SPYRUS USB-3 MODULE FIPS 140-2 Non-Proprietary Security Policy Revision: 1.3 This document may be freely reproduced and distributed whole and intact, including this copyright notice. SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy Copyright © 2014-2015 SPYRUS, Inc. All rights reserved. SPYRUS Document number: 554-490001-04 This document is provided only for informational purposes and is accurate as of the date of publication. This document may be copied subject to the following conditions: • All text must be copied without modification and all pages must be included. • All copies must contain the SPYRUS copyright notices and any other notices provided herein. Trademarks SPYRUS, the SPYRUS logos, SPYCOS, Rosetta, Rosetta Micro®, are either registered trademarks or trademarks of SPYRUS, Inc. in the United States and/or other countries. All other trademarks are the property of their respective owners. Patents Rosetta Authentication Products including SPYCOS®, Rosetta Micro®, the Rosetta® Series II Smart Cards and USB Security Devices, Rosetta SDHC™ Card, Rosetta MicroSD Memory Card, may be covered by one or more of the following patents: U.S. Patent No. 6,088,802 and U.S. Pat. No. 6,981,149. SPYRUS, Inc i All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy Contents 1 INTRODUCTION ........................................................................................................... 1 1.1 SPYRUS USB-3 Module Overview .............................................................................. 1 1.2 SPYRUS USB-3 Module Implementation ..................................................................... 1 1.3 SPYRUS USB-3 Module Cryptographic Boundary ...................................................... 2 1.4 Approved Mode of Operation ........................................................................................ 5 1.5 FIPS 140-2 Security Levels ........................................................................................... 7 2 PORTS AND INTERFACES ............................................................................................ 8 3 ROLES AND SERVICES ................................................................................................ 9 3.1 Services .......................................................................................................................... 9 4 IDENTIFICATION AND AUTHENTICATION ................................................................ 14 4.1 Initialization Overview ................................................................................................ 14 4.2 Authentication .............................................................................................................. 14 4.3 Strength of Authentication ........................................................................................... 15 4.3.1 Obscuration of Feedback ......................................................................................... 16 4.3.2 Non-weakening Effect of Feedback ........................................................................ 16 4.3.3 Generation of Random Numbers ............................................................................. 16 5 KEY MANAGEMENT.................................................................................................. 17 5.1 CSP Management......................................................................................................... 17 5.2 Public Key Management Parameters ........................................................................... 17 5.3 CSP Access Matrix ...................................................................................................... 17 5.4 Destruction of Keys and CSPs ..................................................................................... 20 6 SETUP AND INITIALIZATION ..................................................................................... 21 7 PHYSICAL SECURITY ................................................................................................ 21 8 SELF-TESTS .............................................................................................................. 22 9 MITIGATION OF OTHER ATTACKS........................................................................... 23 10 APPENDIX A: CRITICAL SECURITY PARAMETERS AND PUBLIC KEYS ................... 24 SPYRUS, Inc ii All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy 1 Introduction This Security Policy specifies the security rules under which the SPYRUS USB-3 Module operates. Included in these rules are those derived from the security requirements of FIPS 140-2 and additionally, those imposed by SPYRUS, Inc. These rules, in total, define the interrelationship between: 1. Operators, 2. Services, and 3. Critical Security Parameters (CSPs). 1.1 SPYRUS USB-3 Module Overview The SPYRUS USB-3 Module enables security critical capabilities such as operator authentication, message privacy, integrity, authentication, and non- repudiation; and secure storage, all within a hard, opaque, tamper-evident potting material and a strong aluminum metal enclosure. The SPYRUS USB-3 Module communicates with a host computer via the ports/interfaces defined in Table 2-1 below. 1.2 SPYRUS USB-3 Module Implementation The SPYRUS USB-3 Module is implemented as a multiple-chip standalone cryptographic module as defined by FIPS 140-2. The hardware platform physical embodiment contains multiple IC chips interconnected and physically protected by a hard opaque potting material covering all ICs and internal circuitry and a strong aluminum metal enclosure. All Interfaces have been tested and are compliant with FIPS 140-2. Product Identification (including unique part number) for the SPYRUS USB-3 Module is shown in the table below: Table 1-1 SPYRUS USB-3 Module Product Identification Form Factor Capacity Part Number FW Version USB-3 SPYRUS Secure Portable Workplace 32GB SFP100000-1 3.0.2 USB-3 SPYRUS Secure Portable Workplace 64GB SFP100000-2 3.0.2 USB-3 SPYRUS Secure Portable Workplace 128GB SFP100000-3 3.0.2 USB-3 SPYRUS Secure Portable Workplace 256GB SFP100000-4 3.0.2 USB-3 SPYRUS WorkSafe Pro 32GB SFP200000-1 3.0.2 USB-3 SPYRUS WorkSafe Pro 64GB SFP200000-2 3.0.2 USB-3 SPYRUS WorkSafe Pro 128GB SFP200000-3 3.0.2 USB-3 SPYRUS WorkSafe Pro 256GB SFP200000-4 3.0.2 SPYRUS, Inc 1 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy USB-3 SPYRUS Pocket Vault P-3X 32GB SFP300000-1 3.0.2 USB-3 SPYRUS Pocket Vault P-3X 64GB SFP300000-2 3.0.2 USB-3 SPYRUS Pocket Vault P-3X 128GB SFP300000-3 3.0.2 USB-3 SPYRUS Pocket Vault P-3X 256GB SFP300000-4 3.0.2 1.3 SPYRUS USB-3 Module Cryptographic Boundary The Cryptographic Boundary is defined to be the physical perimeter of the SPYRUS USB-3 Module and the metal enclosure it is embedded in (see Figure 3). No hardware or firmware components that comprise the SPYRUS USB-3 Module are excluded from the requirements of FIPS 140-2. Figure 1 SPYRUS USB-3 Module (32GB) Note: the cap is not part of the module’s cryptographic boundary SPYRUS, Inc 2 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy Figure 2 SPYRUS USB-3 Module (64GB) Note: the cap is not part of the module’s cryptographic boundary Figure 3 SPYRUS USB-3 Module (128GB) Note: the cap is not part of the module’s cryptographic boundary SPYRUS, Inc 3 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy Figure 4 SPYRUS USB-3 Module (256GB) Note: the cap is not part of the module’s cryptographic boundary SPYRUS, Inc 4 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy NDRNG Input Function Call Security Response SCSI/CCID Controller Output EEPROM Controller HOST RAM Ciphertext NAND FLASH Storage Cryptographic Boundary Figure 5 Block Diagram of the SPYRUS USB-3 Module 1.4 Approved Mode of Operation The module only operates in an Approved mode of operation. The SPYRUS USB-3 Module Approved mode of operation is comprised of the SPYRUS USB-3 Module command set. Approved mode of operation commands which are successfully completed will return a standard success return code. The Error return codes are dependent upon the cause of the failure. Services available under the approved mode of operations are detailed in Table 3-1 of this Security Policy. SPYRUS, Inc 5 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy The SPYRUS USB-3 Module supports the following FIPS 140-2 Approved algorithms: Table 1-2 SPYRUS USB-3 Module Approved Algorithms Approved Algorithms Certificate # Encryption & Decryption Three-Key Triple-DES 1772 AES (128-bit, 192-bit, 256-bit key) 3028 AES XTS (128-bit, 256-bit) 3406 Digital Signatures and Key Generation ECDSA (key generation, signature generation and 578 signature verification) [P-256, P-384, P-521] RSA (key generation, signature generation and 1611 signature verification) Message Authentication Code 1913 HMAC (Minimum 112 bit key) Hash SHA-1, SHA-224, SHA-256, SHA-384, SHA-512 2529 Key Agreement / Key Establishment CVL (Section 5.7.1.2: ECC CDH Primitive) [P-256, P- 419 384, P-521] KAS [P-256, P-384, P-521] 52 KTS (AES KW with 128-bit, 192-bit, 256-bit key) 3115 Key Derivation KBKDF (SP 800-108 KDF) 54 Approved Deterministic Random Bit Generator SP 800-90A DRBG 658 Approved ECDSA (Cert. #578). The Digital Signature will provide between 128- bits to 256-bits of equivalent computational resistance to attack depending upon the size of the curves that are used (P-256, P-384, P-521). Approved RSA (Cert. #1611). The Digital Signature with a 2048 key size will provide 112 bits of equivalent computational resistance to attack. Approved SP800-56A, Section 5.7.1.2: ECC CDH Primitive (Cert. #419). The key establishment process will provide between 128-bits to 256-bits of equivalent computational resistance to attack depending upon the size of the ECC CDH curves that are used (P-256, P-384, P-521). Approved KAS ECC (Cert. #52). The key establishment process will provide between 128-bits to 256-bits of equivalent computational resistance to attack depending upon the size of the keys that are used (P-256, P-384, P-521). SPYRUS, Inc 6 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy Approved KTS (Cert. #3115; key establishment methodology provides between 128 and 256 bits of encryption strength). The following services are available as “non-Approved” algorithms but allowed: Table 1-3 SPYRUS USB-3 Module Non-Approved but allowed Algorithms Algorithms RNG HW NDRNG (Only used for seeding Approved SP800-90A DRBG) Key Wrap & Unwrap RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength) 1.5 FIPS 140-2 Security Levels The SPYRUS USB-3 Module complies with the requirements for FIPS 140-2 validation to the levels defined in Table 1-4. The FIPS 140-2 overall rating of the SPYRUS USB-3 Module is Level 3. Table 1-4 FIPS 140-2 Certification Levels FIPS 140-2 Category Level 1. Cryptographic Module Specification 3 2. Cryptographic Module Ports and Interfaces 3 3. Roles, Services, and Authentication 3 4. Finite State Model 3 5. Physical Security 3 6. Operational Environment N/A 7. Cryptographic Key Management 3 8. EMI/EMC* 3 9. Self-tests 3 10. Design Assurance 3 11. Mitigation of Other Attacks N/A Overall Security Level 3 *Note: The SPYRUS USB-3 Module conforms to Level 3 EMI/EMC requirements specified by 47 Code of Federal Regulations, Part 15, Subpart B, Class B. SPYRUS, Inc 7 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy 2 Ports and Interfaces The pin configuration of the SPYRUS USB-3 Module’s USB physical receptacle interface is shown in Figure 4. The standard USB 3.0 pins form a set of 9 active contact points that comprise the physical ports of the cryptographic module. Table 2-1 shows the mapping of the pins to their functional description and logical interface description. SSTX- SSTX+ GND SSRX+ SSRX- DRAIN 9 7 6 5 8 1 3 2 4 VBUS D+ D- GND Figure 6 USB-3 Receptacle Interface showing head-on view of pin alignment Table 2-1 SPYRUS USB-3 Module Pins and Logical Interfaces Pin Function FIPS 140-2 Logical Interface VBUS Operating voltage Power Interface D- USB 2.0 Data Input/ Output Data Input / Data Output; Control Input; Status (half-duplex) Output D+ USB 2.0 Data Input / Data Input / Data Output; Control Input; Status Output (half-duplex) Output GND Ground for power return Power Interface SSRX- SuperSpeed Receiver Data Input; Control Input SSRX+ SuperSpeed Receiver Data Input; Control Input GND DRAIN Ground for signal return Power Interface SPYRUS, Inc 8 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy SSTX- SuperSpeed Transmitter Data Output; Status Output SSTX+ SuperSpeed Transmitter Data Output; Status Output 3 Roles and Services The SPYRUS USB-3 Module supports two roles, Crypto-officer (CO) and User, and enforces the separation of these roles by restricting the services available to each one. Crypto-officer Role: The Crypto-officer is responsible for initializing the SPYRUS USB-3 Module. Before issuing a SPYRUS USB-3 Module to an end User, the Crypto-officer initializes the SPYRUS USB-3 Module as described in section 6. The Crypto-officer cannot use private keys loaded on the module. The SPYRUS USB-3 Module validates the Crypto-officer identity before accepting any initialization commands. The Crypto-officer is also referred to as the Site Security Officer (SSO) or Administrator. User Role: The User role is available after the SPYRUS USB-3 Module has been loaded with a User personality by the Crypto-Officer. The User can load, generate and use private keys. The SPYRUS USB-3 Module validates the User and SSO identity before access is granted. 3.1 Services The following table (Table 3-1) describes the services provided by the SPYRUS USB-3 Module. The User/SSO column denotes the roles that may execute the service. Table 3-1 SPYRUS USB-3 Module Services Service Description User / SSO AES UNWRAPKEY Supports key export by using the AES unwrap key User process to decrypt a wrapped key data block, and then storing it in the internal key register or the key file. AES WRAPKEY Supports key export by using the AES wrap key User process to encrypt the internal symmetric key data that is transmitted to the host. AUTHENTICATE SECURE Validates the secure channel between the host and User, CHANNEL the module. SSO SPYRUS, Inc 9 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy Service Description User / SSO BLOCK PIN Blocks user PIN access. Resets attempt count for User, the User PIN to zero and prohibits User PIN logon SSO until an UNBLOCK PIN command is executed by the SSO / Administrator role. CHANGE PASSWORD Change the User password or SSO password. User, SSO CHECK PASSWORD User / SSO Inputs a password Phrase to User, authenticate the SSO or the User. SSO A file of type DF, SF, or EF is created 1. CREATE User, SSO DECRYPT Performs a decryption process on the input data User and sets up the plaintext data for retrieval. Supports multiple modes of decryption for user data. DELETE Deletion of a file or directory. User, SSO DIRECTORY Retrieval of directory. User, SSO ECC GENERATE KEY Creates an ECC public/private key pair for User signing/verifying or transport. ECDH COMPUTE SECRET Generates a shared secret, Z, and either returns it User to the caller or caches it for use with the KDF function. ECDSA SIGN Computation of a digital signature using the User ECDSA algorithm using the hash value. ECDSA VERIFY Performs an ECDSA signature verification on the User, provided hash data. The signature is returned SSO using SPYRUS Elliptic Curve RAW encoding. ENCRYPT Performs a symmetric encryption process on the User input data and returns the ciphertext data. Supports multiple modes of encryption for user data. Get Response must be issued to retrieve the data. ENVELOPE Sends the APDU commands through the secure User, channel established previously between the host SSO and the SPYCOS 3.0 QFN module. The session key is generated during the secure channel establishment (see Manage Secure Channel). The encryption mode used is the AES CBC mode. EXTEND Extension of the length of a file or directory. User, SSO FIPS_INFO Returns a value indicating whether the module is in User, FIPS Mode (1) or not (0). SSO GENERATE HMAC KEY Generates an HMAC key and initializes the User currently selected file for use with the HMAC commands. 1 Refer to ISO/IEC 7816-4 for definition of file types and file system SPYRUS, Inc 10 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy Service Description User / SSO GENERATE IV See Generate Symmetric Key Command User GENERATE RANDOM Generates a random number and also handles the User generation of Initialization Vectors (IVs) and Message Encryption Keys (MEKs). Can be invoked prior to authentication (GET UNAUTHENTICATED RANDOM) GENERATE SYMMETRIC Used to generate Message Encryption Keys User KEY (MEKs). It can also generate random numbers and IVs. GET PUBLIC Retrieves the public key information of an ECC User, key. SSO GET RESPONSE Retrieval of the module response. User, SSO Retrieves firmware version of module. User, GET SPYCOS VERSION SSO GET STATUS Query on the current status of a File. User, SSO HASH FINALIZE Completes the hash operation and returns the User, hash value. SSO HASH INITIALIZE Initializes internal state to prepare for hashing User, operations. SSO HASH PROCESS Optional function called to hash a block of data User, when its length is an even multiple of the hash SSO algorithm block size. HMAC FINALIZE Processes any remaining bytes in the message User and retrieves the HMAC value. HMAC INITIALIZE Generates a HMAC message authentication code. User HMAC PROCESS Processes the message in even multiples of the User hash algorithm’s block size. IMPORT HMAC KEY Imports an HMAC key and initialize the currently User selected file for use with the HMAC commands. Used to generate the K of N authentication shared SSO INIT PIN FILE data to the current selected PIN file. Upon a successful execution of the Init PIN File command, two external shared secrets and two logon PINs are generated with the default values. KDFEXTERNAL Passes the external KDF data to the hash function. User KDFFINAL Completes the generation of the key and queues it User for output to the host. KDFINTERNAL Passes the KDF data found inside the module to User the hash function. KDFSTART Sets up the internal hash engine for hashing the User subsequent data. The hash type is determined by the settings in specified input parameters. LOAD CRYPTOGRAPHIC Supports RSA / ECDSA signature verification or User, DATA RSA Wrap Key operation. SSO LOAD IV See Load Key. See Load Key LOAD KEY An overloaded function that performs Load MEK User SPYRUS, Inc 11 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy Service Description User / SSO (Message Encryption Key), Load IV, or Delete Key. LOAD SECRET Loads one of two authentication codes required for User, K of N logon. This is a prerequisite to changing the SSO Admin/SSO password, User password, or either of the authentication codes. LOCK Disables all operations on this file. The file can still User, be selected and the status information can still be SSO retrieved, but its contents cannot be accessed. MANAGE SECURE Establishes the secure channel between the host User, CHANNEL and the SPYCOS 3.0 QFN module. Specific SSO codes, sent by the host, initialize and terminate the secure channel. READ BINARY Binary read from a file, given the offset and length. User, SSO RSA GENERATE KEYPAIR Creates an RSA key pair to be used for User signing/verifying or transport. The user must have created the RSA keying file (with appropriate access controls) prior to issuing the GENERATE command. RSA SIGN DATA Signing a message or data object using RSA User signature. RSA UNWRAP KEY Enables completion of public key exchange of a User MEK. RSA VERIFY SIGNATURE Verifying an RSA signature on a message. User, SSO RSA WRAP KEY Invocation of an RSA Key wrap service. User SELECT Setting a current file within a logical channel. User, SSO SELF TEST Automatically performed at power-up and can be User, executed on-demand via power cycling the SSO module. SET KEY Setting one of the 3 key pointers to the key User registers to be used for encryption and decryption using the following symmetric encryption algorithms: AES, 3TDES. UNBLOCK PIN Used by an SSO to restore User PIN logon access. SSO UNLOCK Enable a previously Locked file. User, SSO Update of the data in the currently selected EF 2 UPDATE BINARY User, with the data provided. SSO XAUTH ENROLL Set up the shared symmetric key for use with the User, challenge and response authentication process. SSO XAUTH EXTERNAL Submits the encrypted result of the challenge data User, AUTHENTICATION retrieved from the XAUTH Get Challenge SSO command. 2 Refer to ISO/IEC 7816-4 for definition of file types SPYRUS, Inc 12 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy Service Description User / SSO XAUTH GET CHALLENGE Establishes the challenge and response User, authentication process by first requesting the SSO random challenge for the current session. The resulting challenge data is output to the host to calculate the encrypted response for use in comparison with the XAUTH External Authentication command. ZEROIZE Zeroization of the module. Performed using User, DELETE FILE with recursive argument. SSO CCID_Mount Mounts or un-mounts the encrypted drive. User CCID_SetAdminSettings Sets the Admin Settings of the initialized USB 3.0 SSO device. CCID_FirmwareUpdate Loads new firmware and verifies the signature. SSO Authenticated_SCSI_Read Reading operations to the encrypted compartment User Authenticated_SCSI_Write Writing operations to the encrypted compartment User In addition to the services listed above in table 3-1, the following non-security relevant services may be executed while the operator is unauthenticated: • CREATE • DELETE • DIRECTORY • EXTEND • FIPS INFO • GET UNAUTHENTICATED RANDOM • GET RESPONSE • GET SPYCOS VERSION • GET STATUS • READ BINARY • SELECT • SELF TEST • UPDATE BINARY • CCID_GetIDData • CCID_GetFactorySettings • CCID_GetAdminSettings • USB Mass Storage Commands SPYRUS, Inc 13 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy 4 Identification and Authentication 4.1 Initialization Overview The SPYRUS USB-3 Module is initialized at the factory with a Default SSO Password Phrase. The SSO (Site Security Officer) must change the default value during logon to make the module ready for initialization. During initialization, the module only allows the execution of the commands that are required to complete the initialization process. Before a User can access or operate the module, the SSO must initialize it with the User Password Phrase. The SSO is authorized to log on to the module any time after initialization to change parameters. The module allows 10 consecutive failed SSO logon attempts before it zeroizes all key material and initialization values. In the zeroized state, the SSO must use the Default SSO Password Phrase to log on to the module and must reinitialize all module parameters. A User must log on to a module to access any on-board cryptographic functions. To log on the User must provide the correct User Password Phrase. The module allows 10 consecutive failed logon attempts before it blocks the stored User Password Phrase. User information stored in the module in non-volatile memory remains resident. 4.2 Authentication The SPYRUS USB-3 Module implements identity-based authentication which is accomplished by PIN or Password Phrase 3 entry by the operator. On invocation by the operator, the SPYRUS USB-3 Module waits for authentication of the User or SSO role by entry of a Password Phrase. There is only one User and one SSO Password Phrase allowed per module. Multiple User and SSO accounts are not permitted. The authentication password strength available for each supported role is indicated in Table 4.1 below. Table 4-1 Identification and Authentication Roles and Data Type of Authentication Data Role Authentication (Strength) Crypto-officer Identity-based Password Phrase (6 - 20 (SSO) Bytes) User Identity-based Password Phrase (6 - 20 Bytes) 3 The terms PIN and Password Phrase are used synonymously in this document. SPYRUS, Inc 14 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy Once a valid Password Phrase has been accepted the SPYRUS USB-3 Module cryptographic services may be accessed. The CHECK PASSWORD command includes either the User Password Phrase as a parameter (or) the SSO Password Phrase as a parameter. If successful, either the User or SSO gains access to the module. The SPYRUS USB-3 Module stores the number of logon attempts in non-volatile memory. The count is reset after every successful entry of a User Password Phrase by a User and after every successful entry of the SSO Password Phrase by the SSO. If the User fails to logon to the SPYRUS USB-3 Module in 10 consecutive attempts, the SPYRUS USB-3 Module will zeroize the User Password Phrase, block all of the User Private Keys and Public Keys, block all of the User Key Registers and disallow User access. The SPYRUS USB-3 Module then transitions to a state that is initialized only for the SSO to perform restorative actions. Restorative actions performed by the SSO may include reloading of initialization parameters, unblocking the User Password Phrase, or zeroization of the module. When the SPYRUS USB-3 Module is powered up after a zeroize, it will transition to the Zeroized State, where it will only accept the Default SSO Password Phrase. After the Default SSO Password Phrase has been accepted, the SPYRUS USB-3 Module transitions to the Uninitialized State and must be reinitialized, as described in section 6. 4.3 Strength of Authentication The strength of the authentication mechanism conforms to the following specifications in Table 4-2. The calculations are based on the enforced minimum Password Phrase size of 6 bytes. SPYRUS, Inc 15 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy Table 4-2 Strength of Authentication Authentication Mechanism Strength of Mechanism Single Password-entry attempt / False Acceptance The probability that a random 6-byte Password-entry Rate (using only 93 keyboard characters 4) attempt will succeed or a false acceptance will occur is 1.5456185 x 10-12. The requirement for a single– attempt / false acceptance rate of no more than 1 in 1,000,000 (i.e. less than a probability of 10-6) is therefore met. Multiple Password-entry attempt in one minute There is also a maximum bound of 10 successive failed authentication attempts before zeroization occurs. The probability of a successful attack of multiple attempts in a one minute period is no more than 1.5456185 x 10-11 due to the enforced maximum number of logon attempts. This is less than one in 100,000 (i.e., 1 x10-5), as required. 4.3.1 Obscuration of Feedback Feedback of authentication data to an operator is obscured during authentication (e.g., no visible display of characters result when entering a password). The Password Phrase value is input to the CHECK PASSWORD command as a parameter by the calling application. No return code or pointer to a return value that contains the Password Phrase is provided. 4.3.2 Non-weakening Effect of Feedback Feedback provided to an operator during an attempted authentication shall not weaken the strength of the authentication mechanism. The only feedback provided by the CHECK PASSWORD command is a return code denoting success or failure of the operation. This information in no way affects the probability of success or failure in either single or multiple attacks. 4.3.3 Generation of Random Numbers The Generate Random Number command can be invoked before or after authentication of the user. The SP 800-90A DRBG algorithm is used for all authenticated RNG calls. 4 The character set available for PINs is at least all alphanumeric characters (upper and lower cases) and 31 special keyboard characters comprising the set {~ ! @ # $ % ^ & * ( ) _ + - = { } [ ] | \ : ; ” ’ < , > . ? /}. SPYRUS, Inc 16 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy 5 Key Management 5.1 CSP Management Table 5-1 SPYRUS USB-3 Module CSPs CSP Designation Use ECDSA Private Key The Private Key of the User employed in Elliptic Curve digital signing operations. EC-keypair Used in ECC CDH key agreement. Hash DRBG Seed Used only in generating the initial state of the SP800-90A Hash_DRBG. HMAC Key Used to generate HMAC message authentication code. Message Encryption Key AES Key or Three-Key Triple-DES Key for User data encryption/decryption. (MEK) RSA Private Key for Digital The Private Key of the User employed in RSA digital signing operations. Signatures RSA Private Key for Key The Private Key of the User employed in RSA Key Unwrapping. Establishment Secure Channel Session ECDH / AES key used to encrypt and decrypt Password data transmitted to Key the module. SSO Password Phrase A secret 20-byte value used for SSO authentication. User Password Phrase A secret 20-byte value used for User authentication. Drive Encryption Key A pair of AES-256 keys used for SP 800-38E XTS-AES encryption of User data on the encrypted drive. 5.2 Public Key Management Parameters Table 5-2 SPYRUS USB-3 Module Public Key Management Parameters Key Management Use Parameter ECDSA Public Key The Public Key of the User employed in Elliptic Curve digital signing operations. RSA Public Key for The Public Key of the User employed in RSA digital signature verification Digital Signatures operations. RSA Public Key for The Public Key of the User employed in RSA Key Wrapping. Key Establishment Firmware Load ECDSA P-384 SHA-384 Public Key used for Firmware Loading Public Key 5.3 CSP Access Matrix The following table (Table 5-3) shows the services (see section 3.1) of the SPYRUS USB-3 Module, the roles (see section 3) capable of performing the SPYRUS, Inc 17 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy service, the CSPs (see section 5.1) that are accessed by the service and the mode of access (see next paragraph) required for each CSP. The following convention is used: If only one of the roles applies to the service, that role appears alone. If both roles may execute the service, then “User, SSO” is indicated. If either one (but not the other) then “User or SSO” is indicated. In the last option it is a matter of organizational policy which of the roles may execute the service. Access modes are R (read), W (write) and E (execute). Destruction is represented as a W. Table 5-3 SPYRUS USB-3 Module Access Matrix Service User / SSO Access Type CSP Access AES UNWRAPKEY User R,E AES Secret Key AES WRAPKEY User R,E AES Secret Key AUTHENTICATE SECURE User, R,W,E Secure Channel Session Key CHANNEL SSO BLOCK PIN User, E User Password, SSO Password SSO CHANGE PASSWORD User, W User Password, SSO Password SSO CHECK PASSWORD User, R User Password, SSO Password SSO CREATE User, N/A N/A SSO DECRYPT User R AES/TDES Secret Key DELETE User, N/A N/A SSO DIRECTORY User, N/A N/A SSO ECC GENERATE KEY User W EC-keypair ECDH COMPUTE SECRET User N/A N/A ECDSA SIGN User R ECDSA Private Key ECDSA VERIFY User, R ECDSA Private Key SSO ENCRYPT User R AES/TDES Secret Key ENVELOPE User, R,E Secure Channel Session Key SSO EXTEND User, N/A N/A SSO FIPS_INFO User, N/A N/A SSO GENERATE HMAC KEY User R,E HMAC Key GENERATE IV User N/A N/A GENERATE RANDOM User R HASH DRBG Seed GENERATE SYMMETRIC User W MEK KEY SPYRUS, Inc 18 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy Service User / SSO Access Type CSP Access GET PUBLIC User, N/A N/A SSO GET RESPONSE User, N/A N/A SSO GET SPYCOS VERSION User, N/A N/A SSO GET STATUS User, N/A N/A SSO HASH FINALIZE User, N/A N/A SSO HASH INITIALIZE User, N/A N/A SSO HASH PROCESS User, N/A N/A SSO HMAC FINALIZE User W HMAC Key HMAC INITIALIZE User W HMAC Key HMAC PROCESS User W HMAC Key IMPORT HMAC KEY User R,W HMAC Key SSO R,W User Password, SSO Password INIT PIN FILE KDFEXTERNAL User N/A N/A KDFFINAL User W AES/TDES Secret Key KDFINTERNAL User N/A N/A KDFSTART User N/A N/A LOAD CRYPTOGRAPHIC User, N/A N/A DATA SSO LOAD IV User N/A N/A LOAD KEY User W,D MEK LOAD SECRET User, R User Password, SSO Password SSO LOCK User, N/A N/A SSO MANAGE SECURE User, W,D Secure Channel Session Key CHANNEL SSO READ BINARY User, N/A N/A SSO RSA GENERATE KEYPAIR User W RSA Private Key RSA SIGN DATA User R,E RSA Private Key RSA UNWRAP KEY User R RSA Private Key R MEK RSA VERIFY SIGNATURE User, R,E RSA Private Key SSO RSA WRAP KEY User R, RSA Private Key W,D MEK SELECT User, N/A N/A SSO SELF TEST User, N/A N/A SSO SPYRUS, Inc 19 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy Service User / SSO Access Type CSP Access SET KEY User N/A N/A UNBLOCK PIN SSO W User Password, SSO Password UNLOCK User, N/A N/A SSO UPDATE BINARY User, N/A N/A SSO XAUTH ENROLL User, N/A N/A SSO XAUTH EXTERNAL User, N/A N/A AUTHENTICATION SSO XAUTH GET CHALLENGE User, N/A N/A SSO ZEROIZE User, ECDSA Private Key SSO EC-keypair Hash DRBG Seed HMAC Key Message Encryption Key (MEK) RSA Private Key for Digital Signatures RSA Private Key for Key Establishment Secure Channel Session Key SSO Password Phrase Storage Key User Password Phrase CCID_Mount User N/A N/A CCID_SetAdminSettings SSO N/A N/A CCID_FirmwareUpdate SSO N/A N/A Authenticated_SCSI_Read User R,E Drive Encryption Key Authenticated_SCSI_Write User W,E Drive Encryption Key 5.4 Destruction of Keys and CSPs The module has the ability to destroy all keys and CSPs by a recursive DELETE command. The contents of the file(s) being recursively deleted are erased and over written. Should a power-down occur during the execution of the recursive DELETE, the action of zeroization will resume on a subsequent power-on event, ensuring that access to zeroized information is prevented. SPYRUS, Inc 20 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy 6 Setup and Initialization The uninitialized module has only a root directory with minimal version and manufacturing information in specific files. There is no information pertaining to the User or SSO or their authentication data, such as Passwords, stored on the uninitialized module as shipped to the customer. Initialization of the module is accomplished by setting up a security domain by way of the following actions: • The SSO creates a new application directory on the module; • The SSO creates a PIN file that is associated with the SSO and User; • The SSO initializes the PIN files; • The SSO may optionally set a default Password or set the User Password Phrase: o If the User Password Phrase is set by the SSO, the User will not be able to change their Password. • The SSO uses FIPS_INFO command to confirm FIPS mode The module is now in FIPS mode and operators may logon with the CHECK PASSWORD command. See Section 4.2 for a description of the CHECK PASSWORD process. 7 Physical Security The module is designed to meet FIPS 140-2 Level 3 Security. The Module is designed with physical security mechanisms such that attempts at removal or penetration of the strong aluminum metal enclosure will have a high probability of causing serious damage to the module to the extent that it will no longer function. This is achieved using a hard, opaque, tamper-evident potting material and a strong aluminum metal enclosure. The module hardness testing was only performed at a single temperature and no assurance is provided for Level 3 hardness conformance at any other temperature. Table 7-1 Inspection of Physical Security Mechanisms Physical Security Recommended Frequency of Inspection/Test Guidance Mechanisms Inspections Details Hard, opaque, As often as feasible, based Inspect the cryptographic tamper-evident upon organization security boundary for scratches, potting material policy. scrapes, divots and other SPYRUS, Inc 21 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy Physical Security Recommended Frequency of Inspection/Test Guidance Mechanisms Inspections Details and strong suspicious markings or aluminum metal indicators of malice and enclosure. tampering. If any signs of suspicious activity are observed, return the cryptographic module to SPYRUS. 8 Self-Tests The module performs both power-on and conditional self-tests. The power-on self-tests run automatically when power is restored to the module, without requiring any actions or inputs from the operator. The module performs the following power-on self-tests: • Firmware Integrity Test with 160-bit Error Detection Code and 32-bit checksum • Cryptographic algorithm known answer tests (KAT) for: • Three-key Triple-DES KAT (encrypt) • Three-key Triple-DES KAT (decrypt) • AES KAT (encrypt) • AES KAT (decrypt) • AES-XTS KAT (encrypt) • AES-XTS KAT (decrypt) • ECDSA KAT (sign) • ECDSA KAT (verify) • ECC CDH (Primitive “Z” Computation) KAT • RSA KAT (sign) • RSA KAT (verify) • HMAC (SHA-1, SHA-224, SHA-256, SHA-384, SHA-512) KAT • SP800-90A DRBG KAT • SP800-108 KDF KAT Power cycling allows either the User or SSO to perform any or all of the above tests on demand. The module performs the following conditional tests: SPYRUS, Inc 22 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy • ECDSA Pairwise Consistency Test • ECC CDH Pairwise Consistency Test • RSA Pairwise Consistency Test • Continuous test for Approved SP800-90A DRBG • Continuous test for non-Approved NDRNG • Firmware Load Test: ECDSA P-384 SHA-384 Signature Verification • Bypass test: N/A • Manual key entry test: N/A 9 Mitigation of Other Attacks The module is not claimed to mitigate against any specific attacks outside the scope of FIPS 140-2. Table 9-1 Mitigation of Other Attacks Other Attacks Mitigation Mechanism Specific limitations Not applicable. Not applicable. Not applicable. SPYRUS, Inc 23 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy 10 Appendix A: Critical Security Parameters and Public Keys 1. ECDSA Private Key The Modules supports the following CSPs: - Type: X9.62 - Use: The Private Key of the User employed in Elliptic Curve digital signing operations. - Generation: As per SP800-133 Section 6.1, key generation is performed as per FIPS 186-4 which is an Approved key generation method. - Establishment: N/A - Entry: Encrypted with AES-256 - Output: N/A - Storage: Plaintext; stored in EEPROM - Key-to-Entity: User 2. EC-keypair - Zeroization: Actively overwritten during ZEROIZE service - Type: SP 800-56A - Use: Used in ECC CDH key agreement. - Generation: As per SP800-133 Section 6.2, the random value (K) needed to generate key pairs for the elliptic curve is the output of the SP800-90A DRBG; this is Approved as per SP800-56A. - Establishment: N/A - Entry: Encrypted with AES-256 - Output: N/A - Storage: Plaintext; transient in RAM - Key-to-Entity: User - Zeroization: Actively overwritten after channel closure; actively overwritten during 3. Hash DRBG Seed ZEROIZE service - Type: SP800-90A - Use: Used only in generating the initial state of the SP800-90A DRBG - Generation: Internally generated using the NDRNG - Establishment: N/A - Entry: N/A - Output: N/A - Storage: N/A - Key-to-entity: Process 4. HMAC Key - Zeroization: Actively overwritten during ZEROIZE service - Type: FIPS 198 HMAC Key SPYRUS, Inc 24 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy - Use: Used to generate HMAC message authentication code - Generation: As per SP800-133 Section 7.1, key generation is performed as per the “Direct Generation” of Symmetric Keys which is an Approved key generation method. - Establishment: N/A - Entry: Encrypted with AES-256 - Output: Encrypted with AES-256 - Storage: Plaintext; stored in key register - Key-to-entity: User 5. Message Encryption Key (MEK) - Zeroization: Actively overwritten during ZEROIZE service - Type: AES 128, 192, 256 ECB/CBC/CTR, Three-key Triple-DES ECB/CBC - Use: Used for data encryption - Generation: As per SP800-133 Section 7.1, key generation is performed as per the “Direct Generation” of Symmetric Keys which is an Approved key generation method. - Establishment: N/A - Entry: Encrypted with AES-256 - Output: Encrypted with RSA 2048 - Storage: Plaintext; stored in key register - Key-to-entity: User 6. RSA Private Key for Digital Signature - Zeroization: Actively overwritten during ZEROIZE service - Type: FIPS 186-4 - Use: The Private Key of the User employed in RSA digital signing operations - Generation: As per SP800-133 Section 6.1, key generation is performed as per FIPS 186-4 which is an Approved key generation method. - Establishment: N/A - Entry: Encrypted with AES-256 - Output: N/A - Storage: Plaintext; stored in EEPROM - Key-to-entity: User 7. RSA Private Key for Key Establishment - Zeroization: Actively overwritten during ZEROIZE service - Type: FIPS 186-4 - Use: The Private Key of the User employed in RSA Key Unwrapping - Generation: As per SP800-133 Section 6.2, key generation is performed as per FIPS 186-4; this is an allowed method as per FIPS 140-2 IG D.9 - Establishment: N/A - Entry: Encrypted with AES-256 - Output: N/A - Storage: Plaintext; stored in EEPROM - Key-to-entity: User - Zeroization: Actively overwritten during ZEROIZE service SPYRUS, Inc 25 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy 8. Secure Channel Session Key - Type: AES-256 CBC - Use: AES-256 CBC key used to encrypt and decrypt data transmitted to the module - Generation: N/A - Establishment: ECC CDH key agreement as per SP800-56A; allowed method as per FIPS 140-2 IG D.8 Scenario 1 - Entry: N/A - Output: N/A - Storage: Plaintext; Transient in RAM - Key-to-entity: User - Zeroization: Actively overwritten after channel closure; actively overwritten during 9. SSO Password Phrase ZEROIZE service - Type: 6 - 20 byte Password Phrase - Use: A secret 6 - 20 byte value used for Cyrpto-officer (SSO) authentication that is externally - created by SSO during initialization - Generation: N/A - Establishment: N/A - Entry: Encrypted with AES-256 - Output: N/A - Storage: Plaintext; stored in EEPROM - Zeroization: Actively overwritten when CHECK PASSWORD and CHANGE PASSWORD services are executed by the SSO; actively overwritten during ZEROIZE 10. User Password Phrase service - Type: 6 - 20 byte Password Phrase - Use: A secret 6 - 20 byte value used for User authentication that is externally created by SSO during initialization - Generation: N/A - Establishment: N/A - Entry: Encrypted with AES-256 - Output: N/A - Storage: Plaintext; stored in EEPROM - Zeroization: Actively overwritten when CHECK PASSWORD and CHANGE PASSWORD services are executed by the User; Actively overwritten during ZEROIZE 11. Drive Encryption Key service - Type: AES-XTS - Use: A pair of AES-256 keys used for SP 800-38E AES-XTS encryption of User data on the encrypted drive - Generation: As per SP800-133 Section 7.4, derived using SP800-108 KBKDF - Establishment: N/A SPYRUS, Inc 26 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy - Entry: N/A - Output: N/A - Storage: Plaintext; Transient in RAM and stored in PLX ROM - Zeroization: Actively overwritten during ZEROIZE service 1. ECDSA Public Key: The module supports the following public keys: - Type: X9.62 - Use: The Public Key of the User employed in Elliptic Curve digital signing operations - Generation: As per SP800-133 Section 6.1, key generation is performed as per FIPS 186-4 which is an Approved key generation method - Establishment: N/A - Entry: Encrypted with AES-256 - Output: Encrypted with AES-256 - Storage: Encrypted; stored in EEPROM 2. RSA Public Key for Digital Signatures - Key-to-entity: User - Type: FIPS 186-4 - Use: The Public Key of the User employed in RSA digital signature verification operations - Generation: As per SP800-133 Section 6.1, key generation is performed as per FIPS 186-4 which is an Approved key generation method - Establishment: N/A - Entry: Encrypted with AES-256 - Output: Encrypted with AES-256 - Storage: Encrypted; stored in EEPROM 3. RSA Public Key for Key Establishment - Key-to-entity: User - Type: FIPS 186-4 - Use: The Public Key of the User employed in RSA Key Wrapping - Generation: As per SP800-133 Section 6.2, key generation is performed as per FIPS 186-4; this is an allowed method as per FIPS 140-2 IG D.9 - Establishment: N/A - Entry: Encrypted with AES-256 - Output: Encrypted with AES-256 - Storage: Encrypted; stored in EEPROM 4. Firmware Load Public Key - Key-to-entity: User - Type: X9.62 - Use: ECDSA P-384 SHA-384 Public Key used for Firmware Loading - Generation: N/A; installed during manufacturing - Establishment: N/A SPYRUS, Inc 27 All Rights Reserved SPYRUS, Inc. SPYRUS USB-3 Module FIPS 140-2 Non-Proprietary Security Policy - Entry: N/A - Output: N/A - Storage: Plaintext; Transient in RAM and stored in PLX ROM - Key-to-Entity: Process SPYRUS, Inc 28 All Rights Reserved