All modules
CMVP Validated Module · FIPS 140-3 Security Policy

PE9110 E1.S and PE9010 M.2 22110D NVMe TCG Opal SSC SEDs

Certificate#4899StandardFIPS 140-3Level1TypeHardwareEmbodimentMulti-Chip EmbeddedStatusActiveVendorSK hynix Inc.
Medium review priority  ·  no TCB surface named  ·  last validated 20 months ago. How this is derived →

Certificate

StandardFIPS 140-3
Overall level1
Module typeHardware
EmbodimentMulti-Chip Embedded
StatusActive
Sunset date11/21/2029
CaveatNone
VendorSK hynix Inc.

Approved Algorithms (12)

AlgorithmACVP Cert
AES-ECBC1278
Counter DRBGA2595
Counter DRBGC1278
HMAC-SHA2-256A2596
PBKDFA2595
RSA SigVer (FIPS186-4)A2595
RSA SigVer (FIPS186-4)A2597
SHA2-256A2596
SHA2-384A2595
SHA2-384A2597
SHA2-512A2595
SHA2-512A2597

Derived Review-Risk Graph (review prompts, not findings)

flowchart LR
  %% Deterministic review-risk graph for PE9110 E1.S and PE9010 M.2 22110D NVMe TCG Opal SSC SEDs
  %% Review prompts and evidence gaps, NOT vulnerability findings.
  subgraph CMVP["CMVP-disclosed clues"]
    C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>firmware load<br/>update</i>"]
    C3["[low] Self-test / status surface<br/>(referenced in text)<br/><i>Self-Test<br/>Show Status<br/>Status output</i>"]
    C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>HTTPS<br/>library named: nss</i>"]
    C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>application</i>"]
  end
  subgraph Inference["Derived inference"]
    I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
    I3["Possible only, some<br/>services may process input<br/>before, or without,<br/>operator authentication."]
    I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
    I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
  end
  subgraph Risk["Reviewer question"]
    R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
    R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
    R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
    R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
  end
  subgraph Evidence["Evidence needed to close"]
    E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
    E3["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
    E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
    E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
  end
  C2 --> I2 --> R2 --> E2
  C3 --> I3 --> R3 --> E3
  C5 --> I5 --> R5 --> E5
  C6 --> I6 --> R6 --> E6
  classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
  classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
  classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
  classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
  class C2,C3,C5,C6 clue;
  class I2,I3,I5,I6 infer;
  class R2,R3,R5,R6 risk;
  class E2,E3,E5,E6 evidence;
Underlying clues
flowchart LR
  %% Deterministic clue tier for PE9110 E1.S and PE9010 M.2 22110D NVMe TCG Opal SSC SEDs
  %% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
  subgraph CMVP["CMVP-disclosed clues (deterministic)"]
    C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>firmware load<br/>update</i><br/>src: text:keyword"]
    C3["[low] Self-test / status surface (referenced in text)<br/><i>Self-Test<br/>Show Status<br/>Status output</i><br/>src: text:keyword"]
    C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>HTTPS<br/>library named: nss</i><br/>src: text:keyword"]
    C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>application</i><br/>src: text:keyword"]
  end
  classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
  classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
  classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
  class C2,C3,C5,C6 clueLow;

Security Policy, page by page

Page 1

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy PE9110 E1.S and PE9010 M.2 22110D NVMe TCG Opal SSC SEDs FIPS 140-3 Cryptographic Module Document Version: 0.8 Date: 11/11/2024 SK hynix Public Material

Page 2

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Table of Contents SK hynix Public Material

Page 3

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy List of Tables Table 6: Non-Approved Algorithms Allowed in the Approved Mode of Operation with No Security Claimed List of Figures SK hynix Public Material

Page 4

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy General This document defines the Security Policy for the SK hynix PE9110 E1.S and PE9010 M.2 22110D NVMe TCG Opal SSC SEDs cryptographic module, hereafter denoted the Module. The Module is a multiple chip embedded self-encrypting drive (SED) compliant with TCG Core, TCG Opal, TCG Single User Mode (SUM), PCIe, and NVMe specifications. The Module is also compliant with the IEEE1667 storage specification. The cryptographic module’s controller has a built-in AES-XTS HW engine which encrypts and decrypts the user data without any performance loss. The Module meets FIPS 140-3 overall security Level 1. The FIPS 140-3 security levels for the Module are as follows: Table 1: Security Level of Security Requirements Security Requirement Security Level General 1 Cryptographic Module Specification 1 Cryptographic Module Ports and Interfaces 1 Roles, Services, and Authentication 1 Software/Firmware Security 1 Operational Environment 1 Physical Security 1 Non-Invasive Security N/A Sensitive Security Parameter Management 1 Self-Tests 1 Life-Cycle Assurance 1 Mitigation of Other Attacks N/A Overall Level 1 SK hynix Public Material

Page 5

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Cryptographic Module Specification The Module is designed to be embedded in a General Purpose Computer (host). The Module does not support a maintenance access interface. The Module uses a single chip controller (Atomos) with a PCIe/NVMe and SMBus interface on the systems side and SK hynix NAND flash internally. The Module is composed of the following major components:

2.1 Operational Environment

The following Module configurations were tested: Table 2: Cryptographic Module Tested Configuration # Model HW P/N FW Version Distinguishing Features

1 PE9110 E1.S HFS1T9GEEWX132N 41089A30 1920GB

2 PE9110 E1.S HFS3T8GEEWX132N 41089A30 3840GB

3 PE9110 E1.S HFS7T6GEEWX132N 41089A30 7680GB

4 PE9010 M.2 22110D HFS960GDJ0X132N 51082A30 960GB

5 PE9010 M.2 22110D HFS1T9GDJ0X132N 51082A30 1920GB

6 PE9010 M.2 22110D HFS3T8GDJ0X132N 51082A30 3840GB

2.2 Cryptographic Boundary

The PE9110 has an E1.S physical form factor, while the PE9010 has an M.2 22110D physical form factor as depicted in Figures 1 and 2 respectively. The cryptographic boundary is defined as the entire PCB of each form factor, as outlined with a red dotted line. Note that the PE9110 SK hynix Public Material

Page 6

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy E1.S includes a metallic enclosure, while the PE9010 M.2 22110D does not. No components have been excluded from the cryptographic boundary. Figure 1: PE9110 E1.S Top and Bottom (Cryptographic Boundary in Red) Figure 2: PE9010 M.2 22110D Top and Bottom (Cryptographic Boundary in Red)

2.3 Mode of Operation

The Module only supports an Approved Mode of operation and is thus continually in an Approved mode of operation. In order to confirm the module’s versioning information and that it is operating in an Approved manner, the operator may invoke the “Read FIPS Compliance” service, as specified in Section 11.1. Per IG 2.4.C, Example Scenario #2, a global indicator is used to identify the Approved mode of operation, along with the implicit indicator for the successful completion of each Approved service.

2.4 Security Functions

The Module implements the Approved Mode cryptographic functions listed in the table below. The module does not support any non-Approved cryptographic functions. Table 3: Approved Algorithms Cert Algorithm Mode Description Functions/Caveats Key Sizes: 256 Encrypt, Decrypt ECB [38A] Boundary: Hardware Support for XTS and KW Key Sizes: 256 Encrypt, Decrypt of user XTS [38E] A2596 AES [197] Boundary: Hardware data Forward Authenticated Encrypt, KW [38F] Key Sizes: 256 Authenticated Decrypt Boundary: Hardware for key storage Conditioning Component Block Cipher Key Sizes: 128 A2272 ECB [90B] SP800-90B Conditioner Derivation Boundary: Hardware Function SP800-90B SK hynix Public Material

Page 7

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Cert Algorithm Mode Description Functions/Caveats Prediction Resistance: Yes, No Supports Reseed Mode: AES-256 Derivation Function Enabled: No Additional Input: 0-384 Deterministic Random Bit Entropy Input: 384 Generation DRBG [90Ar1] CTR Nonce: 0 Security strength = 256 Personalization String Length: C1278 bits. 0-384 Returned Bits: 512 Additional Input used: No Entropy Input used: 384 Personalization String used: No Boundary: Hardware Key Sizes: 256 Encrypt, Decrypt AES [197] ECB [38A] Boundary: Hardware To support CTR_DRBG Prediction Resistance: Yes, No Supports Reseed Mode: AES-256 Derivation Function Enabled: Yes Additional Input: 0-2048 Increment 128 A2595 DRBG [90Ar1] CTR Tested, but not used Entropy Input: 256-2048 Increment 128 Nonce: 128-1024 Increment Personalization String Length: 0-2048 Increment 128 Returned Bits: 512 Hardware Non-Deterministic Provides a minimum of RNG; minimum of 512 bits per 256 bits of security N/A ENT [90B] ENT (P) access. strength to the Approved Boundary: Hardware DRBG Key Sizes: 256 bits Public Security Parameter A2596 HMAC [198-1] SHA2-256 λ = 32 bytes (PSP) data authentication Boundary: Hardware and support for PBKDF2 Password Based Key sLen = 32 bytes salt Derivation. The keys C = 1,000 iterations A2595 PBKDF [132] Option 1a derived from passwords HMAC-SHA2-256 Cert. #A2596 are used only in storage Boundary: Firmware application SigVer - Signature n = 2048

Page 8

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Cert Algorithm Mode Description Functions/Caveats n = 3072

Page 9

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Table 8: Entropy Certificates Vendor Name Certificate Number N/A N/A

2.5 Overall Security Design

Per IG C.I, the module assures Key1 and Key2 are not equal for AES-XTS operations. The module implements the following security elements:

  1. No additional interface or service is implemented by the Module which would provide access to CSPs.
  2. Data output is inhibited during self-tests, Key generation, Zeroization, error states, and firmware load verification.
  3. The module does not support manual key entry.
  4. The module does not output plaintext CSPs or intermediate key values.
  5. Status information does not contain CSPs or sensitive data that if misused could lead to a compromise of the module.
  6. The Module does not support a bypass capability.
  7. Power on self-tests do not require any operator action.
  8. The Module does not support the update of the serial number and vendor ID.
  9. The Module does not support concurrent operators.
2.6 Rules of Operation

The following security rules must also be considered when operating the module:

  1. All CSPs are zeroized by the Zeroization service. Only the Maker role can call the Zeroization service.
  2. The Module shall provide five (5) distinct operator roles: Cryptographic Officer, User, Maker, PSID, and Anybody
  3. The operator shall be capable of commanding the Module to perform the power up self-tests by power cycling or resetting the Module. SK hynix Public Material – May be reproduced only in its original entirety (without revision).
Page 10

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Cryptographic Module Interfaces The Module’s ports and associated FIPS defined logical interface categories are listed in Table 9. The module does not support a Control Output interface. Table 9: Ports and Interfaces Physical Logical Interface Type Data that passes over port/interface Port PCIe Power Power Connector Control in, Data in, Data out, NVMe storage commands and payloads Status out Control in, Status out Management information via SMBus commands and payloads The module also supports a JTAG and UART port, which are permanently disabled.

3.1.1 NVMe Interface

The NVMe interface provides the primary interface to interact with the Module. Most services provided by the Module are accessed via the NVMe Interface including Opal configuration, reading and writing user data, retrieving FIPS capability support, and retrieving FIPS status reporting.

3.1.2 SMBus Interface

The SMBus interface provides the ability to audit the SSD environment (temperature, Vital Product Data). SK hynix Public Material

Page 11

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Roles, Services, and Authentication

4.1 Assumption of Roles

The module supports five distinct operator roles: Cryptographic Officer (CO), User, Maker, PSID, and Anybody. The method for assuming a role is implicit based on the services invoked. The module only asserts conformance with Level 1 requirements; PINs and passwords are optional as required by TCG standards and are defined as non-SSPs; the module makes no claim to support FIPS 140-3 authentication mechanisms. The module supports the following operator roles:

  1. Crypto Officer (CO): a. Admin SP SID - This operator is responsible for transitioning from uninitialized mode to initialized mode. b. Admin SP Admin – This operator is disabled by default but can be enabled by SID authority. When enabled, it can transition the Module back to the uninitialized state from the initialized state. c. Locking SP Admins – This operator is used to enable and disable Users, create and delete user ranges, lock or unlock the ranges and cryptographically erase the user ranges. The CO is also responsible for performing firmware updates.
  2. User: The Locking SP Users can unlock and lock the drive to allow the operator to read and write data to the drive. This user can also call the “Cryptographic Erase” service.
  3. Maker: This is an assumed role which enables the operator to execute the “Zeroise Service” command.
  4. PSID: The TCG PSID Authority has access to perform the “PSID Revert” service.
  5. Anybody: This role is assumed when the operator executes services that does not require a TCG role to be assumed. The Module does not support a maintenance role or bypass capability. The Module does not support concurrent operators. Table 10: Roles and Authentication Role Authentication Method Authentication Strength CO N/A N/A User N/A N/A Maker N/A N/A PSID N/A N/A Anybody N/A N/A
4.2 Services

All services implemented by the Module are listed in Table 11, while SSP usage for each service is specified in Table 12. Note: SK hynix Public Material

Page 12

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy

Page 13

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Role Service Input Output CO Enable/Disable SUM Security Send command -; parameters; Security Receive command Security Send command status payload w/ TCG Reactivate method CO Locking Range Security Send command -; Configuration parameters; Security Receive command Security Send command status payload w/ TCG Reactivate method CO Lock/Unlock range Security Send command -; U parameters; Security Receive command Security Send command status payload w/ TCG Set method CO Set common name Security Send command -; U parameters; Security Receive command Send command payload w/ TCG status Set method for Common Name object CO Data store table Set Security Send command -; U parameters; Security Receive command Security Send command status payload w/ TCG Set method for Datastore table CO Crypto Erase of a range Security Send command -; U parameters; Security Receive command Security Send command status payload w/ TCG Erase or Genkey method M Zeroization Zeroization VU command -; parameters; Zeroization VU comma status Zeroization VU command payload P PSID Revert Security Send command -; parameters; Security Receive command Security Send command status payload w/ TCG Revert method A Power Cycle -; -; (Self-Test) - A Hot reset Bit 6 (Secondary Bus Reset) of -; Bridge Control Register (offset 0x3E) PCI Config Space; SK hynix Public Material

Page 14

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Role Service Input Output A Warm reset Bit 4 (Link Control Register -; Offset 0x10) in PCI Express “Negotiated Link width” (Bit Capability Register of PCI config 9:4) in the Link Status Register space; or Offset 0x20 is the (Offset 0x12) of PCI config NVM Subsystem Reset space; or Bit 4 of the NVMe register(NSSR) in the controller Controller status register registers (PCIe BAR); (Offset 0x1C) A Show Status Level 0 Discovery parameters or Level 0 Discovery payload or NVMe Identify command NVMe Identify; parameters; Level 0 Discovery status or - NVMe Identify command status A Read FIPS Compliance Security Receive w/ Read FIPS Read FIPS Compliance payload; Compliance command Security Receive command parameters; status A Block SID Authorization Security Send w/ Block SID -; Authorization command Security Send command status parameters; A TCG Authorization Security Send command -; parameters; Security Receive command Security Send command status payload w/ TCG StartSession or Authorization method A Enable Zeroization Vendor Specific Auth Challenge -; Service command parameters; Vendor Specific command Vendor Specific Command status Payload A Get Random Number Security Send command Security Receive command parameters; payload; Security Send command Security Receive command payload w/ TCG Random status method A Telemetry logs Telemetry Log (Get Log Page) Telemetry Log (Get Log Page) command parameters; command payload; - Telemetry Log (Get Log Page) command status A Read/Write User Data Read/Write command Read command response parameters; payload; Write command payload Read/Write command status CO Firmware Update Firmware Update command -; parameters; Firmware Update command Firmware Update command status payload SK hynix Public Material

Page 15

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Role Service Input Output A Format NVM / Format command parameters / -; Namespace Namespace Management Format command / Namespace Management command parameters; Management command status Format command / Namespace Management command payload A Sanitize Crypto Sanitize command -; parameters; Crypto Sanitize command status A Configure Drive Set Features command -; parameters; Set Features command status SK hynix Public Material

Page 16

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy

Page 17

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions Activate OPAL Enables Locking SP via TCG PBKDF (#A2585); CO Password; CO W, E, Z; Status output to Activate method. Activate User Password; E; the host is returned method can enable SUM. for success or error AUTH_KEYs; G, E, Z; SALT; G, E; DRBG (#C1278); DRBG-EI; G, E; DRBG V; G, E; DRBG Key; E; HMAC-SHA2-256 PSP_HMAC_KEY; E; (#A2596); TPER_SALT_KEK; G, E; AES-KW SUM_KEKs G, E, Z (#A2596) SK hynix Public Material

Page 18

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions Deactivate Reverts the drive back to PBKDF (#A2585); CO Password; CO E; Status output to OPAL the Original Factory State the host is returned AUTH_KEYs; G, E, Z; through TCG Revert or for success or error SALT; G, E; Revert SP methods. Note: For Revert SP, MSID PIN; E;

  1. Global Range data is DRBG (#C1278); DRBG-EI; G, E, Z; preserved if DRBG V; G, E, Z; KeepGlobal parameter DRBG Key; G, E, Z; is TRUE. HMAC-SHA2-256 PSP_HMAC_KEY; G, E, Z;
  2. TPER_SALT_KEK and (#A2596); HRK; E; PSP_HMAC_KEY are AES-KW also preserved. MEK_KEK; G, E, Z; (#A2596); TPER_SALT_KEK; G, E, Z; TPER_KEK; E, Z; SUM_KEKs; E, Z; MEKs G, E, Z AES-XTS (#A2596) SK hynix Public Material – May be reproduced only in its original entirety (without revision).
Page 19

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions Admin Set PIN Updates Admin authority PBKDF (#A2585); CO Password; CO W, E, Z; Status output to PIN. AUTH_KEYs; G, E, Z; the host is returned for success or error SALT; G, E; DRBG (#C1278); DRBG-EI; G, E, Z; DRBG V; G, E; DRBG Key; G, E; HMAC-SHA2-256 PSP_HMAC_KEY; E; (#A2596); TPER_SALT_KEK; E; AES-KW TPER_KEK; E; (#A2596) SUM_KEKs E User Set PIN Updates User authority PBKDF (#A2585); User Password; CO, U W, E, Z; Status output to PIN. AUTH_KEYs; G, E, Z; the host is returned Locking SP Admins can set for success or error SALT; G, E; PINs for any Non-SUM Users. DRBG (#C1278); DRBG-EI; G, E, Z; DRBG V; G, E; DRBG Key; G, E; HMAC-SHA2-256 PSP_HMAC_KEY; E; (#A2596); TPER_SALT_KEK; E; AES-KW TPER_KEK; E; (#A2596) SUM_KEKs E Enable/Disable Disables a non-SUM User’s HMAC-SHA2-256 PSP_HMAC_KEY CO E Status output to User Set PIN ability to change its own (#A2596) the host is returned PIN. for success or error SK hynix Public Material

Page 20

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions Enable/Disable Enables or disables an PBKDF (#A2585); CO Password; CO E; Status output to Admin SP Admin SP authority. the host is returned AUTH_KEYs; G, E, Z; authorities for success or error SALT; G, E; DRBG (#C1278); DRBG-EI; G, E, Z; DRBG V; G, E; DRBG Key; G, E; HMAC-SHA2-256 PSP_HMAC_KEY; E; (#A2596); TPER_SALT_KEK E AES-KW (#A2596) Enable/Disable Enables or disables a PBKDF (#A2585); CO Password; CO E; Status output to Locking SP Locking SP Admins and the host is returned User Password; E; authorities non-SUM Users. for success or error AUTH_KEYs; G, E, Z; SALT; G, E; DRBG (#C1278); DRBG-EI; G, E, Z; DRBG V; G, E; DRBG Key; G, E; HMAC-SHA2-256 PSP_HMAC_KEY; E; (#A2596); TPER_SALT_KEK; E; AES-KW TPER_KEK E (#A2596) SK hynix Public Material

Page 21

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions Enable/Disable Configures users and PBKDF (#A2585); CO Password; CO W, E, Z; Status output to SUM ranges in SUM through TCG the host is returned User Password; E; Reactivate method. for success or error AUTH_KEYs; G, E, Z; SALT; G, E; DRBG (#C1278); DRBG-EI; G, E, Z; DRBG V; G, E; DRBG Key; G, E; HMAC-SHA2-256 PSP_HMAC_KEY; E; (#A2596); TPER_SALT_KEK; E; AES-KW TPER_KEK; G, E, Z; (#A2596) SUM_KEKs G, E, Z Locking Range For non-SUM ranges: Used DRBG (#C1278); DRBG-EI; CO G, E, Z; Status output to Configuration to modify a range starting the host is returned DRBG V; G, E; address, capacity and for success or error DRBG Key; G, E; attributes of non-SUM ranges. HMAC-SHA2-256 PSP_HMAC_KEY; E; For SUM Policy 1: Used to (#A2596); MEK_KEK; E; modify a SUM range AES-KW TPER_KEK; E; starting address, capacity (#A2596); SUM_KEKs; E; and attributes by Admins if MEKs G, E, Z allowed. For SUM Policy 0: Used to AES-XTS modify a SUM range (#A2596) starting address, capacity and attributes by SUM Users if allowed. SK hynix Public Material

Page 22

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions Lock/Unlock Controls read and write HMAC-SHA2-256 PSP_HMAC_KEY; CO, U E; Status output to range access to a range by either (#A2596); the host is returned TPER_KEK; E; locking or unlocking the AES-KW for success or error SUM_KEKs; E; LBA range. In Non-SUM, (#A2596); Admins and Users (if MEKs E, Z allowed by Admins) have access. In SUM, only Users AES-XTS have access. (#A2596) Set common Customizes the name of a HMAC-SHA2-256 PSP_HMAC_KEY CO, U E Status output to name TCG Authority. Admins and (#A2596) the host is returned Users (if allowed by for success or error Admins) have access. Data store Writes a stream of bytes to HMAC-SHA2-256 PSP_HMAC_KEY CO, U E Status output to table Set unstructured storage. (#A2596) the host is returned Admins and Users (if for success or error allowed by Admins) have access. SK hynix Public Material

Page 23

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions Crypto Erase of For Non-SUM Ranges: PBKDF (#A2585); User Password; CO, U E; Status output to a range Erases a range by the host is returned AUTH_KEYs; G, E, Z; destroying its existing MEK for success or error SALT; G, E; and generating a new one. This service is performed DRBG (#C1278); DRBG-EI; G, E, Z; via TCG GenKey method. DRBG V; G, E; By default, Admins have DRBG Key; G, E; access. If Admins allows, HMAC-SHA2-256 PSP_HMAC_KEY; E; Users also have access. (#A2596); MEK_KEK; E; For SUM Ranges via TCG AES-KW TPER_SALT_KEK; E; Erase method: Erases a (#A2596); range by destroying its TPER_KEK; E; existing MEK and SUM_KEKs; E; generating a new one. The MEKs G, E, Z range’s LBA range is unlocked, and the User PIN AES-XTS is reset to the NULL (#A2596) password. This service is performed via the TCG Erase method. For SUM Ranges via TCG GenKey method: Erases a range by destroying its existing MEK and generating a new one. This service is performed via the TCG GenKey method. SK hynix Public Material

Page 24

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions Zeroization Destruction of plaintext - DRBG-EI; M Z; Status output to keys and CSPs. This service DRBG V; Z; the host is returned decommissions the drive. for success or error DRBG Key; Z; HRK; Z; PSP_HMAC_KEY; Z; MEK_KEK; Z; TPER_SALT_KEK; Z; TPER_KEK; Z; SALT; Z; SUM_KEKs; Z; KS_HMAC_KEY; Z; MEKs Z SK hynix Public Material

Page 25

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions PSID Revert TCG Revert method using PBKDF (#A2585); CO Password; P E; Status output to PSID. This service returns AUTH_KEYs; G, E, Z; the host is returned the Module to its original for success or error SALT; G, E; factory state. The authentication data (PSID) MSID PIN; E; is printed on the label of DRBG (#C1278); DRBG-EI; G, E, Z; the Module. DRBG V; G, E; DRBG Key; G, E; HMAC-SHA2-256 PSP_HMAC_KEY; G, E, Z; (#A2596); HRK; E; AES-KW MEK_KEK; G, E, Z; (#A2596) TPER_SALT_KEK; G, E, Z; TPER_KEK; Z; SUM_KEKs; Z; MEKs G, Z SK hynix Public Material

Page 26

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions Power Cycle Powers the module off and DRBG (#C1278); DRBG V; A G, E, Z; Return code for (Self-Test) on again. This triggers success or error DRBG Key; G, E, Z;

  1. Power-On Self- HMAC-SHA2-256 PSP_HMAC_KEY; E; Tests of the (#A2596); Module. KS_HMAC_KEY; E;
  2. Unblock locked-out HRK; E; authorities that AES-KW MEK_KEK E; have exhausted (#A2596); TPER_SALT_KEK; E; their Try Limit. MEKs; E; Enable CO authority FW Public Key; E; (Admins SP SID) if it is AES-XTS previously blocked by Block Root Public Key E (#A2596); SID Authorization service. RSA-3072 SigVer (#A2597); SHA2-384 (#A2597); Hot reset Resets one of the ports of - - A the Module by performing a PCIe Hot Reset. Warm reset Resets the Module by HMAC-SHA2-256 PSP_HMAC_KEY A E performing an NVMe (#A2596) Subsystem Reset or PCIe Warm reset. SK hynix Public Material – May be reproduced only in its original entirety (without revision).
Page 27

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions Show Status This is a set of commands - - A - The Approved from the TCG and NVMe Mode indicator is a protocols to read Security subset of the NVMe Configuration. Specifically, Security Receive this includes NVMe Security command (TCG Send/Receive, Identify Level 0 Discovery) Controller commands, and the returned which can be used for word of the NVMe reading Approved mode Identify Controller (Initialized/Uninitialized), command (word at error messages, and other offset 4092, bit 0). status information. The Approved Mode indicator is a subset of the NVMe Security Receive command (TCG Level 0 Discovery) and the returned word of the NVMe Identify Controller command (word at offset 4092, bit 0). Read FIPS The Module’s FIPS 140 - - A - The indicator Compliance Compliance descriptor follows the SFSC (hardware and firmware specification using versions) can be retrieved TCG IF-RECV in the format specified by command with SFSC specification using Protocol Id 0 and TCG IF-RECV command ComID 2. with Protocol Id 0 and ComID 2. SK hynix Public Material

Page 28

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions Block SID Disables CO (Admin SP SID) - - A - Status output to Authorization authorization when the host is returned ownership of the drive is for success or error. not taken. TCG Authorizes an operator PBKDF (#A2585); CO Password; A W, E, Z; Status output to Authorization using TCG PIN through the host is returned User Password; W, E, Z; Start session or TCG for success or error. AUTH_KEYs; G, E, Z; Authentication method. SALT; G, E; PSID PIN; W, E; DRBG (#C1278); DRBG-EI; G, E, Z; DRBG V; G, E; DRBG Key; G, E; HMAC-SHA2-256 PSP_HMAC_KEY; E; (#A2596); TPER_SALT_KEK; E; AES-KW TPER_KEK; G, E; (#A2596) SUM_KEKs E Enable Authorizes the Zeroization DRBG (#C1278); DRBG-EI; A G, E, Z; Status output to Zeroization service for the Maker role. the host is returned DRBG V; G, E; Service for success or error. DRBG Key; G, E; RSA-2048 SigVer Maker Public Key E (#A2595); SHA2-256 (#A2596) SK hynix Public Material

Page 29

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions Get Random TCG Random method used DRBG (#C1278) DRBG-EI; A G, E, Z; Status output to Number to generate and output a the host is returned DRBG V; G, E; random number from the for success or error. DRBG Key G, E DRBG. Telemetry logs The Module allows the - - A - Status output to collection of debugging the host is returned information through NVMe for success or error. log pages. The purpose of the telemetry log data is to provide information required to debug firmware issues remotely. No sensitive information is included. Read/Write Reads/Writes user data. In AES-XTS MEKs A E Status output to User Data uninitialized mode, this (#A2596) the host is returned service is always successful. for success or error. In initialized mode, this service is only successful if the range is unlocked for read/write access via Lock/Unlock range service. SK hynix Public Material

Page 30

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions Firmware Loads a firmware image. All AES-KW HRK; CO E; Status output to Update firmware loaded into the (#A2596); the host is returned KS_HMAC_KEY; E; module is validated with HMAC-SHA2-256 for success or error. FW Public Key; E; RSA signature verification (#A2596); over the entire firmware Root Public Key E RSA-3072 SigVer image. (#A2595); SHA2-384 (#A2595) Format NVM / Wipes the data of a DRBG (#C1278); DRBG-EI; A G, E, Z; Status output to Namespace particular namespace by the host is returned DRBG V; G, E; Management generating new MEK. This for success or error. DRBG Key; G, E; service is only successful if the range is unlocked for HMAC-SHA2-256 PSP_HMAC_KEY; E; read/write access via (#A2596); MEK_KEK; E; Lock/Unlock range service. AES-KW TPER_KEK; E; (#A2596); SUM_KEKs; E; MEKs G, E, Z AES-XTS (#A2596) SK hynix Public Material

Page 31

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Approved SSPs Roles Access Indicator Service Description Security Rights Functions Sanitize Wipes the data of a DRBG (#C1278); DRBG-EI; A G, E, Z; Status output to particular namespace by DRBG V; G, E; the host is returned generating new MEK. This for success or error. DRBG Key; G, E; service is accessible only in Uninitialized mode. HMAC-SHA2-256 PSP_HMAC_KEY; E; (#A2596); MEK_KEK; E; AES-KW MEKs G, E, Z (#A2596); AES-XTS (#A2596) Configure Drive Enables or disables - - A - Status output to IEEE1667 protocol support. the host is returned for success or error. SK hynix Public Material

Page 32

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Software/Firmware Security The firmware components are protected by an RSA signature. The operator can initiate the integrity test on demand by power cycling or resetting the module. Operational Environment The Module has a limited operational environment under FIPS 140-3 definitions. The tested operational environments are listed in Table 2. The Module includes a firmware load service to support necessary updates. The Module will not load or execute firmware which is not signed with SK hynix 3072-bit RSA Private Key. Firmware versions validated through the FIPS 140-3 CMVP will be explicitly identified on a validation certificate. Any firmware not identified in this Security Policy does not constitute the Module defined by this Security Policy or covered by this validation. Please see the operator instructions provided in Section 11 for the initialization, uninitialization, and sanitation of the module. Physical Security Policy The Module meets commercial-grade specifications for power, temperature, reliability, and shock/vibrations. The Module uses standard passivation techniques and only asserts compliance with Level 1 physical security requirements. Non-Invasive Security The Module does not implement any mitigation method against non-invasive attack. Sensitive Security Parameter (SSP) Management CSPs and PSPs are defined in the tables below. The following legend is used to describe the generation, storage, input, output, and zeroization methods:

Page 33

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy

9.1 Sensitive Security Parameters

All SSPs used by the Module are described in this section. Table 13: SSPs SSP Strengt Security Gene Import Establi Sto Zeroizat Description / Usage h Functio ration /Expor shmen rag ion n/ Cert. t t e DRBG-EI 384 ENT (P) G2 N/A N/A S1 Z1, Z2 Deterministic Random Bit Generator

Page 34

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy SSP Strengt Security Gene Import Establi Sto Zeroizat Description / Usage h Functio ration /Expor shmen rag ion n/ Cert. t t e MEK_KEK, TPER_SALT_KEK, and KS_HMAC_KEY. PSP_HMAC_KE 256 HMAC G5 N/A N/A S3, Z1, Z2, Public Security Y Cert. S5 Z3 Parameter HMAC #A2596 Key Type: 256-bit Purpose: Key is used to check the integrity of the SALT and PSID PIN KS_HMAC_KEY 256 HMAC G5 N/A N/A S3, Z1, Z2, Key Storage HMAC Cert. S5 Z3 Key #A2596 Type: 256-bit Purpose: Key is used to check the integrity of the FW Public Key and Root Public Key MEK_KEK 256 AES-KW G5 N/A N/A S3, Z1, Z2, Type: AES 256 Cert. S5 Z3 Purpose: Key wraps #A2596 the MEKs when in the Uninitialized state TPER_SALT_KE 256 AES-KW G5 N/A N/A S3, Z1, Z2, Type: AES 256 K Cert. S5 Z3 Purpose: Key wraps #A2596 the SALT. TPER_KEK 256 AES-KW G5 N/A N/A S5, Z1, Z2, Type: AES 256 Cert. S6 Z3 Purpose: Key wraps #A2596 the MEKs for OPAL. SUM_KEKs 256 AES-KW G5 N/A N/A S5, Z1, Z2, Type: AES 256 Cert. S6 Z3 Purpose: It is the #A2596 key wrapping key used for MEKs for SUM. MEKs 256 AES-XTS G5 N/A N/A S5, Z1, Z2, Type: AES 256 Cert. S7 Z3 Purpose: MEK0 is #A2596 the Global Range Key. MEK1-8 keys are used for User data encryption in XTS mode. AUTH_KEYs N/A PBKDF G4 N/A N/A S1 Z1, Z3 Type: AES 256-bit (Non-SSP) Cert. key wrap key #A2595 derived from PBKDF using the CO or User password, which may be 0 length. Purpose: Key is used for TPER_KEK (OPAL) and SK hynix Public Material

Page 35

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy SSP Strengt Security Gene Import Establi Sto Zeroizat Description / Usage h Functio ration /Expor shmen rag ion n/ Cert. t t e SUM_KEK (SUM) obfuscation. CO Password N/A PBKDF N/A I1 N/A S1 Z1, Z3 Crypto Officer (Non-SSP) Cert. password #A2595 Type: Password Purpose: May be used for authorizing the CO role User N/A PBKDF N/A I1 N/A S1 Z1, Z3 User Password Passwords Cert. Type: Password (Non-SSP) #A2595 Purpose: May be used for authorizing User roles SALT (Non- 256 PBKDF G5 N/A N/A S5, Z1, Z2, 256-bit non-secret SSP) Cert. S8 Z3 salt used as input to #A2595 = PBKDF. A unique salt is associated with the derivation of each AUTH_KEY. PSID PIN (Non- N/A PBKDF G1 I1 N/A S5 Z1 32 byte PIN is used SSP) Cert. to access the TCG #A2595 Revert service. The PSID PIN is visibly printed on a production label on the Module. MSID PIN N/A PBKDF G1 I1, O1 N/A S5, Z1 32 byte default PIN (Non-SSP) Cert. S9 is used to authorize #A2595 the Initialize service. It can be displayed via the Show Status/Read Security Configuration service. FW Public Key 128 RSA G1 N/A N/A S4, N/A Type: 3072 bit RSA (Non-SSP) Cert. S5 Public Key #A2595, Purpose: Key is used #A2597 for RSA signature verification of the firmware image. Maker Public 112 RSA G1 N/A N/A S5, N/A. Type: 2048 bit RSA Key Cert. S9 Protect Public Key #A2595 ed by Purpose: Key is used (Non-SSP) RSA to access Zeroise Signatur service. e. Root Public 150 RSA G1 N/A N/A S4, N/A Type: 4096 bit RSA Key (Non-SSP) Cert. S5 Public Key #A2595, Purpose: Key is used #A2597 to validate the chain SK hynix Public Material

Page 36

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy SSP Strengt Security Gene Import Establi Sto Zeroizat Description / Usage h Functio ration /Expor shmen rag ion n/ Cert. t t e of trust for the FW Public Key. SK hynix Public Material

Page 37

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Table 14: Non-Deterministic Random Number Generation Specification Entropy Minimum Number of Bits of Details Source Entropy Min-entropy of 1 per 1-bit This ENT (P) has been evaluated according to the non-IID ENT (P) sample evaluation path of the [SP800-90B] standard. Self-Tests Each time the Module is powered up, tests are run to guarantee the proper functioning of the crypto algorithms. Power on self-tests are available on demand by power cycling or resetting the Module. The module zeroises all temporary values used as part of the pre-operational and conditional self-tests On power-on or reset, the Module performs self-tests as described in the tables below. All KATs must be completed successfully prior to any other use of cryptography by the Module. If one of the KATs fails during the ROM boot stage of the device, then the Module enters an internal error state. If the Module has exited ROM boot stage, the Module enters SELF_TEST_ERROR state which can be retrieved by NVMe Identify Controller command word at offset 4092, bit 0 will be 1. Power cycle is required to recover the Module from self-test failure. Table 15: Pre-Operational and Conditional Self-Tests performed at Power-On Test Target Description Failure Behavior Firmware Integrity RSA 3072 and SHA2-384 verification Enters INTERNAL_STATE_ERROR performed over all firmware located in state. NAND storage on the Atomos controller. SMBus bytes offset 243, bit 7 will be 1b. ENT (P) Performs ENT (P) startup test. Generates Enters SELF_TEST_ERROR state.

32 byte noise that will force RCT and APT

on 1536 bits. Table 16: Additional Conditional Self-Tests Failure Behavior Test Target Description AES-KW KAT: Decryption only Enters Decrypt Mode: KW INTERNAL_STATE_ERROR Key size: 256 bits state Cert.# A2596 AES-KW KATs: Both forward and inverse ciphers are tested Enters SELF_TEST_ERROR via encryption and decryption. state. Cert.# A2596 Modes: KW Key size: 256 bits Note: This test covers AES-ECB and AES-XTS as per IG 10.3.A SK hynix Public Material

Page 38

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Failure Behavior Test Target Description AES- KAT: Encryption only, exercises the SP800-90B Enters SELF_TEST_ERROR Conditioner conditioner. state. Cert.# A2272 Modes: ECB Key size: 256 bits AES XTS Key An IG C.I key comparison test is performed on Key1 Enters SELF_TEST_ERROR generation and Key2 for each generation. state. DRBG Performs a fixed input KAT inclusive of the SP 800- Enters SELF_TEST_ERROR 90Ar1 instantiate, generate, and reseed health tests. state. Cert.# C1278 Mode: CTR_DRBG DRBG SP800-90Ar1 Health Tests (Instantiate, Generate, Enters SELF_TEST_ERROR Reseed) state. Cert.# C1278 ENT (P) SP800-90B Health Tests (RCT and APT) Enters SELF_TEST_ERROR state. HMAC (SoC Performs HMAC generates and verify KATs using a Enters HW) 256-bit key and SHA2-256 INTERNAL_STATE_ERROR state. Cert.# A2596 Note: SHA2-256 is covered by HMAC KAT per IG Status output data via SMBus 10.3.B bytes offset 243, bit 7 will be 1b. PBKDF2 Performs KAT using a known password and HMAC- Enters SELF_TEST_ERROR SHA2-256 (Satisfies the HMAC KAT). state. Cert.# A2595 RSA (ROM) KAT: RSA PSS verify with 3072 bit key and SHA2-384 Enters (Cert. #A2597). INTERNAL_STATE_ERROR Cert.# A2597 state. Note: SHA2-384 KAT is included in this test. This test Status output data via SMBus is performed prior to the Firmware Integrity Test. bytes offset 243, bit 7 will be 1b RSA (FW) KAT: RSA PSS verify with 2048 bit key and SHA2-512 Enters SELF_TEST_ERROR (Cert. #A2595). state Cert.# A2595 Note: RSA 3072 and 4096 key sizes are covered by testing 2048 bit key. SHA2-512 KAT is included in this test. Firmware The Module performs a RSA 3072 signature The Module returns invalid Load Test verification on all firmware loaded into the Module. image for download commit command and the image is discarded. SK hynix Public Material

Page 39

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Life-Cycle Assurance The Module design corresponds to the Module Security rules. This section documents the Cryptographic Officer instructions that are necessary to implement in order to maintain compliance with FIPS 140-3 security requirements.

11.1 Cryptographic Officer Initialization

The Module is shipped from the factory in an Approved mode of operation (uninitialized state). The keys generated during manufacturing are used to encrypt/decrypt the user data. The shipping container protecting the Module or set of Modules in transit should be verified for evidence of tampering. The CO should initialize the Module by taking the following steps:

11.1.1 Verifying the Module is in an Approved Mode of Operation

To verify that a module is in the Approved mode of operation the operator will perform the Read FIPS Compliance by issuing TCG IF-RECV command with Protocol Id 0 and ComID 2. Refer [SFSC] spec. For example, the sample of data below is returned from the module: ----------------FIPS 140 compliance descriptor-----------------------COMPLIANCE DESCRIPTOR INFORMATION LENGTH -> 528 COMPLIANCE DESCRIPTOR DESCRIPTOR TYPE -> 1 COMPLIANCE DESCRIPTOR DESCRIPTOR LENGTH -> 520 COMPLIANCE DESCRIPTOR RELATED STANDARD -> 511 COMPLIANCE DESCRIPTOR OVERALL SECURITY LEVEL -> 492 COMPLIANCE DESCRIPTOR HARDWARE VERSION -> HFS1T9GEEWX132N COMPLIANCE DESCRIPTOR VERSION ->51082A30 COMPLIANCE DESCRIPTOR MODULE NAME -> SK hynix PE9110 E1.S and PE9010 M.2 22110D NVMe TCG Opal SSC SEDs ----------------------------------------------------------------------

11.1.2 Initialize the Module
  1. Take Ownership - Set Admin SP SID.
  2. Activate Opal with Single User Mode.
  3. Set WriteLockEnabled and ReadLockEnabled column of all valid Locking ranges.
  4. Power cycle the Module.
  5. Verify the module is in initialized mode by checking the • LockingEnabled bit of the TCG Level 0 Discovery Locking Feature Descriptor is set to 1. • WriteLockEnabled and ReadLockEnabled columns of all valid Locking ranges in the Locking Table are set to True.
11.2 Un-Initialize the Module

The Deactivate OPAL may be invoked by an authorized role to affect a transition into the uninitialized state of operation. The PSID Revert may be done by the PSID role to affect a

1 “51” is an ASCII data field that indicates “FIPS 140-3” per the Security Features for SCSI Commands, Revision 2, Section 5.1.5.3

2 “49” is an ASCII data field that indicates the FIPS 140 overall security level of “1” per the Security Features for SCSI Commands, Revision 2,

Section 5.1.5.3. SK hynix Public Material

Page 40

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy transition into the uninitialized state of operation. This is analogous to restoring the module to the factory default state.

11.3 Sanitization

The Zeroization service may be invoked to destroy all SSPs and render the module inoperable. Mitigation of Other Attacks Policy The Module does not support the mitigation of other attacks outside the scope of FIPS 140-3. SK hynix Public Material

Page 41

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy References and Definitions The following standards are referred to in this Security Policy Table 17: References Acronym Full Specification Name [FIPS140-3] Security Requirements for Cryptographic Modules, March 22, 2019 [ISO19790] International Standard, ISO/IEC 19790, Information technology

Page 42

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy Acronym Full Specification Name [TCG ADS] TCG Storage Opal SSC Feature Set: Additional Datastore Tables Specification, Version 1.00 Revision 1.00, 24 February 2012 [TCG SUM] TCG Storage Opal SSC Feature Set: Single User Mode Specification, Version 1.00 Revision 2.00, 5 August 2015 [TCG PSID] TCG Storage Opal SSC Feature Set: PSID, Version 1.00 Revision 1.00, 5 August 2015 [TCG Block SID] TCG Storage Feature Set: Block SID Authentication, Version 1.00 Final, Revision 1.00, 5 August 2015 [IEEE 1667] IEEE Std 1667-2018

Page 43

SK hynix PE9110 E1.S and PE9010 M.2 22110D FIPS 140-3 Security Policy XTS XEX Tweakable Block Cipher with Cipher text Stealing SK hynix Public Material