Temporarily Out of Stock Online
|Edition description:||BK&CD ROM|
|Product dimensions:||7.38(w) x 9.14(h) x 2.34(d)|
Read an Excerpt
Chapter 14: ICSA Product Certification
Black Box Testing
The Black Box test suite is used to determine whether cryptography products are vulnerable to trivial-to-easy cryptanalytical attack or easy-to- moderate cryptanalytical attack. If significant implementation errors occur, these can also be seen through black box testing. The ICSA Black Box Suite consists of five consistent classification tests:
3. Degree of randomness/approach to monoalphabeticity/polyalphabeticity
5. PRGN effectiveness
Each test measures a different dimension of the tested cryptographic algorithm. Viewed as a group, the preceding attributes can be used to effectively characterize a cryptosystem. and suggest its vulnerability to cryptanalytic attack.
Cipher-text repetitions provide a distinctive wedge into a cryptogram. Repetition represents an inherent weakness in the basis encryption algorithm. In theory, a perfect algorithm produces no "fingerprints" or repetitions. In general, the lower repetition factor, the better the scrambling of data that results in fewer repetitions being available as a wedge for the cryptanalyst to break into the system. The entropy calculation is an important measure of predictability and organization. The higher the entropy, the more chaotic and disorganized the information, hence the more unpredictable the cryptographic shifts and more difficult the cipher is to break without significant work factor. If entropy is low, the data is well organized and orderly. A higher entropy indicates a stronger level of obfuscation of data. Calculations of randomnessand IC (incidence of coincidence of two letters) help to classify the subject cryptosystem based on probability and language bonds. The closer the observed cipher text is to random text, the more difficult it will be to recover the original plain text. The lower the IC, the closer the cipher text approximates random text. Similarly, the closer the graphical depiction of a cipher text approaches that of a random text (flat graph), the more difficult it will be to find a cryptanalytic wedge. Strong cryptography uses cryptographically based random numbers. ICSA uses a series of attacks on the vendor's PRNG to determine if random number or Initialization vector generation is effective.
1. The ICSA will certify (a) generic security products that use cryptography and (b) specific products such as VPNs (virtual private networks), tokens, toolkits, and so forth.
2. The ICSA-certified cryptography products can contain algorithms not on the ICSA list of adopted algorithms as long as the product can provide its cryptographic security functions using algorithms that are on the list. The ICSA will post on its Web page the specific configurations or conditions that are certified.
3. Some cryptographic standards specify different padding schemes (e.g., RSA padding in PKCS, ISO 9796, OAEP). The padding scheme that applies to each product would be a part of that product's makeup and be examined and tested as such in the Certification process. If a single product contained several padding schemes for several security functions provided by that product, then each scheme would have to be examined for its effects on the security functions.
4. Among the methods used to determine whether a product's implementation doesn't degrade the security of the algorithm are demonstration, testing, and verification. For example, if the vendor can demonstrate that the use of a weak-key generator (or other feature) does not degrade the security, or the ICSA's testing shows that it doesn't, or that some qualified evaluator has shown that it doesn't, then the implementation or use of a weak-key generation scheme (or other feature) would prevent Certification.
5. Specific product testing is performed on a case-by-case basis. It is possible that the ICSA could certify a product for use only under certain configurations or conditions. The ICSA will post on its Web page that these products, specific configurations, or conditions are certified.
6. Generally, Certification of software products is platform-specific. Each product must be evaluated within its own operating environment. However, when the number of products and platforms is large, then, on a case-by-case basis, the ICSA will work with the vendor concerning multiple-product Certification.
In order to develop appropriate and meaningful Certification criteria, the ICSA uses a notice of proposed Certification Criteria. In the Vetting process of appraisal and evaluation, the ICSA may query numerous people and organizations that will eventually include affected vendors, independent consultants, the ICSA Cryptography Products Certification Advisory Board (CPCAB), academia, and other consumer groups and industry groups-input from all sources impacts the draft criteria. Finally, the ICSA Certification Criteria and the Certification process are reviewed by a Certification Oversight Board (COB). The CPCAB consists of internationally recognized leaders in the field of cryptography; the COB members have broad representation in the general fields of computer science and information security.
The actual testing of security products is implemented by skilled testing technicians with expert supervision and oversight. Certification testing is performed by ICSA personnel or by third-party laboratories and personnel authorized and overseen by ICSA. Testing is automated where possible and checklist-driven where not automated. The test protocols are reproducible and objective. Testing personnel and authorized labs have a help desk to resolve questions and mediation procedures to resolve conflicts.
The Certification testing process has two phases:
Phase 1, Familiarization
- Familiarize the ICSA or third-party laboratory personnel with the vendor, the product, the technology, and specific product components.
- Review the Product Testing Guide provided by the product vendor.
- Resolve technical issues such as operability, interface to test equipment, and setup considerations.
- Establish procedures and guidelines for training on product.
- Establish debugging procedures.
- Test and debug the specific testing setup.
Phase 2, Certification Testing
- Verify that the algorithm used is on the ICSA Adopted Algorithm list.
- Verify that implementation mistakes are not made.
- Verify that the product passes black box data testing.
- Verify that the product passes any specific-product testing requirements.
1. At ICSA's discretion, vendors may be asked to participate in the Phase 1, Familiarization portion of the test, which is designed to familiarize test personnel with the products, resolve problem/concerns/questions about the product's operation, and ensure proper training of the testing personnel.
2. Vendors will be on standby for Phase 2, Certification Testing, and although vendors will not be present during the testing, they will have spare products/equipment readily available and a technical liaison for problem resolution, usually via email or phone....
Table of ContentsPart I: The Development of Cryptography.
First Principles and Overview.
Historical Systems I.
Historical Systems II.
Codes and Machines.
Data Encryption Standard (DES) and Information Theory.
Part II: Commercial Cryptographic Systems.
Public Key (Symmetric) Cryptography.
Identification, Authentication, and Authorization on the World Wide Web.
Part III: Implementation and Product Certification.
ICSA Product Certification.
Part IV: Practical Cryptography.
Security: Policy, Privacy, and Protocols.
IP Security and Secure Virtual Private Networks.
Cryptography in Electronic Commerce Systems.
Part V: New Dimensions.
Cryptanalysis and System
B: Xenocryptic Data.
C: A Short Tutorial in Complexity Theory.
D: A Short Tutorial in Number Theory.