QSCD | Bank-Verlag GmbH | BV-SAM on Cryptoserver CP5

According to the requirements of article 30 (3) b) of Regulation (EU) No. 910 / 2014, an alternative method was used for the certification process by the conformity assessment body of SRC. A description of the method can be found under the following link:

https://src-gmbh.de/wp-content/uploads/2018/03/SRC-Notification-of-a-QSCD-security-evaluation-process-server-signing-v1.0.pdf

• The evaluation of the used Hardware Security Module CryptoServer CP5 according to the protection profile CEN prEN 419 221-5,
• the evaluation of the used Signature Activation Module BV-SAM according to the protection profile CEN prEN 419 241-2,
• the certification of the overall product pursuant to the requirements of article 30 (3) b) of Regulation (EU) No. 910 / 2014
• and an amendment for the certification for the extension of the period of validity.

The product “BV-SAM on CryptoServer CP5” is a qualified Signature Creation Device and Seal Creation Device (QSCD), consisting of the Signature Activation Module (SAM) “BV-SAM”, which is integrated as Firmware-Module in the Hardware Security Module “CryptoServer Se-Series Gen2 CP5” of Utimaco.

A Trust Service Provider, which wants to offer a service for generating qualified remote signatures and qualified remote seals compliant to Regulation (EU) No. 910 / 2014, has to technically ensure that the signer’s cryptographic key can be used under the sole control of the signer only. This is ensured by the Signature Activation Module BV-SAM in the following way:

• The signer is located in his local environment and interacts using a device (e.g. laptop, smartphone) with the Server Signing Application (SSA) in the remote environment, which invokes the external functions provided by the SAM.
• The signature operation is performed using the Signature Activation Protocol (SAP), which requires that Signature Activation Data (SAD) is provided by the signer in his local environment. The SAD consists of the digital confirmation of the authentication of the signer including a reference to his signature key and a representation of the data to be signed (DTBS/R).
• To ensure that the signer has sole control of his signing key, the signing operation must be authorized. Therefore, the BV-SAM, which handles one endpoint of the SAP, verifies the SAD and activates the signer’s signing key within the cryptographic module CryptoServer CP5 which is mentioned above.

The connected Hardware Security Module is used exclusively for generating signing or sealing keys and for generating qualified electronic signatures or qualified electronic seals.

SRC confirms that the product “BV-SAM on CryptoServer CP5” of Bank-Verlag GmbH fulfills the requirements of Annex II of the Regulation (EU) No. 910 / 2014 (eIDAS-Regulation) on qualified Signature Creation Devices and Qualified Seal Creation Devices.