Protection profiles for secure signature creation device — Part 5: Extension for device with key generation and trusted channel to signature creation application

CEN/ISSS - Information Society Standardization System

SRC Security Research & Consulting GmbH

3.1 R4

PP Anwendungshinweis und Interpretation für Produktzertifizierungen / PP application note and interpretation for product certification

Das Schutzprofil wurde von der Arbeitsgruppe CEN/TC 224 erstellt. Es ist referenziert im Durchführungsbeschluss (EU) 2016/650 der Kommission vom 25. April 2016 zur Festlegung von Normen für die Sicherheitsbewertung qualifizierter Signatur- und Siegelerstellungseinheiten gemäß Artikel 30 Absatz 3 und Artikel 39 Absatz 2 der Verordnung (EU) Nr. 910/2014 des Europäischen Parlaments und des Rates über elektronische Identifizierung und Vertrauensdienste für elektronische Transaktionen im Binnenmarkt.

The Protection Profile (PP) has been provided by the Technical Committee CEN/TC 224. It is referenced by the Commission Implementing Decision (EU) 2016/650 of 25 April 2016 laying down standards for the security assessment of qualified signature and seal creation devices pursuant to Articles 30(3) and 39(2) of Regulation (EU) No 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market.

The intent of the Protection Profile is to specify functional and assurance requirements defined in the Directive for a secure signature-creation device (SSCD) which is the target of evaluation (TOE). The Protection Profile describes core security requirements for a secure device that can generate a signing key (signature-creation data, SCD) and operates to create electronic signatures with the generated key. The data to be signed or a unique representation thereof (DTBS/R) are sent via a trusted channel between the Signature Creation Application (SCA) and the SSCD.

After an SSCD has generated a signing key, the corresponding public key (signature verification data, SVD) has to be provided as input to a certificate generation application (CGA). Security requirements for the export of the SVD are not covered within this document.

When operated in a secure environment for signature creation a signer may use an SSCD that fulfils only these core security requirements to create an advanced electronic signature. Security requirements for an SSCD used in other environments are not subject of this Protection Profile.

This Protection Profile is strictly conforming to the core PP certified under the certification ID BSI-CC-PP-0059 and takes in comparison to this PP the trusted channel to the SCA into account.