Compliant Product - SeagateĀ® Secure NVMe Self-Encrypting Drives
Certificate Date:
2024.04.25
CC Certificate
Security Target
Validation Report
Validation Report Number: CCEVS-VR-VID11416-2024 Product Type: Encrypted Storage Conformance Claim: Protection Profile Compliant PP Identifier: collaborative Protection Profile for Full Drive Encryption - Encryption Engine Version 2.0 + Errata 20190201 CC Testing Lab: Leidos Common Criteria Testing Laboratory Assurance Activity Administrative Guide
Product Description
The Target of Evaluation (TOE) comprises the following Seagate® Secure NVMe Self-Encrypting Drives (SEDs) provided by Seagate Technology LLC. and developed by Phison Electronics Corporation:
The SEDs implement NIST-validated cryptographic algorithms and provide an Instant Secure Erase (ISE) function and full protection of customer data-at-rest with self-encrypting drive locking. They are designed in accordance with Trusted Computing Group (TCG) specifications. The TOE provides the Full Disk Encryption (FDE) Encryption Engine functionality as specified by collaborative Protection Profile for Full Drive Encryption – Encryption Engine. In particular, the TOE provides data encryption, policy enforcement, and key management functions. The TOE provides for the generation, update, protection, and destruction of the Data Encryption Key (DEK) and other intermediate keys under its control.
Evaluated Configuration
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme for the collaborative Protection Profile for Full Drive Encryption – Encryption Engine, Version 2.0+Errata 20190201, 1 February 2019. The evaluation methodology used by the evaluation team to conduct the evaluation is Common Methodology for Information Technology Security Evaluation, Version 3.1 release 5, April 2017. The product, when delivered configured as identified in the guidance document, satisfies all the security functional requirements stated in Seagate® Secure NVMe Self-Encrypting Drives Security Target, Version 0.24, 07 March 2024. The evaluation was completed in April 25, 2024. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
Environmental Strengths
Cryptographic Support The TOE implements NIST-validated cryptographic algorithms supporting cryptographic functions. The TOE provides Key Wrapping, Key Derivation, and Border Encryption Value (BEV) Validation. User Data Protection The TOE performs Full Drive Encryption such that the drive contains no plaintext user data. The TOE performs user data encryption by default in the out-of-the-box configuration using AES in XTS mode with 256 bit encryption keys. Security Management The TOE supports management functions for changing and erasing the DEK, initiating TOE firmware updates, and configuring a password for firmware updates. Protection of the TSF The TOE: provides trusted firmware update and update access control functions; protects Key and Key Material; and supports power saving states. The TOE runs a suite of self-tests during initial start-up (on power on). Vendor InformationSeagate Technology LLC. Brian Stark 510-661-1000 brian.d.stark@seagate.com www.seagate.com |