| Standard | FIPS 140-3 |
|---|---|
| Overall level | 3 |
| Module type | Hardware |
| Embodiment | Multi-Chip Embedded |
| Status | Active |
| Sunset date | 12/2/2026 |
| Caveat | Interim Validation |
| Vendor | Quadient Technologies |
| Algorithm | ACVP Cert |
|---|---|
| AES-CBC | A728 |
| AES-CBC | A728 |
| AES-CMAC | A760 |
| Conditioning Component Block Cipher Derivation Function SP800-90B | A3803 |
| Counter DRBG | A2930 |
| DSA KeyGen (FIPS186-4) | A767 |
| ECDSA KeyGen (FIPS186-4) | A2931 |
| ECDSA SigGen (FIPS186-4) | A2931 |
| ECDSA SigVer (FIPS186-4) | A2931 |
| HMAC-SHA-1 | A729 |
| HMAC-SHA2-256 | A729 |
| HMAC-SHA2-256 | A729 |
| KAS-FFC-SSC Sp800-56Ar3 | A2929 |
| KDF TLS | A761 |
| RSA KeyGen (FIPS186-4) | A765 |
| SHA-1 | A730 |
| SHA2-256 | A730 |
flowchart LR
%% Deterministic review-risk graph for Quadient Postal Security Device
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>update<br/>Firmware load</i>"]
C3["[low] Self-test / status surface<br/>(referenced in text)<br/><i>status output<br/>Unauthenticated<br/>Self-test</i>"]
C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>no library/version identified</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>application</i>"]
end
subgraph Inference["Derived inference"]
I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
I3["Possible only, some<br/>services may process input<br/>before, or without,<br/>operator authentication."]
I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C5 --> I5 --> R5 --> E5
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C2,C3,C5,C6 clue;
class I2,I3,I5,I6 infer;
class R2,R3,R5,R6 risk;
class E2,E3,E5,E6 evidence;flowchart LR
%% Deterministic clue tier for Quadient Postal Security Device
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>update<br/>Firmware load</i><br/>src: text:keyword"]
C3["[low] Self-test / status surface (referenced in text)<br/><i>status output<br/>Unauthenticated<br/>Self-test</i><br/>src: text:keyword"]
C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>no library/version identified</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C2,C3,C5,C6 clueLow;Classification: External Quadient Postal Security Device Security Policy Valid from: 27/11/2024 Version No.: V 1.2 This document is non-proprietary. It may be reproduced or transmitted only in its entirety without revision. © Quadient
Classification: External Document Name: Security Policy Content Page 2/28
Classification: External Document Name: Security Policy Page 3/28
Classification: External Document Name: Security Policy Figure list Table list Page 4/28
Classification: External Document Name: Security Policy
Overall Level 3 Table 1: Security Levels Page 5/28
Classification: External Document Name: Security Policy 2. Cryptographic module specification 2.1. Overview The Quadient Postal Security Device is a hardware cryptographic module embedded within Quadient postal franking machines. The Quadient Postal Security Device performs all franking machine’s cryptographic and postal security functions and protects the Critical Security Parameters (CSPs) and Postal Relevant Data from unauthorized access. Model Hardware Part Number Firmware Part Number Firmware Version Quadient Postal A0014227-B and A0014227-C A0156569A a31.05 Security Device Table 2: Cryptographic Module Tested Configuration The Quadient Postal Security Device (Figure 1) is a multi-chip standalone cryptographic module enclosed within a hard, opaque, plastic enclosure encapsulating the epoxy potted module which is wrapped in a tamper detection envelope with a tamper response mechanism. This enclosure constitutes the cryptographic module’s physical boundary. Figure 1
Classification: External Document Name: Security Policy 2.4. Security industry protocols The cryptographic module implements the TLS v1.2 protocol and uses only one cipher suite (TLS-DHE-RSAWITH-AES-128-CBC-SHA256). The TLS protocol is composed of TLS Handshake protocol (used for mutual authentication and TLS pre-master secret establishment) and TLS Record protocol (used for application data confidentiality and integrity). 2.5. Security functions 2.5.1. Approved Algorithms The Quadient Postal Security Device supports the following approved security functions: CAVP Algorithm and Modes/ Description/ Key Use/Function Cert. Standard Methods Size(s)/ Key Strength(s) Cert. #A728 AES CBC CBC 128 Encryption/Decryption of: FIPS 197
1 ECDSA P-244 Signature Verification is included on the algorithm certificate but not used by the module.
Classification: External Document Name: Security Policy CAVP Algorithm and Modes/ Description/ Key Use/Function Cert. Standard Methods Size(s)/ Key Strength(s) Cert. #A2929 KAS-SSC FFC DH 112 Key agreement used to establish TLS SP 800-56A r3 session keys C(2e, 0s, FFC DH), with DSA KeyGen (Cert. #A767) as a prerequisite, using loaded ffdhe2048 safe prime domain parameters. Provides 112 bits of encryption strength. AES (Cert. KTS AES CBC 128 bits TLS key transport scheme, using #A728) SP 800-38F HMAC-SHA-256 256 bits keys established with KAS-SSC and HMAC (Cert. TLS KDF. Provides 112 bits of #A729) encryption strength. Cert. #A765 RSA SHA-256 2048 Key Generation FIPS 186-4 PKCS1 v1.5 Signature generation/Signature verification of X509 certificates used by TLS Handshake protocol, Signature verification of signed files imported into the module2 Cert. #A730 SHS SHA-1, SHA-256 N/A Hashing algorithm used for: FIPS 180-4
2 RSA Signature Verification to FIPS 186-2 with modulo 1536 is listed on the algorithm certificate but not utilized by the module.
Classification: External Document Name: Security Policy 2.5.4. Non-Approved Algorithms The module supports only approved algorithms. Algorithm and Modes/ Description/ Key Size(s)/ Use/Function Standard Methods Key Strength(s) N/A N/A N/A N/A Table 6: Non-Approved Algorithms 2.5.5. Security Function Implementations (SFI) Name Type Description SF Properties Algorithms / CAVP Cert. KAS KAS NIST SP 800- FFC (2048, 224) KAS-SSC (Cert. #A2929) 56Arev3 KAS-SSC Providing 112 bits of CVL (Cert. #A761) Per IG D.F encryption strength Scenario 2 path (2). KTS KTS NIST SP 800-38F. 128-bit key providing 128 AES-CBC (Cert. #A728) KTS (key wrapping bits of encryption HMAC-SHA-256 (Cert. and unwrapping) strength #A729) per IG D.G. Table 7: Security Function Implementations 2.5.6. Entropy Sources The module includes an internal entropy source for the generation of the DRBG seed. Please refer to the entropy source validation (ESV) certificate E58. Vendor Name Certificate Number Quadient Technologies France E58 Table 8: Entropy Source Implementations The entropy source generates 384 bits of entropy input which is combined with a 64-bit nonce, 64-bit personalization string, and 128 bits of additional input. This input is used to instantiate (or reseed) the CTRDRBG. The entropy source has a rate of 88% and therefore provides the DRBG with a full 128-bit security strength. 2.5.7. Key Establishment The module supports the establishment of cryptographic keys using finite field cryptography (FFC) in conformance with NIST SP 800-56A Rev3. The module implements KAS-FFC-SSC per NIST SP 800-56A Rev3 (Cert. #A2929), used in conjunction with TLS KDF per NIST SP 800-135 (Cert. #A761). Key establishment methodology provides at least 112 bits of encryption strength. This is used to establish TLS v1.2 Page 9/28
Classification: External Document Name: Security Policy communication sessions in conformance with NIST SP 800-38F using AES (Cert. #A728) and HMAC (Cert. #A729). 2.6. Security Rules This section documents the security rules applied by the cryptographic module to implement the security requirements of a FIPS 140-3 level 3 module:
Classification: External Document Name: Security Policy Indicia Authentication Secret Key PIN 5: TX data output/status output PSD TLS Communication Certificate chain PSD DH Public Key Indicia Authentication Public Keys PIN 6: TX data output/status output PSD TLS Communication Certificate chain PSD DH Public Key Indicia Authentication Public Keys PIN 7: Power power N/A PIN 8: Power power N/A PIN 9: Ground N/A N/A PIN 10: Ground N/A N/A Table 9: Ports and Interfaces The data output interface and cryptographic operations are inhibited during zeroization, key generation, self-tests, and error states. No plaintext CSPs are input or output from the module through this serial interface. 4. Roles, services, and authentication 4.1. Roles The Quadient Postal Security Device supports authorized roles for operators and corresponding services within each role. The Quadient Postal Security Device supports the following Crypto-Officer roles: Field Crypto-Officer and Postal Crypto-Officer. The Quadient Postal Security Device supports the following User roles: Base User, R&D Signer and Unauthenticated User. For each role, the Quadient Postal Security Device provides the following services and the corresponding input and outputs: Page 11/28
Classification: External Document Name: Security Policy Role Service Input Output Field Crypto-Officer TLS Handshake Field Server TLS Communication Certificate chain, PSD TLS Communication Certificate chain, Field Server DH Public parameters (p, g, Y) TLS DH Public Key (Y) Generate PKI Key N/A PSD TLS Communication Certificate (self-signed) Get PKI Certificate N/A PSD TLS Communication Certificate chain Set PKI Certificate PSD TLS Communication Certificate chain N/A Postal Crypto-Officer TLS Handshake Postal Server TLS Communication Certificate PSD TLS Communication Certificate chain, chain, TLS DH Public Key (Y) Postal Server DH Public parameters (p, g, Y) Generate Stamp Key Expiry date Indicia Authentication Secret or Private and Public Keys Set Stamp Key Indicia Authentication Key (encrypted), expiry N/A date Software download Utility certificate, Root Certificate Ok or error code Postal services (set resetting value, get Postal data Postal data, status statistic) Read Status (Get Device Info service) N/A PSD State Read Part Number (Get Device Info N/A PART_NUMBER (package/firmware) service) Base User TLS Handshake Base TLS Communication Certificate chain, PSD TLS Communication Certificate chain, Base DH Public Key (Y) TLS DH Public parameters (p, g, Y) Postal Indicia Indicia input data Indicia digital signature or MAC Read Status (Status request) N/A PSD State Read Part Number (Get Device Info N/A PART_NUMBER (package/firmware) service) Self-test N/A Ok or error message Get Error Log N/A Error log information, includes most recent error codes, date & time stamps Page 12/28
Classification: External Document Name: Security Policy Role Service Input Output R&D Signer User Verify Files (Check File) Utility Certificate, Root Certificate, file’s signature Ok or error code & hash TLS Handshake R&D Signer Communication Certificate chain PSD TLS Communication Certificate chain, R&D Signer User DH Public Key (Y) TLS DH Public parameters (p, g, Y) Unauthenticated Read Status (Status request) N/A PSD State User Read Part Number (Get Device Info N/A PART_NUMBER (package/firmware) service) Zeroize SSP N/A Ok or error code Table 10: Roles, Service Commands, Input and Output Page 13/28
Classification: External Document Name: Security Policy 4.2. Authentication To control access to the module the Quadient Postal Security Device employs identity-based authentication mechanism. For each role, the Quadient Postal Security Device provides the following authentication method: Role Authentication Method Authentication Strength (bits) Field Crypto-Officer TLS 1.2 handshake, X509 certificates 112 Postal Crypto-Officer TLS 1.2 handshake, X509 certificates 112 Base User TLS 1.2 handshake, X509 certificates 112 R&D Signer User TLS 1.2 handshake, X509 certificates 112 Unauthenticated User N/A N/A Table 11: Roles and Authentication Mutual authentication is based on the TLS v1.2 Handshake Protocol using the "TLS-DHE-RSA" cryptographic suite, with 2048 RSA key length for authentication.
Classification: External Document Name: Security Policy 4.3. Services 4.3.1. Approved services Service Description Approved Security Keys and/or SSPs Roles Access rights to keys Indicator Functions and/or SSPs Generate PKI Key Ask the module to RSA 2048, PSD TLS Field Crypto-Officer (G) PSD TLS APPR_MODE generate its TLS DRBG, Communication Communication communication key AES 128 Private and Public Private Key, pair Keys, (G) PSD TLS DRBG entropy input Communication (if needed), Public Key (X509 DRBG parameters
Classification: External Document Name: Security Policy Service Description Approved Security Keys and/or SSPs Roles Access rights to keys Indicator Functions and/or SSPs Generate Stamp Key Ask the module to HMAC-SHA-1 or Indicia Authentication Postal Crypto-Officer (G) Indicia APPR_MODE generate Indicia HMAC-SHA-256 or Secret or Authentication Secret Authentication Key(s) CMAC AES 128 or Private & Public Key, Key or (Secret or ECDSA P-224 or DRBG entropy input (G) Indicia Private/Public, ECDSA P-256, (if needed), Authentication depending on country SHA-256, DRBG parameters
Classification: External Document Name: Security Policy Service Description Approved Security Keys and/or SSPs Roles Access rights to keys Indicator Functions and/or SSPs TLS Handshake TLS handshake RSA 2048, SHA-256, PSD TLS Field Crypto-Officer, (E) PSD TLS APPR_MODE protocol KAS-SSC (DH), Communication Postal Crypto-Officer, Communication Status_REQ before KDF (CVL) Public Key, TLS DH Base User, Public Key (TLS and after TLS Private Key (x), TLS R&D Signer User Communication Handshake DH Public parameters Certificate chain), (p, g Y) or TLS DH (G) TLS DH Private Key Public Key (Y), (x), TLS Communication (G) TLS DH Public Key Secret Keysets, TLS (Y) or pre-master key, TLS (G) TLS DH Public master key, Field parameters (p, g, Y), Server or Postal (G) TLS pre-master Server or Base or R&D key, Signer User Public (G) TLS master key, Key, (G) TLS DRBG entropy input communication secret (if needed), keyset, DRBG parameters
15 15 Zeroization indicator
Classification: External Document Name: Security Policy Service Description Approved Security Keys and/or SSPs Roles Access rights to keys Indicator Functions and/or SSPs Self-test AES (CBC 128), N/A Base User N/A APPR_MODE AES (CMAC 128), DRBG, ECDSA (P-224), ECDSA (P-256), HMAC (SHA-1), HMAC (SHA-256), KAS-SSC, TLS-KDF, RSA, SHA-1, SHA-256 Postal Services Set resetting value N/A N/A Postal Crypto-Officer N/A N/A Audit Get Error Log Get the module’s N/A N/A Base User N/A APPR_MODE most recent error code Software Download Firmware update RSA 2048, SHA-256 Utility Public Key Postal Crypto-Officer (E/W) Utility Public APPR_MODE (Utility Certificate), Key (Utility Root Public Key (Root Certificate), Certificate) (E) Root Public Key (Root Certificate) Table 12: Approved Services G = Generate: The module generates or derives the SSP. R = Read: The SSP is read from the module (e.g., the SSP is output). W = Write: The SSP is updated, imported, or written to the module. E = Execute: The module uses the SSP in performing a cryptographic operation. Z = Zeroise: The module zeroises the SSP. Page 18/28
Classification: External Document Name: Security Policy 4.3.2. Non-approved services The module does not support any non-approved services.
Classification: External Document Name: Security Policy Specify if this condition Temperature or voltage EFP / EFT results in a shutdown or measurement zeroisation Low temperature -30°C EFT The PSD ceases operation High temperature +84°C EFP Zeroization Low voltage 9.6V EFT Undervoltage protection (infinite while loop) High voltage 15.6V EFT Overvoltage protection Table 14: EFP/EFT The non-removable enclosure and epoxy resin maintain strength and hardness characteristics over the operating, storage and distribution temperature range of the PSD, i.e. -30°C and 84°C. 8. Non-invasive security The module does not provide protections against non-invasive security methods. Page 20/28
Classification: External Document Name: Security Policy 9. Sensitive security parameters management Key/SSP Name/Type Strength Security Function Generation Import/ Establishment Storage Zeroisation Use & related keys and Cert. Number Export Master Secret Key 128 AES CBC 128 bits Internally: N/A N/A Plaintext in - Invocation of “Zeroize Internally encrypt & decrypt (Cert. #A728) DRBG volatile SSPs” service; PSDs critical security memory - Breach of flex circuit parameters. protected by triggers “Zeroize SSPs” tamper service; response - PSD temperature mechanism over 84C triggers “Zeroize SSPs” service (EFP measure); DRBG entropy input 128 ESV (Cert. #E58) Internally: N/A N/A Plaintext in Invocation of “Zeroize Input to DRBG. Entropy volatile SSPs” service; Source memory - Breach of flex circuit protected by triggers “Zeroize SSPs” tamper service; response - PSD temperature mechanism over 84C triggers “Zeroize SSPs” service (EFP measure); DRBG parameters
Classification: External Document Name: Security Policy Key/SSP Name/Type Strength Security Function Generation Import/ Establishment Storage Zeroisation Use & related keys and Cert. Number Export PSD TLS 112 RSA PKCS #1 v1.5 Internally: Export N/A Plaintext Invocation of “Zeroize The key resides in a signed X509 Communication 2048 bits FIPS186-4 SSPs” service; certificate used for Public Key (Cert. #A765) KEYGEN authentication by the cryptographic module to the Base/Field server/Postal Server. TLS DH Private Key 112 Diffie-Hellman Internally: N/A N/A N/A Immediately after use (i.e., Diffie-Hellman private key used DRBG TLS-pre-master key to agree TLS pre-master.
establishment) TLS DH Public Key and 112 Diffie-Hellman Internally: SP Export SP 800-56Ar3 N/A Immediately after use (i.e., Diffie-Hellman Public Key (Y) Public parameters 2048 bits 800-56Ar3 TLS-pre-master key and Public parameters (p, g, Y) establishment) used during TLS handshake to agree upon a TLS pre-master secret. DH Public Key is relevant when the module acts as an initiator whereas DH Public parameters are relevant when the module acts as a responder. TLS pre-master key 256 KAS-SSC (Cert. Internally N/A KAS-SSC N/A Immediately after use TLS Private and Public Keys bytes #A2929) TLS master key 48 bytes TLS KDF (Cert. Internally N/A TLS KDF N/A TLS session closure Used to derive the keys used by #A761) TLS Record Protocol (TLS Communication Secret Keyset). TLS Communication 128 AES CBC: Internally N/A TLS KDF N/A TLS session closure Encrypt & Decrypt & Integrity Secret Keyset 2 x 128 bits TLS Communication. (Cert. #A728); HMAC-SHA-256:
(Cert. #A730). Indicia Authentication 160 or HMAC-SHA-1 (160 Internally Export KTS and Encrypted Rendered unusable by Indicia authentication Secret Key 256 or bits key)3 (w/Master zeroization of “Master (dependent on country
128 (Cert. #A729) Secret) Secret” configuration).
Classification: External Document Name: Security Policy Key/SSP Name/Type Strength Security Function Generation Import/ Establishment Storage Zeroisation Use & related keys and Cert. Number Export or TLS HMAC-SHA-256 Communication (256 bits key4) Secret Keyset (Cert. #A729) or CMAC AES 1285 (Cert. #A760) Indicia Authentication 112 ECDSA P2246 or Internally: N/A Encrypted Rendered unusable by Indicia authentication Private Key ECDSA P2567 DRBG (w/Master zeroization of “Master (dependent on country (Cert. #A2931) Secret) Secret” configuration). Indicia Authentication 112 ECDSA P224 or FIPS 186-4 Export Plaintext Invocation of “Zeroize Indicia authentication Public Key ECDSA P256 ECDSA SSPs” service; (dependent on country (Cert. #A2931) KEYGEN configuration). Root Public Key 112 RSA PKCS #1 v1.5 Externally Import N/A Plaintext Invocation of “Zeroize Signed X509 Certificate of the (Root Certificate) 2048 bits SSPs” service; Current Root Public key used for (Cert. #A765) the verification of authenticated messages input from the Field server/Postal server/Base. Previous Root Public 112 RSA PKCS #1 v1.5 Externally Import N/A Plaintext Invocation of “Zeroize Signed X509 Certificate of the Key (Previous Root 2048 bits SSPs” service; Previous Root Public key used Certificate) (Cert. #A765) for the verification of authenticated messages input from the Field server/Postal server/Base. Region Public Key 112 RSA PKCS #1 v1.5 Externally Import N/A Plaintext Invocation of “Zeroize Signed X509 Certificate of the (Region Certificate) 2048 bits SSPs” service; current Region Public key used (Cert. #A765) for the verification of authenticated messages input UK Belgium
Classification: External Document Name: Security Policy Key/SSP Name/Type Strength Security Function Generation Import/ Establishment Storage Zeroisation Use & related keys and Cert. Number Export from the Field server/Postal server/Base. Utility Public Key 112 RSA PKCS #1 v1.5 Externally Import N/A Plaintext Invocation of “Zeroize Signed X509 Certificate of the (Utility certificate) 2048 bits SSPs” service; R&D Signer User for (Cert. #A765) authentication of files loaded into module. Field Server Public Key 112 RSA PKCS #1 v1.5 Externally Import N/A Plaintext Invocation of “Zeroize Signed X509 Certificate of the (Field Server 2048 bits SSPs” service; Field Server used to Certificate) (Cert. #A765) authenticate the Field CO. Postal Server Public 112 RSA PKCS #1 v1.5 Externally Import N/A Plaintext Invocation of “Zeroize Signed X509 Certificate of the Key (Postal Server 2048 bits SSPs” service; Postal Server used to Certificate) (Cert. #A765) authenticate the Postal CO Base Public Key (Base 112 RSA PKCS #1 v1.5 Externally Import N/A Plaintext Invocation of “Zeroize Signed X509 Certificate of the Certificate) 2048 bits SSPs” service; Base used to authenticate the (Cert. #A765) Base User. R&D Signer User 112 RSA PKCS #1 v1.5 Externally Import N/A Plaintext Invocation of “Zeroize Signed X509 Certificate of the Public Key (R&D 2048 bits SSPs” service; R&D Signer used to Signer Certificate) (Cert. #A765) authenticate the R&D Signer User. Table 15: SSPs Page 24/28
Classification: External Document Name: Security Policy 10. Self-tests The Quadient Postal Security Device performs pre-operational (§10.1) and conditional self-tests (§10.20) without external control or operator intervention. The Quadient Postal Security Device inhibits the data output and control interfaces during self-tests. If a self-test fails, the Quadient Postal Security Device enters in error state and outputs an error indicator (error code). The Quadient Postal Security Device does not perform any cryptographic operations or output control and data via the control and data output interface while in an error state. The PSD must be repowered to exit the error state and if the error persists the module must be returned to Quadient. The Quadient Postal Security Device maintains a self-test error log that is accessible by an authorized operator of the module. 10.1. Pre-operational self-tests The Quadient Postal Security Device performs the following pre-operational self-tests at power-up:
Classification: External Document Name: Security Policy 10.2. Conditional self-tests The Quadient Postal Security Device performs the following conditional self-tests:
Classification: External Document Name: Security Policy execution date and time is stored in non-volatile memory. The periodic self-test execution failure is recorded in the error log. 11. Life-cycle assurance Quadient Technologies France is using a system configuration management tool (Windchill) to manage products configurations (including the cryptographic module). 11.1. Installation, Initialization, and Startup Procedures The module is initialized and configured for a specific country in manufacturing. The postal meter is then authorized and shipped to the end customer. 11.2. Administrator Guidance The PSD TLS Communication RSA key pair is generated at the customization center during manufacturing. The PSD TLS Communication key pair is generated internally, by the module itself. Once the key pair is available, the public key is immediately output for certification by the Manufacturing CA entity. After the certificate is available and downloaded into the module, all communication between the manufacturing environment and the module are mutually authenticated and encrypted via a TLStunnel. Once installed in the postage meter (at the customer site), the module first connects to the Postal Server via a mutually authenticated TLS session and sends its certificate for certification. A new certificate chain is downloaded into the module to be used for communication with Quadient infrastructure (Postal Server) to access available services, during the operational phase. 11.3. Non-Administrator Guidance The Quadient postage meters include detailed user guidance in its free online manuals: iX Range - KCMS (quadient.com). 11.4. Design and rules The cryptographic module’s firmware has been implemented using a high-level language (C), except for the limited use of assembly language where it was essential for performance. 11.5. End of life Upon end of life, the module is withdrawn from service and returned to manufacturing for decommissioning and scrapping. Page 27/28
Classification: External Document Name: Security Policy