Secure storage units - Classification for high security locks according to their resistance to unauthorized opening

This European Standard specifies requirements for high security locks (HSL) for reliability, resistance to burglary and unauthorized opening with methods of testing. It also provides a scheme for classifying HSL in accordance with their assessed resistance to burglary and unauthorized opening.
It applies to mechanical and electronic HSL. The following features may be included as optional subjects but they are not mandatory:
a)   recognized code for preventing code altering and/or enabling/disabling parallel codes;
b)   recognized code for disabling time set up;
c)   integration of alarm components or functions;
d)   remote control duties;
e)   resistance to attacks with acids;
f)   resistance to X-rays;
g)   resistance to explosives;
h)   time functions.

Wertbehältnisse - Klassifizierung von Hochsicherheitsschlössern nach ihrem Widerstandswert gegen unbefugtes Öffnen

Dieses Dokument legt die Anforderungen an Hochsicherheitsschlösser (HSS) hinsichtlich ihrer Zuverlässigkeit, ihres Widerstandswertes gegen zerstörende Angriffe und gegen unbefugtes Öffnen sowie die Prüfverfahren fest. Sie bietet außerdem ein Schema zur Klassifizierung von Hochsicherheitsschlössern auf der Grundlage einer Bewertung ihres Widerstandswertes gegen zerstörende Angriffe und gegen unbefugtes Öffnen.
Sie gilt für mechanische und elektronische HSS. Die Schlösser können die folgenden Merkmale als Option enthalten, diese sind aber nicht zwingend erforderlich:
a)   Berechtigungscode zur Verhinderung einer Codeänderung und/oder der Freigabe/Sperrung eines Parallelcodes;
b)   Berechtigungscode zur Freigabe einer Zeitschlossfunktion;
c)   Einbau von Bauteilen oder Funktionen einer Alarmanlage;
d)   Funktionen zur Fernsteuerung und -überwachung;
e)   Widerstand gegen Angriffe mit Säuren;
f)   Widerstand gegen Angriffe mit Röntgenstrahlung;
g)   Widerstand gegen Angriffe mit Sprengstoffen;
h)   Zeitfunktionen.

Unités de stockage en lieu sûr - Classification des serrures haute sécurité en fonction de leur résistance à l'effraction

Varnostne shranjevalne enote - Klasifikacija visoko varnostnih ključavnic po odpornosti proti nepooblaščenemu odpiranju

Ta evropski standard določa zahteve visoko varnostnih ključavnic po zanesljivosti, protivlomni odpornosti in odpornosti proti nepooblaščenemu odpiranju s preskusnimi metodami. Prav tako zagotavlja shemo za klasifikacijo visoko varnostnih ključavnic v skladu z njihovo ocenjeno protivlomno odpornostjo in odpornostjo proti nepooblaščenemu odpiranju.
Velja za mehanske in elektronske visoko varnostne ključavnice. Vključijo se lahko naslednje neobvezne značilnosti:
a) priznana koda, ki onemogoča spreminjanje kode in/ali omogočanje/onemogočanje paralelnih kod;
b) priznana koda za onemogočanje nastavitve časa;
c) integracija komponent in funkcij alarmnega sistema;
d) daljinsko upravljanje;
e) odpornost na napade s kislinami;
f) odpornost na rentgenske žarke;
g) odpornost na eksplozive;
h) funkcije časa.

General Information

Status
Published
Publication Date
18-Dec-2018
Current Stage
6060 - Definitive text made available (DAV) - Publishing
Due Date
19-Dec-2018
Completion Date
19-Dec-2018

RELATIONS

Buy Standard

Standard
EN 1300:2019
English language
55 pages
sale 10% off
Preview
sale 10% off
Preview

e-Library read for
1 day

Standards Content (sample)

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.Wertbehältnisse - Klassifizierung von Hochsicherheitsschlössern nach ihrem Widerstandswert gegen unbefugtes ÖffnenUnités de stockage en lieu sûr - Classification des serrures haute sécurité en fonction de leur résistance à l'effractionSecure storage units - Classification for high security locks according to their resistance to unauthorized opening13.310Varstvo pred kriminalomProtection against crimeICS:Ta slovenski standard je istoveten z:EN 1300:2018SIST EN 1300:2019en,fr,de01-marec-2019SIST EN 1300:2019SLOVENSKI

STANDARDSIST EN 1300:20141DGRPHãþD
SIST EN 1300:2019
EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM
EN 1300
December
t r s z ICS
s uä u s r Supersedes EN
s u r rã t r s uEnglish Version

Secure storage units æ Classification for high security locks according to their resistance to unauthorized opening Unités de stockage en lieu sûr æ Classification des serrures haute sécurité en fonction de leur résistance à l 5effraction

Wertbehältnisse æ Klassifizierung von Hochsicherheitsschlössern nach ihrem Widerstandswert gegen unbefugtes Öffnen This European Standard was approved by CEN on

u September
t r s zä

egulations which stipulate the conditions for giving this European Standard the status of a national standard without any alterationä Upætoædate lists and bibliographical references concerning such national standards may be obtained on application to the CENæCENELEC Management Centre or to any CEN memberä

translation under the responsibility of a CEN member into its own language and notified to the CENæCENELEC Management Centre has the same status as the official versionsä

CEN members are the national standards bodies of Austriaá Belgiumá Bulgariaá Croatiaá Cyprusá Czech Republicá Denmarká Estoniaá Finlandá Former Yugoslav Republic of Macedoniaá Franceá Germanyá Greeceá Hungaryá Icelandá Irelandá Italyá Latviaá Lithuaniaá Luxembourgá Maltaá Netherlandsá Norwayá Polandá Portugalá Romaniaá Serbiaá Slovakiaá Sloveniaá Spainá Swedená Switzerlandá Turkey and United Kingdomä

EUROPEAN COMMITTEE FOR STANDARDIZATION COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre:
Rue de la Science 23,
B-1040 Brussels

t r s z CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Membersä Refä Noä EN

s u r rã t r s z ESIST EN 1300:2019
EN 1300:2018 (E) 2 Contents Page

European foreword ....................................................................................................................................................... 4 Introduction .................................................................................................................................................................... 6 1 Scope .................................................................................................................................................................... 7 2 Normative references .................................................................................................................................... 7 3 Terms and definitions ................................................................................................................................... 8 4 Classification .................................................................................................................................................. 14 5 Requirements ................................................................................................................................................ 14 5.1 General requirements ................................................................................................................................ 14 5.1.1 General ............................................................................................................................................................. 14 5.1.2 Requirements for all classes .................................................................................................................... 14 5.1.3 Class D HSL ...................................................................................................................................................... 14 5.1.4 Mechanical key operated HSL .................................................................................................................. 15 5.1.5 Lift heights for mechanical key locks .................................................................................................... 15 5.1.6 Electronic HSL ............................................................................................................................................... 15 5.1.7 Electronic tokens .......................................................................................................................................... 16 5.1.8 Requirements for cryptography in distributed security systems .............................................. 17 5.1.9 Firmware updates ........................................................................................................................................ 19 5.2 Security requirements ............................................................................................................................... 19 5.2.1 Usable codes ................................................................................................................................................... 19 5.2.2 HSL having over ride feature ................................................................................................................... 20 5.2.3 Manipulation resistance ............................................................................................................................ 20 5.2.4 Destructive burglary resistance ............................................................................................................. 20 5.2.5 Spying resistance .......................................................................................................................................... 20 5.2.6 Electrical and electromagnetic resistance .......................................................................................... 20 5.2.7 Physical environmental resistance ....................................................................................................... 21 5.2.8 Temperature resistance ............................................................................................................................ 21 5.3 Reliability requirements ........................................................................................................................... 23 6 Technical documentation .......................................................................................................................... 24 7 Test specimens .............................................................................................................................................. 25 8 Test methods ................................................................................................................................................. 26 8.1 General ............................................................................................................................................................. 26 8.1.1 General ............................................................................................................................................................. 26 8.1.2 Evaluation by inspection ........................................................................................................................... 26 8.1.3 Test procedure .............................................................................................................................................. 26 8.2 Security tests .................................................................................................................................................. 27 8.2.1 Usable codes ................................................................................................................................................... 27 8.2.2 Manipulation resistance ............................................................................................................................ 28 8.2.3 Destructive burglary resistance ............................................................................................................. 31 8.2.4 Spying resistance .......................................................................................................................................... 31 8.2.5 Electrical and electromagnetic resistance .......................................................................................... 32 8.2.6 Physical environmental resistance ....................................................................................................... 33 SIST EN 1300:2019

EN 1300:2018 (E) 3 8.2.7 Temperature resistance ............................................................................................................................. 35 8.3 Reliability testing .......................................................................................................................................... 35 8.3.1 Cycling ............................................................................................................................................................... 35 8.3.2 Code changes .................................................................................................................................................. 36 8.3.3 Dynamic code input of mechanical combination HSL ..................................................................... 36 9 Test report ...................................................................................................................................................... 37 10 Marking ............................................................................................................................................................ 37 Annex A (normative)

Parameters for installation and operating instructions ................................... 38 A.1 Installation instructions ............................................................................................................................. 38 A.2 Operating instructions ................................................................................................................................ 39 Annex B (normative)

Determination of manipulation resistance due to the design requirement ................................................................................................................................................... 40 B.1 General ............................................................................................................................................................. 40 B.2 Key locks .......................................................................................................................................................... 40 B.2.1 General ............................................................................................................................................................. 40 B.2.2 Gate clearance ................................................................................................................................................ 40 B.2.3 Bolt stump ....................................................................................................................................................... 43 B.2.4 False notches .................................................................................................................................................. 43 B.2.5 Additional design requirements ............................................................................................................. 44 B.3 Mechanical combination locks ................................................................................................................. 44 B.3.1 General ............................................................................................................................................................. 44 B.3.2 Fence ................................................................................................................................................................. 45 B.3.3 Wear test .......................................................................................................................................................... 46 Annex C (normative)

Manufacturer’s declaration ......................................................................................... 47 Annex D (informative)

Typical locking device dimensions ........................................................................ 49 Annex E (normative)

Determination of burglary resistance due to design requirements ............. 50 E.1 General ............................................................................................................................................................. 50 E.2 Electronic HSL with separate processing unit not included in the locking device ............... 50 E.2.1 Scope of design requirement .................................................................................................................... 50 E.2.2 Design requirement ..................................................................................................................................... 50 Annex F (normative)

Firmware declaration .................................................................................................... 51 Annex G (informative)

A-deviations ................................................................................................................... 52 Bibliography ................................................................................................................................................................. 55

SIST EN 1300:2019

EN 1300:2018 (E) 4 European foreword This document (EN 1300:2018) has been prepared by Technical Committee CEN/TC 263 “Secure storage of cash, valuables and data media”, the secretariat of which is held by BSI. This European Standard shall be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by June 2019, and conflicting national standards shall be withdrawn at the latest by June 2019. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN shall not be held responsible for identifying any or all such patent rights. This document supersedes EN 1300:2013. In comparison with EN 1300:2013, the following changes have been made: General changes: — references have been updated in Clause 2; — definitions in Clause 3 have been added (locking element, unsecured condition, firmware, application software and trusted device). Other definitions have been defined more precisely; — Clarifications in 5.1.2.4, 5.1.5.1, 5.1.5.3, 5.1.6.7, 5.1.8.2.3, 5.2.6.3, Clause 6, 8.2.5.8, 8.2.6.1, Clause 10 and Figure 1, Annex D. Technical changes for any type of lock: — the requirements for HSL with more than one mode of authentication have been added in 5.2.1 — the shock test has changed (see 8.2.6.2); — the immersion test is changed and now done with salt water. In addition, it is now done with the input unit sunk in water and in a second new test with the input unit outside of the water (see 8.2.6.3); — Cycling test has been updated (see 8.3.1.1); — The manipulation test has been renewed. A third basic value has been added (see 8.2.2.5) and the power supply test is now required for electronic locks (5.1.6.8 and 8.2.5); — The test report shall initiate the name and version of this standard (9.2); — The manufacturers declaration in Annex C has been updated. Technical changes for mechanical key operated locks: — The requirements for the production of mechanical key operated HSL have been raised (see 5.1.4.1). Technical changes for electronic locks: SIST EN 1300:2019

EN 1300:2018 (E) 5 — New requirements for electronic HSL have been added for instance in 5.1.6.1, 5.1.6.2, 5.1.6.3, 5.1.6.8, 5.2.5.4, 5.2.6.1, 5.2.6.3, Table 2. 8.2.5.5, 8.2.5.6, 8.2.6.4, and Annex A. This includes a new EMC test with higher frequency. — Requirements for one-time-code locks have been added in 5.1.6.9 and Annex A — The requirements of class A locks of the type “electronic token” and “distributed system” have been raised to the requirements of class B (see 5.1.7.4, 5.1.8.1.6, 5.1.8.1.8, 5.1.8.1.9.1 and 5.1.8.2.2) — Requirements for the viewing protection of distributed systems with remote input units have been added. — Requirements for firmware and firmware updates have been added in 5.1.9, Table 1 and in Annex F (“firmware declaration”). — Design requirements for a certain type of electronic lock have been added in new Annex E. This document reflects the market demand to include requirements for distributed systems and electronic locks and responds to the state of the art requirements when it was written down. This document has been prepared by the Working Group 3 of CEN/TC 263 as one of a series of standards for secure storage of cash valuable and data media. Other standards in the series are, among others: — EN 1047-1, Secure storage units — Classification and methods of test for resistance to fire — Part 1: Data cabinets and diskette inserts — EN 1047-2, Secure storage units — Classification and methods of test for resistance to fire — Part 2: Data rooms and data container — EN 1143-1, Secure storage units — Requirements, classification and methods of test for resistance to burglary — Part 1: Safes, ATM safes, strongroom doors and strongrooms — EN 1143-2, Secure storage units — Requirements, classification and methods of test for resistance to burglary — Part 2: Deposit systems — EN 14450, Secure storage units — Requirements, classification and methods of test for resistance to burglary — Secure safe cabinets According to the CEN-CENELEC Internal Regulations, the national standards organisations of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. SIST EN 1300:2019

EN 1300:2018 (E) 6 Introduction This document also specifies requirements for high security electronic locks (HSL) which are controlled remotely. Regarding distributed systems, this standard responds to the state of the art requirements when it was written down. It is mandatory that the standard has to be revised with a frequency of 3 years as the research in the area of cryptography and relevant attacks evolve with high speed as well as the referenced standards. SIST EN 1300:2019

EN 1300:2018 (E) 7 1 Scope This document specifies requirements for high security locks (HSL) for reliability, resistance to burglary and unauthorized opening with methods of testing. It also provides a scheme for classifying HSL in accordance with their assessed resistance to burglary and unauthorized opening. It applies to mechanical and electronic HSL. The following features can be included as optional subjects but they are not mandatory: a) recognized code for preventing code altering and/or enabling/disabling parallel codes; b) recognized code for disabling time set up; c) integration of alarm components or functions; d) remote control duties; e) resistance to attacks with acids; f) resistance to X-rays; g) resistance to explosives; h) time functions. 2 Normative references The following documents are referred to in the text in such a way that some or all of their content constitutes requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. EN 1143-1, Secure storage units - Requirements, classification and methods of test for resistance to burglary - Part 1: Safes, ATM safes, strongroom doors and strongrooms EN 1143-2, Secure storage units - Requirements, classification and methods of tests for resistance to burglary - Part 2: Deposit systems EN 60068-2-1, Environmental testing - Part 2-1: Tests - Test A: Cold (IEC 60068-2-1) EN 60068-2-2, Environmental testing - Part 2-2: Tests - Test B: Dry heat (IEC 60068-2-2) EN 60068-2-6, Environmental testing - Part 2-6: Tests - Test Fc: Vibration (sinusoidal) (IEC 60068-2-6) EN 61000-4-2, Electromagnetic compatibility (EMC) - Part 4-2: Testing and measurement techniques - Electrostatic discharge immunity test (IEC 61000-4-2) EN 61000-4-3, Electromagnetic compatibility (EMC) - Part 4-3: Testing and measurement techniques - Radiated, radio-frequency, electromagnetic field immunity test (IEC 61000-4-3) EN 61000-4-5, Electromagnetic compatibility (EMC) - Part 4-5: Testing and measurement techniques - Surge immunity test (IEC 61000-4-5) SIST EN 1300:2019

EN 1300:2018 (E) 8 EN ISO 6988, Metallic and other non-organic coatings - Sulfur dioxide test with general condensation of moisture (ISO 6988) ISO/IEC 9798-1:2010, Information technology — Security techniques — Entity authentication — Part 1: General ISO/IEC 9798-2, Information technology — Security techniques — Entity authentication — Part 2: Mechanisms using symmetric encipherment algorithms ISO/IEC 9798-4, Information technology — Security techniques — Entity authentication — Part 4: Mechanisms using a cryptographic check function NIST/SP 800-57, Recommendation for Key Management — Part 1: General NIST/SP 800-67, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher FIPS PUB 140-2:2002, Security Requirements for Cryptographic Modules FIPS 197, Advanced Encryption Standard (AES) 3 Terms and definitions For the purposes of this document, the following terms and definitions apply. ISO and IEC maintain terminological databases for use in standardization at the following addresses:

IEC Electropedia: available at http://www.electropedia.org/

ISO Online browsing platform: available at http://www.iso.org/obp 3.1 High Security Lock HSL independent assembly normally fitted to doors of secure storage units Note 1 to entry:

Codes can be entered into an HSL for comparison with memorized codes (processing unit). A correct match of an opening code allows movement of a blocking feature. 3.2 code identification information required which can be entered into a HSL and which, if correct, enables the security status of the HSL to be changed 3.2.1 opening code identification information which allows the HSL to be opened 3.2.2 recognized code identification information which allows access to the processing unit and which may also be an opening code Note 1 to entry: Master codes, manager codes, authorization codes and services codes may fall under recognized codes SIST EN 1300:2019

EN 1300:2018 (E) 9 3.2.3 duress code parallel code which initiates some additional function 3.2.4 parallel code opening code which has identical function to that of an existing opening code but constructed of different figures 3.3 coding means method by which the code is held 3.3.1 material code code defined by the physical features or other properties of a token 3.3.2 mnemonic code remembered code consisting of numeric and/or alphabetic information 3.3.3 biometric code code comprising human characteristics 3.3.4 one time code code changing after each use generated by use of an algorithm 3.4 input unit part of an HSL which communicates codes to a processing unit 3.5 processing unit part of an HSL which evaluates whether the input code is correct and enables or prevents movement of a locking device 3.6 locking device mechanical unit as part of the HSL inside of the secure storage unit that contains the blocking feature, the lock case, the lock cover and other mechanical and/or electronic parts Note 1 to entry: An example of a locking device is shown in Annex D. 3.7 token object whose physical form or properties defines a recognized code EXAMPLE A key. Note 1 to entry:

An electronic token incorporates an integrated circuit containing volatile and non-volatile memory, associated firmware/software and in many cases a microcontroller which communicates with an input unit by contact or contactless means. SIST EN 1300:2019

EN 1300:2018 (E) 10 3.8 mechanical HSL HSL which is secured by means of mechanical elements only 3.9 electronic HSL HSL which is secured partly or fully by electrical or electronic elements 3.10 blocking feature part of a HSL which, after inputting the correct opening code moves, or can be moved, typically this is a bolt Note 1 to entry:

A blocking feature either secures a door or prevents movement of a boltwork. The bolt of a lock is an example of a blocking feature. 3.11 locking element part of the HSL which enables the blocking feature to be moved EXAMPLES Levers, spindles, wheels, motors, solenoids. 3.12 destructive burglary attack which damages the HSL in such a manner that it is irreversible and cannot be hidden from the authorized user 3.13 reliability ability to function and achieve the security requirements of this standard after a large number of duty cycles 3.14 manipulation method of attack aimed at removing the blocking function without causing damage obvious to the user Note 1 to entry:

A HSL may function after manipulation although its security could be permanently degraded. 3.15 spying attempt to obtain unauthorized information 3.16 usable codes codes or tokens permitted by the manufacturer and conforming to the requirements of this standard Note 1 to entry:

For mechanical HSL the number of usable codes is much less than the total number of codes to which the HSL can be set. 3.17 scrambled condition coding elements are not in the configuration necessary for the HSL to be opened without entering the complete correct code or proper token SIST EN 1300:2019

EN 1300:2018 (E) 11 3.18 locking sequence series of actions which start with an open door and are complete when the door is closed, bolted, locked and secure 3.19 open door door which is not in its frame 3.20 closed door door which is within its frame ready for throwing its bolt(s) 3.21 bolted door closed door where the bolts of the boltwork are thrown, but the HSL may still be open 3.22 locked door bolted door where the boltwork cannot be withdrawn because of the HSL locking device being thrown 3.23 secured door door, which is closed, bolted and locked with an HSL in the secured HSL condition 3.24 secured HSL condition blocking feature is thrown and can only be withdrawn after entering the opening code(s) 3.25 unsecured HSL condition HSL not being in secure HSL condition 3.26 normal condition HSL specimen is in the secured HSL condition, and all design functions are operating 3.27 operating condition HSL specimen is in the secured HSL condition and can be unlocked with the opening code(s), but not all design functions are operable 3.28 fail secure HSL specimen is in the secured HSL condition, but not all design functions are operable therefore it cannot be unlocked with the opening code(s) 3.29 Resistance Unit RU value for burglary and manipulation resistance Note 1 to entry:

It shows a calculated result from using a tool with a certain value over a period of time. SIST EN 1300:2019

EN 1300:2018 (E) 12 3.30 penalty time time delay because of time exceeding the limit of trials 3.31 authentication method to prevent fraud by ensuring that communication with components of a distributed system can only be established after the identity of the components have been properly confirmed 3.32 cryptographic algorithm mathematical method for the transformation of data that includes the definition of parameters EXAMPLE Key length and number of iterations or rounds. 3.32.1 asymmetric cryptographic algorithm cryptographic algorithm that uses two related keys, a public key and a private key, which have the property that deriving the private key from the public key is computationally infeasible 3.32.2 symmetric cryptographic algorithm cryptographic algorithm that uses a single secret key for both encryption and decryption 3.33 cryptographic key parameter used in conjunction with a cryptographic algorithm which is used to control a cryptographic process such as encryption, decryption or authentication Note 1 to entry: Knowledge of an appropriate key allows correct en- and/or decryption or validation of a message. 3.34 cryptographic module set of hardware and firmware/software that implements security functions for distributed systems and electronic tokens including cryptographic algorithms 3.35 distributed system system with components connected by a transmission system, wired or wireless Note 1 to entry:

It is assumed that the transmitted information can be accessed by a third party. A high security lock with components in separate locations is defined as distributed system. A lock system with two input units, one on the safe and the other remote (= distributed input unit) is an example of a distributed system. An electronic lock with a non-accessible transmission system in the sense of 5.1.6.3 of this standard or with a temporary on-site wired connection to a trusted device (e.g. trusted Personal Computer) supervised by an authorized person is not considered as a distributed system. SIST EN 1300:2019

EN 1300:2018 (E) 13 3.36 encryption procedure that renders the contents of a message o

...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.