Standard No.:	GB/T 37092-2018
Chinese Name:	信息安全技术 密码模块安全要求
English Name:	Information security technology—Security requirements for cryptographic modules
Professional Classification:	L80 Data encryption
ICS Classification:	35.040
Issued by:
Issued on:	2018-12-28
Implemented on:	2019-07-01
Status:	VALID
Language:	English
File Format:	PDF
Word Count:	26000 words
Price(USD):	780 (USD)
Delivery:	via email in 1-8 business day

1 Scope

This standard specifies the security requirements for cryptographic modules, and defines four security levels for cryptographic modules and corresponding requirements.

This standard is applicable to cryptographic modules used in security systems protecting the sensitive information in computer and telecommunications system. This standard also provides guidance for the design and development of cryptographic modules, and provides a reference for the detection of security requirements for cryptographic modules.

2 Normative references

The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.

GB/T 15843 (All parts) Information technology - Security techniques - Entity authentication
GB/T 15852 (All parts) Information technology - Security techniques - Message authentication codes (MACs)
GB/T 17964 Information technology - Security techniques - Modes of operation for a block cipher
GB/T 25069 Information security technology - Glossary
GB/T 32905 Information security techniques - SM3 cryptographic hash algorithm
GB/T 32907 Information security technology - SM4 block cipher algorithm
GB/T 32918 (All parts) Information security technology - Public key cryptographic algorithm SM2 based on elliptic curves
GB/T 33133.1 Information security technology - ZUC stream cipher algorithm - Part 1: Algorithm description
GM/T 0001.2 ZUC Stream cipher algorithm - Part 2: The ZUC-based confidentiality algorithm
GM/T 0001.3 ZUC Stream Cipher Algorithm - Part 3: The ZUC-based integrity algorithm
GM/T 0044 (All parts) SM9 identification cryptographic algorithm

3 Terms and definitions

For the purposes of this document, the terms and definitions given in GB/T 25069 and the following apply.

3.1
certificate
data of an entity, which is issued by the certification authority's private key or secret key and cannot be forged

3.2
conditional self-test
test performed by a cryptographic module when specified test conditions occur

3.3
critical security parameter
security relevant secret information which may endanger the security of cryptographic module once disclosed or modified

Note: critical security parameter may be in plaintext or encrypted.