| Standard | FIPS 140-3 |
|---|---|
| Overall level | 2 |
| Module type | Hardware |
| Embodiment | Single Chip |
| Status | Active |
| Sunset date | 6/3/2029 |
| Caveat | No assurance of the minimum strength of generated SSPs |
| Vendor | Micron Technology, Inc. |
flowchart LR
%% Deterministic review-risk graph for Micron 7400 SSD Controller Sub Chip Security Subsystem
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>Firmware Load<br/>Update</i>"]
C3["[low] Self-test / status surface<br/>(referenced in text)<br/><i>Self-Test</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>bootloader<br/>application</i>"]
end
subgraph Inference["Derived inference"]
I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
I3["Possible only, some<br/>services may process input<br/>before, or without,<br/>operator authentication."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C2,C3,C6 clue;
class I2,I3,I6 infer;
class R2,R3,R6 risk;
class E2,E3,E6 evidence;flowchart LR
%% Deterministic clue tier for Micron 7400 SSD Controller Sub Chip Security Subsystem
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>Firmware Load<br/>Update</i><br/>src: text:keyword"]
C3["[low] Self-test / status surface (referenced in text)<br/><i>Self-Test</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>bootloader<br/>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C2,C3,C6 clueLow;Micron Technology Micron Technology Micron 7400 SSD Controller Sub Chip Security Subsystem Non-Proprietary FIPS 140-3 Security Policy Document Version: 1.3 Date: April 11th, 2024 Micron Technology, Inc. Public Material
Micron Technology Table of Contents Micron Technology, Inc. Public Material
Micron Technology List of Tables Table 4
Controller Security Subsystem module, hereafter denoted as the Module. The Module is a Single Chip Hardware sub-chip cryptographic subsystem, as defined in FIPS 140-3 Implementation Guidance 2.3.B. The FIPS 140-3 security levels for the Module are as follows: Table 1
1 General 2
2 Cryptographic Module Specification 2
3 Cryptographic Module Interfaces 2
4 Roles, Services and, Authentication 2
5 Software/Firmware Security 2
6 Operational Environment N/A
7 Physical Security 2
8 Non-Invasive Security N/A
9 Sensitive Security Parameter Management 2
10 Self-Tests 2
11 Life-Cycle Assurance 2
12 Mitigation of Other Attacks N/A
Micron Technology, Inc. Public Material
The Module is a Single Chip Hardware Sub-Chip cryptographic module operating on a single chip embodiment. The Module is intended for use by US Federal agencies or other markets that require FIPS 140-3 validated cryptographic controllers. The Module is embedded in the ASIC 7400 Controller package (see Figure 1 below). Figure 1
The cryptographic module is tested on the following operational environment. Table 2
The physical form of the Module is depicted above in Figure 1. The cryptographic boundary of the Module is defined by the Security Subsystem and includes all cryptographic algorithm implementations. The physical embodiment is the Micron 7400 Controller ASIC and includes its package. The cryptographic boundary is depicted by the red outline line in Figure 2 below. The Module is a Single Chip Hardware Sub-Chip cryptographic module operating on a single chip embodiment. Table 2 above specifies the firmware components of the module. Micron Technology, Inc. Public Material
Micron Technology M7400 SSD M7400 Controller NAND NAND NAND NAND NAND NAND NAND NAND NVMe Security Subsystem NAND NAND NAND NAND Figure 2
The Module only supports an Approved mode and cannot be configured to operate otherwise. To verify that the Module is in the Approved mode of operation, the operator may invoke the “Get Status” service, which will indicate the Approved mode of operation, as well as the version information for the Module. The following states are defined for the module.
Micron Technology Note: By default, the drive is issued with a single namespace encompassing the whole capacity of the drive. Once the drive is TCG activated this default namespace’s attributes are managed by the TCG “Global Range”.
The Module implements the cryptographic functions listed in table 3 below. The numbers and letters within square brackets reference standards which are defined in the References and Definitions section of this Security Policy. Table 3
Micron Technology CAVP Cert Algorithm Mode/Method Description / Key Size(s) / Key Use / Function and Strength(s) Standard Counter Length: 8 Custom Key in Length: 0 CSP A2520 KTS [38F] AES-KW Key Sizes: 256 Wrapping/Unwrapping Key transport methodology provides KTS-IFC n = 20482 SHA2-256 between 112 and 128 A2520 KTS-OAEP-basic [56Br2] n = 30722 SHA2-256 bits of encryption strength; Encapsulation Only. Password Based Key Derivation. Keys derived from passwords may only be used in storage applications. Password length is 32 bytes and sLen = 256 only five attempts are A2520 PBKDF [132] Option 1a C = 300 permitted before a reset HMAC-SHA2-256 is required. The PBKDF iteration count (C) is chosen to be as high as can be tolerated without impacting system boot up performance. n = 2048 SHA2-256 n = 3072 SHA2-256 RSA SigVer A2521 PKCS1_v1.5 Signature verification [186] Public Exponent Mode: Fixed Fixed Public Exponent: 010001 SHA2-256 Message Digest A2522 SHA2-256 [180] Generation The module does not implement any “Non-Approved Algorithms Allowed in the Approved Mode of Operation” or “Non-Approved Algorithms Not Allowed in the Approved Mode of Operation” per SP800140B. Only “Non-Approved Algorithms Allowed in the Approved Mode of Operation with No Security Claimed” are supported per Table 4 below. Micron Technology, Inc. Public Material
Micron Technology Table 4
The following table shows the Security Function Implementations that the module implements: Table 5 - Security Function Implementation Name Type Description SF Properties Algorithms/CAVP Cert AES-KW
Micron Technology
The Module is embedded within the Micron 7400 controller of the SSD. The Module shall be operated according to Section 11. Micron Technology, Inc. Public Material
The Module’s ports and associated FIPS defined logical interface categories are listed in Table 5 above. Table 6
The Module supports one distinct operator role, Controller (Cryptographic Officer). Table 6 lists the operator role supported by the Module and their related services. In addition to the services listed in Table 6, the Module also supports a Self-Test service, which is invoked by power cycling the Module. The Module does not support a maintenance role or bypass capability. The Module does not support concurrent operators. Table 7
Micron Technology Role Service Input Output Controller Factory Auth Signature Verification status Controller* Device Deprovision Deprovision ID Status Controller* Generate KeyDerivationKey Mode Status Controller* Zeroize None Status *Requires additional authorization
The role-based authentication methods are defined in Table 8 below. Table 8
All services implemented by the Module are listed in the Table 9 below. The services provided by the Module are defined in terms of the services being exposed at the Module (logical) boundary. Each service description also describes the operator roles involved along with the interface command associated with the service. The SSPs modes of access shown in Table 9 are defined as:
Micron Technology Table 9
Micron Technology Keys and/or SSPs Roles Access Indicator rights to Approved Security Service Description Keys Functions and/or SSPs Load Range and Key Load DEK into DPE for AES-KW TweakKey; Controller W; CCS indicated range LockingObjectDEK; W; NamespaceDEK; W; RdsKey; E; SumRdsKey; W, E; WrapKey; E; EphemeralSumRdskWrapKey E; AWOR Save, restore security KDF, AES-KW, HMAC, AworWrapKey; Controller E; CCS operational context. CKG AworHmacKey; E; DrbgState; W, R; WrapKey; W, R; AuthenticatedUseHmacKey; W, R; PspHmacKey; W, R; TweakKey; W, R; RdsKey; W, R; SumRdsKey; W, R; RootHmacKey; W, R; RootKeyWrapKey; W, R; RootPublicMacKey; W, R; EphemeralSumRdskWrapKey W, R TCG Allocate and Generate a key, wrap key and DRBG, DrbgState; Controller E; CCS associate Key associate key with an entity. WrapKey; E; AES-KW, RdsKey; G, E, R; CKG SumRdsKey; G, E, R; LockingObjectDEK; G, R; EphemeralSumRdskWrapKey E; ; E AuthenticatedUseHmacKey TCG Deallocate and Zeroize key and disassociate NA WrapKey; Controller E; CCS disassociate Key key from an entity. LockingObjectDEK Z, R; AuthenticatedUseHmacKey E; TCG Update Key Erase user data in a DRBG, AES-KW, DrbgState; Controller E; CCS namespace by changing the WrapKey; E; encryption key. CKG RDSKey; E; SumRDSKey; E, W; LockingObjectDEK; Z, G, R; EphemeralSumRdskWrapKey E; ; E AuthenticatedUseHmacKey Micron Technology, Inc. Public Material
Micron Technology Keys and/or SSPs Roles Access Indicator rights to Approved Security Service Description Keys Functions and/or SSPs TCG Set PIN Set PIN which is used in PBKDF, Password; Controller W, E, Z; CCS generating a key to wrap a DrbgState; E; TCG credential. DRBG, WrapKey; E; AES-KW, PasswordWrapKey; G, E, Z; CKG, RDSKey; G, W; HMAC SumRDSKey; G, W; EphemeralSumRdskWrapKey E; ; E AuthenticatedUseHmacKey TCG Revert, Revert to FOB, AES-KW, HMAC, DRBG, RootHmacKey; Controller E; CCS Activate, Reactivate Revert to FOB with TCG CKG DrbgState; E; Activated. WrapKey; E; RdsKey; Z; SumRdsKey; Z; NameSpaceDEK; Z, G; LockingObjectDEK; Z, G; AuthenticatedUseHmacKey E TCG HMAC Generate an HMAC over the HMAC AuthenticatedUseHmacKey; Controller E; CCS Generation prescribed TCG content. DrbgState; R; RootKeyWrapKey; E; TweakKey; R; WrapKey; E, R; Password; G, E; PassordWrapKey G, E Manifest Load RSA Verify trusted list of PKs. RSA Verify KManifestPub_ROM Controller E CCS CSP Load Restore persistent SSPs. AES-KW RootHmacKey; Controller E; CCS HMAC RootKeyWrapKey; E; DrbgState; W; WrapKey; W; AuthenticatedUseHmacKey; W; TweakKey; W; PspHmacKey W Write/Read Encryption / Decryption of DPE-AES-XTS NamespaceDEK; Controller E; CCS user data to / from a user LockingObjectDEK; E; data range. TweakKey E Get Status Get information about the NA NA Controller NA CCS operational state of the drive. This service provides the requisite data for the Show module’s versioning information requirement. Firmware Signature Verify firmware image RSA Verify KFWCBootloaderVerify; Controller E; CCS Check signature before persisting. KFWModuleVerify; E; E KFWControllerVerify Micron Technology, Inc. Public Material
Micron Technology Keys and/or SSPs Roles Access Indicator rights to Approved Security Service Description Keys Functions and/or SSPs Factory Auth Authentication for factory- RSA Verify, DRBG KAuthPub; Controller E; CSS restricted services. E; KVSAuthPub; DrbgState E, W Device Deprovision Deprovision the device, NA All CSPs Controller Z CCS zeroize all SSPs. Generate Generate a new DRBG, CKG DrbgState; Controller G, E; CCS KeyDerivationKey KeyDerivationKey. KeyDerivationKey; G, E; Entropy Input; W, E; RootHmacKey; G, E; RootKeyWrapKey; G, E; RootPublicMacKey; G; AworHmacKey; G; AworWrapKey; G; WrapKey; G, E; AuthenticatedUseHmacKey; G, E; PspHmacKey; G; TweakKey G Zeroize Destroys all keys. Must be Factory zeroization All CSPs Controller Z CCS performed under the direct process control of the operator.
The Module is composed of the following firmware components:
The Module has a limited operational environment under the FIPS 140-3 definitions. The tested operational environment is listed in Table 2. The Module includes a firmware verification and load service to support necessary updates. Firmware versions validated through the FIPS 140-3 CMVP will be explicitly identified on a validation certificate. Any firmware not identified in this Security Policy does not constitute the Module defined by this Security Policy or covered by this validation. Micron Technology, Inc. Public Material
The Module is a Single Chip Hardware sub-chip cryptographic subsystem, and the embodiment is a single chip. The chip is encapsulated in a standard IC package. The IC packaging itself provides the necessary opacity and tamper evidence required for Level 2 conformance. Table 10
The Module does not implement any mitigation method against non-invasive attack. Micron Technology, Inc. Public Material
The SSPs access methods are described in below. The SSPs management methods as shown in Table 11 below are defined as:
All CSPs and PSPs used by the Module are described in this section. All usage of these SSPs by the Module is described in the services detailed in Section 4.3. The numbers and letters within square brackets reference standards which are defined in the References and Definitions section of this Security Policy. Table 11
Micron Technology Key/SSP/Name/T Strength Security Gene- Import /Export Establish Storage Zeroiza- Use & Related ype Function ration ment tion keys and Cert. Number EphemeralSumRd 256 KTS G2 E3 / O2 by N/A S1 Z1, Z2 Key wrap of skWrapKey #A2520 AworWrapKey SumRdsKey Entropy Input 256 HASH G1 E1 N/A S1 Z1 128 bytes of DRBG Entropy and 64 #A2520 bytes of Nonce KeyDerivationKey 256 KDF G2 N/A N/A S2 Z2 Master key used #A2521 to derive other keys LockingObjectDEK 256 AES G2 E3 / O2 by RdsKey, N/A S1, S3 Z1, Z2 Data encryption #A2523 SumRdsKey or WrapKey NamespaceDEK 256 AES G2 E3 / O2 by RdsKey, N/A S1, S3 Z1, Z2 Data encryption #A2523 SumRdsKey or WrapKey Password 256 PBKDF N/A E1 N/A S1 Z1 Used with #A2520 PBKDF2 to derive the PasswordWrapKe y, Password is 32 bytes in length PasswordWrapKe 256 KTS G4 N/A N/A S1 Z1 Key wrap of y #A2520 RdsKey or SumRdsKey PspHmacKey 256 HMAC G2 E3 / O2 by N/A S1 Z1, Z2 Integrity #A2521 RootKeyWrapKey verification of or AworWrapKey public TCG content RdsKey 256 KTS G2 E3 / O2 by N/A S1 Z1, Z2 Key wrap of #A2520 PasswordWrapKey LockingObjectDE or AworWrapKey K and NameSpaceDEK RootHmacKey 256 HMAC G3 from E3 / O2 by N/A S1 Z1, Z2 Integrity checking #A2521 KeyDerivat AworWrapKey ionKey RootKeyWrapKey 256 KTS G3 from E3 / O2 by N/A S1 Z1, Z2 Key wrapping #A2520 KeyDerivat AworWrapKey ionKey RootPublicMacKe 256 HMAC G3 from E3 / O2 by N/A S1 Z1, Z2 Integrity y #A2521 KeyDerivat AworWrapKey verification of ionKey external TCG content SumRdsKey 256 KTS G2 E3 / O2 by N/A S1 Z1, Z2 Key wrap of AworWrapKey, LockingObjectDE #A2520 EphemeralSumRds K and kWrapKey, or by NameSpaceDEK PasswordWrapKey Micron Technology, Inc. Public Material
Micron Technology Key/SSP/Name/T Strength Security Gene- Import /Export Establish Storage Zeroiza- Use & Related ype Function ration ment tion keys and Cert. Number SUP Seed 256 PBKDF G2 O3 by N/A S1 Z1 Random value #A2520 KDeviceWrappingPub used in password creation TweakKey 256 AES G2 E3 / O2 by N/A S1, S3 Z1, Z2 Data encryption #A2523 RootKeyWrapKey or AworWrapKey WrapKey 256 KTS G2 E3 / O2 by N/A S1 Z1, Z2 Key wrap of #A2520 RootKeyWrapKey LockingObjectDE or AworWrapKey K and NameSpaceDEK KAuthPub 112 RSA N/A E2 / O1 N/A S1 Z1 RSA 2048/3072 SigVer Public Key for (FIPS186- Factory-restricted 4) services signature #A2521 verification KDeviceWrappingPub 112 KTS-IFC N/A E2 / O1 N/A S1 Z1 RSA 2048/3072 #A2520 Public Key for SUP Generate KFWCBootloaderVerify 112 RSA N/A E2 N/A S1 Z1 RSA 2048/3072 SigVer Public Key for (Not an SSP) 128 (FIPS186- Bootloader 4) firmware #A2521 signature verification KFWControllerVerify 112 RSA N/A E2 N/A S1 Z1 RSA 2048/3072 SigVer Public Key for (FIPS186- Controller 4) signature #A2521 verification KFWModuleVerify 112 RSA N/A E2 N/A S1 Z1 RSA 2048/3072 SigVer Public Key for (Not an SSP) 128 (FIPS186- runtime firmware 4) signature #A2521 verification KManifestPub_ROM 112 RSA N/A N/A. Pre-installed. N/A S4 N/A. RSA 2048/3072 (Not an SSP) SigVer Used Public Key for (FIPS186- solely for manifest 4) self-tests signature #A2521 and can verification be revoked KVSAuthPub 112 RSA N/A E2 / O1 N/A S1 Z1 RSA 2048/3072 SigVer Public Key for (FIPS186- Factory-restricted 4) signature #A2521 verification Micron Technology, Inc. Public Material
The DRBG Randomness source (i.e., entropy) is loaded at manufacturing. Per IG 9.3.A, Example 2A, there is no assurance of the minimum strength of generated SSPs. The DRBG mechanism is SHA2-256, which has a security strength of 256-bits (per SP800-57, Part 1, Revision 5). The HASH DRBG is seeded with 128 bytes of entropy and 64 bytes of nonce material during manufacturing and is assumed to initialize the HASH DRBG to the full 256-bits security strength.
The Module performs self-tests to ensure the proper operation of the Module. Per FIPS 140-3 these are categorized as either pre-operational self-tests or conditional self-tests. Pre-operational and conditional self-tests are available on demand by resetting or power cycling the Module. The self-tests error states and status indicator are described in Table 12 below: Table 12
Micron Technology Table 14
This section documents the operational behavior of the device.
The device is shipped from the factory in the Approved mode of operation and no further initialization is required to operate in the Approved mode. Going further, it is not possible to configure the module in such a way that it would operate in a non-compliant state or non-Approved mode. On receipt of the Micron Technology, Inc. Public Material
Micron Technology Module, examine the product to ensure it has not been tampered with during shipping according to the procedures outlined in Section 7.
The Module does not implement any mitigation method against other attacks.
The following standards are referred to in this Security Policy. Table 15
Micron Technology Abbreviation Full Specification Name [38B] National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication, Special Publication 800-38B, May 2005 [38E] National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices, Special Publication 80038E, January 2010 [38F] National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping, Special Publication 800-38F, December 2012 [56Br2] NIST Special Publication 800-56B Revision 2, Recommendation for Pair-Wise Key Establishment Schemes Using Finite Field Cryptography, March 2019 [90A] National Institute of Standards and Technology, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, Special Publication 800-90A, Revision 1, June 2015. [90B] National Institute of Standards and Technology, Recommendation for the Entropy Sources Used for Random Bit Generation, Special Publication 800-90B, January 2018. [ACS-3] ACS-3 Reporting Security Compliance December 1,2009 [TCG-SSC- TCG Storage Security Subsystem Class: Opal, Specification Opal] [TCG-SACS] TCG Storage Architecture Core Specification [TCG-SIIS] TCG Storage Interface Interactions Specification Table 16– Acronyms and Definitions Acronym Definition KAT Known Answer Test SSP Sensitive Security Parameter AK Authentication key DEK Data Encryption Key LBA Logical Block Address MSID Manufacturing SID. Public value used as part of the default PIN PSID Physical SID, a public unique value for each drive SED Self-Encrypting Drive SID Security ID, PIN for Drive Owner CO Role - TCG OPAL TCG Trusted Computing Group Micron Technology, Inc. Public Material