HGST Ultrastar® SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD FIPS 140-2 Cryptographic Module Non-Proprietary Security Policy Protection of Data at Rest Version: 1.7 2016-08-18 Copyright 2016, HGST, a Western Digital company Public Material - May be reproduced only in its original entirety [without revision] HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD Contents 1 Module Overview .................................................................................................................................................... 4 1.1 Models..................................................................................................................................................................................... 4 1.2 Security Level ......................................................................................................................................................................... 5 2 Modes of Operation ................................................................................................................................................ 5 2.1 FIPS Approved Mode of Operation.................................................................................................................................. 5 2.2 Approved Algorithms .......................................................................................................................................................... 6 3 Ports and Interfaces ................................................................................................................................................. 6 4 Identification and Authentication Policy .............................................................................................................. 7 4.1 Cryptographic Officer .......................................................................................................................................................... 7 4.1.1 Secure ID (SID) Authority ............................................................................................................................................................... 7 4.1.2 EraseMaster Authority ...................................................................................................................................................................... 7 4.2 User ......................................................................................................................................................................................... 7 4.3 Anybody ................................................................................................................................................................................. 7 4.4 Maker ...................................................................................................................................................................................... 8 5 Access Control Policy ............................................................................................................................................. 9 5.1 Roles and Services................................................................................................................................................................. 9 5.2 Unauthenticated Services ................................................................................................................................................... 10 5.3 Definition of Critical Security Parameters (CSPs) ......................................................................................................... 11 5.4 Definition of Sensitive Security Parameters ................................................................................................................... 12 5.5 SP800-132 Key Derivation Function Affirmations ....................................................................................................... 12 5.6 Definition of CSP Modes of Access ................................................................................................................................ 12 6 Operational Environment .................................................................................................................................... 14 7 Security Rules.......................................................................................................................................................... 14 7.1 Invariant Rules..................................................................................................................................................................... 14 7.2 Initialization Rules .............................................................................................................................................................. 15 7.3 Zeroization Rules ................................................................................................................................................................ 16 8 Physical Security Policy ......................................................................................................................................... 16 8.1 Mechanisms.......................................................................................................................................................................... 16 8.1.1 Hardware version (0003) ................................................................................................................................................................ 16 8.2 Operator Responsibility ..................................................................................................................................................... 17 8.2.1 Hardware version (0003) ................................................................................................................................................................ 17 9 Mitigation of Other Attacks Policy ..................................................................................................................... 18 10 Definitions .............................................................................................................................................................. 18 11 Acronyms ................................................................................................................................................................ 19 12 References ............................................................................................................................................................... 20 12.1 NIST Specifications ........................................................................................................................................................ 20 12.2 Trusted Computing Group Specifications .................................................................................................................. 20 12.3 International Committee on Information Technology Standards T10 Technical Committee Standards ........ 21 12.4 HGST Documents .......................................................................................................................................................... 21 12.5 SCSI Commands ............................................................................................................................................................. 21 FIPS 140- 2 Security Policy Page 2 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD Tables Table 1 - Ultrastar SSD800/1600 TCG Enterprise SDD Models ......................................................................... 5 Table 2 - Module Security Level Specification .......................................................................................................... 5 Table 3 - FIPS Approved Algorithms ........................................................................................................................ 6 Table 4 - Ultrastar SSD800/1600 Pins and FIPS 140-2 Ports and Interfaces ..................................................... 7 Table 5 - Roles and Required Identification and Authentication ........................................................................... 8 Table 6 - Authentication Mechanism Strengths........................................................................................................ 9 Table 7 - Authenticated CM Services ....................................................................................................................... 10 Table 8 - Unauthenticated Services........................................................................................................................... 11 Table 9 - CSPs and Private Keys............................................................................................................................... 11 Table 10 - Sensitive Security Parameters ................................................................................................................. 12 Table 11 - CSP Access Rights within Roles & Services ......................................................................................... 14 Table 12 - SCSI Commands ...................................................................................................................................... 23 Figures Figure 1 Cryptographic Boundary Hardware Version (0003) ................................................................................. 4 Figure 2 Large Tamper-Evident Label on Top Surface ........................................................................................ 16 Figure 3 - Lift top label ............................................................................................................................................... 17 Figure 4 - Left side shows tamper. Right side shows no tamper. ....................................................................... 17 FIPS 140- 2 Security Policy Page 3 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD 1 Module Overview HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSDs, hereafter referred to as “Ultrastar SSD800/1600” or “the Cryptographic Module” are multi-chip embedded Cryptographic Modules. They comply with FIPS 140-2 Level 2 security. They also comply with the Trusted Computing Group (TCG) SSC: Enterprise Specification. The drive enclosure is the cryptographic boundary. Figure 1 Cryptographic Boundary Hardware Version (0003) 1.1 Models The Ultrastar SSD800/1600 is available in several models that vary in performance and storage capacities. Table 1 enumerates the models and characteristics, which include the hardware and firmware versions. Model Number Capacity Firmware Version Description (Hardware Version) (GB) D326, D327, D370, K326, K370, SSD800MH.B, 2.5", 12 Gb/s, SAS, High HUSMH8080BSS205 (0003) 800 P326, P33G, P344, P370, Q4CB Endurance D326, D327, D370, K326, K370, SSD800MH.B, 2.5", 12 Gb/s, SAS, High HUSMH8040BSS205 (0003) 400 P326, P33G, P344, P370, Q4CB Endurance D326, D327, D370, K326, K370, SSD800MH.B, 2.5", 12 Gb/s, SAS, High HUSMH8020BSS205 (0003) 200 P326, P33G, P344, P370, Q4CB Endurance D326, D327, D370, K326, K370, SSD800MH.B, 2.5", 12 Gb/s, SAS, High HUSMH8010BSS205 (0003) 100 P326, P33G, P344, P370, Q4CB Endurance D326, D327, D370, K326, K370, SSD1600MM, 2.5", 12 Gb/s, SAS, HUSMM1616ASS205 (0003) 1600 P326, P33G, P344, P370, Q4CB Mainstream Endurance D326, D327, D370, K326, K370, SSD1600MM, 2.5", 12 Gb/s, SAS, HUSMM1680ASS205 (0003) 800 P326, P33G, P344, P370, Q4CB Mainstream Endurance D326, D327, D370, K326, K370, SSD1600MM, 2.5", 12 Gb/s, SAS, HUSMM1640ASS205 (0003) 400 P326, P33G, P344, P370, Q4CB Mainstream Endurance D326, D327, D370, K326, K370, SSD1600MM, 2.5", 12 Gb/s, SAS, HUSMM1620ASS205 (0003) 200 P326, P33G, P344, P370, Q4CB Mainstream Endurance HUSMR1619ASS235 (0003) 1920 R1C0 SSD1600MR, 2.5", 12 Gb/s, SAS, Read Intensive, 3DW/D HUSMR1619ASS205 (0003) 1920 G192, R192 SSD1600MR, 2.5", 12 Gb/s, SAS, Read Intensive, 1DW/D D326, D327, D370, K326, K370, SSD1600MR, 2.5", 12 Gb/s, SAS, Read HUSMR1616ASS205 (0003) 1600 P326, P33G, P344, P370, Q4CB Intensive D326, D327, D370, K326, K370, SSD1600MR, 2.5", 12 Gb/s, SAS, Read HUSMR1610ASS205 (0003) 1000 P326, P33G, P344, P370, Q4CB Intensive D326, D327, D370, K326, K370, SSD1600MR, 2.5", 12 Gb/s, SAS, Read HUSMR1680ASS205 (0003) 800 P326, P33G, P344, P370, Q4CB Intensive FIPS 140- 2 Security Policy Page 4 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD Model Number Capacity Firmware Version Description (Hardware Version) (GB) D326, D327, D370, K326, K370, SSD1600MR, 2.5", 12 Gb/s, SAS, Read HUSMR1650ASS205 (0003) 500 P326, P33G, P344, P370, Q4CB Intensive D326, D327, D370, K326, K370, SSD1600MR, 2.5", 12 Gb/s, SAS, Read HUSMR1640ASS205 (0003) 400 P326, P33G, P344, P370, Q4CB Intensive D326, D327, D370, K326, K370, SSD1600MR, 2.5", 12 Gb/s, SAS, Read HUSMR1625ASS205 (0003) 250 P326, P33G, P344, P370, Q4CB Intensive Table 1 - Ultrastar SSD800/1600 TCG Enterprise SDD Models 1.2 Security Level The cryptographic module meets all requirements applicable to FIPS 140-2 Level 2 Security. FIPS 140-2 FIPS 140-2 Security Requirements Section Security Level Achieved Cryptographic Module Specification 2 Module Ports and Interfaces 2 Roles, Services and Authentication 2 Finite State Model 2 Physical Security 2 Operational Environment N/A Cryptographic Key Management 2 EMI/EMC 2 Self-Tests 2 Design Assurance 2 Mitigation of Other Attacks N/A Table 2 - Module Security Level Specification 2 Modes of Operation 2.1 FIPS Approved Mode of Operation The Cryptographic Module has a single FIPS Approved mode of operation. The Cryptographic Module enters FIPS Approved Mode after successful completion of the Initialize Cryptographic service instructions. The FIPS mode bit is set to 1 after the Crypto Officer executes the Set Makers.Enabled = FALSE instruction. The Cryptographic Officer shall not enable the Maker Authority after the cryptographic module enters FIPS Approved mode. If the Cryptographic Officer enables the Maker Authority after the module enters FIPS Approved mode the Cryptographic Officer must also zeroize the module by executing the TCG Revert Method. The Cryptographic Officer shall not exercise the Disable Zeroize service after the cryptographic module enters FIPS Approved mode. FIPS 140- 2 Security Policy Page 5 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD The chapter titled FIPS 140 Cryptographic Officer Instructions within the Ultrastar SSD800MH.B SSD1600MM SSD1600MR Product Manual provides information on how to execute the Initialize Cryptographic service as well as the TCG Revert Method. 2.2 Approved Algorithms The cryptographic module supports the following FIPS Approved algorithms. All algorithms and key lengths comply with NIST SP 800-131A. CAVP FIPS Approved Algorithm Certificate SP800-90A CTR-DRBG 302 Hardware AES ECB-128,256, XTS-128, 2561 Encryption and Decryption 2067 Note: XTS is used for storage applications only. XTS-128 was tested but is not used. AES ECB-256 2365 Encryption, Decryption and Key Wrap RSA 2048 PSS Verify 1220 SHA-256 2037 HMAC-SHA-256 1468 Used in SP 800-132 KDF SP800-132 KDF Vendor Affirmed Table 3 - FIPS Approved Algorithms The Cryptographic Module supports the following non-Approved but Allowed algorithms:  Hardware NDRNG for seeding the Approved SP800-90A DRBG. The NDRNG provides a minimum of 256 bits of entropy for key generation. 3 Ports and Interfaces Table 4 below identifies its ports and interfaces of the cryptographic module. A maintenance access interface is not provided. FIPS 140-2 Interface Cryptographic Module Ports Power Power connector Control Input SAS connector, Serial connector Status Output SAS connector, Serial connector Data Input SAS connector, Serial connector Data Output SAS connector, Serial connector 1 The length of data unit for XTS-AES does not exceed 220 blocks. FIPS 140- 2 Security Policy Page 6 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD Table 4 - Ultrastar SSD800/1600 Pins and FIPS 140-2 Ports and Interfaces The SAS (Serial Attached SCSI) connector is an industry defined standard [SAS], and the Serial connector is a two wire port, signal and ground. The Serial Connector is enabled only at HGST facilities; it is disabled before the Cryptographic Module is delivered to customers. 4 Identification and Authentication Policy The cryptographic module enforces the following FIPS140-2 operator roles. 4.1 Cryptographic Officer 4.1.1 Secure ID (SID) Authority This TCG authority initializes the cryptographic module. Section 11.3.1 of the TCG Storage Security Subsystem Class: Enterprise Specification defines this role. 4.1.2 EraseMaster Authority This TCG authority can selectively zeroize bands within the cryptographic module. Section 11.4.1 of the TCG Storage Security Subsystem Class: Enterprise Specification defines this role. It may also disable User roles and erase LBA bands (user data regions). 4.2 User User roles correspond to Bandmaster Authorities. Section 11.4.1 of the TCG Storage Security Subsystem Class: Enterprise Specification provides a definition. They are authorized to lock/unlock and configure LBA bands (user data regions) and to issue read/write commands to the SED. The TCG EraseMaster authority can disable Users. 4.3 Anybody Services are provided that do not require authentication. With one exception, these do not disclose, modify, or substitute Critical Security Parameters, use an Approved security function, or otherwise affect the security of the Cryptographic Module. The excepted service is the Generate Random service, which provides output from an instance of the SP800-90A DRBG. FIPS 140- 2 Security Policy Page 7 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD 4.4 Maker For failure analysis purposes, Out-of-scope services are available to the vendor to configure and perform failure analysis within the vendor’s facilities after the cryptographic module exits FIPS Approved mode. Maker is disabled when the Cryptographic Officer invokes the Initialize Cryptographic Module service. The following table maps TCG authorities to FIPS 140-2 roles. Authentication TCG Authority Description Authentication Data Type A Cryptographic Officer role that CO Identity (TCG SID SID Authority initializes the Cryptographic Module Role-based Authority) and PIN (TCG and authorizes Firmware download. SID Authority PIN) A Cryptographic Officer role that CO Identity (TCG zeroizes Media Encryption keys and EraseMaster Authority) and EraseMaster Role-based disables Users. PIN (TCG EraseMaster PIN) A User role that controls read/write User Identity (TCG BandMasterN access to LBA Bands. BandMaster Authority) and Role-based PIN (TCG BandMaster (N = 0 to 3) PIN) A role that does not require Anybody Unauthenticated N/A authentication. A TCG Authority which is not User Identity (TCG Maker available upon completion of the Role-based Maker Authority) and Initialize Cryptographic Module (Disabled) PIN (HGST Maker PIN) service Table 5 - Roles and Required Identification and Authentication The cryptographic module enforces role separation by requiring a role identifier and an authentication credential (Personal Identification Number or PIN). FIPS 140- 2 Security Policy Page 8 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD Authentication Mechanism Mechanism Strength TCG Credentials are 256 bits, which provides 2256 possible TCG Credential (PIN) values. The probability that a random attempt succeeds is 1 chance in 2256 (approximately 8.64 x 10-78) which is significantly less than 1/1,000,000 (1 x 10-6). Multiple, successive authentication attempts can only occur sequentially (one at a time) and only when the failed authentication Tries count value does not exceed the associated TriesLimit value. Any authentication attempt consumes at least approximately 750 microseconds. Hence, at most, approximately 80,000 authentication attempts are possible in one minute. Thus, the probability that a false acceptance occurs a one minute interval is approximately 6.91 x 10-73 which is significantly less than 1 chance in 100,000 (1 x 10-5). Table 6 - Authentication Mechanism Strengths 5 Access Control Policy 5.1 Roles and Services Service Description Role(s) Initialize Cryptographic Cryptographic Officer provisions the Cryptographic CO Module from organizational policies Module (SID Authority) Authenticate Input a TCG Credential for authentication CO, Users, Maker (SID Authority, EraseMaster, BandMasters) Lock/Unlock Firmware Deny/Permit access to Firmware Download service CO Download Control (SID Authority) Firmware Download Load and verify by RSA2048 an entire firmware image. CO If the new self-tests complete successfully, the SED (SID executes the new code. The Firmware Download Authority) Control shall be unlocked before Firmware can be downloaded. Disable Zeroize Disable TCG Revert method CO (SID Authority) FIPS 140- 2 Security Policy Page 9 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD Service Description Role(s) Set Write data structures; access control enforcement CO, Users, occurs per data structure field. PINs can be changed Maker using this service. (SID Authority, EraseMaster, BandMasters) Set TCG Credential Inputs authentication data and replaces stored hashed CO, Users PIN data. (SID Authority, EraseMaster), (BandMasters) Set LBA Band Set the starting location, size, and Users (BandMasters) attributes of a set of contiguous Logical Blocks Lock/Unlock Deny/Permit access to a LBA Band Users LBA Band (BandMasters) Set Data Store Write a stream of bytes to unstructured storage Users (BandMasters) Erase LBA Band Band cryptographic-erasure by changing LBA band CO encryption keys to new values. When the EraseMaster (EraseMaster) erases a LBA band, the TCG Credential is set to the default value. Set Vendor Data A Non-Approved service that is unavailable after the Maker Initialize Cryptographic Module service completes Table 7 - Authenticated CM Services 5.2 Unauthenticated Services The cryptographic module provides these unauthenticated services: Service Description Reset Module Power on Reset Self-Test The CM performs self-tests when the module powers up. Status Output TCG (IF-RECV) protocol Get FIPS Mode TCG ‘Level 0 Discovery’ method outputs the FIPS mode of the Cryptographic Module. Start Session Start TCG session End Session End a TCG session by clearing all session state Generate Random TCG Random method generates a random number from the SP800-90A DRBG FIPS 140- 2 Security Policy Page 10 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD Service Description Get Reads a data structure Get Data Store Read a stream of bytes from unstructured storage Zeroize TCG Revert method to return the Cryptographic Module to its original manufactured state; authentication data (PSID) is printed on the external label SCSI [SCSI Core] and [SCSI Block] commands to function as a standardized storage device. See Table 12 - SCSI Commands. Write Data Transform plaintext user data to ciphertext and write in a LBA band Read Data Read ciphertext from a LBA band and output user plaintext data Table 8 - Unauthenticated Services 5.3 Definition of Critical Security Parameters (CSPs) The Cryptographic Module contains the following CSPs. Zeroization of CSPs complies with [SP800-88] media sanitization. Name Type Description PIN - TCG Credential 256-bit authentication Authenticates the Cryptographic Officer (6 total) data and User roles. This is provided as input into the PBKDF. MEK - Media Encryption Key XTS-AES-256 (512 Encrypts and decrypts LBA Bands. bits) (4 total - 1 per LBA band) Note: This key only associated with one key scope. KEK – Key Encrypting Key SP 800-132 PBKDF Keys derived from BandMaster PINs and (256 bits) 256-bit KEK salt which wrap the MEKs (4 total) using an AES Key Wrap. Note: Keys protected by this SP 800-132 PBKDF derived key shall not leave the module NDRNG 256-byte Entropy Entropy source for DRBG output DRBG Internal CTR_DRBG All properties and state associated with state the SP800-90A Deterministic Random Bit Generator Table 9 - CSPs and Private Keys FIPS 140- 2 Security Policy Page 11 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD 5.4 Definition of Sensitive Security Parameters The module contains the following public keys: Key Name Type Description RSAFW RSA 2048 public key Verify firmware download Table 10 - Sensitive Security Parameters 5.5 SP800-132 Key Derivation Function Affirmations  The Cryptographic Module deploys a [SP800-132] Key Derivation Function (KDF). The Cryptographic Module tracks TCG Credentials (PINs) by hashing a 256-bit salt and User PIN and storing the SHA256 digest in the Reserved Area.  The cryptographic module complies with SP800-132 Option 2a.  KEKs (SP800-132 Master Keys) derive from passing a User PIN and 256-bit salt though an SP800- 132 KDF. The cryptographic module creates a unique KEK for each LBA Band.  Each salt is a random number generated using the [SP800-90A] DRBG.  Each KEK has a security strength of 128-bits against a collision attack.  Security policy rules set the minimum User PIN length at 32 bytes. The cryptographic module allows values from 0x00 to 0xFF for each byte of the User PIN.  The upper bound for the probability of guessing a User PIN is 1/2256.  The difficulty of guessing the User PIN is equivalent to a brute force attack.  The sole use of the KEKs is to wrap and unwrap the Media Encryption Keys (MEKs). 5.6 Definition of CSP Modes of Access Table 11 defines the relationship between access to Critical Security Parameters (CSPs) and the different module services. The modes of access shown in the table are defined as:  G = Generate: The Cryptographic Module generates a CSP from the SP800-90A DRBG, derives a CSP with the Key Derivation Function or hashes authentication data with SHA-256.  E = Execute: The module executes using the CSP.  W = Write: The Cryptographic Module writes a CSP. The write access is performed after the Cryptographic Module generates a CSP.  Z = Zeroize: The Cryptographic Module zeroizes a CSP. FIPS 140- 2 Security Policy Page 12 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD Type of CSP Service CSPs and Keys Access CO PIN and E,W User PIN and E,W Initialize Cryptographic Module DRBG and E KEK and G MEK G,W CO PIN or E Authenticate User PIN E Lock/Unlock Firmware Download Control CO PIN E CO PIN and E Firmware Download RSAFW E Disable Zeroize CO PIN E CO PIN or E Set User PIN or E Maker PIN E CO PIN or W Set TCG Credential User PIN W Set LBA Band User PIN E User PIN and E Lock/Unlock LBA Band KEK and G MEK E Write Data MEK E Read Data MEK E Set Data Store User PIN E CO PIN and E Erase LBA Band KEK and G MEK Z,G,W NDRNG and E Self-Test DRBG W Reset Module None Status Output None Get FIPS mode None Start Session None End Session None Generate Random DRBG E Get Data Store None Set Vendor Data None FIPS 140- 2 Security Policy Page 13 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD Type of CSP Service CSPs and Keys Access PSID and E CO PIN and W User PIN and W Zeroize DRBG and G KEK and G MEK Z,G,W SCSI None Table 11 - CSP Access Rights within Roles & Services 6 Operational Environment The Cryptographic Module operating environment is non-modifiable. While the Cryptographic Module is operational, the environment cannot be modified; the code working set cannot be added, deleted, or modified. Firmware can be upgraded (replaced in entirety) with an authenticated download service. If the download operation is successfully authorized and verified, then the Cryptographic Module will begin operating with the new code working set. 7 Security Rules The Ultrastar SSD800/1600 enforces applicable FIPS 140-2 Level 2 security requirements. This section documents the security rules that the Cryptographic Module enforces. 7.1 Invariant Rules  The Cryptographic Module supports two distinct types of operator roles: Cryptographic Officer and User. The module also supports an additional role, the Maker role. Initialization disables the Maker role.  Cryptographic Module power cycles clear all existing authentications.  When the Cryptographic Module has successfully completed self-tests and has been initialized, it is in FIPS mode, and the FIPS mode indicator is set to 1.  When the module is unable to authenticate TCG Credentials, operators do not have access to any cryptographic service other than the unauthenticated Generate Random service.  The Crypto Officer shall not activate the Disable Zeroize service.  The cryptographic module performs the following tests. Upon failure of any test, the Cryptographic Module enters a soft error state; the error condition is reported via the [SCSI] protocol. Functional commands are not permitted until a reset or power on reset occurs. 1) Power up Self-Tests a) Firmware Integrity 32-bit EDC b) Hardware AES Encrypt/Decrypt KATs (Known Answer Tests) c) Firmware AES Encrypt/Decrypt KATs d) RSA Verify KAT FIPS 140- 2 Security Policy Page 14 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD e) SHA-256 KAT f) DRBG Health Test g) DRBG KAT h) HMAC-SHA-256 KAT 2) Conditional Tests a) Continuous Random Number Generator test is performed on the DRBG and the hardware NDRNG entropy source. b) Firmware Download Check using RSA 2048 with SHA-256.  An operator can command the module to perform the power-up self-test by power cycling the device.  If a power-up self-tests fails, the drive will report a UEC that shows which test failed. After reporting the failure data, the drive will transition to a soft error state.  Power-up self-tests do not require operator action.  Data output is inhibited during key generation, self-tests, zeroization, and error states.  Status information does not contain CSPs or sensitive data that if misused, could compromise the module.  There are no restrictions on which plaintext keys or CSPs the zeroization service deletes.  The module does not support a maintenance interface or maintenance role.  The module does not support manual key entry.  The module does not have any external input/output devices used for entry/output of data.  The module does not output plaintext CSPs.  The module does not output intermediate key values.  The module does not support concurrent operators.  The End Session service deletes the current operator authentication. The Cryptographic Module requires operators to re-authenticate upon execution of the End Session service.  The Cryptographic Officer shall not enable the Maker Authority after the cryptographic module enters FIPS Approved mode.  The Crypto Officer shall assure that all host issued User PINs are 32-bytes in length. 7.2 Initialization Rules The Cryptographic Officer shall follow the instructions in Section 18.17 FIPS140 Cryptographic Officer Instructions of the Ultrastar SSD800MH.B SSD1600MM SSD1600MR Product Manual and the Delivery & Operation (Cryptographic Officer’s) Manual for acceptance and end of life procedures. Acceptance instructions include:  Establish authentication data for the TCG Authorities  Establish the LBA Bands, which causes the Cryptographic Module to generate Media Encryption Keys FIPS 140- 2 Security Policy Page 15 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD  Disable Maker Authority  Lock the Firmware Download service control 7.3 Zeroization Rules Zeroization is performed by the Cryptographic Officer with the TCG Revert Method. Revert includes zeroization of all Critical Security Parameters:  Operator authentication data (CO PIN, User PIN)  Key Encryption Key  Media Encryption Keys  NDRNG state  DRBG state 8 Physical Security Policy 8.1 Mechanisms The Cryptographic Module does not make claims in the Physical Security area beyond FIPS 140-2 Security Level 2. Figure 2 Large Tamper-Evident Label on Top Surface 8.1.1 Hardware version (0003)  All components are production-grade materials with standard passivation.  The enclosure is opaque.  Engineering design satisfies opacity requirements.  Tamper-evident sealant is applied to screw heads by HGST during manufacturing.  The tamper-evident sealant cannot be penetrated or removed and reapplied without evidence of tampering. FIPS 140- 2 Security Policy Page 16 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD 8.2 Operator Responsibility The Cryptographic Officer and/or User shall inspect the Cryptographic Module enclosure for evidence of tampering a minimum of once a year. If signs of tamper are detected, the module should be returned to HGST, Inc. 8.2.1 Hardware version (0003) To inspect tamper evidence, the Cryptographic Officer and/or User shall: 1. Lift the top label as shown Figure 3. 2. Inspect the four screws for evidence of tampering as shown in Figure 4. Inspection includes both visual and mechanical methods. In the absence of tampering, the sealant shall show no visible disturbance and shall adhere to the screw when touched. Figure 3 - Lift top label Figure 4 - Left side shows tamper. Right side shows no tamper. FIPS 140- 2 Security Policy Page 17 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD 9 Mitigation of Other Attacks Policy The Cryptographic Module is not designed to mitigate any attacks beyond FIPS 140-2 Security Level 2 requirements. 10 Definitions  Allowed: NIST approved, i.e., recommended in a NIST Special Publication, or acceptable, i.e., no known security risk as opposed to deprecated, restricted and legacy-use. [SP800-131A] for terms  Anybody: A formal TCG term for a role that is not authenticated. [TCG Core]  Approved: [FIPS140] approved or recommended in a NIST Special Publication.  Approved mode of operation: A mode of the cryptographic module that employs only Approved security functions. [FIPS140]  Authenticate: Prove the identity of an Operator or the integrity of an object.  Authorize: Grant an authenticated Operator access to a service or an object.  Confidentiality: A cryptographic property that sensitive information is not disclosed to unauthorized parties.  Credential: A formal TCG term for data that is used to authenticate an Operator. [TCG Core]  Critical Security Parameter (CSP): Security-related information (e.g., secret and private cryptographic keys, and authentication data such as credentials and PINs) whose disclosure or modification can compromise the security of a cryptographic module. [FIPS140]  Cryptographic Boundary: An explicitly defined continuous perimeter that establishes the physical bounds of a cryptographic module and contains all the hardware, software, and/or firmware components of a cryptographic module. [FIPS140]  Cryptographic key (Key): An input parameter to an Approved cryptographic algorithm  Cryptographic Module: The set of hardware, software, and/or firmware that an implement Approved security functions and is contained within the cryptographic boundary. [FIPS140]  Cryptographic Officer: An Operator performing cryptographic initialization and management functions. [FIPS140]  Ciphertext: Encrypted data transformed by an Approved security function.  Data at Rest: User data residing on the storage device media where the storage device is powered off.  Discovery: A TCG method that provides the properties of the TCG device. [TCG Enterprise]  Integrity: A cryptographic property that sensitive data has not been modified or deleted in an unauthorized and undetected manner.  Interface: A logical entry or exit point of a cryptographic module that provides access to the cryptographic module for logical information flows. [FIPS140]  Key Derivation Function (KDF): An Approved cryptographic algorithm by which one or more keys are derived from a shared secret and other information.  Key Encrypting Key (KEK): A cryptographic key that is used to encrypt or decrypt other keys.  Key management: The activities involving the handling of cryptographic keys and other related security parameters (e.g., authentication data) during the entire life cycle of the Cryptographic Module.  Key Wrap: An Approved cryptographic algorithm that uses a KEK to provide Confidentiality and Integrity.  LBA Band: A formal [TCG Core] term that defines a contiguous logical block range (sequential LBAs) to store encrypted User Data; bands do not overlap and each has its own unique encryption key and other settable properties. FIPS 140- 2 Security Policy Page 18 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD  Method: A TCG command or message. [TCG Core]  Manufactured SID (MSID): A unique, default value that vendors assign to each SED during manufacturing; it is typically printed on an external label and is readable with the TCG protocol; it is the initial and default value for all TCG credentials. [TCG Core]  Operator: A consumer, either human or automation, of cryptographic services that is external to the Cryptographic Module. [FIPS140]  Personal Identification Number (PIN): A formal TCG term designating a string of octets that is used to authenticate an identity. [TCG Core]  Plaintext: Data that is not encrypted.  Port: A physical entry or exit point of a cryptographic module that provides access to the Cryptographic Module for physical signals. [FIPS140]  Public Security Parameters (PSP): Public information whose modification can compromise the security of the cryptographic module (e.g., a public key of a key pair).  Read Data: An external request to transfer User Data from the SED. [SCSI Block]  Reserved Area: Private data on the Storage Medium that is not accessible outside the Cryptographic Boundary.  Session: A formal TCG term that envelops the lifetime of an Operator’s authentication. [TCG Core]  Security Identifier (SID): A TCG authority used by the Cryptographic Officer. [TCG Core]  Self-Encrypting Drive (SED): A storage device that provides data storage services.  Storage Medium: The non-volatile, persistent storage location of a SED; it is partitioned into two disjoint sets, a User Data area and a Reserved Area.  User: An Operator that consumes cryptographic services. [FIPS140]  User Data: Data that is transferred from/to a SED using the Read Data and Write Data commands. [SCSI Block]  Write Data: An external request to transfer User Data to a SED. [SCSI Block]  Zeroize: Invalidate a Critical Security Parameter. [FIPS140] 11 Acronyms  CO: Cryptographic Office [FIPS140]  CSP: Critical Security Parameter [FIPS140]  DRBG: Deterministic Random Bit Generator  DRAM: Dynamic Random Access Memory  HDD: Hard Disk Drive  EMI: Electromagnetic Interference  FIPS: Federal Information Processing Standard  KAT: Known Answer Test  LBA: Logical Block Address  MEK: Media Encryption Key  MSID (Manufactured Security Identifier): a public, drive-unique value that is created during manufacturing and is used as default PIN credential values  NDRNG: Non-deterministic Random Number Generator that is the source of entropy for the DRBG  NIST: National Institute of Standards and Technology  PIN: Personal Identification Number FIPS 140- 2 Security Policy Page 19 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD  PSID (Physical Security Identifier): a SED unique value that is printed on the Cryptographic Module’s label and is used as authentication data and proof of physical presence for the Zeroize service  PSP: Public Security Parameter  SAS: Serial Attached SCSI  SCSI: Small Computer System Interface  SED: Self encrypting Drive  SID: TCG Security Identifier, the authority representing the Cryptographic Module owner  TCG: Trusted Computing Group  UEC: Universal Error Code  XTS: A mode of AES 12 References 12.1 NIST Specifications  [AES] Advanced Encryption Standard, FIPS PUB 197, NIST, 2001, November  [DSS] Digital Signature Standard, FIPS PUB 186-4, NIST, 2013, July  [FIPS140] Security Requirements for Cryptographic Modules, FIPS PUB 140-2, NIST, 2002 December  [HMAC] The Keyed-Hash Message Authentication Code, FIPS PUB 198-1, 2007 June  [SHA] Secure Hash Standard (SHS), FIPS PUB 180-4, NIST, 2015, August  [SP800-38E] Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices, SP800-38E, NIST, 2010 January  [SP800-38F] Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping, NIST, 2012 December  [SP800-57] Recommendation for Key Management – Part I General (Revision 4), NIST, 2016 January  [SP800-88] Guidelines for Media Sanitization (Revision 1), NIST, 2014 December  [SP800-90A] Recommendation for Random Number Generation Using Deterministic Random Bit Generators, NIST, 2012 Jan  [SP800-131A] Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths Revision 1), NIST, 2015 November  [SP800-132] Recommendation for Password-Based Key Derivation, NIST, 2010 December 12.2 Trusted Computing Group Specifications  [TCG Core] TCG Storage Architecture Core Specification, Version 2.0 Revision 1.0 (April 20, 2009)  [Enterprise] TCG Storage Security Subsystem Class: Enterprise Specification, Version 1.00 Revision 3.00 (January 10, 2011)  [TCG App Note] TCG Storage Application Note: Encrypting Storage Devices Compliant with SSC: Enterprise, Version 1.00 Revision 1.00 Final  [TCG Opal] TCG Storage Security Subsystem Class: Opal Specification, Version 2.00 Final Revision 1.00 (February 24, 2012) FIPS 140- 2 Security Policy Page 20 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD 12.3 International Committee on Information Technology Standards T10 Technical Committee Standards  [SCSI Core] SCSI Primary Commands-4 Rev 15 (SPC-4)  [SCSI Block] SCSI Block Commands Rev15 (SBC-3)  [SAS] Serial Attached SCSI-2 Rev 13 (SAS-2) 12.4 HGST Documents  HGST Ultrastar SSD800/1600 SSD Product Specification, (October 22, 2014)  Delivery & Operation (Cryptographic Officer) Manual, version 0.6 (Nov, 31 2014)  Ultrastar SSD800MH.B SSD1600MM SSD1600MR Product Manual v1.7, (June 10, 2015), http://www.hgst.com/sites/default/files/resources/US_SSD800MH.B_1600MM_1600MR_ProdMa nual.pdf 12.5 SCSI Commands Description Code FORMAT UNIT 04h INQUIRY 12h LOG SELECT 4Ch LOG SENSE 4Dh MODE SELECT 15h MODE SELECT 55h MODE SENSE 1Ah MODE SENSE 5Ah PERSISTENT RESERVE IN 5Eh PERSISTENT RESERVE OUT 5Fh PRE-FETCH (16) 90h PRE-FETCH (10) 34h READ (6) 08h READ (10) 28h READ (12) A8h READ (16) 88h READ (32) 7Fh/09h READ BUFFER 3Ch READ CAPACITY (10) 25h READ CAPACITY (16) 9Eh/10h READ DEFECT DATA 37h FIPS 140- 2 Security Policy Page 21 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD Description Code READ DEFECT DATA B7h READ LONG (16) 9Eh/11h READ LONG 3Eh REASSIGN BLOCKS 07h RECEIVE DIAGNOSTICS RESULTS 1Ch RELEASE 17h RELEASE 57h REPORT DEVICE IDENTIFIER A3h/05h REPORT LUNS A0h REPORT SUPPORTED OPERATION CODES A3h/0Ch REPORT SUPPORTED TASK MANAGEMENT A3h/0Dh FUNCTIONS REQUEST SENSE 03h RESERVE 16h RESERVE 56h REZERO UNIT 01h SANITIZE 48h SEEK (6) 0Bh SEEK (10) 2Bh SEND DIAGNOSTIC 1Dh SET DEVICE IDENTIFIER A4h/06h START STOP UNIT 1Bh SYNCHRONIZE CACHE (10) 35h SYNCHRONIZE CACHE (16) 91h TEST UNIT READY 00h UNMAP 42h VERIFY (10) 2Fh VERIFY (12) AFh VERIFY (16) 8Fh VERIFY (32) 7Fh/0Ah WRITE (6) 0Ah WRITE (10) 2Ah FIPS 140- 2 Security Policy Page 22 of 23 HGST Ultrastar SSD800MH.B, SSD1600MM and SSD1600MR TCG Enterprise SSD Description Code WRITE (12) AAh WRITE (16) 8Ah WRITE (32) 7Fh/0Bh WRITE AND VERIFY (10) 2Eh WRITE AND VERIFY (12) AEh WRITE AND VERIFY (16) 8Eh WRITE AND VERIFY (32) 7Fh/0Ch WRITE BUFFER 3Bh WRITE LONG (10) 3Fh WRITE LONG (16) 9Fh/11h WRITE SAME (10) 41h WRITE SAME (16) 93h WRITE SAME (32) 7Fh/0Dh Table 12 - SCSI Commands FIPS 140- 2 Security Policy Page 23 of 23