SECURE USB FLASH DRIVE. Non-Proprietary Security Policy



Similar documents
SNAPcell Security Policy Document Version 1.7. Snapshield

FIPS Non Proprietary Security Policy: Kingston Technology DataTraveler DT4000 Series USB Flash Drive

VASCO Data Security International, Inc. DIGIPASS GO-7. FIPS Non-Proprietary Cryptographic Module Security Policy

Accellion Secure File Transfer Cryptographic Module Security Policy Document Version 1.0. Accellion, Inc.

Secure File Transfer Appliance Security Policy Document Version 1.9. Accellion, Inc.

Pulse Secure, LLC. January 9, 2015

SECUDE AG. FinallySecure Enterprise Cryptographic Module. FIPS Security Policy

SecureDoc Disk Encryption Cryptographic Engine

Security Policy, DLP Cinema, Series 2 Enigma Link Decryptor

FIPS Non-Proprietary Security Policy. IBM Internet Security Systems SiteProtector Cryptographic Module (Version 1.0)

SkyRecon Cryptographic Module (SCM)

Security Policy. Trapeze Networks

Nortel Networks, Inc. VPN Client Software (Software Version: 7_11.101) FIPS Non-Proprietary Security Policy

Symantec Corporation Symantec Enterprise Vault Cryptographic Module Software Version:

FIPS Security Policy. for Motorola, Inc. Motorola Wireless Fusion on Windows CE Cryptographic Module

JUNOS-FIPS-L2 Cryptographic Module Security Policy Document Version 1.3

Kaseya US Sales, LLC Virtual System Administrator Cryptographic Module Software Version: 1.0

Windows Server 2008 R2 Boot Manager Security Policy For FIPS Validation

FIPS Non Proprietary Security Policy: IBM Internet Security Systems Proventia GX Series Security

Secure Network Communications FIPS Non Proprietary Security Policy

FIPS Security Policy LogRhythm Log Manager

Cisco Telepresence C40, C60, and C90 Codecs (Firmware Version: TC5.0.2) (Hardware Version: v1) FIPS Non-Proprietary Security Policy

FIPS Non Proprietary Security Policy: IBM Internet Security Systems Proventia GX Series Security

HP LTO-6 Tape Drive Level 1 Security Policy

NitroGuard Intrusion Prevention System Version and Security Policy

FIPS Non-Proprietary Security Policy. FIPS Security Level: 2 Document Version: 0.9

Northrop Grumman M5 Network Security SCS Linux Kernel Cryptographic Services. FIPS Security Policy Version

Security Policy: Key Management Facility Crypto Card (KMF CC)

Symantec Mobility: Suite Server Cryptographic Module

FIPS Non- Proprietary Security Policy. McAfee SIEM Cryptographic Module, Version 1.0

FIPS Security Policy LogRhythm or Windows System Monitor Agent

VMware, Inc. VMware Java JCE (Java Cryptographic Extension) Module

Seagate Secure Enterprise Self-Encrypting Drives FIPS 140 Module FIPS Security Policy

FIPS Security Policy 3Com Embedded Firewall PCI Cards

Athena Smartcard Inc. IDProtect Key with LASER PKI FIPS Cryptographic Module Security Policy. Document Version: 1.0 Date: April 25, 2012

13135 Lee Jackson Memorial Hwy., Suite 220 Fairfax, VA United States of America

How To Protect Your Computer From Attack

FIPS Level 1 Security Policy for Cisco Secure ACS FIPS Module

MOTOROLA ACCOMPLI 009 PERSONAL COMMUNICATOR MODULE OVERVIEW SCOPE OF DOCUMENT. Security Policy REV 1.2, 10/2002

SafeEnterprise TM ATM Encryptor II Model 600 FIPS Level 3 Validation Non-Proprietary Security Policy

FIPS SECURITY POLICY

FIPS Security Policy

FIPS SECURITY POLICY

LOK-IT ENCRYPTED USB User Instructions

RSA BSAFE. Crypto-C Micro Edition for MFP SW Platform (psos) Security Policy. Version , October 22, 2012

Blue Coat Systems, Inc. Secure Web Gateway Virtual Appliance-V100 Software Version: FIPS Non-Proprietary Security Policy

FIPS SECURITY POLICY FOR

MOTOROLA MESSAGING SERVER SERVER AND MOTOROLA MYMAIL DESKTOP PLUS MODULE OVERVIEW. Security Policy REV 1.3, 10/2002

Network Security Services (NSS) Cryptographic Module Version

HEWLETT PACKARD TIPPINGPOINT. FIPS NON PROPRIETARY SECURITY POLICY HP TippingPoint Security Management System

Security Policy for Oracle Advanced Security Option Cryptographic Module

Cisco Catalyst 3560-X and 3750-X Switches FIPS Level 2 Non-Proprietary Security Policy

Administrator User Instructions- Master PIN Usage

IronKey Data Encryption Methods

Windows 7 BitLocker Drive Encryption Security Policy For FIPS Validation

A COMPARISON OF THE SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES IN FIPS AND FIPS 140-2

LOK-IT ENCRYPTED USB Administrator User Instructions

FIPS Documentation: Security Policy 05/06/ :21 AM. Windows CE and Windows Mobile Operating System. Abstract

FIPS Security Policy for WatchGuard XTM

PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 Firewalls Security Policy

Secure Computing Corporation Secure Firewall (Sidewinder) 2150E (Hardware Version: 2150 with SecureOS v )

FIPS Non-Proprietary Security Policy. FIPS Security Level: 2 Document Version: Winterson Road Linthicum, MD 21090

Protection Profile for Full Disk Encryption

FIPS Non-Proprietary Security Policy. FIPS Security Level: 2 Document Version: 0.7

OpenSSL FIPS Security Policy Version 1.2.4

1C - FIPS Cisco VPN Client Security Policy

ASA 5505, ASA 5510, ASA 5520, ASA 5540, ASA 5550, ASA , ASA , ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40

7906G, 7911G, 7931G, 7941G, 7942G, 7945G, 7961G, 7961GE, 7962G, 7965G, 7970G, 7971G, 7971GE,

Certicom Security for Government Suppliers developing client-side products to meet the US Government FIPS security requirement

Blue Coat Systems ProxySG S500 Series

Sonus Networks, Inc. SBC 5110 and 5210 Session Border Controllers Hardware Version: SBC 5110 and SBC 5210 Firmware Version: 4.0

Non-Proprietary Security Policy for the FIPS Level 2 Validated Fortress Secure Bridge

FLASH USB Introduction ENGLISH

Security Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2

ES3X 16 P, SM ES3X 24 P, SM D ES3X 48 P, PVDM4 32, PVDM4 64, PVDM4

Non-Proprietary Security Policy for the FIPS Level 1 Validated Fortress Secure Client Software Version 3.1

BlackBerry Enterprise Server 5.0 SP3 and BlackBerry 7.1

Security Policy for FIPS Validation

Security Technical. Overview. BlackBerry Enterprise Server for Microsoft Exchange. Version: 5.0 Service Pack: 4

Microsoft Windows Common Criteria Evaluation

Security Builder. Certicom Corp. Security Builder Government Solutions Edition. Windows. FIPS Non-Proprietary Security Policy.

FIPS Non-Proprietary Security Policy

Cryptographic Modules, Security Level Enhanced. Endorsed by the Bundesamt für Sicherheit in der Informationstechnik

256-bit AES HARDWARE ENCRYPTED PRODUCT RANGE

ACS-3 Reporting Security Compliance

256-bit AES HARDWARE ENCRYPTED PRODUCT RANGE

Functional diagram: Secure encrypted data. totally encrypted. XOR encryption. RFID token. fingerprint reader. 128 bit AES in ECB mode Security HDD

SecureD Technical Overview

The NIST SP A Deterministic Random Bit Generator Validation System (DRBGVS)

National Identity Exchange Federation (NIEF) Trustmark Signing Certificate Policy. Version 1.1. February 2, 2016

BlackBerry Enterprise Solution

Transcription:

SECURE USB FLASH DRIVE Non-Proprietary Security Policy FIPS 140-2 SECURITY POLICY VERSION 9 Page 1 of 10

Definitions and Acronyms AES Advanced Encryption Standard CBC Cipher Block Chaining CRC Cyclic Redundancy Check CSP Critical Security Parameter DRBG Deterministic Random Bit Generator DRNG Deterministic Random Number Generator FIPS Federal Information Processing Protocol NDRNG Non-deterministic Random Number Generator SHA Secure Hash Algorithm Page 2 of 10

Product Overview istorage datashur Secure USB Flash Drive ( istorage datashur or datashur ) is an encrypted storage device that provides organizations a secure way to store and transfer data. User authentication is selfcontained via an on-board keypad. Stored data is secured by hardware-based 256-bit AES encryption to guard sensitive information in case the drive is lost or stolen. Encryption keys are not stored in memory, but rather created from a combination of random data and user supplied PIN each time the drive is put to use. Random data is generated from a hardware-based random number generator feeding the FIPS approved random number generator. Capacity PCB revision USB controller firmware revision Security controller firmware revision 4 GB IS FL DA 256 4 PFU004D 1BEK 8 GB IS FL DA 256 8 PFU008D 1BEK 16 GB IS FL DA 256 16 PFU016D 1BEK 32 GB IS FL DA 256 32 PFU032D 1BEK V01.12A13 F05 V01.12A14 F05 20120817 V01.12A13 F04 V01.12A14 F05 20120817 V01.12A15 Code Package 111130 V01.12A14 F05 20120817 V01.12A14 F05 20120817 istorage v6 istorage v12 istorage v6 istorage v12 istorage v6 istorage v12 istorage v12 Figure 1 istorage datashur cryptographic boundary showing input buttons and status LEDs Page 3 of 10

Validation Level The cryptographic module meets the overall requirements applicable to Level 3 Security of FIPS 140-2. Security Requirements Level Cryptographic Module Specification 3 Module Ports and Interfaces 3 Roles, Services, and Authentication 3 Finite State Model 3 Physical Security 3 Operational Environment N/A Cryptographic Key Management 3 EMI / EMC 3 Self-Tests 3 Design Assurance 3 Mitigation of other Attacks N/A Overall 3 Table 1: Module Security Level Specification Cryptographic Algorithms The following algorithms are used all capacities: 4GB, 8GB, 16GB, and 32GB Approved Algorithm CAVP Certificate Use AES 256 bit CBC #1514 Encryption / decryption of data (used on all drive capacities) SHA 256 hash #1728 Password hash DRBG SP800-90 hash DRBG #177 Creation of encryption key Table 2 Approved algorithms Non-Approved Algorithms A hardware-based random number generator is used to seed hash_drbg FIPS approved algorithm. Page 4 of 10

Cryptographic Module Specification The datashur module is a multi-chip standalone cryptographic module, as defined by FIPS 140-2 and consists of an Initio 1861 USB controller, NAND Flash memory and a Microchip PIC16LF1825 security controller. All components are packaged in opaque, production grade integrated circuit packaging. The cryptographic boundary is defined as the boundary of the module's metal enclosure (see Figure 1). Module Interfaces The cryptographic module provides the following physical ports and logical interfaces: Physical Port Logical Interface Definition Description USB Port Alphanumeric buttons - Data input - Data output - Control input - Status output Send and receive control / data packets that support the standard mass storage class. Control and status parameters are only those required to support the USB protocol. No connection exists between a locked drive and host computer. - Data input Connects to PIN input buttons used for PIN entry to security controller. Key button - Control input Connects to Key button used to wake module from sleep state, identify role, and terminate PIN entry. LEDs 3 ea. - Status output See table 3 for status states (RGB) Power - USB +5 volts from USB port charges internal battery Table 3 Physical ports and logical interfaces Figure 2 - Main component architecture of datashur Page 5 of 10

On On Single blink Off On On On On Double blink Off Off Off t Figure 3 - Blinking patterns for user and crypto-officer LED State Red single blink Green single blink Green double blink Red constant state All indicators off Red & Green in constant state Red & Green concurrent single blink Red & green concurrent double blink Blue constant state Blue blinking Red & Green fade on and off Description Module is locked, inaccessible Module unlocked in user mode Module unlocked in CO mode No user PIN defined Module is in sleep state Change of PIN initiated Accepting user PIN input Accepting CO PIN USB controller has logical connection with host Data packets being read / written Unit failed power-on self test. Module can no longer be used. Table 4 Status Output Page 6 of 10

Roles and Services datashur supports level 3 identity based authentication. User Role Authentication Type Authentication Data Description Crypto-officer Identity-based operator authentication Identity-based operator authentication 7-15 digit PIN User has full access to all services. 7-15 digit PIN CO has full access to all services. Plus can zeroize user PIN. Table 5 Roles and required identification and authentication The datashur drive comes with a preset user PIN of 1-1-2-2-3-3-4-4 and comes formatted from the factory with an encryption key generated by hash_drbg. The istorage datashur supports 2 distinct and separate roles: user and cryptographic officer. The role is explicitly selected during authentication: User press KEY button, enter valid PIN, press KEY CO double press KEY to identify CO, enter valid PIN, press KEY Operator User role CO role Unauthenticated (no role required) Services - Open private partition to allow read/write access - Lock private partition to disallow read/write access - Set user PIN - Change user PIN - Read/write to private partition - Open private partition to allow read/write access - Lock private partition to disallow read/write access - Set CO PIN - Change CO PIN - Read/write to private partition - Zeroize user PIN - Show status - Self-tests - Zeroize all crypto-parameters Table 6 Services authorized for each role Page 7 of 10

Authentication The Crypto Officer and User roles authenticate via the module s keypad. There is no visible display of Crypto Officer or User authentication data during data entry. PIN Strength Authentication strength of both user and CO is determined by a 7 digit PIN (minimum PIN length). Probability of a random guess is slightly more than 10^7 or 1/10,000,000*. The user is locked out after 10 consecutive login failures. The probability of guessing 10 consecutive tries is 1/1,000,000. Note: Sequential and repeating PINs are not allowed. For example, the unit will reject a PIN of 1-2-3-4-5-6-7 or 6-5-4-3-2-1-0. Attempts to define such a PIN will cause the unit to indicate an error. PIN lengths up to 15 digits are allowed. Critical Security Parameters CSP AES encryption key User PIN Crypto-officer PIN hash_drbg states hash_drbg seed Description 256 bit key used encrypt the entire drive and generated by the hash_drbg algorithm Used to authenticate user. Used to authenticate CO. Intermediate values such as V, C, and nonce Seed values for DRBG Table 7 - Critical security parameters CSP definitions CSP Use Creation Storage Destruction Privileges AES Key Encryption / Decryption SP800-90 DRBG output Page 8 of 10 RAM of both USB and security controllers; EEPROM User PIN Authenticate User Defined by user Created in RAM and compared to EEPROM CO PIN Authenticate CO Defined by user Created in RAM and compared to EEPROM Hash_DRBG intermediate values (V, C, nonce) Creating random numbers hash_drbg seed Seeding RNG Based on timer / button press events Zeroization Zeroization Zeroization Upon drive reset RAM Zeroization or battery removal RAM Table 8 - Services to CSP mapping Used only once then destroyed User and CO User CO User and CO User and CO

Zeroization Zeroization occurs upon the detection of a brute-force attack: 10 consecutive unsuccessful attempts to unlock. Variables are zeroized by writing a value of 0xFF to all byte locations. Power-On Self-Tests Self-tests are run upon emerging from a sleep state (when the KEY button is pressed). If one of the selftests fail, the module will enter an error state and no services are available. Firmware CRC AES KAT (encryption and decryption) SHA-256 KAT hash_drbg KAT Conditional Self-tests Continuous test on NDRNG and DRBG Security Rules This section documents the security rules enforced by the cryptographic module to implement the security requirements of FIPS 140-2 level 3: 1. The cryptographic module provides two distinct operator roles: user and cryptographic officer. 2. The cryptographic module provides identity-based authentication. 3. When the module has not been placed in a valid role, the operator shall not have access to any cryptographic service. 4. The cryptographic module performs the following tests: a) Power on self-tests i. AES known answer test ii. Firmware integrity test (16 bit cyclic redundancy check) iii. hash_drbg known answer test iv. SHA256 known answer test as part of hash_drbg KAT b) Conditional tests i. hash_drbg continuous random number generator test ii. NDRNG continuous random number generator test 5. The operator shall be capable of commanding the module to perform the power-up self-test at any time by waking the module from sleep mode. 6. Data output is inhibited during self-tests, zeroization, and authentication. 7. No CSPs are ever output in any form from the module. Page 9 of 10

Physical Security Policy The multi-chip standalone cryptographic module includes the following physical security mechanisms: Production grade components Hard, opaque enclosure with embedded hard epoxy covering all security relevant components EEPROM memory protect fuse is set in the security controller (disables the ability to externally read memory contents) Flash memory protect fuse set (disables the ability to externally read memory contents) The operator should, on a periodic basis, visually inspect the module to determine if it has been compromised. The following steps should be followed: Grasp module in one hand and lightly pull the lanyard with the opposite hand If the module separates, the operator should suspect that the module has been tampered with If the module remains intact, no tamper should be suspected Note: The module epoxy hardness testing was only performed at ambient temperature; no assurance is provided for level 3 hardness conformance at any other temperature. 10. Mitigation of Other Attacks Policy The module has not been designed to mitigate attacks not addressed by the security requirements of FIPS 140-2. References Reference Number Reference Title [1] FIPS PUB 140-2 Security Requirements for Cryptographic Modules / NIST May 2001 [2] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program / NIST May 22, 2008 [3] FIPS PUB 800-90 Recommendation for Random Number Generation Using Deterministic Random Bit Generators May 2011 Page 10 of 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information