ISO/IEC DIS 18367

Description / Abstract: This International Standard (IS) describes cryptographic algorithms and security mechanisms conformance testing methods.

This International Standard is related to ISO/IEC 19790 and ISO/IEC 24759. ISO/IEC 19790 specifies the security requirements for cryptographic modules. At a minimum, a cryptographic module shall implement at least one approved security function (i.e., cryptographic algorithm or security mechanism). ISO/IEC 24759 addresses the test requirements for each of the security requirements in ISO/IEC 19790. However ISO/IEC 24759 does not address test methods for cryptographic algorithms and security mechanisms conformance testing.

This International Standard is related to SC27 Cryptographic and security mechanism specifications and the implementation of standardised algorithms and security mechanisms. Conformance testing assures that an implementation of a cryptographic algorithm or security mechanism is correct whether implemented in hardware, software or firmware. It also confirms that it runs correctly in a specific operating environment. Testing may consist of known-answer or Monte Carlo testing, or a combination of test methods. Testing may be performed on the actual implementation or modelled in a simulation environment.

This standard does not address the efficiency of the algorithms or security mechanisms nor the intrinsic performance. This International Standard will focus on the correctness of the implementation.