BSI-DSZ-CC-0910-2016
S3FV5RP, S3FV5RK, S3FV5RJ, S3FV5RH 32-Bit RISC Microcontroller for Smart Cards, Revision 0 with optional Secure ECC Library (Version 1.01) including specific IC Dedicated Software
| Antragsteller / Applicant | Samsung Electronics B zone,17 Floor, B Tower, 1-1, Samsungjeonja-ro |
| Prüfstelle / Evaluation Facility |
TÜV Informationstechnik GmbH |
| Prüftiefe / Assurance |
EAL5+, ALC_DVS.2, AVA_VAN.5 |
| Schutzprofil / Protection Profile |
Security IC Platform Protection Profile, Version 1.0, 15 June 2007, BSI-CC-PP-0035-2007 |
| Ausstellungsdatum / Certification Date |
30.11.2016 |
| gültig bis / valid until |
29.11.2021 |
- BSI-DSZ-CC-0910-2016-RA-01 (20.12.2018)
Neubewertung der Widerstandsfähigkeit / Re-Assessment
BSI-DSZ-CC-0910-2016-MA-01 (20.12.2018)
Maintenancereport / Maintenance ReportDie Änderungen betreffen eine Aktualisierung und Reevaluierung des Produkt-Lebenszyclus durch Wechsel bei Entwicklungs- und Produktionsstandorten bedingt. Das zertifizierte Produkt selbst hat sich nicht geändert.
The changes are related to an update and reevaluation of the product life-cycle caused by changes in the development and porduction sites. The certified product itself did not change.
BSI-DSZ-CC-0910-2016
Zertifizierungsreport / Certification Report
Sicherheitsvorgaben / Security Target
Der Evaluationsgegenstand (EVG) ist der S3FV5RP, S3FV5RK, S3FV5RJ, S3FV5RH 32-Bit RISC Microcontroller for Smart Cards, Revision 0 with optional Secure ECC Library (Version 1.01) including specific IC Dedicated Software.
Der EVG ist eine Hardwareplattform mit eingebetteter Software und verfügt über einen Zentralprozessor, einen kryptographischen Co-Prozessor (TORNADO-E), verschiedene Sicherheitskomponenten, kontaktbasierte I/O-Schnittstellen, flüchtigen und nicht-flüchtigen Speicher sowie spezielle Schaltkreise für Testzwecke während der Produktion.
Zudem umfasst der EVG proprietäre eingebettete Software (Dedicated Software). Dazu gehört Testsoftware zum Einsatz während der Produktion, aber auch optionale Software-Bibliotheken: Eine kryptographische Bibliothek mit ECC Funktionalität und einen PTG.2-konformen Zufallszahlengenerator. Zusätzliche Software (Smartcard Embedded Software) ist nicht Teil des EVG.
The Target of Evaluation (TOE), the S3FV5RP, S3FV5RK, S3FV5RJ, S3FV5RH 32-Bit RISC Microcontroller for Smart Cards, Revision 0 with optional Secure ECC Library (Version 1.01) including specific IC Dedicated Software is a smartcard integrated circuit which is composed of a processing unit, security components, contact based I/O ports, hardware circuit for testing purpose during the manufacturing process and volatile and non-volatile memories (hardware).
The TOE also includes any IC Designer/Manufacturer proprietary IC Dedicated Software as long as it physically exists in the smartcard integrated circuit after being delivered by the IC Manufacturer. Such software (also known as IC firmware) is used for testing purpose during the manufacturing process but also provides additional services to facilitate the usage of the hardware and/or to provide additional services, including optional ECC public key cryptographic library, and an PTG.2-compliant random number generator. The ECC library further includes the functionality of hash computation. The use for keyed hash operations like HMAC or similar security critical operations involving keys and other secrets, is not subject of this TOE and requires specific security improvements and DPA analysis including the operating system, which is not part of this TOE. However, this functionality is intended to be used for signature generation and verification only.
All other software is called Smartcard Embedded Software and is not part of the TOE.