All modules
CMVP Validated Module · FIPS 140-3 Security Policy

Seagate Secure® Self-Encrypting Drive

Certificate#4930StandardFIPS 140-3Level2TypeHardwareEmbodimentMulti-Chip EmbeddedStatusActiveVendorSeagate Technology, LLC
Medium review priority  ·  no TCB surface named  ·  last validated 9 months ago. How this is derived →

Certificate

StandardFIPS 140-3
Overall level2
Module typeHardware
EmbodimentMulti-Chip Embedded
StatusActive
Sunset date12/19/2029
CaveatWhen operated in approved mode. When installed, initialized and configured as specified in Section 11.1 of the Security Policy. No operator authentication is enforced for executing security services that were unlocked by an authenticated service
VendorSeagate Technology, LLC

Approved Algorithms (17)

AlgorithmACVP Cert
AES-CBCA1095
AES-CMACA1081
AES-CMACA3515
AES-GCMA1080
AES-KWA1094
AES-XTSA1090
Counter DRBGA1082
HMAC-SHA2-256A1083
HMAC-SHA2-256A1091
KAS-FFC-SSC Sp800-56Ar3A1084
KDF TLSA1089
PBKDFA1085
RSA SigVer (FIPS186-4)A1093
Safe Primes Key GenerationA1087
SHA2-256A1088
SHA2-256A1092
SHA2-384A1088

Derived Review-Risk Graph (review prompts, not findings)

flowchart LR
  %% Deterministic review-risk graph for Seagate Secure® Self-Encrypting Drive
  %% Review prompts and evidence gaps, NOT vulnerability findings.
  subgraph CMVP["CMVP-disclosed clues"]
    C2["[low] Firmware update / recovery<br/>/ rollback (referenced in<br/>text)<br/><i>rollback<br/>Update</i>"]
    C3["[low] Self-test / status surface<br/>(referenced in text)<br/><i>Status output<br/>Unauthenticated<br/>Show Status</i>"]
    C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>HTTPS<br/>no library/version identified</i>"]
    C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>application</i>"]
  end
  subgraph Inference["Derived inference"]
    I2["Possible only, trusted<br/>code is reachable through<br/>update and recovery paths."]
    I3["Possible only, some<br/>services may process input<br/>before, or without,<br/>operator authentication."]
    I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
    I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
  end
  subgraph Risk["Reviewer question"]
    R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
    R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
    R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
    R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
  end
  subgraph Evidence["Evidence needed to close"]
    E2["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
    E3["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
    E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
    E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
  end
  C2 --> I2 --> R2 --> E2
  C3 --> I3 --> R3 --> E3
  C5 --> I5 --> R5 --> E5
  C6 --> I6 --> R6 --> E6
  classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
  classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
  classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
  classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
  class C2,C3,C5,C6 clue;
  class I2,I3,I5,I6 infer;
  class R2,R3,R5,R6 risk;
  class E2,E3,E5,E6 evidence;
Underlying clues
flowchart LR
  %% Deterministic clue tier for Seagate Secure® Self-Encrypting Drive
  %% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
  subgraph CMVP["CMVP-disclosed clues (deterministic)"]
    C2["[low] Firmware update / recovery / rollback (referenced in text)<br/><i>rollback<br/>Update</i><br/>src: text:keyword"]
    C3["[low] Self-test / status surface (referenced in text)<br/><i>Status output<br/>Unauthenticated<br/>Show Status</i><br/>src: text:keyword"]
    C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>HTTPS<br/>no library/version identified</i><br/>src: text:keyword"]
    C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>application</i><br/>src: text:keyword"]
  end
  classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
  classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
  classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
  class C2,C3,C5,C6 clueLow;

Security Policy, page by page

Page 1

Seagate SecureTM Self-Encrypting Drive Non-Proprietary FIPS 140-3 Module Security Policy Security Level 2 Revision 0.8 Seagate Technology, LLC This document may be reproduced and distributed in its original entirety without revision Page 1

Page 4
1 Introduction
1.1 Scope

This security policy applies to the FIPS 140-3 Cryptographic Module (CM) embedded in Seagate Secure® Self-Encrypting Drive products. This document meets the requirements of the FIPS 140-3 standard. It does not provide interface details needed to develop a compliant application. This document is non-proprietary and may be reproduced in its original entirety.

1.2 Overview

The Seagate Secure® Self-Encrypting Drive FIPS 140-3 Module is embodied in Seagate Exos™ Enterprise SED model devices. These products meet the performance requirements of the most demanding Enterprise applications. The Cryptographic Module (CM) provides a wide range of cryptographic services including:

1.3 General

ISO/IEC 24759:2017 Section 6 FIPS 140-3 Section Title Security Level [Number Below]

1 General 2

2 Cryptographic Module Specification 2

3 Cryptographic Module Interfaces 2

4 Roles, Services, and Authentication 2

5 Software / Firmware Security 2

6 Operational Environment N/A

7 Physical Security 2

8 Non-Invasive Security N/A

9 Sensitive Security Parameter Management 2

10 Self-Tests 2

11 Life-Cycle Assurance 2

12 Mitigation of Other Attacks N/A

Table 1-1: Security Levels The overall security level pursued for the CM (Cryptographic Module) is Security Level 2.

1.4 Terms and Acronyms

Term / Acronym Definition AES Advanced Encryption Standard (FIPS 197) CBC Cipher Block Chaining CKG Cryptographic Key Generation CM Cryptographic Module CMAC Cipher-based Message Authentication Code CO Crypto-Officer Page 4

Page 5

Term / Acronym Definition CSP Critical Security Parameter CSPSK Critical Security Parameter Sanitization Key DRBG Deterministic Random Bit Generator ECB Electronic Codebook Mode FW Firmware GCM Galois Counter Mode HDD Hard Disk Drive HMAC Hash-based Message Authentication Code IID Independent and Identically Distributed IV Initialization Vector KAT Known Answer Test KAS SSC FFC Key Agreement Schemes Shared Secret Computation Finite Field Cryptography KDF Key Derivation Function LBA Logical Block Address MEK Media Encryption Key MEKEK Media Encryption Key Encryption Key PCBA Printed Circuit Board Assembly PBKDF Password-Based Key Derivation Function POR Power-On Reset PSP Public Security Parameter PSK Pre-Shared Key (for TLS handshake) PSID Physical Security ID RSA Rivest-Shamir-Adleman public-key cryptosystem SAK Signing Authority Key SAS Serial Attached SCSI SATA Serial ATA (AT Attachment) SCSI Small Computer System Interface SED Self-Encrypting Drive SHA Secure Hash Algorithm SSC Security Subsystem Class SSP Sensitive Security Parameter TCG Trusted Computing Group XTS XEX-based tweaked-codebook mode with ciphertext stealing Table 1-2: Terms and Acronyms Page 5

Page 6
2 Cryptographic Module Specification
2.1 Cryptographic Module Information

The Cryptographic Module (CM) is defined as a hardware module. It is a multi-chip embedded physical embodiment contained in a full drive enclosure. No part of the enclosure is excluded from the security requirements. A photo of an example module is provided in Figure 1. The physical interface to the CM is a SATA or SAS connector. The data carried over the SATA and SAS connectors conform to the industry-standard SCSI, SATA, or TCG Enterprise SSC. The primary function of the module is to provide data encryption access control and cryptographic erase of the data stored on the drive media. The human operator of the drive interfaces with the CM through a “host” application on a host system. There is also an LED status indicator on the CM. The CM may operate in one of two mutually exclusive security modes:

Page 7

Figure 1: Seagate Self-Encrypting Drive Page 7

Page 8
2.2 Cryptographic Module Tested Configurations

Hardware [Part Number Firmware Model and Version] Version Distinguishing Features Exos X18 3.5” ST18000NM007J EP7U Self-Encrypting Drive SAS SAS HDD EF07 (Enterprise SSC) ST16000NM007J EP7U EF07 P705 PSFG FQD4 HPD5 ST14000NM007J EP7U EF07 ST12000NM007J EP7U EF07 P705 PJ07 FQD4 ST10000NM016G EP7U EF07 Exos 7E10 3.5” ST10000NM022B EF34 Self-Encrypting Drive SAS SAS HDD EF04 (Enterprise SSC) ST10000NM011B EF34 KF04 ST8000NM022B EF34 EF04 GCN6 LT0E FRD6 FCE7 FCL7 3P01 HPD5 ST8000NM011B EF34 KF04 L708 ST6000NM024B EF34 EF04 FCE7 FCL7 ST6000NM013B EF34 KF04 ST4000NM013B EF34 Page 8

Page 9

Hardware [Part Number Firmware Model and Version] Version Distinguishing Features NF04 FRB5 FKE8 FKL8 HPD6 ST4000NM029B EF34 EF04 3P01 ST4000NM017B EF34 KF04 L708 Exos 7E10 3.5” ST10000NM021B SZFP Self-Encrypting Drive SATA SATA HDD SF04 (Enterprise SSC) ST8000NM021B SZFP SF04 HPG4 ST6000NM023B SZFP SF04 ST4000NM012B SZFP TF04 HPG4 ST4000NM028B SZFP SF04 Table 2-1: Cryptographic Module Tested Configurations Select Hardware and Firmware Version combinations will output a different hardware version identification during the “Compliance Indicator Service” as detailed in the table below. There has been no change to the hardware itself. Hardware [Part Firmware Version Show Version Number and Output Version] ST8000NM022B 3P01 SCBP8000S5xeF7.2 ST4000NM029B 3P01 SCBP4000S5xeF7.2 ST8000NM022B HPD5 MB008000MYDUD ST4000NM013B HPD6 MB004000MYDUB ST8000NM021B HPG4 MB008000SYDUC ST4000NM012B HPG4 MB004000SYDUA ST16000NM007J HPD5 MB016000MYDKC ST12000NM007J PJ07 STEPSKF4CLAR12T0 Page 9

Page 10

Table 2-2: Hardware Substitute Configurations

2.3 Algorithms

This section describes the algorithms used by the CM. The Approved algorithms are described in section 2.3.1 and the Non-Approved Not Allowed algorithms are described in section 2.3.2. The CM does not implement any of the following categories of cryptographic algorithms:

2.3.1 Approved Algorithms

The Approved algorithms used by the CM are shown in Table 2-3: Approved Algorithms (HW) and Table 2-4: Approved Algorithms (FW). CAVP Algorithm & Mode / Method Description / Key Size(s) / Use / Function Cert Standard Key Strength(s) #A1082 Counter DRBG [SP AES-256 Prediction Resistance: Yes Random-bit generation 800-90A] Mode: AES-256 Derivation Function Enabled: Yes Additional Input: 0 bits, 256 bits Entropy Input: 256 bits Nonce: 128 bits Personalization String Length:

0 bits, 256 bits

Returned Bits: 256 bits #A1090 AES-XTS [SP 800-38E] XTS Key Size: 256 bits Encryption / decryption Key Strength: 256 bits #A1091 HMAC-SHA2-256 [FIPS SHA2-256 MAC: 256 bits Pseudo random function 198-1] Key Length: 8-512 bits, for PBKDF Increment 8 #A1092 SHA2-256 [FIPS 180-4] SHA2-256 Message Length: 0-65528 bits, Cryptographic hashing Increment 8 bits #A1093 RSA SigVer (FIPS186- PKCS 1.5 Signature Type: PKCS 1.5 Signature verification 4) [FIPS 186-4] Modulo: 2048, 3072 Key Strength: 112-bit, 128-bit Hash Algorithm: SHA2-256 (#A1092) Public Exponent Mode: Random #A3515 AES-CMAC [SP 800- CMAC Direction: Generation Conditioner for the raw 38B] Key Length: 256 bits entropy from the Ring Key Strength: 256 bits Oscillator entropy source MAC Length: 8-128 bits, Increment 8 bits Message Length: 128-512 bits Increment 128 bits N/A ENT (P) [SP 800-90B] Ring Oscillators N/A Used as a part of the Entropy Source DRBG N/A ENT (P) [SP 800-90B] PES Entropy N/A Used as a part of the Source DRBG Page 10

Page 11

Table 2-3: Approved Algorithms (HW) Page 11

Page 12

CAVP Algorithm & Standard Mode / Method Description / Key Size(s) / Key Use / Function Cert Strength(s) #A1080 AES-GCM [SP 800-38D]1 GCM Direction: Encrypt, Decrypt Key wrapping IV Generation: Internal (encryption / IV Generation Mode: 8.2.2 decryption) Key Length: 128 bits, 256 bits Tag Length: 128 bits IV Length: 96 bits Payload Length: 128 bits, 256 bits AAD Length: 0 bits, 256 bits #A1081 AES-CMAC [SP 800-38B] CMAC Direction: Generation, Conditioner for the Verification raw entropy Key Length: 128 bits, 256 bits MAC Length: 128 bits Message Length: 0-65536 bits Increment 8 bits #A1083 HMAC-SHA2-256 [FIPS SHA2-256 MAC: 256 bits Key derivation for 198-1] Key Length: 8-512 bits Increment Secure Messaging

8 bits

#A1084 KAS-FFC-SSC Sp800- dhEphem Domain Parameter Generation Key Agreement for 56Ar3 [SP 800-56A rev3] Methods: ffdhe2048 Secure Messaging Key Strength: 112 bits Scheme: dhEphem: KAS Role: initiator, responder #A1084 KAS [SP 800-56A rev3] SP 800-56A Key Size: 2048 bits Key Agreement and (KAS- rev3. KAS-FFC Key Strength: 112 bits Derivation for Secure FFC- per IG D.F Messaging SSC Scenario 2 path Cert.), (2) #A1089 (KDF TLS Cert) #A1085 PBKDF [SP 800-132 rev1] Option 2a2 Iteration Count: 1-10000000, Key derivation3 Increment 1 HMAC Algorithm: HMAC-SHA2-

256 (#A1091)

Password Length: 8-64 bytes Increment 1 Salt Length: 128-512 bits, Increment 8 bits Key Data Length: 112-4096 bits Increment 8 bits #A1087 Safe Primes Key ffdhe2048 Safe Prime Groups: ffdhe2048 Key Generation for Generation [SP 800-56A Key Strength: 112 bits dhEphem rev3] #A1088 SHA2-256 [FIPS 180-4] SHA2-256 Message Length: 0-65528 bits Cryptographic Increment 8 bits hashing SHA2-384 [FIPS 180-4] SHA2-384 Message Length: 0-65528 bits Cryptographic Increment 8 bits hashing

1 The 96-bit IV used for AES GCM is generated by the module randomly by the DRBG.

2 The value of the Iteration Count used is 1000 which meets the requirements in [SP 800-132 rev1] and

3 All keys derived used PBKDF are only used for storage applications.
Page 13

#A1089 KDF TLS (CVL) [SP 800- TLS v1.2 TLS Version: v1.2 Key derivation for

135 rev1] Hash Algorithm: SHA2-256 Secure Messaging.

(#A1088), SHA2-384 (#A1088) No parts of the TLS protocol, other than the approved cryptographic algorithms and TLS KDF, have been tested by the CAVP and CMVP. #A1094 AES-KW [SP 800-38F] KW Direction: Decrypt, Encrypt Key wrapping Cipher: Cipher Key Length: 256 bits Key Strength: 256bits Payload Length: 128 bits, 192 bits, 256 bits, 320 bits, 4096 bits #A1095 AES-CBC [SP 800-38A] CBC Key Length: 128 bits, 256 bits Encryption / Key Strength: 128bits, 256 bits decryption Vendor CKG [SP 800-133 rev2] Sections 4, 5.2 Cryptographic Key Generation; Key Generation Affirmed and 6.1 SP 800-133 rev2 and IG D.H Note: Symmetric keys and seeds used for asymmetric key pairs are produced using the unmodified/direct output of the DRBG. Table 2-4: Approved Algorithms (FW)

2.3.2 Non-Approved, Not Allowed Algorithms

The Non-Approved, Not Allowed algorithms used by the CM are shown in Table 2-5: Non-Approved Algorithms Not Allowed in the Approved Mode of Operation. Algorithm / Function Use / Function AES-CMAC (non-compliant) Message authentication AES-GCM (non-compliant) Key wrapping (encryption / decryption) AES-KW (non-compliant) Key wrapping (encryption / decryption) AES-XTS (non-compliant) Encryption / decryption PBKDF (non-compliant) Password-based key derivation RSA SigGen (non-compliant) Signature generation Table 2-5: Non-Approved Algorithms Not Allowed in the Approved Mode of Operation Page 13

Page 14
2.4 Cryptographic Boundary

The cryptographic boundary is the enclosure of the drive. The only accessible interfaces to the CM are the SAS/SATA interface and the Power connector. A block diagram of the CM is provided in Figure 2. Figure 2: Hardware Block Diagram

2.5 Keys, Authentication, and Other Protected Information

Keys and Protected Information are listed in Section 9 of this document. Authentication is listed in Section 4 of this document.

2.6 Degraded Mode of Operation

The CM does not support a degraded mode of operation.

2.7 Requirements from International Standards

The CM follows many standards including:

Page 15
3 Cryptographic Module Interfaces

Physical Port Logical Interface Data that Passes Over Port / Interface SAS Connector

Page 16
4 Roles, Services, and Authentication

This section describes the roles, services, and authentications supported by the CM. Some services in this section are identified as aligning with the “lock-based authentication model”. The “lock-based authentication model” is described in IG 4.1.A. The primary purpose of the CM is data-atrest protection for User Data and the “lock-based authentication model” is sufficient to meet this use case. Assuming the CM has been correctly initialized (see section 11.1), when the CM is powered cycled, the CM will be in a locked state and will require authentication and unlocking prior to the Approved service being available.

4.1 Roles, Service Command, Input and Output – TCG Security Mode

Role Service Input Output Drive Owner (Crypto Officer) Set PIN TCG Set Method TCG Return Set FW Ports TCG Set Method Status Set TLS PSK TCG Set Method Create TLS TCG StartTLS Method Session Send/Receive TLS IF-Send/IF-Receive Interface Return Message Status FW Download4 Interface FW Download Command EraseMaster (Crypto Officer) Set PIN TCG Set Method TCG Return Cryptographic TCG Erase Method Status Erase Certified Erase TCG Erase Method Enable/Disable TCG Set Method BandMasters Set TLS PSK TCG Set Method Create TLS TCG StartTLS Method Session Send/Receive TLS IF-Send/IF-Receive Interface Return Message Status BandMaster (0-31) (Crypto Set PIN TCG Set Method TCG Return Officer) Set Range TCG Set Method Status Attributes Lock / Unlock User TCG Set Method Data for Read and/or Write Set TLS PSK TCG Set Method Create TLS TCG StartTLS Method Session User Data Read / Interface Read / Write Interface Return Write (Locking Command Status Enabled)5 Send/Receive TLS IF-Send/IF-Receive Message Unauthenticated Show Status TCG Level 0 Discovery, TCG Get Method

4 No operator authentication is enforced for the FW Download service that was unlocked by the

Set FW Ports service. If the new FW violates device FW rollback policy both the FW Download and Rollback FW Download ports must be unlocked. This service aligns with the “lock-based authentication model” (see section 4).

5 No operator authentication is enforced for the User Data Read / Write service that was unlocked

by the Lock / Unlock User Data for Read and/or Write service. This service aligns with the “lockbased authentication model” (see section 4). Page 16

Page 17

Role Service Input Output Reset Module POR TCG Return Unblock PIN POR Status DRBG Generate TCG Random Method Bytes Exit FIPS Mode TCG RevertSP Method Compliance TCG Level 0 Discovery Indicator Table 4-1: Roles, Service Commands, Input and Output

4.2 Roles, Service Command, Input and Output

supported) Role Service Input Output Drive Owner (Crypto Officer) Set PIN/Password TCG Set Method TCG Return Set FW Ports TCG Set Method Status FW Download6 Interface FW Download Interface Return Command Status Master, User (Crypto Officer) Set PIN/Password ATA Security Set Interface Return Password Status Lock / Unlock User ATA Authenticate Data for Read and/or Write Cryptographic ATA Erase Erase User Data Read / Interface Read / Write Write7 Command Unauthenticated Show Status TCG Level 0 Discovery TCG Return Reset Module POR Status Unblock PIN POR Disable Services ATA Freeze Lock Exit FIPS Mode TCG RevertSP Method Compliance TCG Level 0 Discovery Indicator Table 4-2: Roles, Service Commands, Input and Output - ATA Security Mode

4.3 Roles and Authentication – TCG Security Mode

Role Authentication Method Authentication Strength Drive Owner (Crypto Officer) Role-based authentication. Min PIN length is 8 bytes (64 bits) Memorized Secret and each failed authentication takes Authenticator type from SP a minimum of 15ms which calculates 800-63B. into a probability to guess the PIN in one minute to 4000/264 EraseMaster (TCG Security Role-based authentication. Min PIN length is 8 bytes (64 bits), Mode) (Crypto Officer) Memorized Secret and each failed authentication takes Authenticator type from SP a minimum of 15ms which calculates 800-63B. into a probability to guess the PIN in one minute to 4000/264

6 No operator authentication is enforced for the FW Download service that was unlocked by the

Set FW Ports service. If the new FW violates device FW rollback policy both the FW Download and Rollback FW Download ports must be unlocked. This service aligns with the “lock-based authentication model” (see section 4).

7 No operator authentication is enforced for the User Data Read / Write (Locking Enabled) service

that was unlocked by the Lock / Unlock User Data for Read and/or Write service. This service aligns with the “lock-based authentication model” (see section 4). Page 17

Page 18

Role Authentication Method Authentication Strength BandMaster (0-31) (TCG Role-based authentication. Min PIN length is 8 bytes (64 bits), Security Mode) (Crypto Officer) Memorized Secret and each failed authentication takes Authenticator type from SP a minimum of 15ms which calculates 800-63B. into a probability to guess the PIN in one minute to 4000/264 Table 4-3: Roles and Authentication - TCG Security Mode

4.4 Roles and Authentication

Role Authentication Method Authentication Strength Drive Owner (Crypto Officer) Role-based authentication. Min PIN length is 32 bytes (256 Memorized Secret bits), and each failed authentication Authenticator type from SP takes a minimum of 15ms which 800-63B. calculates into a probability to guess the PIN in one minute to 4000/2256 User (ATA Security Mode) Role-based authentication. Min PIN length is 32 bytes (256 (Crypto Officer) Memorized Secret bits), and each failed authentication Authenticator type from SP takes a minimum of 15ms which 800-63B. calculates into a probability to guess the PIN in one minute to 4000/2256 Master (ATA Security Mode Role-based authentication. Min PIN length is 32 bytes (256 (Crypto Officer) Memorized Secret bits), and each failed authentication Authenticator type from SP takes a minimum of 15ms which 800-63B. calculates into a probability to guess the PIN in one minute to 4000/2256 Table 4-4: Roles and Authentication - ATA Security Mode

4.5 Approved Services, SSPs, Roles, and Access Rights

If the CM is operating in TCG Security Mode, the Approved services provided by the CM are described in section 4.5.1. If the CM is operating in ATA Security Mode, the Approved services provided by the CM are described in 4.5.2.

4.5.1 Approved Services – TCG Security Mode

Service Description Approved Keys Roles Access Indicator Security and/or rights Functions SSPs to Keys and/or SSPs8 Set PIN Change PBKDF EraseMaster EraseMaster, W TCG Return operator (#A1085), AES- Password, BandMaster, Status authentication GCM (#A1080), BandMaster Drive Owner data HMAC-SHA2-256 Password, (#A1091), SHA2- SID

256 (#A1092)
8 Definitions for Roles SSP Access column values:
Page 19

Service Description Approved Keys Roles Access Indicator Security and/or rights Functions SSPs to Keys and/or SSPs8 FW Download Load complete RSA SigVer Firmware Drive Owner9 E ATA/SCSI FW image. If (#A1093, 3072- Update Key, Status code self-test bit), SHA2-256 Platform passes with a (#A1092) Key, SAK valid key, device runs new code. Enable / Enable / PBKDF BandMaster EraseMaster E TCG Return Disable disable a user (#A1085), Password Status BandMasters authority HMAC-SHA2-256 (#A1091), SHA2-

256 (#A1092)

Set FW Ports Set None None Drive Owner E TCG Return PortLocked Status and LockOnReset attributes on the FW Download port or Rollback FW Download port Set Range Set location, None None BandMasters None TCG Return Attributes size, and Status locking attributes of an LBA range Lock / Unlock Block or allow AES-KW MEK, BandMasters E TCG Return User Data read (decrypt) (#A1094) MEKEK, Status Range for or write CSPSK Read and/or (encrypt) of Write user data in a range User Data Encrypt / AES-XTS MEK BandMasters11 E ATA/SCSI Read / Write decrypt user (#A1090) Status (Locking data from an Enabled) LBA range where Locking is enabled10 Cryptographic Erase user None MEKEK, EraseMaster Z TCG Return Erase data in LBA MEK, Status range and Master Key, place the CSPSK, range in the Bandmaster uninitialized Password state.

9 FW download port must be unlocked.

10 Locking is enabled for an LBA range if the ReadLockEnabled and WriteLockEnabled values are set to

“True” and the LockOnReset value includes “Power Cycle”. The current values of these attributes can be determined using the Show Status Approved Service (i.e., the TCG Get Method on the associated LBA range locking object).

11 User Data range must be unlocked.
Page 20

Service Description Approved Keys Roles Access Indicator Security and/or rights Functions SSPs to Keys and/or SSPs8 FW Rollback Prevents None None Drive Owner None ATA/SCSI downgrading Status FW to a release that violates the device FW rollback policy Create TLS Support host- Safe Primes Key Secure Drive Owner, E TCG Return Session initiated TLS Generation (# Messaging EraseMaster, Status Session A1087), KAS Session BandMaster (#A1084), KDF Key, Secure TLS (#A1089), Messaging HMAC-SHA2-256 Key Pair, (#A1083) Bandmaster PSKs, EraseMaster PSK, Drive Owner PSK Set TLS PSK Set Pre- None BandMaster Drive Owner, W TCG Return Shared key PSKs, EraseMaster, Status used for TLS EraseMaster BandMaster PSK, Drive Owner PSK Send/Receive Send or AES-CBC Secure Drive Owner, E ATA/SCSI TLS Message receive a TLS (#A1095), AES- Messaging EraseMaster, Status message GCM (#A1080), Session BandMaster SHA2-256 Key, Secure (#A1088), SHA2- Messaging 384, (#A1088) Key Pair Certified Erase user None MEKEK, EraseMaster Z TCG Return Erase data in LBA MEK, Status range and Master Key, place the CSPSK, range in the Bandmaster uninitialized Password state. Show Status Provides None None None None TCG Return information on Status, the current ATA/SCSI configuration Status of the CM and reports whether FIPS service is operational and operating in a Compliant state. Page 20

Page 21

Service Description Approved Keys Roles Access Indicator Security and/or rights Functions SSPs to Keys and/or SSPs8 Reset Module Runs Pre- RSA SigVer SID, None Z N/A Operational (#A1093, 3072- EraseMaster Self- Tests bit), SHA2-256 Password, and zeroizes (#A1092) BandMaster keys and Password CSPs in RAM and complete the Secure Boot process by validating the FW on the drive. Unblock PIN Resets None None None None N/A password attempt counters DRBG Returns Counter DRBG None None None TCG Return Generate SP800-90A (#A1082), AES- Status Bytes rev1 DRBG CMAC (#A1081) random AES-CMAC number (#A3515), ENT (P) Exit FIPS Exit a None SID None (using Z TCG Return Mode Compliant Password, PSID) Status state12 EraseMaster Password, BandMaster Password, MEKs, MEKEKs, Master Keys, CSPSKs, EraseMaster PSK, BandMaster PSKs, Drive Owner PSK Compliance Reports FIPS None None None None TCG Return Indicator 140 revision, Status overall security level, HW and FW revisions, and module name

12 CM will enter Uninitialized State.
Page 22

Table 4-5: Approved Services - TCG Security Mode

4.5.2 Approved Services – ATA Security Mode (if ATA Security supported)

Service Description Approved Keys Roles Access Indicator Security and/or rights to Functions SSPs Keys and/or SSPs13 Set Change operator PBKDF Master, Master, W TCG Return PIN/Password authentication data. (#A1085), AES- User User, Drive Status, ATA Note: Setting the GCM (#A1080), Passwords Owner Status User PIN may also HMAC-SHA2set the Drive Owner 256 (#A1091), PIN SHA2-256 (#A1092) FW Download Enable / disable FW RSA SigVer Firmware Drive E TCG Return download port and (#A1093, 3072- Update Owner14 Status, ATA load complete FW bit), SHA2-256 Key, Status image. If code self- (#A1092) Platform test passes with a Key, SAK valid key, device runs new code FW Rollback Prevents None None Drive None ATA Status downgrading FW to Owner a release that violates the device FW rollback policy Lock / Unlock Enable user data AES-KW MEK User E ATA Status User Data read/write and Set (#A1094) (optional, Range for Read PIN services Master) and/or Write User Data Encryption / AES-XTS MEK User E ATA Status Read / Write decryption of user (#A1090) (optional, data Master)15 Cryptographic Erase user data on None MEKEK, Master, Z ATA Status Erase CM and place the MEK, User CM in the Master uninitialized state. Keys, CSPSK, User Password Unblock PIN Reset Master and None None None None N/A User password attempt counter Set FW Ports Set PortLocked and None None Drive E TCG Return LockOnReset Owner Status attributes on the FW Download port or Rollback FW Download port

13 Definitions for Roles SSP Access column values:
14 FW download port must be unlocked.
15 User Data must be unlocked.
Page 23

Service Description Approved Keys Roles Access Indicator Security and/or rights to Functions SSPs Keys and/or SSPs13 Show Status Provides None None None None ATA Status information on the / TCG current Return configuration of the Status CM and reports whether FIPS service is operational and operating in a Compliant state. Reset Module Runs Pre- RSA SigVer Master None Z N/A Operational Self- (#A1093, 3072- Password, Tests and zeroizes bit), SHA2-256 User keys and CSPs in (#A1092) Password RAM and complete the Secure Boot process by validating the FW on the drive. Disable Disables ATA None None None None ATA Status Services Security commands until POR Exit FIPS Mode Exit a Compliant None Master None Z TCG Return state16 Password, (using Status User PSID) Password, MEK, MEKEK, Master Keys, CSPSK Compliance Reports FIPS 140 None None None None TCG Return Indicator revision, overall Status security level, HW and FW revisions, and module name Table 4-6: Approved Services

16 CM will enter Uninitialized State.
Page 24
4.6 Non-Approved Services

The Non-Approved services provided by the CM are described in Table 4-7. Service Description Algorithms Roles Indicator Accessed User Data Read / Encrypt / decrypt user data AES-XTS (non- None ATA/SCSI Status Write (Locking from an LBA range where compliant) Disabled) Locking is disabled17 Cryptographic Erase Generates new range key Counter DRBG EraseMaster ATA/SCSI Status following sanitization of the (#A1082)18, electronic media. AES-CMAC (noncompliant), AESKW (noncompliant), AESGCM (noncompliant), PBKDF (non-compliant) Certified Erase Generates new range key Counter DRBG EraseMaster ATA/SCSI Status and provides certificate of (#A1082)18 media disposition for each AES-CMAC (nonpiece of the electronic media compliant), AESfollowing sanitization. KW (noncompliant), AESGCM (noncompliant), PBKDF (non-compliant), RSA SigGen (noncompliant) Table 4-7 Non-Approved Services

17 Locking is disabled for an LBA range if the ReadLockEnabled or WriteLockEnabled values are

set to “False”, or the LockOnReset value does not include “Power Cycle”. The current values of these attributes can be determined using the Show Status Approved Service (i.e., the TCG Get Method on the associated LBA range locking object),

18 Allowed per FIPS 140-3 IG 4.1.A, Exception b.
Page 25
5 Software / Firmware Security

During the power-on boot process, the CM will verify the authenticity and integrity of the CM firmware using RSA Signature Verification (certificate #A1093 ) with the following parameters:

Page 26
6 Operational Environment

The CM operates in a limited operational environment where the CM firmware (FW) may be updated by an external source via the FW download operation. Prior to accepting new FW provided by the FW download operation, the CM will verify the signature of the new FW (see section 10.2). Note: The ability to download FW to the device is restricted based on the state of the FW Download and Rollback Download logical ports (see section 4.5). All FW downloads require the FW Download port to be unlocked. Rollback FW downloads (i.e., downgrading FW to a release that violates the device FW rollback policy) require both the FW Download and Rollback FW Download ports to be unlocked, Page 26

Page 27
7 Physical Security

The CM is a multi-chip embedded module of product grade components with standard passivation. The CM is surrounded in a metal enclosure that is opaque within the visible spectrum. To meet the level 2 physical security requirements, the CM employs a single factory installed tamper-evident labels to prevent physical tampering. Refer to Table 7-1 for actions required by the operator to ensure that physical security is maintained. Figure 3: Module 1 Seal Application Locations Physical Security Mechanism Recommended Inspection / Test Guidance Details Frequency of Inspection / Test Opaque, tamper-evident The frequency of Periodic inspection of TEL to detect security label (TEL) on exposed the physical evidence of tampering: (back) side of PCBA inspection should

Page 28

Table 7-1: Physical Security Inspection Guidelines Page 28

Page 29
8 Non-Invasive Security

The CM does not provide mitigation against any non-invasive attacks. Page 29

Page 30
9 Sensitive Security Parameter Management
9.1 SSP Storage Areas

The storage areas on the CM where SSPs may be present are described in Table 9-1. Table 9-1: SSP Storage Areas Name Description Persistence Type DRAM Temporary, volatile memory Dynamic HW Registers Temporary, volatile memory Dynamic ROM Persistent, non-modifiable, non-volatile memory Static Media Persistent, non-volatile memory Static Serial Flash Persistent, non-volatile memory Static Page 30

Page 31
9.2 SSPs

The SSPs (Sensitive Security Parameters) used by the device are different depending on which security mode the CM is operating. The SSPs used by the CM are described in Table 9-2. Key / SSP Name / Strength Security Generation Import / Establishment Storage Zeroization Use & Related Keys Type Function & Export Cert. Number SID19 / CSP 256 bits PBKDF N/A Import: sent N/A DRAM, Reset Module, Set Set PIN (#A1085) from host plaintext PIN Master, User 256 bits PBKDF N/A Import: sent N/A DRAM, Reset Module, Set Set PIN Passwords (ATA (#A1085) from host plaintext PIN Unlock user data Security Mode only) / CSP Master/User MEK 256 bits AES-XTS Internally N/A N/A HW Exit FIPS Mode, Unlock user data (ATA Security Mode (#A1090), generated Registers, Cryptographic Cryptographic erase only) / CSP CKG plaintext Erase Encrypted by MEKEKs Media, and CSPSKs AES-KW encrypted EraseMaster 64-256 bits PBKDF N/A Import: sent N/A DRAM, Reset Module Set PIN Password (TCG (#A1085) from host plaintext Cryptographic erase Security Mode) / CSP BandMaster (0-31) 64-256 bits PBKDF N/A Import: sent N/A DRAM, Reset Module, Set Set PIN Passwords (TCG (#A1085) from host plaintext PIN, Lock / unlock user data Security Mode) / Cryptographic CSP Erase MEKs / CSP 256 bits AES-XTS Internally N/A N/A HW Exit FIPS Mode, Lock / Unlock User Data (#A1090), generated Registers, Cryptographic Range for Read and/or CKG plaintext Erase Write Media, Encrypted by MEKEKs AES-KW and CSPSKs encrypted Entropy Input String 448 bits Counter Internally N/A N/A DRAM, N/A Services using DRBG / CSP DRBG generated plaintext (cryptographic erase) (#A1082)

19 Drive Owner PIN
Page 32

Key / SSP Name / Strength Security Generation Import / Establishment Storage Zeroization Use & Related Keys Type Function & Export Cert. Number DRBG Seed / CSP 384 bits Counter Internally N/A N/A HW N/A Services using DRBG DRBG generated Registers, (cryptographic erase, Set (#A1082) plaintext PIN) DRBG Key / CSP 256 bits Counter Internally N/A N/A HW N/A Services using DRBG DRBG generated20 Registers, (cryptographic erase, Set (#A1082) plaintext PIN) DRBG Internal State 128 bits Counter Internally N/A N/A HW N/A Services using DRBG V / CSP DRBG generated20 Registers, (cryptographic erase, Set (#A1082) plaintext PIN) Platform Key21 / 3072 bits / RSA SigVer Pre-loaded N/A N/A ROM, N/A Reset module PSP 128 bits (#A1093) at factory plaintext (strength) Firmware Update 3072 bits / RSA SigVer Pre-loaded N/A N/A ROM, N/A FW download Key / PSP 128 bits (#A1093) at factory plaintext (strength) SAK22 / PSP 3072 bits / RSA SigVer Pre-loaded Import: N/Al Serial N/A Reset module

128 bits (#A1093) at factory Embedded Flash,

(strength) in Firmware plaintext Download Image MEKEK / CSP 256 bits AES-KW Internally N/A N/A DRAM, Exit FIPS Mode Lock / Unlock User Data (#A1094), generated plaintext Range for Read and/or CKG Write Cryptographic erase Media, Set PIN AES-GCM encrypted Encrypted by Master Keys Master Key / CSP 256 bits AES-GCM Derived N/A N/A DRAM, Exit FIPS Mode Lock / Unlock User Data (#A1080), plaintext Range for Read and/or PBKDF Write Cryptographic erase (#A1085) Set PIN

20 Source: section 4 Terms and Definitions of NIST Special Publication 800-90A. Values of V and the AES key are the critical values of the

internal state on which the security of this DRBG mechanism depends (i.e., V and the AES key are the “secret values” of the internal state).

21 PK is used for pre-operational FW integrity test and is not an SSP but included in this table for completeness.

22 SAK is used for pre-operational FW integrity test and are not SSPs but included in this table for completeness.

Page 33

Key / SSP Name / Strength Security Generation Import / Establishment Storage Zeroization Use & Related Keys Type Function & Export Cert. Number CSPSKs / CSP 256 bits AES-KW Internally N/A N/A DRAM, Exit FIPS Mode Lock / Unlock User Data (#A1094), generated plaintext Range for Read and/or CKG Write Cryptographic erase Media, Set PIN plain text Drive Owner PSKs / 32-512 bits KAS-FFC- N/A Import: sent N/A DRAM, Exit FIPS Mode Set TLS PSK CSP SSC Sp800- from host plaintext 56Ar3 (#A1084) Media, plaintext EraseMaster PSK 32-512 bits KAS-FFC- N/A Import: sent N/A DRAM, Exit FIPS Mode Set TLS PSK (TCG Security SSC Sp800- from host plaintext Mode) / CSP 56Ar3 (#A1084) Media, plaintext BandMaster PSKs 32-512 bits KAS-FFC- N/A Import: sent N/A DRAM, Exit FIPS Mode Set TLS PSK (TCG Security SSC Sp800- from host plaintext Mode) / CSP 56Ar3 (#A1084) Media, plaintext Secure Messaging 128-256 bits AES-GCM Derived N/A N/A DRAM, Reset Module Send/Receive TLS Session Key / CSP (#A1080). plaintext Message KDF TLS (#A1089) Secure Messaging 2048 bits / KAS-FFC- Internally N/A N/A DRAM, N/A Send/Receive TLS Key Pair / CSP 112 bits SSC Sp800- generated plaintext Message (strength) & 56Ar3

256 bits (#A1084)

Safe Primes Key Generation (#A1087) CKG KDF TLS (#A1089) Table 9-2: SSPs Page 33

Page 34
9.3 Entropy Sources

The Entropy sub-system uses a Non-Deterministic Random Bit Generator (NRBG) to generate random data. The NRBG is supplied with conditioned entropy via two Entropy sources. Each conditioned output of an entropy source is a 128-bit full entropy output. The NRBG used by the device is the XOR-NRBG construction described in SP 800-90C and the DRBG construction is based on SP 800-90A rev 1. The DRBG seed used for instantiation is constructed by concatenating the following values:

9.4 Zeroization Methods

The method used by the CM to zeroize SSPs is different depending on where the SSP is stored:

23 The combined entropy is calculated using Method 2 as described in IG D.O Combining Entropy from

Page 35

24 As indicated in Table 9-2 some keys are stored encrypted on the CM using an approved algorithm.

Per IG 9.6.A, they are considered “protected” thus not requiring zeroization when unprotected SSPs are zeroized. Page 35

Page 36
10 Self-Tests

The sections below list all self-tests performed by the module, along with the failure behavior when any of the self-tests fail. While in an error state, the module outputs an error indicator, disables cryptographic operations and the data output interface is inhibited. All pre-operational and conditional self-tests can be executed on-demand by power-cycling the module.

10.1 Pre-Operational Self-Tests

Function Self-Test Type Implementation Failure Behavior Tested Firmware Integrity Test25 RSA PKCS#1 3072/SHA-256 Enters FW Integrity Error State. Integrity signature verification on signed FW stored on the CM (#A1093 and #A1092)26. The keys used are the Platform Key and one of the SAKs (see section 9.2). Table 10-1: Pre-Operational Self-Tests

10.2 Conditional Self-Tests

Function Self-Test Type Implementation Failure Behavior Tested Hardware Self-Tests AES-XTS Cryptographic XTS encrypt KAT / 256-bit key Enters FIPS Self-Test Error State (#A1090) Algorithm Self-Test AES-XTS Cryptographic XTS decrypt KAT / 256-bit key Enters FIPS Self-Test Error State (#A1090) Algorithm Self-Test AES-XTS Critical Functions Generated XTS Key_1 and Keys are discarded (#A1090) Test: When an AES Key_2 are compared, as per IG XTS Key is C.I, before being used. generated SHA2-256 Cryptographic Digest KAT Enters FIPS Self-Test Error State (#A1092) Algorithm Self-Test HMAC-SHA2- Cryptographic HMAC SHA-256 KAT / 256-bit Enters FIPS Self-Test Error State

256 (#A1091) Algorithm Self-Test key

RSA SigVer Cryptographic Signature Verification KAT / Enters FIPS Self-Test Error State (#A1093) Algorithm Self-Test 3072-bit key AES-CMAC Cryptographic CMAC KAT / 256-bit bit key Enters FIPS Self-Test Error State (#A3515) Algorithm Self-Test Counter Cryptographic KAT Enters FIPS Self-Test Error State DRBG Algorithm Self-Test (#A1082) Counter Critical Functions Instantiate, generate, reseed and Enters FIPS Self-Test Error State DRBG Test: When a un-instantiate health tests as per (#A1082) random number is section 11.3 of SP 800-90A generated Firmware Self-Tests AES-CBC Cryptographic CBC encrypt KAT / 256 bit key Enters FIPS Self-Test Error State (#A1095) Algorithm Self-Test AES-CBC Cryptographic CBC decrypt KAT / 256-bit key Enters FIPS Self-Test Error State (#A1095) Algorithm Self-Test AES-GCM Cryptographic GCM encrypt KAT / 256-bit key Enters FIPS Self-Test Error State (#A1080) Algorithm Self-Test

25 The algorithm used for the Firmware Integrity Test (RSA) is conditionally tested before it is used

in the execution of Firmware Integrity Test.

26 The SAKs are used as the keys for pre-operational FW integrity test.
Page 37

Function Self-Test Type Implementation Failure Behavior Tested AES-GCM Cryptographic GCM decrypt KAT / 256-bit key Enters FIPS Self-Test Error State (#A1080) Algorithm Self-Test AES-CMAC Cryptographic CMAC KAT / 256-bit key Enters FIPS Self-Test Error State (#A1081) Algorithm Self-Test SHA2-384 Cryptographic Digest KAT Enters FIPS Self-Test Error State (#A1088) Algorithm Self-Test HMAC-SHA2- Cryptographic HMAC SHA-256 KAT / 256-bit Enters FIPS Self-Test Error State

256 (#A1083) Algorithm Self-Test key

KAS-FFC- Cryptographic Diffie-Hellman Primitive Z KAT / Enters FIPS Self-Test Error State SSC Sp800- Algorithm Self-Test 2048-bit key 56Ar3 (#A1084) AES-KW Cryptographic KW encrypt KAT / 256-bit key Enters FIPS Self-Test Error State (#A1094) Algorithm Self-Test AES-KW Cryptographic KW decrypt KAT / 256-bit key Enters FIPS Self-Test Error State (#A1094) Algorithm Self-Test KDF TLS Cryptographic KAT / 384-bit key Enters FIPS Self-Test Error State (#A1089) Algorithm Self-Test PBKDF Cryptographic KAT / 256-bit key Enters FIPS Self-Test Error State (#A1085) Algorithm Self-Test Firmware Firmware Load Test RSA PKCS#1 3072 / SHA-256 Incoming FW package is not Loading signature verification of new FW loaded and is discarded image performed before FW can be loaded (#A1093 and #A1092) ENT Critical Functions Repetition Count and Adaptive Enters FIPS Self-Test Error State Test: When a seed Proportion tests as per SP 800for DRBG is 90B requested Safe Primes Critical Functions Assurances as per sections 5.5 Keys are discarded Key Test: When a key is and 5.6 of SP 800-56A rev3 Generation generated (#A1087) Table 10-2: Conditional Self-Tests Page 37

Page 38
11 Life-Cycle Assurance
11.1 Delivery and Operation

To initialize the CM into the Compliant state, one of the following procedures must be followed: TCG Enterprise or ATA Security. Upon receiving the CM, the authorized operator must inspect the physical security mechanisms for tamper evidence and verify that the drive boots up in an uninitialized Security Mode. The “FIPS Operating Mode” Indicator designates whether the drive has been configured to operate in the Compliant state. The “FIPS Operating Mode” Indicator is a bit (byte 30, bit 0) in the Vendor Unique fields in Level 0 Device Discovery. If byte 30, bit 0 of the Vendor Unique fields is set to one (1), then the device is operating in a Compliant state. If the bit is set to zero (0), then the device is operating in a Non-Compliant state and is not considered a FIPS 140 validated CM.

11.1.1 TCG Enterprise Secure Initialization
  1. Upon receipt of the product examine the shipping packaging and the product packaging to ensure it has not been accessed during shipping by the trusted courier.
  2. At initialization and periodically thereafter, examine the physical security mechanisms for tamper evidence.
  3. At initialization, set all enabled operator PINs applicable for the Compliant state to private values of at least 8 bytes (64 bits) in length: Drive Owner, EraseMaster, and BandMasters27.
  4. Set ReadLockEnabled and WriteLockEnabled to “True” and the LockOnReset column to include “Power Cycle”, on at least one (1) User Data range.
  5. At initialization, disable the “Makers” authority.
  6. At initialization, the value of LockOnReset for FW Download port must be set to include “Power Cycle”.
11.1.2 TCG Enterprise Ongoing Policy Restrictions
  1. The ReadLockEnabled and WriteLockEnabled values must be set to “True” and the LockOnReset value must include “Power Cycle”, for at least one (1) User Data range.
  2. The “Makers” Authority must be disabled.
  3. The LockOnReset value for the FW Download port must include “Power Cycle”.
11.1.3 ATA Security Secure Initialization
  1. Upon receipt of the product examine the shipping packaging and the product packaging to ensure it has not been accessed during shipping by the trusted courier.
  2. At initialization and periodically thereafter, examine the physical security mechanisms for tamper evidence.
  3. Transition the CM to ATA Security Mode by setting the User Password to a private value of 32 bytes (256 bits) in length.
  4. At initialization, set the remaining operator Passwords/PINs applicable for the Compliant state to private values of at least 8 bytes (64 bits) in length: Master and Drive Owner (optional).
  5. At initialization, the value of LockOnReset for FW Download port must be set to “Power Cycle”.
11.1.4 ATA Security Ongoing policy Restrictions
  1. The “Makers” Authority must be disabled.
  2. The LockOnReset value for the FW Download port must include “Power Cycle”.

27 A subset of the operator authority/PINs are enabled by default. If use of any other

authority/PINs not enabled by default is required in the Compliant state, the Crypto Officer will need to enable them as part of the initialization steps. Page 38

Page 39
11.2 End of Life

When the CM reaches end-of-life, the Crypto Officer must zeroize all SSPs prior to discarding the CM. The Crypto Officer shall perform the following steps when the CM is at end-of-life:

  1. The Crypto Officer shall revert the CM to the factory default state by invoking the Revert or RevertSP methods28 on the Admin SP.
  2. If step 1 fails, all SSPs on the device may not have been sanitized. If this occurs, the Crypto Officer should handle the CM per organizational policies.

28 The Revert/RevertSP methods will cause the CM to zeroize all the SSPs and exit the Compliant

Page 40
12 Mitigation of Other Attacks

The CM does not make claims to mitigate against other attacks beyond the scope of FIPS 140-3. Page 40