Table of Contents
Advertisement
Quick Links
Download this manual
See also:
Manual
Advertisement
Table of Contents
Related Manuals for Lexmark 10G0149 - PrintCryption Card Encryption Module
Summary of Contents for Lexmark 10G0149 - PrintCryption Card Encryption Module
- Page 1 Lexmark PrintCryption (Firmware Version 1.3.1) FIPS 140-2 Non-Proprietary Security Policy Level 1 Validation Version 0.95 April 2007 © Copyright 2006 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
-
Page 2: Table Of Contents
..........................12 NITIAL ETUP ...................... 13 RYPTO FFICER UIDANCE ......................... 14 UIDANCE ACRONYMS ..........................17 Page 2 of 17 © Copyright 2006 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice. -
Page 3: Introduction
Introduction Purpose This is a non-proprietary Cryptographic Module Security Policy for the Lexmark PrintCryption from Lexmark International Inc. This Security Policy describes how the Lexmark PrintCryption meets the security requirements of FIPS 140-2 and how to run the module in a secure FIPS 140-2 mode. This policy was prepared as part of the Level 1 FIPS 140-2 validation of the module. -
Page 4: Lexmark Printcryption Tm
The PrintCryption module (firmware version 1.3.1) is a firmware module composed of three binaries, and it is installed in Lexmark printers using a Downloaded Emulator Card (DLE), a serial interface PCB board that plugs into the printer. The DLE card is shown in Figure 1. - Page 5 Table 1 – Security Level per FIPS 140-2 Section Logically, the cryptographic boundary is composed of three binaries and is evaluated for use on Lexmark printers that are running Linux operating system. Once the PrintCryption firmware is installed in the printer, the printer must use this firmware.
-
Page 6: Module Interfaces
The PrintCryption module is evaluated for running on number of Lexmark printers including mono-color printers (T630, T632, T634, W820, T640, T642, T644, W840), Color printers (C534, C760, C762, C912, C920, C772, C782, C935) and MFP printers (X644e, X646e, X646dte, X850e, X852e, X854e, X945e). -
Page 7: Roles And Services
Command Result of None printer(s); Install installation PrintCryption firmware card; Install printer driver on host Page 7 of 17 © Copyright 2006 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice. -
Page 8: User Role
Physical Security In FIPS terminology, the firmware module is defined as a multi-chip standalone cryptographic module. The module runs on Lexmark printers listed in Module Specification section. The printers are made of all production-grade components and are enclosed in a strong plastic and steel case, which surrounds all of the module’s internal components, including all hardware and firmware. -
Page 9: Operational Environment
The PrintCryption module runs on the Linux OS, and configured for single-user mode by default. The operating system is used as an embedded OS within the Lexmark printers, and there is no direct access to the OS provided. -
Page 10: Access Control Policy
Power-up self-tests are performed during startup of the module, and conditional self-tests are executed whenever specific conditions are met. Page 10 of 17 © Copyright 2006 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice. -
Page 11: Design Assurance
Mitigation of Other Attacks The PrintCryption module does not employ security mechanisms to mitigate specific attacks. Page 11 of 17 © Copyright 2006 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice. -
Page 12: Operation In Fips Mode
Initial Setup The DLE card containing PrintCryption module may be factory installed or user- installed. Lexmark provides an Installation sheet, a driver CD with publications, and license agreement for the module in the option kit. Installation procedure of the module is as follows. -
Page 13: Crypto Officer Guidance
6. Print a menu settings page. Compare these settings to those on the page printed in step 1. 7. Place the Option Added label on the printer next to the printer model and serial number label. Lexmark provides the Option Added label with the Installation guide. Crypto Officer Guidance The Crypto Officer is responsible for installing, uninstalling and monitoring the module. -
Page 14: User Guidance
3. Configure Secure Port dialog box will appear which enables Users to choose their options. Page 14 of 17 © Copyright 2006 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice. - Page 15 FIPS approved key and block sizes, and mode of operation are as follows: • Key Length: 128, 192, or 256 bit. • Block Length: 128 bit. Page 15 of 17 © Copyright 2006 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
- Page 16 • Cipher Mode: ECB (Electronic Code Book, or CBC (Cipher Block Mode)). Setup.exe also installs the Lexmark PrintCryption Utility (LPCU) program as part of the install session. The program can be invoked by - START → Programs → Lexmark → PrintCryption → PrintCryption Test Utility The LPCU utility program can help Users to determine: •...
-
Page 17: Acronyms
Session Key Header SNMP Simple Network Management Protocol Secure Platform Transmission Control Protocol Visual Source Safe Page 17 of 17 © Copyright 2006 Lexmark International Inc. This document may be freely reproduced and distributed whole and intact including this Copyright Notice.