PKID ECC Generator v1.1

 
PROJECT ID
C049
ASSURANCE LEVEL
EAL2
Security Target (ST)
 
Certification Report (CR)
 
PRODUCT NAME AND VERSION
PKID ECC Generator v1.1
PRODUCT TYPE
Software that generates public and private keys based on a user definable and recognisable ID of ASCII characters or known as PKID.
PRODUCT SPONSOR / DEVELOPER

WannaStation.com (M) Sdn Bhd

PRODUCT SPONSOR / DEVELOPER CONTACT DETAILS

Gan Chin Sam

WannaStation.com (M) Sdn Bhd
Lot 1109-A, 10th Floor Kelana Parkview Tower,
No 1, Jalan SS6/2, Kelana Jaya,
47301 Petaling Jaya, Selangor Darul Ehsan
MALAYSIA

URL: http://www.wannastation.com/
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Phone: +603 7885 0977
Fax: +603 7885 0979

The Target of Evaluation (TOE) is PKID ECC Generator v1.1, software that generates public and private keys based on a user definable and recognisable ID of ASCII characters or known as PKID.

A user may choose a PKID unique to himself or herself, such as PC/Notebook MAC address, IMEI number and email address. A chosen PKID will become the seed to generate a public and private key through a series of key generation processes. The generated public and private keys are tied to the chosen PKID. Using algorithm based on elliptic curve encryption algorithm, much smaller key size will be used and desirable as it allows the application on PC, smart phones or mobile communication devices for multi-function security applications.

The evaluation scope only covers:

  • the generation of the Master Key based on random keystroke input from client organisation. The Master Key will be used to generate the customised PKID ECC Generator specific to that client organisation, and
  • the generation of public and private keys together with the access code, based on the user’s PKID entered manually to the generated customised PKID ECC Generator.

Hardware, software like automation Detection Software and operating system, and revocation, destruction and recovery of keys are not covered in the TOE scope.

The scope of evaluation covers major security features as follows:

  • Authentication – in order to generate the customised PKID ECC Generator which is specific to the client organisation, authentication is required by the TOE administrator before the Master Key can be imported into the generator. Authentication is also required by the TOE administrator to access the customised PKID ECC Generator before any further action is permitted.
  • Security Management – provides management of TOE security functions during customisation of the PKID ECC generator such as setting the access code for the generated Master Key, management of public and private keys, and management of administrator credential in the customised PKID ECC generator.
  • Cryptographic Support – provides generation of Master Key during customisation of the PKID ECC Generator based on the random keystroke input from client organisation, and generation of public and private keys together with access code, in customised PKID ECC Generator using specified encryption algorithm.