Document Comparison
PCI_HSM_Eval_Vendor_Questionnaire_v2.pdf
→
PCI_HSM_Eval_Vendor_Questionnaire_v3.pdf
53% similar
40 → 75
Pages
5355 → 11547
Words
104
Content Changes
Content Changes
104 content changes. 47 administrative changes (dates, page numbers) hidden.
Added
p. 2
February 2016 3.x PCI RFC version
Added
p. 2
Note to Assessors When protecting this document for use as a form, leave Sections 5 and 7 (Annex B and “Device Diagrams”) unprotected to allow for insertion of appropriate diagrams and reports. Under “Tools / Protect Document,” select “Forms” then “Sections,” and un-check Sections 5 and 7 as illustrated below.
Added
p. 5
• Message Authentication Codes (MACs)
• Part 1: Mechanisms using a block cipher ISO 9797-1 Banking•Key Management (Retail) ISO 11568 Information Technology
• Part 1: General ISO/IEC 18033-1 Information Technology
• Encryption algorithms
• Encryption algorithms
• Part 3: Block Ciphers ISO/IEC 18033-3 Information Technology
• Part 1: Mechanisms using a block cipher ISO 9797-1 Banking•Key Management (Retail) ISO 11568 Information Technology
• Part 1: General ISO/IEC 18033-1 Information Technology
• Encryption algorithms
• Encryption algorithms
• Part 3: Block Ciphers ISO/IEC 18033-3 Information Technology
Added
p. 9
Each side of the device The back of the device The front of the device 19 Why the device implementation is such it is not feasible to penetrate and alter the device to disclose sensitive information or to insert a sensitive-information-disclosing bug without requiring an attack potential of at least 26, with a minimum of 13 for exploitation.
Added
p. 12
The algorithms and key lengths used for the signatures.
Any padding schemes used for the signatures, and how this prevents padding oracle attacks.
How modification of the sensitive information is prevented after signature validation.
Any padding schemes used for the signatures, and how this prevents padding oracle attacks.
How modification of the sensitive information is prevented after signature validation.
Added
p. 13
Whether the physical protections cover all memory traces, vias, passive elements, or other areas of access.
How the memory packages are protected, including access to BGA balls and traces on internal chip carriers of packages.
How the memory packages are protected, including access to BGA balls and traces on internal chip carriers of packages.
Added
p. 13
The algorithms and key lengths used.
What modes of operation are used for the encryption.
How encrypted values copied using physical access from one memory location to another are ensured to decrypt to values that do not reveal information about the original values and cannot be used to modify memory contents in a controlled manner.
How the method of encryption prevents the exposure of sensitive information through building of a “dictionary” (i.e., look-up table) of possible encrypted values by writing know plaintext values via logical access and reading out ciphertext values via physical access.
If a key stream mode of encryption is used (e.g., OFB), how the encryption of different data with the same key is prevented.
What modes of operation are used for the encryption.
How encrypted values copied using physical access from one memory location to another are ensured to decrypt to values that do not reveal information about the original values and cannot be used to modify memory contents in a controlled manner.
How the method of encryption prevents the exposure of sensitive information through building of a “dictionary” (i.e., look-up table) of possible encrypted values by writing know plaintext values via logical access and reading out ciphertext values via physical access.
If a key stream mode of encryption is used (e.g., OFB), how the encryption of different data with the same key is prevented.
Added
p. 14
The different ways in which the element may be programmed or configured.
Any in-circuit testing or debugging features provided by these elements.
The methods implemented to disable the programming/testing features.
Any in-circuit testing or debugging features provided by these elements.
The methods implemented to disable the programming/testing features.
Added
p. 14
What mechanisms are implemented to prevent these applications from modifying this information.
Added
p. 24
Section B4.1 # If the answer to B4.1 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 27
Examples are key loading or the definition and maintenance of user roles.
Added
p. 33
The circumstances under which such data may be erased.
Added
p. 34
Whether the chosen key length is appropriate for the algorithm and its protection purpose.
For the algorithm(s) used, the key size(s) used as denoted in Appendix D of the DTRs.
For the algorithm(s) used, the key size(s) used as denoted in Appendix D of the DTRs.
Added
p. 35
If “YES,” describe the method.
Added
p. 35
If “YES,” describe how the variant(s) are protected at an equivalent or greater level of security as the original key(s).
Added
p. 47
Section D1 # If the answer to D1 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 48
Section D2 # If the answer to D2 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 49
Section D3 # If the answer to D3 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 49
Section D4 # If the answer to D4 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 50
Section D5 # If the answer to D5 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 51
Section E1 # If the answer to E1 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 52
Section E2 # If the answer to E2 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 53
Section F1 # If the answer to F1 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 53
Section F2 # If the answer to F2 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 54
Section F3 # If the answer to F3 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 54
Section F4 # If the answer to F4 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 55
Section G1 # If the answer to G1 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 55
Section G2 # If the answer to G2 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 56
Section G3 # If the answer to G3 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 56
Section G4 # If the answer to G4 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 57
Section H1 # If the answer to H1 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 58
Section H2 # If the answer to H2 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 59
Section I1 # If the answer to I1 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 59
Section I2 # If the answer to I2 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 60
Section I3 # If the answer to I3 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 60
Section I4 # If the answer to I4 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 60
How production software (e.g., firmware) is stored during manufacturing.
Added
p. 61
Section I5 # If the answer to I5 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 61
Section I6 # If the answer to I6 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 62
Section I7 # If the answer to I7 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 62
Section I8 # If the answer to I8 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 62
2. The process used for inspection and testing subsequent to repair to ensure that the device has not been subject to unauthorized modification.
Added
p. 63
Note: In the following requirements, the device under evaluation is referred to as the “device.”
Section J1 # If the answer to J1 in the PCI HSM Modular Security Requirements was “YES,” describe:
Section J1 # If the answer to J1 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 64
Section J2 # If the answer to J2 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 64
Section J3 # If the answer to J3 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 65
Section J4 # If the answer to J4 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 65
Section J5 # If the answer to J5 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 65
Section J6 # If the answer to J6 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 66
Section J7 # If the answer to J7 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 66
Section J8 # If the answer to J8 in the PCI HSM Modular Security Requirements was “YES,” describe:
Added
p. 67
PCB Designator PCB Version PCB purpose Picture reference Tamper- Detection Mechanisms DTR TA1.14 Using vendor documentation for each tamper grid that is implemented, complete the details indicated in the table below, describing, at a minimum:
Tamper Grid Physical Implementation Size of Traces and Distance between Traces, Signals, or Number of Tamper-Detecting Method of Connection Adjacent Signals? DTR TA1.16 For each tamper switch used in the device, complete the details indicated in the table below, at a minimum.
Tamper Grid Physical Implementation Size of Traces and Distance between Traces, Signals, or Number of Tamper-Detecting Method of Connection Adjacent Signals? DTR TA1.16 For each tamper switch used in the device, complete the details indicated in the table below, at a minimum.
Added
p. 68
Maximum Value Minimum Value Detecting Circuitry Response Voltage (Specify type) Configured Value Configured Value Tested Value Tested Value Temperature Configured Value Configured Value Tested Value Tested Value In the following table, outline the locations of all types of sensitive information and functions, adding to those provided where other types of sensitive information exist within the device.
Sensitive Information Storage area Method of protection Plaintext PINs Device Firmware Public keys DTR TB1.11 Complete the following table indicating the process used to authenticate the firmware images during each stage of the booting process.
Sensitive Information Storage area Method of protection Plaintext PINs Device Firmware Public keys DTR TB1.11 Complete the following table indicating the process used to authenticate the firmware images during each stage of the booting process.
Added
p. 69
Processing/ Application or Elements Used to Perform Authentication Algorithms and Key Sizes Used for Firmware Authentication Format of Authentication Process Performed if Authentication DTR TB11.13 Complete the following table for all keys and key-management methods outlined in DTR B11.
Added
p. 74
Section A2, Question 9:
Modified
p. 4 → 5
Publication Title Reference Banking•Retail Financial Services Symmetric Key Management ANSI X9.24 Key Establishment Using Integer Factorization Cryptography ANSI X9.44 Public Key Cryptography for the Financial Services ECDSA ANSI X9.62 Public Key Cryptography for the Financial Services Industry: Key Agreement and Key Transport Using Elliptic Curve Cryptography Interoperable Secure Key Exchange Key Block Specification for Symmetric Algorithms ANSI TR-31 FIPS PUB 140-2: Security Requirements for Cryptographic Modules FIPS Personal Identification Number (PIN) Management and Security ISO 9564 Information technology
Modified
p. 4 → 5
• Key Management, Part 3: Mechanisms Using Asymmetric Techniques (RSA and Diffie-Hellman) ISO 11770-3 Banking•Secure Cryptographic Devices (Retail) ISO 13491 Information Technology
• Key Management, Part 3: Mechanisms Using Asymmetric Techniques (RSA and Diffie-Hellman) ISO 11770-3 Banking•Secure Cryptographic Devices (Retail) ISO 13491 Financial services
• Requirements for message authentication using symmetric techniques Information Technology
• Requirements for message authentication using symmetric techniques Information Technology
Modified
p. 5 → 7
1. Complete the information below for the HSM being evaluated.
1. Complete the information below for the device being evaluated.
Modified
p. 5 → 7
2. Identify all sections of the questionnaire corresponding to those questions in the form of the PCI Hardware Security Module (HSM) Security Requirements manual (“HSM Security Requirements”) for which you answered “YES.”
2. Identify all sections of the questionnaire corresponding to those questions in the form of the PCI Hardware Security Module (HSM) Modular Security Requirements (“HSM Modular Security Requirements”) for which you answered “YES.”
Modified
p. 5 → 7
4. Provide sufficient detail to thoroughly describe the HSM attribute or function.
4. Provide sufficient detail to thoroughly describe the device attribute or function.
Modified
p. 5 → 7
Device Identifier Device Manufacturer:
Modified
p. 5 → 7
Application Version Number:
Application Version Number: (if applicable) Questionnaire completed by:
Modified
p. 6 → 8
Section A1 If the answer to A1 in the PCI HSM Security Requirements was “YES,” describe:
Section A1 # If the answer to A1 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 7 → 10
In what area(s) may it exist? Provide the documentation that describes the inspection process that must be performed.
In what area(s) may it exist? Provide the documentation that describes the inspection process that must be performed•for example, by including this information in Annex B at the end of the Questionnaire.
Removed
p. 8
The combinations of tamper detection and/or tamper evidence.
Modified
p. 8 → 11
Section A2 If the answer to A2 in the PCI HSM Security Requirements was “YES,” describe:
Section A2 # If the answer to A2 in the PCI HSM Modular Security Requirements was “YES,” describe:
Removed
p. 9
Section A3 If the answer to A3 in the PCI HSM Security Requirements was “YES,” describe:
Removed
p. 10
Section A4 If the answer to A4 in the PCI HSM Security Requirements was “YES,” describe:
Modified
p. 11 → 12
Section A5 If the answer to A5 in the PCI HSM Security Requirements was “YES,” describe:
Section A3 # If the answer to A3 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 12 → 15
Section A6 If the answer to A6 in the PCI HSM Security Requirements was “YES,” describe:
Section A4 # If the answer to A4 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 13 → 16
Section A7 If the answer to A7 in the PCI HSM Security Requirements was “YES,” describe:
Section A5 # If the answer to A5 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 13 → 16
If so, provide responses to Section A1.1.
If so, provide responses to Section A1.
Modified
p. 13 → 16
If so, provide responses to Section A1.1.
If so, provide responses to Section A1.
Modified
p. 14 → 18
Section B1 If the answer to B1 in the PCI HSM Security Requirements was “YES,” describe:
Section B1 # If the answer to B1 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 15 → 20
Section B2 If the answer to B2 in the PCI HSM Security Requirements was “YES,” describe:
Section B2 # If the answer to B2 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 16 → 22
Section B3 If the answer to B3 in the PCI HSM Security Requirements was “YES,” describe:
Section B3 # If the answer to B3 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 17 → 23
Section B4 If the answer to B4 in the PCI HSM Security Requirements was “YES,” describe:
Section B4 # If the answer to B4 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 18 → 25
Section B5 If the answer to B5 in the PCI HSM Security Requirements was “YES,” describe:
Section B5 # If the answer to B5 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 19 → 26
Section B6 If the answer to B6 in the PCI HSM Security Requirements was “YES,” describe:
Section B6 # If the answer to B6 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 20 → 27
Section B7 If the answer to B7 in the PCI HSM Security Requirements was “YES,” describe:
Section B7 # If the answer to B7 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 20 → 27
Data inputs cannot be discerned by monitoring audible or electro-magnetic emissions.
Modified
p. 22 → 29
Section B8 If the answer to B8 in the PCI HSM Security Requirements was “YES,” describe:
Section B8 # If the answer to B8 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 24 → 31
Section B9 If the answer to B9 in the PCI HSM Security Requirements was “YES,” describe:
Section B9 # If the answer to B9 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 25 → 32
Section B10 If the answer to B10 in the PCI HSM Security Requirements was “YES,” describe:
Section B10 # If the answer to B10 in the PCI HSM Modular Security Requirements was “YES,” describe:
Removed
p. 26
Key size Associated cryptographic algorithm The data that may be encrypted under the key The number of instances or registers for that key type How the key is identified by the HSM so that it is used only as intended 7 Whether the HSM has the ability to erase cryptographic keys.
Modified
p. 26 → 33
Section B11 If the answer to B11 in the PCI HSM Security Requirements was “YES,” describe:
Section B11 # If the answer to B11 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 28 → 34
Whether a random/pseudo-random key-generation process is used such that it is not possible to predict any key or determine that certain keys within the key space are significantly more probable than others.
The technique utilizes a random/pseudo-random key-generation process such that it is not possible to predict any key or determine that certain keys within the key space are significantly more probable than others.
Modified
p. 28 → 34
Yes No N/A Is the random source tested in a suitable manner before key generation? How the authenticity of public keys is ensured.
Modified
p. 28 → 34
Whether there is a certificate hierarchy. Yes No How certificates (signed public keys of the key-exchange partners) are generated; i.e., who signs?
Whether there is a certificate hierarchy. Yes No How certificates (signed public keys of the key-exchange partners) are generated•i.e., who signs? Whether there is mutual device authentication. Yes No If certificates are used, how they are tested and accepted or rejected.
Modified
p. 28 → 34
Whether there is a secure formatting and padding of the message used containing the symmetric secret key.
Modified
p. 28 → 34
Which effective key length(s) is/are utilized for all the cryptographic algorithm(s) in question?
The effective key length(s) that is/are utilized for all the cryptographic algorithm(s) in question.
Modified
p. 29 → 36
Section B12 If the answer to B12 in the PCI HSM Security Requirements was “YES,” describe:
Section B12 # If the answer to B12 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 30 → 37
Section B13 If the answer to B13 in the PCI HSM Security Requirements was “YES,” describe:
Section B13 # If the answer to B13 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 31 → 38
Section B14 If the answer to B14 in the PCI HSM Security Requirements was “YES,” describe:
Section B14 # If the answer to B14 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 32 → 39
Section B15 If the answer to B15 in the PCI HSM Security Requirements was “YES,” describe:
Section B15 # If the answer to B15 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 33 → 40
Section B16 If the answer to B16 in the PCI HSM Security Requirements was “YES,” describe:
Section B16 # If the answer to B16 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 34 → 41
Section B17 If the answer to B17 in the PCI PTS POI Security Requirements was “YES,” describe:
Section B17 # If the answer to B17 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 34 → 41
If yes, how is the separation between applications with security impact from those without security impacts enforced? 2 For each security relevant application, list by groups the data objects and their location.
If yes, describe how the separation between applications with security impact and those without security impact is enforced.
Modified
p. 34 → 42
Having access to the top-level master keys which protect the working keys- i.e., it cannot extract or modify the top-level master key.
Having access to the top-level master keys that protect the working keys•i.e., it cannot extract or modify the top-level master key.
Modified
p. 36 → 43
Section B18 If the answer to B18 in the PCI PTS POI Security Requirements was “YES,” describe:
Section B18 # If the answer to B18 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 37 → 44
Section B19 If the answer to B19 in the PCI HSM Security Requirements was “YES,” describe:
Section B19 # If the answer to B19 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 38 → 45
Section B20 If the answer to B20 in the PCI HSM Security Requirements was “YES,” describe:
Section B20 # If the answer to B20 in the PCI HSM Modular Security Requirements was “YES,” describe:
Modified
p. 38 → 45
If remote (over a network such as Ethernet or WiFi), what authentication and replay prevention mechanisms are used?
If remote (over a network such as Ethernet or WiFi), what authentication and replay prevention mechanisms are used?
Modified
p. 38 → 45
If direct (e.g., through serial or keypad on the device), what authentication mechanism is used?
If direct (e.g., through serial or keypad on the device), what authentication mechanism is used? 3 How the device prevents keys from being shared between PCI and non-PCI mode (zeroization or isolation).
Modified
p. 39 → 46
Section C1 If the answer to C1 in the PCI HSM Security Requirements was “YES,” describe:
Section C1 # If the answer to C1 in the PCI HSM Modular Security Requirements was “YES,” describe: