ISO/IEC 17825:2024
Information technology — Security techniques — Testing methods for the mitigation of non-invasive attack classes against cryptographic modules

Scope: This document specifies the non-invasive attack mitigation test metrics for determining conformance to the requirements specified in ISO/IEC 19790:2012 for security levels 3 and 4. The test metrics are associated with the security functions addressed in ISO/IEC 19790:2012. Testing is conducted at the defined boundary of the cryptographic module and the inputs/outputs available at its defined boundary. This document is intended to be used in conjunction with ISO/IEC 24759:2017 to demonstrate conformance to ISO/IEC 19790:2012. NOTE ISO/IEC 24759:2017 specifies the test methods used by testing laboratories to assess whether the cryptographic module conforms to the requirements specified in ISO/IEC 19790:2012 and the test metrics specified in this document for each of the associated security functions addressed in ISO/IEC 19790:2012. The test approach employed in this document is an efficient “push-button” approach, i.e. the tests are technically sound, repeatable and have moderate costs.

ISO/IEC 17825:2024 Referenced Document

ISO/IEC 19790:2012 Information technology - Security techniques - Security requirements for cryptographic modules
ISO/IEC 24759:2017 Information technology - Security techniques - Test requirements for cryptographic modules

2024 ISO/IEC 17825:2024 Information technology — Security techniques — Testing methods for the mitigation of non-invasive attack classes against cryptographic modules
2023 ISO/IEC 17825:2023 Information technology — Security techniques — Testing methods for the mitigation of non-invasive attack classes against cryptographic modules
2016 ISO/IEC 17825:2016 Information technology - Security techniques - Testing methods for the mitigation of non-invasive attack classes against cryptographic modules