

FIPS 140-3 Non-Proprietary Security Policy

**Document Version: 1.0** 

 H/W Version: MZ1L2960HCJR-00AMV[1], MZ1L21T9HCLS-00AMV[1], MZ1L23T8HBLA-00AMV[1], MZCL21T9HCJR-00AMV[2], MZCL23T8HCLS-00AMV[2], MZCL27T6HBLA-00AMV[2] and MZEL215THBLA-00AMV[3]
 F/W Version: GDC76M4Q[1], GDC79M4Q[1], GDC62M4Q[2], GDC63M4Q[2], GDDB3M2Q[3], GDDB4M2Q[3]

This non-proprietary Security Policy may only be copied in its entirely without alterations including this copyright notice. Samsung Electronics Co., Ltd. All rights reserved.

## **Revision History**

| Version | Change          |
|---------|-----------------|
| 1.0     | Initial Version |
|         |                 |
|         |                 |
|         |                 |

## **Table of Contents**

| <u>1.</u>  | GENERAL                                           | 4  |
|------------|---------------------------------------------------|----|
|            | 1.1. SCOPE                                        | 4  |
|            | 1.2. ACRONYMS                                     | 4  |
| <u>2.</u>  | CRYPTOGRAPHIC MODULE SPECIFICATION                | 5  |
|            | 2.1. HARDWARE AND PHYSICAL CRYPTOGRAPHIC BOUNDARY | 5  |
|            | 2.2. MODULE CRYPTOGRAPHIC BOUNDARY                | 7  |
|            | 2.3. VERSION INFORMATION                          | 7  |
|            | 2.4. CRYPTOGRAPHIC FUNCTIONALITY                  | 8  |
|            | 2.4.1. APPROVED ALGORITHM                         | 8  |
|            | 2.4.2. NON-APPROVED ALGORITHM                     | 8  |
|            | 2.5. Approved Mode of Operation                   | 8  |
| <u>3.</u>  | CRYPTOGRAPHIC MODULE INTERFACES                   | 9  |
| <u>4.</u>  | ROLES, SERVICES, AND AUTHENTICATION               | 10 |
|            | 4.1. ROLE                                         | 10 |
|            | 4.2. Approved Services                            | 10 |
| <u>5.</u>  | SOFTWARE/FIRMWARE SECURITY                        | 12 |
| <u>6.</u>  | OPERATIONAL ENVIRONMENT                           | 13 |
| <u>7.</u>  | PHYSICAL SECURITY                                 | 14 |
| <u>8.</u>  | NON-INVASIVE SECURITY                             | 15 |
| <u>9.</u>  | SENSITIVE SECURITY PARAMETER MANAGEMENT           | 16 |
| <u>10.</u> | SELF-TESTS                                        | 18 |
|            | 10.1. PRE-OPERATIONAL TEST                        | 18 |
|            | 10.2. CONDITIONAL TEST                            | 18 |
| <u>11.</u> | LIFE-CYCLE ASSURANCE                              | 19 |
|            | 11.1. Secure Installation                         | 19 |
|            | 11.2. OPERATIONAL DESCRIPTION OF MODULE           | 19 |
| <u>12.</u> | _ MITIGATION OF OTHER ATTACKS                     | 20 |

### 1. General

### 1.1. Scope

This document outlines the security policy for Samsung Electronics Co., Ltd. **Samsung NVMe TCG Opal SSC SEDs PM9A3 Series**, herein after referred to as the "cryptographic module" or "module", SSD (Solid State Drive). This module satisfies all applicable FIPS 140-3 Security Level 1 hardware cryptographic module requirements. It supports TCG Opal SSC based SED (Self-Encrypting Drive) features that is designed to protect unauthorized access to the user data stored in its NAND Flash memories. The cryptographic module's controller has built-in AES hardware engines that provide on-the-fly encryption and decryption of the user data without performance loss. The SED design also allows for instant data sanitization via cryptographic erase.

| ISO/IEC 24759<br>Section 6.<br>[Number Below] | FIPS 140-3 Section Title                | Security Level |
|-----------------------------------------------|-----------------------------------------|----------------|
| 1                                             | General                                 | 1              |
| 2                                             | Cryptographic module specification      | 1              |
| 3                                             | Cryptographic module interfaces         | 1              |
| 4                                             | Roles, services, and authentication     | 1              |
| 5                                             | Software/Firmware security              | 1              |
| 6                                             | Operational environment                 | 1              |
| 7                                             | Physical security                       | 1              |
| 8                                             | Non-invasive security                   | N/A            |
| 9                                             | Sensitive security parameter management | 1              |
| 10                                            | Self-tests                              | 1              |
| 11                                            | Life-cycle assurance                    | 1              |
| 12                                            | Mitigation of other attacks             | N/A            |

**Table 1. Security Levels** 

#### 1.2. Acronyms

| Acronym  | Description                                                 |
|----------|-------------------------------------------------------------|
| CTRL     | Controller                                                  |
| CPU      | Central Processing Unit (ARM-based)                         |
| DRAM     | Dynamic Random Access Memory                                |
| DRAM I/F | Dynamic Random Access Memory Interface                      |
| ECC      | Error Correction Code                                       |
| EDC      | Error Detection Code                                        |
| KAT      | Known-answer Test                                           |
| LBA      | Logical Block Address                                       |
| MEK      | Media Encryption Key                                        |
| PSID     | Physical Presence SID (Security Identifier)                 |
| NAND     | NAND Flash Memory                                           |
| NAND I/F | NAND Flash Interface                                        |
| NVMe     | Non-Volatile Memory Host Controller Interface Specification |
| ROM      | Read-Only Memory                                            |

#### Table 2. Acronyms

### 2. Cryptographic Module Specification

#### 2.1. Hardware and Physical Cryptographic Boundary

This firmware version, within the scope of this validation, must undergo validation through the FIPS 140-3 CMVP. Any other firmware loaded into this module is beyond the scope of this validation and requires a separate FIPS 140-3 validation.

Below are photographs showing the cryptographic module views of each form factor. The multiple-chip embedded cryptographic module includes both hardware and firmware components.

The cryptographic boundary of the M.2 module is defined as the physical perimeter of the PCB.



Figure 1. Specification of the PM9A3 M.2 Form Factor Cryptographic Boundary

The E1.S and E1.L cryptographic modules are each enclosed in two aluminum alloy cases. These cases define the modules' cryptographic boundary.



Figure 2. Specification of the PM9A3 E1.S Form Factor Cryptographic Boundary

Samsung Electronics Co., Ltd. SSD FIPS 140-3 Security Policy



Figure 3. Specification of the PM9A3 E1.L Form Factor Cryptographic Boundary

#### 2.2. Module Cryptographic Boundary

The PM9A3 series utilizes a single-chip controller with an NVMe interface for system side communication and integrates Samsung NAND flash memory for internal storage. The following figure depicts the module's operational environment.



Figure 4. Block Diagram for Samsung NVMe TCG Opal SSC SEDs PM9A3 Series

#### 2.3. Version information

| Model   | Hardware Version                                                                          | Firmware Version     | Distinguishing<br>Features |  |
|---------|-------------------------------------------------------------------------------------------|----------------------|----------------------------|--|
|         | MZ1L2960HCJR-00AMV                                                                        |                      | 960GB                      |  |
|         | MZ1L21T9HCLS-00AMV GDC76M4Q<br>MZ1L23T8HBLA-00AMV GDC79M4Q<br>MZCL21T9HCJR-00AMV GDCC2M4Q | •                    | 1.92TB                     |  |
|         |                                                                                           | GDC791014Q           | 3.84TB                     |  |
| PM9A3   |                                                                                           | CDCC2M4O             | 1.92TB                     |  |
| PIVIJAS | MZCL23T8HCLS-00AMV                                                                        | GDC62M4Q<br>GDC63M4Q | 3.84TB                     |  |
|         | MZCL27T6HBLA-00AMV                                                                        | GDC031V14Q           | 7.68TB                     |  |
|         | MZEL215THBLA-00AMV                                                                        | GDDB3M2Q             | 1E 26TD                    |  |
|         |                                                                                           | GDDB4M2Q             | 15.36TB                    |  |

Table 3. Cryptographic Module Tested Configuration

### 2.4. Cryptographic Functionality

The module does not implement any "Non-Approved Algorithms Not Allowed in the Approved Mode of Operation".

#### 2.4.1. Approved Algorithm

| CAVP Cert          | Algorithm and Standard        | Mode/<br>Method              | Description/<br>Key Size(s)/<br>Key Strength(s) | Use/Function                                                                                                                                                           |
|--------------------|-------------------------------|------------------------------|-------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| A1157              | AES /<br>FIPS 197, SP 800-38A | ECB                          | 256 bits                                        | Prerequisite for AES-XTS (A1157)                                                                                                                                       |
| A1157              | AES /<br>FIPS 197, SP 800-38E | XTS <sup>1</sup>             | 256 bits                                        | Data Encryption / Decryption                                                                                                                                           |
| A1153              | DRBG /<br>SP 800-90A Rev. 1   | Hash_ DRBG<br>(SHA-256)      | N/A                                             | Deterministic Random Bit<br>Generation                                                                                                                                 |
| A1155              | RSA / FIPS 186-4              | SigVer                       | 3072 bits                                       | Digital Signature Verification                                                                                                                                         |
| A1158              | SHS / FIPS 180-4              | SHA-256                      | N/A                                             | Message Digest                                                                                                                                                         |
| Vendor<br>Affirmed | CKG / SP 800-133 Rev. 2       | Section 4 and<br>Section 6.1 | N/A                                             | Cryptographic Key Generation<br>(Symmetric keys which are direct<br>unmodified outputs from the<br>DRBG)                                                               |
| N/A                | ENT (P) / SP 800-90B          | N/A                          | N/A                                             | Non-deterministic Random<br>Number Generator (only used for<br>generating seed materials for the<br>DRBG). Provides a minimum of 256<br>bits of entropy for DRBG seed. |

The cryptographic module supports the following Approved algorithms for secure data storage:

#### Table 4. Approved Algorithms

Note that not all algorithms/modes that appear on the module's CAVP certificates are utilized by the module. Table 4 lists only the algorithms/modes that are utilized by the module.

#### 2.4.2. Non-Approved Algorithm

The following algorithms are not intended to be used as security functions, and not used whatsoever to meet any FIPS 140-3 requirements. These algorithms are not provided through a non-approved services to an operator.

| Algorithm                         | Caveat                                                                                          | Use / Function                |
|-----------------------------------|-------------------------------------------------------------------------------------------------|-------------------------------|
| AES-XTS /<br>FIPS 197, SP 800-38E | No Security Claimed; AES-XTS is only<br>used for firmware decryption during<br>ROM initialized. | Firmware Decryption           |
| AES-CCM /<br>FIPS 197, SP 800-38C | No Security Claimed; Non-approved                                                               | Key Encryption and Decryption |
| PBKDF2                            | algorithms here are only used for                                                               | Key Derivation                |
| HMAC /<br>SHA-256                 | encrypting or obfuscating the CSP.                                                              | Key Derivation                |

Table 5. Non-Approved Algorithms Allowed in the Approved Mode of Operation with No Security Claimed

### 2.5. Approved Mode of Operation

<sup>&</sup>lt;sup>1</sup> AES-ECB is the pre-requisite for AES-XTS; AES-ECB alone is NOT supported by the cryptographic module in approved mode.

The module always defaults to an Approved mode of operation. To ensure it remains in this mode, operators must strictly follow the guidance outlined in section 11. The user can verify the module's Approved status using the "Show Status" Service in Table 7 via the NVM Express Identify Controller command.

### 3. Cryptographic Module Interfaces

The module doesn't support a Control output interface.

| Physical port  | Logical interface   | Data that passes over port/interface                                                                                  |  |  |  |  |
|----------------|---------------------|-----------------------------------------------------------------------------------------------------------------------|--|--|--|--|
|                | Data Input / Output | Plaintext data; signed data;                                                                                          |  |  |  |  |
| NVMe Connector | Control Input       | Commands input logically via an API; signals input logically or physically via one or more physical ports             |  |  |  |  |
| Status Output  |                     | Status information output logically via an API; signal outputs logically or physically via one or more physical ports |  |  |  |  |
|                | Control Input       | Signals input logically or physically via one or more physical port                                                   |  |  |  |  |
| JTAG           | Status Output       | Signal outputs logically or physically via one or more physical ports                                                 |  |  |  |  |

Table 6. Ports and Interfaces

### 4. Roles, Services, and Authentication

### 4.1. Role

The module does not support role authentication. Roles are implicitly assumed based on the service they are invoking.

| Role                     | Service                         | Input           | Output |
|--------------------------|---------------------------------|-----------------|--------|
|                          | Show Status                     | N/A             | Status |
|                          | Lock/Unlock an LBA Range        | LBA Range       | Status |
|                          | Erase an LBA Range's Data       | LBA Range       | Status |
| Cryptographic            | Update the firmware             | FW image binary | Status |
| Officer (CO)             | Get Random Number               | N/A             | Status |
|                          | IO Command                      | LBA             | Status |
|                          | FormatNVM / Sanitize / DeleteNS | LBA Range       | Status |
|                          | Revert                          | PSID            | N/A    |
| Maintenance <sup>2</sup> | Diagnostics                     | N/A             | N/A    |

Table 7. Roles, Service Commands, Input and Output

### 4.2. Approved Services

The cryptographic module does not offer bypass capabilities.

E: Execute; W: Write; G: Generate; Z: Zeroise

| Service                     | Description                                                            | Approved<br>Security<br>Functions | Keys and/or<br>SSPs            | Roles                         | r | Acc<br>ight<br>eys<br>SS | s to<br>and | b<br>d | Indicator <sup>3</sup>                                                                           |
|-----------------------------|------------------------------------------------------------------------|-----------------------------------|--------------------------------|-------------------------------|---|--------------------------|-------------|--------|--------------------------------------------------------------------------------------------------|
| Show Status                 | Show approved<br>version status of<br>the module / FIPS<br>fail mode   | N/A                               | N/A                            | Cryptographic<br>Officer (CO) | E | vv                       | 0           | 2      | NVM Command:<br>Identify Controller<br>command<br>Result : Status Code                           |
| Lock/Unlock an<br>LBA Range | Block or allow<br>read (decrypt) /<br>write (encrypt) of<br>user data. | N/A                               | MEK <sup>4</sup>               |                               |   | 0                        |             | 0      | UID:<br>Locking_GlobalRange /<br>Locking_RangeNNNN<br>TCG Method: Set<br>Result: TCG status code |
|                             |                                                                        | Hash DRBG                         | DRBG Internal<br>State V value |                               | 0 |                          | 0           |        | UID:                                                                                             |
| Erase an LBA                | Erase user data by                                                     | (SHA-256)                         | DRBG Internal<br>State C value |                               | 0 |                          | 0           |        | K_AES_256_GlobalRange<br>_Key /                                                                  |
| Range's Data                | changing the data<br>encryption key.                                   | CKG                               | DRBG Seed                      |                               | 0 |                          | 0           |        | K_AES_256_RangeNNNN<br>_Key                                                                      |
|                             | eneryption key.                                                        | ENT (P)                           | DRBG Entropy<br>Input String   |                               | 0 |                          | 0           |        | _Key<br>TCG Method: GenKey<br>Result: TCG status code                                            |
|                             |                                                                        |                                   | MEK                            |                               |   | 0                        | 0           | 0      |                                                                                                  |
| Revert                      | Erase user data in<br>all Range by                                     | Hash_ DRBG<br>(SHA-256)           | DRBG Internal<br>State V value |                               | 0 |                          | 0           |        | UID: SPObj(AdminSP)<br>TCG Method: Revert                                                        |

<sup>2</sup> Maintenance role is operator that is responsible for using the JTAG

<sup>3</sup> The result of NVMe or TCG command is used as an indicator

<sup>&</sup>lt;sup>4</sup> Specified type of access of Lock/Unlock an LBA Range service to MEK was limited to only RAM

|                     | changing the data<br>encryption key,<br>initialize range | CKG<br>ENT (P)          | DRBG Internal<br>State C value      |             | 0 |   | 0 |   | Result: TCG status code                                   |
|---------------------|----------------------------------------------------------|-------------------------|-------------------------------------|-------------|---|---|---|---|-----------------------------------------------------------|
|                     | settings, and                                            | ENT (P)                 | DRBG Seed                           |             | 0 |   | 0 |   |                                                           |
|                     | reset PINs for<br>TCG.                                   |                         | DRBG Entropy<br>Input String        |             | 0 |   | 0 |   |                                                           |
|                     |                                                          |                         | МЕК                                 |             |   | 0 | 0 | 0 |                                                           |
| Update the firmware | Update the<br>firmware                                   | RSA                     | FW<br>Verification<br>Key           |             | 0 |   |   |   | Admin Command:<br>Firmware Commit<br>Result : Status Code |
|                     | Provide a random                                         | Hash_ DRBG<br>(SHA-256) | DRBG Internal<br>State V value      |             | 0 |   | 0 |   |                                                           |
| Get Random          | number<br>generated by the<br>CM.                        |                         | DRBG Internal<br>State C value      |             | 0 |   | 0 |   | UID: ThisSP<br>TCG Method: Random                         |
| Number              |                                                          | CKG                     | DRBG Seed                           |             | 0 |   | 0 |   | Result: TCG status code                                   |
|                     |                                                          | ENT (P)                 | DRBG Entropy<br>Input String        |             | 0 |   | 0 |   |                                                           |
| IO Command          | Read/Write user<br>data                                  | AES-XTS                 | МЕК                                 |             | 0 |   |   |   | NVM Command:<br>Write / Read<br>Result : Status Code      |
|                     |                                                          | Hash DRBG               | DRBG Internal<br>State V value      |             | 0 |   | 0 |   |                                                           |
| FormatNVM /         | Erase user data by                                       | (SHA-256)               | DRBG Internal<br>State C value      |             | 0 |   | 0 |   | Admin Command:<br>Format NVM / Sanitize /                 |
| Sanitize /          | changing the data                                        | CKG                     | DRBG Seed                           |             | 0 |   | 0 |   | Namespace                                                 |
| DeleteNS            | encryption key.                                          | ENT (P)                 | DRBG Entropy<br>Input String<br>MEK |             | 0 | 0 | 0 | 0 | Management<br>Result : Status Code                        |
| Diagnostics         | Perform<br>Maintenance                                   | N/A                     | N/A                                 | Maintenance |   | 0 | 0 | 0 | N/A                                                       |

Table 8. Approved Services

## 5. Software/Firmware Security

- The cryptographic module employs a 428-byte error detection code for firmware integrity testing, which is performed during power-on reset.

### 6. Operational Environment

- The cryptographic module operates in a limited operational environment, consisting of the module's firmware. This limited operational setting does not require any specific security rules, settings/configurations, or restrictions to be set.
- The cryptographic module does not provide any general-purpose operating system to the operator.
- Firmware download is only available for CMVP validated firmware versions. Unauthorized modification of the firmware is prevented by the pre-operational firmware integrity test and conditional firmware load test.
- Since the cryptographic module is zeroised through the procedure for using maintenance role, it is restricted preventing uncontrolled access to CSPs and uncontrolled modifications of SSPs.

### 7. Physical Security

The following physical security mechanisms are implemented in the cryptographic module:

• Production grade components.

The following table summarizes the actions required by the Cryptographic Officer Role to ensure that physical security is maintained:

| Physical Security<br>Mechanisms | Recommended Frequency<br>of Inspection/Test | Inspection/Test Guidance Details |
|---------------------------------|---------------------------------------------|----------------------------------|
| Production grade<br>components  | N/A                                         | N/A                              |

Table 9. Inspection/Testing of Physical Security Mechanisms

The cryptographic module supports the Maintenance role. To assume the Maintenance role, operators must comply with the following rule:

- The operator must zeroise all SSPs listed in the Table 10 by invoking the Revert service in the Table 8 and initiate the Power on reset before entering the Maintenance role.
- To exit the Maintenance role, the operator must procedurally perform the Revert service in the Table 8 and perform a power-on reset of the module. To finish with, the operator performing the Show Status service in Table 8 confirms the original firmware version listed in the Table 3 remains unchanged.
- The operator is responsible for managing the module's JTAG port and should conduct regular inspections associated with the enabled JTAG port as frequently as possible in order to prevent potential security risks such as potential code modifications with no firmware load test, reading and writing of register information or other impactful security changes.

## 8. Non-Invasive Security

- The module does not implement any non-invasive attack mitigation techniques. Therefore, this section is not applicable.

### 9. Sensitive Security Parameter Management

- Temporary SSPs and SSPs stored in volatile memory are automatically zeroized upon power-on reset.
- The module performs zeroization by overwriting the target SSP with random values generated by the DRBG.
- The module does not import or export SSPs.

| Key /<br>SSP<br>Name /<br>Type       | Strength | Security<br>Function<br>and Cert.<br>Number | Generation                           | Establishment | Import /<br>Export | Storage               | Zeroisation                                                                                                                                                                  | Use &<br>related<br>keys                                |
|--------------------------------------|----------|---------------------------------------------|--------------------------------------|---------------|--------------------|-----------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------|
| DRBG<br>Internal<br>State V<br>value | 440-bit  | Hash_<br>DRBG<br>(SHA-<br>256) /<br>A1153   | SP 800-90A<br>HASH_DRBG<br>(SHA-256) | N/A           | N/A                | Plaintext<br>in RAM   | Implicitly<br>zeroised by<br>Power on<br>reset                                                                                                                               | MEK                                                     |
| DRBG<br>Internal<br>State C<br>value | 440-bit  | Hash_<br>DRBG<br>(SHA-<br>256) /<br>A1153   | SP 800-90A<br>HASH_DRBG<br>(SHA-256) | N/A           | N/A                | Plaintext<br>in RAM   | Implicitly<br>zeroised by<br>Power on<br>reset                                                                                                                               | МЕК                                                     |
| DRBG<br>Seed                         | N/A      | Hash_<br>DRBG<br>(SHA-<br>256) /<br>A1153   | ENT (P)                              | N/A           | N/A                | Plaintext<br>in RAM   | Implicitly<br>zeroised by<br>Power on<br>reset                                                                                                                               | MEK                                                     |
| DRBG<br>Entropy<br>Input<br>String   | N/A      | Hash_<br>DRBG<br>(SHA-<br>256) /<br>A1153   | ENT (P)                              | N/A           | N/A                | Plaintext<br>in RAM   | Implicitly<br>zeroised by<br>Power on<br>reset                                                                                                                               | МЕК                                                     |
| MEK                                  | 256-bit  | AES-XTS /<br>A1157                          | SP 800-90A<br>HASH_DRBG<br>(SHA-256) | N/A           | N/A                | Plaintext<br>in RAM   | Implicitly<br>zeroised by<br>Power on<br>reset /<br>Explicitly<br>zeroised via<br>"Unlock an<br>LBA Range"<br>service and<br>indicate<br>with its<br>indicator<br>Explicitly | Data<br>encryption<br>and<br>decryption<br>of user data |
|                                      |          |                                             |                                      |               |                    | Plaintext<br>in Flash | zeroised via<br>"Erase an<br>LBA Range's<br>Data",<br>"Revert"<br>and<br>"FormatNV<br>M /<br>Sanitize /                                                                      |                                                         |



|                                               |         |                |                                                                                           |     |     |                                        | DeleteNS"<br>services<br>and<br>indicate<br>with their<br>indicators                                                   |                       |
|-----------------------------------------------|---------|----------------|-------------------------------------------------------------------------------------------|-----|-----|----------------------------------------|------------------------------------------------------------------------------------------------------------------------|-----------------------|
| Firmware<br>Verificati<br>on Key <sup>5</sup> | 128-bit | RSA /<br>A1155 | Generated<br>during the<br>manufacturing<br>process, is<br>included as<br>part of the FW. | N/A | N/A | Plaintext<br>in HW<br>SFR <sup>6</sup> | Implicitly<br>zeroised by<br>Power on<br>reset and<br>after<br>completion<br>of "Update<br>the<br>firmware"<br>service | Firmware<br>Load Test |

Table 10. SSPs

- The module contains an entropy source, compliant with SP 800-90B, within the module's cryptographic boundary.

| Entropy sources                                                      | Minimum number of bits<br>of entropy | Details                      |  |  |
|----------------------------------------------------------------------|--------------------------------------|------------------------------|--|--|
| ENT (P)                                                              | 0.5 entropy per bit <sup>7</sup>     | Entropy source for Hash_DRBG |  |  |
| Table 44. New Deterministic Devidence Number Conception Constitution |                                      |                              |  |  |

 Table 11. Non-Deterministic Random Number Generation Specification

<sup>&</sup>lt;sup>5</sup> This is not considered an SSP.

<sup>&</sup>lt;sup>6</sup> HW SFR (Special Function Register) is a register within a hardware cryptographic algorithm IP, which has characteristic of volatile memory.

<sup>&</sup>lt;sup>7</sup> Estimated amount of entropy per the source's output bit is 0.841621 and Samsung conservatively claims to be set at 0.5 per bit.

### 10. Self-Tests

All cryptographic algorithm self-tests are executed during power-on. While executing the following self-tests, all data output is inhibited until the self-test completes. To execute the pre-operational tests on-demand, the operator may power-cycle the module. Cryptographic algorithm self-tests are performed prior to the approved algorithms' first use. If a cryptographic module fails a self-test, the module will enter an error state. While in this state, all data output is inhibited.

### 10.1. Pre-Operational Test

| Algorithm                            | Туре                       | Description                                                                                     |  |  |
|--------------------------------------|----------------------------|-------------------------------------------------------------------------------------------------|--|--|
| EDC                                  | Firmware<br>integrity test | Firmware integrity test is performed by using 428 byte error correction code (ECC) at power-on. |  |  |
| Table 12. Pre-operational Self-tests |                            |                                                                                                 |  |  |

Table 12. Pre-operational Self-tests

### 10.2. Conditional Test

| Algorithm | Туре                                 | Description                                                                                                   |
|-----------|--------------------------------------|---------------------------------------------------------------------------------------------------------------|
| AES       | Critical function test               | Duplicate Key Test for AES-XTS described in FIPS 140-3 IG C.I (i.e. key_1 $\neq$ key_2) when key is generated |
| AES       | Cryptographic<br>algorithm self-test | KAT: AES-256 XTS mode encryption and decryption                                                               |
| AES       | Cryptographic<br>algorithm self-test | KAT: AES-256 ECB mode encryption and decryption                                                               |
| SHS       | Cryptographic<br>algorithm self-test | KAT: SHA-256 hash digest                                                                                      |
| RSA       | Cryptographic<br>algorithm self-test | KAT: RSA-3072 verification is performed before firmware load test                                             |
| RSA       | Firmware load test                   | RSA-3072 with SHA-256 signature verification is performed if new FW is downloaded.                            |
| DRBG      | Cryptographic<br>algorithm self-test | KATs: HASH-DRBG(SHA2-256), SP 800-90A Health testing on Instantiate, Generate and Reseed functions            |
| ENT (P)   | Cryptographic<br>algorithm self-test | Startup and Conditional SP800-90B Heath tests: Repetition count test, Adaptive proportion test                |

#### Table 13. Conditional Self-tests

The cryptographic module enters the error state upon failure of Self-tests. All commands from the Host (General Purpose Computer (GPC) outside the cryptographic boundary) are rejected in the error state and the cryptographic module returns an FIPS Fail Mode (SC=0x6, SCT=0x0) defined in NVMe specification via the status output. Cryptographic services and data output are explicitly inhibited when in the error state.

### **11. Life-Cycle Assurance**

The cryptographic module operates in the Approved mode of operation by default once shipped from the vendor's manufacturing site and does not support a non-approved mode of operation. The following guidance in section 11.1 describes the rules for secure installation and operation which the operator shall follow to operate the cryptographic module in a FIPS 140-3 security level 1 compliant manner.

- 11.1. Secure Installation
  - Identify the firmware version in the device
    - Confirm the firmware version matches to the version(s) listed in this document using the NVM Express Identify Controller command.
- 11.2. Operational Description of Module
  - The cryptographic module employs AES-XTS exclusively for storage applications.
  - The cryptographic module maintains strict logical separation between data input, output, control input, status output, and power.
  - The cryptographic module does not output CSPs in any form.
  - The cryptographic module utilizes the Approved DRBG for generating all cryptographic keys.
  - The module generates at a minimum 256 bits of entropy for use in key generation.
  - Operators must perform a power-on reset of the module after using the "Update the firmware" service to execute a new firmware validated by a validation authority.

## 12. Mitigation of Other Attacks

The cryptographic module has not been designed to mitigate any specific attacks beyond the scope of FIPS 140-3.