Information technology — Security techniques — Testing methods for the mitigation of non-invasive attack classes against cryptographic modules

ISO/IEC 17825:2016 specifies the non-invasive attack mitigation test metrics for determining conformance to the requirements specified in ISO/IEC 19790 for Security Levels 3 and 4. The test metrics are associated with the security functions specified in ISO/IEC 19790. Testing will be conducted at the defined boundary of the cryptographic module and I/O available at its defined boundary. The test methods used by testing laboratories to test whether the cryptographic module conforms to the requirements specified in ISO/IEC 19790 and the test metrics specified in this International Standard for each of the associated security functions specified in ISO/IEC 19790 are specified in ISO/IEC 24759. The test approach employed in this International Standard is an efficient "push-button" approach: the tests are technically sound, repeatable and have moderate costs.

Techonologie de l'information — Techniques de sécurité — Methodes de test pour la protection contre les attaques non intrusives des modules cryptographiques

General Information

Status
Withdrawn
Publication Date
03-Jan-2016
Current Stage
9599 - Withdrawal of International Standard
Completion Date
19-Jan-2024
Ref Project

Relations

Buy Standard

Standard
ISO/IEC 17825:2016 - Information technology -- Security techniques -- Testing methods for the mitigation of non-invasive attack classes against cryptographic modules
English language
46 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO/IEC
STANDARD 17825
First edition
2016-01-15
Information technology — Security
techniques — Testing methods for
the mitigation of non-invasive attack
classes against cryptographic modules
Techonologie de l’information — Techniques de sécurité — Methodes
de test pour la protection contre les attaques non intrusives des
modules cryptographiques
Reference number
ISO/IEC 17825:2016(E)
©
ISO/IEC 2016

---------------------- Page: 1 ----------------------
ISO/IEC 17825:2016(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2016, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO/IEC 2016 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 17825:2016(E)

Contents Page
Foreword .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Symbols and abbreviated terms . 4
5 Document organization . 4
6 Non-invasive attack methods . 4
7 Associated Security Functions . 7
8 Non-invasive Attack Test Methods . 9
8.1 Introduction . 9
8.2 Test Strategy . 9
8.3 Side-Channel Analysis Workflow . 9
8.3.1 Core Test Flow . 9
8.3.2 Side-Channel Resistance Test Framework .10
8.3.3 Required Vendor Information .11
8.3.4 TA Leakage Analysis .12
8.3.5 SPA/SEMA Leakage Analysis .13
8.3.6 DPA/DEMA Leakage Analysis .14
9 Side-Channel Analysis of Symmetric-Key Cryptosystems .15
9.1 Introduction .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.