| Standard | FIPS 140-3 |
|---|---|
| Overall level | 1 |
| Module type | Hardware |
| Embodiment | Multi-Chip Embedded |
| Status | Active |
| Sunset date | 5/18/2030 |
| Entropy | ENT (P) |
| Caveat | None |
| Vendor | Samsung Electronics Co., Ltd. |
| Hardware versions | MZCLO1T9HCJR-00AMZ, MZCLO3T8HBLT-00AMZ, MZCLO7T6HBLA-00AMZ |
| Algorithm | ACVP Cert |
|---|---|
| AES-ECB | A2247 |
| AES-ECB | A2248 |
| AES-ECB | A2249 |
| AES-GCM | A2248 |
| AES-XTS Testing Revision 2.0 | A2249 |
| Counter DRBG | A2248 |
| ECDSA SigVer (FIPS186-4) | A2255 |
| SHA2-384 | A2248 |
| Requirement area | Level |
|---|---|
| Cryptographic Module Specification | 2 |
| Roles, Services, and Authentication | 4 |
flowchart LR
%% Deterministic review-risk graph for Samsung NVMe TCG Opal SSC SEDs PM1743 Series
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C1["[high] Firmware / bootloader<br/>versions disclosed<br/>(identity, not provenance)<br/><i>OPP9TA6A</i>"]
C2["[high] Firmware update / recovery<br/>/ rollback services<br/><i>Update the firmware<br/>Error state in Boot<br/>Error State in operational state</i>"]
C3["[high] Unauthenticated /<br/>self-test / status service<br/>surface<br/><i>Show Status<br/>Error State in operational state</i>"]
C4["[high] Physical/logical<br/>interfaces (some 'blocked<br/>in firmware')<br/><i>JTAG</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>application</i>"]
end
subgraph Inference["Derived inference"]
I1["Component identity is<br/>disclosed, but provenance<br/>and patch lineage are not."]
I2["Trusted code is reachable<br/>through update and<br/>recovery paths."]
I3["Some services may process<br/>input before, or without,<br/>operator authentication."]
I4["Interface reachability may<br/>vary by boot stage and<br/>lifecycle state."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R1["Do the vendor version<br/>strings obscure the<br/>upstream baseline, fork<br/>lineage, or known-CVE<br/>exposure?"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R4["Are interfaces blocked<br/>before the bootloader<br/>runs, or only after<br/>approved mode starts?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E1["SBOM / component baselines<br/>· patch and backport<br/>manifest · CVE disposition"]
E2["update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E4["lifecycle reachability<br/>matrix · boot-stage<br/>interface timing ·<br/>factory/recovery/error-state<br/>access controls"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C1 --> I1 --> R1 --> E1
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C4 --> I4 --> R4 --> E4
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C1,C2,C3,C4,C6 clue;
class I1,I2,I3,I4,I6 infer;
class R1,R2,R3,R4,R6 risk;
class E1,E2,E3,E4,E6 evidence;flowchart LR
%% Deterministic clue tier for Samsung NVMe TCG Opal SSC SEDs PM1743 Series
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C1["[high] Firmware / bootloader versions disclosed (identity, not provenance)<br/><i>OPP9TA6A</i><br/>src: certificate.firmwareVersions"]
C2["[high] Firmware update / recovery / rollback services<br/><i>Update the firmware<br/>Error state in Boot<br/>Error State in operational state</i><br/>src: securityPolicy.services"]
C3["[high] Unauthenticated / self-test / status service surface<br/><i>Show Status<br/>Error State in operational state</i><br/>src: securityPolicy.services"]
C4["[high] Physical/logical interfaces (some 'blocked in firmware')<br/><i>JTAG</i><br/>src: securityPolicy.portsAndInterfaces"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C1,C2,C3,C4 clueHigh;
class C6 clueLow;Samsung NVMe TCG Opal SSC SEDs PM1743 Series Document Version: 1.1 H/W Version: MZCLO1T9HCJR-00AMZ, MZCLO3T8HBLT-00AMZ, MZCLO7T6HBLA-00AMZ F/W Version: OPP9TA6A This document may be freely reproduced in its original entirety.
| Version | Change | ||
|---|---|---|---|
| 1.0 | Initial Version | ||
| 1.1 | Addressing CMVP comments. |
Revision History 1.0 1.1 Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy
| # | Section | Page |
|---|---|---|
| 1 | GENERAL | 5 |
| 2 | CRYPTOGRAPHIC MODULE SPECIFICATION | 6 |
| 2.1 | CRYPTOGRAPHIC BOUNDARY | 6 |
| 2.2 | VERSION INFORMATION | 7 |
| 2.3 | CRYPTOGRAPHIC FUNCTIONALITY | 8 |
| 2.3.1 | APPROVED ALGORITHM | 8 |
| 2.3.2 | NON-APPROVED ALGORITHM | 9 |
| 2.4 | APPROVED MODE OF OPERATION | 9 |
| 3 | CRYPTOGRAPHIC MODULE INTERFACES | 10 |
| 4 | ROLES, SERVICES, AND AUTHENTICATION | 11 |
| 4.1 | ROLE | 11 |
| 4.2 | SERVICE | 11 |
| 4.2.1 | APPROVED SERVICE | 11 |
| 4.3 | AUTHENTICATION | 13 |
| 5 | SOFTWARE/FIRMWARE SECURITY | 14 |
| 6 | OPERATIONAL ENVIRONMENT | 15 |
| 7 | PHYSICAL SECURITY | 16 |
| 8 | NON-INVASIVE SECURITY | 17 |
| 9 | SENSITIVE SECURITY PARAMETER MANAGEMENT | 18 |
| 10 | SELF-TESTS | 21 |
| 10.1 | PRE-OPERATIONAL TEST | 21 |
| 10.2 | CONDITIONAL TEST | 21 |
| 10.3 | ERROR STATES | 21 |
| 11 | LIFE-CYCLE ASSURANCE | 23 |
| 11.1 | SECURE INSTALLATION | 23 |
| 11.2 | OPERATIONAL DESCRIPTION OF MODULE | 23 |
| 12 | MITIGATION OF OTHER ATTACKS | 24 |
| Acronym | Description | ||
|---|---|---|---|
| CPU | Central Processing Unit (ARM-based) | ||
| CTRL | Controller | ||
| DRAM I/F | Dynamic Random Access Memory Interface | ||
| LBA | Logical Block Address | ||
| MEK | Media Encryption Key | ||
| MSID | Manufactured SID (Security Identifier) | ||
| NAND I/F | NAND Flash Interface | ||
| PMIC | Power Management Integrated Circuit | ||
| ROM | Read Only Memory | ||
| NVMe | Non-Volatile Memory Host Controller Interface Specification | ||
| SED | Self-Encrypting Drive | ||
| SSC | Security Subsystem Class | ||
| SSP | Sensitive Security Parameter | ||
| TCG | Trusted Computing Group |
I. Introduction I.1. Scope referred to as the “cryptographic module” or “module.” The SSD (Solid State Drive) satisfies all applicable FIPS 140-3 security level 1 requirements for a ‘Hardware Module,’ supporting TCG Opal SSC-based SED (Self-Encrypting Drive) features designed to protect against unauthorized access to user data stored in its NAND Flash memories. The built-in AES hardware engines in the cryptographic module’s controller provide on-the-fly encryption and decryption of user data without performance loss. The SED’s design also enables instantaneous sanitization of user data via cryptographic erase. I.2. Acronyms Table 1. Acronyms Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy
| Name | ISO Section | Requirement | Level |
|---|---|---|---|
| 1 | 1 | General | 1 |
| 2 | 2 | Cryptographic module specification | 1 |
| 3 | 3 | Cryptographic module interfaces | 1 |
| 4 | 4 | Roles, services, and authentication | 1 |
| 5 | 5 | Software/Firmware security | 1 |
| 6 | 6 | Operational environment | 1 |
| 7 | 7 | Physical security | 1 |
| 8 | 8 | Non-invasive security | N/A |
| 9 | 9 | Sensitive security parameter management | 1 |
| 10 | 10 | Self-tests | 1 |
| 11 | 11 | Life-cycle assurance | 1 |
| 12 | 12 | Mitigation of other attacks | N/A |
[Number Below] Table 2. Security Levels Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy N/A N/A
| Name | Model | Hardware Version | Firmware Version | Features |
|---|---|---|---|---|
| PM1743 | PM1743 | MZCLO1T9HCJR-00AMZ | OPP9TA6A | 1.92TB |
| MZCLO3T8HBLT-00AMZ | MZCLO3T8HBLT-00AMZ | 3.84TB | ||
| MZCLO7T6HBLA-00AMZ | MZCLO7T6HBLA-00AMZ | 7.68TB |
The PM1743 series utilizes a single-chip controller with an NVMe interface on the system side and internally integrates Samsung NAND flash. The following figure illustrates the operational environment of the module. The cryptographic boundary, shown in Figure 2 below, is represented by the black box that encloses the components of the module. Figure
| Name | CAVP Cert | Mode Method | Key Size | Use Function | Description/ Key Size(s)/ Key Strength(s) |
|---|---|---|---|---|---|
| AES-ECB / FIPS 197, SP 800-38A | A2247 | ECB | 256-bit keys with 256-bit key strength | Approved Block Cipher for Counter DRBG (Cert.# A2248) | |
| AES-ECB / FIPS 197, SP 800-38A | A2248 | ECB | 256-bit keys with 256-bit key strength | Prerequisite for AES-GCM (A2248) | |
| AES-GCM/ FIPS 197, SP 800-38D | A2248 | GCM2 | 256-bit keys with 256-bit key strength IV: 96 bits | Key Encryption / Decryption | |
| Counter DRBG / SP 800-90A Rev. 1 | A2248 | CTR_ DRBG (AES-256) | AES 256 bits with Derivation Function Enabled | All Cryptographic Key Generation | |
| SHA2-384 / FIPS 180-4 | A2248 | SHA-384 | SHA-384 | Message Digest for digital signature verification (Cert.# A2255) | |
| AES-ECB / FIPS 197, SP 800-38A | A2249 | ECB | 256-bit keys with 256-bit key strength | Prerequisite for AES-XTS (A2249) | |
| AES-XTS Testing Revision 2.0 / FIPS 197, SP 800-38E | A2249 | XTS | 256-bit keys with 256-bit key strength | Data Encryption / Decryption | |
| ECDSA SigVer (FIPS186-4) / FIPS 186-4 | A2255 | Curve P-384 with SHA-384 | 384 bits | Digital Signature Verification | |
| CKG / SP 800-133rev2 (Section 4, 6.1, 6.3) | Vendor Affirmed | N/A | N/A | Symmetric Cryptographic Key Generation; SP 800- 133rev2 and IG D.H. | |
| ENT (P) / SP800-90B | N/A | N/A | ENT (P) provides a minimum of 256 bits of entropy for DRBG seed materials in key generation. | ||
| AES-GCM / FIPS 197, SP800-38D (non-compliant) | AES-GCM / FIPS 197, SP800-38D (non-compliant) | No Security Claimed; AES-GCM is only used for obfuscation and removal of obfuscation the CSP. (IG 2.4.A Scenario #1) | Key obfuscation and Removal of obfuscation | ||
| AES-XTS / FIPS 197, SP 800-38E (non-compliant) | AES-XTS / FIPS 197, SP 800-38E (non-compliant) | No Security Claimed; AES-XTS is used to remove obfuscation from the firmware during ROM initialized. | Removal of firmware obfuscation | ||
| No Security Claimed; AES-XTS is used for obfuscation and removal of obfuscation the CSP. (IG 2.4.A Scenario #1) | No Security Claimed; AES-XTS is used for obfuscation and removal of obfuscation the CSP. (IG 2.4.A Scenario #1) | Key obfuscation and Removal of obfuscation | |||
| HMAC-SHA2-256 / FIPS 198-1 (non-compliant) | HMAC-SHA2-256 / FIPS 198-1 (non-compliant) | Non-approved algorithms here are only used as pre-requisite algorithms for PBKDF2 which is used for storing authentication data. (IG 2.4.A Scenario #1) | Store authentication data | ||
| PBKDF2 / SP 800-132 (non-compliant) | PBKDF2 / SP 800-132 (non-compliant) | Non-approved algorithms here are only used for storing authentication data using PBKDF2 (IG 2.4.A Scenario #1) | Store authentication data | ||
| SHA2-256 / FIPS 180-4 (non-compliant) | SHA2-256 / FIPS 180-4 (non-compliant) | Non-approved algorithm here are only used as pre-requisite algorithms for PBKDF2 which is used for storing authentication data. (IG 2.4.A Scenario #1) | Store authentication data |
2.3. Cryptographic Functionality 2.3.1. Approved Algorithm1 The cryptographic module supports the following Approved algorithms for secure data storage: N/A N/A N/A N/A Table 4. Approved Algorithms Note that not all algorithms/modes that appear on the module’s CAVP certificates are utilized by the module. Table 4 lists only the algorithms/modes that are utilized by the module. Not all algorithms/modes that appear on the module’s CAVP certificates are utilized by the module. IG C.H Scenario 2 for generating an IV is implemented in this module. In other words, Key and IV are generated internally using by approved Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy
2.3.2. The module does not implement any Non-Approved Algorithms Not Allowed in the Approved Mode of Operation or Non-Approved Algorithms Allowed in the Approved Mode of Operation. The following algorithms are not intended to be used as a security function and are not implemented to meet any FIPS 140-3 requirements. Additionally, these algorithms are not provided through a non-approved service to an operator #1) Table 5. Non-Approved Algorithms Allowed in the Approved Mode of Operation with No Security Claimed 2.4. Approved Mode of Operation The module only supports one mode of operation: the Approved mode, in which the Approved cryptographic functions are available. The module automatically transitions to the Approved mode of operation after completing its pre-operational self-tests. The cryptographic module indicates its approved mode through the validated version status, displayed by the Show Status Service in Table 8 via the PCIe command. In the approved mode of operation, non-approved algorithms are allowed, but with no security claims in the module. Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy
| Name | Physical Port | Logical Interface | Data That Passes |
|---|---|---|---|
| NVMe Connector | NVMe Connector | Data Input / Output | plaintext data; signed data |
| Control Input | Control Input | commands input logically via an API; signals input logically or physically via one or more physical ports | |
| Status Output | Status Output | status information output logically via an API; signal outputs logically or physically via one or more physical ports; | |
| Power | Power | N/A | |
| JTAG | JTAG | Control Input | signals input logically or physically via one or more physical ports |
| Status Output | Status Output | signal outputs logically or physically via one or more physical ports; |
| Name | Description | Roles | Csps Accessed | Approved Functions | Access | Indicator | Input | Output | |||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Show Status | PCIe Command | Status | Cryptographic Officer (CO) | ||||||||
| Lock/Unlock an LBA Range | LBA Range | Status | |||||||||
| Erase an LBA Range’s Data | LBA Range | Status | |||||||||
| Update the firmware | FW image binary | Status | |||||||||
| Get Random Number | TCG Command | Status | |||||||||
| IO Command | LBA Range | Status | |||||||||
| Sanitize / DeleteNS | LBA Range | Status | |||||||||
| FormatNVM | LBA Range | Status | |||||||||
| Revert | PSID | N/A | |||||||||
| Perform the Self-tests | N/A | Status | |||||||||
| Change the Password | N/A | Status | |||||||||
| Set User Password | N/A | Status | |||||||||
| Authentication | N/A | Status | |||||||||
| Diagnostics | N/A | N/A | Maintenance3 | ||||||||
| Show Status | Show approved version status and version information of the module / Error State in operational state | CO | N/A | N/A | NVM Command: Identify Controller command Result : Status Code | ||||||
| Lock/Unlock an LBA Range | Block or allow read (decrypt) / write (encrypt) | MEK | AES-GCM / A2248 | UID: Locking_GlobalRange / Locking_RangeNNNN | O | O | |||||
| KEK | KEK | O | O | O |
| Name | Description | Roles | Csps Accessed | Approved Functions | Access | Indicator | Input | Output | |||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Show Status | PCIe Command | Status | Cryptographic Officer (CO) | ||||||||
| Lock/Unlock an LBA Range | LBA Range | Status | |||||||||
| Erase an LBA Range’s Data | LBA Range | Status | |||||||||
| Update the firmware | FW image binary | Status | |||||||||
| Get Random Number | TCG Command | Status | |||||||||
| IO Command | LBA Range | Status | |||||||||
| Sanitize / DeleteNS | LBA Range | Status | |||||||||
| FormatNVM | LBA Range | Status | |||||||||
| Revert | PSID | N/A | |||||||||
| Perform the Self-tests | N/A | Status | |||||||||
| Change the Password | N/A | Status | |||||||||
| Set User Password | N/A | Status | |||||||||
| Authentication | N/A | Status | |||||||||
| Diagnostics | N/A | N/A | Maintenance3 | ||||||||
| Show Status | Show approved version status and version information of the module / Error State in operational state | CO | N/A | N/A | NVM Command: Identify Controller command Result : Status Code | ||||||
| Lock/Unlock an LBA Range | Block or allow read (decrypt) / write (encrypt) | MEK | AES-GCM / A2248 | UID: Locking_GlobalRange / Locking_RangeNNNN | O | O | |||||
| KEK | KEK | O | O | O |
4.1. The cryptographic module does not support role-based authentication. Roles are implicitly assumed based on the service they are invoking. The module does not support any bypass capabilities. N/A N/A N/A N/A N/A N/A N/A 4.2. 4.2.1. The cryptographic module only supports the following approved services and does not support any non-approved services. The abbreviations of the type of access to keys and SSPs have the following interpretation:
Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy
| Name | Use Function | |||||||
|---|---|---|---|---|---|---|---|---|
| of user data. | of user data. | TCG Method: Set Result: TCG status code | ||||||
| Counter DRBG / A2248 AES-ECB / A2247 | Erase user data by changing the data encryption key. | UID: K_AES_256_GlobalRan ge_Key / K_AES_256_RangeNNN N_Key TCG Method: GenKey Result: TCG status code | Erase an LBA Range’s Data | DRBG V | O | O | O | O |
| AES-GCM / A2248 CKG ENT (P) | MEK | O | O | O | ||||
| ECDSA SigVer (FIPS186-4) / A2255 SHA2-384 / A2248 | Update the firmware | Admin Command: Firmware Commit Result : Status Code | Update the firmware | FW Verification Key | O | |||
| Counter DRBG / A2248 AES-ECB / A2247 | Provide a random number generated by the CM. | UID: ThisSP TCG Method: Random Result: TCG status code | Get Random Number | DRBG V | O | O | O | O |
| AES-XTS Testing Revision 2.0 / A2249 | Read/Write user data | NVM Command: Write / Read Result : Status Code | IO Command | MEK | O | |||
| Counter DRBG / A2248 AES-ECB / A2247 | Erase user data by changing the data encryption key. | Admin Command: Format NVM Result : Status Code | FormatNVM | DRBG V | O | O | O | O |
| CKG ENT (P) | MEK | O | O | O | ||||
| KEK | KEK | O | O | |||||
| Counter DRBG / A2248 AES-ECB / A2247 | Erase user data by changing the data encryption key. | Admin Command: Sanitize / Namespace Management Result : Status Code | Sanitize / DeleteNS | DRBG V | O | O | O | O |
| CKG ENT (P) | MEK | O | O | O | ||||
| KEK | KEK | O | O | O | ||||
| Counter DRBG / A2248 AES-ECB / A2247 | Erase user data in all Range by changing the data | UID: SPObj(AdminSP) TCG Method: Revert Result: TCG status code | Revert | DRBG V | O | O | O | O |
| CKG ENT (P) | MEK | O | O | O | ||||
| KEK | KEK | O | O | O | ||||
| AES-XTS (No Security Claimed) | Power cycling the module to perform self- tests | Level 0 Discovery CMD return a failure as a failure indicator | Perform the Self-tests | DRBG V | O | |||
| No Security Claimed – PBKDF2 (non- compliant) HMAC-SHA2- 256 (non- compliant) SHA2-256 (non- compliant) | Change CO password | N/A | Change the Password | N/A | ||||
| No Security Claimed – PBKDF2 (non- compliant) HMAC-SHA2- 256 (non- compliant) SHA2-256 (non- compliant) | Authenticate the module. (This is not authentication to meet the FIPS 140-3 requirements) | N/A | Authentication | N/A | ||||
| N/A | Perform Maintenance | N/A | Diagnostics | N/A |
O O O O O O O perform selftests O O O O O O O O O O O O O O O O O O O O O O O O O O O O O O O O O O O O Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy
PBKDF2 (noncompliant) HMAC-SHA2256 (noncompliant) N/A N/A N/A N/A N/A N/A (noncompliant) PBKDF2 (noncompliant) HMAC-SHA2256 (noncompliant) (noncompliant) N/A Table
5. Software/Firmware Security The integrity of the module’s executable firmware (OPP9TA6A_DC_2048.bin) is verified using ECDSA SigVer P-384 (A2255) with SHA2-384 (A2248) for firmware integrity testing of the following components:
6. Operational Environment The cryptographic module operates in a limited operational environment, consisting of the module’s firmware. This module does not have an operating system but is designed in a manner to allow controlled, validated firmware modifications by an operator. This operational environment does not require any specific security rules, settings, configurations, or restrictions to be set. The cryptographic module does not provide any general-purpose operating system to the operator. Firmware download is only available for CMVP validated firmware versions. Unauthorized modification of the firmware is prevented by the pre-operational firmware integrity test and conditional firmware load test. Since the cryptographic module is zeroised through the procedure for using maintenance role, it is restricted to prevent uncontrolled access to CSPs and uncontrolled modifications of SSPs. Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy
7. Physical Security The following physical security mechanisms are implemented in the cryptographic module:
8. Non-Invasive Security The module does not implement any non-invasive attack mitigation techniques. Therefore, this section is not applicable. Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy
| Name | Strength | Security Function | Generation | Establishment | Storage | Import Export | Key/SSP Name/ Type | Zeroisation5 |
|---|---|---|---|---|---|---|---|---|
| Generates the MEK and KEK | 128-bit | Counter DRBG / A2248 AES-ECB / A2247 | SP 800-90A Rev. 1 Counter DRBG | N/A | Plaintext in RAM | N/A | DRBG V / CSP | Explicitly zeroised via these services: Performing via Erase an LBA Range’s Data, Sanitize / DeleteNS, FormatNVM, and Revert service, and zeroisation is shown through their respective indicator. Implicitly zeroised by Power on Reset |
| Generates the MEK and KEK | 256-bit | Counter DRBG / A2248 AES-ECB / A2247 | SP 800-90A Rev. 1 CTR_DRBG (AES-256) | N/A | N/A | DRBG Key / CSP | Explicitly zeroised via these services: Performing via Erase an LBA Range’s Data, Sanitize / DeleteNS, FormatNVM, and Revert service, and zeroisation is shown through their respective indicator. Implicitly zeroised by Power on Reset | |
| Generates the MEK and KEK | 384-bits | Counter DRBG / A2248 | ENT (P) CKG | N/A | N/A | DRBG Seed / CSP | Explicitly zeroised via these services: Performing via |
9. Sensitive Security Parameters Management Temporary SSPs and SSPs stored in volatile memory are automatically zeroized upon power-on reset. The module performs zeroization by overwriting the target SSP with random values generated by the DRBG. The module does not import or export SSPs. All SSPs in volatile memory, including HW SFR, are automatically zeroised instantly either after key generation/use or upon performing power-on-reset, depending on the characteristics of volatile memory. N/A N/A N/A N/A N/A N/A
Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy
| Name | Mode Method | Key Size | Use Function | ||||||
|---|---|---|---|---|---|---|---|---|---|
| AES-ECB / A2247 | Erase an LBA Range’s Data, Sanitize / DeleteNS, FormatNVM, and Revert service, and zeroisation is shown through their respective indicator. Implicitly zeroised by Power on Reset | ||||||||
| Counter DRBG / A2248 AES-ECB / A2247 | ENT (P) CKG | 384-bits | Generates the MEK and KEK | Explicitly zeroised via these services: Performing via Erase an LBA Range’s Data, Sanitize / DeleteNS, FormatNVM, and Revert service, and zeroisation is shown through their respective indicator. Implicitly zeroised by Power on Reset | DRBG Entropy Input String / CSP | N/A | N/A | ||
| AES-GCM / A2248 | CKG SP 800-90A Rev. 1 Counter DRBG | 256-bit | Wraps MEK | Explicitly zeroised via these services: Performing via Sanitize / DeleteNS, FormatNVM, and Revert service, and zeroisation is shown through their respective indicator. Implicitly zeroised by Power on Reset | KEK / CSP | N/A | N/A | Plaintext in RAM | |
| AES-XTS Testing Revision 2.0 / A2249 | CKG SP 800-90A Rev. 1 Counter DRBG | 256-bit | Data encryption and decryption of user data | Implicitly zeroised by Power on Reset | MEK / CSP | N/A | N/A | Plaintext in RAM | |
| Cipher text in Flash | Explicitly zeroised via these services: Performing via Erase an LBA | Cipher text in Flash | |||||||
| ECDSA SigVer (FIPS186-4) / A2255 SHA2-384 / A2248 | Entered during manufacturing | 192-bit | Firmware Load Test | Explicitly zeroised via this service: Performing via Update the Firmware service, and zeroisation is shown through their respective indicator. | Firmware Verification Key6 / PSP | N/A | N/A | Plaintext HW SFR7 | |
| Plaintext in ROM | N/A | Plaintext in ROM | |||||||
| Details | Entropy sources | Minimum number of bits of | |||||||
| The entropy source provides an estimated min-entropy output of 0.58 bits per bit. The DRBG is seeded with 768 bits of entropy input data from the entropy source. Therefore, the DRBG is seeded with at least 384-bits of entropy before generating SSPs. | 384 bits | ENT (P) |
N/A N/A N/A N/A N/A N/A Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy
| Name | Mode Method | Key Size | Use Function | ||||||
|---|---|---|---|---|---|---|---|---|---|
| ECDSA SigVer (FIPS186-4) / A2255 SHA2-384 / A2248 | Entered during manufacturing | 192-bit | Firmware Load Test | Firmware Verification Key6 / PSP | N/A | N/A | Plaintext HW SFR7 | Explicitly zeroised via this service: Performing via Update the Firmware service, and zeroisation is shown through their respective indicator. | |
| Plaintext in ROM | Plaintext in ROM | N/A | |||||||
| Details | Entropy sources | Minimum number of bits of | |||||||
| The entropy source provides an estimated min-entropy output of 0.58 bits per bit. The DRBG is seeded with 768 bits of entropy input data from the entropy source. Therefore, the DRBG is seeded with at least 384-bits of entropy before generating SSPs. | 384 bits | ENT (P) |
N/A N/A N/A Table
8 Estimated amount of entropy per the source’s output bit is 0.85444 and Samsung conservatively claims to be set at 0.5 per bit.
Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy
| Name | Algorithm Or Test | Test Type | Details |
|---|---|---|---|
| ECDSA | ECDSA | Firmware integrity test | Firmware integrity test for Boot Loader is performed by using ECDSA with SHA2-384 at every power-on-reset. |
| ECDSA | ECDSA | Firmware integrity test | Firmware integrity test for the Main Firmware is performed by using ECDSA with SHA2-384 at every power-on-reset. |
| AES-XTS | AES-XTS | Critical Function Test | Duplicate Key Test for AES-XTS described in FIPS 140-3 IG C.I (i.e. key_1 ≠ key_2) |
| AES-XTS | AES-XTS | Cryptographic algorithm self-test | KAT: Encrypt is performed (256-bits) |
| AES-XTS | AES-XTS | Cryptographic algorithm self-test | KAT: Decrypt is performed (256-bits) |
| ECDSA | ECDSA | Cryptographic algorithm self-test | KAT: Curve P-384 with SHA-384 signature verification is performed |
| SHA2-384 | SHA2-384 | Cryptographic algorithm self-test | KAT: Hash digest is performed |
| CTR DRBG | CTR DRBG | Cryptographic algorithm self-test | KATs: SP 800-90A Rev. 1 Health testing on Instantiate, Generate and Reseed functions |
| CTR DRBG | CTR DRBG | Cryptographic algorithm self-test | KAT: DRBG with AES-256 is performed |
| AES-GCM | AES-GCM | Cryptographic algorithm self-test | KAT: Encrypt is performed |
| AES-GCM | AES-GCM | Cryptographic algorithm self-test | KAT: Decrypt is performed |
| ECDSA | ECDSA | Firmware load test | ECDSA signature verification is performed if new FW is downloaded or at every power-on-reset |
| ENT (P) | ENT (P) | Cryptographic algorithm self-test | Conditional SP800-90B Health tests: Repetition count test, Adaptive proportion test |
| Name | Description | Role Access | Indicator | Recovery Method |
|---|---|---|---|---|
| Error state in Boot | The module has failed any self-tests during the boot | During the boot | The module is not initiated, so no services are available. | Power cycle |
| Error State in operational state | The module has failed any self-tests in the | Transition to approved mode of operation Operational state | ERRORMOD message in Show status service | Power cycle |
While executing the following self-tests, all data output is inhibited until the completion of the self-test. Conditional self-tests are conducted before the initial operation of approved algorithms. If a cryptographic module fails a self-test, it will enter an error state, during which all data output is inhibited. 10.1. Pre-operational test Table 11. Pre-operational Self-tests
Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy
operational state Table 13: Error States Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy
11. Life-Cycle Assurance The cryptographic module operates in the Approved mode of operation by default upon shipment from the vendor’s manufacturing site and does not support a non-approved mode of operation. Section 11.1 provides guidance on the rules for secure installation and operation. Operators must follow this guidance to ensure the cryptographic module operates in compliance with FIPS 140-3 security level 1 requirements. 11.1. Secure Installation
12. Mitigation of Other Attacks The cryptographic module has not been designed to mitigate any specific attacks beyond the scope of FIPS 140-3. Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy