© 2024 Western Digital Corporation or its affiliates. Public Material - May be reproduced only in its original entirety [without revision].
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140-2 Cryptographic Module
Non-Proprietary Security Policy
Protection of Data at Rest
Version: 1.4
2024-01-22
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 2 of 22
CONTENTS
1. Cryptographic Module Overview...........................................................................................................................4
1.1 Models.................................................................................................................................................................................4
1.2 Security Level .....................................................................................................................................................................5
2. Modes of Operation.................................................................................................................................................5
2.1 FIPS Approved Mode of Operation..............................................................................................................................5
2.2 Approved Algorithms.......................................................................................................................................................6
3. Ports and Interfaces..................................................................................................................................................7
4. Identification and Authentication Policy...............................................................................................................7
4.1 Cryptographic Officer.......................................................................................................................................................7
4.1.1 Secure ID (SID) Authority .......................................................................................................................................................7
4.1.2 EraseMaster Authority ..............................................................................................................................................................7
4.2 BandMaster Authority (User) ..........................................................................................................................................8
4.3 Anybody..............................................................................................................................................................................8
4.4 Maker...................................................................................................................................................................................8
5. Access Control Policy ..............................................................................................................................................9
5.1 Roles and Services.............................................................................................................................................................9
5.2 Unauthenticated Services ...............................................................................................................................................11
5.3 Definition of Critical Security Parameters (CSPs)......................................................................................................12
5.4 Definition of Public Security Parameters ....................................................................................................................13
5.5 SP800-132 Key Derivation Function Affirmations ...................................................................................................13
5.6 Definition of CSP Modes of Access ............................................................................................................................13
6. Operational Environment .....................................................................................................................................15
7. Security Rules ..........................................................................................................................................................15
7.1 Invariant Rules.................................................................................................................................................................15
7.2 Initialization Rules...........................................................................................................................................................16
7.3 Zeroization Rules.............................................................................................................................................................17
8. Physical Security Policy..........................................................................................................................................17
8.1 Mechanisms......................................................................................................................................................................17
8.2 Operator Responsibility..................................................................................................................................................17
9. Mitigation of Other Attacks Policy ......................................................................................................................18
10. Definitions ...............................................................................................................................................................18
11. Acronyms.................................................................................................................................................................20
12. References................................................................................................................................................................20
12.1 NIST Specifications ........................................................................................................................................................20
12.2 Trusted Computing Group Specifications ..................................................................................................................21
12.3 International Committee on Information Technology Standards T10 Technical Committee Standards.........21
12.4 Corporate Documents....................................................................................................................................................21
12.5 SCSI Commands..............................................................................................................................................................22
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 3 of 22
Tables
Table 1 Ultrastar DC HC530 TCG Enterprise HDD Models .................................................................................4
Table 2 - Module Security Level Specification............................................................................................................5
Table 3 - FIPS Approved Algorithms ..........................................................................................................................6
Table 4 – Approved Cryptographic Functions Tested with Vendor Affirmation.................................................7
Table 5 - Ultrastar DC HC530 FIPS 140-2 Ports and Interfaces.............................................................................7
Table 6 - Roles and Required Identification and Authentication.............................................................................8
Table 7 - Authentication Mechanism Strengths..........................................................................................................9
Table 8 - Authenticated CM Services (Approved Mode) ..........................................................................................9
Table 9 - Authenticated CM Services (Non-Approved Mode)...............................................................................10
Table 10 - Unauthenticated Services...........................................................................................................................11
Table 11 - CSPs and Private Keys...............................................................................................................................12
Table 12 - Public Security Parameters........................................................................................................................13
Table 13 - CSP Access Rights within Roles & Services...........................................................................................14
Table 14 - SCSI Commands.........................................................................................................................................22
Figures
Figure 1: Ultrastar DC HC530 Cryptographic Boundary..........................................................................................4
Figure 2: Tamper-Evident Seal....................................................................................................................................17
Figure 3: Tamper Evidence on Tamper Seal.............................................................................................................18
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 4 of 22
1. Cryptographic Module Overview
The self-encrypting Ultrastar DC HC530 TCG Enterprise HDD, hereafter referred to as “Ultrastar DC HC530” or
“Cryptographic Module”, is a multi-chip embedded module that complies with FIPS 140-2 Level 2 security. The
Ultrastar DC HC530 complies with the Trusted Computing Group (TCG) SSC: Enterprise Specification. The drive enclosure
defines the cryptographic boundary. See Figure 1: Ultrastar DC HC530 Cryptographic Boundary. The SIO port pins
shown to the right of the SAS connector, in Figure 1 are disabled in FIPS Approved Mode and non-Approved Mode.
Except for the four-conductor motor control cable, all components within the cryptographic boundary tested as
compliant with FIPS 140-2 requirements. The control cable is not security relevant and therefore excluded from FIPS
140-2 requirements. The Ultrastar DC HC530 complies with the Advanced Format (AF) standard. The logical
storage of user data is unaffected by the formatting method for drives that comply with the Advanced AF standard.
4Kn and 512e formatting organize user data on the physical media in the same manner. The emulation layer
employed in 512e drives only services to organize the data in 512-byte chunks for processing by the host. Format
method is not security relevant and therefore excluded from FIPS 140-2 requirements.
Figure 1: Ultrastar DC HC530 Cryptographic Boundary
Top View SAS Connector View Bottom View
1.1 Models
The Ultrastar DC HC530 is available in two models that vary by block size. The validated models listed below in
Table 1 lists the characteristics, hardware version, and firmware version associated with each model.
Table 1 - Ultrastar DC HC530 TCG Enterprise HDD Models
Part Number
(Hardware Version)
Firmware Description
WUH721414AL5205 R221, R240, R2L0, R2V0,
R2W0, R400, 3P00
14 TB, 512e, 3.5-inch HDD, 7200 RPM, 12 Gb/s SAS
WUH721414AL4205 R221, R240, R2L0, R2V0,
R2W0, R400, 3P00
14 TB, 4Kn, 3.5-inch HDD, 7200 RPM, 12 Gb/s SAS
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 5 of 22
1.2 Security Level
The Cryptographic Module meets all requirements applicable to FIPS 140-2 Level 2 Security.
Table 2 - Module Security Level Specification
FIPS 140-2
Security Requirements Section
FIPS 140-2
Security Level Achieved
Cryptographic Module Specification 2
Module Ports and Interfaces 2
Roles, Services and Authentication 2
Finite State Model 2
Physical Security 2
Operational Environment N/A
Cryptographic Key Management 2
EMI/EMC 3
Self-Tests 2
Design Assurance 2
Mitigation of Other Attacks N/A
2. Modes of Operation
2.1 FIPS Approved Mode of Operation
Configuration and policy determine the Cryptographic Module’s mode of operation. The Cryptographic Module
enters FIPS Approved Mode after successful completion of the Initialize Cryptographic service instructions provided
in Section 7.2. The operator can determine if the Cryptographic Module is operating in a FIPS approved mode by
invoking the Get FIPS mode service1. The Cryptographic Officer shall not enable the Maker Authority after the
Cryptographic Module enters FIPS Approved mode. The Cryptographic Module is in FIPS non-Approved mode
whenever a successful authentication to the Maker Authority occurs. If the Cryptographic Officer enables the Maker
Authority after the module enters FIPS Approved mode, the Cryptographic Officer must also execute the TCG
Revert Method to zeroize the Cryptographic Module. If the Cryptographic Officer, subsequently, executes the
Initialize Cryptographic service instructions provided in Section 7.2 with the intent of placing the Cryptographic
Module in FIPS Approved mode, the Cryptographic Officer must first execute the TCG Revert Method to zeroize
the Cryptographic Module.
The chapter titled FIPS 140 Cryptographic Officer Instructions within the Ultrastar DC HC530 Product Specification
provides information on how to execute the Initialize Cryptographic service as well as the TCG Revert Method.
1 A return value of 1 indicates that the cryptographic module is operating in FIPS Approved mode.
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 6 of 22
2.2 Approved Algorithms
The Cryptographic Module supports the following FIPS Approved algorithms. All algorithms and key lengths
comply with NIST SP800-131A.
Table 3 - FIPS Approved Algorithms
Algorithm Description Cert #
AES Firmware
[FIPS 197, SP800 38A, SP800 38F]
Functions: Encryption, decryption, and key wrapping to protect
an associated MEK in data storage applications
Modes: ECB, KW, CTR2
Key Sizes: 256
5944
AES Hardware3
[FIPS 197, SP800 38A]
Functions: Encryption and decryption
Modes: ECB
Key Sizes: 128, 256
5943
AES XTS Hardware4
[FIPS 197, SP800 38A, SP800 38E]
Functions: Encryption and decryption in storage applications
Modes: XTS
• XTS-AES Key1 does not equal XTS-AES Key2
• The length of the XTS-AES data unit does not exceed 220
blocks.
Key Sizes: 128, 256
5943
DRBG Firmware
[SP800 90A]
Functions: Deterministic random number generator
Modes: CTR
Security Strength: 256 bits
2495
HMAC Firmware
[FIPS 198-1]
Functions: Key encrypting key (KEK) derivation used within the
PBKDF
SHA sizes: SHA-256
3917
RSA Firmware
[FIPS 186-4, PSS]
Functions: Digital signature verification with SHA-2565
Key sizes: 2048
3120
SHA Firmware
[FIPS 180-4]
Functions: Digital Signature verification and KEK generation
SHA sizes: SHA-256
4695
SHA
Hardware/Firmware
[FIPS 180-4]
Functions: Digital Signature verification
SHA sizes: SHA-256
4696
2
AES CTR-256 was tested but is not utilized by the Cryptographic Module
3
AES ECB-128 was tested but is not utilized by the Cryptographic Module
4 AES XTS-128 was tested but is not utilized by the Cryptographic Module.
5 SHA-256 Cert. #4696
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 7 of 22
Table 4 – Approved Cryptographic Functions Tested with Vendor Affirmation
Algorithm Description Rationale
CKG
[SP800 133] Cryptographic Key Generation
Functions: Generated from the DRBG without
further modification or post processing
Vendor Affirmed
[FIPS140] IG D.12.
[SP800 133] Sections 6.1, 6.2.3 and 6.3
PBKDF
[SP800 132] Password Based Key Derivation Function
Functions: Key Encrypting Key
Modes: HMAC-SHA-256
Key Sizes: 256 bits
Vendor Affirmed
[FIPS140 IG] D.6.
[SP800 132] Section 5.4
The Cryptographic Module supports the following non-Approved but allowed algorithm:
• A hardware NDRNG seeds the Approved [SP800 90A] DRBG. The NDRNG provides a minimum of 256
bits of entropy for key generation.
3. Ports and Interfaces
The drive uses the standard 29-pin Serial Attached SCSI (SAS) connector that conforms to the mechanical requirements
of SFF 8680. Table 5 below identifies the Cryptographic Module’s ports and interfaces. The Cryptographic Module
does not provide a maintenance access interface.
Table 5 - Ultrastar DC HC530 FIPS 140-2 Ports and Interfaces
FIPS 140-2 Interface Cryptographic Module Ports
Power Power connector [SAS]
Control Input SAS connector [SAS], SIO Port5
Status Output SAS connector [SAS], SIO Port5
Data Input SAS connector [SAS], SIO Port6
Data Output SAS connector [SAS], SIO Port5
4. Identification and Authentication Policy
The Cryptographic Module enforces role separation by requiring a role identifier and an authentication credential
(Personal Identification Number or PIN). The Cryptographic Module enforces the following FIPS140-2 operator
roles.
4.1 Cryptographic Officer
4.1.1 Secure ID (SID) Authority
This TCG authority initializes the Cryptographic Module. Section 11.3.1 of the TCG Storage Security Subsystem
Class: Enterprise Specification defines this role.
4.1.2 EraseMaster Authority
This TCG authority can selectively zeroize bands within the Cryptographic Module. Section 11.4.1 of the TCG
Storage Security Subsystem Class: Enterprise Specification defines this role. The TCG EraseMaster authority can
disable Users and erase LBA bands (user data regions).
6 Disabled when the Cryptographic Module is in the Approved Mode
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 8 of 22
4.2 BandMaster Authority (User)
User roles correspond to Bandmaster Authorities. Section 11.4.1 of the TCG Storage Security Subsystem Class:
Enterprise Specification provides a definition. Users have the authority to lock, unlock, and configure LBA bands
(user data regions) and to issue read and write commands to the SED. The TCG EraseMaster authority can disable a
Bandmaster.
4.3 Anybody
This role corresponds to services that do not require authentication. With one exception, these do not disclose,
modify, or substitute Critical Security Parameters, use an Approved security function, or otherwise affect the security
of the Cryptographic Module. The excepted service is the Generate Random service, which provides output from an
instance of the [SP800 90A] DRBG.
4.4 Maker
For failure analysis purposes, the vendor can enable the serial port to perform diagnostics and gather data about the
failure. A power cycle automatically locks the serial port. The vendor must authenticate to the SID and the Maker
authorities to enable the serial port. The Cryptographic Module is in FIPS non-Approved mode whenever the vendor
authenticates to the Maker Authority. The vendor performs failure analysis within the vendor’s facility. Maker
authentication data shall not leave the vendor’s facilities. During normal operation, the Cryptographic Officer
disables the Maker authority when invoking the Initialize Cryptographic Module service.
The following table maps TCG authorities to FIPS 140-2 roles.
Table 6 - Roles and Required Identification and Authentication
TCG
Authorities
and Roles
Description
Authentication
Type
Authentication Data
SID Authority
The SID Authority is a Cryptographic
Officer role that initializes the
Cryptographic Module and authorizes
Firmware download.
Role-based
CO Identity (TCG SID
Authority) and PIN (TCG SID
Authority PIN)
EraseMaster
Authority
The EraseMaster Authority is a
Cryptographic Officer role that zeroizes
Media Encryption keys and disables
Users.
Role-based
CO Identity (TCG EraseMaster
Authority) and PIN (TCG
EraseMaster PIN)
BandMaster N
(N = 0 to 15)
The BandMaster Authority is a User
role that controls read/write access to
LBA Bands.
Role-based
User Identity (TCG
BandMaster Authority) and PIN
(TCG BandMaster PIN)
Anybody
The Anybody Authority requires no
authentication.
Unauthenticated N/A
Maker (Disabled)
Completion of the Initialize
Cryptographic Module service disables
the Maker Authority
Role-based
User Identity (TCG Maker
Authority) and PIN (Maker
PIN)
Maintenance
Maintenance role for Diagnostics
commands.
Role-based 32-bit EDC
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 9 of 22
Table 7 - Authentication Mechanism Strengths
Authentication Mechanism Mechanism Strength
TCG Credential (PIN)
TCG Credentials are 256 bits in length, which provide 2256 possible values.
The probability that a random attempt succeeds is 1 chance in 2256
(approximately (8.64 x 10-78) which is significantly less than 1/1,000,000 (1x
10-6).
Multiple, successive authentication attempts can only occur sequentially (one
at a time) and only when the failed authentication Tries count value does not
exceed the associated TriesLimit value.
Each authentication attempt consumes approximately 13 milliseconds.
Hence, at most, approximately 4615 authentication attempts are possible in
one minute. Thus, the probability that a false acceptance occurs within a one-
minute interval is approximately 4.0 x 10-74, which is significantly less than 1
chance in 100,000 (1 x 10-5).
32-bit EDC
The maintenance role credential embedded within the VUC that enables the
maintenance role is a 32-bit EDC, which provides 232 possible values. The
probability that a random attempt will succeed, or a false acceptance will
occur is at least 1 chance in 232 (2.33 x10-10), which is significantly less than
1/1,000,000 (1x 10-6).
Authentication attempts consume 74.5 milliseconds. Therefore, at most, 805
authentication attempts are possible within a one-minute interval. Thus, the
probability that a false acceptance occurs within a one-minute interval is 1.88
x 10-7, which is less than 1 chance in 100,000 (1 x 10-5).
5. Access Control Policy
5.1 Roles and Services
Table 8 - Authenticated CM Services (Approved Mode)
Service Description Role(s)
Initialize Cryptographic
Module7
Cryptographic Officer provisions the Cryptographic
Module from organizational policies.
CO
(SID Authority)
Authenticate Input a TCG Credential for authentication.
CO, Users (SID
Authority, EraseMaster,
BandMasters)
Lock/Unlock Firmware
Download Control
Deny/Permit access to Firmware Download service.
CO
(SID Authority)
Firmware Download
Load and utilize RSA2048 PSS and SHA-256 to verify
the entire firmware image. If the new self-tests complete
successfully, the SED executes the new code. Unlocking
the Firmware Download Control enables the
downloading of firmware.
CO
(SID Authority)
Zeroize (TCG Revert)
The TCG Revert method zeroizes a drive and returns the
Cryptographic Module to its original manufactured state.
CO, Users
7
See Cryptographic Module Acceptance and Provisioning within the Ultrastar DC HC530 SAS OEM Product Specification
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 10 of 22
Service Description Role(s)
Set
Write data structures; access control enforcement occurs
per data structure field. This service can change PINs.
CO, Users, (SID
Authority, EraseMaster,
BandMasters)
Set LBA Band
Set the starting location, size, and attributes of a set of
contiguous Logical Blocks.
Users (BandMasters)
Lock/Unlock
LBA Band
Deny/Permit access to an LBA Band.
Users
(BandMasters)
Write Data
Transform plaintext user data to ciphertext and write in
an LBA band.
Users
(BandMasters)
Read Data
Read ciphertext from an LBA band and output user
plaintext data.
Users
(BandMasters)
Set Data Store Write a stream of bytes to unstructured storage.
Users
(BandMasters)
Erase LBA Band
Band cryptographic erasure by changing LBA band
encryption keys to new values. Erasing an LBA band
with EraseMaster sets the TCG Credential to the default
value.
CO
(EraseMaster)
Diagnostics
Vendor Unique Commands (VUC) support diagnostic
functions for testing the memory of the drive and the
SCSI bus integrity. The VUCs do not alter the medium
of the drive.
Maintenance
Table 9 - Authenticated CM Services (Non-Approved Mode)
Service Description Role(s)
Initialize Cryptographic
Module8 (non-compliant)
Cryptographic Officer provisions the Cryptographic Module
from the organizational policies.
CO
(SID Authority)
Authenticate (non-
compliant)
Input a TCG Credential for authentication.
CO, Users, Maker
(SID Authority,
EraseMaster,
BandMasters)
Lock/Unlock Firmware
Download Control (non-
compliant)
Deny/Permit access to Firmware Download service.
CO
(SID Authority)
Firmware Download (non-
compliant)
Load and utilize RSA2048 PSS and SHA-256 to verify the
entire firmware image. If the self-tests complete successfully,
the SED executes the new code. Unlocking the Firmware
Download Control enables the downloading of firmware.
CO
(SID Authority)
Zeroize (TCG Revert)
(non-compliant)
The TCG Revert method zeroizes a drive and returns the
Cryptographic Module to its original manufactured state.
CO, Users
8 See the Cryptographic Module Acceptance and Provisioning section within the Ultrastar DC HC530 SAS OEM Product
Specification
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 11 of 22
Service Description Role(s)
Set
(non-compliant)
Write data structures; access control enforcement occurs per
data structure field. This service can change PINs.
CO, Users, Maker
(SID Authority,
EraseMaster,
BandMasters)
Set LBA Band (non-
compliant)
Set the starting location, size, and attributes of a set of
contiguous Logical Blocks.
Users
(BandMasters)
Lock/Unlock
LBA Band (non-
compliant)
Deny/Permit access to an LBA Band
Users
(BandMasters)
Write Data (non-
compliant)
Transform plaintext user data into ciphertext and write in an
LBA band.
Users
(BandMasters)
Read Data (non-compliant)
Read ciphertext from an LBA band and output user plaintext
data.
Users
(BandMasters)
Set Data Store (non-
compliant)
Write a stream of bytes to unstructured storage.
Users
(BandMasters)
Erase LBA Band (non-
compliant)
Band cryptographic erasure by changing LBA band encryption
keys to new values. Erasing an LBA band with EraseMaster
sets the TCG Credential to the default value.
CO
(EraseMaster)
Set Vendor Data (non-
compliant)
A Non-Approved service that is unavailable after the Initialize
Cryptographic Module service completes
Maker
Diagnostics (non-
compliant)
Vendor Unique Commands (VUC) support diagnostic
functions for testing the memory of the drive and the SCSI bus
integrity. The VUCs do not alter the medium of the drive.
Maintenance
5.2 Unauthenticated Services
Table 10 - Unauthenticated Services lists the Cryptographic Module’s unauthenticated services.
Table 10 - Unauthenticated Services
Service Description
Reset Module Power on Reset
Self-Test The Cryptographic Module performs self-tests when it powers up
Status Output TCG (IF-RECV) protocol
Get FIPS Mode TCG ‘Level 0 Discovery’ method outputs the FIPS mode of the Cryptographic
Module.
Start Session Start TCG session
End Session End a TCG session by clearing all session states
Generate Random TCG Random method generates a random number from the [SP800 90A] DRBG
Get Reads data structure; access control enforcement occurs per data structure field
Get Data Store Read a stream of bytes from unstructured storage
Zeroize TCG Revert method to return the Cryptographic Module to its original
manufactured state; authentication data (PSID) is printed on the external label
SCSI [SCSI Core] and [SCSI Block] commands to function as a standardized storage
device. See Table 14 - SCSI Commands
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 12 of 22
Service Description
FIPS 140 Compliance
Descriptor9
This service reports the FIPS 140 revision as well as the cryptographic module’s
overall security level, hardware revision, firmware revision and module name.
5.3 Definition of Critical Security Parameters (CSPs)
The Cryptographic Module contains the CSPs listed in Table 11 - CSPs and Private Keys. Zeroization of CSPs
complies with the purge requirements for SCSI hard disk drives within [SP800 88], Guidelines for Media sanitization.
Table 11 - CSPs and Private Keys
Key Name Type Description
Cryptographic Officer PIN -
TCG Credential
(2 total)
256-bit authentication data The PBKDF uses this PIN to authenticate
a Cryptographic Officer’s credentials.
User PIN –TCG Credential
(16 total)
256-bit authentication data The PBKDF uses this PIN to authenticate
a User’s credentials.
MEK - Media Encryption Key
(16 total - 1 per LBA band)
XTS-AES-256 (512 bits)
256-bit Key1, 256-bit Key2
Encrypts and decrypts LBA Bands. Each
key is only associated with one LBA band.
The Cryptographic Module’s DRBG
generates MEKs without modification.
KEK – Key Encrypting Key
(16 total)
SP800 132 PBKDF (256 bits) Ephemeral keys derived from BandMaster
PINs and a 256-bit KDF salt. An [SP800
38F] AES Key Wrap uses KEKs to wrap
MEKs.
Note: Keys protected by this [SP800 132]
PBKDF derived key shall not leave the
module.
NDRNG 256-byte Entropy output Entropy source for DRBG
DRBG Internal CTR_DRBG state (384
bits)
All properties and states associated with the
[SP800 90A] Deterministic Random Bit
Generator. The internal state includes
values “V” and “Key.”
Maintenance Role Credential 32-bit authentication
A 32-bit EDC is required to authenticate
the credentials of the VUC that enables the
maintenance role.
AUTH Digest 256-bit authentication data SHA-256 digest of a PIN and a PIN Salt
• 9 See FIPS140 Compliance Descriptor Overview within the Ultrastar DC HC530 SAS OEM Product Specification and
[SFSC] Security Features for SCSI Commands
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 13 of 22
5.4 Definition of Public Security Parameters
The Cryptographic Module contains two public keys. The Cryptographic Module uses the public keys to verify the
digital signature of a firmware download image. If the digital signature verification process fails when utilizing the
primary public key, the Cryptographic Module attempts to use the secondary public key to verify the digital signature.
The Cryptographic Module rejects the downloaded firmware image if both verification attempts fail.
Table 12 - Public Security Parameters
Key Name Type Description
KDF Salt - Key Derivation Function
Salt (16 total)
256-bit key The Cryptographic Module’s DRBG generates
a KDF salt without modification.
PIN Salt (16 total) 256-bit key The Cryptographic Module’s DRBG generates
a PIN salt without modification.
PSID Twenty-character
alpha-numeric string
A unique value generated in the factory and
printed on the Cryptographic Module’s label.
The PSID provides authentication data and
proof of physical presence for the Zeroize
service.
RSAPublicKey [0] RSA 2048 public key Primary public key used to verify the digital
signature of a firmware image.
RSAPublicKey [1] RSA 2048 public key Secondary public key used to verify the digital
signature of a firmware image.
5.5 SP800-132 Key Derivation Function Affirmations
The Cryptographic Module deploys a [SP800 132] Password Based Key Derivation Function (PBKDF).
• The Cryptographic Module complies with Option 2a within [SP800 132].
• The Cryptographic Module tracks TCG Credentials (PINs) by hashing a message, which consists of a
concatenated PIN salt and PIN. The Cryptographic Module stores the SHA256 digest and associated salt in
the Reserved Area.
• Security policy rules set the minimum PIN length at 32 bytes. The Cryptographic Module allows values from
0x00 to 0xFF for each byte of a PIN
• The upper bound for the probability of guessing a PIN is 2-256. The difficulty of guessing the PIN is
equivalent to a brute force attack.
• The Cryptographic Module generates ephemeral KEKs ([SP800 132] Master Keys) by passing a User PIN
([SP800 132] Password) and associated KDF salt though an [SP800 132] KDF. The KEK generation process
utilizes the HMAC-SHA-256 algorithm. Each 256-bit KEK has a security strength of 128-bits against a
collision attack
• The Cryptographic modules uses the [SP800 90A] DRBG to generate unique 256-bit salts.
• The Cryptographic Module generates and assigns a unique MEK and KEK to each LBA Band.
• The sole use of a KEK is to wrap and unwrap its associated Media Encryption Key (MEK).
5.6 Definition of CSP Modes of Access
Table 13 - CSP Access Rights within Roles & Services defines the relationship between access to Critical Security
Parameters (CSPs) and the different Cryptographic Module services.
• G = Generate: The Cryptographic Module generates a CSP from the [SP800 90A] DRBG, derives a CSP
with the Key Derivation Function or hashes authentication data with SHA-256.
• E = Execute: The module executes using the CSP.
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 14 of 22
• W = Write: The Cryptographic Module writes a CSP. The write access is performed after the Cryptographic
Module generates a CSP.
• Z = Zeroize: The Cryptographic Module zeroizes a CSP.
Table 13 - CSP Access Rights within Roles & Services
Service CSPs and Keys
Type of CSP
Access
Initialize Cryptographic Module
CO PIN E, W
User PIN E, W
DRBG, NDRNG E
KEK G
MEK G, W
Authenticate
CO PIN E
User PIN E
Lock/Unlock Firmware Download Control CO PIN E
Firmware Download
CO PIN E
RSAFW E
Set
CO PIN E
User PIN E
Maker PIN E
Set LBA Band User PIN E
Lock/Unlock LBA Band
User PIN E
KEK G
MEK E
Write Data
User PIN E
MEK E
Read Data
User PIN E
MEK E
Set Data Store User PIN E
Set Vendor Data None None
Erase LBA Band
CO PIN E
User PIN Z
KEK G
MEK Z, G, W
Diagnostics None None
Self-Test
NDRNG E
DRBG W
Reset Module None None
Status Output None None
Get FIPS mode None None
Start Session None None
End Session None None
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 15 of 22
Service CSPs and Keys
Type of CSP
Access
Generate Random DRBG E
Get Data Store None None
Get None None
Zeroize (TCG Revert)
CO PIN W
User PIN W
DRBG G
KEK G
MEK Z, G, W
SCSI None None
FIPS 140 Compliance Descriptor None None
6. Operational Environment
The Cryptographic Module’s operating environment is non-modifiable. Therefore, the FIPS 140-2 operational
environment requirements are not applicable to this module. While operational, the code working set cannot be
added, deleted, or modified. For firmware upgrades, the Cryptographic Module uses an authenticated download
service to upgrade its firmware in its entirety. If the download operation is successfully authorized and verified, the
Cryptographic Module will begin operating with the new code working set. Firmware loaded into the module that is
not on the certificate is out of the scope of this validation and requires a separate FIPS 140-2 validation.
7. Security Rules
Ultrastar DC HC530 enforces applicable FIPS 140-2 Level 2 security requirements. This section documents the security
rules that the Cryptographic Module enforces.
7.1 Invariant Rules
1. The Cryptographic Module supports two distinct types of operator roles: Cryptographic Officer and User. The
module also supports an additional role, the Maker role. Initialization disables the Maker role.
2. Cryptographic module power cycles clear all existing authentications.
3. After the Cryptographic Module has successfully completed all self-tests and initialized according to the
instructions provided in Section 7.2, it is in FIPS Approved mode. The Cryptographic Officer shall not
enable the Maker Authority after the Cryptographic Module enters FIPS Approved mode.
4. When the Cryptographic Module is unable to authenticate TCG Credentials, operators do not have access to
any cryptographic service other than the unauthenticated Generate Random service.
5. The Cryptographic Module performs the following tests. Upon failure of any test, the Cryptographic Module
enters a soft error state. The Cryptographic module reports the error condition by transmitting an UEC from
the SAS output data port via the [SCSI] protocol. After entering the soft error state, the Cryptographic Module
does not process functional commands unless a power cycle occurs.
A. Power up Self-Tests
1) Firmware Integrity 32-bit EDC
2) Firmware AES Encrypt KAT, Cert. #5944
3) Firmware AES Decrypt KAT, Cert. #5944
4) RSA 2048 PSS Verify KAT, Cert. #3120
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 16 of 22
5) DRBG KAT10, Cert. #2495
6) SHA-256 KAT, Cert. #4695
7) HMAC-SHA-256 KAT, Cert. #3917
8) Hardware AES Encrypt KAT, Cert. #5943
9) Hardware AES Decrypt KAT, Cert. #5943
10) HW/FW SHA-256 KAT, Cert. #4696
B. Conditional Tests
1) The Cryptographic Module performs a Continuous Random Number Generator test on the DRBG.
2) The Cryptographic Module performs a Continuous Random Number Generator test on the hardware
NDRNG entropy source.
3) The Cryptographic Module performs an [SP800 90B] compliant Adaptive Proportion test and
Repetition Count test on the hardware NDRNG entropy source.
4) The Cryptographic Module performs a key comparison test on XTS-AES Key1 and XTS-AES Key2 that
satisfies IG A.9 XTS-AES Key Generation Requirements.
5) Firmware Download Test, RSA 2048 PSS (Cert. #3120), SHA-256 (Cert. #4696)
6. An operator can command the Cryptographic Module to perform the power-up self-test by power cycling the
device.
7. Power-up self-tests do not require operator action.
8. Data output is inhibited during key generation, self-tests, zeroization, and error states.
9. Status information does not contain CSPs or sensitive data that if misused, could compromise the
Cryptographic Module.
10. The zeroization service deletes all plaintext keys and CSPs.
11. The Cryptographic Module supports a maintenance role. The operator must execute the TCG Revert
Method to zeroize the Cryptographic Module before entering and maintenance role. The operator must also
execute the TCG Revert Method to zeroize the Cryptographic Module after exiting the maintenance role.
12. The Cryptographic Module does not support manual key entry.
13. The Cryptographic Module does not have any external input/output devices used for entry/output of data.
14. The Cryptographic Module does not output plaintext CSPs.
15. The Cryptographic Module does not output intermediate key values.
16. The Cryptographic Module does not support concurrent operators.
17. The End Session service deletes the current operator’s authentication. The Cryptographic Module requires
operators to re-authenticate after executing the End Session service.
18. The host must re-authenticate to LBA Bands after a power cycle.
19. The Cryptographic Officer shall assure that all host issued User PINs are 32-bytes in length.
7.2 Initialization Rules
The Cryptographic Officer shall follow all instructions provided in the FIPS140 Cryptographic Module Acceptance
and Provisioning section of the Ultrastar DC HC530 SAS OEM Product Specification. Acceptance instructions
include:
• Establish authentication data for the TCG Authorities by replacing the MSID (default PIN value).
• Erase all LBA Bands. When the Cryptographic Module erases an LBA band it also erases the band’s Media
Encryption Key.
10
The DRBG KAT is inclusive of the instantiate, generate and reseed function health tests required in SP800-90A rev 1
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 17 of 22
• Establish LBA Bands. Whenever the Cryptographic Module establishes an LBA band it also generates a
Media Encryption Key for that band.
• Disable the Maker Authority
• Lock the Firmware Download service and set the Firmware Download service to lock automatically after a
power cycle. The Cryptographic Module automatically locks the Firmware Download service after
downloading new firmware.
After completing the acceptance and provisioning instruction, the Cryptographic Module transitions to FIPS
Approved Mode of operation. While in FIPS Approved mode, only an authenticated Cryptographic Officer can
change the state of the firmware download service.
7.3 Zeroization Rules
The Cryptographic Officer shall use the TCG Revert Method to perform the zeroize service. Reverting the
Cryptographic Module zeroizes all Critical Security Parameters.
8. Physical Security Policy
8.1 Mechanisms
The Cryptographic Module does not make claims in the Physical Security area beyond FIPS 140-2 Security Level 2.
• All components are production-grade materials with standard passivation.
• The enclosure is opaque.
• Engineering design supports opacity requirements.
• Western Digital applies one (1) tamper-evident security seal during manufacturing.
• The tamper-evident security seal cannot be penetrated or removed and reapplied without evidence of
tampering. In addition, the tamper-evident security seal is difficult to replicate.
Figure 2: Tamper-Evident Seal
8.2 Operator Responsibility
The Cryptographic Officer and/or User shall inspect the Cryptographic Module enclosure for evidence of tampering
at least once a year. If the inspection reveals evidence of tampering, the Cryptographic Officer should return the
module to Western Digital.
1
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 18 of 22
Figure 3: Tamper Evidence on Tamper Seal
9. Mitigation of Other Attacks Policy
The Cryptographic Module is not designed to mitigate any specific attacks beyond the scope of the requirements
within FIPS 140-2.
10. Definitions
• Allowed: NIST approved, i.e., recommended in a NIST Special Publication, or acceptable, i.e., no known
security risk as opposed to deprecated, restricted and legacy use. [SP800 131A] for terms
• Anybody: A formal TCG term for an unauthenticated role. [TCG Core]
• Approved: [FIPS140] approved or recommended in a NIST Special Publication.
• Approved mode of operation: A mode of the Cryptographic Module that employs only approved security
functions. [FIPS140]
• Authenticate: Prove the identity of an Operator or the integrity of an object.
• Authorize: Grant an authenticated Operator access to a service or an object.
• Ciphertext: Encrypted data transformed by an Approved security function.
• Confidentiality: A cryptographic property in which sensitive information is not disclosed to unauthorized
parties.
• Credential: A formal TCG term for data used to authenticate an Operator. [TCG Core]
• Critical Security Parameter (CSP): Security-related information (e.g., secret, and private cryptographic keys,
and authentication data such as credentials and PINs) whose disclosure or modification can compromise the
security of a cryptographic module. [FIPS140]
• Cryptographic Boundary: An explicitly defined continuous perimeter that establishes the physical bounds
of a cryptographic module and contains all the hardware, software, and/or firmware components of a
cryptographic module. [FIPS140]
• Cryptographic key (Key): An input parameter to an Approved cryptographic algorithm
• Cryptographic Module: The set of hardware, software, and/or firmware used to implement approved
security functions contained within the cryptographic boundary. [FIPS140]
• Cryptographic Officer: An Operator performing cryptographic initialization and management functions.
[FIPS140]
• Data at Rest: User data residing on the storage device media when the storage device is powered off.
• Discovery: A TCG method that provides the properties of the TCG device. [TCG Enterprise]
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 19 of 22
• Flash Internal Data (FID): A binary file stored in flash memory, which contains drive customizations data.
Data stored in the FID is required to spin up the drive, as well as enable read and write capabilities.
• Integrity: A cryptographic property, which assures sensitive data has not been modified or deleted in an
unauthorized and undetected manner.
• Interface: A logical entry or exit point of a cryptographic module that provides access to the cryptographic
module for logical information flows. [FIPS140]
• Key Derivation Function (KDF): An Approved cryptographic algorithm by which one or more keys are
derived from a shared secret and other information.
• Key Encrypting Key (KEK): A cryptographic key, which is used to encrypt or decrypt other keys.
• Key management: The activities involving the handling of cryptographic keys and other related security
parameters (e.g., authentication data) during the entire life cycle of the Cryptographic Module.
• Key Wrap: An Approved cryptographic algorithm that uses a KEK to provide Confidentiality and Integrity.
• LBA Band: A formal [TCG Core] term that defines a contiguous logical block range (sequential LBAs) to
store encrypted User Data; bands do not overlap, and each has its own unique encryption key and other
settable properties.
• Manufactured SID (MSID): A unique default value that vendors assign to each SED during manufacturing.
An externally visible MSID value is not required if the user can derive the MSID from other information
printed on the drive. The MSID is readable with the TCG protocol. It is the initial and default value for all
TCG credentials. [TCG Core]
• Method: A TCG command or message. [TCG Core]
• Operator: A consumer, either human or automation, of cryptographic services that is external to the
Cryptographic Module. [FIPS140]
• Personal Identification Number (PIN): A formal TCG term for a string of octets used to authenticate an
identity. [TCG Core]
• Plaintext: Unencrypted data.
• Port: A physical entry or exit point of a cryptographic module that provides access to the Cryptographic
Module for physical signals. [FIPS140]
• PSID (Physical Security Identifier): A value, which is unique to a SED that is printed on a cryptographic
module’s label and used as authentication data and proof of physical presence for the Zeroize service.
• Public Security Parameters (PSP): Public information whose modification can compromise the security of
the cryptographic module (e.g., a public key of a public/private key pair).
• Read Data: An external request to transfer User Data from the SED. [SCSI Block]
• Reserved Area: Private data on the Storage Medium that is not accessible outside the Cryptographic
Boundary.
• Security Identifier (SID): A TCG authority used by the Cryptographic Officer. [TCG Core]
• Self-Encrypting Drive (SED): A storage device that provides encrypted data storage services, which
automatically encrypts all user data written to the device and automatically decrypts all user data read from the
device.
• Session: A formal TCG term that envelops the lifetime of an Operator’s authentication. [TCG Core]
• Small Form Factor (SFF): A term for computer components designed to a smaller than usual form factor.
• Storage Medium: The non-volatile, persistent storage location of a SED; it is partitioned into two disjoint
sets, a User Data area and a Reserved Area.
• User: An Operator that consumes cryptographic services. [FIPS140]
• User Data: Data transferred from/to a SED using the Read Data and Write Data commands. [SCSI Block]
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 20 of 22
• Vendor Unique Command: A SCSI command that is available at the discretion of an implementer.
• Write Data: An external request to transfer User Data to a SED. [SCSI Block]
• Zeroize: Invalidate a Critical Security Parameter. [FIPS140]
11. Acronyms
• CO: Cryptographic Officer [FIPS140]
• CRC: Cyclic Redundancy Check
• CSP: Critical Security Parameter [FIPS140]
• DRAM: Dynamic Random Access Memory
• DRBG: Deterministic Random Bit Generator
• EDC: Error Detection Code
• EMI: Electromagnetic Interference
• FIPS: Federal Information Processing Standard
• HDD: Hard Disk Drive
• KAT: Known Answer Test
• KDF: Key Derivation Function
• LBA: Logical Block Address
• MEK: Media Encryption Key
• MSID: Manufactured Security Identifier
• NDRNG: Non-deterministic Random Number Generator
• NIST: National Institute of Standards and Technology
• PIN: Personal Identification Number
• PSID: Physical Security Identifier
• PSP: Public Security Parameter
• SAS: Serial Attached SCSI
• SCSI: Small Computer System Interface
• SED: Self encrypting Drive
• SFF: Small Form Factor
• SID: TCG Security Identifier, the authority representing the cryptographic module owner
• SSD: Solid-state Drive
• TCG: Trusted Computing Group
• VUC: Vendor Unique Command
• UEC: Universal Error Code
• XTS: A mode of AES that utilizes "Tweakable" block ciphers
12. References
12.1 NIST Specifications
• [AES] Advanced Encryption Standard, FIPS PUB 197, NIST, November 2001
• [DSS] Digital Signature Standard, FIPS PUB 186-4, NIST, July 2013
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 21 of 22
• [FIPS140] Security Requirements for Cryptographic Modules, FIPS PUB 140-2, NIST, December 2002
• [HMAC] The Keyed-Hash Message Authentication Code, FIPS PUB 198-1, July 2008
• [SHA] Secure Hash Standard (SHS), FIPS PUB 180-4, NIST, August 2015
• [SP800 38A] Recommendation for Block Cipher Modes of Operation: Methods and Techniques, NIST,
December 2001
• [SP800 38E] Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for
Confidentiality on Storage Devices, SP800 38E, NIST, January 2010
• [SP800 38F] Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping, NIST,
December 2012
• [SP800 57] Recommendation for Key Management – Part I General (Revision 4), NIST, January 2016
• [SP800 90A] Recommendation for Random Number Generation Using Deterministic Random Bit
Generators (Revision 1), NIST, June 2015
• [SP800 90B] Recommendation for Entropy Sources Used for Random Bit Generation, NIST, January 2018
• [SP800 131A] Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key
Lengths (Revision 1), NIST, November 2015
• [SP800 132] Recommendation for Password-Based Key Derivation, NIST, December 2010
• [SP800 133] Recommendation for Cryptographic Key Generation, NIST, December 2012
12.2 Trusted Computing Group Specifications
• [TCG Core] TCG Storage Architecture Core Specification, Version 2.0 Revision 1.0 (April 20, 2009)
• [Enterprise] TCG Storage Security Subsystem Class: Enterprise Specification, Version 1.00 Revision 3.00 (January 10,
2011)
• [TCG App Note] TCG Storage Application Note: Encrypting Storage Devices Compliant with SSC: Enterprise, Version
1.00 Revision 1.00 Final
• [TCG Opal] TCG Storage Security Subsystem Class: Opal Specification, Version 2.00 Final Revision 1.00 (February
24, 2012)
• TCG Storage Interface Interactions Specification (SIIS), Version 1.02, (2011)
12.3 International Committee on Information Technology Standards T10 Technical Committee
Standards
• [SCSI Core] SCSI Primary Commands-4 (SPC-4)
• [SCSI Block] SCSI Block Commands-4 (SBC-4)
• [SAS] Serial Attached SCSI-3 (SAS-3)
• [SFSC] Security Features for SCSI Commands
12.4 Corporate Documents
• [Product Specification] Ultrastar DC HC530 SAS OEM Product Specification version 1.4, April 7, 2020,
https://www.westerndigital.com/product-portfolio
• [Datasheet] Ultrastar DC HC530 Datasheet, 2879-810031-A03(April 2020),
https://shop.westerndigital.com/c/hdd.data_center_drives
• [D&O] Delivery & Operation (Cryptographic Officer) Manual, Version: 0.12 (January 7, 2017)
Ultrastar DC HC530 TCG Enterprise HDD
FIPS 140- 2 Security Policy Page 22 of 22
12.5 SCSI Commands
Table 14 - SCSI Commands
Description Code Description Code
FORMAT UNIT 04h RESERVE 16h
INQUIRY 12h RESERVE 56h
LOG SELECT 4Ch REZERO UNIT 01h
LOG SENSE 4Dh SANITIZE 48h
MODE SELECT 15h SEEK (6) 0Bh
MODE SELECT 55h SEEK (10) 2Bh
MODE SENSE 1Ah SEND DIAGNOSTIC 1Dh
MODE SENSE 5Ah SET DEVICE IDENTIFIER A4h/06h
PERSISTENT RESERVE IN 5Eh START STOP UNIT 1Bh
PERSISTENT RESERVE OUT 5Fh SYNCHRONIZE CACHE (10) 35h
PRE-FETCH (16) 90h SYNCHRONIZE CACHE (16) 91h
PRE-FETCH (10) 34h TEST UNIT READY 00h
READ (6) 08h UNMAP 42h
READ (10) 28h VERIFY (10) 2Fh
READ (12) A8h VERIFY (12) AFh
READ (16) 88h VERIFY (16) 8Fh
READ (32) 7Fh/09h VERIFY (32) 7Fh/0Ah
READ BUFFER 3Ch WRITE (6) 0Ah
READ CAPACITY (10) 25h WRITE (10) 2Ah
READ CAPACITY (16) 9Eh/10h WRITE (12) AAh
READ DEFECT DATA 37h WRITE (16) 8Ah
READ DEFECT DATA B7h WRITE (32) 7Fh/0Bh
READ LONG (16) 9Eh/11h WRITE AND VERIFY (10) 2Eh
READ LONG 3Eh WRITE AND VERIFY (12) AEh
REASSIGN BLOCKS 07h WRITE AND VERIFY (16) 8Eh
RECEIVE DIAGNOSTICS RESULTS 1Ch WRITE AND VERIFY (32) 7Fh/0Ch
RELEASE 17h WRITE BUFFER 3Bh
RELEASE 57h WRITE LONG (10) 3Fh
REPORT DEVICE IDENTIFIER A3h/05h WRITE LONG (16) 9Fh/11h
REPORT LUNS A0h WRITE SAME (10) 41h
REPORT SUPPORTED OPERATION CODES A3h/0Ch WRITE SAME (16) 93h
REPORT SUPPORTED TASK MANAGEMENT
FUNCTIONS
A3h/0Dh WRITE SAME (32) 7Fh/0Dh
REQUEST SENSE 03h