Requirements#
Symmetric Encryption#
Symmetric Encryption and Decryption
|
status: valid
security: YES
safety: QM
|
||||
The security component shall provide functionality for symmetric encryption and decryption. |
|||||
AES-CBC Support
|
status: valid
security: YES
safety: QM
|
||||
The security component shall support the AES-CBC symmetric encryption algorithm. |
|||||
AES-GCM Support
|
status: valid
security: YES
safety: QM
|
||||
The security component shall support the AES-GCM symmetric encryption algorithm. |
|||||
AES-CCM Support
|
status: valid
security: YES
safety: QM
|
||||
The security component shall support the AES-CCM symmetric encryption algorithm. |
|||||
ChaCha20-Poly1305 Support
|
status: valid
security: YES
safety: QM
|
||||
The security component shall support the ChaCha20-Poly1305 symmetric encryption algorithm. |
|||||
Asymmetric Encryption#
Asymmetric Encryption and Decryption
|
status: valid
security: YES
safety: QM
|
||||
The security component shall provide functionality for asymmetric encryption and decryption. |
|||||
ECDH Support
|
status: valid
security: YES
safety: QM
|
||||
The security component shall support the ECDH algorithm for key exchange. |
|||||
Digital Signatures#
Signature Creation
|
status: valid
security: YES
safety: QM
|
||||
The security component shall provide functionality to create digital signatures. |
|||||
Signature Verification
|
status: valid
security: YES
safety: QM
|
||||
The security component shall provide functionality to verify digital signatures. |
|||||
ECDSA Support
|
status: valid
security: YES
safety: QM
|
||||
The security component shall support the ECDSA algorithm for digital signatures. |
|||||
Message Authentication Code (MAC)#
Message Authentication Code
|
status: valid
security: YES
safety: QM
|
||||
The security component shall provide functionality for Message Authentication Codes (MAC) to ensure message integrity and authenticity. |
|||||
Hashing#
Hashing Functionality
|
status: valid
security: YES
safety: QM
|
||||
The security component shall provide hashing functionality. |
|||||
SHA-2 Support
|
status: valid
security: YES
safety: QM
|
||||
The security component shall support the SHA-2 hashing algorithm. |
|||||
SHA-3 Support
|
status: valid
security: YES
safety: QM
|
||||
The security component shall support the SHA-3 hashing algorithm. |
|||||
Key Derivation Functions (KDF)#
Key Derivation
|
status: valid
security: YES
safety: QM
|
||||
The security component shall provide Key Derivation Functions (KDFs) to derive one or more secret keys from a master key or password. |
|||||
Random Number Generation#
Entropy Source
|
status: valid
security: YES
safety: QM
|
||||
The security component shall provide a source of entropy for random number generation. |
|||||
ChaCha20Rng Support
|
status: valid
security: YES
safety: QM
|
||||
The security component shall use the ChaCha20Rng algorithm for random number generation. |
|||||
Certificate Management#
Certificate Management
|
status: valid
security: YES
safety: QM
|
||||
The security component shall provide functionality to manage a set of signed and verified (trusted) certificates. |
|||||
Key Management#
Secure Key Generation
|
status: valid
security: YES
safety: QM
|
||||
The security component shall support the secure generation of key material. |
|||||
Secure Key Import
|
status: valid
security: YES
safety: QM
|
||||
The security component shall support the secure import of key material. |
|||||
Secure Key Storage
|
status: valid
security: YES
safety: QM
|
||||
The security component shall support the secure storage of key material. |
|||||
Secure Key Deletion
|
status: valid
security: YES
safety: QM
|
||||
The security component shall support the secure deletion of key material. |
|||||
API to allow selection of different algorithms
|
status: valid
security: YES
safety: QM
|
||||
The API of the security component shall allow a selection of the available algorithms based on their unique name. |
|||||
Non-Functional Requirements#
The security component shall contain a set of extendable benchmark tests to derive KPIs from running all it’s cryptographic operations on different systems.
Standardized Algorithm Naming
|
status: valid
security: YES
safety: QM
|
||||
The security component shall use a uniform and unambiguous naming scheme for cryptographic algorithms. |
|||||
No Key Material Exposure
|
status: valid
security: YES
safety: QM
|
||||
The API of the security component shall not reveal key material to its users. |
|||||
Side-Channel Attack Mitigation
|
status: valid
security: YES
safety: QM
|
||||
The security component shall be designed to mitigate side-channel and timing attacks. |
|||||
API Lifecycle Management
|
status: valid
security: YES
safety: QM
|
||||
|
|||||
Structured Error Handling
|
status: valid
security: YES
safety: QM
|
||||
The security component shall provide a structured and consistent mechanism for error reporting and logging. |
|||||
Security Concept
|
status: valid
security: YES
safety: QM
|
||||
A security concept shall be created for the security component, including security goals, plausible attacks, critical failures, and countermeasures. |
|||||
Crypto Algorithm Update Strategy
|
status: valid
security: YES
safety: QM
|
||||
The security component shall allow the updating of its cryptographic algorithms. |
|||||
Reverse Engineering Protection
|
status: valid
security: YES
safety: QM
|
||||
The security component shall withstand reverse engineering of its secrets. |
|||||
Initial Production Key Handling
|
status: valid
security: YES
safety: QM
|
||||
The security component shall consider the production scenario where initial production keys are brought into the system. |
|||||
Post-Quantum Readiness
|
status: valid
security: YES
safety: QM
|
||||
The security component shall be designed to be ready for post-quantum cryptography. |
|||||
Hardware Acceleration Support
|
status: valid
security: YES
safety: QM
|
||||
The security component shall be able to rely on hardware acceleration for cryptographic operations. |
|||||
Software Fallback
|
status: valid
security: YES
safety: QM
|
||||
A software-only solution for cryptographic operations shall be available as a fallback. |
|||||
Trusted Time Source
|
status: valid
security: YES
safety: QM
|
||||
The security component shall have access to a trusted real-world wall clock. |
|||||
OS-Level Protection
|
status: valid
security: YES
safety: QM
|
||||
The security component shall use system-level means (e.g., co-processor, HSM, TEE) to protect its memory and CPU from applications and the normal operating system. |
|||||
Access Control
|
status: valid
security: YES
safety: QM
|
||||
The security component shall support roles and capability rights management to enforce access control to cryptographic functions and key material. |
|||||
Intrusion Detection System (IDS) Integration
|
status: valid
security: YES
safety: QM
|
||||
The security component shall provide a mechanism to report potential security anomalies or threats to an Intrusion Detection System (IDS). |
|||||
Denial-of-Service (DoS) Mitigation
|
status: valid
security: YES
safety: QM
|
||||
The security component shall incorporate measures to mitigate the risk of Denial-of-Service (DoS) attacks that could be caused by malicious messages creating exceptional computational load. |
|||||
Secure Communication Protocols#
TLS Support
|
status: valid
security: YES
safety: QM
|
||||
The security component shall support the Transport Layer Security (TLS) 1.3 protocol for secure communication over Ethernet. |
|||||