All modules
CMVP Validated Module · FIPS 140-3 Security Policy

Samsung NVMe TCG Opal SSC SEDs PM1743/PM1745 Series

Certificate#4879StandardFIPS 140-3Level2TypeHardwareEmbodimentMulti-Chip Stand AloneStatusActiveVendorSamsung Electronics Co., Ltd.
Low review priority  ·  no TCB surface named  ·  last validated 6 months ago. How this is derived →

Certificate

StandardFIPS 140-3
Overall level2
Module typeHardware
EmbodimentMulti-Chip Stand Alone
StatusActive
Sunset date11/13/2026
CaveatInterim Validation. When installed, initialized and configured as specified in Section 11.1 of the Security Policy. The tamper evident seals installed as indicated in the Security Policy. No operator authentication is enforced for executing security services that were unlocked by an authenticated service
VendorSamsung Electronics Co., Ltd.

Approved Algorithms (13)

AlgorithmACVP Cert
AES-ECBA4661
AES-ECBA4662
AES-ECBA4663
AES-ECBA4846
AES-GCMA4663
AES-XTS Testing Revision 2.0A4661
Counter DRBGA4662
Counter DRBGA4846
ECDSA SigVer (FIPS186-4)A4663
HMAC-SHA2-256A4663
PBKDFA4663
SHA2-256A4663
SHA2-384A4663

Derived Review-Risk Graph (review prompts, not findings)

flowchart LR
  %% Deterministic review-risk graph for Samsung NVMe TCG Opal SSC SEDs PM1743/PM1745 Series
  %% Review prompts and evidence gaps, NOT vulnerability findings.
  subgraph CMVP["CMVP-disclosed clues"]
    C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>Update<br/>firmware load</i>"]
    C3["[low] Self-test / status surface<br/>(referenced in text)<br/><i>Show Status<br/>Status Output<br/>unauthenticated</i>"]
    C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>application</i>"]
  end
  subgraph Inference["Derived inference"]
    I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
    I3["Possible only, some<br/>services may process input<br/>before, or without,<br/>operator authentication."]
    I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
  end
  subgraph Risk["Reviewer question"]
    R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
    R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
    R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
  end
  subgraph Evidence["Evidence needed to close"]
    E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
    E3["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
    E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
  end
  C2 --> I2 --> R2 --> E2
  C3 --> I3 --> R3 --> E3
  C6 --> I6 --> R6 --> E6
  classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
  classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
  classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
  classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
  class C2,C3,C6 clue;
  class I2,I3,I6 infer;
  class R2,R3,R6 risk;
  class E2,E3,E6 evidence;
Underlying clues
flowchart LR
  %% Deterministic clue tier for Samsung NVMe TCG Opal SSC SEDs PM1743/PM1745 Series
  %% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
  subgraph CMVP["CMVP-disclosed clues (deterministic)"]
    C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>Update<br/>firmware load</i><br/>src: text:keyword"]
    C3["[low] Self-test / status surface (referenced in text)<br/><i>Show Status<br/>Status Output<br/>unauthenticated</i><br/>src: text:keyword"]
    C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>application</i><br/>src: text:keyword"]
  end
  classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
  classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
  classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
  class C2,C3,C6 clueLow;

Security Policy, page by page

Page 1

Samsung NVMe TCG Opal SSC SEDs PM1743/PM1745 Series Document Version: 1.1 H/W Version: MZWLO1T9HCJR-00AD9 [1, 4], MZWLO3T8HCLS-00AD9 [1, 4], MZWLO7T6HBLA-00AD9 [1, 4], MZWLO15THBLA-00AD9 [1, 4], MZWLO1T6HCJR-00AD9 [1, 4], MZWLO3T2HCLS-00AD9 [1, 4], MZWLO6T4HBLA-00AD9 [1, 4], MZWLO12THBLA-00AD9 [1, 4], MZWLO1T9HCJR-00AH9 [2], MZWLO3T8HCLS-00AH9 [2], MZWLO7T6HBLA-00AH9 [2], MZWLO15THBLA-00AH9 [2], MZWLO1T9HCJR-00AH8 [3], MZWLO3T8HCLS-00AH8 [3], MZWLO7T6HBLA-00AH8 [3], MZWLO15THBLA-00AH8 [3] F/W Version: OPP90D5Q [1], 3P00 [2], 3R00 [3], 3.1.0 [4]

Page 2

Revision History Version Change

1.0 Initial Version
1.1 NSRL Revalidation

Samsung Electronics Co., Ltd.

2 / 22
Page 3
Table of Contents
#SectionPage
Page 4
  1. General 1.1. Scope hereinafter referred to as a “cryptographic module” or “module”. The SSD (Solid State Drive) satisfies all applicable FIPS 140-3 security level 2 of ‘Hardware Module’ requirements, supporting TCG Opal SSC based SED (Self-Encrypting Drive) features. It is designed to protect unauthorized access to the user data stored in its NAND Flash memories. The built-in AES hardware engines in the cryptographic module’s controller provide on-the-fly encryption and decryption of the user data without performance loss. The SED’s nature also provides instantaneous sanitization of the user data via cryptographic erase. ISO/IEC 24759 Section
  2. FIPS 140-3 Section Title Security Level [Number Below]

1 General 2

2 Cryptographic module specification 2

3 Cryptographic module interfaces 2

4 Roles, services, and authentication 2

5 Software/Firmware security 2

6 Operational environment N/A

7 Physical security 2

8 Non-invasive security N/A

9 Sensitive security parameter management 2

10 Self-tests 2

11 Life-cycle assurance 2

12 Mitigation of other attacks N/A

Table

  1. Security Levels 1.2. Acronyms Acronym Description CPU Central Processing Unit (ARM-based) CTRL Controller DRAM I/F Dynamic Random Access Memory Interface LBA Logical Block Address MEK Media Encryption Key NAND I/F NAND Flash Interface PMIC Power Management Integrated Circuit ROM Read Only Memory NVMe Non-Volatile Memory Host Controller Interface Specification SED Self-Encrypting Drive SSC Security Subsystem Class SSP Sensitive Security Parameter TCG Trusted Computing Group Table
  2. Acronyms Samsung Electronics Co., Ltd.
4 / 22
Page 5
  1. Cryptographic Module Specification 2.1. Cryptographic Boundary This firmware version, within the scope of this validation, must undergo validation through the FIPS 140-3 CMVP. Any other firmware loaded into this module is beyond the scope of this validation and requires a separate FIPS 140-3 validation. The following photographs depict the top and bottom views of the cryptographic module. This multiple-chip standalone cryptographic module comprises both hardware and firmware components, all enclosed within two aluminum alloy cases. These cases serve as the cryptographic boundary of the module. Figure
  2. Samsung NVMe TCG Opal SSC SEDs PM1743/PM1745 Series The PM1743/PM1745 series utilizes a single-chip controller with an NVMe interface on the system side and internally integrates Samsung NAND flash. The following figure illustrates the operational environment of the module. Samsung Electronics Co., Ltd.
5 / 22
Page 6

Figure

  1. Block Diagram for Samsung NVMe TCG Opal SSC SEDs PM1743/PM1745 Series 2.2. Version Information Model Hardware [Part Number and Firmware Version Distinguishing Version] Features MZWLO1T9HCJR-00AH9 1.92TB MZWLO3T8HCLS-00AH9 3.84TB 3P00 MZWLO7T6HBLA-00AH9 7.68TB MZWLO15THBLA-00AH9 15.36TB MZWLO1T9HCJR-00AH8 1.92TB MZWLO3T8HCLS-00AH8 3.84TB PM1743 3R00 MZWLO7T6HBLA-00AH8 7.68TB MZWLO15THBLA-00AH8 15.36TB MZWLO1T9HCJR-00AD9 1.92TB MZWLO3T8HCLS-00AD9 3.84TB MZWLO7T6HBLA-00AD9 7.68TB MZWLO15THBLA-00AD9 OPP90D5Q, 15.36TB MZWLO1T6HCJR-00AD9 1.6TB 3.1.0 MZWLO3T2HCLS-00AD9 3.2TB PM1745 MZWLO6T4HBLA-00AD9 6.4TB MZWLO12THBLA-00AD9 12.8TB Table
  2. Cryptographic Module Tested Configuration Samsung Electronics Co., Ltd.
6 / 22
Page 7

2.3. Cryptographic Functionality 2.3.1. Approved Algorithm1 The cryptographic module supports the following Approved algorithms for secure data storage: Description/ CAVP Mode/ Key Size(s)/ Algorithm and Standard Use/Function Cert Method Key Strength(s) A4661 AES-ECB / ECB 256-bit keys Prerequisite for AES-XTS FIPS 197, SP 800-38A with 256-bit (A4661) key strength A4661 AES-XTS / XTS2 256-bit keys Data Encryption / Decryption FIPS 197, SP 800-38E with 256-bit key strength A4662 AES-ECB / ECB 256-bit keys Prerequisite for Counter FIPS 197, SP 800-38A with 256-bit DRBG (A4662) key strength A4662 Counter DRBG / CTR_ DRBG3 AES 256 bits All Cryptographic Key SP 800-90Arev1 (AES-256) with Generation for version Derivation ‘OPP90D5Q’ and ‘3.1.0’ Function firmware Enabled A4846 AES-ECB / ECB 256-bit keys Prerequisite for Counter FIPS 197, SP 800-38A with 256-bit DRBG (A4846) key strength A4846 Counter DRBG / CTR_ DRBG4 AES 256 bits All Cryptographic Key SP 800-90Arev1 (AES-256) with Generation for version ‘3P00’ Derivation and ‘3R00’ firmware Function Enabled A4663 AES-ECB / ECB 256-bit keys Prerequisite for AES-GCM FIPS 197, SP 800-38A with 256-bit (A4663) key strength A4663 AES-GCM / GCM5 256-bit keys Key Encryption / Decryption FIPS 197, SP 800-38D with 256-bit key strength IV: 96 bits A4663 ECDSA SigVer / FIPS 186-4 ECDSA SigVer Curve P-384 Digital Signature Verification with SHA2A4663 HMAC-SHA2-256 / FIPS 198-1 HMAC6 256-bit keys Message Authentication HMACSHA2-256 with λ=256

1 Not all algorithms/modes that appear on the module’s CAVP certificates are utilized by the module.

2 AES-ECB is the pre-requisite for AES-XTS (#4661); AES-ECB alone is NOT supported by the cryptographic module in Approved Mode.

3 AES-ECB is the pre-requisite for Counter DRBG (#4662); AES-ECB alone is NOT supported by the cryptographic module in Approved Mode.

4 AES-ECB is the pre-requisite for Counter DRBG (#4662); AES-ECB alone is NOT supported by the cryptographic module in Approved Mode.

5 2nd technique of IG C.H for generating an IV is implemented in this module. In other words, Key and IV are generated internally using by

approved CTR-DRBG (A4662 and A4846). And AES-ECB is the pre-requisite for AES-GCM (#4663); AES-ECB alone is NOT supported by the cryptographic module in Approved Mode.

6 HMAC is the pre-requisite for PBKDF2 (#4663); HMAC alone is NOT supported by the cryptographic module in Approved Mode.

Samsung Electronics Co., Ltd.

7 / 22
Page 8

A4663 SHA2-256 / FIPS 180-4 SHA2-2567 SHA2-256 Message Digest A4663 SHA2-384 / FIPS 180-4 SHA2-384 SHA2-384 Message Digest A4663 PBKDF2 / HMAC 256 bits Key Derivation8 SP 800-132 SHA2-256 Option 2a using AES-GCM encryption Vendor CKG / SP 800-133rev2 Section 4 N/A Symmetric Cryptographic Key Affirmed Section 6.1 Generation Section 6.3 - ENT (P) / SP800-90B N/A N/A ENT (P) provides a minimum of 256 bits of entropy for DRBG seed materials in key generation. Table

  1. Approved Algorithms 2.3.2. Non-Approved Algorithm The module does not implement any Non-Approved Algorithms Not Allowed in the Approved Mode of Operation. The following algorithms are not intended to be used as a security function and are not implemented to meet any FIPS 140-3 requirements. Additionally, these algorithms are not provided through a non-approved service to an operator Algorithm Caveat Use / Function No Security Claimed; AES-XTS is used Removal of firmware remove obfuscation from the firmware obfuscation AES-XTS / during ROM initialized. FIPS 197, SP 800-38E No Security Claimed; AES-XTS is used for obfuscation and removal of Key obfuscation and Removal of obfuscation the CSP. (IG 2.4.A Scenario obfuscation #1) No Security Claimed; AES-GCM is only AES-GCM / used for obfuscation and removal of Key obfuscation and Removal of FIPS 197, SP800-38D obfuscation the CSP. (IG 2.4.A Scenario obfuscation #1) Table
  2. Non-Approved Algorithms Allowed in the Approved Mode of Operation with No Security Claimed 2.4. Approved Mode of Operation The module defaults to an Approved mode of operation, and as long as the guidance outlined in section 11 is followed, the module will remain in the Approved mode. The cryptographic module indicates the approved mode through the validated version status, as shown by the 'Show Status Service' in Table 8 via the NVM Express Identify Controller command.

7 SHA2-265 is the pre-requisite for PBKDF2 (#4663); SHA2-256 alone is NOT supported by the cryptographic module in Approved Mode.

8 The Iteration Count parameter is 281. It was set accordingly in order to meet the minimum response time required from the application while

maintaining acceptable performance. Samsung Electronics Co., Ltd.

8 / 22
Page 9
  1. Cryptographic Module Interfaces The module does not support a Control Output Interface. Physical port Logical Interface Data that passes over port/interface plaintext data; signed data; Data Input authentication data Data Output plaintext data NVMe Connector commands input logically via an API; signals input logically or Control Input physically via one or more physical ports status information output logically via an API; signal outputs Status Output logically or physically via one or more physical ports; Table
  2. Ports and Interfaces Samsung Electronics Co., Ltd.
9 / 22
Page 10
  1. Roles, Services, and Authentication 4.1. Role The following table defines the roles, associated services, and inputs/outputs supported by the cryptographic module: Role Service Input Output Lock/Unlock an LBA Range LBA Range Status Cryptographic Officer (CO) Erase an LBA Range’s Data LBA Range Status and User IO Command LBA Status CO Change the Password CO Password Status User Set User Password User Password Status Update the firmware Firmware image binary Status Show Status None Status Authentication Authority, Authenticated data Status Get Random Number None Status None Revert None Status FormatNVM Namespace ID, LBA Format Status Sanitize / DeleteNS Namespace ID Status Perform Self-tests None Status Table
  2. Roles, Service Commands, Input and Output 4.2. Authentication The module supports role-based authentication that necessitates verification for assuming the authorization of each role. The authentication mechanism allows a minimum 8-byte length or longer (up to 32-byte) password, with each byte ranging from 0x00 to 0xFF, applicable to every Cryptographic Officer and User role supported by the module. This implies that a single random attempt can succeed with a probability of 1/264 or lower. Each password authentication attempt takes at least 750 ms. The maximum number of attempts possible in a one-minute period is 80 (60000 ms/750 ms). The Password is considered a Memorized Secret Authenticator Type as per SP 800-140E/SP 800-63B. The module claims compliance with IG 4.1.A by implementing a Lock-based authentication model for the "IO command" service. This protects data-at-rest. The "Lock/Unlock an LBA Range" service enables or disables the "IO command" service. Power cycling the module completely disables the "IO command" service if it was enabled. Afterward, the service reverts to its original state, requiring authentication and being enabled/disabled by the "Lock/Unlock an LBA Range" service. Role Authentication Method Authentication Strength CO Password Probability of 1/264 in a single random attempt User (Min: 8 bytes, Max: 32 bytes) Probability of 80/264 in multiple random attempts in a minute Table
  3. Roles and Authentication 4.3. Service The cryptographic module only supports the following approved services and does not support any non-approved services. The abbreviations of the type of access to keys and SSPs have the following interpretation: • E = Execute: The module performs approved security functions with the SSPs. • G = Generate: The module generates or derives the SSP. • W = Write: The SSP is updated, imported, or written to the volatile storage specified in Table 12. • Z = Zeroise: The module zeroises the SSP. Samsung Electronics Co., Ltd.
10 / 22
Page 11

Access right Approved Keys and/or to Keys Service Description Security Roles Indicator9 SSPs and/or SSPs Functions E W G Z A4663 CO Password O O O UID: AdminSP_SID_C_PIN / PBKDF2 AdminSP_Admin1_C_PIN Change the Change CO CPK O O O HMAC-SHA2- CO TCG Method: Set Password password

256 KPK O O O Result: TCG status code

SHA2-256 (Success: 00h) A4663 User Password O O O UID: LockingSP_Admin1~4_C_PIN / PBKDF2 Set User Set User CPK O O O LockingSP_User1~9_C_PIN HMAC-SHA2- User Password Password TCG Method: Set SHA2-256 KPK O O O Result: TCG status code (Success: 00h) Block or allow MEK O O UID: Locking_GlobalRange / Locking_RangeNNNN Lock/Unlock an read (decrypt) / A4663 KEK O O O TCG Method: Set LBA Range10 write (encrypt) AES-GCM of user data. KPK O O Result: TCG status code (Success: 00h) NVM Command: Encrypt / A4661 Write / Read IO Command11 Decrypt User MEK O AES-XTS CO, User Result: NVM Status Code data (Success: 00h) A4662/A4846 DRBG V O O O O UID: Erase user data CTR_ DRBG DRBG Key O O O O K_AES_256_GlobalRange_Key / Erase an LBA by changing the (AES-256) K_AES_256_RangeNNNN_Key Range’s Data data encryption DRBG Seed O O O O TCG Method: GenKey ENT (P) key. Result: TCG status code CKG MEK O O O (Success: 00h) Table 9. Approved Services - Authenticated - The following table displays unauthenticated services. Initially, it is possible to use the services in the table without authentication. The operator can configure settings that comply with NVM and TCG specifications. Access right Approved Keys and/or to Keys Indicator12 Service Description Security Roles SSPs and/or SSPs Functions E W G Z Show approved NVM Command: version status of Identify Controller command Show Status N/A N/A N/A the module / Result: NVM Status Code Error state (Success: 00h) CO Password O O O UID: AdminSP_SID / A4663 N/A AdminSP_Admin1 / User PBKDF2 O O O LockingSP_Admin1~4 / Authenticate Password Authentication HMAC-SHA2- LockingSP_User1~9 the module CPK O O O TCG Method: Authenticate SHA2-256 Result: TCG status code KPK O (Success: 00h)

9 The result of NVMe or TCG command is used as an indicator.

10 This service can lock/unlock an “IO Command” Service that doesn’t require any authentication specified in the Role column.

11The “IO Command” service is unlocked in advance by using the “Lock/Unlock an LBA Range” service, which complies with IG 4.1.A Additional Comment 8. Power cycling the module re-locks this service.

12 The result of NVM or TCG command is used as an indicator. NVM status code is stated in NVM Express® Base Specification and TCG status

code is stated in TCG Storage Architecture Core Specification. Samsung Electronics Co., Ltd.

11 / 22
Page 12

A4662/A4846 DRBG V O O O O Provide a UID: ThisSP CTR_ DRBG Get Random random number DRBG Key O O O O TCG Method: Random (AES-256) Number generated by Result: TCG status code the CM. DRBG Seed O O O O (Success: 00h) ENT (P) Entropy Input O O O O A4662/A4846 DRBG V O O O O CTR_ DRBG DRBG Key O O O O (AES-256) DRBG Seed O O O O Entropy Input O O O O Erase user data ENT (P) UID: SPObj(AdminSP) in all Range by A4663 TCG Method: Revert Revert changing the PBKDF2 Result: TCG status code data HMAC-SHA2- CPK O O O (Success: 00h) SHA2-256 MEK O O O CKG KEK O O O A4662/A4846 DRBG V O O O O CTR_ DRBG DRBG Key O O O O (AES-256) DRBG Seed O O O O ENT (P) Entropy Input O O O O Erase user data Admin Command: by changing the A4663 Format NVM FormatNVM data encryption PBKDF2 Result: NVM Status Code key. HMAC2-SHA- CPK O O O (Success: 00h) SHA2-256 MEK O O O CKG KEK O O A4662/A4846 DRBG V O O O O CTR_ DRBG DRBG Key O O O O (AES-256) DRBG Seed O O O O Entropy Input O O O O Admin Command: Erase user data ENT (P) Sanitize / Namespace Sanitize / by changing the A4663 Management DeleteNS data encryption PBKDF2 Result: NVM Status Code key. HMAC-SHA2- CPK O O O (Success: 00h) SHA2-256 MEK O O O CKG KEK O O O A4663 Admin Command: ECDSA, Firmware Update the Update the Firmware Commit Verification O firmware13 firmware Result: NVM Status Code A4663 Key (Success: 00h) SHA2-384 All cryptographic The module enters operational Power cycling algorithms state upon successful the module to Perform Self-tests listed in Table N/A N/A completion; otherwise, it perform self-

14 and Table indicates failure via the Show

15 “Self- Status Service.

tests”. Table 10. Approved Services - Unauthenticated

13 This service is exempted from being authenticated by exception clause (c) of IG 4.1.A.

Samsung Electronics Co., Ltd.

12 / 22
Page 13

5. Software/Firmware Security - The cryptographic module employs ECDSA P-384 with SHA2-384 for firmware integrity testing, which is performed during power-on reset. Samsung Electronics Co., Ltd.

13 / 22
Page 14

6. Operational Environment - The cryptographic module operates in a limited operational environment, consisting of the module’s firmware because this module does not have any operating system but designed in a manner to allow controlled validated firmware modification by an authenticated limited operator. This limited operational setting does not require any specific security rules, settings/configurations, or restrictions to be set. - The cryptographic module does not provide any general-purpose operating system to the operator. - Unauthorized modification of the firmware is prevented by the pre-operational firmware integrity test and conditional firmware load test. Samsung Electronics Co., Ltd.

14 / 22
Page 15
  1. Physical Security The following physical security mechanisms are implemented in a cryptographic module: • The module consists of production-grade components enclosed in an aluminum alloy enclosure, which is opaque within the visible spectrum. The top panel of the enclosure can be removed by unscrewing screws. However, the module is sealed with tamper-evident labels in accordance with FIPS 140-3 Level 2 Physical Security requirements so that tampering is easily detected when the top and bottom cases are detached. • Two tamper-evident labels are initially applied over the top case of the module during factory production. Once applied, these labels cannot be removed and reapplied without evidence of tampering. • The tamper-evident label is applied by Samsung at Manufacturing. The following table summarizes the actions required by the CO Role to ensure that physical security is maintained: Physical Security Recommended Frequency Inspection/Test Guidance Details Mechanisms of Inspection/Test Inspect the entire perimeter for cracks, gouges, Production grade cases lack of screw(s) and other signs of tampering. Remove from service if tampering found. As often as feasible Inspect the sealing label for scratches, gouges, cuts Tamper-evident Sealing and other signs of tampering. Remove from service Label if tampering found. Table
  2. Physical Security Inspection Guidelines Figure
  3. Tamper Evident Label Placement Figure
  4. Example of Signs of Tamper Samsung Electronics Co., Ltd.
15 / 22
Page 16

8. Non-Invasive Security - Non-invasive security is not applicable to this cryptographic module Samsung Electronics Co., Ltd.

16 / 22
Page 17

9. Sensitive Security Parameter Management - Temporary SSPs stored in RAM are zeroised during power on reset. - The zeroisation is performed by overwriting the target SSP with a random value generated through the DRBG. - The module does not export SSPs. - All SSPs in volatile memory, including HW SFR, are automatically zeroised instantly either after key generation/use or upon performing power-on-reset, depending on the characteristics of volatile memory. - This module does not support SSP establishment. Security Key/SSP Use & Function Import Establish Name/ Strength Generation Storage Zeroisation14 related and Cert. /Export -ment Type keys Number Implicitly Generate A4662/A4846 SP 800-90A DRBG V / zeroised by s the 128-bit CTR_DRBG CTR_DRBG N/A N/A CSP Power on MEK and (AES-256) (AES-256) Reset KEK Implicitly Generate A4662/A4846 SP 800-90A DRBG Key / zeroised by s the 256-bit CTR_DRBG CTR_DRBG N/A N/A CSP Power on MEK and (AES-256) (AES-256) N/A Reset KEK Entropy (HW Implicitly Generate input: A4662/A4846 internal) DRBG Seed / zeroised by s the

512 bits CTR_DRBG ENT (P) N/A N/A

CSP Power on MEK and Nonce (AES-256) Reset KEK

256 bits

Implicitly Generate A4662/A4846 Entropy 512-bit / zeroised by s the CTR_DRBG ENT (P) N/A N/A Input / CSP 256-bit Power on MEK and (AES-256) Reset KEK Manual Implicitly CO Distribution / Min. 64- A4663 Plaintext in zeroised by Derives Password / N/A Electronic N/A bit PBKDF2 RAM Power on CPK/KPK CSP Entry in Reset plaintext Manual Implicitly User Distribution / Min. 64- A4663 Plaintext in zeroised by Derives Password / N/A Electronic N/A bit PBKDF2 RAM Power on CPK/KPK CSP Entry in Reset plaintext Explicitly zeroised via these services: Performing via Set User Password, Derived Plaintext in Change the from Derived via CPK / CSP 256-bit N/A N/A N/A RAM and password and User and PBKDF2 Flash Revert; CO FormatNVM; Password Sanitize / DeleteNS service, and zeroisation is shown through

14 “Zeriosation” performs in non-volatile memory.

Samsung Electronics Co., Ltd.

17 / 22
Page 18

the indicator of that service in Table 9, 10 Explicitly zeroised via Derived these services: Obfuscated from Performing via (AES-XTS [no User and Authentication A4663 Derived via security CO KPK / CSP 256-bit N/A N/A service, and AES-GCM PBKDF2 claimed]) in Password zeroisation is Plaintext in shown through RAM Wraps the indicator of KEK those service in Table 9 Explicitly zeroised via these services: Performing via Plaintext in Revert; RAM, Cipher CKG / SP FormatNVM; text (AES800- Sanitize / GCM) and A4663 133rev2; DeleteNS; Wraps KEK / CSP 256-bit N/A N/A obfuscated AES-GCM SP 800-90A Lock/Unlock an MEK (AES-XTS [no CTR_DRBG LBA Range security (AES-256) service, and claimed]) in zeroisation is Flash shown through the indicator of that service in Table 9, 10 Explicitly zeroised via these services: Performing via Revert; FormatNVM; CKG / SP Sanitize / Plaintext in 800- DeleteNS; RAM, Cipher IO A4661 133rev2; Lock/Unlock an MEK / CSP 256-bit N/A N/A text (AES- Comman AES-XTS SP 800-90A LBA Range; GCM) in d CTR_DRBG Erase an LBA Flash (AES-256) Range’s Data service, and zeroisation is shown through the indicator of that service in Table 9, 10 Firmwar e Load Implicitly Test Firmware zeroised by Verification A4663 Entered during Right after *Note: 256-bit N/A N/A HW SFR15 Key / Non- ECDSA manufacturing Firmware Load This is SSP Test not completed. consider ed an SSP as

15 HW SFR (Special Function Register) is a register within a hardware cryptographic algorithm IP, which has characteristic of volatile memory.

Samsung Electronics Co., Ltd.

18 / 22
Page 19

per ISO/IEC 19790:20 section

7.5 but is

included in the list for complete ness Table

  1. SSPs The cryptographic module contains an entropy source, compliant with SP 800-90B. Minimum number of bits of Entropy sources Details entropy ENT (P)16 0.5 entropy per bit Provides 512 bits of entropy input and 256 bits of nonce to construct a seed for CTR_DRBG. The module requests 256 amount of entropy for entropy source to provide 256 security strength. Table
  2. Non-Deterministic Random Number Generation Specification

16 Estimated amount of entropy per the source’s output bit is 0.85444 and Samsung conservatively claims to be set at 0.5 per bit.

Samsung Electronics Co., Ltd.

19 / 22
Page 20
  1. Self-Tests While executing the following self-tests, all data output is inhibited until the completion of the self-test. The operator can initiate pre-operational tests on-demand by power-cycling the module. Conditional self-tests are conducted before the initial operation of approved algorithms. If a cryptographic module fails a self-test, it will enter an error state, during which all data output is inhibited. 10.1. Pre-Operational Test Algorithm Type Description Firmware Firmware integrity test is performed by using ECDSA with SHA2ECDSA integrity test 38417 at every power-on-reset. Table
  2. Pre-operational Self-tests 10.2. Conditional Test Algorithm Type Description Cryptographic KATs: SP 800-90A Health testing on Instantiate, Generate and DRBG algorithm self-test Reseed functions Cryptographic DRBG KAT: DRBG with AES-256 is performed algorithm self-test Duplicate Key Test for AES-XTS described in FIPS 140-3 IG C.I (i.e. AES-XTS Critical function test key_1 ≠ key_2) Cryptographic KAT: Encrypt is performed AES-XTS algorithm self-test Cryptographic KAT: Decrypt is performed AES-XTS algorithm self-test Cryptographic KAT: Curve P-384 with SHA2-384 signature verification is performed ECDSA algorithm self-test Cryptographic KAT: Hash digest is performed SHA2-256 algorithm self-test Cryptographic KAT: Hash digest is performed SHA2-384 algorithm self-test Cryptographic KAT: HMAC with SHA2-256 is performed HMAC algorithm self-test Cryptographic KAT: Encrypt is performed AES-GCM algorithm self-test Cryptographic KAT: Decrypt is performed AES-GCM algorithm self-test Cryptographic KAT: Password based key derivation using HMAC with SHA2-256 is PBKDF2 algorithm self-test performed ECDSA signature verification is performed if new FW is downloaded ECDSA Firmware load test or at every power-on-reset Cryptographic Conditional SP800-90B Heath tests: Repetition count test, Adaptive ENT (P) algorithm self-test proportion test Table
  3. Conditional Self-tests
17 ECDSA and SHA2-384 KAT are performed prior to the firmware integrity test

Samsung Electronics Co., Ltd.

20 / 22
Page 21
  1. Life-Cycle Assurance Failure to follow the requirements for the Approved Mode of Operation or the rules in Section 11 will result in the module operating in a non-compliant state, which is out of scope for this validation. The following specifies the security rules under which the cryptographic module shall operate in accordance with FIPS 140-3: • The cryptographic module always operates in Approved Mode once the Secure Installation instructions are followed. • The steps required for the secure installation, initialization, and start-up of the cryptographic module, as per FIPS 140-3 VE11.33.01 are as follows: 11.1. Secure Installation
  2. The user should examine for tamper evidence. - Inspect the entire perimeter for cracks, gouges, missing screw(s), and other signs of tampering, including the tamper-evident sealing label. - If there is any sign of tampering, do not use the product and contact Samsung.
  3. Identify the firmware version in the device. - Confirm that the firmware version is equivalent to the version(s) listed in this document via NVM express Identify Controller command.
  4. Take the drive’s ownership. - Change SID’s PIN by setting a new PIN. - Activate the Locking SP by using the Activate method. Note: If required to enable the additional Admin authorities in Locking SP, new PINs must be set by the Cryptographic Officer.
  5. Periodically examine the tamper evidence - If there is any sign of tampering, stop using the product to avoid potential security hazards or information leakage. 11.2. Operational Description of Module • The cryptographic module maintains strict logical separation of data input, data output, control input, control output, and power. • The cryptographic module does not output CSPs in any form. • The cryptographic module provides the Approved DRBG for generating all cryptographic keys which complies with Section 6.1 of the SP 800-133r2. • Power cycling the module re-locks the previous unlocked “IO command” service. • The cryptographic module enforces a limited operational environment by the secure firmware load test using ECDSA with SHA2-384. • The cryptographic module provides a production-grade cryptographic boundary. • The cryptographic module enters the error state upon failure of Self-tests. Most commands except for supported command from the Host (General Purpose Computer (GPC) outside the cryptographic boundary) are rejected in the error state and the IO command returns Namespace Not Ready (SC=0x82, SCT=0x0), the other commands return Internal Error (SC=0x6, SCT=0x0) defined in NVMe specification via the status output. Cryptographic services and data output are explicitly inhibited when in the error state. When module fails FW Integrity test performed by Mask ROM, the module will fail to boot; module will not service any requests or provide any status output (module hangs). • The cryptographic module satisfies the requirements of FIPS 140-3 IG C.I (i.e. key_1 ≠ key_2) • The module generates at a minimum 256 bits of entropy for use in key generation. • Bypass capability is not applicable to the cryptographic module • The module generates symmetric keys which are unmodified outputs from the DRBG. • As specified in NIST SP 800-132, keys derived from passwords/passphrases are only used in storage applications. • AES-XTS is only approved for storage applications. Samsung Electronics Co., Ltd.
21 / 22
Page 22

12. Mitigation of Other Attacks The cryptographic module has not been designed to mitigate any specific attacks beyond the scope of FIPS 140-3. Samsung Electronics Co., Ltd.

22 / 22