Derived Review-Risk Graph (review prompts, not findings)
flowchart LR
%% Deterministic review-risk graph for KIOXIA FIPS TC58NC1132GTC Crypto Sub-Chip
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C1["[high] Firmware / bootloader<br/>versions disclosed<br/>(identity, not provenance)<br/><i>SC02AS</i>"]
C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>Firmware load<br/>Load Firmware</i>"]
C3["[high] Unauthenticated /<br/>self-test / status service<br/>surface<br/><i>Firmware Verification Random Number Generation…</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system</i>"]
end
subgraph Inference["Derived inference"]
I1["Component identity is<br/>disclosed, but provenance<br/>and patch lineage are not."]
I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
I3["Some services may process<br/>input before, or without,<br/>operator authentication."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R1["Do the vendor version<br/>strings obscure the<br/>upstream baseline, fork<br/>lineage, or known-CVE<br/>exposure?"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E1["SBOM / component baselines<br/>· patch and backport<br/>manifest · CVE disposition"]
E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C1 --> I1 --> R1 --> E1
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C1,C2,C3,C6 clue;
class I1,I2,I3,I6 infer;
class R1,R2,R3,R6 risk;
class E1,E2,E3,E6 evidence;Underlying clues
flowchart LR
%% Deterministic clue tier for KIOXIA FIPS TC58NC1132GTC Crypto Sub-Chip
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C1["[high] Firmware / bootloader versions disclosed (identity, not provenance)<br/><i>SC02AS</i><br/>src: certificate.firmwareVersions"]
C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>Firmware load<br/>Load Firmware</i><br/>src: text:keyword"]
C3["[high] Unauthenticated / self-test / status service surface<br/><i>Firmware Verification Random Number Generation…</i><br/>src: securityPolicy.services"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C1,C3 clueHigh;
class C2,C6 clueLow;Security Policy, page by page
KIOXIA FIPS TC58NC1132GTC Crypto Sub-Chip KIOXIA CORPORATION Rev 2.4.0 Oct 27, 2023
Security level
| Name | ISO Section | Level |
|---|
| 1. General | 1. General | 2 |
| 2. Cryptographic Module Specification | 2. Cryptographic Module Specification | 2 |
| 3. Cryptographic Module Interfaces | 3. Cryptographic Module Interfaces | 2 |
| 4. Roles, Services, and Authentication | 4. Roles, Services, and Authentication | 2 |
| 5. Software/Firmware Security | 5. Software/Firmware Security | 2 |
| 6. Operational Environment | 6. Operational Environment | N/A |
| 7. Physical Security | 7. Physical Security | 2 |
| 8. Non-invasive Security | 8. Non-invasive Security | N/A |
| 9. Sensitive Security Parameter Management | 9. Sensitive Security Parameter Management | 2 |
| 10. Self-tests | 10. Self-tests | 2 |
| 11. Life-cycle Assurance | 11. Life-cycle Assurance | 2 |
| 12. Mitigation of Other Attacks | 12. Mitigation of Other Attacks | N/A |
| Overall Level | Overall Level | 2 |
This document explains precise specification of the security rules about KIOXIA FIPS TC58NC1132GTC Crypto Sub-Chip. The Cryptographic Module (CM) meets the requirements of FIPS 140-3 Security Level 2 Overall. The Table below shows the security level detail. N/A N/A N/A Table 1 - Security Levels This document is non-proprietary and may be reproduced in its original entirety. Section 1.1 - Acronyms AES Advanced Encryption Standard CM SSP DRBG Deterministic Random Bit Generator HMAC The Keyed-Hash Message Authentication code KAT Known Answer Test POST Pre-Operational Self-Test CAST Cryptographic Algorithm Self-Test PSID Printed SID SED Self-Encrypting Drive SHA Secure Hash Algorithm SID Security ID TCG Trusted Computing Group LBA Logical Block Address Oct 27, 2023
Approved algorithm
| Name | CAVP Cert | Mode Method | Key Size | Use Function |
|---|
| AES256 (FIPS 197 / SP800-38A) | #C1925 | CBC | Key Size: 256 bits/ Key Strength: 256 bits | Data Encryption/ Decryption |
| SHA256 (FIPS 180-4) | #C1925 | N/A | N/A | Hashing messages |
| Physical single-chip | | The sub-chip cryptographic | | The associated |
|---|
| | subsystem soft circuitry core | | firmware |
| TC58NC1132GTC 0003 | TC58NC1132GTC CRPT module 0001 | | SC02AS | |
Section 2
- Cryptographic Module Specification KIOXIA FIPS TC58NC1132GTC Crypto Sub-Chip (listed in Section2.1 Product Version) is used for solid state drive data security. The CM is a single chip hardware module implemented as a sub-chip compliant with IG 2.3.B in the TC58NC1132GTC 0003 SoC (see Figure 1 in Section 7). Overall Security Rating of the CM is Level2 (See Table 1 in Section 1 for individual security area levels). The CM is embedded in TCG Enterprise compliant solid state drive controllers which provides user data encryption/decryption through build-in HW engines. The CM is responsible for providing key management, access control of stored user data, and various cryptographic algorithm for the solid state drive. The CM has multiple cryptographic services using approved algorithms, but they do not support the degraded operation. The physical boundary of the CM is the TC58NC1132GTC 0003 SoC and the logical boundary of the CM is TC58NC1132GTC CRPT module. The CM has one approved mode of operation and CM is always in approved mode of operation after initial operations are performed (See Section 11). In approved mode, the CM provides services defined in Table 7 in Section 4.2. Section 2.1
- Product Version The CM are validated with the following versions: Table 2 - Cryptographic Module Tested Configuration Section 2.2
- Security Functions The CM executes following approved algorithms: N/A N/A Oct 27, 2023
Approved algorithm
| Name | CAVP Cert | Mode Method | Key Size | |
|---|
| HMAC-SHA256 (FIPS 198-1) | #C1925 | N/A | Key Size: 256 bits/ Key Strength: 256 bits | Message Authentication Code |
| RSASSA-PKCS#1-v1_5 (FIPS 186-4) | #C2009 | N/A | Key Size: 2048 bit/ Key Strength: 112 bits | Signature verification |
| Hash_DRBG (SP800-90A Rev.1) | #C2002 | N/A | Hash based: SHA256 | Deterministic Random Bit Generation |
| KBKDF (SP800-108 Revised) | #C2001 | Counter | MACs: HMAC-SHA256/ Key Size: 256 bits/ Key Strength: 256 bits | Key derivation |
| KTS (IG D.G) | #C1925 | N/A | Combination of AES256 CBC Mode and HMAC-SHA256 / Key Size: 256 bits/ Key Strength: 256 bits | Key Transport Scheme |
| CKG (SP800-133 Rev.2) | Vendor Affirmation | N/A | Methods described in section 4 of the SP800-133 Rev.2 | Cryptographic Key Generation |
| Entropy Source (SP800-90B) | ENT(P) | N/A | N/A | Hardware RNG used to seed the approved Hash_DRBG. |
N/A N/A N/A N/A N/A N/A N/A Table 3 - Approved Algorithm The CM does not implement any Non-Approved Algorithms Allowed in the Approved Mode of Operation. Section 2.3
- Module Configuration Overview block diagram of the CM is shown below. Oct 27, 2023
Ports and interfaces
| Name | Physical Port | Logical Interface | Data That Passes |
|---|
| Mailbox DMAC | Mailbox DMAC | Data Input | Mailbox input parameter. |
| Mailbox DMAC Key Store Register | Mailbox DMAC Key Store Register | Data Output | Mailbox output parameter. Encryption key for use of other functional subsystems. Range information. |
| Mailbox | Mailbox | Control Input | Mailbox command information. |
| Mailbox | Mailbox | Status Output | Mailbox command result. |
| Power PIN | Power PIN | Power Input | Power |
Figure 1
- Configuration of the cryptographic module and peripheral components Components of the CM is shown with gray background include processor and memories (volatile and non-volatile memory) and HW circuitry for cryptographic processing. Physical ports bordering outside the CMʼs boundary and the data passing over them are also indicated (see Section 3 for details on physical ports and interfaces). Section 3
- Cryptographic Module Interface Note 1: Control output is omitted in the table above because the CM does not implement this type of interface. Note 2: Range information includes LBA and Lock state information. Table 4 - Ports and Interface Oct 27, 2023
Service
| Name | Roles | Input | Output |
|---|
| Cryptographic Erase Set PIN (for EraseMaster) | FIPS Crypto Officer (EraseMaster) | Mailbox command | Mailbox command result Exported encryption key Range information |
| Download Port Lock/Unlock Firmware Download1 Set PIN (for SID) | FIPS Crypto Officer (SID) | Mailbox command | Mailbox command result |
| Band Lock/Unlock (for GlobalRange) Set Band Position and Size (for GlobalRange) Set PIN (for BandMaster0) | FIPS Crypto Officer (BandMaster0) | Mailbox command | Mailbox command result Exported encryption key Range information |
| Band Lock/Unlock (for Band1) Set Band Position and Size (for Band1) Set PIN (for BandMaster1) | FIPS Crypto Officer (BandMaster1) | Mailbox command | Mailbox command result Exported encryption key Range information |
| … | … | … | … |
| Band Lock/Unlock (for Band64) Set Band Position and Size (for Band64) Set PIN (for BandMaster64) | FIPS Crypto Officer (BandMaster64) | Mailbox command | Mailbox command result Exported encryption key Range information |
| Firmware Verification Random Number Generation Show Status Zeroisation | None | Mailbox command | Mailbox command result |
| Reset | | Power | N/A |
Sensitive security parameter
| Name | Type | Strength | | Authentication | |
|---|
| EraseMaster | Crypto Officer | 1 / 264 < 1 / 1,000,000 | Role | PIN | 30 / 264 < 1 / 100,000 |
| SID | Crypto Officer | 1 / 264 < 1 / 1,000,000 | Role | PIN | 30 / 264 < 1 / 100,000 |
| BandMaster0 | Crypto Officer | 1 / 264 < 1 / 1,000,000 | Role | PIN | 30 / 264 < 1 / 100,000 |
| BandMaster1 | Crypto Officer | 1 / 264 < 1 / 1,000,000 | Role | PIN | 30 / 264 < 1 / 100,000 |
| … | … | … | … | … | … |
| BandMaster64 | Crypto Officer | 1 / 264 < 1 / 1,000,000 | Role | PIN | 30 / 264 < 1 / 100,000 |
Section 4
- Roles Services and Authentication The relation between Roles and Services in this CM is shown below. … … … … N/A Table 5 - Roles, Service Commands, Input and output Section 4.1
- Roles and Authentication This section describes roles, authentication method, and strength of authentication. … … … … … … Table 6 - Identification and Authentication Policy “Firmware Download” service is controlled by SID role and signature of downloaded external firmware is verified (RSASSA-PKCS#1-v1_5). Oct 27, 2023
Service
| Name | Description | Roles | Csps Accessed | Approved Functions | Access | Indicator |
|---|
| Band Lock/Unlock | Lock or unlock setting for read/ write of user data in a band. | BandMaster0 … BandMaster6 4 | KDK MEKs | KBKDF | E G, R, Z | Mailbox command result |
| HMAC-SHA256 | | | System MAC Key | HMAC-SHA256 | E | |
| Cryptographic Erase | Erase user data (in cryptographic means) by changing the key that derives the data encryption key. | EraseMaster | DRBG Internal Value KDK | CKG (Hash_DRBG) | E G, Z | Mailbox command result |
| KBKDF | | | KDK MEKs | KBKDF | E G, R, Z | |
| HMAC-SHA256 | | | System MAC Key | HMAC-SHA256 | E | |
| AES256-CBC | | | System Enc Key | AES256-CBC | E | |
| KTS | | | KDK | KTS | W, R | |
| Download Port Lock/Unlock | Lock / unlock firmware download. | SID | N/A | N/A | N/A | Mailbox command result |
| Firmware Verification | Digital signature verification for firmware outside the CM. | None | Public Key embedded on the CMʼs code | RSASSA-PKCS#1-v 1_5 | E | Mailbox command result |
| Firmware Download | Download a firmware image3. | SID | PubKey1 | SHA256 | W, E | Mailbox command result |
| RSASSA-PKCS#1-v 1_5 | | | PubKey1 | RSASSA-PKCS#1-v 1_5 | E | |
The CM performs role authentication by comparing whether the PIN entered by the user matches the information stored inside the CM. PINs are hashed with SHA-256 to store them on the CM. The PIN entered by the user is hashed and compared to the stored PIN hash. PINs can be changed by executing the Set PIN Service (see Section4.2) with appropriate roles authenticated. The CM refuses to set a PIN less than 8 bytes, and responds with an error if such a setting is attempted. Therefore, the probability that a random attempt will succeed is 1 / 264 < 1 / 1,000,000 (the CM accepts any value (0x00-0xFF) as each byte of PIN). The CM waits 2sec when authentication attempt fails, so the maximum number of authentication attempts is
30 times in 1 min. Consequently, the probability that random attempts in 1min will succeed is
30 / 264 < 1 / 100,000.
Section 4.2
- Services This section describes services which the CM provides. E … G, R, Z E E G, Z E G, R, Z E E N/A N/A N/A E 1_5 / image 3. W, R W, E E 1_5 The letters (G, R, W, E, Z) mean Generate, Read, Write, Execute and Zeroise respectively. Only the CMVP validated version is to be used Oct 27, 2023
Approved algorithm
| Name | Use Function | | | | | |
|---|
| Hash_DRBG | Random Number Generation | Provide a random number generated by the CM. | DRBG Internal Value | None | E | Mailbox command result |
| CKG (Hash_DRBG) | Set Band Position and Size | Set the location and size of the band. | DRBG Internal Value KDK | BandMaster0 … BandMaster6 4 | E G, Z | Mailbox command result |
| KBKDF | | | KDK MEKs | | E G, R, Z | |
| HMAC-SHA256 | | | System MAC Key | | E | |
| AES256-CBC | | | System Enc Key | | E | |
| KTS | | | KDK | | W, R | |
| SHA256 | Set PIN | Set PIN (authentication data). | PINs | EraseMaster SID BandMaster0 … BandMaster6 44 | W, E | Mailbox command result |
| HMAC-SHA256 | | | System MAC Key | | E | |
| AES256-CBC | | | System ENC Key | | E | |
| KTS | | | PINs | | W, R | |
| N/A | Show Status | Report status of the CM and versioning information. | N/A | None | N/A | Mailbox command result |
| N/A | Zeroisation | Erase SSPs. | RKey | None5 | Z | Mailbox command result |
| KDK | | | KDK | | Z | |
| PINs | | | PINs | | Z | |
| System MAC Key | | | System MAC Key | | Z | |
| System Enc Key | | | System Enc Key | | Z | |
| DRBG Internal Value | | | DRBG Internal Value | | Z | |
| N/A | | Power-OFF: Delete SSPs in RAM. | System MAC Key | | Z | |
| System Enc Key | | | System Enc Key | | Z | |
| KDK | | | KDK | | Z | |
| PINs | | | PINs | | Z | |
| DRBG Internal Value | | | DRBG Internal Value | | Z | |
| PubKey1 | | | PubKey1 | | Z | |
| RSASSA-PKCS#1-v 1_5 | | | PubKey1 | | W, E | |
| KBKDF | | | Rkey System MAC Key System Enc Key | | E G G | |
| Entropy Source | | | DRBG Seed | | G | |
| Hash_DRBG | | | DRBG Seed DRBG Internal Value | | E, Z G | |
| HMAC-SHA256 | | | System MAC Key | | E | |
| AES256-CBC | | | System Enc Key | | E | |
| KTS | | | KDK PINs | | W W | |
a E E … G, Z E G, R, Z E E N/A N/A W, R W, E E … E W, R N/A N/A Z Z Z Z Z Z N/A Z Z Z Z Z Reset Power-ON: Runs various Z W, E E G 1_5 self-tests to be G performed at G power-on ( POSTs, E, Z G CASTs, Firmware N/A Load test ) and E generate / import E some SSPs. W W Each role can set a PIN for themselves only. Need to input PSID, which is public drive-unique value used for the zeroisation service. Oct 27, 2023
Derive MEKs if the KBKDF corresponding band KDK E MEKs G, R, Z has been unlocked by the appropriate roles. Note 1: “CKG(Hash_DRBG)” means direct use of Hash_DRBG output as a key. Note 2: “PINs” in the above table means “SID/BandMaster(s)/EraseMaster PINs”. Table 7 - Approved services Section 5
- Software/Firmware Security Firmware Security of components in this CM is shown below. ROM Code: ・ Form of the executable code: ELF format ・ Integrity verification method: 32bit CRC ・ Method for integrity test on demand: Power cycling Firmware image (User Code): ・ Form of the executable code: ELF format ・ Integrity verification method: Approved signature verification (see table 3) ・ Method for integrity test on demand: Power cycling Section 6
- Operational Environment Operational Environment requirements are not applicable because the CM does not employ operating systems and operates in a non-modifiable environment that is the CM cannot be modified and no code can be added or deleted. Section 7
- Physical Security The CM is a sub-chip enclosed in a single chip that is an opaque package. Gathering information of the moduleʼs internal construction or components is impossible without forcing the package to open. In this case, it is confirmed package damage as a tamper-evidence. Operators of the CM can ensure that the physical security is maintained to confirm the package has no obvious attack damage. If the operator discovers tamper evidence, the CM should be removed. Oct 27, 2023
Sensitive security parameter
| Name | Strength | Security Function | Generation | Establishment | Storage | Use | Import Export | Zeroisation |
|---|
| RKey | 256 | KBKDF (#C2001) | Hash_DRBG (Method SP800-133 Rev.2 Section 4) | Manufacturing | Plaintext in OTP | Derivation of System Enc Key and System MAC Key | N/A | Explicit Zeroisation service |
| System Enc Key | 256 | AES-CBC (#C1925) | KDF in Counter Mode | Power-On | Plaintext in RAM | Data Encryption / Decryption for KTS | N/A | Explicit Zeroisation |
| Physical Security Mechanism | | Recommended Frequency of | Inspection/Test Guidance Detail |
|---|
| | Inspection/Test | |
| Passivated opaque package | Every month or every two months | | Confirmation that there is no visual damage |
Front Back Figure 2 - TC58NC1132GTC 0003 SoC Section 8
- Non-invasive security The CM does not apply Non-invasive security. Section 9
- Sensitive security parameter management The CM uses keys and SSPs in the following table. N/A 4) N/A Oct 27, 2023
Approved algorithm
| Name | Use Function | | | | | | | |
|---|
| KDF in Counter Mode | Plaintext in RAM | System MAC Key | 256 | HMAC (#C1925) | N/A | Power-On | Explicit Zeroisation service | Message Authentication Code generation and verification for KTS |
| Hash_DRBG (Method SP800-133 Rev.2 Section 4) | Plaintext in RAM Encrypted in System Area outside the module using the Approved KTS | KDK | 256 | KBKDF (#C2001) | Imported and Exported by KTS (see Table 3) | Cryptographic Erase service, Set Band Position and Size service | Explicit Zeroisation service, Cryptographic Erase service, Set Band Position and Size service | Derivation of MEKs |
| KDF in Counter Mode | Plaintext in RAM | MEKs | 256 | N/A | Exported to other functional subsystems on the same single-chip | Band Lock/Unlock service, Cryptographic Erase service, Set Band Position and Size service | Implicit Immediately after exported | Data encryption / decryption by other functional subsystems |
| Electronic input | Hashed in RAM Hashed + Encrypted in System Area outside the module using the | SID/BandMa ster(s)/Erase Master PINs | Referred to in Section 4.1 (Table 6) | SHA256 (#C1925) | Imported and Exported by KTS (see Table 3) | Set PIN service | Explicit Zeroisation service | User authentication |
Approved algorithm
| Name | Key Size | Use Function | | | | | | | |
|---|
| Hash_DRBG (#C2002) | V: 440 bits C: 440 bits | Random number generation | DRBG Internal Value | SP800-90A Instantiation of Hash_DRBG | N/A | Power-On | Plaintext in RAM | Explicit Zeroisation service | |
| Hash_DRBG (#C2002) | Entropy Input String and Nonce: 512 bits | Random number generation | DRBG Seed | Entropy collected from Entropy Source at instantiation (Minimum entropy of 8 bits: 6.31) | N/A | Power-On | Plaintext in RAM | Implicit Immediately after use6 | |
| RSA (#C2009) | 112 | Signature verification. | PubKey1 | Electronic input | Imported during FW load. | Power-on FW Download service | Plaintext in RAM Hashed in OTP | Implicit Power-Off (Data in RAM) | |
| Details | | | Entropy source | | | | | | Minimum number of |
| Hardware RNG used to seed the approved Hash_DRBG. | Minimum entropy of 8 bits is 6.31. | | 7 Entropy Source | | | | | | |
Approved algorithm
| Name | Key Size | Use Function | | | | | | | |
|---|
| Hash_DRBG (#C2002) | V: 440 bits C: 440 bits | Random number generation | DRBG Internal Value | SP800-90A Instantiation of Hash_DRBG | N/A | Power-On | Plaintext in RAM | Explicit Zeroisation service | |
| Hash_DRBG (#C2002) | Entropy Input String and Nonce: 512 bits | Random number generation | DRBG Seed | Entropy collected from Entropy Source at instantiation (Minimum entropy of 8 bits: 6.31) | N/A | Power-On | Plaintext in RAM | Implicit Immediately after use6 | |
| RSA (#C2009) | 112 | Signature verification. | PubKey1 | Electronic input | Imported during FW load. | Power-on FW Download service | Plaintext in RAM Hashed in OTP | Implicit Power-Off (Data in RAM) | |
| Details | | | Entropy source | | | | | | Minimum number of |
| Hardware RNG used to seed the approved Hash_DRBG. | Minimum entropy of 8 bits is 6.31. | | 7 Entropy Source | | | | | | |
N/A N/A after use 6 Table 9 - SSPs Table 10 - Non-Deterministic Random Number Generation Specification The Entropy Source is a hardware module inside the CM boundary. The Entropy Source supplies the Hash_DRBG with 512 bits entropy input. From Table 10 this input contains about
404 bits of entropy, which is sufficient entropy to obtain 256 bits of security strength.
Approved algorithm
| Name | Use Function | | | |
|---|
| AES256-CBC | Power-On | Conditional | Encrypt/Decrypt KAT | Enters Boot Error State (Indicated Error Code: 0x24) |
| SHA256 | Power-On | Conditional | Digest KAT | Enters Boot Error State. (Indicated Error Code: 0x25) |
| HMAC-SHA256 | Power-On | Conditional | Digest KAT | Enters Boot Error State. (Indicated Error Code: 0x26) |
| Hash_DRBG | Power-On | Conditional | DRBG KAT | Enters Boot Error State. (Indicated Error Code: 0x18/0x19) |
| RSASSA-PKCS#1-v 1_5 | Power-On | Conditional | Signature verification KAT | Enters Boot Error State. (Indicated Error Code: 0x27) |
| KDF in Counter Mode | Power-On | Conditional | KDF KAT | Enters Boot Error State (Indicated Error Code: 0x28) |
| Entropy Source (Health tests of noise source at startup.) | Power-On | Conditional | Verify not deviating from the intended behavior of the noise source by Repetition Count Test and Adaptive Proportion Test specified in SP800-90B. | Enters Boot Error State (Indicated Error Code: 0x2C/0x2D) |
| Hash_DRBG | Random number generation | Conditional | Verify newly generated random number not equal to previous one | Enters Error State. (Indicated Error Code: 0x1D) |
| Entropy Source | Entropy output request | Conditional | Verify newly generated random number not equal to previous one | Enters Error State. (Indicated Error Code: 0x1E) |
For the Entropy Source listed in the table above, self-tests are performed each time before data is obtained (see Section 10 for details of these self-tests). When these tests detect that the Entropy Source cannot generate the sufficient amount of entropy, the CM is transient to error state. The CM can be recovered from the error state by rebooting the module, and the obtaining of Entropy data is attempted again. If the CM continuously enters in error state in spite of several trials of reboot, the CM may be sent back to factory to recover from error state. Section 10
- Self Tests The CM runs self-tests in the following table. 1_5 Oct 27, 2023
| Entropy Source (Continuous noise source health tests during operation.) | Conditional | Entropy output request | Verify not deviating from the intended behavior of the noise source by Repetition Count Test and Adaptive Proportion Test specified in SP800-90B. | Enters Error State. (Indicated Error Code: 0x2C/0x2D) |
|---|
| Firmware load test | Conditional8 | Power-on | Verify signature of loaded firmware image by RSASSA-PKCS#1-v1_5 | Enters Power Up Load Test Error State (Indicated Error Code: 0x13) |
| | FW download | Verify signature of downloaded firmware image by RSASSA-PKCS#1-v1_5 | Enters Conditional Load Test Error State. After reporting Error code, transition from error state to normal state and continue to operate with FW before download. (Indicated Error Code: 0x13) |
| Firmware integrity test | Pre-operational | Power-On | Verify ROM code integrity with 32bit CRC. | Enters Boot Error State (Implicit error reporting by stopping the startup sequence) |
Table 11 - Self Tests As shown in the table above, self-tests are performed automatically at the CM startup and before execution certain security functions. Operator can also initiate self-test on-demand for periodic testing by using the Reset service which is automatically invoked when the module is powered-off and powered-on (rebooted). If the self-tests fail, the CM reports error status and enters to the error state. In this case, the CM must be powered-off to clear error condition. When power-on is executed again, self-tests are also executed like an on-demand operator reset. If the CM continuously enters in error state in spite of several trials of reboot, the CM may be sent back to factory to recover from error Section 11
- Life-cycle Assurance In the SSDʼs manufacturing process, installation is executed as below: loaded into the CM can be confirmed. Oct 27, 2023
- The Firmware described in Section 2.1 is downloaded into the CM.
- Initial SSPs are generated.
- Initial authentication information is set to the CM.
- System area including SSPs generated in Step2 and Step3 are encrypted and calculated message authentication code. Initial operations to setup this CM are following:
- Load Firmware into the CM.
- Load System area including SSPs into the CM.
- Execute Range state setting method.
- Execute Download port setting method. The CM switches to approved mode after the initial operation success. When the initial operation succeeds, the CM indicates success on the Status Output interface. Users can confirm that the CM is in approved mode by executing Show Status service and checking that the startup is successfully completed. As described in Section 2, the CM is used by being embedded in the solid state drive. Therefore, there are no maintenance requirements for the CM alone. Guidance for this module is provided to solid state drive developers who embed the CM. The usage and maintenance of solid state drives with the CM built-in are outside of the scope of this document. Section 12 – Mitigation of Other Attacks The CM does not mitigate other attacks beyond the scope of FIPS 140-3 requirements. Oct 27, 2023