Lexmark PrintCrypting User Guide

Lexmark PrintCryption

(Firmware Versions 1.3.2a and 1.3.2i)

FIPS 140-2 Non-Proprietary

Security Policy

Level 1 Validation

Version 1.15

May, 2010

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

Table of Contents

INTRODUCTION......................................................................................................................... 3

PURPOSE....................................................................................................................................... 3

REFERENCES................................................................................................................................. 3

DOCUMENT ORGANIZATION .........................................................................................................3

LEXMARK PRINTCRYPTIONTM............................................................................................. 4

OVERVIEW.................................................................................................................................... 4

MODULE SPECIFICATION .............................................................................................................. 4

MODULE INTERFACES................................................................................................................... 7

ROLES AND SERVICES................................................................................................................... 9

Crypto Officer Role.................................................................................................................. 9

User Role................................................................................................................................ 10

PHYSICAL SECURITY .................................................................................................................. 10

OPERATIONAL ENVIRONMENT.................................................................................................... 10

CRYPTOGRAPHIC KEY MANAGEMENT........................................................................................ 11

Access Control Policy ............................................................................................................ 12

Key Generation ...................................................................................................................... 12

Key Storage............................................................................................................................ 12

Key Entry and Output............................................................................................................. 12

Key Zerorization..................................................................................................................... 12

SELF-TESTS ................................................................................................................................ 12

DESIGN ASSURANCE................................................................................................................... 14

MITIGATION OF OTHER ATTACKS............................................................................................... 14

OPERATION IN FIPS MODE.................................................................................................. 15

INITIAL SETUP ............................................................................................................................ 15

CRYPTO OFFICER GUIDANCE...................................................................................................... 16

USER GUIDANCE......................................................................................................................... 16

ACRONYMS............................................................................................................................... 20

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

Introduction

Purpose

References

This is a non-proprietary Cryptographic Module Security Policy for the Lexmark

PrintCryption how the Lexmark PrintCryption

from Lexmark International Inc. This Security Policy describes

meets the security requirements of FIPS 140-2

and how to run the module in a secure FIPS 140-2 mode. This policy was prepared as part of the Level 1 FIPS 140-2 validation of the module.

FIPS 140-2 (Federal Information Processing Standards Publication 140-2 — Security Requirements for Cryptographic Modules) details the U.S. Government requirements for cryptographic modules. More information about the FIPS 140-2 standard and validation program is available on the National Institute of Standards and Technology (NIST) Cryptographic Module Validation Program (CMVP) website at http://csrc.nist.gov/cryptval/.

The Lexmark PrintCryptionTM is referred to in this document as PrintCryption, PrintCryption module, cryptographic module, firmware module, or module.

This document deals only with operations and capabilities of the module in the technical terms of a FIPS 140-2 cryptographic module security policy. More information is available on the module from the following sources:

• The Lexmark International website (http://www.lexmark.com) contains

information on the full line of products from Lexmark International.

• The CMVP website (http://csrc.nist.gov/cryptval/) contains contact

information for answers to technical or sales-related questions for the module.

Document Organization

The Security Policy document is one document in a FIPS 140-2 Submission Package. In addition to this document, the Submission Package contains:

 Vendor Evidence document  Finite State Machine  Other supporting documentation as additional references

With the exception of this Non-Proprietary Security Policy, the FIPS 140-2 Validation Documentation is proprietary to Lexmark and is releasable only under appropriate non-disclosure agreements. For access to these documents, please contact Lexmark International.

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

LEXMARK PRINTCRYPTIONTM

Overview

The Lexmark PrintCryptionTM is an option for the Lexmark printers that enable the transfer and printing of encrypted print jobs. This new Lexmark technology offers a level of security that is the first of its kind in the printing industry. With the PrintCryption module installed, the printer is capable of decrypting print jobs encrypted with the AES (FIPS 197) algorithm. The Lexmark PrintCryptionTM analyses the encrypted data stream, determines if the correct key was used to encrypt the data, decrypts the data and allows the confidential document to be printed. This new level of printing security is ideal for industries that commonly handle sensitive or personal information, such as financial institutions, government agencies, and healthcare organizations.

Module Specification

The version 1.3.2i PrintCryptionTM module is a firmware module composed of three binaries (aessd, dkmd & libcl.so) on the IBM750CL processor platform. The version 1.3.2a PrintCryption dkmd) on the ARM9 processor platform. The module is enabled in Lexmark printers using a Downloaded Emulator Card (DLE), a PCI interface PCB board that plugs into the printer which contains an activation code. The DLE card is shown in Figure 1.

module is composed of two binaries (aessd &

Figure 1 - Optional Firmware Card

Per FIPS PUB 140-2, PrintCryptionTM is classified as multi-chip standalone cryptographic module. The module meets overall level 1 FIPS 140-2 requirements, as detailed in Table 2.

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

Printer Model Processor Part Number

E460 T650 T652 T654 C734 C736 W850 X463 X464 X466 X651 X652 X654 X656 X658 X734 X736 X738 X860 X862 X864

ARM9 IBM 750CL IBM 750CL IBM 750CL IBM 750CL IBM 750CL IBM 750CL ARM9 ARM9 ARM9 IBM 750CL IBM 750CL IBM 750CL IBM 750CL IBM 750CL IBM 750CL IBM 750CL IBM 750CL IBM 750CL IBM 750CL IBM 750CL

P/N 34S0700 P/N 30G0100 P/N 30G0210 P/N 30G0310 P/N 25C0350 P/N 25A0450 P/N 19Z0300 P/N 13C1100 P/N 13C1101 P/N 13C1102 P/N 16M1255 P/N 16M1260 P/N 16M1265 P/N 16M1797 P/N 16M1301 P/N MS00300 P/N MS00301 P/N MS00321 P/N 19Z0100 P/N 19Z0101 P/N 19Z0102

Table 1 – Printers that Maintain the PrintCryption FIPS 140-2 Validation (Option P/N 30G0829):

Figure 2 - X463 with PrintCryption 1.3.2a

Figure 3 - X651 with PrintCryption 1.3.2i

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

Operating System: Lexmark proprietary ver. 2.6 based on the Linux operating system.

Section Section Title Level

1 Cryptographic Module Specification 1 2 Cryptographic Module Ports and Interfaces 1 3 Roles, Services, and Authentication 1 4 Finite State Model 1 5 Physical Security 1 6 Operational Environment N/A 7 Cryptographic Key Management 1 8 EMI/EMC 1 9 Self-tests 1 10 Design Assurance 1 11 Mitigation of Other Attacks N/A

Table 2 – Security Level per FIPS 140-2 Section

Logically, the cryptographic boundary is composed of three binaries and is evaluated for use on Lexmark printers that are running Linux operating system. Once the PrintCryption firmware is activated in the printer, the printer must use this firmware. The cryptographic module cannot be bypassed. Functionality is then controlled by the PrintCryption firmware.

Internal Data

Applications

Cryptographic BoundaryPlaintext

PrintCryption Firmware

Ciphertext

Figure 4 - Logical Cryptographic Boundary

The PrintCryption module is evaluated for running on number of Lexmark printers including mono-color printers (E460, T650, T652, T654 and W850), Color printers (C734 and C736), mono-color MFP printers (X463, X464, X466, X651, X652, X654, X656, X658, X860, X862 and X864) and color MFP printers (X734, X736 and X738). The module’s physical cryptographic boundary is the metal and plastic enclosure of the printer.

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

+ 14 hidden pages