Document Summary
This document defines the Calypso Basic Protection Profile (PP) which includes the minimum-security requirements for Calypso Basic products, such as secure initialisation of the used cryptographic keys, key diversification and a key hierarchy mechanism, secure key storage, access control mechanism to persistent data, secure session, ratification, usage of transaction counters, and memory modification management.
This Protection Profile claims conformance with the assurance package EAL2+ which consists of the predefined EAL2 package augmented with ALC_DVS.1 and AVA_SPECIFIC.1. This is a CC Part 3 extended assurance component that is based on AVA_VAN.2 and which requires resistance to the Enhanced-basic attack potential as defined in [JIL-AAPS].
Calypso Basic product is a contactless smartcard with an ISO/IEC 14443 interface, running a single Calypso Basic application. Such a product focuses on providing access to public transportation and possibly other associated services that can be combined into a transport title or ticket.
Additional Information
Document Published:
Document Type:
Version:
Reference:
Calypso Solution:
Calypso Product:
Benefits & Services:
Documents disclosure
Public documents : There is no constraint on the document diffusion. Reproduction is authorised and diffusion by e-mail is possible. It is not necessary to login to download public documentation.
Restricted documents : Diffusion is restricted to the designated persons. The information contained in these documents is not public and must be kept confidential. The original recipient is fully responsible for its re-transmission, which may only concern people involved in the project, on a need-to-know basis. You must login to download restricted classified documents (e.g. Card Specifications). Access can be requested by completing the application form for registration.
Confidential documents : Diffusion of the document is strictly restricted to the individually authorised persons. The original recipient is fully responsible for its re-transmission, which may only concern people involved in the project, on a need-to-know basis. These persons must not reproduce or transmit the document again without prior authorisation from the original recipient. It must be stored in a secure place, or encrypted (for electronic documents whose access is not secure). It can only be exchanged in a sealed envelope, or in encrypted form (if electronic version). Therefore, it is stored encrypted on the Calypso File Repository. Access can be requested by completing the application form for registration and completing the subsequent NDA.