Lexmark 10G0149 - PrintCryption Card Encryption Module Manual
  1. Manuals
  2. Brands
  3. Lexmark Manuals
  4. Printer Accessories
  5. 10G0149 - PrintCryption Card Encryption...
  6. Manual
Lexmark 10G0149 - PrintCryption Card Encryption Module Manual

Lexmark 10G0149 - PrintCryption Card Encryption Module Manual

Fips 140-2 non-proprietary security policy
Hide thumbs Also See for 10G0149 - PrintCryption Card Encryption Module:
Table of Contents

Advertisement

Quick Links

Download this manual
Lexmark PrintCryption
TM
(Firmware Versions 1.3.2a and 1.3.2i)
FIPS 140-2 Non-Proprietary
Security Policy
Level 1 Validation
Version 1.15
May, 2010
© Copyright 2009 Lexmark International Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the 10G0149 - PrintCryption Card Encryption Module and is the answer not in the manual?

Questions and answers

Related Manuals for Lexmark 10G0149 - PrintCryption Card Encryption Module

Summary of Contents for Lexmark 10G0149 - PrintCryption Card Encryption Module

  • Page 1 Lexmark PrintCryption (Firmware Versions 1.3.2a and 1.3.2i) FIPS 140-2 Non-Proprietary Security Policy Level 1 Validation Version 1.15 May, 2010 © Copyright 2009 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

  • Page 2: Table Of Contents

    ..........................15 NITIAL ETUP ...................... 16 RYPTO FFICER UIDANCE ......................... 16 UIDANCE ACRONYMS ..........................20 Page 2 of 20 © Copyright 2009 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

  • Page 3: Introduction

    Introduction Purpose This is a non-proprietary Cryptographic Module Security Policy for the Lexmark PrintCryption from Lexmark International Inc. This Security Policy describes how the Lexmark PrintCryption meets the security requirements of FIPS 140-2 and how to run the module in a secure FIPS 140-2 mode. This policy was prepared as part of the Level 1 FIPS 140-2 validation of the module.

  • Page 4: Lexmark Printcryption Tm

    The Lexmark PrintCryption is an option for the Lexmark printers that enable the transfer and printing of encrypted print jobs. This new Lexmark technology offers a level of security that is the first of its kind in the printing industry. With the PrintCryption module installed, the printer is capable of decrypting print jobs encrypted with the AES (FIPS 197) algorithm.
  • Page 5 Table 1 – Printers that Maintain the PrintCryption FIPS 140-2 Validation (Option P/N 30G0829): Figure 2 - X463 with PrintCryption 1.3.2a Figure 3 - X651 with PrintCryption 1.3.2i Page 5 of 20 © Copyright 2009 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
  • Page 6 Table 2 – Security Level per FIPS 140-2 Section Logically, the cryptographic boundary is composed of three binaries and is evaluated for use on Lexmark printers that are running Linux operating system. Once the PrintCryption firmware is activated in the printer, the printer must use this firmware.

  • Page 7: Module Interfaces

    USB port, paper exit port, multipurpose feeder, LED, and LCD display. Page 7 of 20 © Copyright 2009 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
  • Page 8 All of these physical ports are separated into logical interfaces defined by FIPS 140-2, as described in the following table. Page 8 of 20 © Copyright 2009 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

  • Page 9: Roles And Services

    Show Status Call a show status Command Status output None from the printer status Page 9 of 20 © Copyright 2009 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

  • Page 10: User Role

    The PrintCryption module runs on the Lexmark Linux v2.6 OS, and configured for single-user mode by default. The operating system is used as an embedded OS within the Lexmark printers, and there is no direct access to the OS provided.

  • Page 11: Cryptographic Key Management

    Table 7 - Listing of Key and Critical Security Parameters Page 11 of 20 © Copyright 2009 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

  • Page 12: Access Control Policy

    Cryptographic Algorithm Tests: Known Answer Tests (KATs) are run at power-up for the following algorithms: • AES KAT Page 12 of 20 © Copyright 2009 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
  • Page 13 Conditional RSA Key Generation Encrypt/Decrypt Test Where <program name> is one of DKMD, AESSD, or CRYPTLIB. Page 13 of 20 © Copyright 2009 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

  • Page 14: Design Assurance

    Mitigation of Other Attacks The PrintCryption module does not employ security mechanisms to mitigate specific attacks. Page 14 of 20 © Copyright 2009 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

  • Page 15: Operation In Fips Mode

    If the printer displays the message Resetting all of NVRAM for longer than 45 seconds, turn off the printer and reinstall the card. 4. Print a menu settings page. If “Lexmark PrintCryption Card” is not listed under Installed Features, turn off the printer and repeat steps 2 and 3.

  • Page 16: Crypto Officer Guidance

    The Crypto Officer may follow the installation sheet found in the option kit to install the PrintCryption DLE card. After the installation is complete, the Crypto Officer must print a Menu page and verify that Lexmark PrintCryption Card is displayed under the Installed Features section of the Menu Page.
  • Page 17 3. Configure Secure Port dialog box will appear which enables Users to choose their options. Figure 6 - Configuring a Secure Port Page 17 of 20 © Copyright 2009 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
  • Page 18 • Cipher Mode: ECB (Electronic Code Book, or CBC (Cipher Block Chaining)). Setup.exe also installs the Lexmark PrintCryption Utility (LPCU) program as part of the install session. The program can be invoked by - START → Programs → Lexmark → PrintCryption → PrintCryption Test Utility The LPCU utility program can help Users to determine: •...
  • Page 19 Users can see the key size, block length, and mode been used for encryption from the Log Viewer program. Page 19 of 20 © Copyright 2009 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

  • Page 20: Acronyms

    Session Key Header SNMP Simple Network Management Protocol Secure Platform Transmission Control Protocol Visual Source Safe Page 20 of 20 © Copyright 2009 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

This manual is also suitable for:

Printcryption

Table of Contents