NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0813:  GCM Nonce Reuse Test for MOD_VPNGW

Publication Date
2024.01.17

Protection Profiles
MOD_VPNGW_v1.3

Other References
Section 2.1.1.1

Issue Description

A test needs to be added to provide verification against nonce reuse. 

In other PPs there are such requirements, such as FCS_SNI_EXT.1 in FDE EE. Specifically need a test in IKE to ensure reuse does not occur.

Resolution

The following modification is made to the Tests Evaluation Activity for FCS_IPSEC_EXT.1 in Section 2.1.1.1 of the MOD_VPNGW_V1.3 SD:

Tests

The following conditional test is added for FCS_IPSEC_EXT.1.6, with red highlighted strikethroughs denoting deletion and green highlights denoting additions:

FCS_IPSEC_EXT.1.6

[conditional]: If AES-GCM-256 (specified in RFC 5282) is chosen in FCS_IPSEC_EXT.1.6, the evaluator shall perform the following steps:

a. Initiate VPN connection.

b. Capture packets of IKE SA negotiation and Child SA negotiation.

c. Note the nonce values used in Child SA establishment.

d. Leave connection open long enough for Child SA rekey to occur.

e. Note nonce values used during the rekey.

f. Confirm the nonce values are different.

There are no additional testing activities.

 

Justification

See issue description.

 
 
Site Map              Contact Us              Home