Lexmark PrintCrypting User Guide

Lexmark PrintCryptionTM

(Firmware Versions 1.3.2a and 1.3.2i)

FIPS 140-2 Non-Proprietary

Security Policy

Level 1 Validation

Version 1.15

May, 2010

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

Table of Contents
INTRODUCTION.........................................................................................................................	3
PURPOSE.......................................................................................................................................	3
REFERENCES.................................................................................................................................	3
DOCUMENT ORGANIZATION .........................................................................................................	3
LEXMARK PRINTCRYPTIONTM.............................................................................................	4
OVERVIEW....................................................................................................................................	4
MODULE SPECIFICATION ..............................................................................................................	4
MODULE INTERFACES...................................................................................................................	7
ROLES AND SERVICES...................................................................................................................	9
Crypto Officer Role ..................................................................................................................	9
User Role................................................................................................................................	10
PHYSICAL SECURITY ..................................................................................................................	10
OPERATIONAL ENVIRONMENT ....................................................................................................	10
CRYPTOGRAPHIC KEY MANAGEMENT ........................................................................................	11
Access Control Policy ............................................................................................................	12
Key Generation ......................................................................................................................	12
Key Storage ............................................................................................................................	12
Key Entry and Output.............................................................................................................	12
Key Zerorization.....................................................................................................................	12
SELF-TESTS ................................................................................................................................	12
DESIGN ASSURANCE...................................................................................................................	14
MITIGATION OF OTHER ATTACKS...............................................................................................	14
OPERATION IN FIPS MODE..................................................................................................	15
INITIAL SETUP ............................................................................................................................	15
CRYPTO OFFICER GUIDANCE......................................................................................................	16
USER GUIDANCE.........................................................................................................................	16
ACRONYMS...............................................................................................................................	20

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

Introduction

Purpose

This is a non-proprietary Cryptographic Module Security Policy for the Lexmark PrintCryptionTM from Lexmark International Inc. This Security Policy describes how the Lexmark PrintCryptionTM meets the security requirements of FIPS 140-2 and how to run the module in a secure FIPS 140-2 mode. This policy was prepared as part of the Level 1 FIPS 140-2 validation of the module.

FIPS 140-2 (Federal Information Processing Standards Publication 140-2 —

Security Requirements for Cryptographic Modules) details the U.S. Government requirements for cryptographic modules. More information about the FIPS 140-2 standard and validation program is available on the National Institute of Standards and Technology (NIST) Cryptographic Module Validation Program (CMVP) website at http://csrc.nist.gov/cryptval/.

The Lexmark PrintCryptionTM is referred to in this document as PrintCryption, PrintCryption module, cryptographic module, firmware module, or module.

References

This document deals only with operations and capabilities of the module in the technical terms of a FIPS 140-2 cryptographic module security policy. More information is available on the module from the following sources:

•The Lexmark International website (http://www.lexmark.com) contains information on the full line of products from Lexmark International.

•The CMVP website (http://csrc.nist.gov/cryptval/) contains contact information for answers to technical or sales-related questions for the module.

Document Organization

The Security Policy document is one document in a FIPS 140-2 Submission Package. In addition to this document, the Submission Package contains:

Vendor Evidence document Finite State Machine

Other supporting documentation as additional references

With the exception of this Non-Proprietary Security Policy, the FIPS 140-2 Validation Documentation is proprietary to Lexmark and is releasable only under appropriate non-disclosure agreements. For access to these documents, please contact Lexmark International.

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

LEXMARK PRINTCRYPTIONTM

Overview

The Lexmark PrintCryptionTM is an option for the Lexmark printers that enable the transfer and printing of encrypted print jobs. This new Lexmark technology offers a level of security that is the first of its kind in the printing industry. With the PrintCryption module installed, the printer is capable of decrypting print jobs encrypted with the AES (FIPS 197) algorithm. The Lexmark PrintCryptionTM analyses the encrypted data stream, determines if the correct key was used to encrypt the data, decrypts the data and allows the confidential document to be printed. This new level of printing security is ideal for industries that commonly handle sensitive or personal information, such as financial institutions, government agencies, and healthcare organizations.

Module Specification

The version 1.3.2i PrintCryptionTM module is a firmware module composed of three binaries (aessd, dkmd & libcl.so) on the IBM750CL processor platform. The version 1.3.2a PrintCryptionTM module is composed of two binaries (aessd & dkmd) on the ARM9 processor platform. The module is enabled in Lexmark printers using a Downloaded Emulator Card (DLE), a PCI interface PCB board that plugs into the printer which contains an activation code. The DLE card is shown in Figure 1.

Figure 1 - Optional Firmware Card

Per FIPS PUB 140-2, PrintCryptionTM is classified as multi-chip standalone cryptographic module. The module meets overall level 1 FIPS 140-2 requirements, as detailed in Table 2.

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

Printer Model	Processor	Part Number
E460	ARM9	P/N 34S0700
T650	IBM 750CL	P/N 30G0100
T652	IBM 750CL	P/N 30G0210
T654	IBM 750CL	P/N 30G0310
C734	IBM 750CL	P/N 25C0350
C736	IBM 750CL	P/N 25A0450
W850	IBM 750CL	P/N 19Z0300
X463	ARM9	P/N 13C1100
X464	ARM9	P/N 13C1101
X466	ARM9	P/N 13C1102
X651	IBM 750CL	P/N 16M1255
X652	IBM 750CL	P/N 16M1260
X654	IBM 750CL	P/N 16M1265
X656	IBM 750CL	P/N 16M1797
X658	IBM 750CL	P/N 16M1301
X734	IBM 750CL	P/N MS00300
X736	IBM 750CL	P/N MS00301
X738	IBM 750CL	P/N MS00321
X860	IBM 750CL	P/N 19Z0100
X862	IBM 750CL	P/N 19Z0101
X864	IBM 750CL	P/N 19Z0102

Table 1 – Printers that Maintain the PrintCryption FIPS 140-2 Validation (Option P/N 30G0829):

Figure 2 - X463 with PrintCryption 1.3.2a

Figure 3 - X651 with PrintCryption 1.3.2i

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

Operating System: Lexmark proprietary ver. 2.6 based on the Linux operating system.

Section	Section Title	Level
1	Cryptographic Module Specification	1
2	Cryptographic Module Ports and Interfaces	1
3	Roles, Services, and Authentication	1
4	Finite State Model	1
5	Physical Security	1
6	Operational Environment	N/A
7	Cryptographic Key Management	1
8	EMI/EMC	1
9	Self-tests	1
10	Design Assurance	1
11	Mitigation of Other Attacks	N/A

Table 2 – Security Level per FIPS 140-2 Section

Logically, the cryptographic boundary is composed of three binaries and is evaluated for use on Lexmark printers that are running Linux operating system. Once the PrintCryption firmware is activated in the printer, the printer must use this firmware. The cryptographic module cannot be bypassed. Functionality is then controlled by the PrintCryption firmware.

Internal Data				Applications

Plaintext	Cryptographic Boundary

PrintCryption

Firmware

Ciphertext

Figure 4 - Logical Cryptographic Boundary

The PrintCryption module is evaluated for running on number of Lexmark printers including mono-color printers (E460, T650, T652, T654 and W850), Color printers (C734 and C736), mono-color MFP printers (X463, X464, X466, X651, X652, X654, X656, X658, X860, X862 and X864) and color MFP printers (X734, X736 and X738). The module’s physical cryptographic boundary is the metal and plastic enclosure of the printer.

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

+ 14 hidden pages