Compliant Product - Seagate Secure TCG SSC Self-Encrypting Drives
Certificate Date: 2018.04.11CC Certificate Security Target * Validation Report
Validation Report Number: CCEVS-VR-VID10857-2018
Product Type: Encrypted Storage
Conformance Claim: Protection Profile Compliant
PP Identifier: collaborative Protection Profile for Full Drive Encryption - Encryption Engine Version 2.0
CC Testing Lab: Leidos Common Criteria Testing Laboratory
* This is the Security Target (ST) associated with the latest Maintenance Release. To view previous STs for this TOE, click here.
The TOE comprises the Seagate Secure® TCG Enterprise SSC and TCG Opal SSC Self-Encrypting Drives by Seagate Technology, LLC. TOE model numbers and firmware versions are identified in the table below. Some Enterprise and Opal drives also support ATA Security as indicated in the table.
The TOE provides Encryption Engine functionality for Full-Drive Encryption as defined by collaborative Protection Profile for Full Drive Encryption - Encryption Engine, Version 2.0 (September 9, 2016). In particular, the TOE provides data encryption, policy enforcement, and key management functions. The TOE provides for the generation, update, protection, and destruction of the data encryption key and other intermediate keys under its control.
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Seagate Secure TCG Enterprise SSC and TCG Opal SSC Self-Encrypting Drives were judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 4. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 4. The product satisfies all of the security functional requirements stated in the Seagate Secure TCG SSC Self-Encrypting Drives Security Target, version 1.0, April 4, 2018, when delivered and configured as identified in the product documentation listed in the aforementioned security target.
The evaluation underwent CCEVS Validator review. The evaluation was completed in April 2018. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
Seagate Secure TCG Enterprise SSC and TCG Opal SSC Self-Encrypting Drives enforce the following TOE security functional policies as specified in the ST.
The TOE includes NIST-validated cryptographic algorithms supporting cryptographic functions. The TOE provides Key Wrapping, Key Derivation, and Border Encryption Value Validation.
The TOE performs full drive encryption such that the drive contains no plaintext user data. The TOE performs user data encryption by default in the out-of-the-box configuration using XTS-AES-256 mode.
The TOE supports management functions for changing and erasing data encryption keys, for initiating the TOE firmware updates, and for configuring the number of failed validation attempts required to trigger corrective action.
· Provides trusted firmware update and access control functions,
· Protects keys and key material, and
· Supports power saving states.
The TOE runs a suite of self-tests during initial start-up (on power on), before the function is first invoked.
David R. Kaiser
+1 (952) 402-2356