IT Baseline Protection Manual - The Information Warfare Site

Threats Catalogue Deliberate Acts Remarks
____________________________________________________________________ .........................................
T 4.34 Failure of a cryptomodule
If you use a cryptomodule to protect the confidentiality of data that needs to
be protected, it is particularly important that the cryptomodule functions
perfectly. The failure of a cryptomodule used in such a way can have various
causes:
- a technical error which impairs the module's ability to function,
- a power cut following which the cryptographic codes stored in volatile
memory are deleted, so that the cryptomodule is no longer able to encode
properly,
- intentional or unintentional destruction through mechanical influence,
improper use or similar actions.
The failure of a cryptomodule can also result in various types of damage. Of
particular interest are:
- It is no longer possible to protect a data transmission path using
cryptographic procedures, making it temporarily impossible to preserve the
confidentiality of the data. This is particularly critical if the failure is not
noticed and, as a result of the malfunction, data is no longer encoded,
although the users rely on the cryptomodule to guarantee that the data is
confidential.
- Encoded data can no longer be decoded until the required cryptomodule
becomes available again. This can lead to problems in the availability of IT
applications which process the decoded data.
- If the cryptomodule ceases to work correctly but does not completely fail,
data is encoded incompletely or incorrectly. In both cases, it can mean that
the recipient (if the data is transmitted) or the user (if the data is stored
locally) can no longer decode the data correctly. Without suitable data
backup, this could mean that all of the data is lost.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000