| Standard | FIPS 140-3 |
|---|---|
| Overall level | 3 |
| Module type | Hardware |
| Embodiment | Multi-Chip Stand Alone |
| Status | Active |
| Sunset date | 10/20/2029 |
| Caveat | When installed, initialized and configured as specified in Section 11of the Security Policy. When operated in approved mode |
| Vendor | Century Longmai Technology Co. Ltd |
flowchart LR
%% Deterministic review-risk graph for mToken CryptoID
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>Update</i>"]
C3["[low] Self-test / status surface<br/>(referenced in text)<br/><i>Self-Test<br/>UnAuth<br/>Status Output</i>"]
C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>IPSEC<br/>no library/version identified</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>linux<br/>application</i>"]
end
subgraph Inference["Derived inference"]
I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
I3["Possible only, some<br/>services may process input<br/>before, or without,<br/>operator authentication."]
I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C5 --> I5 --> R5 --> E5
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C2,C3,C5,C6 clue;
class I2,I3,I5,I6 infer;
class R2,R3,R5,R6 risk;
class E2,E3,E5,E6 evidence;flowchart LR
%% Deterministic clue tier for mToken CryptoID
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>Update</i><br/>src: text:keyword"]
C3["[low] Self-test / status surface (referenced in text)<br/><i>Self-Test<br/>UnAuth<br/>Status Output</i><br/>src: text:keyword"]
C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>IPSEC<br/>no library/version identified</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>linux<br/>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C2,C3,C5,C6 clueLow;Century Longmai Technology Co. Ltd mToken CryptoID Document Version: 1.1 Date: 2024-10-15 Longmai Public Material
| # | Section | Page |
|---|
Longmai Public Material
| Item | Page |
|---|---|
| Table 1: Security Levels | 5 |
| Table 2: Tested Module Identification – Hardware | 8 |
| Table 3: Modes List and Description | 9 |
| Table 4: Approved Algorithms | 11 |
| Table 5: Vendor-Affirmed Algorithms | 12 |
| Table 6: Non-Approved, Not Allowed Algorithms | 12 |
| Table 7: Security Function Implementations | 16 |
| Table 8: Entropy Certificates | 16 |
| Table 9: Entropy Sources | 16 |
| Table 10: Ports and Interfaces | 17 |
| Table 11 – LED status | 17 |
| Table 12: Authentication Methods | 19 |
| Table 13: Roles | 20 |
| Table 14: Approved Services | 35 |
| Table 15: Non-Approved Services | 37 |
| Table 16: Mechanisms and Actions Required | 38 |
| Table 17: EFP/EFT Information | 39 |
| Table 18: Hardness Testing Temperatures | 39 |
| Table 19: Storage Areas | 40 |
| Table 20: SSP Input-Output Methods | 40 |
| Table 21: SSP Zeroization Methods | 41 |
| Table 22: SSP Table 1 | 43 |
| Table 23: SSP Table 2 | 46 |
| Table 24: Pre-Operational Self-Tests | 48 |
| Table 25: Conditional Self-Tests | 50 |
| Table 26: Pre-Operational Periodic Information | 51 |
| Table 27: Conditional Periodic Information | 55 |
| Table 28: Error States | 55 |
| Table 29 - References | 59 |
| Table 30 – Acronyms and Definitions | 60 |
| Figure 1 - mToken CryptoID-K9 and mToken CryptoID-A3 | 7 |
| Figure 2 – Block Diagram | 8 |
meets the requirements as specified in FIPS PUB 140-3 (Federal Information Processing Standards Publication 140-3) for a Security Level 3 module. In this document, the terms “token”, “cryptographic module” or “the module” are used interchangeably to refer to the mToken CryptoID.
The FIPS 140-3 security levels for the Module are as follows from Table 1: Section Title Security Level
1 General 3
2 Cryptographic module specification 3
3 Cryptographic module interfaces 3
4 Roles, services, and authentication 3
5 Software/Firmware security 3
6 Operational environment N/A
7 Physical security 3
8 Non-invasive security N/A
9 Sensitive security parameter management 3
10 Self-tests 3
11 Life-cycle assurance 3
12 Mitigation of other attacks N/A
Overall Level 3 Table 1: Security Levels
The Longmai mToken CryptoID is a new generation smartcard chip based two-factor authentication device utilizing CCID drivers. The smartcard chip design utilizes the built-in mCOS to communicate with a General Purpose Computer (GPC) via the USB interface in a “plug-and-play” manner. The mToken CryptoID implements the USB Circuit Cards Interface Device (CCID) protocol to communicate with the host application running on a computer device. CCID drivers work to protect the device and are less susceptible to packet sniffing thus providing stronger authentication. The Application Protocol Data Unit (APDU) command-response protocol is transferred via the USB interface and is compatible with ISO/IEC 7816-4 standards. It provides the security services needed to interact with the Public Key Infrastructure (PKI) applications, including Digital Signature Generation/Verification for online authentication and Data Encryption/Decryption for online transactions. Here is the list of main functions provided by the Module:
Cryptographic Boundary: The physical form of the Module is depicted below in Figure 1 and the block diagram is depicted in Figure 2 below. The Module is a hardware module with a multi-chip standalone embodiment. The cryptographic boundary of the Module is defined by the hard, semi-transparent, polycarbonate (plastic) or metal casing of the USB token. The Module is comprised of a SCC-XE microcontroller sitting atop a Printed Circuit Board (PCB). The PCB carries the signals and instructions of the microcontroller to the other components contained within the Module. All cryptographic functions and firmware are stored within the microcontroller package and executed by a 32-bit CPU (Core Processing Unit). Figure 1 - mToken CryptoID-K9 and mToken CryptoID-A3 Longmai Public Material
Tested Module Identification
N/A for this module. Tested Operational Environments - Software, Firmware, Hybrid: N/A for this module. Vendor-Affirmed Operational Environments - Software, Firmware, Hybrid: N/A for this module.
NOTE: No Components were excluded from the cryptographic boundary
Modes List and Description: Mode Name Description Type Status Indicator Approved CO can set the module to Approved Steady green LED is on and the red Mode Approved Mode LED is off. Returns "01" from the calling GetData APDU command Non- By default, the module will be Non- Green LED is off and the steady red Approved set to Non-Approved mode by Approved LED is on Returns "00" from the mode manufacturer. calling GetData APDU command Table 3: Modes List and Description Configuration of the Approved Mode of Operation The mToken CryptoID module is originally non-compliant and must be configured to operate in an approved mode of operation. The Approved mode of operation is configured by the Issuer (CO) prior to being distributed to the end users. Please see Section 11.1 Installation, Initialization, and Startup Procedures for initial Approved mode configuration. When the Module operates in Approved mode, the steady green LED is on, and the red LED is off. The module returns “01” from the calling GetData APDU command which indicates that the module is in Approved mode, and the module returns “0000000000000000” to the calling GetHealthStatus APDU command which indicates that all self-tests have completed successfully. In Approved mode, only approved algorithms are allowed and available to the services. Please refer to the LED status table for the details of the LED status indicator of the module. Longmai Public Material
Configuration of the Non-Approved Mode of Operation The Module is sent from manufacturing to the Issuer (CO) in Non-Approved mode. When the Module operates in Non-Approved mode, the green LED is off and the steady red LED is on. The Module returns “00” from the calling GetData APDU command which indicates that the module is in Non-Approved mode, and the module returns “0000000000000000” to the calling GetHealthStatus APDU command which indicates that the self-test have completed successfully. The GetData APDU command returns an error when the Module is uninitialized. Both Approved services and Non-Approved services are listed in Table 19: Approved Services and Table 20: Non-Approved Services are allowed in Non-Approved mode. Mode Change Instructions and Status [O]: Once the Module is initialized, the Issuer can switch the mode of operation by calling the ChangeWorkingMode APDU command with “P1” parameter. If “P1” is 1, the module is configured to operate in Approved mode; if “P1” is 0, the module is configured to operate in Non-Approved mode. The Module is zeroized as part of the switching process preventing the sharing of CSPs between modes. After the successful completion of the pre-operational self-tests, the Module automatically enters Approved mode or Non-Approved mode based on the value of the “P1” parameter.
Approved Algorithms: The Module implements the Approved cryptographic algorithms listed in the table below. Algorithm CAVP Cert Properties Reference AES-CBC A2660 Direction - Decrypt, Encrypt SP 800-38A Key Length - 128, 192, 256 AES-CMAC A2660 Direction - Generation, Verification SP 800-38B Key Length - 128, 192, 256 AES-ECB A2660 Direction - Decrypt, Encrypt SP 800-38A Key Length - 128, 192, 256 AES-KW A2660 Direction - Decrypt, Encrypt SP 800-38F Key Length - 128, 192, 256 ECDSA KeyGen A2663 Curve - P-256, P-521 FIPS 186-4 (FIPS186-4) ECDSA KeyVer A2663 Curve - P-256, P-521 FIPS 186-4 (FIPS186-4) ECDSA SigGen A2663 Component - No FIPS 186-4 (FIPS186-4) Curve - P-256, P-521 ECDSA SigVer A2663 Component - No FIPS 186-4 (FIPS186-4) Curve - P-256, P-521 Longmai Public Material
Algorithm CAVP Cert Properties Reference Hash DRBG A2662 Prediction Resistance - No SP 800-90A Mode - SHA2-256 Rev. 1 HMAC-SHA2-256 A2661 Key Length - Key Length: 128-256 FIPS 198-1 Increment 8 HMAC-SHA2-384 A2661 Key Length - Key Length: 128-256 FIPS 198-1 Increment 8 HMAC-SHA2-512 A2661 Key Length - Key Length: 128-256 FIPS 198-1 Increment 8 KAS-ECC Sp800- A2659 Domain Parameter Generation Methods - SP 800-56A 56Ar3 P-256, P-521 Rev. 3 Function - Key Pair Generation Scheme ephemeralUnified KAS Role - Initiator, Responder Key Length - 256 RSA KeyGen A2663 Key Generation Mode - B.3.3 FIPS 186-4 (FIPS186-4) Modulo - 2048 Primality Tests - Table C.2 Private Key Format - Standard RSA SigGen A2663 Signature Type - PKCS 1.5 FIPS 186-4 (FIPS186-4) Modulo - 2048 RSA SigVer (FIPS186- A2663 Signature Type - PKCS 1.5 FIPS 186-4 4) Modulo - 2048 SHA2-256 A2661 - FIPS 180-4 SHA2-384 A2661 - FIPS 180-4 SHA2-512 A2661 - FIPS 180-4 Table 4: Approved Algorithms Note: KAS [56Ar3] - Per [IG] D.F Scenario 2 path (2), [56Ar3] compliant key agreement scheme where testing is performed end-to-end for the shared secret computation and a KDF compliant with onestepkdf. without key confirmation. Vendor-Affirmed Algorithms: The Module implements the Approved Vendor Affirmed cryptographic algorithms listed in the Table below. Name Properties Implementation Reference CKG [133] Sections 4 and 5.1 Asymmetric signature key mToken CryptoID Core Key [IG D.H] generation using unmodified DRBG DRBG Component Generation output:AisinoChip Electronics SCC-XE [133] Sections 4 and 5.2 Asymmetric key establishment key generation using unmodified DRBG output:AisinoChip Electronics SCC-XE [133] Sections 4 and 6.1 Direct symmetric key generation using unmodified DRBG output:ARM Cortex M0 [133] Section 6.2.1 Derivation of symmetric keys Longmai Public Material
Name Properties Implementation Reference from a key agreement shared secret.:ARM Cortex M0 Table 5: Vendor-Affirmed Algorithms Non-Approved, Allowed Algorithms: Note: The Module does not implement any Non-Approved, Algorithms Allowed in the Approved Mode of Operation. N/A for this module. Non-Approved, Allowed Algorithms with No Security Claimed: Note: The Module does not implement any Non-Approved, Algorithms Allowed with No Security Claimed in the Approved Mode of Operation. N/A for this module. Non-Approved, Not Allowed Algorithms: The Module implements the Non-Approved, Not Allowed cryptographic algorithms listed in the table below. Name Use and Function SHA-1 Hashing (not CAVP tested) RSA Digital Signature Generation and Verification using 1024 bit keys KTS RSA-based Key Wrapping HMAC-SHA-1 Message Authentication Code (not CAVP tested) Triple-DES Encryption and Decryption (not CAVP tested) CMAC with Triple-DES Message Authentication Code Table 6: Non-Approved, Not Allowed Algorithms
The table below shows the Security Function Implementations that the module implements: Name Type Description Properties Algorithms KAS1 KAS-Full Key Agreement Caveat:Key KAS-ECC Sp800establishment 56Ar3: (A2659) method provides Notes: Ephemeral Longmai Public Material
Name Type Description Properties Algorithms between 128 and Unified (Initiator,
encryption Partial with strength oneStepKdf Curves: P-256, PSHA2-256: (A2661) SHA2-384: (A2661) SHA2-512: (A2661) KTS1 KTS-Wrap Key Transport Caveat:Key AES-KW: (A2660) establishment Security Strength: method provides 128, 192, 256 between 128 and
encryption strength KTS2 KTS-Wrap Key Transport Publications:[IG AES-ECB: D.G] (A2660) Caveat:Key Security Strength: establishment 128, 192, 256 method provides AES-CMAC: between 128 and (A2660)
encryption 128, 192, 256 strength SymGen1 CKG Symmetric Key Publications:[IG AES-ECB: Generation D.H], SP800- (A2660) 133r2 Ref: Security Strength: Section 6.1 128, 192, 256 AES-CBC: (A2660) Security Strength: 128, 192, 256 AsymGen1 AsymKeyPair- Asymmetric Key- ECDSA KeyGen KeyGen Pair Generation (FIPS186-4): (A2663) Curves: P-256, PHash DRBG: (A2662) AsymVer1 AsymKeyPair- Asymmetric Key- ECDSA KeyVer KeyVer Pair Verification (FIPS186-4): (A2663) Curves: P-256, PHash DRBG: (A2662) SigGen1 DigSig-SigGen Digital Signature ECDSA SigGen Generation (FIPS186-4): (A2663) Curves: P-256, PLongmai Public Material
Name Type Description Properties Algorithms Hash DRBG: (A2662) SHA2-256: (A2661) SHA2-384: (A2661) SHA2-512: (A2661) SigVer1 DigSig-SigVer Digital Signature ECDSA SigVer Verification (FIPS186-4): (A2663) Curves: P-256, PHash DRBG: (A2662) SHA2-256: (A2661) SHA2-384: (A2661) SHA2-512: (A2661) AsymGen2 AsymKeyPair- Asymmetric Key- RSA KeyGen KeyGen Pair Generation (FIPS186-4): (A2663) Size: n=2048 Hash DRBG: (A2662) SigGen2 DigSig-SigGen Digital Signature RSA SigGen Generation (FIPS186-4): (A2663) Size: n=2048 Hash DRBG: (A2662) SHA2-256: (A2661) SHA2-384: (A2661) SHA2-512: (A2661) SigVer2 DigSig-SigVer Digital Signature RSA SigVer Verification (FIPS186-4): (A2663) Size: n=2048 Hash DRBG: (A2662) SHA2-256: (A2661) SHA2-384: (A2661) SHA2-512: (A2661) SigVer3 DigSig-SigVer Digital Signature ECDSA SigVer Verification (FIPS186-4): Longmai Public Material
Name Type Description Properties Algorithms (A2663) Curve: P-256 Hash DRBG: (A2662) SHA2-256: (A2661) RBG DRBG Random Number Hash DRBG: Generation (A2662) Security Strength: SHA2-256: (A2661) Entropy ENT-ESV Entropy Source Hash DRBG: (A2662) Security Strength: Hash SHA Secure Hash SHA2-256: (A2661) SHA2-384: (A2661) SHA2-512: (A2661) Message MAC Message HMAC-SHA2-256: Authentication Authentication (A2661) HMAC-SHA2-384: (A2661) HMAC-SHA2-512: (A2661) AES-CMAC: (A2660) Security Strength: 128, 192, 256 AES Encryption BC-Auth Block Cipher AES-CBC: (A2660) Security Strength: 128, 192, 256 AES-ECB: (A2660) Security Strength: 128, 192, 256 AES Decryption BC-UnAuth Block Cipher AES-CBC: (A2660) Security Strength: 128, 192, 256 AES-ECB: (A2660) Security Strength: 128, 192, 256 SymGen2 CKG Symmetric Key Publications:[IG AES-CBC: Generation D.H], SP800- (A2660) 133r2 Ref: Security Strength: Section 6.2.1 128, 192, 256 AES-ECB: (A2660) Longmai Public Material
Name Type Description Properties Algorithms Security Strength: 128, 192, 256 Table 7: Security Function Implementations
Note: There is no Algorithm Specific Information.
Cert Vendor Name Number E44 Century Longmai Technology Co. Ltd Table 8: Entropy Certificates The Module uses the following entropy source: Name Type Operational Environment Sample Entropy Conditioning Size per Sample Component mToken CryptoID Physical AisinoChip Electronics 1bit 0.222745 N/A Core SCC-XE bits Table 9: Entropy Sources
For Key Generation, see Section 2.5 and Section 2.6 above.
For Key Establishment, see Section 2.5 and Section 2.6 above.
Note: The Module does not provide any industry protocols. Longmai Public Material
The Module’s ports and associated FIPS defined logical interface categories are listed in the table below. Physical Port Logical Data That Interface(s) Passes LED Status Output N/A USB Data pins Data Input All logical data Data Output Control Input Status Output USB Power pin None N/A Table 10: Ports and Interfaces The mToken CryptoID uses an LED to encode various status conditions as shown in the table below: Table 11
The mToken CryptoID supports Identity-Based Authentication to authenticate the operators. The Module supports External Authentication with KEY_EA which authenticates the host application running on a computer to the module. The Module also supports Internal Authentication with KEY_IA which the module authenticates itself to the host application. Longmai Public Material
The Issuer is authenticated by providing the Main Control Key (KEY_MC) with ExternalAuth APDU command. Only the manufacturer or the distributor can be authenticated as an Issuer. When the Module is delivered to the end user, they can authenticate themselves by providing their KEY_PIN (i.e., Admin PIN or User PIN) with Verify PIN APDU command. The operators can logout by calling the ClearSecureState APDU command or by unplugging the module from the GPC. The Module uses the “challenge-response” method for all types of authentications. For key-based authentication, the host application calls the GetChallenge command to get a random value from the Module that has the same length as the authenticated keys. The host application then encrypts the random value with the AES-256 symmetric algorithm and transmits the ciphertext to the module for verification. The Module decrypts the ciphertext with the AES-256 symmetric algorithm and compares the result with the original random value from the GetChallenge command. If the results are the same, the authentication is completed successfully; otherwise, the authentication fails, and the Module will decrement the value pre-defined in “LeftRetryTimes”. Once the value stored in “LeftRetryTimes” reaches 0, the key is locked. The authentication data uses default keys and are required to be changed upon first login. For PIN-based authentication, the host application calls the GetChallenge command to get a random value from the Module that has the same length as the authenticated keys. The host application then generates a SHA2-256 hash value from the PIN provided by the operator. The random value is encrypted with the SHA2-256 hash value of the PIN using an AES-128 symmetric algorithm. The PIN ID and ciphertext are transmitted to the Module for verification. The Module generates a SHA2-256 hash value from the PIN based on the PIN ID, decrypts the ciphertext with the SHA2-256 hash value using the predefined symmetric algorithm, and compares the result with the original random value from the GetChallenge command. Once the default PIN is used, changing it is required upon first login. If the results are the same, the authentication has been completed successfully; otherwise, the authentication fails, and the module will decrement the “LeftRetryTimes” variable. Once the value stored in “LeftRetryTimes” reaches 0, the PIN is locked. No visible display of the authentication data is allowed from the Module. The host application running on the GPC interacting with the module obscures the authentication data during data entry. The authentication data is stored in the key files which can never be exported outside the mToken CryptoID. Method Description Security Strength Each Strength per Minute Name Mechanism Attempt AM#1 Single-Factor Challenge- The KEY_MC is a The device locks Cryptographic Software response 256-bit AES key. after 15 consecutive as the cryptographic mechanism: The The authentication failed authentication key (KEY_MC) is only host application get mechanism has a attempts. The given to a single user. a random value 256-bit security probability of a from the module. strength which is successful random The host 1/2^256. attempt during a oneapplication then minute period is encrypts the approximately random value with 15/2^256 the pre-defined Longmai Public Material
Method Description Security Strength Each Strength per Minute Name Mechanism Attempt symmetric algorithm and transmits the ciphertext to the module for verification. AM#2 Memorized Secret as a The host The KEY_PIN The module will lock specific Secret application calls the length must be an account after 15 (KEY_PIN) is gets a random between 8 and 32 consecutive failed associated with a value from the characters with a authentication specific user.the host module. The host combination of attempts. An Admin application calls the application then letters, numeric may unlock a User or gets a random value generates a SHA2- characters, and unlocking may be from the module. The 256 hash value special characters performed by host application then from the PIN (i.e., A-Z a-z 0-9 ~ reinitializing (remove generates a SHA2-256 provided by the `!@#$%^&*() and reinsert). The hash value from the operator. The _+|-=\{}[]:;"' probability of a PIN provided by the random value is < > , . ? / Tab and successful random operator. The random encrypted with the Space) which is attempt during a onevalue is encrypted with SHA2-256 hash 1/96^8. minute period is the SHA2-256 hash value of the PIN approximately value of the PIN using using a pre-defined 15/96^8. a pre-defined symmetric symmetric algorithm. algorithm. Table 12: Authentication Methods
The Module supports three (3) distinct operator roles, Issuer (CO), Admin and User. The cryptographic module enforces the separation of roles by associating the current connection with the most recent authenticated user identity. The Module does not support a maintenance role or bypass capability. The Module does not support concurrent operators. The current operator status is stored in the security context in memory. When the operator logs out or if another operator attempts to login, the security context will be cleared, and the operator will be logged out automatically. The security context will also be cleared when the Module is powered off. The Roles table and the Approved Services table lists all operator roles (Issuer (CO)
The Module does not support concurrent operators. Name Type Operator Type Authentication Methods Issuer (CO) Identity CO AM#1 Admin Identity Other AM#2 User Identity Other AM#2 Table 13: Roles
All approved services implemented by the Module are listed in the table below: Unless annotated with an ~, the service is available using secure messaging which uses S_ENC with CBCAES256 and S_MAC with CMAC-AES256 with access rights of E as defined below. The SSPs modes of access shown in the table below are defined as:
Name Description Indicat Inputs Outputs Security SSP or Functions Access Z - PWD Hash: Z - RSA Private Key: Z - S_ENC: Z - S_MAC: Z S_Private: Z - Session Key (up to 4): Z - ECDSA Public: Z - RSA Public Key: Z - S_Host: Z S_Public: Z - HMAC Key: Z ChangeWorkingMod Change Approv Mode Switch to None Issuer e working ed (Approved/N certain (CO) mode: Mode on- mode Approved or Approved) DRBG_EI: Non- Z Approved DRBG_Se ed: Z DRBG_St ate Keys: Z - ECDSA Private Key: Z - KEY_EA: Z - KEY_IA: Z KEY_MC: Z KEY_PIN: Z Longmai Public Material
Name Description Indicat Inputs Outputs Security SSP or Functions Access - PWD Hash: Z - RSA Private Key: Z - S_ENC: Z - S_MAC: Z S_Private: Z - Session Key (up to 4): Z - ECDSA Public: Z - RSA Public Key: Z - S_Host: Z S_Public: Z - HMAC Key: Z InstallPIN(secure Install a new Approv KEY_PIN N/A None Issuer messaging only) KEY_PIN ed for current (CO) Mode ADF, key metadata KEY_PIN: W DRBGReseed Reseed Approv Internal DRBG RBG Issuer DRBG with ed Entropy reseed Entropy (CO) internal Mode entropy. DRBG_EI: G,E DRBG_Se ed: G,E DRBG_St ate Keys: G,E Admin DRBG_EI: G,E DRBG_Se ed: G,E DRBG_St Longmai Public Material
Name Description Indicat Inputs Outputs Security SSP or Functions Access ate Keys: G,E User DRBG_EI: G,E DRBG_Se ed: G,E DRBG_St ate Keys: E GetFSMaxSpace~ Get max Approv None Available None Issuer available ed space (CO) space for file Mode Admin system User GetChipID~ Get the smart Approv None Chip ID None Issuer card chip ed (CO) serial number Mode Admin User GetHealthStatus~ Get self-test Approv None Self-test None Issuer result ed result (CO) Mode Admin User GetErrorLog~ Get self-test Approv None Get self- None Issuer and last cmd ed test and (CO) error log Mode last cmd Admin error log User HealthCheck~ On demand Approv None Perform on None Issuer self-test ed demand (CO) Mode self-test Admin again User SessionKeyKAS Generate a Approv Algorithm AsymAlgID KTS1 Admin key pair or ed IDs, KAS , AsymGen1 Session Key Mode input keys, PublicKey S_Private: using EC Key ID G,W,E,Z Diffie Hellman (P- S_Public: 256/P-521) G,R,W,E, KAS and Z KDF. KDF - Session use alg: Key (up to SHA256/384/ 4): G,W,Z
Generate key DRBG_St Type: AES ate Keys: 128/192/256 G,E - HMAC Key: G,E User S_Private: Longmai Public Material
Name Description Indicat Inputs Outputs Security SSP or Functions Access G,W,E,Z S_Public: G,R,W,E, Z - Session Key (up to 4): G,W,Z DRBG_St ate Keys: G,E - HMAC Key: G,E GenSessionKey Generate a Approv Key ID, Alg Generate SymGen1 Admin Session Key ed ID session SymGen2 Mode key with RBG DRBG_EI: DRBG G,E engine - Session Key (up to 4): G,W,Z DRBG_St ate Keys: G,E - HMAC Key: G,E User DRBG_EI: G,E - Session Key (up to 4): G,W,Z DRBG_St ate Keys: G,E - HMAC Key: G,E DestroySessionKey Destroy Approv Key ID Destroy None Admin Session Key ed the certain - Session Mode session Key (up to key, or 4): Z destroy all User - Session Key (up to 4): Z GetSessionInfo Get the Approv Key ID Alg ID None Admin Session ed User Key's Mode algorithm Longmai Public Material
Name Description Indicat Inputs Outputs Security SSP or Functions Access Create File Create a DF Approv File Create a None Issuer or EF ed metadata DF or EF (CO) Mode (access - RSA control, Public secure Key: W,Z message - RSA req., etc.) Private Key: W,Z - ECDSA Public: W,Z - ECDSA Private Key: W,Z Admin - RSA Public Key: W,Z - RSA Private Key: W,Z - ECDSA Public: W,Z - ECDSA Private Key: W,Z User - RSA Public Key: W,Z - RSA Private Key: W,Z - ECDSA Public: W,Z - ECDSA Private Key: W,Z Delete File Delete a DF Approv File Delete a None Issuer or EF ed identifier DF or EF (CO) Mode - RSA Public Key: W,Z - RSA Private Key: W,Z - ECDSA Public: W,Z - ECDSA Private Longmai Public Material
Name Description Indicat Inputs Outputs Security SSP or Functions Access Key: W,Z Admin - RSA Public Key: W,Z - RSA Private Key: W,Z - ECDSA Public: W,Z - ECDSA Private Key: W,Z User - RSA Public Key: W,Z - RSA Private Key: W,Z - ECDSA Public: W,Z - ECDSA Private Key: W,Z ReadBinary Read binary Approv File Binary file None Admin file data ed identifier data User Mode UpdateBinary Update Approv File Update None Admin binary file ed identifier, data into User data Mode binary data binary file AppendRecord Append new Approv File Record ID None Admin record to ed identifier, User record file Mode record data ReadRecord Read record Approv File read data None Admin data of ed identifier, User record file Mode record data UpdateRecord Update data Approv File Update None Admin into a record ed identifier, Record User of the record Mode record data file Get Data Get device Approv Info Device info None Admin information ed tag/identifier User (Module Mode name, hardware, firmware versions, approved status) or get the specified Longmai Public Material
Name Description Indicat Inputs Outputs Security SSP or Functions Access tag data. Authenticatio n is required for tag ID 0x40000XFFFF according to the "Read" access control of EF 3F01 Put Data Set device Approv Info tag, Set device None Admin information ed new device info or User or save the Mode info save the specified tag specified data tag data Select File Select a DF Approv File Select a None Issuer or EF and get ed identification DF or EF, (CO) the Mode and get Admin information detail info User ChangeSecretKey(s Change the Approv Key Change None Issuer ecure messaging specified ed identifier, the (CO) only) KEY_MC, Mode new key specified KEY_IA, value key value KEY_MC: KEY_PIN, W,Z KEY_EA KEY_PIN: W,Z - KEY_EA: W,Z - KEY_IA: W,Z Admin KEY_MC: W,Z KEY_PIN: W,Z - KEY_EA: W,Z - KEY_IA: W,Z User KEY_MC: W,Z KEY_PIN: W,Z - KEY_EA: W,Z Longmai Public Material
Name Description Indicat Inputs Outputs Security SSP or Functions Access - KEY_IA: W,Z UnblockSecretKey(s Unblock the Approv Key ID, PIN Unblock Hash Issuer ecure messaging specified ed or data the (CO) only) Keys. Admin Mode specified can unblock Key_PIN KEY_PIN: KEY_PIN, or Key_EA W,Z Issuer can - KEY_EA: unblock W,Z KEY_EA Admin under MF KEY_PIN: W,Z - KEY_EA: W,Z GetChallenge~ Get random Approv length Random RBG Issuer challenge ed challenge (CO) data from SP Mode data 800-90A DRBG_St DRBG ate Keys: R,G,E Admin DRBG_St ate Keys: R,G,E User DRBG_St ate Keys: R,G,E ExternalAuth~ External Approv acknowledg Authentica KTS1 Issuer authenticatio ed e response te with (CO) n with Mode KEY_MC KEY_EA or KEY_MC: KEY_EA E - KEY_EA: E Admin KEY_MC: E - KEY_EA: E User KEY_MC: E - KEY_EA: E InternalAuth Internal Approv authenticati Calculated KTS1 Issuer authenticatio ed on data response (CO) Mode - KEY_IA: Longmai Public Material
Name Description Indicat Inputs Outputs Security SSP or Functions Access n with E KEY_IA Admin - KEY_IA: E User - KEY_IA: E Verify Pin Verify Admin Approv PIN ID, Verified KTS1 Issuer or User PIN ed challenge PIN Hash (CO) Mode response KEY_PIN: E Admin KEY_PIN: E User KEY_PIN: E GetSecretKeyInfo Get the Approv Key ID Alg, type, None Issuer specified ed retry, (CO) information Mode AC,PIN id Admin (i.e., Secret User Algorithm ID, role, PIN type, Left Default retry times, secret flag access control and Unblock PIN ID) of KEY_MC, KEY_IA, KEY_PIN, KEY_EA ClearSecureState Logoff Approv MF, ADF, Logoff None Issuer current DF or ed both, current (CO) MF Mode Role/FIPS ADF or MF Admin User SymImportSessionK Import a Approv Alg ID, Import KTS1 Admin ey Session Key ed unwrap key wrapped - Session that is Mode ID, key ID to session Key (up to wrapped by a import, key 4): W,E Session Key wrapped User key value - Session Key (up to 4): W,E SymExportSessionK Export a Approv wrap key ID, Alg ID, KTS1 Admin ey Session Key ed key ID to wrapped - Session that is Mode export key Key (up to wrapped by a 4): R,E different User Session Key - Session Longmai Public Material
Name Description Indicat Inputs Outputs Security SSP or Functions Access Key (up to 4): R,E SymCryptInit~ Symmetric Approv Key ID, First step AES Admin algorithm ed padding of Encryption - Session initialization Mode scheme, IV encryption AES Key (up to or Decryption 4): E decryption User - Session Key (up to 4): E SymEncryptUpdate~ Continuously Approv plaintext ciphertext AES Admin encrypt data ed Encryption - Session part Mode Key (up to 4): E User - Session Key (up to 4): E SymEncryptFinal~ Encrypt the Approv plaintext ciphertext AES Admin final data part ed Encryption - Session and finish the Mode Key (up to operation 4): E User - Session Key (up to 4): E SymDecryptUpdate Continuously Approv ciphertext plaintext AES Admin ~ decrypt data ed Decryption - Session part Mode Key (up to 4): E User - Session Key (up to 4): E SymDecryptFinal~ Decrypt the Approv ciphertext plaintext AES Admin final data part ed Decryption - Session and finish the Mode Key (up to operation 4): E User - Session Key (up to 4): E MacInit~ Initialize Approv Key ID Initialize a Message Admin MAC ed new Mac Authenticat - Session Calculation Mode operation ion Key (up to 4): E - HMAC Key: E User - Session Key (up to 4): E Longmai Public Material
Name Description Indicat Inputs Outputs Security SSP or Functions Access - HMAC Key: E MacUpdate~ MAC Approv Data Continue Message Admin calculation ed processing Authenticat - Session update Mode another ion Key (up to data part 4): E - HMAC Key: G,E User - Session Key (up to 4): E - HMAC Key: G,E MacFinal~ MAC Approv Data MAC Message Admin calculation ed Authenticat - Session finish Mode ion Key (up to 4): E - HMAC Key: G,E User - Session Key (up to 4): E - HMAC Key: G,E AsymGenKeypair Generate Approv Pub key ID RSA or AsymGen1 Admin asymmetric ed and Pri Key, ECDSA AsymGen2 - RSA key pairs Mode Alg ID, use keypair AsymVer1 Public Key: G,W,Z - RSA Private Key: G,W,Z - ECDSA Public: G,W,Z - ECDSA Private Key: G,W,Z DRBG_St ate Keys: G,E User - RSA Public Key: G,W,Z - RSA Private Longmai Public Material
Name Description Indicat Inputs Outputs Security SSP or Functions Access Key: G,W,Z - ECDSA Public: G,W,Z - ECDSA Private Key: G,W,Z AsymWrapImportPu Import a Approv Unwrap key Import a KTS2 Admin b public key ed ID, Pub key wrapped SigVer1 - RSA wrapped by a Mode ID, Alg ID, public key SigVer2 Public Session Key use, Key: W,Z wrapped - ECDSA key Public: W,Z - Session Key (up to 4): E User - RSA Public Key: W,Z - ECDSA Public: W,Z - Session Key (up to 4): E AsymImportPub Import a Approv Pub key ID, Import a None Admin Public key in ed Alg ID, use, plaintext - RSA plaintext Mode Pub key public key Public Key: W,Z - ECDSA Public: W,Z User - RSA Public Key: W,Z - ECDSA Public: W,Z - Session Key (up to 4): E AsymWrapImportPri Import a Approv Unwrap key Import a KTS2 Admin private key ed ID, Pri key wrapped SigGen1 - RSA wrapped by a Mode ID, Pub key private key SigGen2 Private Session Key ID, Alg ID, Key: W,Z use, - ECDSA wrapped Private key Key: W,Z Longmai Public Material
Name Description Indicat Inputs Outputs Security SSP or Functions Access - Session Key (up to 4): E User - RSA Public Key: W,Z - ECDSA Public: W,Z - Session Key (up to 4): E AsymWrapExportPu Export a Approv Wrap Alg ID, KTS2 Admin b public key ed SessionID, use, SigVer1 - RSA wrapped with Mode Pub key ID wrapped SigVer2 Public a Session key Key: R Key - ECDSA Public: R - Session Key (up to 4): E User - RSA Public Key: R - ECDSA Public: R - Session Key (up to 4): E AsymExportPub Export a Approv Pub key ID Alg ID, None Admin Public key in ed use, key - RSA plaintext Mode Public Key: R - ECDSA Public: R User - RSA Public Key: R - ECDSA Public: R AsymWrapExportPri Export a Approv Wrap Alg ID, KTS2 Admin Private key ed SessionID, use, SigGen1 - RSA wrapped by a Mode Pri key ID wrapped SigGen2 Private Session Key key Key: R - ECDSA Private Key: R - Session Key (up to 4): E Longmai Public Material
Name Description Indicat Inputs Outputs Security SSP or Functions Access User - RSA Private Key: R - ECDSA Private Key: R - Session Key (up to 4): E AsymSign Calculate Approv Pri key ID, Alg ID, SigGen1 Admin digital ed Hash Alg ID, signature SigGen2 - RSA signature Mode hash/data Private Key: E - ECDSA Private Key: E User - RSA Private Key: E - ECDSA Private Key: E AsymVerifySign Verify digital Approv Pub key ID, Alg ID, SigVer1 Admin signature ed Hash Alg ID, signature SigVer2 - RSA Mode signature SigVer3 Private Key: E - ECDSA Private Key: E User - RSA Private Key: E - ECDSA Private Key: E HashInit~ Initialize a Approv Alg ID Initialize a Hash Issuer hash ed hash (CO) operation Mode operation Admin User HashUpdate~ Continuously Approv Data Continue Hash Issuer hash data ed processing (CO) part Mode another Admin data part User HashFinale~ Hash the Approv Data Digest Hash Issuer final data part ed result (CO) and get the Mode Admin hash value User SecureMessageKA EC Diffie- Approv Alg ID, kdf Alg ID, pub KAS1 Issuer S~ Hellman (P- ed hash ID, key (CO) 521) KAS Mode Longmai Public Material
Name Description Indicat Inputs Outputs Security SSP or Functions Access (including otherInfo, S_Private: KDF) to pub key G,W,E,Z generate the Secure S_Public: Message G,R,W,E, Keys Z (S_ENC and - S_Host: S_MAC) to E establish a - S_ENC: secure G,W,Z channel - S_MAC: between the G,W,Z module and Admin the host application S_Private: G,W,E,Z S_Public: G,R,W,E, Z - S_Host: E - S_ENC: G,W,Z - S_MAC: G,W,Z User S_Private: G,W,E,Z S_Public: G,R,W,E, Z - S_Host: E - S_ENC: G,W,Z - S_MAC: G,W,Z Table 14: Approved Services Note: “use” is a parameter to specify the usage of the private-public key pairs. Option 1 means signature generation and verification only, Option 2 means key wrapping only, and Option 3 means the key pair can be used for both signature generation and verification, and key wrapping which is not allowed in Approved mode. Longmai Public Material
Note: For Getdata, authentication is required for tag ID 0x4000- 0XFFFF according to the “Read” access control of EF 3F01. The key attribute can identify the type of key, ID, number of retries, whether it is unmodified, etc. These attributes are not CSP or PSP. You cannot obtain the specific content of the key through the properties of the key, nor can you use (signature, verify, encrypt and decrypt) or clear the key through the properties of the key. For example: A user PIN ID is 0x01 Retry time is 10 PIN value is 12345678 Through GetSecretKeyInfo you can get the ID and Retry, but can't get the PIN value. For details regarding service inputs, corresponding service outputs, status return codes and description of each service listed, please refer to section 4 of [APDU].
All Non-Approved services implemented by the Module are listed in the table below: Name Description Algorithms Role SessionKeyKAS Generate a key pair or Session SHA-1 Admin, User Key using EC Diffie Hellman (P256/P-521) KAS and KDF GenSessionKey Generate a Session Key HMAC-SHA-1 Admin, User Triple-DES CMAC with Triple-DES Verify PIN Verify Admin or User PIN. Triple-DES Issuer, Admin, User, Unauthenticated SymImportSessionKey Import a Session Key that is Triple-DES Admin, User wrapped by a Session Key SymExportSessionKey Import a Session Key that is Triple-DES Admin, User wrapped by a Session Key SymCryptInit Symmetric algorithm initialization Triple-DES Admin, User SymEncryptUpdate Continuously encrypt data part Triple-DES Admin, User SymEncryptFinal Encrypt the final data part and Triple-DES Admin, User finish the operation SymDecryptUpdate Continuously decrypt data part Triple-DES Admin, User SymDecryptFinal Decrypt the final data part and Triple-DES Admin, User finish the operation MacInit Initialize MAC Calculation CMAC with Admin, User Triple-DES MacUpdate MAC calculation update CMAC with Admin, User Triple-DES MacFinal MAC calculation finish CMAC with Admin, User Triple-DES AsymWrapImportPub Import a public key wrapped by a Triple-DES Admin, User Session Key Longmai Public Material
Name Description Algorithms Role AsymWrapImportPri Import a private key wrapped by a Triple-DES Admin, User Session Key AsymWrapExportPub Export a public key wrapped with a Triple-DES Admin, User Session Key AsymWrapExportPri Export a Private key wrapped by a Triple-DES Admin, User Session Key AsymSign Calculate digital signature SHA-1 Admin, User AsymVerifySign Verify digital signature SHA-1 Admin, User HashInit Initialize a hash operation SHA-1 Issuer, Admin, User, Unauthenticated HashUpdate Continuously hash data part SHA-1 Issuer, Admin, User, Unauthenticated HashFinale Hash the final data part and get SHA-1 Issuer, Admin, User, the hash value Unauthenticated CreateSessionKey Create a Session Key with SHA-1 Admin, User plaintext key value AsymEnDecrypt RSA PKCS V1.5 encrypt/decrypt RSA Admin, User AsymKeyOperation RSA encrypt/decrypt (no padding) RSA Admin, User AsymImportSessionKey Import a Session Key that is KTS Admin, User wrapped by a Public Key Triple-DES AsymExportSessionKey Export an AES Session Key that is KTS Admin, User wrapped by a Public Key Triple-DES Table 15: Non-Approved Services
NOTE: There is no External Software/Firmware Loaded.
The Module is composed of a single firmware component. The mToken CryptoID uses ECDSA P256(SHA2-256) for the integrity test of its firmware. ECDSA digital SigVer is an Approved algorithm that is provided by the module. The known digital signature value of the firmware is stored in the firmware binary. When the Module is powered-up, the Module will generate the SHA2-256 hash value of the firmware of the Module. Then use ECDSA P-256 to digitally verify the generated SHA2-256 hash value along with the stored digital signature. If this fails, the integrity test fails, and the Module enters the Error state.
The operator can initiate the integrity test on demand via the HealthCheck service. Longmai Public Material
Type of Operational Environment: Non-Modifiable How Requirements are Satisfied [O]:
The Module operates in a non-modifiable operational environment and does not implement a General Purpose Operating System. Once the firmware of the Module is loaded on the mToken CryptoID, it cannot be modified or erased, firmware cannot be upgraded/updated. The operational environment requirements do not apply to the Module.
The Module’s enclosure, which surrounds the SCC-XE microcontroller, is made of fully hardened production grade polycarbonate (plastic) or metal. A colored polycarbonate or metal enclosure blocks the clear view of internal hardware components. There is a hard, non-malleable metal casing around the USB connector. The SCC-XE microcontroller is covered in a black, opaque, tamper resistant epoxy resin coating thus completely covering all critical components from visual inspection. Any attempt to remove or penetrate the enclosure is highly likely to cause serious damage to the Module and hardware components inside the enclosure, which will expose clear evidence of tampering. Removing the metal around the USB connector will cause physical damage to the USB connector and its related pins, making the entire cryptographic module inoperable. If evidence of tampering occurs, the Module should be returned to the issuer immediately to be destroyed. Once the cryptographic Module is powered off, all plaintext keys and unprotected CSPs will be zeroized. Mechanism Inspection Frequency Inspection Guidance Hard During Initialization by CO and Before first use by Operator should look for enclosure end user. damage Table 16: Mechanisms and Actions Required
Longmai Public Material
Temp/Voltage Temperature EFP Result Type or Voltage or EFT LowTemperature -30C EFP Zeroization/Shutdown HighTemperature 80C EFP Zeroization/Shutdown LowVoltage 2.7v EFP Shutdown HighVoltage 5.8v EFP Shutdown Table 17: EFP/EFT Information
Temperature Temperature Type LowTemperature -30C HighTemperature 80C Table 18: Hardness Testing Temperatures The Module was only tested at nominal room temperature.
The Module does not implement any mitigation method against non-invasive attacks. Longmai Public Material
Storage Area Description Persistence Name Type System Memory Only stored in volatile memory (RAM) in plaintext. Dynamic Disk Drive Stored in flash in plaintext, associated by memory location (pointer). Static Table 19: Storage Areas
Name From To Format Distribution Entry SFI or Type Type Type Algorithm Input with Key the host Disk Drive Encrypted Manual Electronic KTS1 wrapping using SP800-38f Input with Key the host Disk Drive Encrypted Manual Electronic KTS2 wrapping using IG D.G Input in plain text the host System Plaintext Manual Electronic SigVer3 Memory Output with Key Disk Drive the host Encrypted Manual Electronic KTS1 wrapping using SP800-38f Output with Key Disk Drive the host Encrypted Manual Electronic KTS2 wrapping using IG D.G Output in plain text System the host Plaintext Manual Electronic SigVer3 Memory Table 20: SSP Input-Output Methods
Zeroization Description Rationale Operator Method Initiation Z1 By rebooting the module. Reboot module, all data stored in volatile Implicit memory (RAM) will be lost Z2 Derive New Zeroize the old SSP, and then derive a new Explicit SSP Z3 "FormatDevice" APDU. Format the file system of the device with the Explicit specified configuration. Overwrite with 1's followed by reset to default value if appropriate. Longmai Public Material
Zeroization Description Rationale Operator Method Initiation Z4 Erased by "DeleteFile" Deletes the specified DF or EF with 0xff. Explicit APDU Z5 Erased by Destroy the specified session key or all Explicit "DestroySessionKey" APDU session keys with 0xff Z6 Erased by Clear Auth status Implicit "ClearSecureState" APDU Z7 SecureMessageKAS Zeroization of S_ENC, S_MAC, S_Private Implicit and S_Pulic keys and generates new of these. Z8 Automatically destroyed Set 0xff to the temporary data Implicit after authentication. Z9 Erased by Format the file system of the device with the Explicit "ChangeWorkingMode" specified configuration. Overwrite with 1's APDU followed by reset to default value if appropriate. Table 21: SSP Zeroization Methods
All usage of these SSPs by the Module are described in the services detailed in Section 4.3 Name Description Size - Type - Generated Establishe Used By Strength Category By d By DRBG_EI EntropHash 1150 - N/A - CSP Entropy RBG DRBG N/A entropy input. ESV Cert. #E44y input, Nonce from the entropy source DRBG (Cert. #A2662) DRBG_See Entropy 1724 - N/A - CSP Entropy RBG d input, Nonce N/A from the entropy source DRBG (Cert. #A2662) DRBG_Stat Derived from 440 - Symmetric RBG SymGen1 e Keys inputs into 256 Key - CSP AsymGen1 the SigGen1 Hash_DRBG AsymGen2 (V and C) SymGen2 DRBG (Cert. #A2662) Longmai Public Material
Name Description Size - Type - Generated Establishe Used By Strength Category By d By ECDSA ECDSA P256, Asymmetri AsymGen1 ECDSA Private Key Signature P512 - c Private KeyGen Generation 128, 256 Key - CSP (FIPS186-4) key (A2663) ECDSA KeyVer (FIPS186-4) (A2663) KEY_EA Used to 8 and 32 Password - AES-KW authenticate character CSP (A2660) the host to passwor the module d - N/A KEY_IA Used to 8 and 32 Password - AES-KW authenticate character CSP (A2660) the module to passwor the host d - N/A KEY_MC Used to 256 - Symmetric AES-KW authenticate 256 Key - CSP (A2660) the Issuer KEY_PIN Used to 8 and 32 Password authenticate character CSP the Admin or passwor User d - N/A PWD Hash 256-bit 256 - Hash Key - Hash Hash password 256 CSP hash for KEY_PIN RSA Private RSA PKCS1 2048 - Asymmetri AsymGen2 RSA KeyGen Key Signature 112 c Private (FIPS186-4) Generation Key - CSP (A2663) Key S_ENC Secure 256 - Symmetric KAS1 AES-CBC messaging 256 Key - CSP (A2660) encryption AES-CMAC key (A2660) AES-ECB (A2660) S_MAC Secure 256 - MAC Key - KAS1 AES-CBC messaging 256 CSP (A2660) MAC AES-CMAC (A2660) AES-ECB (A2660) S_Private EC DH P-521 - Asymmetri AsymGen1 KAS1 Private key 256 c Private ECDSA agreement Key - CSP KeyGen key (FIPS186-4) (A2663) ECDSA KeyVer (FIPS186-4) (A2663) Longmai Public Material
Name Description Size - Type - Generated Establishe Used By Strength Category By d By Session Key
256, 384, ECDSA ECDSA P256, Asymmetri AsymGen1 KAS-ECC Public Verification P521 - c Public Sp800-56Ar3 and KAS 128, 256 Key - PSP (A2659) ECDSA SigVer (FIPS186-4) (A2663) RSA Public RSA PKCS1 2048 - Asymmetri AsymGen2 RSA SigVer Key Verification 112 c Public (FIPS186-4) Key Key - PSP (A2663) S_Host Secure P-256, Asymmetri KAS-ECC messaging P-512 - c Public Sp800-56Ar3 ephemeral 128, 256 Key - PSP (A2659) host public ECDSA key KeyVer (FIPS186-4) (A2663) S_Public Secure P-256, Asymmetri AsymGen1 KAS-ECC messaging P-512 - c Public Sp800-56Ar3 ephemeral 128, 256 Key - PSP (A2659) module ECDSA public key SigVer (FIPS186-4) (A2663) Table 22: SSP Table 1 Name Input - Storage Storage Zeroization Related SSPs Output Duration DRBG_EI System Until the Z1 DRBG_Seed:Used with Memory :Plaintext module is Z3 Hash_DRBG rebooted Z9 Longmai Public Material
Name Input - Storage Storage Zeroization Related SSPs Output Duration DRBG_Seed System Until the Z1 DRBG_EI:Derived from Memory :Plaintext module is Z3 entropy source output rebooted Z9 and nonce DRBG_State Keys:Used by the Hash_DRBG DRBG_State System Until the Z1 DRBG_Seed:Derived Keys Memory :Plaintext module is Z3 from entropy source rebooted Z9 output and nonce ECDSA Private:Derived from the DRBG into the HASH_DRBG RSA Private Key:Derived from the DRBG into the HASH_DRBG ECDSA Public:Derived from the DRBG into the HASH_DRBG RSA Public Key:Derived from the DRBG into the HASH_DRBG S_Private:Derived from the DRBG into the HASH_DRBG S_Public:Derived from the DRBG into the HASH_DRBG ECDSA Input with Disk N/A Z1 DRBG_State Private Key Key Drive :Plaintext Z3 Keys:Derived From wrapping Z4 ECDSA Public:Paired using Z9 With SP800-38f Output with Key wrapping using SP800-38f KEY_EA Input with Disk N/A Z1 Key Drive :Plaintext Z3 wrapping Z9 using IG D.G KEY_IA Input with Disk N/A Z3 Key Drive :Plaintext Z9 wrapping using IG D.G KEY_MC Input with Disk N/A Z3 Key Drive :Plaintext Z9 wrapping using IG D.G Longmai Public Material
Name Input - Storage Storage Zeroization Related SSPs Output Duration KEY_PIN Input with Disk N/A Z3 PWD Hash:As hash Key Drive :Encrypted Z4 value of KEY_PIN wrapping Z9 using IG D.G PWD Hash System Until it is Z3 KEY_PIN:As the Memory :Plaintext used Z8 original value Z9 RSA Private Input with Disk N/A Z3 DRBG_State Key Key Drive :Plaintext Z4 Keys:Used With wrapping Z9 RSA Public Key:Paired using With SP800-38f Output with Key wrapping using SP800-38f S_ENC System Until the Z1 S_Private:Join the Memory :Plaintext module is Z2 derive process with rebooted Z3 S_MAC Z6 S_MAC:Used With Z7 Z9 S_MAC System Until the Z1 S_Private:Join the Memory :Plaintext module is Z2 derive process with rebooted Z3 S_ENC Z6 S_ENC:Used With Z7 Z9 S_Private System Until the Z1 S_ENC:Join the derive Memory :Plaintext module is Z3 process with S_MAC rebooted Z7 S_MAC:Join the derive Z9 process with S_ENC S_Public:Paired With Session Key Input with System Until the Z1 DRBG_State Keys:Use (up to 4) Key Memory :Plaintext module is Z3 random value as wrapping rebooted Z5 session key using Z6 SP800-38f Z7 Output with Z9 Key wrapping using SP800-38f HMAC Key System Until the Z1 Session Key (up to Memory :Plaintext module is Z3 4):Used With rebooted Z5 Z6 Z7 Z9 Longmai Public Material
Name Input - Storage Storage Zeroization Related SSPs Output Duration ECDSA Output with Disk N/A Z3 ECDSA Private Public Key Drive :Plaintext Z4 Key:Paired With wrapping Z9 using IG D.G RSA Public Output with Disk N/A Z3 RSA Private Key:Paired Key Key Drive :Plaintext Z4 With wrapping Z9 using IG D.G S_Host Input in System Until the Z1 S_Private:: Join KAS plain text Memory :Plaintext module is Z3 with S_Private rebooted Z6 S_ENC:Derive from Z9 KAS, as a shared secret S_MAC:Derive from KAS, as a shared secret S_Public Output in System Until the Z1 S_Private:Paired With plain text Memory :Plaintext module is Z3 rebooted Z6 Z9 Table 23: SSP Table 2 Longmai Public Material
The Module performs self-tests to ensure the proper operation of the Module. Per FIPS 140-3 requirements, these are categorized as either pre-operational self-tests or conditional self-tests. When the mToken CryptoID is powered on, the Pre-Operational self-tests are executed automatically without any operator intervention. If the Module completes the Pre-Operational self-tests successfully, the Module will enter either Approved Mode or Non-Approved Mode depending on the initial configuration of the Module by the Manufacturer or Distributor. If the Module enters approved mode, a steady green LED will be observed; if the module enters Non-Approved mode, a steady red LED will be observed. The Module returns “0000000000000000” from the calling GetHealthStatus APDU command which indicates that the Pre-Operational self-tests have completed successfully. If any Pre-Operational self-test fails, the Module enters into the Error state. All data output is prohibited, and no further cryptographic operation is allowed. The green LED will blink quickly (flashing every 200ms), and the module will return an error code to indicate that the Module is in the Error state. The on-demand self-tests can be invoked by the HealthCheck APDU command or by unplugging the token and plugging it back in to reinitiate the Pre-Operational self-tests. The Module logs the last self-test error which can be retrieved via the APDU command GetHealthStatus.
ESV RCT and SP 800-90B Critical Success or Failure Code As specified in APT Health-Test Function [90B] section 4.4. for start-up requirements Longmai Public Material
Table 24: Pre-Operational Self-Tests Longmai Public Material
The Module performs the following conditional self-tests in the table below: Algorithm Test Test Test Indicator Details Conditions or Test Properties Method Type AES-ECB AES-128 KAT CAST steady green LED Encryption bootup (A2660) ECB will be observed and the GetHealthStatus APDU command returns code: 0000000000000000 AES- 256 KAT CAST Success or Failure Authentication bootup CMAC Code Encryption (A2660) AES-ECB AES-128 KAT CAST Success or Failure Decryption bootup (A2660) ECB Code AES- 256 KAT CAST Success or Failure Authenticated bootup CMAC Code Decryption (A2660) Hash SHA2-256 KAT CAST Success or Failure Hash_DRBG bootup DRBG Code health tests per (A2662) SP 800-90A Section 11.3 (Generate, Instantiate, and reseed) ECDSA P-521 KAT CAST Success or Failure Signature bootup SigGen Code Generation (FIPS1864) (A2663) ECDSA P-521 KAT CAST Success or Failure Signature bootup SigVer Code Verification (FIPS1864) (A2663) ECDSA P-521 PCT PCT Success or Failure Key Generation bootup KeyGen inclusive Code Pairwise (FIPS186- to Consistency 4) (A2663) KeyGen Test for and Signature KeyVer Generation and ECDH key generation. Inclusive to KeyGen and KeyVer ESV RCT and SP 800- CAST Success or Failure As specified in Continuous APT 90B Code [90B] section Health- 4.4 for Test continuous tests Longmai Public Material
Algorithm Test Test Test Indicator Details Conditions or Test Properties Method Type HMAC- HMAC- KAT CAST Success or Failure HMAC-SHA2- bootup SHA2-256 SHA2-256 Code 256 KAT (A2661) HMAC- HMAC- KAT CAST Success or Failure HMAC-SHA2- bootup SHA2-384 SHA2-384 Code 384 KAT (A2661) HMAC- HMAC- KAT CAST Success or Failure HMAC-SHA2- bootup SHA2-512 SHA2-512 Code 512 KAT (A2661) RSA 2048-bit KAT CAST Success or Failure Signature bootup SigGen RSA Code Generation (FIPS186- PKCSv1.5
Algorithm or Test Method Test Type Period Periodic Method Test ECDSA SigVer Signature SW/FW Integrity Automatically Automatically (FIPS186-4) Verification performed by the performed: (A2663) Module every 2 programmatically; minutes. If the module is in the process of executing an APDU command it will delay the periodic self-test Longmai Public Material
Algorithm or Test Method Test Type Period Periodic Method Test until the APDU command processing is completed. ESV SP 800-90B Critical Function N/A N/A Health-Test Table 26: Pre-Operational Periodic Information Algorithm or Test Method Test Type Period Periodic Method Test AES-ECB (A2660) KAT CAST Automatically Automatically performed by the performed: Module every 2 programmatically; minutes. If the module is in the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed. AES-CMAC KAT CAST Automatically Automatically (A2660) performed by the performed: Module every 2 programmatically; minutes. If the module is in the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed. AES-ECB (A2660) KAT CAST Automatically Automatically performed by the performed: Module every 2 programmatically; minutes If the module is in the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed Longmai Public Material
Algorithm or Test Method Test Type Period Periodic Method Test AES-CMAC KAT CAST Automatically Automatically (A2660) performed by the performed: Module every 2 programmatically; minutes. If the module is in the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed Hash DRBG KAT CAST Automatically Automatically (A2662) performed before performed: Reseed. When programmatically the bit number less than 2^48 ECDSA SigGen KAT CAST Automatically Automatically (FIPS186-4) performed by the performed: (A2663) Module every 2 programmatically; minutes. If the module is in the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed ECDSA SigVer KAT CAST Automatically Automatically (FIPS186-4) performed by the performed: (A2663) Module every 2 programmatically; minutes. If the module is in the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed ECDSA KeyGen PCT inclusive to PCT N/A N/A (FIPS186-4) KeyGen and (A2663) KeyVer ESV SP 800-90B CAST Continuous As specified in Health-Test [90B] section 4.4 for continuous tests HMAC-SHA2-256 KAT CAST Automatically Automatically (A2661) performed by the performed: Longmai Public Material
Algorithm or Test Method Test Type Period Periodic Method Test Module every 2 programmatically; minutes. If the module is in the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed HMAC-SHA2-384 KAT CAST Automatically Automatically (A2661) performed by the performed: Module every 2 programmatically; minutes. If the module is in the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed HMAC-SHA2-512 KAT CAST Automatically Automatically (A2661) performed by the performed: Module every 2 programmatically; minutes. If the module is in the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed RSA SigGen KAT CAST Automatically utomatically (FIPS186-4) performed by the performed: (A2663) Module every 2 programmatically; minutes. If the module is in the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed RSA SigVer KAT CAST Automatically Automatically (FIPS186-4) performed by the performed: (A2663) programmatically; Longmai Public Material
Algorithm or Test Method Test Type Period Periodic Method Test Module every 2 If the module is in minutes. the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed RSA KeyGen PCT PCT N/A N/A (FIPS186-4) (A2663) SHA2-256 KAT CAST Automatically Automatically (A2661) performed by the performed: Module every 2 programmatically; minutes. If the module is in the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed SHA2-384 KAT CAST Automatically Automatically (A2661) performed by the performed: Module every 2 programmatically; minutes. If the module is in the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed SHA2-512 KAT CAST Automatically Automatically (A2661) performed by the performed: Module every 2 programmatically; minutes. If the module is in the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed Longmai Public Material
Algorithm or Test Method Test Type Period Periodic Method Test KAS-ECC Sp800- KAT CAST Automatically Automatically 56Ar3 (A2659) performed by the performed: Module every 2 programmatically; minutes. If the module is in the process of executing an APDU command it will delay the periodic self-test until the APDU command processing is completed Table 27: Conditional Periodic Information
Name Description Conditions Recovery Indicator Method C_HEALTH_ERROR The Module Noise Generator Reboot The Module enters the error fails a self-test. Self-Test Error module state and outputs status Symmetric indication: The green LED Algorithm Self- blinks every 200ms Test Error Pairwise consistency test Error Table 28: Error States
Installation and Initialization: Physical access to the Module shall be limited to the Crypto-Officer, and the CO shall be responsible for putting the module into the Approved mode upon initialization. First time access to the mToken CryptoID requires the CO to connect to the module and perform the initialization steps via the Factory Tool. The following steps must be performed by the CO to securely install, initialize and start up the cryptographic module in the FIPS 140-3 Approved mode of operation: Longmai Public Material
user’s responsibility to change the default KEY_PIN immediately once they receive the module. The end user can use the ChangeSecretKey APDU command to change the KEY_PIN. Delivery: The Module is shipped from the manufacturer without initialization to the Issuer (CO). The following steps must be performed to securely deliver the mToken CryptoID cryptographic Module to the authorized operator:
This Module needs to negotiate a pair of AES Keys (S_ENC and S_ENC) to allow authentication and secure initialization of the Module. All communications to initialize the Module will require a secure session using this key pair which will encrypt and authenticate all data input. During module initialization, the operator of the Module will only operate it in approved mode and provide only approved and allowed security functions. To confirm operation in the Approved Mode of Operation, the operator can use the “Get Data” APDU command. All communication of the module will require a secure session using the S_ENC and S_ENC for encrypting and MACing all data input and output. Operators shall maintain physical possession of the device until keys are zeroized successfully. In this way, the zeroization technique is performed in a time that will not allow the CSPs to be compromised.
The Admin and User role can’t initialize the device, install KEY_MC, KEY_IA, KEY_EA or KEY_PIN, and can’t change the work mode either. After the Admin and User role performs KEY_PIN authentication, it can create and delete CSP files such as public and private keys.
Rules of Operation
After the end-of-life, the operator should send the device back to the Issuer (CO). The CO should zeroize all SSPs using the “FormatDevice“ service followed by shredding the Module.
The Module implement the following mitigation methods against other attacks. Longmai Public Material
References and Definitions The following standards may be referred to in this Security Policy. Table 29 - References Abbreviation Full Specification Name [FIPS140-3] Security Requirements for Cryptographic Modules, March 22, 2019 mToken CryptoID APDU Specification, Century Longmai Technology Co. Ltd, December 29, [APDU] 2021 [ISO19790] International Standard, ISO/IEC 19790, Information technology
Abbreviation Full Specification Name [38B] National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication, Special Publication 800-38B, May 2005 [38C] National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality, Special Publication 80038C, May 2004 [38D] National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC, Special Publication 800-38D, November 2007 [38E] National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices, Special Publication 800-38E, January 2010 [38F] National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping, Special Publication 800-38F, December 2012 [56Ar3] NIST Special Publication 800-56A Revision 3, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, April 2018 [56Br2] NIST Special Publication 800-56B Revision 2, Recommendation for Pair-Wise Key Establishment Schemes Using Finite Field Cryptography, March 2019 [56Cr2] NIST Special Publication 800-56C Revision 2, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, August 2020 [67] National Institute of Standards and Technology, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, Special Publication 800-67, May 2004 [90A] National Institute of Standards and Technology, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, Special Publication 800-90A, Revision 1, June 2015. [90B] National Institute of Standards and Technology, Recommendation for the Entropy Sources Used for Random Bit Generation, Special Publication 800-90B, January 2018. Table 30
Acronym Definition LED Light Emitting Diode PIN Personal Identification Number PKI Public Key Infrastructure Longmai Public Material