CMS Products CE Secure, FIPS 140-2 Module Security Policy Security Level 2   CMS Products  1  Table of Contents 1.0 Introduction ................................................................................................................................... 4 1.1 Scope ..................................................................................................................................... 4 1.2 Security Levels....................................................................................................................... 4 1.3 References............................................................................................................................. 4 1.4 Acronyms ............................................................................................................................... 5 2.0 Cryptographic Module Description ............................................................................................... 6 2.1 Overview ................................................................................................................................ 6 2.2 Logical to Physical Port Mapping ........................................................................................... 6 2.3 Hardware and Firmware Versions ......................................................................................... 6 2.4 FIPS Approved Algorithms..................................................................................................... 7 2.5 Self-Tests ............................................................................................................................... 7 2.6 FIPS 140 Approved Modes of Operation ............................................................................... 7 2.6.1 ATA Enhanced Security Mode ........................................................................................ 8 2.6.2 TCG Opal Security Mode ................................................................................................ 8 2.6.3 Single User Data Ranges ................................................................................................ 9 2.7 User Data Cryptographic Erase Methods .............................................................................. 9 2.8 Revert and Revert SP Methods ............................................................................................. 9 3.0 Identification and Authentication (I&A) Policy ............................................................................. 10 3.1 Operator Roles..................................................................................................................... 10 3.1.1 Crypto Officer Roles ...................................................................................................... 10 3.1.2 User Roles..................................................................................................................... 10 3.1.3 Unauthenticated Role .................................................................................................... 11 3.2 Authentication ...................................................................................................................... 11 3.2.1 Authentication Type....................................................................................................... 11 3.2.2 Authentication in ATA Enhanced Security Mode ........................................................... 11 3.2.3 Authentication in TCG Opal Security Mode ................................................................... 11 3.2.4 Authentication Mechanism, Data and Strength ............................................................. 12 3.2.5 Personalizing Authentication Data ................................................................................ 12 4.0 Access Control Policy ................................................................................................................. 13 4.1 FIPS Services ...................................................................................................................... 13 4.2 Non-FIPS Mode Services .................................................................................................... 16 4.3 Cryptographic Keys and CSPs ............................................................................................ 17 5.0 Physical Security ........................................................................................................................ 19 5.1 Mechanisms ......................................................................................................................... 19 5.2 Operator Requirements ....................................................................................................... 20 6.0 Operational Environment ............................................................................................................ 22 7.0 Security Rules ............................................................................................................................ 23 7.1 Secure Initialization .............................................................................................................. 23 7.2 Ongoing Policy Restrictions ................................................................................................. 23 8.0 Mitigation of Other Attacks Policy ............................................................................................... 23   CMS Products  2  Revision History REV DATE BY COMMENTS 1 07/26/12 Eric R Initial Release 2 10/22/12 Eric R Updated to reflect most current documentation and CMS Products configurations     CMS Products  3  1.0 Introduction 1.1 Scope This security policy applies to the FIPS 140-2 CE Secure cryptographic module (CM). The Seagate Secure(R) TCG Opal SSC Momentus(R) Thin Self-Encrypting Drive and embedded CM are the foundation for CMS Products, CE Secure line of products. This document meets the requirements of the FIPS 140-2 standard (Appendix C) and Implementation Guidance (section 14.1). It does not provide interface details needed to develop a compliant application. This document is non-proprietary and may be reproduced in its original entirety. 1.2 Security Levels Requirement Area Level Cryptographic Module Specification 2 Cryptographic Module Ports and Interfaces 2 Roles, Services and Authentication 2 Finite State Model 2 Physical Security 2 Operational Environment N/A Cryptographic Key Management 2 Electromagnetic Interface / Electromagnetic Compatibility (EMI / 3 EMC) Self – Tests 2 Design Assurance 2 Mitigation of Other Attacks N/A   1.3 References FIPS PUB 140-2 Derived Test Requirements for FIPS PUB 140-2 Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program TCG Storage Security Subsystem Class: Opal, Specification Version 2.00 TCG Storage Architecture Core Specification, Specification Version 2.00 TCG Storage Interface Interactions Specification, Specification Version 1.0 TCG Storage Opal SSC Feature Set: Single User Mode, Specification Version 1.0 ATA-8 ACS Serial ATA Rev 2.6 (SATA)   CMS Products  4  1.4 Acronyms AES Advanced Encryption Standard (FIPS 197) CBC Cipher Block Chaining, an operational mode of AES CM Cryptographic Module CO Crypto-officer CSP Critical Security Parameter MEK Media Encryption Key FIPS 140 FIPS 140-2 HDA Head and Disk Assembly HDD Hard Disk Drive IV Initialization Vector for encryption operation LBA Logical Block Address KAT Known Answer Test MBR Master Boot Record MSID Manufactured SID, public drive-unique value that is used as default PIN, TCG term POR Power-on Reset (power cycle) POST Power on Self-Test PSID Physical SID, public drive-unique value RNG Random Number Generator SED Self-Encrypting Drive, Seagate HDD products that provide HW data encryption. SID Security ID, PIN for Drive Owner CO role, TCG term SoC System-on-a-Chip SP Security Provider or Security Partition (TCG), also Security Policy (FIPS 140) SUDR Single User Data Range   CMS Products  5  2.0 Cryptographic Module Description 2.1 Overview The CMS Products CE-HDDFIPS contain a Seagate Secure TCG Opal SSC Self- Encrypting Drive (SED) FIPS 140 Module embedded in Seagate Momentus Thin SEDs. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA ranges, and authenticated FW download. The services are provided through an industry-standard TCG Opal SSC interface. The CM is a multiple-chip embedded physical embodiment. The cryptographic boundary is the entire physical drive. The physical interface to the CM is the SATA connector and jumper block pins. The logical interface is the industry-standard ATA (7), TCG SWG (5), and Opal SSC (4) protocols, carried on the SATA transport interface (9). The primary function of the module is to provide data encryption, access control and cryptographic erase of the data stored on the hard drive media. The human operator of the drive product interfaces with the CM through a “host” application on a host system. 2.2 Logical to Physical Port Mapping FIPS 140-2 Interface Module Ports Data Input SATA Connector Data Output SATA Connector Control Input SATA Connector Status Output SATA Connector Power Input Power Connector   2.3 Hardware and Firmware Versions CMS Products Description Contains Drive CMS Products Seagate FIPS Firmware Number Approved Drive CE-HDDFIPS-500 CE Hard drive FIPS Validated 500GB 9WU142 0001SDM7 CE-HDDFIPS-320 CE Hard drive FIPS Validated 320GB 9WU14C 0001SDM7 CE-HDDFIPS-250 CE Hard drive FIPS Validated 250GB 9WU141 0001SDM7 The configurations vary by storage capacity which does not involve FIPS services.   CMS Products  6  2.4 FIPS Approved Algorithms Algorithm Certificate Number ASIC AES #1845 Firmware AES #1343 RSA #650 SHA #1225 800-90 DRBG #62 FIPS Non-Approved but Allowed Algorithm: - Non-deterministic Random Number Generator (NDRNG) 2.5 Self-Tests Function Self-Test Implementation Failure Behavior Tested Type ASIC AES Power-On Encrypt and Decrypt KAT Enters FIPS Self Test Fail performed State Firmware AES Power-On Encrypt and Decrypt KAT Enters FIPS Self Test Fail performed State RSA Power-On Verify KAT performed. Enters FIPS Self Test Fail State SHA-256 Power-On Digest KAT performed Enters FIPS Self Test Fail State 800-90 DRBG Power-On DRBG KAT performed Enters FIPS Self Test Fail State Firmware Power-On 16-bit CRC and ECC Enters FW Integrity Error Integrity Check State Firmware Load Conditional: RSA PKCS#1 signature Firmware download is Check When new verification of new firmware aborted. firmware is image is done before it can be downloaded loaded. 800-90 DRBG Conditional: Newly generated random Enters FIPS Self Test Fail When a random number is compared to the State. number is previously generated random generated number. Test fails if they are equal. A continuous test is performed on the Non-deterministic Random Number Generator (NDRNG) that compares newly generated random number to the previously generated random number. Test fails if they are equal. 2.6 FIPS 140 Approved Modes of Operation Before the operator performs the Secure Initialization steps detailed in Section 7.1, the drive will operate in a non-Approved mode (uninitialized state). From this mode, the operator may choose to initialize the CM to operate in either the ATA Enhanced Security Mode or TCG Opal Security Mode. After setting up (configuring) the CM per the Security Rules detailed in Section 7.1, the CM will remain in FIPS Approved mode of operation until either a critical failure has been detected; or any ‘Exit FIPS Mode’ services is invoked; or the “Show Status” service does not return the expected status (refer to Section 4.1).   CMS Products  7  An operator can switch the CM between these FIPS Approved modes of operation. To do so, he must first, transition to the uninitialized state (via ‘Exit FIPS Mode’ service) which will zeroize the keys and CSPs. He must then reinitialize the CM per the Security Rules detailed in Section 7.1 to return to a FIPS Approved mode of operation The module’s FIPS modes of operation are enforced through configuration and policy. Violating these ongoing policy restrictions (detailed in Section 7.2) would mean that one is no longer using the drive in a FIPS Approved mode of operation. 2.6.1 ATA Enhanced Security Mode This mode provides services through industry-standard ATA commands, and TCG Opal commands addressed to the TCG Admin SP. Some of the services are based on the ATA Security Feature set but with vendor-unique extensions (e.g. encryption of user data on media). Other services are based on the TCG Opal commands. To operate in ATA Enhanced Security Mode, the ATA User must do a Set PIN from the uninitialized state. This mode corresponds to having a deactivated TCG Opal Locking SP. ATA Enhanced Security Mode implements the Master and User roles as defined in ATA. The ATA security lock / unlock states correspond to operator authentication for the Read / Write data services (which use an internal AES 256-bit key for encryption and decryption of data written to and read from the drive media respectively). In addition, a “Drive Owner” CO role is provided, which can enable or disable access to the FW download service for FW upgrade. Additionally, a cryptographic erase service is provided to the Master and User roles through the ATA Security Erase Unit commands. The FW download service (ATA Download Microcode command) provides a FIPS Approved FW load test by verifying the code’s embedded 2048-bit RSA signature. 2.6.2 TCG Opal Security Mode This mode provides services through industry-standard ATA commands, TCG Opal commands addressed to the TCG Admin SP, and TCG Opal commands addressed to the TCG Locking SP. It provides all of the services of the ATA Enhanced Security Mode as well as additional features through TCG Opal commands. Some ATA Security commands are disabled in this mode and their functionality is provided through the TCG Opal commands. To operate in TCG Opal Security Mode, the Drive Owner must invoke the Activate method on the Locking SP from the uninitialized state. One of the fundamental differences in this Mode is the capability to have multiple Users with independent access control to read/write/erase independent data areas (LBA ranges). Note that by default there is a single “Global Range” that encompasses the whole user data area. In addition to the Drive Owner and User(s) roles, this mode implements a CO role (Admins) to administer the additional features. These features include: Enable/disable additional Users Create and configure multiple LBA Ranges Assign access control of Users to LBA Ranges Lock/unlock LBA Ranges Erase LBA Ranges using Cryptographic Erase MBR Shadowing   CMS Products  8  2.6.3 Single User Data Ranges (SUDRs) While invoking the Activate method to enter TCG Opal Security Mode, the Drive Owner may elect to classify one or more user data ranges as “Single User Data Ranges” (SUDRs). Such SUDRs conform to the Single User feature set as defined in the Opal SSC feature set [7] and are managed solely by the associated User role. Details of the differences between SUDRs and normal data ranges can be found in Section 4.1, Table 2.1. Note that once in TCG Opal Security Mode, the only way to change the classification of a user data range without invoking the “Exit FIPS Mode” service is by using the Reactivate method. 2.7 User Data Cryptographic Erase Methods Since all user data is encrypted / decrypted by the CM for storage / retrieval on the drive media, the data can be erased using a cryptographic method. The data is effectively erased by changing the encryption key (MEK). Thus, the FIPS 140 key management capability of “zeroization” of the key erases all the user data. This capability is available through both FIPS modes. Of course the user data can also be erased by overwriting, but this can be a long operation on high capacity drives. Other FIPS services can be used to erase all the other private keys and CSPs (see Section 2.8). 2.8 Revert and Revert SP Methods In either ATA Enhanced Security Mode or TCG Opal Security Mode modes, the TCG Revert and Revert SP methods may be invoked by an appropriately authenticated Role to transition the CM into uninitialized state (non-Approved) mode. This corresponds to the “Exit FIPS Mode” service and is akin to a “restore to factory defaults” operation. This operation also provides a means to zeroize keys and CSPs. Subsequently, the CM has to be re-initialized before it can return to a FIPS Approved mode of operation (i.e. ATA Enhanced Security Mode or TCG Opal Security Mode). These Revert and Revert SP methods may be invoked by the Drive Owner, Admin SP Admins, Locking SP Admins or an unauthenticated role using the public PSID value.   CMS Products  9  3.0 Identification and Authentication (I&A) Policy 3.1 Operator Roles Note: The following identifies the CO and User roles with a general description of the purposes. For further details of the services performed by each role in each FIPS mode, see section 4.1. 3.1.1 Crypto Officer Roles 3.1.1.1 Drive Owner This CO role corresponds to the SID (Secure ID) Authority on the Admin SP as defined in Opal SSC [4]. This role is used to transition the CM to TCG Opal Security Mode or to download a new FW image. Note: only a FIPS validated firmware version can be loaded to the module. Otherwise, the module is not operating in FIPS mode. 3.1.1.2 Admins (1-4) in Locking SP (TCG Opal Security Mode Only) This CO role for TCG Opal Security Mode corresponds to the same named Authority on the Locking SP as defined in Opal SSC [4]. For non-Single User Data Ranges, this role is used to enable/disable Users, create and delete data regions (LBA Ranges), set Data Range attributes, lock/unlock Data Ranges and erase Data Ranges (by zeroizing the MEK with the Cryptographic Erase service). 3.1.1.3 Admins (1-4) in Admin SP (TCG Opal Security Mode Only) This CO role for TCG Opal Security Mode corresponds to the same named Authority on the Admin SP as defined in Opal SSC [4]. This role is disabled by default and can be enabled using SID. Once enabled, this role can invoke the “Exit FIPS Mode” service in TCG Opal Security Mode. 3.1.2 User Roles 3.1.2.1 User (1) – ATA Enhanced Security Mode, Users (1-16) – TCG Opal Security Mode This role can unlock (and also lock) the drive so that an operator can read and write data to the drive. This role can also call the Cryptographic Erase service. When operating in TCG Opal Security Mode, there can be up to 16 separate Users (User IDs) and the role corresponds to the same named TCG Authority on the Locking SP. The Locking SP Admin role enables Users and assigns them read/write/erase access to non- Single User Data Ranges. 3.1.2.2 Master (ATA Enhanced Security Mode Only) This role corresponds to the same named role as defined in ATA [8]. This role only provides a backup authentication to the ATA User and does not have access to administration services beyond those of the ATA User role.   CMS Products  10  3.1.3 Unauthenticated Role This role can perform the Show Status service. If the operator has physical access to the drive, this role can also reset the module with a power cycle (which results in POSTs) as well as configure the jumper block to control the interface speed between the host and drive (a non-security relevant service). This role can also use the public PSID value to invoke the “Exit FIPS Mode” service. 3.2 Authentication 3.2.1 Authentication Type Operator authentication is role-based. For example, the Drive Owner role has its own unique ID and PIN. For some services the authentication is performed in a separate associated service; e.g. the Read Unlock service is the authentication for subsequent User Data Read service. If the User Data Read service is attempted without prior authentication then the command will fail. For authentication using the TCG interface, the operator and PIN can be provided in the StartSession method itself. Alternatively, an operator may use the Authenticate method to authenticate to a role after a Session has been started. Authentications will persist until the session is closed. 3.2.2 Authentication in ATA Enhanced Security Mode In ATA Enhanced Security Mode, Master and User operator authentication is provided through a PIN provided in the ATA Security command [8]. In the event of authentication failure, the ATA command will abort, and subsequent read/write services will abort. A password attempt counter is implemented as specified in ATA, which when reached, blocks Master/User service authentication (with command abort), until the module is reset (Unblock PIN service). Depending on a parameter of the Set PIN service for the User password, the User services may or may not be fully extended to the Master role. If the Master Password Capability is set to “High”, then either role can access the same services. Otherwise the Master role only has access to the erase service. Drive Owner authentication for the Set PIN and Enable/Disable FW Download services is provided through the TCG StartSession or Authenticate to Admin SP. 3.2.3 Authentication in TCG Opal Security Mode Operator authentication is provided via the TCG StartSession or Authenticate methods. The host application can have only a single session open at a time. During a session the application can invoke services for which the authenticated operator has access control. Note that a security rule of the CM is that the host must not authenticate to more than one operator (TCG authority) in a session. For some services the host application will authenticate to the “Anybody” authority which does not have a private credential. Therefore these operations are effectively unauthenticated services.   CMS Products  11  3.2.4 Authentication Mechanism, Data and Strength Operator authentication with PINs is implemented by hashing the operator input value and comparing it to the stored hash of the assigned PIN. The PINs have a retry attribute (“TryLimit”) that controls the number of unsuccessful attempts before the authentication is blocked until a module reset. The PINs have a maximum length of 32 bytes. Per the policy security rules, the minimum PIN length is 4 bytes (Rule 4 in Section 7.1). This gives a probability of 1/232 of guessing the PIN in a single random attempt. This easily meets the FIPS 140 authentication strength requirements of less than 1/1,000,000. Each authentication attempt takes 15ms on average to complete. This means that approximately {(60*1000)/15} attempts can be made in one minute. Thus the probability of multiple random attempts to succeed in one minute is about 4000/232. This is significantly lower than the FIPS requirement of 1/100,000. 3.2.5 Personalizing Authentication Data The initial value for SID is a manufactured value (mSID). This is a device-unique, 32-byte, public value. The Security Rules (Section 7) for the CM requires that the PIN values must be “personalized” to private values using the “Set PIN” service. Note that for ATA Enhanced Security Mode, setting the User PIN also sets the Drive Owner PIN to the same value; the Drive Owner PIN can be set to a different value with the TCG Set Method.   CMS Products  12  4.0 Access Control Policy 4.1 Services The following tables represent the FIPS 140 services for each FIPS Approved Mode in terms of the Approved Security Functions and operator access control. Note the following: Use of the services described below is only compliant if the module is in the noted Approved mode. Underlying security functions used by higher level algorithms are not represented (e.g. hashing as part of asymmetric key) Operator authentication is not represented in this table. Some security functions listed are used solely to protect / encrypt keys and CSPs. Service input and output details are defined by the TCG and ATA standards. Unauthenticated services (e.g. Show Status) do not provide access to private keys or CSPs. Some services have indirect access control provided through enable / disable or lock / unlock services used by an authenticated operator; e.g. User data read / write. If the Operator value contains “optional” then the access is dependent on the module setup (see 3.2.2). Table 1.1 - FIPS 140 Authenticated Services – ATA Enhanced Security Mode Service Name Description Operator Security Command(s)/Event(s) Access Function Control Set PIN Change operator Master*, Hashing ATA SECURITY SET authentication data. User*, Drive PASSWORD, TCG Set Note: Setting the User PIN Owner Method also sets the Drive Owner PIN. Lock / Unlock Enable / Disable FW Drive Owner* None TCG Set Method FW Download Download Service Firmware Load complete firmware None** Asymmetric ATA DOWNLOAD Download image. If the self-test of the Key MICROCODE code load passes then the device will run with the new code. Unlock User Enable user data User Symmetric ATA SECURITY UNLOCK Data read/write and Set PIN (optional. Key (to services. Master) unwrap MEK) User Data Encryption / decryption of None* Symmetric ATA Read / Write Read / Write user data. Key Commands Cryptographic Erase user data through Master, User RNG ATA SECURITY ERASE Erase cryptographic means: by PREPARE + ATA zeroizing the encryption SECURITY ERASE UNIT key and the User PIN.   CMS Products  13  Note: CM will enter uninitialized state. Exit FIPS Exit ATA Enhanced User* RNG, ATA SECURITY Mode Security Mode. (optional. Hashing, DISABLE PASSWORD Note: CM will enter Master*) Symmetric ATA SECURITY uninitialized state. Key ERASE PREPARE + SECURITY ERASE UNIT   Table 1.2 - FIPS 140 Unauthenticated Services – ATA Enhanced Security Mode Service Description Operator Security Command(s)/Event(s) Name Access Function Control Unblock PIN Reset Master and User None None POR password attempt counter. Show Status Reports if CM satisfies rule None None ATA IDENTIFY DEVICE of Secure Initialization Word 128 Bit 1 = 1 (Section 7.1). (Security Enabled) Reset Runs POSTs and zeroizes None None POR Module key & CSP RAM storage. Disable Disables ATA Security None* None ATA SECURITY FREEZE Services commands until POR LOCK Exit FIPS Exit ATA Enhanced None (using None TCG Mode Security Mode. PSID) AdminSP.RevertSP() Note: CM will enter uninitialized state. FIPS 140 Reports FIPS 140 Revision, None None ATA TRUSTED RECEIVE Compliance Overall Security Level, Protocol 0 Descriptor Hardware and Firmware versions, and Module name   *Security has to be Unlocked **FW Download Port has to be Unlocked Table 2.1 - FIPS 140 Authenticated Services – TCG Opal Security Mode Service Name Description Operator Access Security Command(s)/Event(s) Control Function Set PIN Change operator Locking SP Hashing TCG Set Method authentication data. Admin1-4, User1- Note: Locking SP Admins 16 (unless can set PINs for any non- previously SUDR User or Locking SP disabled by Admin. “Disable User Set PIN”), Drive Owner   CMS Products  14  Disable User Disable a non-SUDR Locking SP None TCG Set Method Set PIN User’s ability to change its Admin 1-4 own PIN. Enable / Enable / Disable Single Locking SP None TCG Reactivate Method Disable Single User Data Range (SUDR) Admin1-4 User Data classification for a data Range range (SUDR) Lock / Unlock Enable / Disable FW Drive Owner None TCG Set Method FW Download Download Service Firmware Load complete firmware None** Asymmetri ATA DOWNLOAD Download image. If the self-test of c Key MICROCODE the code load passes then the device will run with the new code. Enable / Enable / Disable an Admin Drive Owner None TCG Set Method Disable Admin SP Admin. SP Admin(s) Enable / Enable / Disable a Locking Locking SP None TCG Set Method Disable SP Admin or non-SUDR Admin1-4 Locking SP User Authority. Admin(s), non- SUDR User(s) Set Range Set the location, size, Locking SP None TCG Set Method Attributes for locking and User access Admin1-4 non-SUDR rights of the non-SUDR. Set Range Set the location and size, User1-16 (if User None TCG Set Method Geometry for of the SUDR. Ownership), SUDR Locking SP Admin1-4 (if Admin Ownership), Lock / Unlock Block or allow read User1-16, None TCG Set Method, ATA User Data (decrypt) / write (encrypt) Locking SP SECURITY UNLOCK Range for of user data in a range. Admin1-4 (for Read and/or non-SUDRs) Write User Data Encryption / decryption of None* Symmetric ATA Read / Write Read / Write user data to/from a LBA Key Commands range. Access control to this service is provided through Lock / Unlock User Data Range. Cryptographic Erase user data in a non- User1-16, RNG, TCG GenKey Method Erase of non- Single User Data Range Locking SP Symmetric SUDR by cryptographic means: Admin1-4 Key changing the encryption key. Cryptographic Erase user data in a Locking SP RNG, TCG Erase Method   CMS Products  15  Erase of Single User Data Range Admin1-4 Symmetric SUDR by cryptographic means: Key User1-16 TCG GenKey Method, changing the encryption TCG Erase Method key. Exit FIPS Exit TCG Opal Security Drive Owner RNG, TCG Mode Mode. Hashing, LockingSPObj.Revert(), Note: CM will enter Symmetric TCG uninitialized state. Key AdminSPObj.Revert() Admin SP TCG Admin1-4 AdminSPObj.Revert() Locking SP TCG Admin1-4 LockingSP.RevertSP() *Data Range has to be Unlocked **FW Download Port has to be Unlocked Table 2.2 - FIPS 140 Unauthenticated Services – TCG Opal Security Mode Service Name Description Operator Security Command(s)/Event(s) Access Control Function Unblock PIN Resets password attempt None None POR counters. Show Status Reports if CM satisfies rule# None None TCG Level 0 Discovery. 3 of Secure Initialization Drive Security Life Cycle (Section 7.1 ) State = 0x80 (Use State) AND TCG Get Method on SecurityOperatingMode in Admin SP = 0x02 Reset Module Runs POSTs and zeroizes None None POR keys & CSPs in RAM FIPS 140 Reports FIPS 140 Revision, None None ATA TRUSTED RECEIVE Compliance Overall Security Level, Protocol 0 Descriptor Hardware and Firmware versions, and Module name DRBG Returns a SP800-90 DRBG None None TCG Random() Generate Random Number of 32 Bytes bytes Exit FIPS Exit TCG Opal Security None (using None AdminSP.RevertSP() Mode Mode. PSID) AdminSPObj.Revert() Note: CM will enter uninitialized state.   4.2 Non-FIPS Mode Services In the non-FIPS Approved mode (i.e. uninitialized state), the module supports the following services: Services required to transition the CM to FIPS-Approved modes of operation. Services related to firmware update. Services related to unauthenticated encryption/decryption of user data. Services related to cryptographic erase of user data. Module reset.   CMS Products  16  Services related to status reporting. All cryptographic algorithms used in FIPS-Approved operating modes are also available in non-FIPS Approved mode (i.e. uninitialized state). 4.3 Cryptographic Keys and CSPs The following table defines the keys / CSPs and the operators / services which use them. Note the following: The use of PIN CSPs for authentication is implied by the operator access control. The Set PIN service is represented in this table even though generally it is only used at module setup. All non-volatile storage of keys and CSPs is in the system area of the drive media to which there is no logical or physical access from outside of the module. The module uses SP 800-90 DRBG and adopts Hash_DRBG mechanism. Non-critical security parameters are not represented in this table. Read access of private values is internal only to the CM and are thus not represented in this table. There is no security-relevant audit feature. Table 3 - Key Management Name Mode Description Type (Pub Operator Services Used In Access (ATA / / Priv, key / Role (W, TCG / CSP (e.g. X)** Both) PIN)), size SID (Security Both Auth. Data Private, Drive Set PIN W Identifier), PIN, 32 Owner aka Drive bytes Owner PIN Master, User ATA Auth. Data Private, None Set PIN W Passwords PIN, 32 (subject to bytes unlocked) Master, Unlock User X User Data Master, Cryptographic X User Erase Master, Exit FIPS Mode X User Master, User ATA MEK mixed with Private, Master, Unlock User X MEK PINs AES Key, User Data 256 bits Locking SP TCG Locking SP Private, Locking SP Set PIN W Admin1-4 Admins Auth. PIN, 32 Admins Passwords Data bytes Admin SP TCG Admin SP Admins Private, Admin SP Set PIN W Admin1-4 Auth. Data PIN, 32 Admins Passwords bytes User1-16 TCG Users Auth. Data Private, Locking SP Set PIN W Passwords PIN, 32 Admins, bytes Users   CMS Products  17  LBA Range TCG MEK mixed with Private, Locking SP Unlock User X MEKs MEKEK AES Key, Admins, Data 256 bits Users Entropy Input Both Input to a DRBG Private, None Services which X String mechanism of a 520 bytes use the RNG string of bits that (e.g; contains entropy* cryptographic erase) Seed Both String of bits that Private, None Services which X is used as input to Hash use the RNG a DRBG seed, 544 (e.g. mechanism* bytes cryptographic erase) Internal State Both Collection of Private, V None Services which X stored information and C uses the RNG about DRBG (e.g. instantiation* cryptographic erase) ORG0-0 - Both Firmware Load Public, Drive FW Download X ORG0-3 Test Signature RSA Key, Owner Verify Key 2048 bits (enable FW download) MEKEK TCG Media Encryption Private, Locking SP Unlock User X Key Encryption AES Key, Admins, Data Key 256 bits Users   * Source: Section 4 Terms and Definitions of NIST Special Publication 800-90 ** W - Write access is allowed, X - Execute access is allowed   CMS Products  18  5.0 Physical Security 5.1 Mechanisms The CM has the following physical security:  Production-grade components with standard passivation  Opaque, tamper-evident, security label on the exposed (back) side of the PCBA applied by Seagate manufacturing prevents electronic design visibility and protects physical access to the electronics by board removal  Tamper-evident security labels applied by Seagate manufacturing prevent HDA cover removal for access or visibility to the media  Exterior of the drive is opaque  The tamper-evident labels cannot be penetrated or removed and reapplied without tamper-evidence  The tamper-evident labels cannot be easily replicated with a low attack time Covered Screws   Overlap HDA  Overlap Motor Hub   Security labels on side of drive to provide tamper-evidence of HDA cover removal   CMS Products  19  5.2 Operator Requirements The operator is required to inspect the CM periodically for one or more of the following tamper evidence:  Checkerboard pattern on security label or substrate  Security label over screws at indicated locations is missing or penetrated,  Text (including size, font, orientation) on security label does not match original,  Security label cutouts do not match original.   CMS Products  20   Scrapes, scratches or discoloration on the side rail or PCB edge (red circles). Note that the tamper evidence can be more easily seen if the operator pushes down on the PCB.       CMS Products  21     PCB looks deformed and does not sit evenly. Next two pictures illustrate a tampered drive, outlined in Red, as compared to the un-tampered drive, outlined in Green. Upon discovery of tamper evidence, the module should be removed from service. 6.0 Operational Environment The FIPS 140-2 Area 6 Operational Environment requirements are not applicable because the CM operates in a “non-modifiable operational environment”. That is, while the module is in operation the operational environment cannot be modified and no code can be added or deleted. FW can be upgraded (replaced) with a signed FW download operation. If the code download is successfully authenticated then the module will begin operating with the new code image.   CMS Products  22  7.0 Security Rules 7.1 Secure Initialization The CM does not change mode across module resets. However, certain operations can result in exiting the FIPS Approved mode. In some of these exit scenarios (e.g. POST failure), the drive cannot be restored to FIPS mode and does not provide any FIPS services. The following are the security rules for initialization and operation of the CM in a FIPS 140 Approved manner. Reference the appropriate sections of this document for details. COs: At receipt of the product examine the shipping packaging and the product packaging to ensure it has not been accessed during shipping by the trusted courier. COs and Users (either mode): At installation and periodically examine the physical security mechanisms for tamper evidence. Transition the CM to one of the Security Operating Modes by doing one of the following: ATA Enhanced Security Mode: User Set PIN. TCG Opal Security Mode: Drive Owner executes Activate method on Locking SP COs and Users: At installation, set all operator PINs applicable for the FIPS mode to private values of at least 4 bytes length: ATA Enhanced Security Mode: Master and User. Drive Owner (optional). TCG Opal Security Mode: Drive Owner, Admins and Users COs (Locking SP Admins) for TCG Opal Security Mode: Set ReadLockEnabled and WriteLockEnabled to “True” on at least one data range and it must not be modified. Drive Owner: At installation, disable the “Makers” authority. At installation, the value of LockOnReset for FW Download must be set to “Power Cycle” and it must not be modified. After secure initialization is complete, do a power-on reset to clear authentications established during initialization. At the end of these steps, the CM will be in a FIPS Approved Mode of operation. 7.2 Ongoing Policy Restrictions Prior to assuming a new role, close the current Session and start a new Session, or do a power-on reset, so that the previous authentication is cleared. 8.0 Mitigation of Other Attacks Policy The CM does not make claims to mitigate against other attacks beyond the scope of FIPS 140-2.    CMS Products  23