filename": "ST - Dencrypt Server.pdf",
    "st_frontpage": {
      "anssi": {},
      "bsi": {},
      "canada": {},
      "niap": {},
      "nscib": {
        "cert_id": "",
        "cert_item": "a) assumptions regarding the TOE\u0027s intended usage and environment of use Security Target for Dencrypt Server System version 5.0 ST Version 0.17 Executive summary This document is the Common Criteria Security Target for Dencrypt Server System. It is following the specification given in Part 1 annex A of the Common Criteria version 3.1 Revision 5. Dencrypt A/S Page 1 Contents 1 Introduction..................................................................................................................3 1.1 Security Target identification and organisation...........................................................3 1.2 TOE identification.......................................................................................................3 1.3 TOE type.....................................................................................................................4 1.4 TOE overview.............................................................................................................4 1.5 TOE description..........................................................................................................4 2 Conformance claims....................................................................................................13 2.1 CC conformance claim..............................................................................................13 2.2 Conformance rationale.............................................................................................13 3 Security problem definition.........................................................................................14 3.1 Threats.....................................................................................................................14 3.2 Organisational security policies................................................................................15 3.3 Assumptions.............................................................................................................15 4 Security objectives......................................................................................................17 4.1 Security objectives for the TOE.................................................................................17 4.2 Security objectives for the TOE environment...........................................................18 4.3 Security objectives rationale....................................................................................19 5 Extended components definition................................................................................22 5.1 Cryptographic Support (FCS)....................................................................................22 6 Security requirements.................................................................................................31 6.1 Security functional policy.........................................................................................31 6.2 Security functional requirements.............................................................................31 6.3 Security functional requirements rationale..............................................................40 6.4 Security assurance requirements.............................................................................47 6.5 Security assurance requirements rationale..............................................................48 7 TOE Summary Specification.........................................................................................49 7.1 Administration..........................................................................................................50 7.2 Security functions provided to clients......................................................................57 7.3 Other security functions...........................................................................................60 7.4 Cryptographic functions and parameters.................................................................60 8 Abbreviations, terminology and references.................................................................62 8.1 Abbreviations...........................................................................................................62 8.2 References................................................................................................................63 Dencrypt A/S Page 2 1 Introduction 1.1 Security Target identification and organisation Title: Security Target for Dencrypt Server System version 5.0 ST Version: 0.17 Status: Released Date: 2021-06-11",
        "cert_lab": "",
        "developer": "Dencrypt A/S"
      }
    },
    "st_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECDH": {
            "ECDHE": 1
          }
        },
        "FF": {
          "DH": {
            "DH": 2,
            "Diffie-Hellman": 8
          }
        },
        "RSA": {
          "RSA 4096": 2
        }
      },
      "cc_cert_id": {},
      "cc_claims": {
        "A": {
          "A.CROSS-SYSTEM": 3,
          "A.FIREWALL": 2,
          "A.LINK": 3,
          "A.NETWORK": 3,
          "A.NOEVIL": 2,
          "A.PHYSICAL": 3,
          "A.REVIEW": 2,
          "A.TIME": 3,
          "A.TRUSTANCHOR": 2,
          "A.USER": 3,
          "A.WORKSTATION": 2
        },
        "O": {
          "O.ACCESS": 5,
          "O.AUDIT": 8,
          "O.BRDIGE": 1,
          "O.BRIDGE": 4,
          "O.CA": 5,
          "O.CHANNEL": 6,
          "O.CLIENTKEY": 5,
          "O.MANAGE": 5,
          "O.PROVISIONING": 6,
          "O.PUSH": 5,
          "O.REMOTE": 5,
          "O.REVIEW": 6,
          "O.SERVICE": 5,
          "O.TUNNEL": 5
        },
        "OE": {
          "OE.CROSS-SYSTEM": 3,
          "OE.FIREWALL": 3,
          "OE.LINK": 5,
          "OE.NETWORK": 3,
          "OE.NOEVIL": 3,
          "OE.PHYSICAL": 3,
          "OE.REVIEW": 5,
          "OE.TIME": 6,
          "OE.TRUSTANCHOR": 4,
          "OE.USER": 3,
          "OE.WORKSTATION": 3
        },
        "OSP": {
          "OSP.ACCOUNT": 2,
          "OSP.CA": 3,
          "OSP.CLIENTKEY": 2,
          "OSP.MANAGE": 3,
          "OSP.PROVISIONING": 3,
          "OSP.SERVICE": 2,
          "OSP.TUNNEL": 3
        },
        "T": {
          "T.BRIDGE": 3,
          "T.COMMUNICATION": 3,
          "T.MASQUERADE": 2,
          "T.UNAUTH": 3,
          "T.UNDETECTED": 2
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ADV": {
          "ADV_ARC.1": 1,
          "ADV_FSP.2": 1,
          "ADV_TDS.1": 1
        },
        "AGD": {
          "AGD_OPE.1": 1,
          "AGD_PRE.1": 1
        },
        "ALC": {
          "ALC_CMC.2": 1,
          "ALC_CMS.2": 1,
          "ALC_DEL.1": 1,
          "ALC_FLR.2": 4
        },
        "ASE": {
          "ASE_CCL.1": 1,
          "ASE_ECD.1": 1,
          "ASE_INT.1": 1,
          "ASE_OBJ.2": 1,
          "ASE_REQ.2": 1,
          "ASE_SPD.1": 1,
          "ASE_TSS.1": 1
        },
        "ATE": {
          "ATE_COV.1": 1,
          "ATE_FUN.1": 1,
          "ATE_IND.2": 1
        },
        "AVA": {
          "AVA_VAN.2": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL2": 7,
          "EAL2 augmented": 1,
          "EAL4+": 1
        }
      },
      "cc_sfr": {
        "FAU": {
          "FAU_GEN": 4,
          "FAU_GEN.1": 8,
          "FAU_GEN.1.1": 1,
          "FAU_GEN.1.2": 1,
          "FAU_SAR.1": 9,
          "FAU_SAR.1.1": 1,
          "FAU_SAR.1.2": 1,
          "FAU_SAR.2": 4,
          "FAU_SAR.2.1": 1,
          "FAU_STG.2": 5,
          "FAU_STG.2.1": 1,
          "FAU_STG.2.2": 1,
          "FAU_STG.2.3": 1
        },
        "FCS": {
          "FCS_CKM": 52,
          "FCS_CKM.1": 18,
          "FCS_CKM.1.1": 2,
          "FCS_CKM.2": 10,
          "FCS_CKM.2.1": 3,
          "FCS_CKM.4": 24,
          "FCS_CKM.4.1": 1,
          "FCS_COP": 95,
          "FCS_COP.1": 2,
          "FCS_COP.1.1": 6,
          "FCS_RBG_EXT.1": 12,
          "FCS_RNG": 2,
          "FCS_RNG.1": 18,
          "FCS_RNG.1.1": 2,
          "FCS_RNG.1.2": 2,
          "FCS_SSHS_EXT": 2,
          "FCS_SSHS_EXT.1": 13,
          "FCS_SSHS_EXT.1.1": 2,
          "FCS_SSHS_EXT.1.2": 1,
          "FCS_SSHS_EXT.1.3": 2,
          "FCS_SSHS_EXT.1.4": 2,
          "FCS_SSHS_EXT.1.5": 2,
          "FCS_SSHS_EXT.1.6": 2,
          "FCS_SSHS_EXT.1.7": 2,
          "FCS_SSHS_EXT.1.8": 2,
          "FCS_TLSC_EXT": 2,
          "FCS_TLSC_EXT.1": 7,
          "FCS_TLSC_EXT.1.1": 3,
          "FCS_TLSC_EXT.1.2": 1,
          "FCS_TLSC_EXT.1.3": 1,
          "FCS_TLSC_EXT.1.4": 1,
          "FCS_TLSC_EXT.2": 10,
          "FCS_TLSC_EXT.2.1": 2,
          "FCS_TLSC_EXT.2.2": 2,
          "FCS_TLSC_EXT.2.3": 2,
          "FCS_TLSC_EXT.2.4": 2,
          "FCS_TLSC_EXT.2.5": 2,
          "FCS_TLSS_EXT": 3,
          "FCS_TLSS_EXT.1": 17,
          "FCS_TLSS_EXT.1.1": 4,
          "FCS_TLSS_EXT.1.2": 2,
          "FCS_TLSS_EXT.1.3": 2,
          "FCS_TLSS_EXT.2": 19,
          "FCS_TLSS_EXT.2.1": 4,
          "FCS_TLSS_EXT.2.2": 2,
          "FCS_TLSS_EXT.2.3": 2,
          "FCS_TLSS_EXT.2.4": 3,
          "FCS_TLSS_EXT.2.5": 2,
          "FCS_TLSS_EXT.2.6": 2,
          "FCS_TLS_EXT.1.1": 2
        },
        "FDP": {
          "FDP_ACC": 1,
          "FDP_ACC.1": 1,
          "FDP_ACF": 1,
          "FDP_IFC.1": 1,
          "FDP_ITC.1": 10,
          "FDP_ITC.2": 19,
          "FDP_ITC.2.1": 1,
          "FDP_ITC.2.2": 1,
          "FDP_ITC.2.3": 1,
          "FDP_ITC.2.4": 1,
          "FDP_ITC.2.5": 1
        },
        "FIA": {
          "FIA_UAU.2": 7,
          "FIA_UAU.2.1": 1,
          "FIA_UAU.4": 4,
          "FIA_UAU.4.1": 1,
          "FIA_UID.1": 1,
          "FIA_UID.2": 7,
          "FIA_UID.2.1": 1
        },
        "FMT": {
          "FMT_MTD": 1,
          "FMT_MTD.1": 5,
          "FMT_MTD.1.1": 1,
          "FMT_SMF.1": 7,
          "FMT_SMF.1.1": 1,
          "FMT_SMR.1": 6,
          "FMT_SMR.1.1": 1,
          "FMT_SMR.1.2": 1
        },
        "FPT": {
          "FPT_STM.1": 1,
          "FPT_TDC.1": 1
        },
        "FTP": {
          "FTP_ITC.1": 21,
          "FTP_ITC.1.1": 1,
          "FTP_ITC.1.2": 1,
          "FTP_ITC.1.3": 1,
          "FTP_TRP.1": 2
        }
      },
      "certification_process": {
        "OutOfScope": {
          "indicated as \u201cREQUIRED\u201d but not listed in the later elements of this component are implemented is out of scope of the evaluation activity for this requirement. RFC 5647 only applies to the RFC compliant": 1,
          "out of scope": 1
        }
      },
      "cipher_mode": {
        "CFB": {
          "CFB": 2
        },
        "GCM": {
          "GCM": 7
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 9
        }
      },
      "crypto_protocol": {
        "SSH": {
          "SSH": 73
        },
        "TLS": {
          "DTLS": {
            "DTLS": 2
          },
          "SSL": {
            "SSL": 9,
            "SSL 2.0": 4,
            "SSL 3.0": 4
          },
          "TLS": {
            "TLS": 147,
            "TLS 1.0": 4,
            "TLS 1.1": 8,
            "TLS 1.2": 20,
            "TLS v1.0": 2,
            "TLS v1.2": 1
          }
        },
        "VPN": {
          "VPN": 2
        }
      },
      "crypto_scheme": {
        "MAC": {
          "MAC": 5
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "secp256r1": 4,
          "secp384r1": 9,
          "secp521r1": 4
        }
      },
      "eval_facility": {},
      "hash_function": {
        "SHA": {
          "SHA2": {
            "SHA384": 1,
            "SHA512": 2
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "RNG": {
          "RNG": 11
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "CC": {
          "CCMB-2017-04-002": 1,
          "CCMB-2017-04-003": 1,
          "CCMB-2017-04-004": 1
        },
        "FIPS": {
          "FIPS 140-2": 1,
          "FIPS PUB 186-4": 2,
          "FIPS186-4": 2,
          "FIPS197": 4
        },
        "NIST": {
          "NIST SP 800-38A": 2,
          "NIST SP 800-38D": 3,
          "NIST SP 800-56A": 1
        },
        "PKCS": {
          "PKCS #1": 2
        },
        "RFC": {
          "RFC 2818": 3,
          "RFC 4253": 5,
          "RFC 4346": 4,
          "RFC 5246": 7,
          "RFC 5280": 2,
          "RFC 5289": 3,
          "RFC 5647": 1,
          "RFC 6125": 5,
          "RFC3261": 1,
          "RFC3711": 1,
          "RFC4252": 5,
          "RFC4253": 8,
          "RFC5246": 2,
          "RFC5289": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 26,
            "AES-256": 6
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 1,
            "HMAC-SHA-384": 1,
            "HMAC-SHA-512": 1
          }
        }
      },
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {
        "TLS": {
          "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": 4
        }
      },
      "vendor": {},
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "Rolf",
      "/CreationDate": "D:20210707143333+02\u002700\u0027",
      "/Creator": "Writer",
      "/Producer": "LibreOffice 7.1",
      "pdf_file_size_bytes": 639728,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
          "https://www.teletrust.de/fileadmin/files/oid/oid_pkcs-1v2-1.pdf",
          "http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf",
          "http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf",
          "https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL?rev=1.31"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 64
    }
  },
  "protection_profiles": {
    "_type": "Set",
    "elements": []
  },
  "report_link": "https://www.commoncriteriaportal.org/files/epfiles/Certification%20Report%20-%20Dencrypt%20Server%20System%205.0.pdf",
  "scheme": "SE",
  "security_level": {
    "_type": "Set",
    "elements": [
      "ALC_FLR.2",
      "EAL2"
    ]
  },
  "st_link": "https://www.commoncriteriaportal.org/files/epfiles/ST%20-%20Dencrypt%20Server.pdf",
  "state": {
    "_type": "sec_certs.sample.common_criteria.CommonCriteriaCert.InternalState",
    "errors": [],
    "report_convert_garbage": false,
    "report_convert_ok": true,
    "report_download_ok": true,
    "report_extract_ok": true,
    "report_pdf_hash": "519bbc67140e92349d72d09daa3f76f61159f2f9ae2d771079cc7406d3dfb7f2",
    "report_txt_hash": "81b5bea0f16b10ca29add4c6e8eb6bbfaa79355ac588145fdef0927c74548c4a",
    "st_convert_garbage": false,
    "st_convert_ok": true,
    "st_download_ok": true,
    "st_extract_ok": true,
    "st_pdf_hash": "e81ba79c86e9564cbd16c99182423fd54bb5893c4464a9f84254df094c5a865d",
    "st_txt_hash": "62f2b47cefc2f2bed20eadb0a7ae30bee70d963f84772ee7e4e26c31ad155db8"
  },
  "status": "active"
}