Conditional Self-Tests - HP 5920 Series Configuration Manual

Table 11 Power-up self-test list
Type
Cryptographic algorithm
self-test
Table 12 Power-up self-test list
Type
KAT
PWCT

Conditional self-tests

A conditional self-test runs when an asymmetrical cryptographic module or a random number generator
module is invoked. Conditional self-tests include the following types:
Pairwise conditional test (PWCT)
•
Signature and authentication test—The test is run when a DSA or RSA asymmetrical key pair is
generated. It uses the private key to sign the specific data, and it then uses the public key to
authenticate the signed data. If the authentication is successful, the test succeeds.
Encryption and decryption test—The test is run when an RSA asymmetrical key pair is
generated. It uses the public key to encrypt a plain text, and it then uses the private key to
decrypt the encrypted text. If the decryption is successful, the test succeeds.
Continuous random number generator test—This test is run when a random number is generated.
•
If two consecutive random numbers are different, the test succeeds. Otherwise, the test fails. This test
can also be run when a DSA/RSA asymmetrical key-pair is generated.
Operations
Tests the following algorithms:
•
DSA (signature and authentication).
•
RSA (signature and authentication).
•
RSA (encryption and decryption).
•
AES.
•
3DES.
•
SHA1.
•
HMAC-SHA1.
•
Random number generator algorithms.
Operations
Tests the following algorithms:
•
SHA1, SHA224, SHA256, SHA384, and SHA512.
•
HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, and
HMAC-SHA512.
•
AES.
•
RSA (signature and authentication).
•
DRBG.
Tests the following algorithms:
•
RSA (signature and authentication).
•
RSA (encryption and decryption).
•
DSA (signature and authentication).
•
ECDSA (signature and authentication).
364