Mind the Gap: Formal Verification and the Common Criteria (Discussion  Paper)

Beckert, Bernhard; Bruns, Daniel; Grebing, Sarah

doi:10.29007/w9b3

Cited by 3 publications

(5 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The challenges that the CC certification faced were expressed already around 2004 by Hearn [Hea04] and eight years later by Murdoch et al [MBA12], who discuss why both CC and FIPS 140 fell short of their promise, pointing to the lack of transparency. Beckert et al [BGG10] highlight that formal verification of only the specification, but not the implementation, is required to achieve higher EALs. Many of the schemes' problems are also mentioned in a user study [HTAP18] of 29 users trained in the NIST cryptographic validation program.…”

Section: Related Workmentioning

confidence: 99%

TPMScan: A wide-scale study of security-relevant properties of TPM 2.0 chips

Svenda,

Dufka,

Broz

et al. 2024

TCHES

View full text Add to dashboard Cite

The Trusted Platform Module (TPM) is a widely deployed computer component that provides increased protection of key material during cryptographic operations, secure storage, and support for a secure boot with a remotely attestable state of the target machine. A systematic study of the TPM ecosystem, its cryptographic properties, and the orderliness of vulnerability mitigation is missing despite its pervasive deployment – likely due to the black-box nature of the implementations. We collected metadata, RSA and ECC cryptographic keys, and performance characteristics from 78 different TPM versions manufactured by 6 vendors, including recent Pluton-based iTPMs, to systematically analyze TPM implementations.Surprisingly, a high rate of changes with a detectable impact on generated secrets, the timing of cryptographic operations, and frequent off-chip generation of Endorsement Keys were observed. Our analysis of public artifacts for TPM-related products certified under Common Criteria (CC) and FIPS 140 showed relatively high popularity of TPMs but without explanation for these changes in cryptographic implementations. Despite TPMs being commonly certified to CC EAL4+, serious vulnerabilities like ROCA or TPM-Fail were discovered in the past. We found a range of additional unreported nonce leakages in ECDSA, ECSCHNORR, and ECDAA algorithms in dTPMs and fTPMs of three vendors. The most serious discovered leakage allows extraction of the private key of certain Intel’s fTPM versions using only nine signatures with no need for any side-channel information, making the vulnerability retrospectively exploitable despite a subsequent firmware update. Unreported timing leakages were discovered in the implementations of ECC algorithms on multiple Nuvoton TPMs, and other previously reported leakages were confirmed. The analysis also unveiled incompleteness of vulnerability reporting and subsequent mitigation with missing clear information about the affected versions and inconsistent fixes.

show abstract

Section: Related Workmentioning

confidence: 99%

TPMScan: A wide-scale study of security-relevant properties of TPM 2.0 chips

Svenda,

Dufka,

Broz

et al. 2024

TCHES

View full text Add to dashboard Cite

show abstract

“…In [5] the gap in the software domain between source code verification and CC certification is discussed. However, there is also a long existing gap between analysis of hardware RTL descriptions and checking of high-level rules and specifications.…”

Section: High-level Verification For the Security Domainmentioning

confidence: 99%

“…The translation consists of five steps: VHDL structure parsing (1 ), translation of VHDL processes into Control Flow Graphs (CFGs) (2 ), FSM identification inside the CFGs (3 ), FSM extraction (4 ), and conversion of these FSMs into the NuSMV input language (5 ). Finally, the NuSMV model representation can be used to check high-level assumptions about the expected behaviour of the system.…”

Section: Translation Of Vhdl For Nusmvmentioning

confidence: 99%

Automatized high-level evaluation of security properties for RTL hardware designs

Höller

Preschern

Steger

et al. 2013

Proceedings of the Workshop on Embedded Systems Security

View full text Add to dashboard Cite

The ever increasing integration of embedded systems into our every lives created a strong demand for trustable software and hardware implementations. To provide such trust between manufacturer and customer of integrated systems, regulatory rules like the Common Criteria have been defined. While this international standard clearly prescribes the usage of formal methods at high assurance level, formal verification at code-level is not widespread in practice. This work introduces a novel approach to verify the correct functionality of security critical hardware implementations under fault conditions. Generality is enabled by high-level evaluation using state machines extracted in an automatized way.

show abstract

“…It can be observed that several certification schemes are specific to a particular domain such as Mobile Security, Network Security and so on, while a few schemes such as Common Criteria (CC), Commercial Product Assurance (CPA), and First Level Security Certification (CSPN) are applicable across the different domains. Among these broadly applicable schemes, the CC is a widely recognized (Common Criteria, 2012a), used (Common Criteria, 2012b), multi-domain (Turner, 2009), partially descriptive certification scheme (Beckert, Bruns, & Grebing, 2010). Schemes such as CPA, CSPN have different criteria towards the certification but they result in certificates that are represented similar to the CC Scheme.…”

Section: State Of the Artmentioning

confidence: 99%

“…The CC scheme is primarily "claims" based as it allows product vendors to describe the security functional requirements (SFRs) that are met by the product and to prove that the set of SFRs are able to counter the threats identified for a Target of Evaluation. This information is captured in a document called "Security Target" (Common Criteria, 2012b) (CC-ST) which is often seen as the descriptive part of the CC certification (Beckert et al, 2010). The product vendor then specifies the set of Security Assurance Requirements (SARs) in order to provide a certain Evaluation Assurance Level.…”

Section: Common Criteria Certification Schemementioning

confidence: 99%

A Digital Security Certificate Framework for Services

Kaluvuri¹,

Koshutanski²,

Cerbo³

et al. 2013

STSC

View full text Add to dashboard Cite

Service Oriented Architectures have facilitated a paradigm shift in software provisioning models: software gets consumed as a service; providing enormous benefits to both service providers and consumers. However, a major barrier for a wider adoption of the new service provisioning model in business and security-critical domains is the lack of security assurance of a service. Although current security certification schemes typically provide the required assurance, applying them to service environments is practically infeasible, a major reason being the natural language representation of the security certificates which becomes a major obstacle for adoption in typical service environment scenarios such as service discovery and service composition. To overcome the limitations of existing security certificates, we present a full-fledged framework for the realization of the concept of digital security certificates for services. The framework comprises a language for machine processable digital security certificates (DSC), and the concept of a security profile that allows the generation of uniform DSCs and a tool that aids in the generation of the DSCs.

show abstract

Mind the Gap: Formal Verification and the Common Criteria (Discussion Paper)

Cited by 3 publications

References 17 publications

TPMScan: A wide-scale study of security-relevant properties of TPM 2.0 chips

TPMScan: A wide-scale study of security-relevant properties of TPM 2.0 chips

Automatized high-level evaluation of security properties for RTL hardware designs

A Digital Security Certificate Framework for Services

Contact Info

Product

Resources

About