| Standard | FIPS 140-3 |
|---|---|
| Overall level | 1 |
| Module type | Hardware |
| Embodiment | Single Chip |
| Status | Active |
| Sunset date | 7/8/2030 |
| Caveat | None |
| Vendor | Winbond Electronics Corporation |
| Hardware versions | 1.0 |
| Algorithm | ACVP Cert |
|---|---|
| SHA2-256 | A2317 |
| Requirement area | Level |
|---|---|
| Cryptographic Module Specification | 1 |
| Cryptographic Module Interfaces | 1 |
| Roles, Services, and Authentication | 1 |
| Software/Firmware Security | N/A |
| Operational Environment | 1 |
| Physical Security | 1 |
| Non-Invasive Security | N/A |
| Sensitive Security Parameter Management | N/A |
| Self-Tests | 1 |
| Life-Cycle Assurance | 1 |
| Mitigation of Other Attacks | N/A |
flowchart LR
%% Deterministic review-risk graph for TrustMe © W77Q64/W77Q128 Sub-Chip
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C3["[high] Unauthenticated /<br/>self-test / status service<br/>surface<br/><i>Self-test<br/>self-test on</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>application</i>"]
end
subgraph Inference["Derived inference"]
I3["Some services may process<br/>input before, or without,<br/>operator authentication."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E3["pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C3 --> I3 --> R3 --> E3
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C3,C6 clue;
class I3,I6 infer;
class R3,R6 risk;
class E3,E6 evidence;flowchart LR
%% Deterministic clue tier for TrustMe © W77Q64/W77Q128 Sub-Chip
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C3["[high] Unauthenticated / self-test / status service surface<br/><i>Self-test<br/>self-test on</i><br/>src: securityPolicy.services"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C3 clueHigh;
class C6 clueLow;W77Q64/W77Q128 Sub-Chip TrustME © W77Q64/W77Q128 Sub-Chip Cryptographic Module FIPS 140-3 The Security Policy is non-proprietary and may be freely reproduced and distributed in its entirety. Rev. A4 Publication date: 06-10-2025
W77Q64/W77Q128 Sub-Chip Table of Contents 1. 2. 3. 4. 5. 6. 7. 8. 9. Rev. A4 Publication date: 06-10-2025
W77Q64/W77Q128 Sub-Chip 10. 11. 11.1. 11.2. 11.3. 12. Rev. A4 Publication date: 06-10-2025
W77Q64/W77Q128 Sub-Chip List of Tables List of Figures Rev. A4 Publication date: 06-10-2025
| Name | ISO Section | Requirement | Level |
|---|---|---|---|
| Section 6. | Section 6. | ||
| 1 | 1 | General | 1 |
| 2 | 2 | Cryptographic Module Specification | 1 |
| 3 | 3 | Cryptographic Module Interfaces | 1 |
| 4 | 4 | Roles, Services, and Authentication | 1 |
| 5 | 5 | Software/Firmware Security | N/A |
| 6 | 6 | Operational Environment | 1 |
| 7 | 7 | Physical Security | 1 |
| 8 | 8 | Non-Invasive Security | N/A |
| 9 | 9 | Sensitive Security Parameter Management | N/A |
| 10 | 10 | Self-Tests | 1 |
| 11 | 11 | Life-Cycle Assurance | 1 |
| 12 | 12 | Mitigation of Other Attacks | N/A |
W77Q64/W77Q128 Sub-Chip 1.1. Overview This document is the non-proprietary FIPS 140-3 Security Policy for the module TrustMe © W77Q64/W77Q128 Sub-Chip (Version 1.0) flash device by Winbond which will also be referred to as “the cryptographic module” , “SHA block” or “the module” throughout this document. This Security Policy specifies the security rules under which the module should operate to meet FIPS 140-3 Level 1 requirements. This cryptographic module is a hardware cryptographic module implemented as a sub-chip running on the singlechip standalone W77Q64/W77Q128 flash device. The cryptographic service provided by the module is the message digest calculation based on the SHA2-256 cryptographic algorithm. The FIPS 140-3 security levels for the module are as follows: [Number Below] N/A N/A N/A N/A Table 1
| Name | Hardware Version | Firmware Version | Features |
|---|---|---|---|
| W77Q64/W77Q128 | W77Q64/W77Q128 | N/A | responsible for providing SHA2-256 message |
| Version: 1.0 | Version: 1.0 | digest capabilities |
The module type is hardware and has a single-chip embodiment (as stated in FIPS 140-3 IG 2.3.B) which provides the W77Q64/W77Q128 device with SHA2-256 message digest functionality. The module is validated at overall security level is 1. Please refer to Table 1 for security levels of individual sections. N/A Table 2 - Cryptographic Module Tested Configuration The physical perimeter encompasses the entire W77Q64/W77Q128 flash device (monolithic die). The cryptographic boundary is defined as only the SHA2-256 sub-chip that is the only part of the device with cryptographic operation capabilities to provide the SHA2-256 cryptographic algorithm. The SHA2-256 sub-chip also has all the logic related to the self-test implementation, zeroization, error handling, etc. Figure 1 - W77Q64/W77Q128 flash devices The following list shows the main components of the W77Q64/W77Q128 device:
| Name | CAVP Cert | Key Size | Use Function |
|---|---|---|---|
| SHA2-256 | A2317 | Message Length: 0- | Message digest |
| [FIPS 180-4] | 768 | generation |
W77Q64/W77Q128 Sub-Chip Moreover, the SHA function is also used by the keys block. In this case, the CRTL module loads the SHA function with the required parameters from the Keys block through the Data Input Interface and launches the SHA calculation. Then the SHA block outputs the message digest to the keys block through the Data Output Interface. The SHA block notifies the W77Q64/W77Q128 device when it is performing self-tests, operating, or if an error occurs through the Status Output Interface connected to the CTRL block. Considering that the module is not connected to any other cryptographic modules, Control Output Interface is not required. Therefore, the only block related to the cryptographic operation of the device is the SHA block that corresponds to the cryptographic boundary as detailed below: Figure 2 - Block diagram of the physical perimeter of the Module 2.2. Modes of Operation and Security Functions The module only operates in Approved mode providing a SHA2-256 message digest as a n approved cryptographic functionality. Approved mode of operation is entered upon powering on the module and successful completion of preoperational self-test. Table 3 - Approved Algorithms The module only supports Approved algorithms so below tables are not included:
| Name | Physical Port | Logical Interface | Data That Passes |
|---|---|---|---|
| Matrix-In-Data | Matrix-In-Data | Data input (32b) | |
| Matrix-In-Addr | Matrix-In-Addr | Address of the input data word to write to (4b). It selects | |
| Data input interface | Data input interface | ||
| which 32b data-in word is accessed (out of 64B) | which 32b data-in word is accessed (out of 64B) | ||
| Keys-Data-In | Keys-Data-In | Direct Data-input (128b) from KEYS function | |
| Matrix-Out-Addr | Matrix-Out-Addr | Address of the output data to read from (3b). It selects which | |
| 32b data-out word is accessed (out of 32B) | 32b data-out word is accessed (out of 32B) | ||
| Matrix-Out-Data | Matrix-Out-Data | Data output | Data output (32b) from the SHA result |
| Keys-Data-Out | Keys-Data-Out | Direct Data-output (128b) to KEYS function (from Hash result) | |
| Reset | Reset | Control input | Reset/Initialize the SHA module and internal states |
| SHA-Start | SHA-Start | interface | Start execution of SHA Iteration |
| SHA-VER | SHA-VER | Indicates the module version | |
| CMVP-DONE | CMVP-DONE | If set, indicates the self-tests execution is complete | |
| CMVP-PASS | CMVP-PASS | Status output | If set, indicates the self-tests are passed with success |
| CMVP-FAIL | CMVP-FAIL | If set, indicates the self-tests have failed | |
| SHA-BUSY | SHA-BUSY | If set, indicates that the SHA operation is being performed. | |
| Otherwise, the calculation is complete, and module is idle | Otherwise, the calculation is complete, and module is idle | ||
| Power Interface | Power Interface | Power interface | The entire device has a single power supply that provides the |
| sub-chip cryptographic module with the expected power 1.8V | sub-chip cryptographic module with the expected power 1.8V | ||
| relative to GND and a maximal current of 20mA | relative to GND and a maximal current of 20mA |
W77Q64/W77Q128 Sub-Chip The table below summarizes the associations between the logical interfaces required by FIPS 140-3 and the Table 4 - Ports and Interfaces When the module is performing self-tests, or is in error state, all data output from data output interfaces (except Module does not support the maintenance role, therefore it does not require to implement a maintenance REV. A4 Publication date: 06-10-2025
| Name | Roles | Input | Output |
|---|---|---|---|
| Module Initialization | CO | N/A | N/A |
| Message Digest | User | Plaintext data | Message digest of data |
| CMVP_BIST | CMVP_BIST | CMVP_PASS = 0/1 | |
| Self-test | User | ||
| command or reset | command or reset | signal | |
| Show-status | User | Request SSR_STATE | |
| Show module versioning | GET_VERSION | ||
| User | User | Module version | |
| information | command |
W77Q64/W77Q128 Sub-Chip 4. Roles, Services, and Authentication 4.1. Roles and Authentication The module does not implement any authentication mechanism. The module supports implicit User and Crypto Officer roles based on the services detailed in the table below. The module does not provide a maintenance role, bypass capability or concurrent operators. N/A N/A N/A Table 5 - Roles, Service Commands, Input and Output The states returned by SSR_STATE are described below: WORK = Self-test passed, ready to execute message digest. REV. A4 Publication date: 06-10-2025
| Name | Description | Roles | Csps Accessed | Approved Functions | Access | Indicator |
|---|---|---|---|---|---|---|
| Module | initialization | |||||
| Initialization | of the | CO | N/A | N/A | N/A | CMVP_DONE |
| Message | SHA2-256 hash | SHA2-256 | SHA_BUSY = 1 while | |||
| Digest | calculation | User | N/A | [FIPS 180-4] | N/A | executing, |
| A2317 | A2317 | SHA_BUSY = 0 after | ||||
| residual data | residual data | User | N/A | N/A | N/A | N/A |
| Run pre- | Run pre- | SHA2-256 | ||||
| Self-test | operational | User | N/A | [FIPS | N/A | CMVP_PASS = 0 or 1 |
| self-test on | self-test on | 180-4] | after completion | |||
| demand | demand | A2317 | ||||
| N/A | User | N/A | N/A | N/A | Current state from | |
| Show-status | current state of | SSR_STATE (LOCK, | ||||
| the module | the module | RESET, WORK) | ||||
| Show module | User | N/A | N/A | N/A | Version in hex | |
| versioning | the module | format (0x1) parsed | ||||
| information | from version of |
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL 4.2. Services The table below lists the services that can be invoked by Crypto Officer and User. The module does not support bypass capability, self-initiated cryptographic capability or firmware loading. N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A Run preoperational N/A N/A N/A N/A N/A N/A Table 6 - Approved Services The module does not implement any non-approved services. According to the FIPS 140-3 standard and the FIPS 140-3 IG 2.4.C, the module must indicate when an approved cryptographic algorithm is being used either executing an approved security function or during the self-tests. Please refer to Table 6 for indicator of services provided by the module. According to FIPS 140-3 IG 2.4.C, the execution of self-test service does not require the approved services indicator because it is invoked by resetting/rebooting the module, however in this case the REV. A4 Publication date: 06-10-2025
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL indicator is provided. The show version service consists of a physical signal that is constantly output from the module. The show status service to obtain the current status of the module is not an independent service itself, since the status of the module can be mapped to the value of the Busy bit (SHA_BUSY) and the CMVP_DONE and CMVP_PASS signals detailed in Table 4: Module ports and interfaces. REV. A4 Publication date: 06-10-2025
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL 5. Software/Firmware Security This section is not applicable because it is a hardware sub-chip cryptographic module defined into the W77Q64/W77Q128 secure flash memory. REV. A4 Publication date: 06-10-2025
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL 6. Operational Environment The module is a hardware sub-chip cryptographic module, and its operational environment can be classified as non-modifiable operational environment. There are no security rules, settings or restrictions to the configuration of the operational environment. REV. A4 Publication date: 06-10-2025
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL 7. Physical Security The module is a Security Level 1 sub-chip module and has a single-chip embodiment. The module is composed of production-grade components with a hard, opaque enclosure that is the physical boundary defined by the entire W77Q64/W77Q128 secure flash memory. REV. A4 Publication date: 06-10-2025
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL 8. Non-Invasive Security This section is not applicable to the module. REV. A4 Publication date: 06-10-2025
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL 9. Sensitive Security Parameter Management The only cryptographic operation supported by the module is the message digest calculation based on SHA2-256 cryptographic algorithm. Hence, SSPs are not employed, and this section is not applicable for the module. 9.1. Random Bit Generators The module does not implement RBG because it does not perform SSP generation nor SSP establishment. 9.2. Sensitive Security Parameter Generation The module does not implement any method to perform SSPs generation. 9.3. Sensitive Security Parameter Establishment The module does not implement SSPs establishment methods. 9.4. Sensitive Security Parameter Entry and Output The module does not implement SSPs entry and output methods. 9.5. Sensitive Security Parameter Storage The module does not store any SSPs inside its boundary. 9.6. Sensitive Security Parameter Zeroization The module does not employ any SSPs that can be zeroized. The module uses FLUSH command to remove any information residues related to the message digest calculation. REV. A4 Publication date: 06-10-2025
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL 10.Self-Tests This section specifies the pre-operational and conditional self-tests performed by the module to ensure its correct functionality. The module has one error state, called the error state. If an error occurs during a self-test, the module enters the error state and indicates it to the user via the status output interface by the CMVP_PASS = 0 signal. In addition, while the module is in error state, all data output interfaces except the status output interfaces are inhibited.
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL 11.Life-Cycle Assurance 11.1. Configuration Management The configuration management list is composed of the Configuration Items version control, change control, flaw remediation tracking and module design revision which are managed by Winbond in a private Gitlab repository with write access restricted to the authorized Winbond personnel. 11.2. Configuration Items Identification Method The internal versioning of the module is performed automatically, and the assigned version and revision are used internally to control the code development. The W77Q64/W77Q128 device hardware version is shown in its internal HW_VER register that can be retrieved from the device by the SHOW VERSION service using the GET_VERSION command through its SPI interface: Bit Position 31-24 23-20 19-16 15-12 Name Type Value Reserved FLASH_VER Reserved SEC_VER HC HC HC HC 00h 1h 0h 2h 11-8 SEC_REV HC 4h 7-4 HASH_VER HC 1h 3-0 Reserved HC 0h Description Reserved Flash Version Reserved Security Protocol Version: <2> W77Q
CONFIDENTIAL W77Q64/W77Q128 Sub-Chip - W77Q
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL Note: When a major revision is released, it does not contain the minor revision number associated. The configuration item list can be consulted in the WCIL document. 11.3. Crypto Officer and User Guidance 11.3.1. Installation and Initialization Instructions Regarding the installation and initialization guidance, once the W77Q64/W77Q128 single-chip device is powered, the module will be also powered and initiated automatically in an approved mode of operation after executing the pre-operational self-tests with success. As detailed in the section 3 “Cryptographic Module Interfaces”, when the self-tests are passed, the CMVP_DONE and CMVP_PASS signals will be set. There is no specific administrator or non-administrator guidance applicable to this module. 11.3.2. Secure Operation When the module is initiated as described in the previous section, the module will be in the approved mode and will allow the user to use the authorized services detailed in section “4.2 Services”. 11.3.3. Operation Rules When the module is installed and securely initialized, it is in Approved Mode which is the only mode of operation complying with the following rules:
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL 11.3.4. End of Life The module does not require sanitization because it does not store any SSP as detailed in the section “9.5 Sensitive Security Parameter Storage”. All the residues related to the message digest calculations are erased once the calculation is finished as detailed in the section “9.6 Sensitive Security Parameter Zeroization”. REV. A4 Publication date: 06-10-2025
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL 12.Mitigation of Other Attacks The module is not designed to mitigate other attacks which are outside of the scope of FIPS 140-3. REV. A4 Publication date: 06-10-2025
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL Glossary and Abbreviations CO CSP FIPS IUT KAT Module NIST PSP RBG SHA SSP REV. A4 Crypto Officer Critical Security Parameter Federal Information Processing Standard Implementation Under Test Known Answer Test TrustME © W77Q64/W77Q128 Sub-Chip Cryptographic Module V1.0 National Institute of Standards and Technology Public Security Parameter Random Bit Generator Secure Hash Algorithm Sensitive Security Parameter Publication date: 06-10-2025
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL Reference Document FIPS 140-3 IG WSP WCIL WFSM WFS FIPS 180-4 SP 800-140F REV. A4 Implementation Guidance for FIPS 140-3 and the Cryptographic Module Validation Program W77QSP0200_RevA1.pdf W77QCIL0200_RevA1.pdf W77QFSM0200_RevA1.pdf W77QFS0200_RevA1.pdf Secure Hash Standard (SHS) CMVP Approved Non-Invasive Attack Mitigation Test Metrics Publication date: 06-10-2025
W77Q64/W77Q128 Sub-Chip CONFIDENTIAL Preliminary Designation The “Preliminary” designation on a Winbond datasheet indicates that the product is not fully characterized. The specifications are subject to change and are not guaranteed. Winbond or an authorized sales representative should be consulted for current information before using this product. Trademarks Winbond and TrustME are trademarks of Winbond Electronics Corporation. All other marks are the property of their respective owner. Important Notice Winbond products are not designed, intended, authorized or warranted for use as components in systems or equipment intended for surgical implantation, atomic energy control instruments, airplane or spaceship instruments, transportation instruments, traffic signal instruments, combustion control instruments, or for other applications intended to support or sustain life. Furthermore, Winbond products are not intended for applications wherein failure of Winbond products could result or lead to a situation wherein personal injury, death or severe property or environmental damage could occur. Winbond customers using or selling these products for use in such applications do so at their own risk and agree to fully indemnify Winbond for any damages resulting from such improper use or sales. Information in this document is provided solely in connection with Winbond products. Winbond reserves the right to make changes, corrections, modifications or improvements to this document and the products and services described herein at any time, without notice. REV. A4 Publication date: 06-10-2025