Page 1 of 1

question confused me about key data storage?

Posted: Fri Aug 23, 2019 12:00 am
by abc101
Hello, everyone.
My question is below.
If the smartcard's platform hardware (not card os) has the certification of EAL4+ or EAL5+ level and I implement a security native COS myself, must I do some encryption and decryption for the very important data like a master key?

Thanks.

Re: question confused me about key data storage?

Posted: Thu Oct 10, 2019 11:28 pm
by kuafu
Yes .

Re: question confused me about key data storage?

Posted: Wed Dec 11, 2019 1:24 am
by tay00000
Note that there's a difference between chip level certification and COS level certification. If both chip and COS are certified, it is even better.

Regarding sensitive data storage on the COS level, you should be doing encryption of highly sensitive data manually unless the chip specs specially mention of some secure master key storage region on the chip which you can leverage. Otherwise, it is always better to assume the lack of such chip level special features unless specified by the chip manufacturer.