Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series FIPS 140-2 Security Policy Document Revision: 1.1 H.W. Version: MZILS3T8HCJM-000D8 [1], MZILS3T8HCJM-000G6 [2] F.W. Version: CXP2 [1], NA01 [2] This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung Copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy Revision History Author(s) Version Updates Jisoo Kim 1.0 Initial Version Added new HW Version (Part ID) and FW SeungJae Lee 1.1 Version Page 2 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy Introduction Samsung Electronics Co., Ltd. (“Samsung”) SAS 12G TCG Enterprise SSC SEDs PM163x Series, herein after referred to as a “cryptographic module” or “module”, SSD (Solid State Drive), satisfies all applicable FIPS 140-2 Security Level 2 requirements, supporting TCG Enterprise SSC based SED (Self-Encrypting Drive) features, designed to protect unauthorized access to the user data stored in its NAND Flash memories. The built-in AES HW engines in the cryptographic module’s controller provide on-the-fly encryption and decryption of the user data without performance loss. The SED’s nature also provides instantaneous sanitization of the user data via cryptographic erase. Firmware Drive Module Name Hardware Version Version Capacity MZILS3T8HCJM-000D8 CXP2 3.8TB Samsung SAS 12G TCG Enterprise SSC SED PM1633 MZILS3T8HCJM-000G6 NA01 3.8TB Exhibit 1 – Versions of Samsung SAS 12G TCG Enterprise SSC SED PM163x Series. Cryptographic Boundary The following photographs show the cryptographic module’s top and bottom views. The multiple-chip standalone cryptographic module consists of hardware and firmware components that are all enclosed in two aluminum alloy cases, which serve as the cryptographic boundary of the module. The top and bottom cases are assembled by screws and the tamper-evident labels are applied for the detection of any opening of the cases. No security relevant component can be seen within the visible spectrum through the opaque enclosure. Page 3 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy Exhibit 2 – Specification of the Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Cryptographic Boundary (top images from left to right: top side, bottom side, left side; Bottom images from left to right: front side, back side, and right side). Page 4 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy Exhibit 3 – Block Diagram for Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series. Acronym Description CTRL REX Controller (SAMSUNG TREX SAS 12G TLC/MLC SSD Controller) SAS I/F Serial Attached SCSI Interface CPU Central Processing Unit (ARM-based) DRAM I/F Dynamic Random Access Memory Interface ECC Error Correcting Code NAND I/F NAND Flash Interface PMIC Power Management Integrated Circuit ROM Read-only Memory DRAM Dynamic Random Access Memory NAND NAND Flash Memory Exhibit 4 – Block Diagram Acronym and Descriptions for Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series. Page 5 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy Security Level Specification Security Requirements Area Level Cryptographic Module Specification 2 Cryptographic Module Ports and Interfaces 2 Roles, Services, and Authentication 2 Finite State Model 2 Physical Security 2 Operational Environment N/A Cryptographic Key Management 2 EMI/EMC 3 Self-tests 2 Design Assurance 2 Mitigation of Other Attacks N/A Exhibit 5 – Security Level Table. Page 6 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy Approved Algorithms The cryptographic module supports the following Approved algorithms for secure data storage:  AES-256 ECB and XTS modes: AES (Cert. #3213)  ECDSA (P-224 with SHA-256) Signature Verification: ECDSA (Cert. #595)  SHA-256: SHS (Cert. #2660)  CTR_DRBG (AES-256 with No_Df): DRBG (Cert. #121) NOTE: The cryptographic module implements LSI Corporation’s LSI-CS DRBG in its entirety without alteration. Silicon for LSI-CS did not exist at the time of Algorithm Testing, therefore testing was carried out by LSI in a Synopsys VCS simulation environment. Page 7 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy Non-Approved Algorithms The cryptographic module supports the following non-Approved algorithms:  Non-deterministic Random Number Generator (only used for generating seed materials for the Approved DRBG): NDRNG Physical Ports and Logical Interfaces Physical Port Logical Interface Data Input/Output SAS Connector Control Input Status Output Power Connector Power Input Exhibit 6 – Specification of the Samsung SAS 12G TCG Enterprise SSC SED PM163x Series Cryptographic Module Physical Ports and Logical Interfaces. Security rules The following specifies the security rules under which the cryptographic module shall operate in accordance with FIPS 140-2:  The cryptographic module operates always in FIPS Mode once shipped from the vendor’s manufacturing site.  The cryptographic module is initialized for FIPS Mode by performing the following procedure: o Power-on the module o Confirm that the firmware version is equivalent to the version(s) listed in this document via SCSI command o Perform Initialization service (See the product manual)  The cryptographic module shall maintain logical separation of data input, data output, control input, status output, and power.  The cryptographic module shall not output CSPs in any form.  The cryptographic module shall use the Approved DRBG for generating all cryptographic keys.  The cryptographic module shall enforce role-based authentication for security relevant services.  The cryptographic module shall enforce a limited operational environment by the secure firmware load test using ECDSA P-224 with SHA-256.  The cryptographic module shall provide a production-grade, opaque, and tamper-evident cryptographic boundary. Page 8 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy  The cryptographic module enters the error state upon failure of Self-tests. All commands from the Host (General Purpose Computer (GPC) outside the cryptographic boundary) are rejected in the error state and the cryptographic module returns an error code (0x91) via the status output. Cryptographic services and data output are explicitly inhibited when in the error state.  Power-on Self-tests Algorithm Test AES Encrypt KAT and Decrypt KAT for AES-256-XTS at power-on SHS KAT for SHA-256 at power-on DRBG KAT for CTR_DRBG at power-on ECDSA KAT for ECDSA P-224 SHA-256 signature verification at power-on  F/W integrity check o F/W integrity check is performed by using 212 bit error detection code at power-on  Conditional Self-test o Pairwise consistency: N/A o Bypass Test: N/A o Manual key entry test: N/A o F/W load test  F/W load test is performed by using ECDSA algorithm with P- 224 and SHA-256 o Continuous random number generator test on Approved DRBG o Continuous random number generator test on NDRNG Identification and Authentication Policy The following table defines the roles, type of authentication, and associated authenticated data types supported by the cryptographic module: Role Authentication Data CO Role Password User Role Password FW Loader ECDSA Exhibit 7 - Roles and Required Identification and Authentication (FIPS 140-2 Table C1). Page 9 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy The authentication mechanism allows 6-byte length or longer Password, where each byte can be any of 0x00 to 0xFF, for every Cryptographic Officer and User role supported by the module, which means a single random attempt can succeed with the probability of 1/248 or lower. Each authentication attempt takes at least 56ms and the number of attempts is limited to TryLimit, which is set to 1024 in manufacturing time. Once the number of failed authentication attempts reaches TryLimit, the cryptographic module gets locked out until Zeroization, regardless of power-cycle. Therefore, the probability of multiple random attempts to succeed in one minute is {(60*1000)/(56)}/248, which is much less than the FIPS 140-2 requirement 1/100,000. The authentication mechanism for FW Loader role is ECDSA P-224 with SHA256 digital signature verification, which means a single random attempt, can succeed with the probability of 1/2112. Each authentication attempt takes at least 2 seconds, which enforces the maximum number of attempts to be no more than (60*1000)/2000 in one minute. Therefore, the probability of multiple random attempts to succeed in one minute is {(60*1000)/2000}/2112, which is much less than the FIPS 140-2 requirement 1/100,000. Authentication Mechanism Strength of Mechanism Probability of 1/248 in a single Password (Min: 6 bytes, Max: - 32 bytes) Authentication random attempt Probability of {(60*1000)/(56)}/248 - in multiple random attempts in a minute Probability of 1/2112 in a single ECDSA Signature Verification - random attempt Probability of {(60*1000)/2000}/2112 - in multiple random attempts in a minute Exhibit 8 - Strengths of Authentication Mechanisms (FIPS 140-2 Table C2). Page 10 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy Access Control Policy The cryptographic module contains the following Keys and CSPs: CSPs Generation, Storage and Zeroization Methods DRBG Internal State Generation: via SP800-90A CTR_DRBG Storage: N/A Zeroization: via “Initialization” service and “Zeroize” Note: The values of V and Key are the service “secret values” of the internal state. DRBG Seed Generation: via NDRNG Storage: N/A Zeroization: via “Initialization” service and “Zeroize” service DRBG Entropy Input Generation: via NDRNG String Storage: N/A Zeroization: via “Initialization” service and “Zeroize” service Password Generation: N/A Storage: Plaintext in DRAM and Flash Zeroization: via “Initialization” service, “Erase an LBA Range’s Password/MEK” service and “Zeroize” service MEK Generation: via SP800-90A CTR_DRBG Storage: Plaintext in Flash Zeroization: via “Initialization” service, “Erase an LBA Range’s Password/MEK” service and “Zeroize” service Exhibit 9 – CSPs and details on Generation, Storage and Zeroization Methods Page 11 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy The cryptographic module contains the following Public Key: Public Keys Generation, Storage and Zeroization Methods FW Verification Key Generation: N/A (ECDSA Public Key) Storage: Plaintext in Flash Zeroization: N/A Exhibit 10 – Public Keys and details on Generation, Storage and Zeroization Methods Page 12 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy The following table lists roles, services, cryptographic keys, CSPs and Public Keys and the types of access that are available to each of the authorized roles via the corresponding services: Type(s) of Access (R=Read, Cryptographic Keys, W=Write, Role Service CSPs and Public Keys G=Generate, Z=Zeroize) DRBG Internal State Z, G DRBG Seed Z, G Initialization DRBG Entropy Input String Z, G Password Z, W MEK Z, G Enable/Disable FW Download Service N/A N/A Cryptographic Drive Extended Status Officer N/A R MEK Z, G Erase an LBA Range’s Password/MEK Password Z, W DRBG Internal State Z DRBG Seed Z DRBG Entropy Input String Z Zeroize Password Z MEK Z Change Tries Reset N/A N/A Condition * MEK R Unlock an LBA Range Password R Lock an LBA Range N/A N/A User Configure an LBA N/A N/A Range Change Tries Reset N/A N/A Condition * FW Loader Update the firmware FW Verification Key R Page 13 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy * NA01 firmware allows the CO and User to configure whether the number of failed authentication attempts count is stored into volatile or non-volatile memory; if stored into volatile memory, the number of failed authentication attempts count is reset to 0 by power cycle; if stored into non-volatile memory, the number of failed authentication attempts count can only be reset to 0 by successful authentication; on the CXP2 firmware the number of failed authentication attempts count is always stored into volatile memory and is therefore always reset to 0 by power cycle. For both the NA01 firmware and CXP2 firmware, the CO and User may configure the maximum number of failed authentication attempts ("TryLimit") to 1071 during a one-minute period. Page 14 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy Exhibit 11 – Services Authorized for Roles, Access Rights within Services (FIPS 140-2 Table C3, Table C4). Unauthenticated Services The following table lists the unauthenticated services: Type(s) of Role Unauthenticated Cryptographic Keys & Access (G=Generate, Service CSPs Z=Zeroize) Cryptographic DRBG Internal State Z Officer, User and FW DRBG Seed Z Loader DRBG Entropy Input String Z Zeroize Password Z MEK Z Cryptographic Officer, User and FW Get Random Number N/A N/A Loader Cryptographic Officer, User and FW Get MSID N/A N/A Loader Cryptographic Officer, User and FW Show Status N/A N/A Loader Cryptographic Officer, User and FW Self-test N/A N/A Loader Exhibit 12 – Unauthenticated Service, Cryptographic Keys & CSPs and Type(s) of Access. Page 15 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy Physical Security Policy The following physical security mechanisms are implemented in a cryptographic module:  The Module consists of production-grade components enclosed in an aluminum alloy enclosure, which is opaque within the visible spectrum. The top panel of the enclosure can be removed by unscrewing screws. However, the module is sealed with tamper-evident labels in accordance with FIPS 140-2 Level 2 Physical Security requirements so that tampering is easily detected when the top and bottom cases are detached.  2 tamper-evident labels are applied over both top and bottom cases of the module at the factory. The tamper-evident labels are not removed and reapplied without tamper evidence. The following table summarizes the actions required by the Cryptographic Officer Role to ensure that physical security is maintained: Recommended Physical Security Frequency of Inspection/Test Guidance Details Mechanisms Inspection/Test Inspect the entire perimeter for cracks, Production grade gouges, lack of screw(s) and other signs of cases tampering. Remove from service if tampering found. As often as feasible Inspect the sealing labels for scratches, Tamper-evident gouges, cuts and other signs of tampering. Sealing Labels Remove from service if tampering found. Exhibit 13 - Inspection/Testing of Physical Security Mechanisms (FIPS 140-2 Table C5) Exhibit 14 – Signs of Tamper Page 16 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016. Samsung SAS 12G TCG Enterprise SSC SEDs PM163x Series Security Policy Mitigation of Other Attacks Policy The cryptographic module has not been designed to mitigate any specific attacks beyond the scope of FIPS 140-2. Other Mitigation Specific Attacks Mechanism Limitations N/A N/A N/A Exhibit 15 - Mitigation of Other Attacks (FIPS 140-2 Table C6) Page 17 of 17 This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2016.