Protection Profile List

Protection Profile for ePassport IC
with SAC (BAC + PACE) and Active Authentication
2.10

Ministry of Foreign Affairs, Japan
Last Updated 2024-05-09
Protection Profile Name :
Protection Profile for ePassport IC
with SAC (BAC + PACE) and Active Authentication
Version of PP :
2.10
Technology Type :
ePassport IC
Certification Identification :
JISEC-C0738
Date :
2022-02-21
Version of Common Criteria:
3.1 release5
Conformance Claim :
EAL4 Augmented with ALC_DVS.2
PP Identifier :
None
Procurement Entity :
-

PRODUCT DESCRIPTION

Description of PP

This PP specifies the security requirements compliant with the guideline defined by the ICAO for ePassport IC, which is interfiled in a passport booklet.
ePassport IC (including necessary software) consisting of IC chip hardware, basic software (OS) and an application program is defined as the TOE in this PP. ePassport IC is embedded with the antenna to constitute a portion of a passport booklet.

The TOE provides the functions to protect the stored data in the TOE from unauthorized read and write access, and BAC (Basic Access Control) function, PACE (Password Authenticated Connection Establishment) function, and Active Authentication support function, which are defined by Part 11 of ICAO Doc 9303. As PACE will become the standard replacing the usage of BAC in the future, the TOE provides the function to disable the BAC function in order to terminate the procedure of BAC after the certain time period. The TOE provides the protection functions against the attack via contactless interface of TOE and physical attack


PP security functionality

The PP requests a TOE to have following security features:

  • BAC function
  • PACE function
  • Active Authentication support function
  • Disabling function of BAC function
  • Write protection function
  • Protection function in transport
  • Tamper resistance