Seagate Secure® Self-Encrypting Drive

Certificate #4930

Webpage information ?

Status active
Validation dates 20.12.2024
Sunset date 19-12-2029
Standard FIPS 140-3
Security level 2
Type Hardware
Embodiment Multi-Chip Embedded
Caveat When operated in approved mode. When installed, initialized and configured as specified in Section 11.1 of the Security Policy. No operator authentication is enforced for executing security services that were unlocked by an authenticated service
Exceptions
  • Operational environment: N/A
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Description The Seagate Secure® Self-Encrypting Drive is embodied in Seagate Enterprise Exos™ Enterprise SED model devices. These products meet the performance requirements of the most demanding Enterprise applications. The Cryptographic Module (CM) provides a wide range of cryptographic services including: • HW based data encryption (AES-XTS) • Instantaneous user data disposal with cryptographic erase • Independently controlled and protected user data LBA bands • Authenticated FW download. The services are provided through industry-standard TCG Enterprise SSC SATA and SCSI protocols.
Version (Hardware) ST18000NM007J[1], ST16000NM007J[1], ST14000NM007J[1], ST12000NM007J[1], ST10000NM016G[1], ST10000NM022B[2], ST10000NM011B[2], ST8000NM022B[2], ST8000NM011B[2], ST6000NM024B[2], ST6000NM013B[2], ST4000NM013B[2], ST4000NM029B[2], ST4000NM017B[2], ST10000NM021B[3], ST8000NM021B[3], ST6000NM023B[3], ST4000NM012B[3], ST4000NM028B[3]
Version (Firmware) EP7U[1], EF34[2], SZFP[3]
Vendor Seagate Technology, LLC
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, AES-256, AES-, HMAC, CMAC
Asymmetric Algorithms
Diffie-Hellman
Hash functions
SHA-256, PBKDF
Schemes
MAC, Key Agreement
Protocols
TLS, TLS v1.2
Randomness
DRBG
Block cipher modes
ECB, CBC, GCM, XTS

Trusted Execution Environments
PSP, SSC

Security level
Level 2, Level 1, Level 0, level 2
Side-channel analysis
physical tampering

Standards
FIPS 140-3, FIPS 197, FIPS 198-1, FIPS 180-4, FIPS 186-4, FIPS 140, SP 800-90A, SP 800-38E, SP 800-90B, SP 800-38D, SP 800-38B, SP 800-56A, SP 800-132, SP 800-38F, SP 800-38A, SP 800-133, SP 800-63B, SP 800-90C, PKCS 1, PKCS#1, ISO/IEC 24759:2017

File metadata

Creation date D:20241213082544-06'00'
Modification date D:20241213082544-06'00'
Pages 38

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

  • 23.12.2024 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4930,
  "dgst": "afb36973671a3f3a",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "Safe Primes Key GenerationA1087",
        "SHA2-384A1088",
        "HMAC-SHA2-256A1091",
        "AES-GCMA1080",
        "PBKDFA1085",
        "AES-CMACA3515",
        "AES-CBCA1095",
        "AES-XTSA1090",
        "RSA SigVer (FIPS186-4)A1093",
        "Counter DRBGA1082",
        "KDF TLSA1089",
        "KAS-FFC-SSC Sp800-56Ar3A1084",
        "AES-KWA1094",
        "SHA2-256A1092"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "3",
        "1",
        "2"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "FF": {
          "DH": {
            "Diffie-Hellman": 1
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 4
        },
        "ECB": {
          "ECB": 1
        },
        "GCM": {
          "GCM": 10
        },
        "XTS": {
          "XTS": 6
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "TLS": {
          "TLS": {
            "TLS": 29,
            "TLS v1.2": 1
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 3
        },
        "MAC": {
          "MAC": 2
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "# A1087": 1,
          "AES-256": 2,
          "HMAC SHA-256": 2,
          "PKCS 1": 4,
          "PKCS#1": 2,
          "RSA PKCS#1": 2,
          "SHA-256": 3,
          "SHA2- 256": 2,
          "SHA2- 384": 1,
          "SHA2-256": 16,
          "SHA2-384": 4
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 0": 5,
          "Level 1": 1,
          "Level 2": 2,
          "level 2": 1
        }
      },
      "hash_function": {
        "PBKDF": {
          "PBKDF": 16
        },
        "SHA": {
          "SHA2": {
            "SHA-256": 3
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 29
        }
      },
      "side_channel_analysis": {
        "FI": {
          "physical tampering": 1
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140": 3,
          "FIPS 140-3": 7,
          "FIPS 180-4": 3,
          "FIPS 186-4": 1,
          "FIPS 197": 1,
          "FIPS 198-1": 2
        },
        "ISO": {
          "ISO/IEC 24759:2017": 1
        },
        "NIST": {
          "SP 800-132": 2,
          "SP 800-133": 2,
          "SP 800-38A": 1,
          "SP 800-38B": 1,
          "SP 800-38D": 1,
          "SP 800-38E": 1,
          "SP 800-38F": 1,
          "SP 800-56A": 5,
          "SP 800-63B": 6,
          "SP 800-90A": 3,
          "SP 800-90B": 3,
          "SP 800-90C": 1
        },
        "PKCS": {
          "PKCS 1": 2,
          "PKCS#1": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 5,
            "AES-": 8,
            "AES-256": 2
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 7,
            "HMAC": 4
          }
        }
      },
      "tee_name": {
        "AMD": {
          "PSP": 4
        },
        "IBM": {
          "SSC": 14
        }
      },
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/CreationDate": "D:20241213082544-06\u002700\u0027",
      "/ModDate": "D:20241213082544-06\u002700\u0027",
      "pdf_file_size_bytes": 1192124,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://en.wikipedia.org/wiki/Serial_ATA",
          "http://en.wikipedia.org/wiki/Serial_attached_SCSI",
          "https://trustedcomputinggroup.org/work-groups/storage/"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 38
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "554732dc77c90ce1624dfd27fcb4d8afbffa2d728b71096f77f5f06d0815f7fb",
    "policy_txt_hash": "d2207c83804421078fd1a3856ba1b3b30f3191d83be3480bc2bee40969413d26"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in approved mode. When installed, initialized and configured as specified in Section 11.1 of the Security Policy. No operator authentication is enforced for executing security services that were unlocked by an authenticated service",
    "certificate_pdf_url": null,
    "date_sunset": "2029-12-19",
    "description": "The Seagate Secure\u00ae Self-Encrypting Drive is embodied in Seagate Enterprise Exos\u2122 Enterprise SED model devices. These products meet the performance requirements of the most demanding Enterprise applications. The Cryptographic Module (CM) provides a wide range of cryptographic services including: \u2022 HW based data encryption (AES-XTS) \u2022 Instantaneous user data disposal with cryptographic erase \u2022 Independently controlled and protected user data LBA bands \u2022 Authenticated FW download. The services are provided through industry-standard TCG Enterprise SSC SATA and SCSI protocols.",
    "embodiment": "Multi-Chip Embedded",
    "exceptions": [
      "Operational environment: N/A",
      "Non-invasive security: N/A",
      "Mitigation of other attacks: N/A",
      "Documentation requirements: N/A",
      "Cryptographic module security policy: N/A"
    ],
    "fw_versions": "EP7U[1], EF34[2], SZFP[3]",
    "historical_reason": null,
    "hw_versions": "ST18000NM007J[1], ST16000NM007J[1], ST14000NM007J[1], ST12000NM007J[1], ST10000NM016G[1], ST10000NM022B[2], ST10000NM011B[2], ST8000NM022B[2], ST8000NM011B[2], ST6000NM024B[2], ST6000NM013B[2], ST4000NM013B[2], ST4000NM029B[2], ST4000NM017B[2], ST10000NM021B[3], ST8000NM021B[3], ST6000NM023B[3], ST4000NM012B[3], ST4000NM028B[3]",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "Seagate Secure\u00ae Self-Encrypting Drive",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-3",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2024-12-20",
        "lab": "LEIDOS CSTL",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Seagate Technology, LLC",
    "vendor_url": "http://www.seagate.com"
  }
}