The TSF may employ cryptographic functionality to help satisfy several high-level security objectives. These include (but are not limited to): identification and authentication, non-repudiation, trusted path, trusted channel and data separation. This class is used when the TOE implements cryptographic functions, the implementation of which could be in hardware, firmware and/or software.
The FCS class is composed of two families: FCS_CKM Cryptographic key management and FCS_COP Cryptographic operation . The FCS_CKM Cryptographic key management family addresses the management aspects of cryptographic keys, while the FCS_COP Cryptographic operation family is concerned with the operational use of those cryptographic keys.
Figure 5.1 shows the decomposition of this class into its constituent components.
Figure 5.1 - Cryptographic support class decomposition