Pixel Phones on Android 10.0 (MDFPP31/WLANCEP10) Security

Pixel Phones on Android 10.0 (MDFPP31/WLANCEP10) Security

Pixel Phones on Android 10.0 (MDFPP31/WLANCEP10) Security Target Version 0.3 2020/02/19 Prepared for: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043 USA Prepared By: www.gossamersec.com Pixel 4, 3a, and 3 Phones with Android 10 Version 0.3, 2020/02/19 1. Security Target Introduction .................................................................................................................................. 6 1.1 Security Target Reference ............................................................................................................................ 6 1.2 TOE Reference .............................................................................................................................................. 6 1.3 TOE Overview ............................................................................................................................................... 7 1.4 TOE Description ............................................................................................................................................ 8 1.4.1 TOE Architecture ...................................................................................................................................... 8 1.4.1.1 Physical Boundaries ........................................................................................................................ 9 1.4.1.2 Logical Boundaries .......................................................................................................................... 9 1.4.2 TOE Documentation ............................................................................................................................... 11 2. Conformance Claims ............................................................................................................................................ 12 2.1 Conformance Rationale.............................................................................................................................. 12 3. Security Objectives .............................................................................................................................................. 13 3.1 Security Objectives for the Operational Environment ............................................................................... 13 4. Extended Components Definition ....................................................................................................................... 14 5. Security Requirements ........................................................................................................................................ 17 5.1 TOE Security Functional Requirements ...................................................................................................... 17 5.1.1 Security audit (FAU) ............................................................................................................................... 19 5.1.1.1 Audit Data Generation (FAU_GEN.1 & WLANCEP10: FAU_GEN.1/WLAN) .................................. 19 5.1.1.2 Audit Storage Protection (FAU_STG.1) ........................................................................................ 20 5.1.1.3 Prevention of Audit Data Loss (FAU_STG.4)................................................................................. 20 5.1.2 Cryptographic support (FCS) .................................................................................................................. 20 5.1.2.1 Cryptographic key generation (FCS_CKM.1) ................................................................................ 20 5.1.2.2 Cryptographic Key Generation (Symmetric Keys for WPA2 Connections) (FCS_CKM.1/WLAN) .. 20 5.1.2.3 Cryptographic key establishment (FCS_CKM.2(1)) ...................................................................... 20 5.1.2.4 Cryptographic key establishment (While device is locked) (FCS_CKM.2(2)) ................................ 21 5.1.2.5 Cryptographic Key Distribution (GTK) (FCS_CKM.2/WLAN) ......................................................... 21 5.1.2.6 Extended: Cryptographic Key Support (FCS_CKM_EXT.1) ............................................................ 21 5.1.2.7 Extended: Cryptographic Key Random Generation (FCS_CKM_EXT.2) ........................................ 21 5.1.2.8 Extended: Cryptographic Key Generation (FCS_CKM_EXT.3) ...................................................... 21 5.1.2.9 Extended: Key Destruction (FCS_CKM_EXT.4) ............................................................................. 22 5.1.2.10 Extended: TSF Wipe (FCS_CKM_EXT.5) ........................................................................................ 22 5.1.2.11 Extended: Salt Generation (FCS_CKM_EXT.6) .............................................................................. 22 5.1.2.12 Cryptographic operation (FCS_COP.1(1)) ..................................................................................... 22 5.1.2.13 Cryptographic operation (FCS_COP.1(2)) ..................................................................................... 23 5.1.2.14 Cryptographic operation (FCS_COP.1(3)) ..................................................................................... 23 5.1.2.15 Cryptographic operation (FCS_COP.1(4)) ..................................................................................... 23 5.1.2.16 Cryptographic operation (FCS_COP.1(5)) ..................................................................................... 23 Page 2 of 64 Pixel 4, 3a, and 3 Phones with Android 10 Version 0.3, 2020/02/19 5.1.2.17 Extended: HTTPS Protocol (FCS_HTTPS_EXT.1) ........................................................................... 23 5.1.2.18 Extended: Initialization Vector Generation (FCS_IV_EXT.1)......................................................... 23 5.1.2.19 Extended: Cryptographic Operation (Random Bit Generation) (FCS_RBG_EXT.1) ...................... 23 5.1.2.20 Extended: Cryptographic Algorithm Services (FCS_SRV_EXT.1) .................................................. 24 5.1.2.21 Extended: Cryptographic Algorithm Services (FCS_SRV_EXT.2) .................................................. 24 5.1.2.22 Extended: Cryptographic Key Storage (FCS_STG_EXT.1) ............................................................. 24 5.1.2.23 Extended: Encrypted Cryptographic Key Storage (FCS_STG_EXT.2) ............................................ 24 5.1.2.24 Extended: Integrity of encrypted key storage (FCS_STG_EXT.3) ................................................. 25 5.1.2.25 Extended: TLS Protocol (FCS_TLSC_EXT.1) ................................................................................... 25 5.1.2.26 Extended: TLS Protocol (FCS_TLSC_EXT.2) ................................................................................... 26 5.1.2.27 Extensible Authentication Protocol-Transport Layer Security (FCS_TLSC_EXT.1/WLAN) ............ 26 5.1.2.28 TLS Client Protocol (FCS_TLSC_EXT.2/WLAN) ............................................................................... 26 5.1.3 User data protection (FDP) .................................................................................................................... 26 5.1.3.1 Extended: Security access control (FDP_ACF_EXT.1) ................................................................... 26 5.1.3.2 Extended: Security access control (FDP_ACF_EXT.2) ................................................................... 27 5.1.3.3 Extended: Protected Data Encryption (FDP_DAR_EXT.1) ............................................................ 27 5.1.3.4 Extended: Sensitive Data Encryption (FDP_DAR_EXT.2) .............................................................. 27 5.1.3.5 Extended: Subset information flow control (FDP_IFC_EXT.1) ...................................................... 27 5.1.3.6 Extended: Storage of Critical Biometric Parameters (FDP_PBA_EXT.1) ........................................ 27 5.1.3.7 Extended: User Data Storage (FDP_STG_EXT.1) .......................................................................... 27 5.1.3.8 Extended: Inter-TSF user data transfer protection (FDP_UPC_EXT.1) ......................................... 27 5.1.4 Identification and authentication (FIA) .................................................................................................. 28 5.1.4.1 Extended: Authentication failure handling (FIA_AFL_EXT.1) ....................................................... 28 5.1.4.2 Extended: Bluetooth User Authorization (FIA_BLT_EXT.1) .......................................................... 28 5.1.4.3 Extended: Bluetooth Mutual Authentication (FIA_BLT_EXT.2) .................................................... 28 5.1.4.4 Extended: Rejection of Duplicate Bluetooth Connections (FIA_BLT_EXT.3) ................................ 28 5.1.4.5 Extended: Secure Simple Pairing (FIA_BLT_EXT.4)....................................................................... 28 5.1.4.6 Extended: Bluetooth User Authorization (FIA_BLT_EXT.6) .......................................................... 29 5.1.4.7 Extended: Accuracy of Biometric Authentication (FIA_BMG_EXT.1/Fingerprint) ....................... 29 5.1.4.8 Extended: Accuracy of Biometric Authentication (FIA_BMG_EXT.1/Face) .................................. 29 5.1.4.9 Port Access Entity Authentication (FIA_PAE_EXT.1) .................................................................... 29 5.1.4.10 Extended: Password Management (FIA_PMG_EXT.1) ................................................................

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    64 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us