NSSCryptoModuleSpec/Section 7: Cryptographic Key Management: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
m (GPHemsley moved page Section 7: Cryptographic Key Management to NSSCryptoModuleSpec/Section 7: Cryptographic Key Management without leaving a redirect: NSSCryptoModuleSpec page) |
||
| (10 intermediate revisions by one other user not shown) | |||
| Line 22: | Line 22: | ||
[http://wiki.mozilla.org/VE_07#VE.07.39.01 VE.07.39.01 ]<br> | [http://wiki.mozilla.org/VE_07#VE.07.39.01 VE.07.39.01 ]<br> | ||
[http://wiki.mozilla.org/VE_07#VE.07.40.01 VE.07.40.01 ]<br> | [http://wiki.mozilla.org/VE_07#VE.07.40.01 VE.07.40.01 ]<br> | ||
[http://wiki.mozilla.org/VE_07#VE.07.41.01 VE.07.41.01 ] | [http://wiki.mozilla.org/VE_07#VE.07.41.01 VE.07.41.01 ] | ||
[http://wiki.mozilla.org/ | || [http://wiki.mozilla.org/VE_07KeyMgmt Key Management]<br> [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Zeroization Key Zeroization] | ||
|| draft | || draft | ||
|- | |- | ||
| Line 35: | Line 34: | ||
| '''Proof of FIPS approved key generation'''|| | | '''Proof of FIPS approved key generation'''|| | ||
[http://wiki.mozilla.org/VE_07#VE.07.11.01 VE.07.11.01 ] | [http://wiki.mozilla.org/VE_07#VE.07.11.01 VE.07.11.01 ] | ||
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Generation Key Generation] | |||
|| draft | |||
|- | |||
| '''Security of key generation method'''|| | |||
[http://wiki.mozilla.org/VE_07#VE.07.13.01 VE.07.13.01 ] | |||
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Generation Key Generation] | || [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Generation Key Generation] | ||
|| draft | || draft | ||
| Line 40: | Line 44: | ||
| '''Random number generator description'''|| [http://wiki.mozilla.org/VE_07#VE.07.08.01 VE.07.08.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.09.01 VE.07.09.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.10.01 VE.07.10.01 ] | | '''Random number generator description'''|| [http://wiki.mozilla.org/VE_07#VE.07.08.01 VE.07.08.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.09.01 VE.07.09.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.10.01 VE.07.10.01 ] | ||
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Random_Number_Generator RNG] | || [http://wiki.mozilla.org/VE_07KeyMgmt#Random_Number_Generator RNG] | ||
|| draft | || draft | ||
|- | |- | ||
| Line 60: | Line 59: | ||
| '''Key generation methods employed by the cryptographic module'''|| | | '''Key generation methods employed by the cryptographic module'''|| | ||
[http://wiki.mozilla.org/VE_07#VE.07.16.01 VE.07.16.01 ] | [http://wiki.mozilla.org/VE_07#VE.07.16.01 VE.07.16.01 ] | ||
|| | || [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Generation Key Generation] | ||
|| draft | |||
|- | |||
| '''Key establishment''' | |||
|| [http://wiki.mozilla.org/VE_07#VE.07.17.01 VE.07.17.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.18.01 VE.07.18.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.19.01 VE.07.19.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.21.01 VE.07.21.01 ]<br> | |||
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Establishment_Techniques Key Establishment Techniques] | |||
|| draft | || draft | ||
|- | |- | ||
| '''Key entry and output methods'''|| | | '''Key entry and output methods'''|| | ||
[http://wiki.mozilla.org/VE_07#VE.07.23.01 VE.07.23.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.24.01 VE.07.24.01 ]<br> | |||
[http://wiki.mozilla.org/VE_07#VE.07.27.01 VE.07.27.01 ]<br> | [http://wiki.mozilla.org/VE_07#VE.07.27.01 VE.07.27.01 ]<br> | ||
[http://wiki.mozilla.org/VE_07#VE.07.28.01 VE.07.28.01 ] | [http://wiki.mozilla.org/VE_07#VE.07.28.01 VE.07.28.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.29.01 VE.07.29.01 ] | ||
|| | || [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Entry_and_Output_Methods Key Entry and Output Methods] | ||
|| draft | |||
|- | |||
| '''Documentation of means to ensure entity association of entered or output keys'''|| | |||
[http://wiki.mozilla.org/VE_07#VE.07.25.01 VE.07.25.01 ] | |||
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Entity_Association_Assurance Entity Association Assurance] | |||
|| draft | || draft | ||
|- | |- | ||
| Line 73: | Line 83: | ||
[http://wiki.mozilla.org/VE_09#VE.09.40.02 VE.09.40.02 ] | [http://wiki.mozilla.org/VE_09#VE.09.40.02 VE.09.40.02 ] | ||
|| N/A. Manual key entry and output methods are not employed by the cryptographic module. | || N/A. Manual key entry and output methods are not employed by the cryptographic module. | ||
|| draft | || draft | ||
|- | |- | ||
Latest revision as of 12:03, 11 May 2015
This is a draft document
|
Document Description |
DTR Section |
Assessment |
Status |
|---|---|---|---|
| Specification of all aspects of key management; key generation, key establishment, key entry and output, key storage, and key zeroization. |
VE.07.03.01 |
Key Management Key Zeroization |
draft |
| Description of key protection | Key Management | draft | |
| Proof of FIPS approved key generation | Key Generation | draft | |
| Security of key generation method | Key Generation | draft | |
| Random number generator description | VE.07.08.01 VE.07.09.01 VE.07.10.01 |
RNG | draft |
| Documentation of means to ensure entity association of stored keys | Entity Association Assurance | draft | |
| Output of intermediate key generation values | No intermediate key generation values are output from the cryptographic module upon completion of the key generation process. | draft | |
| Key generation methods employed by the cryptographic module | Key Generation | draft | |
| Key establishment | VE.07.17.01 VE.07.18.01 VE.07.19.01 VE.07.21.01 |
Key Establishment Techniques | draft |
| Key entry and output methods | Key Entry and Output Methods | draft | |
| Documentation of means to ensure entity association of entered or output keys | Entity Association Assurance | draft | |
| Manual key entry test | N/A. Manual key entry and output methods are not employed by the cryptographic module. | draft |
Return to: NSSCryptoModuleSpec