====== BSI IT-Grundschutz Mapping ======
Mapping of the WvdS Post-Quantum Cryptography library to BSI IT-Grundschutz modules.
----
===== Overview =====
The BSI IT-Grundschutz Compendium((BSI IT-Grundschutz: https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/IT-Grundschutz/it-grundschutz_node.html)) defines security requirements for IT systems. This page documents how WvdS fulfills the relevant modules.
flowchart LR
subgraph BSI["BSI IT-Grundschutz"]
CON1["CON.1
Crypto Concept"]
CON5["CON.5
Key
Management"]
OPS115["OPS.1.1.5
Logging"]
APP31["APP.3.1
Web Applications"]
NET31["NET.3.1
Routers/Switches"]
end
subgraph WVDS["WvdS PQ-Crypto"]
CFG["CryptoConfig"]
KDF["KeyDerivation"]
LOG["Audit Events"]
TLS["TLS Extensions"]
CERT["X.509 Certificates"]
end
CON1 --> CFG
CON5 --> KDF
OPS115 --> LOG
APP31 --> TLS
NET31 --> CERT
style CFG fill:#4caf50,color:#fff
style KDF fill:#4caf50,color:#fff
style LOG fill:#4caf50,color:#fff
style TLS fill:#4caf50,color:#fff
style CERT fill:#4caf50,color:#fff
----
===== CON.1 Crypto Concept =====
**Module:** Concepts and Procedures - Crypto Concept((BSI CON.1: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Grundschutz/Kompendium_Einzel_PDFs_2023/05_CON_Konzepte_und_Vorgehensweisen/CON_1_Kryptokonzept_Edition_2023.pdf))
^ Requirement ^ BSI ID ^ WvdS Implementation ^ Status ^
| Selection of appropriate cryptographic methods | CON.1.A1 | ML-DSA (FIPS 204), ML-KEM (FIPS 203) | Completed |
| Backup of cryptographic keys | CON.1.A2 | KeyDerivation, PEM export with encryption | Completed |
| Encryption of communication | CON.1.A3 | TLS 1.3 with PQ algorithms | Completed |
| Appropriate key lengths | CON.1.A4 | ML-DSA-44/65/87, ML-KEM-512/768/1024 | Completed |
| Document crypto concept | CON.1.A5 | [[en:int:pqcrypt:konzepte:start|Concepts Documentation]] | Completed |
| Regular review | CON.1.A6 | Versioned API, NIST conformance | Completed |
==== Implementation Details ====
**CON.1.A1 - Selection of appropriate cryptographic methods:**
// WvdS uses exclusively NIST-standardized algorithms
CryptoConfig.DefaultMode = CryptoMode.Hybrid;
// Available algorithms:
// - ML-DSA-44/65/87 (NIST FIPS 204)
// - ML-KEM-512/768/1024 (NIST FIPS 203)
// - RSA-2048/3072/4096 (classical)
// - ECDSA P-256/384/521 (classical)
**CON.1.A4 - Appropriate key lengths:**
Key lengths comply with BSI recommendations((BSI TR-02102-1: "Cryptographic Mechanisms: Recommendations and Key Lengths", Version 2024-01, Chapter 3: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf)):
^ Algorithm ^ Security Level ^ BSI Recommendation ^
| ML-DSA-44 | NIST Level 2 (~128 bit) | Short-lived certificates |
| ML-DSA-65 | NIST Level 3 (~192 bit) | Standard recommendation |
| ML-DSA-87 | NIST Level 5 (~256 bit) | Highest security |
----
===== CON.5 Development and Use of Key Management Systems =====
**Module:** Key Management((BSI CON.5: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Grundschutz/Kompendium_Einzel_PDFs_2023/05_CON_Konzepte_und_Vorgehensweisen/CON_5_Entwicklung_und_Einsatz_von_Schluesselmanagementsystemen_Edition_2023.pdf))
^ Requirement ^ BSI ID ^ WvdS Implementation ^ Status ^
| Requirements analysis | CON.5.A1 | Documented API, scenarios | Completed |
| Key generation | CON.5.A2 | OpenSSL 3.6 CSPRNG | Completed |
| Key storage | CON.5.A3 | Encrypted PEM export | Completed |
| Key distribution | CON.5.A4 | X.509 certificates, CSR workflow | Completed |
| Key derivation | CON.5.A5 | HKDF, PBKDF2, Argon2id | Completed |
| Key destruction | CON.5.A6 | SecureZeroMemory, IDisposable | Completed |
| Key archival | CON.5.A7 | PEM/PFX with password protection | Completed |
==== Implementation Details ====
**CON.5.A5 - Key derivation:**
Key derivation functions comply with BSI recommendations((BSI TR-02102-1, Chapter 8 "Key Derivation Functions": https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf)) and NIST standards((NIST SP 800-56C Rev. 2: "Recommendation for Key-Derivation Methods in Key-Establishment Schemes": https://csrc.nist.gov/pubs/sp/800/56/c/r2/final)).
// HKDF (RFC 5869) for key derivation
var derivedKey = KeyDerivationExtensions.DeriveKey(
sharedSecret,
salt: cryptoRandom,
info: contextInfo,
outputLength: 32,
HashAlgorithmName.SHA256
);
// Argon2id for password-based derivation (memory-hard)
var key = OpenSslKdf.Argon2id(
password,
salt,
outputLength: 32,
iterations: 3,
memoryKiB: 65536, // 64 MB
parallelism: 4
);
**CON.5.A6 - Key destruction:**
// Automatic key destruction via IDisposable
using var keyPair = ctx.GenerateKeyPair(PqAlgorithm.MlDsa65);
// ... usage ...
// Dispose() calls SecureZeroMemory on private key bytes
----
===== OPS.1.1.5 Logging =====
**Module:** Logging((BSI OPS.1.1.5: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Grundschutz/Kompendium_Einzel_PDFs_2023/06_OPS_Betrieb/OPS_1_1_5_Protokollierung_Edition_2023.pdf))
^ Requirement ^ BSI ID ^ WvdS Implementation ^ Status ^
| Create logging policy | OPS.1.1.5.A1 | Documented events | Completed |
| Ensure integrity | OPS.1.1.5.A3 | Signed audit logs | In Progress |
| Protect log data | OPS.1.1.5.A4 | Encrypted logs | In Progress |
==== Loggable Events ====
^ Event ^ Data ^ Purpose ^
| KeyGeneration | Algorithm, KeyId, Timestamp | Audit trail |
| CertificateCreation | Subject, Serial, Validity | PKI monitoring |
| SignatureOperation | KeyId, DataHash, Mode | Traceability |
| ValidationResult | CertChain, Status, Reason | Security monitoring |
----
===== APP.3.1 Web Applications and Web Services =====
**Relevance:** TLS configuration for web servers
^ Requirement ^ BSI ID ^ WvdS Implementation ^ Status ^
| TLS encryption | APP.3.1.A14 | Hybrid TLS certificates | Completed |
| Secure authentication | APP.3.1.A15 | mTLS with PQ certificates | Completed |
// Hybrid server certificate for TLS
var serverCert = request.CreateServerCertificate(
intermediateCa,
dnsNames: new[] { "api.example.com" },
mode: CryptoMode.Hybrid // ECDSA + ML-DSA
);
----
===== NET.3.1 Routers and Switches =====
**Relevance:** Network devices with certificates
^ Requirement ^ BSI ID ^ WvdS Implementation ^ Status ^
| Secure management access | NET.3.1.A4 | mTLS certificates | Completed |
| Secure protocols | NET.3.1.A9 | SSH/TLS with PQ | Completed |
----
===== Evidence Checklist for Auditors =====
**For BSI audits, use this checklist:**
| # | Checkpoint | Evidence | Status |
|---|-----------|----------|---|
| 1 | Crypto concept documented | [[en:int:pqcrypt:konzepte:start|Concepts]] | [ ] |
| 2 | NIST-compliant algorithms | FIPS 203/204 references | [ ] |
| 3 | Key generation via CSPRNG | OpenSSL 3.6 source | [ ] |
| 4 | Key derivation documented | [[en:int:pqcrypt:api:keyderivation:start|KeyDerivation API]] | [ ] |
| 5 | Secure key destruction | IDisposable pattern in code | [ ] |
| 6 | Hybrid cryptography | CryptoMode.Hybrid | [ ] |
| 7 | Certificate management | [[en:int:pqcrypt:szenarien:start|PKI Scenarios]] | [ ] |
----
===== BSI TR-03116 (Cryptographic Requirements) =====
The BSI Technical Guideline TR-03116((BSI TR-03116: https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/Technische-Richtlinien/TR-nach-Thema-sortiert/tr03116/TR-03116_node.html)) defines specific cryptographic requirements:
^ Requirement ^ TR-03116 Part ^ WvdS Conformance ^
| TLS 1.3 cipher suites | Part 4 | Supported |
| Signature algorithms | Part 1 | ML-DSA (NIST) |
| Key exchange | Part 4 | ML-KEM (NIST) |
| Hash functions | Part 1 | SHA-256/384/512 |
----
===== Further Reading =====
* [[.:start|Compliance Overview]]
* [[.:nis2|NIS2 Directive]]
* [[.:audit-checkliste|Complete Audit Checklist]]
* [[https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/IT-Grundschutz/it-grundschutz_node.html|BSI IT-Grundschutz (external)]]
----
//Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional//
{{tag>bsi it-grundschutz con1 con5 compliance audit}}