iSaSiLk 5.105 Maintenance release fixes some ECC related issues.
New versions of our CMS based toolkits IAIK-CMS, IAIK-TSP and [CP]AdES are now available for download! [CP]AdES now supports CAdES/PAdES LTA level signatures, Content Time Stamp and Archive Time Stamp (v3) Validation according to the most recent ETSI EN 319 122-1 and TS 101 733 standards.
The JCE CC Core is a Common Criteria evaluated version of most of the cryptographic functionality of the IAIK-JCE toolkit.
The JCE CC Core provides the core functionality of the IAIK JCE toolkit, it contains several cryptographic algorithms which passed a Common Criteria evaluation. (For further details about the Common Criteria Certification, please see http://www.commoncriteriaportal.org/).
Up to now, there are two versions of JCE CC Core available.
JCE CC Core 3.1: This version was evaluated at EAL 3+ in May 2004 by the German TÜV IT. As this is an intermediate assurance level, the certificate is only valid in Germany.
JCE CC Core 3.15: Version 3.15 has achieved EAL 3 in July 2007. The evaluation was carried out by the German TÜV IT and JISEC in Japan. This certificate is internationally accepted, see http://www.commoncriteriaportal.org/.
Please note that the surrounding IAIK-JCE toolkit may have a higher version number than the CC Core; e.g. the CC Core may have the version identification IAIK-JCE CC Core 3.16 whereas the surrounding toolkit may be IAIK-JCE 3.2. This ensures that the CC Core is exactly that version which has been evaluated.
The CC Core requires Java™ version 1.1, 1.2, 1.3, 1.4, 1.5 or compatible. In addition, it requires a JCE framework which is compatible to JCE 1.2 or later. To ensure secure operation, access to the operating environment must be protected against unauthorized access. Despite the application, the operating environment contains at least the Java™ VM with all runtime classes. In practice, it will usually be necessary to protect the access to the complete host system, including access on operating system level as well as physical access.
You can find more detailed information about the environment in the chapter security environment.
The CC Core contains the following list of cryptographic functions. These cryptographic functions are called TOE (Target of Evaluation) Security Functions (short TSFs) in the context of Common Criteria. Therefore, the list contains the code of each TSF group and of each individual TSF in braces. This code identifies each TSF in the Security Target (ST).
Please note that the IAIK-JCE toolkit contains more cryptographic functions than those in the CC Core, but only those of the CC Core have been evaluated. Moreover, the IAIK-JCE toolkit may offer additional features of an algorithm which is part of the CC Core. For example, the CC Core contains RSA signatures with key sizes starting from 1024 bit. The IAIK-JCE supports also shorter key sizes like 512 bit for RSA, but if an application uses 512 bit RSA keys, it uses the IAIK-JCE outside the specifications of the CC Core. 512 bit RSA is not covered by the evaluation.
To order the product, please contact our sales office: firstname.lastname@example.org