Skip to main content

République tunisienne

Republic of Tunisia
Ministry of Communication Technologies and Digital Economy

homologation

USES
CERTIFICATES

Discover the different uses of our certificates

WHERE TO GET

MY CERTIFICATE ?

See the complete list of our points of sale

Approval

Presentation

The encryption means imported or commercialized and used to encrypt data exchanged through telecommunications networks are submitted to the technical approval of the National of Agency for Digital Certification(TUNRUST) (Décret N° 2008-2639 du 21 juillet 2008).

These products are subject to verification operations carried out by the National of Agency for Digital Certification (TUNRUST) for certifying that the technical characteristics of encryption equipments meet the technical standards and regulations in force.

Requests for approval sent to the National of Agency for Digital Certification (TUNRUST) must be handed in to the one-stop window of the CERT (Telecommunications Studies and Research Centre).

Request for Approval

The approval folder of an encryption system must contain the following documents :

  • a declaration form supplied by the NDCA (or CERT one-stop window) correctly filled in and signed by the applicant
  • a copy of the applicant’s ID card (trading register)
  • a copy of the legal person in charge’s ID card
  • a certificate of the origin of manufacture of the means of encryption, either original or certified copy (if need be)
  • a description of the technical features of the encryption system for which the application is being made
  • a user’s and programming handbook
  • the encryption system
  • acknowledgement of payment of the fixed costs relative to the approval, according to the rates in force (or an order form for state enterprises).

Rates in force

Costs for approval of the encryption systems depend on their class. In regards to the approval of crypto tools service, payment should be done at the CERT one-stop window.

The table below shows the classes of encryption systems and the rates applied to each class.

Class Approval royalties
A: Client software or end-equipment 590,000
B: Encryption module integrated in the transmission and security equipment (router, firewall, access server…) 944,000
C: Encryption module integrated in the certification and security platforms or other non-specific systems 1180,000
For more information, please contact the Approval of crypto tools Unit :
Tel: +216 70 834 559
E-mail: homologation@certification.tn

Request of compliance

The folder for a request of compliance must contain the following documents:

  • a declaration form supplied by the National of Agency for Digital Certification (TUNRUST) (or CERT one-stop window) correctly filled in and signed by the applicant
  • a copy of the approval certificate
  • a description of the technical features of the means of encryption for which the request is being made
  • a user’s and programming handbook
  • a temporary removal permit
  • the list of serial numbers of the means for which the request is being made.
  • the samples of the product subject to the request
  • receipt of payment of the charge according to the rates in force (or order form for state enterprises).

Rates in force

Compliance costs for encryption means are fixed by engineer day unit according to class and number of samples. The cost of the engineer day is set at 270 TD excluding VAT (18% VAT).

In regards to the compliance service, payment should be done at the CERT one-stop window.

The table below shows, for each class of encryption means, the number of engineer days to be billed according to the number of samples.

Class 1 engineer day 2 engineer days 3 engineer days
A From 1-5 samples From 6-10 samples Over 10 samples
B From 1-3 samples From 4-6 samples Over 6 samples
C 1 sample 2 samples Over 2 samples
For more information, please contact the Approval of crypto tools Unit :
+216 70 834 559
E-mail: homologation@certification.tn

Requests for approval sent to the National of Agency for Digital Certification (TUNRUST) must be handed in to the one-stop window of the CERT (Telecommunications Studies and Research Centre).

The importation and commersialization of encryption means

The importation and commercialization of the encryption means used to encrypt data exchanged through telecommunications networks are submitted to authorization of the National Digital Certification Agency on the basis of the technical approval certificate.

The authorisation is delivered Further to the study of the encryption mean approval application.

The importation and commercialization of the encryption means of frequent use approved by the National Digital Certification Agency are not submitted to authorization. These equipments are fixed by the National Digital Certification Agency in a list periodically updated.

The standards for the certification of encryption products

1-IETF - Internet Engineering Task Force

  • IPSec working group: architecture and related protocols standards
  • Profiling Use of PKI for IPSec working group : standards uses the digital certificate with protocol IPsec
  • Public Key Infrastructure (X.509) PKIX working group : standards list for PKI infrastructure
  • Transport Layer Security tls working group: Standards for the TLS Web Security Protocol
  • working group S/MIME Mail Security (smime) : Standards for S / MIME secure e-mail working group signature XML : standards for e-signature XML (Extensible Markup Language)

2-IEEE- Institute of Electrical and Electronics Engineers

IEEE 802.11 i (WPA2) : International standard that provides an advanced security solution for WiFi networks. It 's based on the TKIP encryption algorithm, but it also supports the Advanced Encryption Standard (AES).

3- National Institute of Standards in Telecommunication (NIST), Security Technology Group

NIST work on public key infrastructure and cryptography

4- Standards RSA “Public Key Cryptography Standards PKCS”

RSA public key cryptography standard list

5- Groupe de travail CCRA Common Criteria Recognition Arrangement