-i- IBM System Storage TS1120 Tape Drive - Machine Type 3592, Model E05 Security Policy Version 1.0 Revision 5.0 ii Version 1.0 Revision 5.0 1 Document History .................................................................................................................................................. 1 2 Introduction ............................................................................................................................................................ 1 2.1 References............................................................................................................................................... 2 2.2 Document Organization ........................................................................................................................ 2 3 TS1120 Encrypting Tape Drive Cryptographic Module Description..................................................................... 3 3.1 Overview ................................................................................................................................................. 3 3.2 Secure Configuration............................................................................................................................. 4 3.3 Ports and Interfaces ............................................................................................................................... 6 3.4 Physical Security .................................................................................................................................. 14 3.5 Cryptographic Algorithms and Key Management............................................................................ 15 3.6 Design Assurance ................................................................................................................................. 22 3.7 Mitigation of other attacks .................................................................................................................. 22 -1- 1 Document History Date Author Change 02/05/2007 James Karp Initial Creation 02/15/2007 James Karp Added in code EC numbers 02/19/2007 James Karp Added links to references 06/05/06 James Karp Update supported services and configuration information 08/14/2007 Christine Knibloe Incorporated feedback from Atlan 11/06/2007 James Karp Incorporated additional feedback from Atlan 02/29/2008 James Karp Reviewed and accepted additional changes from Atlan 05/01/2008 Christine Knibloe Reviewed and accepted changes from Atlan 2 Introduction This non-proprietary cryptographic module security policy describes how the IBM System Storage TS1120 Tape Drive - Machine Type 3592, Model E05meets the security requirements of FIPS 140-2 at overall security level 1, and how to run the TS1120 in a secure FIPS 140-2 manner. This policy was prepared as part of FIPS 140-2 validation of the TS1120. The IBM System Storage TS1120 Tape Drive - Machine Type 3592, Model E05is referred to in this document as the TS1120 Encrypting Tape Drive, the TS1120, the 3592 E05, and the encrypting tape drive. FIPS 140-2 (Federal Information Processing Standards Publication 140-2--Security Requirements for Cryptographic Modules) details the U.S. Government requirements for cryptographic modules. More information about the FIPS 140-2 standard and validation program is available on the NIST web site at: http://csrc.nist.gov/cryptval/ The security policy document is organized in the following sections. Introduction · References · Document Organization TS1120 Encrypting Tape Drive Cryptographic Module Description · Cryptographic Module Overview · Secure Configuration · Cryptographic Module Ports and Interfaces · Roles and Services · Physical Security 2 Version 1.0 Revision 5.0 · Cryptographic Key Management · Self-Tests · Design Assurance · Mitigation of Other Attacks 2.1 References This document describes the operations and capabilities of the TS1120 Encrypting Tape Drive only in the technical terms of FIPS 140-2 cryptographic module security policy and security functions performed by the tape drive. More information is available on the general function of the TS1120 Encrypting Tape Drive at the IBM web site: http://www.ibm.com/storage/tape/ The tape drive meets the T10 SCSI-3 Stream Commands (SSC) standard for the behavior of sequential access devices. In addition, the tape drive primary host interfaces are physical fibre channel ports. The physical and protocol behavior of these ports conforms to Fibre Channel Protocol (FCP) specification. These specifications are available at the INCITS T10 standards web site: http://www.T10.org / A Redbook describing Tape encryption and user configuration of the TS1120 in various environments can be found at: http://www.redbooks.ibm.com/abstracts/sg247320.html?Open The TS1120 format on the tape media is designed to conform to the IEEE P1619.1 committee draft proposal for recommendations for protecting data at rest on tape media. Details on P1619.1 may be found at: http://ieee-p1619.wetpaint.com/ 2.2 Document Organization The Security Policy document is one document in a complete FIPS 140-2 Submission Package. In addition to this document, the complete submission package contains: Vendor Evidence Document Other supporting documentation and additional references With the exception of this Non-Proprietary Security Policy, the FIPS 140-2 Validation Documentation is proprietary to IBM and is releasable only under appropriate non-disclosure agreements. For access to these documents, contact IBM. 3 Version 1.0 Revision 5.0 3 TS1120 Encrypting Tape Drive Cryptographic Module Description 3.1 Overview The TS1120 Encrypting Tape Drive is a set of hardware, firmware, and interfaces allowing the optional storage and retrieval of encrypted data to magnetic tape cartridges. The tape drive is FIPS certified as an entire "brick" unit as an embedded, multi-chip, cryptographic module. In customer operation the "brick" unit is embedded in a canister package for operation in a library or stand-alone frame. A block diagram of the TS1120 Encrypting Tape Drive is shown below: Cryptographic Module Block Diagram Message Display SDRAM SDRAM (U22,U27,U72, (U82,U41) U69,U26,U21,U68,U71) Port 0 Port 1 (J8) FC FAS600 FC (J9) (U42) Ajisai2E (U34) Cartridge Mem RS- RS- Service Misc. 422 232 Panel Port UPIF (U47) Other (J13) Card Functions Deck (U10, U14, (J10) Flash (U51) U9,U13,U15) SH4 (U11) PPC Head ACF I2C Power Tape (U52) (J7) SDRAM (U81,U38) SDRAM (U16) Main Card (J11) Drive Figure 1 : TS1120 Block Diagram 4 Version 1.0 Revision 5.0 The TS1120 Encrypting Tape Drive has two major cryptographic functions: Data Block Cipher Facility : The tape drive provides functions which provide the ability for standard tape data blocks as received during SCSI-type write commands to be encrypted before being recorded to media using AES block cipher using a provided key, and decrypted during reads from tape using a provided key . o Note the AES block cipher operation is performed after compression of the host data therefore not impacting capacity and datarate performance of the compression function o The TS1120 automatically performs a complete and separate decryption and decompression check of host data blocks after the compression/encryption process to validate there were no errors in the encoding process Secure Key Interface Facility: The tape drive provides functions which allow authentication of the tape drive to an external IBM key manager, such as the IBM Encryption Key Manager, (referred to in this document as the EKM), and allow establishment of encrypted key material between the key manager and the tape drive 3.2 Secure Configuration There are two approved modes of operation for the TS1120. They are: System-Managed Encryption (SME) Library-Managed Encryption (LME) A user may select an approved mode of operation by two different methods. The first is configuring the drive's VPD. This can be accomplished via the service panel interface or the library interface. The second method is issuing a SCSI Mode Select command to set values in Mode Page X'25'. In order to be in an approved mode of operation, the values of the fields Key Path (manager Type) (from VPD), In-band Key Path (Manager Type) Override, Indirect Key Mode Default, Key Scope, and Encryption Method must be set according to the table below. More details can be found in the TS1120 SCSI Reference. Table 6.1: Settings for Approved Modes of Operation Required Fields System-Managed Library-Managed Encryption (SME) Encryption (LME) Key Path (Manager Type) (from VPD) X'1' X'6' Mode Page X'25', byte 21, bits 7-5 In-band Key Path (Manager Type) Override X'0' or X'1' X'0' Mode Page X'25', byte 21, bits 4-2 Indirect Key Mode Default B'0' B'0' Mode Page X'25', byte 22, bit 4 Key Scope X'0' or X'1' X'0' or X'1' Mode Page X'25', byte 23, bits 2-0 Encryption Method X'10' or X'1F' X'60' Mode Page X'25', byte 27 A user can determine if the TS1120 is in the approved mode of operation by issuing a SCSI Mode Sense command to Mode Page X'25' and evaluating the values returned. 5 Version 1.0 Revision 5.0 Certain commands are prohibited while in the approved modes of operation. The commands vary by approved mode. In the LME approved mode of operation, all Mode Select commands to subpages of Mode Page X'25' are prohibited. In the SME approved mode of operation, Mode Select commands to the following subpages of Mode Page X'25' are prohibited. Table 6.2: Mode Select Eligibility of Mode Page X'25' Subpages Mode Page X'25' Subpages System-Managed Encryption Library-Managed Encryption (SME) (LME) X'C0' ­ Control/Status Allowed Prohibited X'D0' ­ Generate dAK/dAK' Pair Prohibited Prohibited X'D1' ­ Query dAK Prohibited Prohibited X'D2' ­ Update dAK/dAK' Pair Prohibited Prohibited X'D3' ­ Remove dAK/dAK' Pair Prohibited Prohibited X'D5' ­ Drive Challenge/Response Allowed Prohibited X'D6' ­ Query Drive Certificate Allowed Prohibited X'D7' ­ Query/Setup HMAC Prohibited Prohibited X'D8' ­ Install eAK Prohibited Prohibited X'D9' ­ Query eAK Prohibited Prohibited X'DA' ­ Update eAK Prohibited Prohibited X'DB' ­ Remove eAK Prohibited Prohibited X'DF' ­ Query dSK Allowed Prohibited X'E0' ­ Setup SEDK/EEDK(s) Allowed Prohibited X'E1' ­ Alter EEDK(s) Allowed Prohibited X'E2' ­ Query EEDKs (Active) Allowed Prohibited X'E3' ­ Query EEDKs (Needed) Allowed Prohibited X'E4' ­ Query EEDKs (Entire) Allowed Prohibited X'E5' ­ Query EEDKs (Pending) Allowed Prohibited X'EE' ­ Request EEDKs (Translate) Allowed Prohibited X'EF' ­ Request EEDKs (Generate) Allowed Prohibited X'FE' ­ Drive Error Notify Allowed Prohibited Loading a FIPS-certified drive microcode level and selecting an approved mode of operation initializes the TS1120. The TS1120 supports multi-initiator environments, but only one initiator may access cryptographic functions at any given time. Therefore the TS1120 does not support multiple concurrent operators. The TS1120 implements a non-modifiable operational environment which consists of a firmware image stored in FLASH. The firmware image is copied to, and executed from, RAM. The firmware image can only be updated via FIPS-approved methods that verify the validity of the image. 6 Version 1.0 Revision 5.0 3.3 Ports and Interfaces The cryptographic boundary of the TS1120 cryptographic module is the drive "brick" boundary and therefore supports all the interfaces of a standard tape drive. Tape data blocks to be encrypted (write operations) or decrypted data blocks to be returned to the host (read operation) are transferred on the Fibre Channel ports using SCSI protocol commands, while protected key material may be received on the Fibre Ports or the Library Port. The physical ports are separated into FIPS-140-2 logical ports as described below. Table 1 : Ports and Interfaces TS1120 Physical FIPS-140-2 Logical Interface Notes Interface Fiber Channel Port 0 Data Input Provides crypto service Data Output Control Input Status Output Fiber Channel Port 1 Data Input Provides crypto services Data Output Control Input Status Output Library RS-422 Port Data Input Provides crypto services Data Output Control Input Status Output Drive RS-232 Port None No services provided (Disabled ) ACF interface Status Output No crypto services provided Control Input I2C Interface Status Output No crypto services provided Data Output Data Input Control Input Miscellaneous Signal None Spare and unused signals Interface 7 Version 1.0 Revision 5.0 TS1120 Physical FIPS-140-2 Logical Interface Notes Interface Service Panel Interface Control Input Crypto services provided: Status Output Crypto status (encrypting or not) posted to message display Key zeroization VPD configuration Drive Message Display Status Output Crypto services provided: Control Input (reset / unload button) Crypto status (encrypting or not) posted to message display Drive Power Interface Power No crypto services provided RW Head Interface Data Output No Crypto services provided: Data Input Encrypted data is recorded to media or readback from media on this interface Cartridge Memory Data Output No Crypto services provided: Interface Data Input Encrypted key structures may be written to the cartridge memory or read from the cartridge memory on this interface 3.3.1 Interface Description Fibre Channel Port 0 and 1 o Host attachment interfaces accepting SSC-3 SCSI protocol commands and status o Raw and encrypted data blocks and encrypted keys are transferred on this interface Library RS-422 port o Automation interface using LDI or LMI command and status protocol o Encrypted key material may be transferred on this interface Drive RS-232 port o Debug port proprietary protocol o This interface is disabled in FIPS configuration ­ no function available 8 Version 1.0 Revision 5.0 ACF interface o Memory-mapped interface with extended processor data and address bus o Used to communicate to external logic on the canister and library o Drive is the interface master ­ no services provided I2C Interface o Standard 2-wire I2C control and status interface o Used to monitor external power supply status and to R/W external backup VPD o Drive is interface master ­ no services provided Miscellaneous Signal Interface o Unused spare signals wired to the connector Service Panel Interface o Used to attach an external Service Panel for configuration and status services o Power is supplied by the module to the external service panel on this interface Drive Message Display o Physical operator interface o Provides 8 character display, unload button, reset button Drive Power Interface o DC power interface providing +12V, +5V, ground RW Head Interface o Magnetic interface from the R/W head to the tape media o Used to magnetically record signals to the tape on writing and magnetically read signals on read back Cartridge Memory Interface o Each tape cartridge contains a small cartridge memory which stores status information about the tape cartridge o This is a contactless short distance RFID serial transmit/receive protocol interface 9 Version 1.0 Revision 5.0 3.3.2 Roles and Services The TS1120 supports both a Crypto Officer Role and a User Role, and uses basic cryptographic functions to provide higher level services. The two main services the TS1120 provides are: · the encryption or decryption of tape data blocks using the Data Block Cipher Facility. · the establishment and use of a secure key channel for key material passing by the Secure Key Interface Facility. It is important to note that the Secure Key Interface Facility may be an automatically invoked service when a User issues Write or Read commands with encryption enabled that require key acquisition by the TS1120. Under these circumstances the TS1120 automatically establishes a secure communication channel with a key manager and performs secure key transfer before the underlying write or read command may be processed. 3.3.3 User Guidance The services table describes what services are available to the User and Crypto Officer roles. There is no requirement for accessing the User Role To access the Crypto Officer role, a Service Panel must be attached and the TS1120 must be placed in the CE Offline state. This disables all interfaces with the exception of the service panel. Single Operator requirements: The TS1120 enforces a requirement that only one host fiber channel Initiator may have access to cryptographic services at any given time. 3.3.4 Provided Services Available services are also documented in the specified references. They are summarized here: Service Available on : Description Role Access to Keys/CSPs General purpose Fiber Channel As documented in the TS1120 SCSI User None and vendor unique Port 0 Reference SCSI SSC-3 commands Fiber Channel Port 1 User None General purpose Library RS-422 As documented in the Drive Library library commands Interface LDI and LMI Interface Specifications User None Drive Service Service Panel Services are provided for Configuration, Panel Diagnostic, and Status. The services are Configuration , performed manually with control button Diagnostic and sequences on an attachable Service Status services Panel as documented in 3592 E05 Maintenance Information Manual 10 Version 1.0 Revision 5.0 Service Available on : Description Role Access to Keys/CSPs User None Drive Message Drive Message The drive services provided by the Display services Display message display consist of: Unload button - drive will unload when pressed Reset Button ­ drive will reset when pressed Write Command Fiber Port 0 The Secure Key Interface Facility User Uses DK (SCSI command automatically requests a key, provides x`0A' ) Fiber Port 1 authentication data, securely transfers and verifies the key material. (with encryption enabled) The Data Block Cipher Facility encrypts the data block with the received Data Key using AES block cipher for recording to media. A received EEDK is automatically written to media using the Cartridge memory and the RW Head Interface. The Decryption-on-the-fly check performs AES decryption of the encrypted data block and verifies the correctness of the encryption process Read Command Fiber Port 0 The Secure Key Interface Facility User Uses DK (SCSI command automatically requests a key, provides x'08') Fiber Port 1 authentication data and EEDK wrapped key information if available, securely (with encryption transfers and verifies the key material. enabled ) The received Data Key is used by the Data Block Cipher Facility to decrypt the data block with using AES decryption and returning Plaintext data blocks to the host; Optionally in Raw mode the encrypted data block may be returned to the host in encrypted form (not supported in approved configuration) Access to Fiber Port 0 Performed via mode select to Mode User None Encryption Page x'25' and Encryption Subpage Control registers Fiber Port 1 x'C0' for program Library control Interface 11 Version 1.0 Revision 5.0 Service Available on : Description Role Access to Keys/CSPs Access to Fiber Port 0 Performed via mode sense to Mode User None Encryption Status Page x'25' and Encryption Subpage registers for Fiber Port 1 x'C0' program status Library monitoring Interface Query Drive Fiber Port 0 Allows reading of the Drive Certificate User Reads Certificate public key. Performed via mode sense dCert Fiber Port 1 to Mode Page x'25' and Encryption Library Subpage x'D6'; the provided certificate Interface is signed by the IBM Tape Root CA. Query dSK Fiber Port 0 Allows reading of the Drive Session User Reads dSK (Public) Key Performed via mode Fiber Port 1 sense to Mode Page x'25' and Library Encryption Subpage x'DF'. Interface Setup an SEDK Fiber Port 0 This is the means to import an encrypted User Uses and EEDK private key to the TS1120 for use in SEDK, structure (a Fiber Port 1 writing and encrypted tape or in order to dCert, & protected key Library read a previously encrypted tape. dSK. structure) Interface Performed via mode select to Mode generates Page x'25' and Encryption Subpage dSK. x'E0' . In this service, the module generates a drive session key pair. The module then sends the dSK to the EKM where it is used to create an SEDK. At this time, the EKM also uses its own RSA key to generate the EEDK. Then, the EKM sends both the SEDK and the EEDK back to the module. Query EEDK(s) ­ Fiber Port 0 Allows the reading from the drive of User None active, needed, EEDK structures in different categories pending , entire Fiber Port 1 for the medium currently mounted. (all) Library Performed by Mode Select commands to Interface Mode Page x25' and various subpages. 12 Version 1.0 Revision 5.0 Service Available on : Description Role Access to Keys/CSPs Request EEDK(s) Fiber Port 0 This status command is used when the User Users dSK, Translate drive has already notified the Key dCert, & Fiber Port 1 Manager that it has read EEDKs from a SEDK Library mounted, encrypted tape and needs them Interface translated to an SEDK and returned for the drive to read the tape. The key manager issues this command to read EEDK(s) structures which the drive requires to be translated by the Key Manager and subsequently returned to the drive as an SEDK structure to enable reading of the currently active encrypted area of tape. Performed via mode sense to Mode Page x'25' and Encryption Subpage x'EE' . Request EEDK(s) Fiber Port 0 This status command is used when the User Uses dSK, Generate drive has already notified the Key dCert, Fiber Port 1 Manager that it requires new SEDK and SEDK Library EEDK(s) to process a request to write an Interface encrypted tape. This page provides information about the type of key the drive is requesting. Performed via mode sense to Mode Page x'25' and Encryption Subpage x'EF' . Alter EEDK(s) Fiber Port 0 This command is used to modify the User None EEDK structures stored to tape and Fiber Port 1 cartridge memory. Library The TS1120 will write the modified Interface structures out to the tape and cartridge memory as directed. Performed via mode sense to Mode Page x'25' and Encryption Subpage x'E1' . Drive Error Notify Fiber Port 0 These status responses are the means User None and Drive Error used by the drive to notify the Key Notify Query Fiber Port 1 Manager that an action is required, such Library as a Key generation or Translate, to Interface proceed with an encrypted write or read operation. These status responses are read via Mode Sense commands to Mode Page x'25' subpage `EF" and `FF'. Power On Self- Power Performs integrity and cryptographic User None Tests algorithm self-tests, code image signature verification 13 Version 1.0 Revision 5.0 Service Available on : Description Role Access to Keys/CSPs Configure Drive Fiber Port 0 Allows controlling of default encryption User None VPD settings mode and other operating parameters Fiber Port 1 Library Interface Service Panel Diagnostic Fiber Port 0 A Send Diagnostic command may be User None Program issued on Fiber or library interfaces to Invocation Fiber Port 1 invoke diagnostics. The only supported Service Panel crypto diagnostic from this interface is the Key Path Check diagnostic. The user must power cycle the drive to invoke full self-test diagnostics Firmware Fiber Port 0 Attempts to load a new, signed version User None Upgrade of the drive firmware. The drive will Fiber Port 1 only load signed firmware after first verifying its integrity and authenticity. Key Zeroization Service Panel Zeroes all private plaintext keys in the Crypto None TS1120 Officer 14 Version 1.0 Revision 5.0 3.4 Physical Security The TS1120 is intended to meet level one physical security requirements. The TS1120 cryptographic boundary is the drive "brick" unit. The drive brick unit has industrial grade covers, and all the drive's components are production grade. The TS1120 drive requires no preventative maintenance, and field repair is not performed for the unit. The drive brick covers are not removed in the field in the approved configuration. All failing units must be sent intact in the canister to the factory for repair. The brick unit is embedded in a (factory supplied) canister assembly that also has industrial grade covers. The figures below show the TS1120 drive brick and canister. Figure TS1120 Drive Brick 15 Version 1.0 Revision 5.0 Figure 2 TS1120 Drive Canister 3.5 Cryptographic Algorithms and Key Management 3.5.1 Cryptographic Algorithms The TS1120 supports the following basic cryptographic functions. These functions are used by the Secure Key Interface Facility or the Data Block Cipher Facility to provide higher level user services. Table 2 : Basic Cryptographic Functions Algorithm Type /Usage Specification / Performed Approved by/Used by AES mode encryption / Symmetric Cipher AES ASIC decryption Encrypts data blocks while FIPS-197 underlying (256-bit keys) performing decrypt-on-the-fly AES verification Decrypts data blocks 16 Version 1.0 Revision 5.0 Algorithm Type /Usage Specification / Performed Approved by/Used by PRNG IV generation for AES counter X-FIPS 186-2 (original) Code mode, Drive Session Key generation SHA-1 based SHA-1 Hashing Algorithm FIPS-180-2 Code Multiple uses Used in PRNG and other internal operations SHA-256 Hashing Algorithm FIPS-180-2 Code Digest checked on EKM messages, digest appended on messages to EKM RSA RSA Key Generation Non-approved, but Code allowed in FIPS mode Key Establishment Session key generation 2048-bit key Decryption Decryption of transported key material SEDK decrypt RSA Digital signature signing and FIPS-186-2 Code verification PKCS#1-v1.5 Used to sign the session RSASSA-PKCS1-v1_5. key with the dCert' Verifies code image signature before use on new code image load TRNG (Custom) Seeding PRNG Non-Approved ASIC 17 Version 1.0 Revision 5.0 3.5.2 Keys and CSPs Key usage and flows are outlined in the Tape Drive Design and Key Flow documentation. This is a summary of CSPs and other keys used by the TS1120. Cryptographic Key Type Generatio Approved Entered Output Storage/Form Zeroiz Key (CSP) n Generation into device from ation device Drive RSA 2048-bit No N/A Yes at time Yes Drive VPD N/A Certificate PKCS#1 of (upon Public Key manufacture request) Non-volatile (at time of manufacture, not Plaintext generated by drive) Drive RSA 2048-bit No N/A Yes at time No Drive VPD Yes Certificate PKCS#1 of Private Key manufacture Non-volatile (at time of dCert' manufacture, not Obfuscated Plaintext generated by CSP drive ) Drive Session RSA 2048-bit Yes No (allowed No Yes Drive RAM N/A Public Key in FIPS (upon PKCS#1 mode) request) Ephemeral dSK Plaintext Drive Session RSA 2048-bit Yes No (allowed No No Drive RAM Yes Private Key in FIPS PKCS#1 mode) Ephemeral dSK' Obfuscated Plaintext CSP 186-2 PRNG Seed (20 bytes) Yes Yes (using No No Drive RAM Yes Key TRNG) Ephemeral CSP Plaintext 186-2 PRNG Seed (20 bytes) Yes Yes (using No No Drive RAM Yes Seed TRNG) Ephemeral Plaintext IV Random Number used to Yes Yes (using No No Drive RAM Yes Number form nonce for PRNG) AES counter Ephemeral blocks, 16 bytes Plaintext 18 Version 1.0 Revision 5.0 Cryptographic Key Type Generatio Approved Entered Output Storage/Form Zeroiz Key (CSP) n Generation into device from ation device Yes, Session AES-256 Data No N/A encrypted No Drive RAM Yes Encrypted Key that is through Data Key received in Ephemeral RSA key encrypted form transport (Transiently) SEDK from the EKM ; Stored in its RSA-2048 received, RSA encrypted with encrypted form the Drive Session Public Key Externally AES-256 Data No N/A Yes Yes Drive RAM N/A Encrypted Key that is encrypted (upon Data Key received in an request Ephemeral encrypted form and to Stored in its EEDK from the EKM, tape received, (not a CSP) which only the cartridg encrypted form EKM can e and decrypt CM port) Data Key AES-256 bit No N/A Yes (as No When in use: Yes symmetric key SEDK DK only) Stored In (encrypted) ASIC; CSP (unreadable register) Ephemeral Plaintext Before Use: Drive RAM Ephemeral Encrypted form as SEDK After use: Zeroized Firmware RSA 2048 bit No N/A No No Hard Coded No Image public key Certificate Additional notes on key management: · Private key material is never output from the TS1120 in plaintext, only in encrypted form · Private key material may only be imported to the TS1120 in encrypted form 19 Version 1.0 Revision 5.0 3.5.3 Bypass States The TS1120 supports the following bypass states: Static Bypass Mode 1: Encryption disabled Static Bypass Mode 2: Zero key usage for all records Alternating Bypass Mode 1: Zero Key usage all labels Alternating Bypass Mode 2 : Zero Key usage on Volume Labels Bypass entry, exit, and status features are provided to meet approved methods for use of bypass states. 3.5.4 Self-Test The TS1120 performs both Power On Self Tests and Conditional Self tests as follows. The operator shall power cycle the device to invoke the Power On Self tests. Algorithm Power on Self Test AES KAT performed for Encrypt and Decrypt (256-bit) (256-bit keys) PRNG KAT performed SHA-1 KAT performed SHA-256 KAT performed PKCS #1 :RSA Key No KAT test required; Continuous self- Generation test performed (1024/2048-bit keys) PKCS #1 RSA No KAT required, but internal self test is Encryption/Decryption performed (1024/2048-bit keys) TRNG (Custom) No KAT required Software/Firmware Yes Integrity Check CRC check of all images on reboot; 20 Version 1.0 Revision 5.0 Conditional self tests are also performed by the TS1120 as follows: Function Conditional self test Condition Implementation PRNG Yes Every time a random Ensure the newly number is generated generated random number does not match the previously generated random number . Also ensure the first number generated after start up is not used and is stored for the next comparison SHA-1 No N/A N/A SHA-256 No N/A N/A PKCS #1 :RSA Key Yes When a new key is Ensure that the new key Generation generated pair is valid, perform sign/verify including (1024/2048-bit keys) PKCS#1 formatting and SHA-1 hashing PKCS #1 RSA No N/A N/A Encryption/Decryption (1024/2048-bit keys) TRNG (Custom) Yes Every time a random Ensure the newly number is generated generated random number does not match the previously generated random number . Also ensure the first number generated after start up is not used and is stored for the next comparison Software/Firmware Yes Every time new RSA PKCS #1 signature Load Test (drive firmware is loaded verification of new code firmware) image before new image may be loaded Ensure that the XSeed and Seed and Seed key No When seeding or re- XKey values are not equal check seeding an approved for FIPS 186-2 PRNG; TRNG is used generation. for this purpose. (See TRNG conditional self- XKey and XSeed are test.) generated from the hardware TRNG, and compared on instantiation of the PRNGs. If XKey is equal to XSeed then they are regenerated until not equal. 21 Version 1.0 Revision 5.0 Function Conditional self test Condition Implementation Exclusive Crypto Yes When switching Ensure the correct output Bypass Test between encryption and of data after switching bypass modes modes, and ensure that no and change to the bypass state Alternating Crypto has been made since the Bypass-Test last official switch. (note: the same checks serve as both alternating and exclusive bypass tests) Key Path test Yes When the Send The drive will initiate a Diagnostic command key request and key specifying this transfer operation with an diagnostic number is attached Key Manager; received from the host random protected key fiber or library port; the material is imported into drive must be unloaded the device and checked and idle or the command for validity; status is is rejected reported back to the Key Manager and the invoking Host 22 Version 1.0 Revision 5.0 3.6 Design Assurance TS1120 release parts are maintained under the IBM Engineering Control (EC) system. All components are assigned a part number and EC level and may not be changed without re-release of a new part number or EC level. The certified TS1120 hardware level is : Part Number 23R6564 EC level H82149. The certified drive firmware level is: EC H82669 95P5202 CD Rom 95P5203 Microcode Image 95P5204 FRU: CD Rom (includes the paper envelope) 3.7 Mitigation of other attacks The TS1120 does not claim to mitigate other attacks.