In November, nShield Solo XC was certified Common Criteria EAL4+ AVA_VAN.5 and ALC_FLR.2, meeting the requirements of the EN 419 221-5 Common Criteria Protectionf Profile. This is an enormous feat of which we are very proud.
Looking back, this is the culmination of a multi-year effort which started when nCipher (at that time Thales eSecurity) led the development of the EN 419 221 part 5 Protection Profile, within CEN TC224 WG17. This Protection Profile has become the industry standard for Hardware Security Modules used for electronic signatures meeting the eIDAS Regulation.
With this certification, customers can now use the nShield XC HSM as an EN 419 221-5 certified cryptographic module to develop eIDAS compliant systems.
I would like to highlight some important aspects of this certification that our security-conscious customers will appreciate:
- All the NIST and SOGIS approved cryptographic algorithms supported by the nShield HSM have been included in the certification, so the scope is not limited to just digital signatures. This means that customers can also make use of the CC certified product in other use cases.
- A mature vulnerability management and patching process is critical for maintaining the highest product security. For this reason, we have included into scope the assurance component ALC_FLR.2 (Flaw Remediation procedures). This provides with an independent confirmation that our Vulnerability Management process meets the highest security requirements.
- The true random number generator (TRNG) has been designed and certified, as part of this Common Criteria certification, to meet the AIS 31 requirements. The assessment of the entropy quality cannot just be ensured by test suites. Therefore, assessment of the TRNG is based on a rigorous understanding based on the mathematical model of the noise source. Carefully designed continuous health tests monitor entropy quality at all times.
- Our development and manufacturing sites have been audited against the Minimum Site Security Requirements (MSSR), a supporting document used in high assurance Common Criteria certifications. MSSR requires stringent physical, logical, and procedural security controls across the entire life-cycle to ensure the integrity of the HSM, thus protecting against unauthorised changes to the hardware or software that might be introduced by a malicious actor during design, manufacturing or delivery.