标准摘要
[中文适用范围]: 本文件规定了非侵入式攻击缓解测试指标,用于确定是否符合 ISO/IEC 19790:2012 对安全级别 3 和 4 所规定的要求。测试指标与 ISO/IEC 19790:2012 中提到的安全功能相关。测试在加密模块的定义边界和其定义边界上可用的输入/输出进行。本文件旨在与 ISO/IEC 24759:2017 结合使用,以证明符合 ISO/IEC 19790:2012。注:ISO/IEC 24759:2017 规定了测试实验室用来评估加密模块是否符合 ISO/IEC 19790:2012 所规定的要求的测试方法,以及本文件中为 ISO/IEC 19790:2012 中提到的每个相关安全功能规定的测试指标。本文件所采用的测试方法是一种高效的“按钮”方法,即测试技术合理、可重复并且成本适中。 [外文原描述]: This document specifies the non-invasive attack mitigation test metrics for determining conformance to the requirements specified in ISO/IEC 19790:2012 for security levels 3 and 4. The test metrics are associated with the security functions addressed in ISO/IEC 19790:2012. Testing is conducted at the defined boundary of the cryptographic module and the inputs/outputs available at its defined boundary. This document is intended to be used in conjunction with ISO/IEC 24759:2017 to demonstrate conformance to ISO/IEC 19790:2012. NOTE ISO/IEC 24759:2017 specifies the test methods used by testing laboratories to assess whether the cryptographic module conforms to the requirements specified in ISO/IEC 19790:2012 and the test metrics specified in this document for each of the associated security functions addressed in ISO/IEC 19790:2012. The test approach employed in this document is an efficient “push-button” approach, i.e. the tests are technically sound, repeatable and have moderate costs.
英文名称Information technology - Security techniques - Testing methods for the mitigation of non-invasive attack classes against cryptographic modules