Cisco IPS4345 Bedienungsanleitung PDF herunterladen (Seite 58)

Cisco Intrusion Prevention System Security Target

58

Section

Shall/Shall Not

Statement(s)

Should (Not) Statements

2

TOE

Compliant?

Rationale

7.1.1 RSAEP

N/A, no shall

statements

None.

Yes

N/A

7.1.2 RSADP

N/A, no shall

statements

“Care should be taken to

ensure that an

implementation of RSADP

does not reveal even partial

information about the value

of k.”

Yes

N/A

7.2 Encryption and

Decryption Operations

N/A, no shall

statements

None.

Yes

N/A

7.2.1 RSA Secret

Value Encapsulation

(RSASVE)

N/A, no shall

statements

“Care should be taken to

ensure that an

implementation does not

reveal information about the

encapsulated secret value Z.”

“the observable behavior of

the I2BS routine should not

reveal even partial

information about the byte

string Z.”

Yes

N/A

7.2.2 RSA with

Optimal Asymmetric

Encryption Padding

(RSA-OAEP)

None.

“Care should be taken to

ensure that the different error

conditions that may be

detected in Step 5 above

cannot be distinguished from

one another by an opponent,

whether by error message or

by process timing.”

“A single error message

should be employed and

output the same way for each

type of decryption error.

There should be no

difference in the observable

behavior for the different

RSA-OAEP decryption

errors.”

“care should be taken to

ensure that even if there are

no errors, an implementation

does not reveal partial

information about the

encoded message EM”

“the observable behavior of

the mask generation function

should not reveal even

partial information about the

MGF seed employed in the

process”

Yes

N/A

7.2.3 RSA-based Key-

Encapsulation

Mechanism with a

Key-Wrapping

N/A, no shall

statements

“Care should be taken to

ensure that the different error

conditions in Steps 2.2, 4,

and 6 cannot be distinguished

Yes

N/A

1 2 ... 53 54 55 56 57 58 59 60 61

Kommentare zu diesen Handbüchern

Keine Kommentare