This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2018 Samsung NVMe TCG Opal SSC SEDs PM983 Series FIPS 140-2 Non-Proprietary Security Policy Document Revision: 1.0 H/W version: MZ1LB960HAJQ-00AHE [1], MZ1LB1T9HALS-00AHE [1] and MZ1LB3T8HMLA-00AHE [2] F/W version: EDA700AQ [1] and EDB700AQ [2] Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 2 of 23 Revision History Author(s) Version Updates Seungjae Lee 1.0 Initial Version Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 3 of 23 Table of Contents 1. Introduction.............................................................................................................................. 4 1.1. Hardware and Physical Cryptographic Boundary.......................................................... 5 1.2. Firmware and Logical Cryptographic Boundary ........................................................... 6 2. Acronym .................................................................................................................................. 7 3. Security Level Specification.................................................................................................... 8 4. Cryptographic Functionality.................................................................................................... 9 4.1. Approved Algorithms..................................................................................................... 9 4.2. Non-Approved Algorithm............................................................................................ 10 4.3. Critical Security Parameters......................................................................................... 11 4.4. Public Security Parameters........................................................................................... 12 5. Physical Ports and Logical Interfaces.................................................................................... 13 6. Roles, Services and Authentication ....................................................................................... 14 6.1. Roles............................................................................................................................. 14 6.2. Authentication.............................................................................................................. 15 6.3. Services ........................................................................................................................ 16 6.3.1. Authenticated Services....................................................................................... 16 6.3.2. Unauthenticated Services ................................................................................... 17 7. Physical security policy ......................................................................................................... 18 8. Electromagnetic Interference/Electromagnetic Compatibility (EMI/EMC).......................... 19 9. Mitigation of Other Attacks Policy........................................................................................ 20 10. Security rules .................................................................................................................. 21 10.1. Secure Installation..................................................................................................... 21 10.2. Operational description of Module ........................................................................... 22 10.3. Power-on Self-Tests.................................................................................................. 23 Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 4 of 23 1. Introduction Samsung Electronics Co., Ltd. (“Samsung”) NVMe TCG Opal SSC SEDs PM983 Series, herein after referred to as a “cryptographic module” or “module”, SSD (Solid State Drive), satisfies all applicable FIPS 140-2 Security Level 1 requirements, supporting TCG Opal SSC based SED (Self- Encrypting Drive) features, designed to protect unauthorized access to the user data stored in its NAND Flash memories. The built-in AES HW engines in the cryptographic module’s controller provide on-the-fly encryption and decryption of the user data without performance loss. The SED’s nature also provides instantaneous sanitization of the user data via cryptographic erase. Module Name Hardware Version Firmware Version Drive Capacity Samsung NVMe TCG Opal SSC SEDs PM983 Series MZ1LB960HAJQ-00AHE EDA700AQ 960GB MZ1LB1T9HALS-00AHE 1.9TB MZ1LB3T8HMLA-00AHE EDB700AQ 3.8TB Exhibit 1 – Versions of Samsung NVMe TCG Opal SSC SEDs PM983 Series. Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 5 of 23 1.1. Hardware and Physical Cryptographic Boundary The following mechanical drawings show the cryptographic module’s top and bottom views. The multiple-chip embedded cryptographic module consists of hardware and firmware components. The cryptographic boundary of the module is the physical perimeter of the PCB, please see Exhibit 2 for more information. New firmware versions within the scope of this validation must be validated through the FIPS 140-2 CMVP. Any other firmware loaded into this module is out of the scope of this validation and requires a separate FIPS 140-2 validation. Exhibit 2 – Specification of the Samsung NVMe TCG Opal SSC SEDs PM983 Series Cryptographic Boundary (From top to bottom). Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 6 of 23 1.2. Firmware and Logical Cryptographic Boundary The PM983 series use a single chip controller with a NVMe interface on the system side and Samsung NAND flash internally. The following figure depicts the Module operational environment. Exhibit 3 – Block Diagram for Samsung NVMe TCG Opal SSC SEDs PM983 Series. Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 7 of 23 2. Acronym Acronym Description CTRL EPiC2 Controller (SAMSUNG EPiC2 NVMe TLC/MLC SSD Controller) NVMe I/F Non-Volatile Memory Express Interface CPU Central Processing Unit (ARM-based) DRAM I/F Dynamic Random Access Memory Interface ECC Error Correcting Code SRAM Static Random Access Memory TCM Tightly Coupled Memory NAND I/F NAND Flash Interface PMIC Power Management Integrated Circuit ROM Read-only Memory DRAM Dynamic Random Access Memory NAND NAND Flash Memory LBA Logical Block Address MEK Media Encryption Key MSID Manufactured SID(Security Identifier) Exhibit 4 – Acronym and Descriptions for Samsung NVMe TCG Opal SSC SEDs PM983 Series. Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 8 of 23 3. Security Level Specification The module meets an overall FIPS 140-2 Security Level 1: Security Requirements Area Level Cryptographic Module Specification 1 Cryptographic Module Ports and Interfaces 1 Roles, Services, and Authentication 2 Finite State Model 1 Physical Security 1 Operational Environment N/A Cryptographic Key Management 1 EMI/EMC 3 Self-tests 1 Design Assurance 2 Mitigation of Other Attacks N/A Exhibit 5 – Security Level Table. Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 9 of 23 4. Cryptographic Functionality 4.1. Approved Algorithms The cryptographic module supports the following Approved algorithms for secure data storage: CAVP Cert. Algorithm Standard Mode / Method Key Lengths, Curves or Moduli Use #C1086 AES FIPS 197 SP 800-38E XTS 256-bit Data Encryption / Decryption Note: AES-ECB is the pre-requisite for AES- XTS; AES-ECB alone is NOT supported by the cryptographic module in FIPS Mode. Vendor Affirmed CKG SP800-133 Cryptographic Key Generation #C1047 DRBG SP 800-90A Revision 1 Hash_ DRBG (SHA-256) Deterministic Random Bit Generation #C1048 ECDSA FIPS 186-4 SigVer P-256 Digital Signature Verification #C1038 SHS FIPS 180-4 SHA-256 Message Digest Exhibit 6 - Samsung NVMe TCG Opal SSC SEDs PM983 Series Approved Algorithms. NOTE 1: This module supports AES-XTS which is only approved for storage applications. Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 10 of 23 4.2. Non-Approved Algorithm The cryptographic module supports the following non-Approved but allowed algorithms: Algorithm Use NDRNG Non-deterministic Random Number Generator (only used for generating seed materials for the Approved DRBG) NDRNG provides a minimum of 440 bits of entropy for DRBG seed Exhibit 7 - Samsung NVMe TCG Opal SSC SEDs PM983 Series non-Approved but allowed algorithms. Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 11 of 23 4.3. Critical Security Parameters The cryptographic module contains the following Keys and CSPs: CSPs Generation, Storage and Zeroization Methods DRBG Internal State Note: The values of V and C are the “secret values” of the internal state. Generation: SP 800-90A HASH_DRBG (SHA-256) Storage: Plaintext in TCM Zeroization: via “Initialization”, “Erase an LBA Range’s Data” and “Zeroize” service DRBG Seed Generation: NDRNG Storage: Plaintext in DRAM Zeroization: via “Initialization”, “Erase an LBA Range’s Data” and “Zeroize” service DRBG Entropy Input String Generation: NDRNG Storage: Plaintext in DRAM Zeroization: via “Initialization”, “Erase an LBA Range’s Data” and “Zeroize” service CO Password Generation: N/A Storage: Plaintext in Flash Memory and used in TCM Zeroization: via “Initialization” and “Zeroize” service User Password Generation: N/A Storage: Plaintext in Flash Memory and used in TCM Zeroization: via “Initialization” and “Zeroize” service MEK Generation: SP 800-90A HASH_DRBG (SHA-256) As per SP 800-133 Section 6.1, key generation is performed as per the "Direct Generation: of Symmetric Keys" which is an Approved key generation method Key Type: AES-XTS 256 Storage: Plaintext in Flash Memory and used in TCM Zeroization: via “Initialization”, “Lock an LBA Range”, “Erase an LBA Range’s Data”, “Erase Data” and “Zeroize” service Exhibit 8– CSPs and details on Generation, Storage and Zeroization Methods. NOTE 2: In accordance with FIPS 140-2 IG D.12, the cryptographic module performs Cryptographic Key Generation (CKG) as per SP 800-133 (Vendor Affirmed). The resulting generated symmetric key is the unmodified output from SP 800-90A DRBG. Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 12 of 23 4.4. Public Security Parameters Public Keys Generation, Storage and Zeroization Methods FW Verification Key (ECDSA Public Key) Generation: N/A Key Type: ECDSA P-256 Storage: Plaintext in Flash Memory and used in TCM Zeroization: N/A Exhibit 9 – Public Keys and details on Generation, Storage and Zeroization Methods Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 13 of 23 5. Physical Ports and Logical Interfaces Physical Port Logical Interface NVMe Connector Data Input/Output Control Input Status Output Power Input UART (latent functionality) Data Input/Output Control Input Status Output NOTE 3: UART Physical Port is latent functionality and not supported by the module in the FIPS Approved Mode of Operation. Exhibit 10 – Specification of the Samsung NVMe TCG Opal SSC SEDs PM983 Series Cryptographic Module Physical Ports and Logical Interfaces. Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 14 of 23 6. Roles, Services and Authentication 6.1. Roles The following table defines the roles, type of authentication, and associated authenticated data types supported by the cryptographic module: Role Identities TryLimit Authentication Data CO Role Admin1~4 5 Password User Role User1~9 5 Password FW Loader N/A N/A ECDSA Signature Anybody N/A N/A N/A Exhibit 11 - Roles and Required Identification and Authentication (FIPS 140-2 Table C1). Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 15 of 23 6.2. Authentication The authentication mechanism allows a minimum 6-byte length or longer (32-byte) Password, where each byte can be any of 0x00 to 0xFF, for every Cryptographic Officer and User role supported by the module, which means a single random attempt can succeed with the probability of 1/248 or lower. Each Password authentication attempt takes at least 1ms and the number of attempts is limited to TryLimit, which is set to 5 in manufacturing time. Each authentication attempt takes at least 1ms and the number of attempts is limited to TryLimit, which is set to 5 in manufacturing time. Since the module takes at least 8 seconds to be ready after power-on and 5 authentication failures require a power-cycle, it takes 8005ms for every 5th authentication attempt. It means, it can be 35 attempts per 1 minute. ((60000ms/8005ms) × 5 attempts ≒ 35 Therefore, the probability of multiple random attempts to succeed in one minute is 35 / 248 , which is much less than the FIPS 140-2 requirement 1/100,000. Even if the TryLimit is greater than 5 the probability of random attempts always satisfies the requirement. The authentication mechanism for FW Loader role is ECDSA P-256 with SHA256 digital signature verification, which means a single random attempt, can succeed with the probability of 1/2128 . Each ECDSA Signature Verification authentication attempt takes at least 320ms. Since the module takes at least 8 seconds to be ready after power-on, it would take a total of 8320ms for every FW download attempt. This enforces the maximum number of attempts to be no more than 7 attempts (60000ms/8320ms) in a minute period. Therefore, the probability of multiple random attempts to succeed in one minute is 7/2128 , which is much less than the FIPS 140-2 requirement 1/100,000. Authentication Mechanism Strength of Mechanism Password (Min: 6 bytes, Max: 32 bytes) Authentication - Probability of 1/248 in a single random attempt - Probability of 35/248 in multiple random attempts in a minute ECDSA Signature Verification - Probability of 1/2128 in a single random attempt - Probability of 7/2128 in multiple random attempts in a minute Exhibit 12 - Strengths of Authentication Mechanisms (FIPS 140-2 Table C2). Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 16 of 23 6.3. Services 6.3.1. Authenticated Services The following table lists roles, services, cryptographic keys, CSPs and Public Keys and the types of access that are available to each of the authorized roles via the corresponding services: * Type(s) of Access indicated using “O” marker. Role Service Cryptographic Keys, CSPs and Public Keys Type(s) of Access R= Read W= Write G= Generate Z= Zeroize Cryptographic Officer Initialization DRBG Internal State O O O DRBG Seed O O O DRBG Entropy Input String O O O CO Password O O MEK O O Drive Extended Status N/A N/A Admin/User Authority Enable/Disable N/A N/A Lock an LBA Range MEK O Unlock an LBA Range MEK O Configure an LBA Range N/A N/A Erase an LBA Range’s Data DRBG Internal State O O O DRBG Seed O O O DRBG Entropy Input String O O O MEK O O Change the Password. CO Password O O User Unlock an LBA Range MEK O Set User Password User Password O Lock an LBA Range MEK O Configure an LBA Range N/A N/A FW Loader Update the firmware FW Verification Key O Exhibit 13 – Services Authorized for Roles, Access Rights within Services (FIPS 140-2 Table C3, Table C4). Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 17 of 23 6.3.2. Unauthenticated Services The following table lists the unauthenticated services: * Type(s) of Access indicated using “O” marker. Unauthenticated Service Cryptographic Keys & CSPs Type(s) of Access R= Read W= Write G= Generate Z= Zeroize Zeroize DRBG Internal State O DRBG Seed O DRBG Entropy Input String O CO Password O User Password O MEK O Get Random Number DRBG Internal State O O O DRBG Seed O O O DRBG Entropy Input String O O O Get MSID N/A N/A Show Status N/A N/A Self-test N/A N/A IO Command Management N/A N/A Show Status N/A N/A Cancel the operation N/A N/A Set / Get Device Feature N/A N/A Configure Namespace N/A N/A Self-Test N/A N/A Erase Data MEK O O O Exhibit 14 – Unauthenticated Service, Cryptographic Keys & CSPs and Type(s) of Access. Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 18 of 23 7. Physical security policy The following physical security mechanisms are implemented in a cryptographic module: • Production grade components. The following table summarizes the actions required by the Cryptographic Officer Role to ensure that physical security is maintained: Physical Security Mechanisms Recommended Frequency of Inspection/Test Inspection/Test Guidance Details Production grade components N/A N/A Exhibit 18 - Inspection/Testing of Physical Security Mechanisms (FIPS 140-2 Table C5) Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 19 of 23 8. Electromagnetic Interference/Electromagnetic Compatibility (EMI/EMC) The cryptographic module conforms to the EMI/EMC requirements specified by 47 Code of Federal Regulations, Part 15, Subpart B, Unintentional Radiators, Digital Devices, Class B. Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 20 of 23 9. Mitigation of Other Attacks Policy The cryptographic module has not been designed to mitigate any specific attacks beyond the scope of FIPS 140-2. Other Attacks Mitigation Mechanism Specific Limitations N/A N/A N/A Exhibit 15 - Mitigation of Other Attacks (FIPS 140-2 Table C6) Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 21 of 23 10. Security rules The following specifies the security rules under which the cryptographic module shall operate in accordance with FIPS 140-2: • The cryptographic module operates always in FIPS Mode once shipped from the vendor's manufacturing site. • The steps necessary for the secure installation, initialization and start-up of the cryptographic module as per FIPS 140-2 VE10.03.01 are as follows: 10.1. Secure Installation o Step1. User should examine the Sealing Label ▪ Inspect the Sealing Label. ▪ If there is any sign of tampering, do not use the product and contact Samsung. o Step2. Identify the firmware version in the device ▪ Confirm that the firmware version is equivalent to the version(s) listed in this document via NVM express Identify Controller command. o Step3. Take the drive’s ownership ▪ Disable Admin SP’s Admin1 authority ▪ Change SID’s PIN by setting a new PIN ▪ Activate the Locking SP by using the Activate method. ▪ Change LockingSP Admin1~4’s PIN by setting a new PIN. ▪ Configure the Locking Global Range by setting ReadLockEnabled and WriteLockEnabled columns to True. ▪ Don’t change LockOnReset column in Locking Table so that the drive always gets locked after a power cycle o Step4. Periodically examine the Sealing Label ▪ If there is any sign of tampering, stop using the product to avoid a potential security hazard or information leakage. Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 22 of 23 10.2. Operational description of Module • The cryptographic module shall maintain logical separation of data input, data output, control input, status output, and power. • The cryptographic module shall not output CSPs in any form. • The cryptographic module shall use the Approved DRBG for generating all cryptographic keys. • The cryptographic module shall enforce role-based authentication for security relevant services. • The cryptographic module shall enforce a limited operational environment by the secure firmware load test using ECDSA P-256 with SHA-256. • The cryptographic module shall provide a production-grade cryptographic boundary. • The cryptographic module enters the error state upon failure of Self-tests. All commands from the Host (General Purpose Computer (GPC) outside the cryptographic boundary) are rejected in the error state and the cryptographic module returns an Internal Error (SC=0x6, SCT=0x0) defined in NVMe specification via the status output. Cryptographic services and data output are explicitly inhibited when in the error state. • If FW integrity failure occurs during booting process of the module, it will be reported as a response via theidentify command. o Serial Number : SM_ROM_DEFAULT_SN o Model Number : SM_NVMeROM o FW Version : PNXROM01 In this case, there is no way to recover the module. Module shall be sent back to Samsung for RMA. • The cryptographic module satisfies the requirements of FIPS 140-2 IG A.9 (i.e. key_1 ≠ key_2) • The module generates at a minimum 256 bits of entropy for use in key generation. Samsung NVMe TCG Opal SSC SEDs PM983 Series This non-proprietary Security Policy may only be copied in its entirety without alterations including this statement. Samsung copyright 2019 Page 23 of 23 10.3. Power-on Self-Tests 11. Algorithm Test AES Encrypt KAT and Decrypt KAT for AES-256-ECB at power-on AES Encrypt KAT and Decrypt KAT for AES-256-XTS at power-on DRBG KAT for Hash_DRBG (SHA-256) at power-on DRBG SP 800-90A Section 11.3 Health Tests ECDSA KAT for ECDSA P-256 SHA-256 signature verification at power-on.1 Exhibit 23 – Power-on Self-tests. • F/W integrity check o F/W integrity check is performed by using 128-bit error detection code & CRC-16 at power-on • Conditional Self-tests o Pairwise consistency: N/A o Bypass Test: N/A o Manual key entry test: N/A o F/W load test - F/W load test is performed by using ECDSA algorithm with P-256 and SHA-256 o Continuous random number generator test on Approved DRBG o Continuous random number generator test on NDRNG 1 As per FIPS 140-2 IG 9.2, SHA-256 KAT is covered under this test.