Ultrastar® SS300 TCG Enterprise SSD

FIPS 140-2 Cryptographic Module

Non-Proprietary Security Policy
Protection of Data at Rest

Version: 1.3
2018-04-23
© 2018 Western Digital Corporation or its affiliates. Public Material - May be reproduced only in its original entirety [without revision].
Ultrastar SS300 TCG Enterprise SSD
CONTENTS
1. Cryptographic Module Overview ............................................................................................................. 4
1.1 Models .......................................................................................................................................................................................4
1.2 Security Level............................................................................................................................................................................5
2. Modes of Operation ................................................................................................................................... 5
2.1 FIPS Approved Mode of Operation .....................................................................................................................................5
2.2 Approved Algorithms..............................................................................................................................................................6
3. Ports and Interfaces .................................................................................................................................... 7
4. Identification and Authentication Policy ................................................................................................. 7
4.1 Crypto-Officer ..........................................................................................................................................................................7
4.1.1 Secure ID (SID) Authority ...............................................................................................................................................7
4.1.2 EraseMaster Authority ......................................................................................................................................................7
4.2 BandMaster Authority (User) .................................................................................................................................................7
4.3 Anybody ....................................................................................................................................................................................8
4.4 Maker .........................................................................................................................................................................................8
5. Access Control Policy ................................................................................................................................ 9
5.1 Roles and Services....................................................................................................................................................................9
5.2 Unauthenticated Services ..................................................................................................................................................... 11
5.3 Definition of Critical Security Parameters (CSPs) ............................................................................................................ 12
5.4 Definition of Public Security Parameters .......................................................................................................................... 13
5.5 SP800-132 Key Derivation Function Affirmations .......................................................................................................... 13
5.6 Definition of CSP Modes of Access .................................................................................................................................. 13
6. Operational Environment ....................................................................................................................... 15
7. Security Rules ............................................................................................................................................ 15
7.1 Invariant Rules....................................................................................................................................................................... 15
7.2 Initialization Rules ................................................................................................................................................................ 16
7.3 Zeroization Rules .................................................................................................................................................................. 17
8. Physical Security Policy ............................................................................................................................ 17
8.1 Mechanisms ........................................................................................................................................................................... 17
8.2 Operator Responsibility ....................................................................................................................................................... 18
9. Mitigation of Other Attacks Policy ........................................................................................................ 18
10. Definitions ................................................................................................................................................. 18
11. Acronyms ................................................................................................................................................... 20
12. References .................................................................................................................................................. 21
12.1 NIST Specifications .............................................................................................................................................................. 21
12.2 Trusted Computing Group Specifications ........................................................................................................................ 21
12.3 International Committee on Information Technology Standards T10 Technical Committee Standards................. 21
12.4 Corporate Documents .......................................................................................................................................................... 22
12.5 SCSI Commands ................................................................................................................................................................... 22

FIPS 140- 2 Security Policy Page 2 of 23

Ultrastar SS300 TCG Enterprise SSD
Tables
Table 1 Ultrastar SS300 TCG Enterprise SSD Models................................................................................ 4
Table 2 - Module Security Level Specification .............................................................................................. 5
Table 3 - FIPS Approved Algorithms ............................................................................................................ 6
Table 4 – Approved Cryptographic Functions Tested with Vendor Affirmation ................................... 7
Table 5 - Ultrastar SS300 Pins and FIPS 140-2 Ports and Interfaces ........................................................ 7
Table 6 - Roles and Required Identification and Authentication ............................................................... 8
Table 7 - Authentication Mechanism Strengths ............................................................................................ 9
Table 8 - Authenticated CM Services (Approved Mode) ............................................................................ 9
Table 9 - Authenticated CM Services (Non-Approved Mode) ................................................................. 10
Table 10 - Unauthenticated Services ............................................................................................................. 11
Table 11 - CSPs and Private Keys ................................................................................................................. 12
Table 12 - Public Security Parameters .......................................................................................................... 13
Table 13 - CSP Access Rights within Roles & Services ............................................................................. 14
Table 14 - SCSI Commands ........................................................................................................................... 22

Figures
Figure 1: Ultrastar SS300 Cryptographic Boundary...................................................................................... 4
Figure 2: Tamper-Evident Seals .................................................................................................................... 17
Figure 3: Tamper Evidence on Tamper Seals ............................................................................................. 18

FIPS 140- 2 Security Policy Page 3 of 23

Ultrastar SS300 TCG Enterprise SSD
1. Cryptographic Module Overview
The self-encrypting Ultrastar® SS300 TCG Enterprise SSD, hereafter referred to as “Ultrastar SS300” or “the
Cryptographic Module”, is a multi-chip embedded module that comply with FIPS 140-2 Level 2 security. The
Ultrastar SS300 complies with the Trusted Computing Group (TCG) SSC: Enterprise Specification. The drive enclosure
defines the cryptographic boundary. See Figure 1: Ultrastar SS300 Cryptographic Boundary. All components within
this boundary satisfy FIPS 140-2 requirements.

Figure 1: Ultrastar SS300 Cryptographic Boundary

Top View SAS Connector Front View Bottom View

1.1 Models
The Ultrastar SS300 is available in several models that vary in performance and storage capacity. The validated
models listed below in Table 1, lists the models, characteristics, hardware version and firmware version associated
with each model.

Table 1 Ultrastar SS300 TCG Enterprise SSD Models

Part Number
Firmware Capacity Description
(Hardware Version)
HUSTR7676ASS205 (1) R500, R512, R520 7680GB 2.5", 12 Gb/s SAS, 1DW/D
HUSTR7638ASS205 (1) R500, R520 3840GB 2.5", 12 Gb/s SAS, 1DW/D
HUSTR7619ASS205 (1) R500, R520 1920GB 2.5", 12 Gb/s SAS, 1DW/D
HUSTR7696ASS205 (1) R500, R520 960GB 2.5", 12 Gb/s SAS, 1DW/D
HUSTR7648ASS205 (1) R500, R512, R520 480GB 2.5", 12 Gb/s SAS, 1DW/D

FIPS 140- 2 Security Policy Page 4 of 23

Ultrastar SS300 TCG Enterprise SSD
1.2 Security Level
The Cryptographic Module meets all requirements applicable to FIPS 140-2 Level 2 Security.

Table 2 - Module Security Level Specification

FIPS 140-2 FIPS 140-2
Security Requirements Section Security Level
Achieved
Cryptographic Module Specification 2
Module Ports and Interfaces 2
Roles, Services and Authentication 2
Finite State Model 2
Physical Security 2
Operational Environment N/A
Cryptographic Key Management 2
EMI/EMC 3
Self-Tests 2
Design Assurance 2
Mitigation of Other Attacks N/A

2. Modes of Operation
2.1 FIPS Approved Mode of Operation
The Cryptographic Module has a single FIPS Approved mode of operation. Configuration and policy determine the
Cryptographic Module’s FIPS mode of operation. The Cryptographic Module enters FIPS Approved Mode after
successful completion of the Initialize Cryptographic service instructions. See Section 7.2 for information on the
Cryptographic Module’s initialization rules. The operator can determine if the Cryptographic Module is operating in a
FIPS approved mode by invoking the Get FIPS mode service 1. The Crypto-Officer shall not enable the Maker
Authority after the cryptographic module enters FIPS Approved mode. The cryptographic module is in FIPS non-
Approved mode whenever a successful authentication to the Maker Authority occurs. If the Crypto-Officer enables
the Maker Authority after the module enters FIPS Approved mode the Crypto-Officer must also execute the TCG
Revert Method to zeroize the cryptographic module. If the Crypto-Officer, subsequently, executes the Initialize
Cryptographic service instructions provided in Section 7.2 with the intent of placing the cryptographic module in
FIPS Approved mode the Crypto-Officer must first execute the TCG Revert Method to zeroize the cryptographic
module.
The chapter titled FIPS 140 Crypto-Officer Instructions within the Ultrastar SS300 Product Manual provides
information on how to execute the Initialize Cryptographic service as well as the TCG Revert Method.

1 A return value of 1 indicates that the cryptographic module is operating in FIPS Approved mode.
FIPS 140- 2 Security Policy Page 5 of 23
Ultrastar SS300 TCG Enterprise SSD
2.2 Approved Algorithms
The Cryptographic Module supports the following FIPS Approved algorithms. All algorithms and key lengths
comply with NIST SP 800-131A.

Table 3 - FIPS Approved Algorithms

Algorithm Description Cert #
[FIPS 197, SP800 38A, SP 800 38F] 4281
Functions: Encryption, decryption, and key
wrapping to protect an associated MEK
AES Firmware
in data storage applications
Modes: ECB, KW
Key Size: 256
[FIPS 197, SP800 38A] 4309
Functions: Encryption and decryption
AES ECB Hardware 2
Mode: ECB
Key Sizes: 128, 256
[FIPS 197, SP800 38A, SP800 38E] 4309
Functions: Encryption and decryption in storage
applications
Mode: XTS
AES XTS Hardware 3
• XTS-AES Key1 does not equal XTS-AES Key2
• The length of the XTS-AES data unit does not
exceed 220 blocks.
Key Sizes: 128, 256
[SP800 90A] 1341
Function: Deterministic random number generator
DRBG Firmware
Mode: CTR
Security Strength: 256 bits
[FIPS 198-1] 2817
Function: Key encrypting key (KEK) derivation
HMAC Firmware
used within the PBKDF
SHA size: SHA-256
[FIPS 186-4, PSS] 2302
Function: Digital signature verification with SHA-
RSA Firmware
256 4
Key size: 2048
[FIPS 180-4] 3517
SHA Functions: Digital Signature verification and KEK
Hardware/Firmware generation
SHA size: SHA-256
[FIPS 180-4] 3519
Functions: Digital Signature verification and KEK
SHA Firmware
generation
SHA size: SHA-256

2
Tested AES ECB-128. However, the cryptographic module does not use this algorithm.
3
Tested AES XTS-128. However, the cryptographic module does not use this algorithm.
4 SHA-256 Cert. #3519

FIPS 140- 2 Security Policy Page 6 of 23

Ultrastar SS300 TCG Enterprise SSD
Table 4 – Approved Cryptographic Functions Tested with Vendor Affirmation
Algorithm Description Rationale
[SP800 133] Cryptographic Key Generation Vendor Affirmed
Function: Generated from the DRBG without [FIPS140] IG D.12.
CKG
further modification or post processing
See Section 5.3.
PBKDF [SP 800-132] PBKDF Vendor Affirmed

The Cryptographic Module supports the following non-Approved but allowed algorithm:
• A hardware NDRNG seeds the Approved [SP800-90A] DRBG. The NDRNG provides a minimum of 256
bits of entropy for key generation.

3. Ports and Interfaces

The drive uses the standard 29-pin Serial Attached SCSI (SAS) connector that conforms to the mechanical
requirements of SFF 8680. Table 5 identifies the Cryptographic Module’s ports and interfaces. The Serial connector
is a two-wire port, signal, and ground. The Serial Connector is enabled only at Western Digital manufacturing
facilities. Western Digital disables the serial connector at its manufacturing facility before delivering the
Cryptographic Module to customers. The Cryptographic Module does not provide a maintenance access interface.

Table 5 - Ultrastar SS300 Pins and FIPS 140-2 Ports and Interfaces
FIPS 140-2 Interface Cryptographic Module Port Connector Pins
Power Power connector
Control Input SAS connector, Serial connector
Status Output SAS connector, Serial connector
Data Input SAS connector, Serial connector
Data Output SAS connector, Serial connector

4. Identification and Authentication Policy

The Cryptographic Module enforces role separation by requiring a role identifier and an authentication credential
(Personal Identification Number or PIN). The Cryptographic Module enforces the following FIPS140-2 operator
roles.
4.1 Crypto-Officer
4.1.1 Secure ID (SID) Authority
This TCG authority initializes the Cryptographic Module. Section 11.3.1 of the TCG Storage Security Subsystem
Class: Enterprise Specification defines this role.
4.1.2 EraseMaster Authority
This TCG authority can selectively zeroize bands within the cryptographic module. Section 11.4.1 of the TCG
Storage Security Subsystem Class: Enterprise Specification defines this role. It may also disable User roles and
erase LBA bands (user data regions).
4.2 BandMaster Authority (User)
User roles correspond to Bandmaster Authorities. Section 11.4.1 of the TCG Storage Security Subsystem Class:
Enterprise Specification provides a definition. Bandmaster authorities can lock/unlock and configure LBA bands

FIPS 140- 2 Security Policy Page 7 of 23

Ultrastar SS300 TCG Enterprise SSD
(user data regions) and issue read/write commands to the SED. The TCG EraseMaster authority can disable a
Bandmaster.
4.3 Anybody
The Anybody role corresponds to services that do not require authentication. With one exception, these do not
disclose, modify, or substitute Critical Security Parameters, use an Approved security function, or otherwise affect the
security of the Cryptographic Module. The excepted service is the Generate Random service, which provides output
from an instance of the SP800-90A DRBG.
4.4 Maker
For failure analysis purposes, the vendor can enable the serial port to perform diagnostics and gather data on the
failure. A power cycle automatically locks the serial port. The vendor must authenticate to the SID and the Maker
authorities to open the serial port. The cryptographic module is in FIPS non-Approved mode whenever the vendor
authenticates to the Maker Authority. The vendor performs failure analysis within the vendor’s facility. Maker
authentication data shall not leave the vendor’s facilities. During normal operation, the Crypto-Officer disables the
Maker Authority when invoking the Initialize Cryptographic Module service.
The following table maps TCG authorities to FIPS140-2 roles.

Table 6 - Roles and Required Identification and Authentication

TCG Authentication
Description Authentication Data
Authority Type
The SID Authority is a Crypto-
CO Identity (TCG SID
Officer role that initializes the
SID Authority Role-based Authority) and PIN (TCG
Cryptographic Module and
SID Authority PIN)
authorizes Firmware download.
The EraseMaster Authority is a
EraseMaster CO Identity (TCG
Crypto-Officer role that zeroizes
Role-based EraseMaster Authority) and
Authority Media Encryption keys and disables
PIN (TCG EraseMaster PIN)
Users.
BandMaster N The BandMaster Authority is a User User Identity (TCG
role that controls read/write access Role-based BandMaster Authority) and
(N = 0 to 15) to LBA Bands. PIN (TCG BandMaster PIN)
Anybody is a role that does not
Anybody Unauthenticated N/A
require authentication.
Completion of the Initialize User Identity (TCG Maker
Maker
Cryptographic Module service Role-based Authority) and
(Disabled)
disables the Maker Authority PIN (Maker PIN)

FIPS 140- 2 Security Policy Page 8 of 23

Ultrastar SS300 TCG Enterprise SSD
Table 7 - Authentication Mechanism Strengths

Authentication Mechanism Strength

Mechanism
TCG Credentials are 256 bits, which provides 2256 possible values. The
probability that a random attempt succeeds is 1 chance in 2256
(approximately (8.64 x 10-78) which is significantly less than 1/1,000,000
(1x 10-6).
Multiple, successive authentication attempts can only occur sequentially
TCG Credential (PIN) (one at a time) and only when the failed authentication Tries count value
does not exceed the associated TriesLimit value. Each authentication
attempt consumes approximately 700 microseconds. Hence, at most,
approximately 86,000 authentication attempts are possible in one minute.
Thus, the probability that a false acceptance occurs within a one minute
interval is approximately 7.4 x 10-73, which is significantly less than 1
chance in 100,000 (1 x 10-5).

5. Access Control Policy

5.1 Roles and Services

Table 8 - Authenticated CM Services (Approved Mode)

Service Description Role(s)
Initialize Cryptographic Crypto-Officer provisions the Cryptographic Module CO
Module 5 from the organizational policies (SID Authority)
CO, Users (SID
Authenticate Input a TCG Credential for authentication Authority, EraseMaster,
BandMasters)
Lock/Unlock Firmware CO
Deny/Permit access to Firmware Download service
Download Control (SID Authority)
Unlocking the Firmware Download Control enables
firmware downloads. RSA2048 PSS and SHA-256
CO
Firmware Download verify the entire firmware image. If, after a successful
(SID Authority)
download, the self-tests complete successfully, the
SED executes the new code.
The TCG Revert method zeroizes a drive and returns
Zeroize (TCG Revert) the Cryptographic Module to its original CO, Users
manufactured state.
CO, Users
Write data structures; access control enforcement
(SID Authority,
Set occurs per data structure field. This service can
EraseMaster,
change PINs.
BandMasters)
Set the starting location, size, and attributes of a set
Set LBA Band Users (BandMasters)
of contiguous Logical Blocks.
Lock/Unlock Users
Deny/Permit access to a LBA Band
LBA Band (BandMasters)

5
See the Cryptographic Module Acceptance and Provisioning section within the Ultrastar SS300 Product Manual
FIPS 140- 2 Security Policy Page 9 of 23
Ultrastar SS300 TCG Enterprise SSD

Service Description Role(s)

Transform plaintext user data into ciphertext and Users
Write Data
write in a LBA band. (BandMasters)
Read ciphertext from a LBA band and output user Users
Read Data
plaintext data. (BandMasters)
Users
Set Data Store Write a stream of bytes to unstructured storage.
(BandMasters)
Band cryptographic-erasure by changing LBA band
encryption keys to new values. Erasing an LBA band CO
Erase LBA Band
with EraseMaster sets the TCG Credential to the (EraseMaster)
default value.

Table 9 - Authenticated CM Services (Non-Approved Mode)

Service Description Role(s)
Initialize Cryptographic Crypto-Officer provisions the Cryptographic Module from CO
Module 6 (non-compliant) the organizational policies (SID Authority)
CO, Users, Maker
Authenticate (non- (SID Authority,
Input a TCG Credential for authentication
compliant) EraseMaster,
BandMasters)
Lock/Unlock Firmware
CO
Download Control (non- Deny/Permit access to Firmware Download service
(SID Authority)
compliant)
Unlocking the Firmware Download Control enables
firmware downloads. RSA2048 PSS and SHA-256 verify
Firmware Download CO
the entire firmware image. If, after a successful download,
(non-compliant) (SID Authority)
the self-tests complete successfully, the SED executes the
new code.
Zeroize (TCG Revert) The TCG Revert method zeroizes a drive and returns the
CO, Users
(non-compliant) Cryptographic Module to its original manufactured state.
CO, Users, Maker
Set Write data structures; access control enforcement occurs per (SID Authority,
(non-compliant) data structure field. This service can change PINs. EraseMaster,
BandMasters)
Set LBA Band (non- Set the starting location, size, and attributes of a set of Users
compliant) contiguous Logical Blocks. (BandMasters)
Lock/Unlock
Users
LBA Band (non- Deny/Permit access to a LBA Band
(BandMasters)
compliant)
Write Data (non- Transform plaintext user data into ciphertext and write in a Users
compliant) LBA band. (BandMasters)
Read Data (non- Read ciphertext from a LBA band and output user plaintext Users
compliant) data. (BandMasters)
Set Data Store (non- Users
Write a stream of bytes to unstructured storage.
compliant) (BandMasters)

6
See the Cryptographic Module Acceptance and Provisioning section within the Ultrastar SS300 Product Manual
FIPS 140- 2 Security Policy Page 10 of 23
Ultrastar SS300 TCG Enterprise SSD

Service Description Role(s)

Band cryptographic-erasure by changing LBA band
Erase LBA Band (non- CO
encryption keys to new values. Erasing an LBA band with
compliant) (EraseMaster)
EraseMaster sets the TCG Credential to the default value.
Set Vendor Data (non- A Non-Approved service that is unavailable after the Maker
compliant) Initialize Cryptographic Module service completes
5.2 Unauthenticated Services
Table 10 - Unauthenticated Services lists the unauthenticated services the Cryptographic Module provides.

Table 10 - Unauthenticated Services

Service Description
Reset Module Power on Reset
Self-Test The Cryptographic Module performs self-tests when it powers up
Status Output TCG (IF-RECV) protocol
Get FIPS Mode TCG ‘Level 0 Discovery’ method outputs the FIPS mode of the
Cryptographic Module.
Start Session Start TCG session
End Session End a TCG session by clearing all session state
Generate Random TCG Random method generates a random number from the SP800-
90A DRBG
Get Reads data structure; access control enforcement occurs per data
structure field
Get Data Store Read a stream of bytes from unstructured storage
Zeroize TCG Revert method to return the Cryptographic Module to its
original manufactured state; authentication data (PSID) is printed on
the external label
SCSI [SCSI Core] and [SCSI Block] commands to function as a
standardized storage device. See Table 14 - SCSI Commands
FIPS 140 Compliance Descriptor 7 This service reports the FIPS 140 revision as well as the cryptographic
module’s overall security level, hardware revision, firmware revision
and module name.

7
See the FIPS 140 Compliance Descriptor section within the Ultrastar SS300 Product Manual

FIPS 140- 2 Security Policy Page 11 of 23

Ultrastar SS300 TCG Enterprise SSD
5.3 Definition of Critical Security Parameters (CSPs)
The Cryptographic Module contains the CSPs listed in Table 11 - CSPs and Private Keys. Zeroization of CSPs
complies with [SP800-88] media sanitization.

Table 11 - CSPs and Private Keys

Key Name Type Description
Crypto-Officer PIN - TCG 256-bit authentication data The PBKDF uses this PIN to
Credential (2 total) authenticate the Crypto-Officer’s
credentials.
User PIN –TCG Credential 256-bit authentication data The PBKDF uses this PIN to
(16 total) authenticate the User’s credentials

MEK - Media Encryption Key 8 XTS-AES-256 (512 bits) Encrypts and decrypts LBA Bands.
(16 total - 1 per LBA band) Each key is only associated with one
LBA band. MEKs are generated from
the DRBG without modification.
KEK – Key Encrypting Key SP 800-132 PBKDF (256 Ephemeral keys derived from
(16 total) bits) BandMaster PINs and 256-bit KDF salts
that wrap the MEKs using an [SP 800-
38F] AES-256 Key Wrap.
Note: Keys protected by this [SP 800-
132] PBKDF derived key shall not leave
the module.
NDRNG 256-byte Entropy output Entropy source for DRBG
DRBG Internal CTR_DRBG state All properties and state associated with
(384 bits) the [SP800-90A] Deterministic Random
Bit Generator

8
A concatenation of XTS-AES Key1 (256 bits) and XTS-AES Key2 (256 bits)

FIPS 140- 2 Security Policy Page 12 of 23

Ultrastar SS300 TCG Enterprise SSD
5.4 Definition of Public Security Parameters
The Cryptographic Module contains two public keys. The cryptographic module uses the public keys to verify the
digital signature of a firmware download image. If the digital signature verification process fails when utilizing the
primary public key, the cryptographic module attempts to use the secondary public key to verify the digital signature.
The cryptographic rejects the downloaded firmware image if both attempts to verify the digital signature fail.

Table 12 - Public Security Parameters

Key Name Type Description
Primary public key used to verify the digital
RSAPublicKey[0] RSA 2048 public key
signature of a firmware image.
Secondary public key used to verify the digital
RSAPublicKey[1] RSA 2048 public key
signature of a firmware image.
PSID Twenty-character alpha- A unique value that is generate in the factory and
numeric string printed on the Cryptographic Module’s label. The
PSID is used as authentication data and proof of
physical presence for the Zeroize service.
PIN salt (16 total) 256-bit key PIN salts are generated from the DRBG without
modification.
KDF Salt - Key 256-bit key KDF salts are generated from the DRBG without
Derivation Function Salt modification.
(16 total)
5.5 SP800-132 Key Derivation Function Affirmations
The Cryptographic Module deploys a [SP800-132] Key Derivation Function (KDF).
• The Cryptographic Module deploys a [SP800-132] Key Derivation Function (KDF). The cryptographic
module complies with SP800-132 Option 2a.
• The Cryptographic Module tracks TCG Credentials (PINs) by hashing a 256-bit salt and User PIN and
storing the SHA256 digest and associated salt in the Reserved Area.
• Security Policy rules set the minimum User PIN length at 32 bytes. The cryptographic module allows values
from 0x00 to 0xFF for each byte of the User PIN.
• The upper bound for the probability of guessing a User PIN is 2-256. The difficulty of guessing the User PIN
is equivalent to a brute force attack.
• KEKs ([SP800-132] Master Keys) derive from passing a User PIN ([SP800-132] Password) and a 256-bit salt
though an [SP800-132] KDF. The cryptographic module creates a unique KEK for each LBA Band. The
KEK generation process utilizes the HMAC-SHA-256 algorithm to generate the KEK. Each KEK has a
security strength of 128-bits against a collision attack.
• Each 256-bit salt is a random number generated using the [SP800-90A] DRBG.
• The sole use of a KEK is to wrap and unwrap a Media Encryption Key (MEK).
5.6 Definition of CSP Modes of Access
Table 13 defines the relationship between access to Critical Security Parameters (CSPs) and the different
Cryptographic Module services. The definitions shown below define the access modes listed in Table 13.
• G = Generate: The Cryptographic Module generates a CSP from the [SP800-90A] DRBG, derives a CSP
with the Key Derivation Function or hashes authentication data with SHA-256.
• E = Execute: The module executes using the CSP.

FIPS 140- 2 Security Policy Page 13 of 23

Ultrastar SS300 TCG Enterprise SSD
• W = Write: The Cryptographic Module writes a CSP. The write access is performed after the Cryptographic
Module generates a CSP.
• Z = Zeroize: The Cryptographic Module zeroizes a CSP.

Table 13 - CSP Access Rights within Roles & Services

Type of CSP
Service CSPs and Keys
Access
CO PIN E, W
User PIN E, W
Initialize Cryptographic Module DRBG, NDRNG E
KEK G
MEK G, W
CO PIN E
Authenticate
User PIN E
Lock/Unlock Firmware Download Control CO PIN E
CO PIN E
Firmware Download
RSAFW E
CO PIN E
Set User PIN E
Maker PIN E
Set LBA Band User PIN E
User PIN E
Lock/Unlock LBA Band KEK G
MEK E
User PIN E
Write Data
MEK E
User PIN E
Read Data
MEK E
Set Data Store User PIN E
Set Vendor Data None None
CO PIN E
Erase LBA Band KEK G
MEK Z, G, W
NDRNG E
Self-Test
DRBG W
Reset Module None None
Status Output None None
Get FIPS mode None None
Start Session None None
End Session None None
Generate Random DRBG E
FIPS 140- 2 Security Policy Page 14 of 23
Ultrastar SS300 TCG Enterprise SSD

Type of CSP
Service CSPs and Keys
Access
Get Data Store None None
Get None None
CO PIN W
User PIN W
Zeroize (TCG Revert) DRBG G
KEK G
MEK Z, G, W
SCSI None None
FIPS 140 Compliance Descriptor None None

6. Operational Environment
The Cryptographic Module operating environment is non-modifiable. Therefore, the FIPS 140-2 operational
environment requirements are not applicable to this module. While operational, the Cryptographic Module prohibits
additions, deletions, or modification of the code working set. Firmware can be upgraded, whereby it is replaced in its
entirety, with an authenticated download service. If the download operation is successfully, authorized and verified,
the Cryptographic Module will begin operating with the new code working set. Firmware loaded into the module that
is not on the certificate is out of the scope of this validation and requires a separate FIPS 140-2 validation.

7. Security Rules
The Ultrastar SS300 enforces applicable FIPS 140-2 Level 2 security requirements. This section documents the security
rules that the Cryptographic Module enforces.
7.1 Invariant Rules
1. The Cryptographic Module supports two distinct types of operator roles: Crypto-Officer and
User. The module also supports an additional role, the Maker role. Initialization disables the
Maker role.
2. Cryptographic Module power cycles clear all existing authentications.
3. After the Cryptographic Module has successfully completed all self-tests and initialized according to the
instructions provided in Section 7.2, it is in FIPS Approved mode. The Crypto-Officer shall not enable
the Maker Authority after the cryptographic module enters FIPS Approved mode.
4. When the Cryptographic Module is unable to authenticate TCG Credentials, operators do not have access
to any cryptographic service other than the unauthenticated Generate Random service.
5. The Cryptographic Module performs the following tests. Upon failure of any test, the Cryptographic
Module enters a soft error state. The Cryptographic module reports the error condition by transmitting
an UEC via the [SCSI] protocol. After entering the soft error state, the cryptographic module does not
process functional commands unless a power cycle occurs.
A. Power up Self-Tests
1) Firmware Integrity 32-bit EDC
2) Firmware AES Encrypt KAT, Cert #4281
3) Firmware AES Decrypt KAT, Cert #4281
4) RSA 2048 PSS Verify KAT, Cert #2302

FIPS 140- 2 Security Policy Page 15 of 23

Ultrastar SS300 TCG Enterprise SSD
5) DRBG KAT 9, Cert#1341
6) SHA-256 KAT, Cert#3519
7) HMAC-SHA-256 KAT, Cert #2817
8) Hardware AES Encrypt KAT, Cert #4309
9) Hardware AES Decrypt KAT, Cert #4309
10) HW/FW SHA-256 KAT, Cert #3517
B. Conditional Tests
1) The Cryptographic Module performs a Continuous Random Number Generator test on the
DRBG and the hardware NDRNG entropy source.
2) The Cryptographic Module performs a key comparison test on XTS-AES Key1 and XTS-
AES Key2 that satisfies IG A.9 XTS-AES Key Generation Requirements.
3) Firmware Download Test, RSA 2048 PSS (Cert# 2302), SHA-256 (Cert# 3517)
6. An operator can command the Cryptographic Module to perform the power-up self-test by power
cycling the device.
7. Power-up self-tests do not require operator action.
8. Data output is inhibited during key generation, self-tests, zeroization, and error states.
9. Status information does not contain CSPs or sensitive data that if misused, could compromise the
Cryptographic Module.
10. The Zeroization service deletes all plaintext keys and CSPs.
11. The Cryptographic Module does not support a maintenance interface or maintenance role.
12. The Cryptographic Module does not support manual key entry.
13. The Cryptographic Module does not have any external input/output devices used for entry/output of data.
14. The Cryptographic Module does not output plaintext CSPs.
15. The Cryptographic Module does not output intermediate key values.
16. The Cryptographic Module does not support concurrent operators.
17. The End Session service deletes the current operator’s authentication. The Cryptographic
Module requires operators to re-authenticate upon execution of the End Session service.
18. The host shall authenticate to LBA Bands after a power cycle.
19. The Crypto Officer shall assure that all host issued User PINs are 32-bytes in length.
7.2 Initialization Rules
The Crypto-Officer shall follow the instructions provided in the FIPS 140 Crypto-Officer Instructions section of the
Ultrastar SS300 Product Manual and the Delivery & Operation (Crypto-Officer’s) Manual for acceptance and end of
life procedures. Acceptance instructions include:
• Establish authentication data for the TCG Authorities by replacing the MSID (default PIN value).
• Erase the LBA Bands. When the Cryptographic Module erases the LBA bands it also erases the Media
Encryption Keys.
• Establish the LBA Bands. When the Cryptographic Module establishes LBA bands it also generates Media
Encryption Keys.
• Disable the Maker Authority

9
The DRBG KAT is inclusive of the instantiate, generate and reseed function health tests required in [SP 800-90A]

FIPS 140- 2 Security Policy Page 16 of 23

Ultrastar SS300 TCG Enterprise SSD
• Lock the Firmware Download service and set the Firmware Download service to lock automatically after a
power cycle. The cryptographic module automatically locks the Firmware Download service after
downloading new firmware.
At the end of these steps, the cryptographic module will be in a FIPS Approved Mode of operation. While in FIPS
Approved mode, only an authenticated Crypto-Officer can change the state of the firmware download service.
7.3 Zeroization Rules
The Crypto-Officer shall use the TCG Revert Method to perform the zeroization function. Reverting the
cryptographic module zeroizes all Critical Security Parameters.

8. Physical Security Policy

8.1 Mechanisms
The Cryptographic Module does not make claims in the Physical Security area beyond FIPS 140-2 Security Level 2
• All components are production-grade materials with standard passivation.
• The enclosure is opaque.
• Engineering design supports opacity requirements.
• Western Digital applies two (2) tamper-evident security seals during manufacturing.
• The tamper-evident security seal cannot be penetrated or removed and reapplied without evidence of
tampering. In addition, it is difficult to replicate the of tamper-evident security seal.

Figure 2: Tamper-Evident Seals

1 2

FIPS 140- 2 Security Policy Page 17 of 23

Ultrastar SS300 TCG Enterprise SSD

8.2 Operator Responsibility

The Crypto-Officer and/or User shall inspect the Cryptographic Module enclosure for evidence of tampering at least
once a year. If the inspection reveals evidence of tampering, the Crypto-Officer should return the module to Western
Digital.

Figure 3: Tamper Evidence on Tamper Seals

9. Mitigation of Other Attacks Policy

The cryptographic module is not designed to mitigate any specific attacks beyond the scope of the requirements
within FIPS 140-2.

10. Definitions
• Allowed: NIST approved, i.e., recommended in a NIST Special Publication, or acceptable, i.e., no known
security risk as opposed to deprecated, restricted and legacy-use. [SP800-131A]
• Anybody: A formal TCG term for an unauthenticated role. [TCG Core]
• Approved mode of operation: A mode of the cryptographic module that employs only approved security
functions. [FIPS140]
• Approved: [FIPS140] approved or recommended in a NIST Special Publication.
• Authenticate: Prove the identity of an Operator or the integrity of an object.
• Authorize: Grant an authenticated Operator access to a service or an object.
• Ciphertext: Encrypted data transformed by an Approved security function.
• Confidentiality: A cryptographic property that sensitive information is not disclosed to unauthorized parties.
• Credential: A formal TCG term for data used to authenticate an Operator. [TCG Core]
• Critical Security Parameter (CSP): Security-related information (e.g., secret and private cryptographic keys,
and authentication data such as credentials and PINs) whose disclosure or modification can compromise the
security of a cryptographic module. [FIPS140]
• Cryptographic Boundary: An explicitly defined continuous perimeter that establishes the physical bounds
of a cryptographic module and contains all the hardware, software, and/or firmware components of a
cryptographic module. [FIPS140]
• Cryptographic key (Key): An input parameter to an Approved cryptographic algorithm
FIPS 140- 2 Security Policy Page 18 of 23
Ultrastar SS300 TCG Enterprise SSD
• Cryptographic Module: The set of hardware, software, and/or firmware used to implement approved
security functions contained within the cryptographic boundary. [FIPS140]
• Crypto-Officer: An Operator performing cryptographic initialization and management functions. [FIPS140]
• Data at Rest: User data residing on the storage device media when the storage device is powered off.
• Discovery: A TCG method that provides the properties of the TCG device. [TCG Enterprise]
• Drive Writes per Day (DWPD): Drive Writes Per Day defines how many times the entire capacity of the
SSD can be overwrite every single day of its usable life without failure during the warranty period.
• Integrity: A cryptographic property that sensitive data has not been modified or deleted in an unauthorized
and undetected manner.
• Interface: A logical entry or exit point of a cryptographic module that provides access to the cryptographic
module for logical information flows. [FIPS140]
• Key Derivation Function (KDF): An Approved cryptographic algorithm by which one or more keys are
derived from a shared secret and other information.
• Key Encrypting Key (KEK): A cryptographic key used to encrypt or decrypt other keys.
• Key management: The activities involving the handling of cryptographic keys and other related security
parameters during the entire life cycle of the Cryptographic Module. The handling of authentication data is
representative of a key management activity.
• Key Wrap: An Approved cryptographic algorithm that uses a KEK to provide Confidentiality and Integrity.
• LBA Band: A formal [TCG Core] term that defines a contiguous logical block range (sequential LBAs) to
store encrypted User Data; bands do not overlap and each has its own unique encryption key and other
settable properties.
• Manufactured SID (MSID): A unique default value assigned to each SED during manufacturing. Typically,
the manufacturer prints the MSID on an external label. The MSID is readable with the TCG protocol. It is
the initial and default value for all TCG credentials. [TCG Core]
• Method: A TCG command or message. [TCG Core]
• Operator: A consumer, either human or automation, of cryptographic services that is external to the
Cryptographic Module. [FIPS140]
• Personal Identification Number (PIN): A formal TCG term designating a string of octets used to
authenticate an identity. [TCG Core]
• Plaintext: Unencrypted data.
• Port: A physical entry or exit point of a cryptographic module that. A port provides access to the
Cryptographic Module’s physical signals. [FIPS140]
• PSID (Physical Security Identifier): a SED unique value that is printed on the Cryptographic Module’s
label and is used as authentication data and proof of physical presence for the Zeroize service.
• Public Security Parameters (PSP): Public information, that if modified can compromise the security of the
cryptographic module (e.g., a public key of a key pair).
• Read Data: An external request to transfer User Data from the SED. [SCSI Block]
• Reserved Area: Private data on the Storage Medium that is not accessible outside the Cryptographic
Boundary.
• Security Identifier (SID): A TCG authority used by the Crypto-Officer. [TCG Core]
• Self-Encrypting Drive (SED): A storage device that provides data storage services.
FIPS 140- 2 Security Policy Page 19 of 23
Ultrastar SS300 TCG Enterprise SSD
• Session: A formal TCG term that envelops the lifetime of an Operator’s authentication. [TCG Core]
• Storage Medium: The non-volatile, persistent storage location of a SED; it is partitioned into two disjoint
sets, a User Data area and a Reserved Area.
• User Data: Data transferred from/to a SED using the Read Data and Write Data commands. [SCSI Block]
• User: An Operator that consumes cryptographic services. [FIPS140]
• Write Data: An external request to transfer User Data to a SED. [SCSI Block]
• Zeroize: Invalidate a Critical Security Parameter. [FIPS140]

11. Acronyms
• CO: Cryptographic Office [FIPS140]
• CRC: Cyclic Redundancy Check
• CSP: Critical Security Parameter [FIPS140]
• DRAM: Dynamic Random Access Memory
• DRBG: Deterministic Random Bit Generator
• DW/D: Drive Writes per Day
• EDC: Error Detection Code
• EMI: Electromagnetic Interference
• FIPS: Federal Information Processing Standard
• KAT: Known Answer Test
• KDF: Key Derivation Function
• LBA: Logical Block Address
• MEK: Media Encryption Key
• MSID: Manufactured Security Identifier
• NDRNG: Non-deterministic Random Number Generator
• NIST: National Institute of Standards and Technology
• PIN: Personal Identification Number
• PSID: Physical Security Identifier
• PSP: Public Security Parameter
• SAS: Serial Attached SCSI
• SCSI: Small Computer System Interface
• SED: Self Encrypting Drive
• SID: TCG Security Identifier, the authority representing the Cryptographic Module owner
• SSD: Solid-state Drive
• TCG: Trusted Computing Group
• UEC: Universal Error Code
• XTS: A mode of AES that utilizes "Tweakable" block ciphers
FIPS 140- 2 Security Policy Page 20 of 23
Ultrastar SS300 TCG Enterprise SSD
12. References
12.1 NIST Specifications
• [AES] Advanced Encryption Standard, FIPS PUB 197, NIST, November 2001
• [DSS] Digital Signature Standard, FIPS PUB 186-4, NIST, July 2013
• [FIPS140] Security Requirements for Cryptographic Modules, FIPS PUB 140-2, NIST, December 2002
• [HMAC] The Keyed-Hash Message Authentication Code, FIPS PUB 198-1, July 2008
• [SHA] Secure Hash Standard (SHS), FIPS PUB 180-4, NIST, August 2015
• [SP800 38A] Recommendation for Block Cipher Modes of Operation: Methods and Techniques, NIST,
December 2001
• [SP800-38E] Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for
Confidentiality on Storage Devices, SP800-38E, NIST, January 2010
• [SP800-38F] Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping, NIST,
December 2012
• [SP800-57] Recommendation for Key Management – Part I General (Revision 4), NIST, January 2016
• [SP800-90A] Recommendation for Random Number Generation Using Deterministic Random Bit
Generators (Revision 1), NIST, June 2015
• [SP800-90B] Recommendation for the Entropy Sources Used for Random Bit Generation, NIST, January
2018
• [SP800-131A] Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key
Lengths (Revision 1), NIST, November 2015
• [SP800-132] Recommendation for Password-Based Key Derivation, NIST, December 2010
• [SP800 133] Recommendation for Cryptographic Key Generation, NIST, December 2012
12.2 Trusted Computing Group Specifications
• [TCG Core] TCG Storage Architecture Core Specification, Version 2.0 Revision 1.0 (April 20, 2009)
• [Enterprise] TCG Storage Security Subsystem Class: Enterprise Specification, Version 1.00 Revision 3.00 (January 10,
2011)
• [TCG App Note] TCG Storage Application Note: Encrypting Storage Devices Compliant with SSC: Enterprise, Version
1.00 Revision 1.00 Final
• [TCG Opal] TCG Storage Security Subsystem Class: Opal Specification, Version 2.00 Final Revision 1.00 (February
24, 2012)
• TCG Storage Interface Interactions Specification (SIIS), Version 1.02, (2011)
12.3 International Committee on Information Technology Standards T10 Technical Committee
Standards
• [SCSI Core] SCSI Primary Commands-4 Rev 15 (SPC-4)
• [SCSI Block] SCSI Block Commands Rev15 (SBC-3)
• [SAS] Serial Attached SCSI-2 Rev 13 (SAS-2)

FIPS 140- 2 Security Policy Page 21 of 23

Ultrastar SS300 TCG Enterprise SSD
12.4 Corporate Documents
• [Product Manual] Ultrastar SS300 2.5-inch Serial Attached SCSI (SAS) Solid-State Drive Product Manual,
Version 1.0 (November 18, 2017), http://www.hgst.com/products/solid-state-solutions/ultrastar-ss300
• [Datasheet] Ultrastar SS300 Datasheet, (February 2018), http://www.hgst.com/products/solid-state-
solutions/ultrastar-ss300,
12.5 SCSI Commands

Table 14 - SCSI Commands

Description Code Description Code
FORMAT UNIT 04h RESERVE 16h
INQUIRY 12h RESERVE 56h
LOG SELECT 4Ch REZERO UNIT 01h
LOG SENSE 4Dh SANITIZE 48h
MODE SELECT 15h SEEK (6) 0Bh
MODE SELECT 55h SEEK (10) 2Bh
MODE SENSE 1Ah SEND DIAGNOSTIC 1Dh
MODE SENSE 5Ah SET DEVICE IDENTIFIER A4h/06h
PERSISTENT RESERVE IN 5Eh START STOP UNIT 1Bh
PERSISTENT RESERVE OUT 5Fh SYNCHRONIZE CACHE (10) 35h
PRE-FETCH (16) 90h SYNCHRONIZE CACHE (16) 91h
PRE-FETCH (10) 34h TEST UNIT READY 00h
READ (6) 08h UNMAP 42h
READ (10) 28h VERIFY (10) 2Fh
READ (12) A8h VERIFY (12) AFh
READ (16) 88h VERIFY (16) 8Fh
READ (32) 7Fh/09h VERIFY (32) 7Fh/0Ah
READ BUFFER 3Ch WRITE (6) 0Ah
READ CAPACITY (10) 25h WRITE (10) 2Ah
READ CAPACITY (16) 9Eh/10h WRITE (12) AAh
READ DEFECT DATA 37h WRITE (16) 8Ah
READ DEFECT DATA B7h WRITE (32) 7Fh/0Bh
READ LONG (16) 9Eh/11h WRITE AND VERIFY (10) 2Eh
READ LONG 3Eh WRITE AND VERIFY (12) AEh
REASSIGN BLOCKS 07h WRITE AND VERIFY (16) 8Eh
RECEIVE DIAGNOSTICS RESULTS 1Ch WRITE AND VERIFY (32) 7Fh/0Ch
RELEASE 17h WRITE BUFFER 3Bh
RELEASE 57h WRITE LONG (10) 3Fh
REPORT DEVICE IDENTIFIER A3h/05h WRITE LONG (16) 9Fh/11h
REPORT LUNS A0h WRITE SAME (10) 41h
REPORT SUPPORTED OPERATION
A3h/0Ch WRITE SAME (16) 93h
CODES

FIPS 140- 2 Security Policy Page 22 of 23

Ultrastar SS300 TCG Enterprise SSD
Description Code Description Code
REPORT SUPPORTED TASK
A3h/0Dh WRITE SAME (32) 7Fh/0Dh
MANAGEMENT FUNCTIONS
REQUEST SENSE 03h

FIPS 140- 2 Security Policy Page 23 of 23