A Survey of Cryptographic Algorithm Usage (A30a)
The choice of cryptographic algorithms and corresponding key lengths is a challenge when designing a product. There are many national and industry standards, as well... Read More
CVSS as a Tool for Attack Potential Calculation (M13c)
CVSS is a widespread vulnerability score model adopted by many known vulnerability databases and it could provide a useful aid to the evaluator for CC... Read More
Summary Panel Discussion: How Will Common Criteria Deal With the Complex Interplay Between Multiple Global Frameworks? (P32a)
This expert discussion addresses the relationship between CC and the growing number of cybersecurity frameworks. How does CC address this complexity? CC offers a standardized... Read More
Panel Discussion: Common Criteria (CC)—Maintenance and Development (L31b)
In 2022, the new ISO/IEC 15408:2022 series and ISO/IEC 18045:2022, as well as the corresponding CCRA version CC/CEM:2022, were successfully finished and published, providing improved... Read More
Beyond Pass/Fail: Revolutionizing CC Scoring for Enhanced Assurance and Decision-Making (L31a)
For years, the CC framework has been a cornerstone in certifying the security of IT products. However, despite its widespread use, significant challenges persist in... Read More
Enhancing Common Criteria Evaluations: The Potential and Risks of AI Integration (A31b)
Integrating AI into Common Criteria (CC) evaluations could significantly benefit vendors and laboratories by streamlining processes and improving accuracy. Vendors could use AI for pre-assessment,... Read More
Challenges in the Transition to CC:2022—Update of Protection Profiles (A31a)
With the new version of Common Criteria in force, there is a need to align the Protection Profiles contents used in certification. This talk discusses... Read More
Statistical Bounds to Expedite (High-Order) Side-Channel Attacks (M31c)
Side-channel analyses are well-known threats to assets contained in Targets of Evaluation (ToE). They are very often contemplated in AVA_VAN evaluation. The reason is that... Read More
EUCC – Ready for Software Evaluations? (M31b)
EUCC has the potential to be a major milestone for the harmonized application of CC for a large market. During the last five years while... Read More