dekra-certification-security-cryptographic
Dekra, first accredited body to certify the security of cryptographic modules
ENAC has recently granted DEKRA Testing and Certification accreditation for certifying compliance with the security requirements for cryptographic modules in accordance with the ISO/IEC 19790 standard.
This accreditation responds to the demand for secure and resilient digital infrastructures in a continuous digital transformation. Therefore, assessing and controlling cryptographic modules is essential: a set of hardware, software and/or firmware that implements cryptographic processes (coded algorithms, keys, signatures, etc.) whose purpose is to protect information.
Within this framework, DEKRA Testing and Certification has developed its own scheme based on the international standard ISO/IEC 19790, which defines the requirements that a cryptographic module must meet to protect sensitive information. The standard sets out four levels of security that cover 11 areas related to a cryptographic module's design and implementation: specifications, interfaces, roles, services and authentication, software/firmware security, physical security, non-invasive security, management of sensitive parameters, self-assessment, lifecycle assurance and mitigation of other attacks.
DEKRA Testing and Certification's accreditation will provide greater confidence to the market regarding assessing and controlling cryptographic modules in accordance with its scheme, since it has demonstrated to ENAC its compliance with the requirements of the UNE-EN ISO/IEC 17065 standard for product certification and, therefore, that it has the necessary technical competence to carry out its activity.
Accreditation News
Accreditation News is published quarterly and sent to organizations and to people who have asked to be included on its mailing list.
Would you like to receive a free copy of Accreditation News? Subscribe here.