Building Trustworthy Security: A CC EAL4 File Encryption Application with Post-Quantum Key Exchange

In recent years, the rapid advancement of Information and Communications Technology (ICT) has opened up new possibilities and markets for innovative products and services. However, the widespread adoption of these products relies on consumers' confidence and markets' trust in their security functionalities. Establishing such trust requires rigorous development of security requirements, validation criteria, thorough evaluation, and ultimately, certification. The Common Criteria (CC), an international standard (ISO/IEC 15408), plays a crucial role in this process. Beyond instilling consumer confidence, CC certification offers significant benefits to organizations, including a demonstrably reduced security risk profile, streamlined procurement processes, and potentially lower insurance premiums. As a result, CC serves as the foundation for numerous government-led certification programs worldwide. A key consideration highlighted by this work is that Italian governmental agencies currently use foreign software solutions for sensitive and classified information exchanges, creating the need for an "in-house" developed solution that ensure robust security in a post-quantum computing environment. To address this problem, this work presents the design and development of a software application for file encryption and decryption that adheres to the Common Criteria fourth Evaluation Assurance Level (EAL4) directives. The application prioritizes a secure design and incorporates cryptographic algorithms aimed to safeguard users' interactions against potential threats posed by future advancements in quantum computing. Specifically, for symmetric algorithms only those believed to be able to withstand Grover's algorithm were selected, while, for the asymmetric key exchange, the post-quantum cryptography key exchange mechanism CRYSTALS-Kyber was used within the application, but considered outside the scope of the CC evaluation since it's in the process of being standardized by NIST this year. Despite this, the rest of the application is built to function in a post-quantum environment, with user-role-based access control and a robust key management system as its core strengths. These features provide security beyond encryption in an evolving digital landscape.