NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Seagate Secure® TCG SSC Self-Encrypting Drives

CC Certificate [PDF] Security Target [PDF] * Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]


* This is the Security Target (ST) associated with the latest Maintenance Release.  To view previous STs for this TOE, click here.

Product Description

The TOE comprises the Seagate Secure® TCG Opal and Enterprise SSC Self-Encrypting Drives (SEDs) provided by Seagate Technology, LLC. The TOE model numbers and firmware versions are identified in the table below.

The Seagate SEDs implement FIPS-approved and NIST-recommended cryptographic algorithms.  The CAVP certificates are identified in Section 6.2 of the security target.  The SEDs provide an Instant Secure Erase (ISE) function and full protection of customer data-at-rest with self-encrypting drive locking.   The Seagate Secure Drives are designed in accordance with Trusted Computing Group (TCG) specifications.

The TOE provides the Full Disk Encryption (FDE) Encryption Engine functionality as defined by the collaborative Protection Profile for Full Drive Encryption – Encryption Engine Version 2.0 + Errata 20190201, February 1, 2019. In particular, the TOE provides data encryption, policy enforcement, and key management functions. The TOE provides for the generation, update, protection, and destruction of the data encryption key (DEK) and other intermediate keys under its control. Seagate terminology refers to the DEK as the Media Encryption Key (MEK).

Product Name

Model #

TCG Standard

Firmware

Nytro® 3730 SSD, 7mm, SAS Interface

 

XS1600ME10023
XS800ME10023
XS400ME10023

Enterprise SSC

7539

0004

0005

Nytro® 3530 SSD, 7mm, SAS Interface

 

XS6400LE70023

XS1600LE10023

 

Enterprise SSC

7539

0004

0005

Nytro® 3330 SSD, 7mm, SAS Interface

 

XS1920SE10123

 

Enterprise SSC

7539

0004

0005

Nytro® 3130 SSD, 7mm, SAS Interface

 

XS3840TE10023

Enterprise SSC

7539

0004

0005

Nytro® 3730 SSD, 15mm, SAS Interface

 

XS3200ME70023


Enterprise SSC

7539

0004

0005

Nytro® 3330 SSD, 15mm, SAS Interface

 

XS15360SE70123

Enterprise SSC

7539

0004

0005

Nytro® 3130 SSD, 15mm, SAS Interface

 

XS15360TE70023
XS7680TE70023

Enterprise SSC

7539

0004

0005

Nytro® 3031 SSD, 15mm, SAS Interface

XS6400LE70024

XS400ME70024

XS800ME70024

XS3840TE70024

XS7680TE70024

Enterprise SSC

0001

0003

0004

0005

A003

Nytro® 3031 SSD, 15mm, SAS Interface

XS1600ME70024

XS3200ME70024

XS800LE70024

XS1600LE70024

XS3200LE70024

XS960SE70024

XS1920SE70024

XS3840SE70024

XS7680SE70024

XS15360TE70024

Enterprise SSC

0001

0002

0003

0004

0005

A001

A003

Nytro® 2032 SSD, 15mm, SAS Interface

XS960LE70144

XS1920LE70144

XS3840LE70144

XS960SE70144

XS1920SE70144

XS3840SE70144

XS7680SE70144

Enterprise SSC

0001

0002

Nytro® 3032 SSD, 15mm, SAS Interface

XS400ME70104

XS800ME70104

XS1600ME70104

XS3200ME70104

XS800LE70104

XS1600LE70104

XS3200LE70104

XS3840LE70104

XS6400LE70104

XS960SE70104

XS1920SE70104

XS3840SE70104

XS7680SE70104

XS15360SE70104

XS3840TE70104

XS7680TE70104

Enterprise SSC

0001

0002

Exos™ 15E900,  2.5-Inch, 15K-RPM, SAS Interface

ST900MP0166
ST600MP0156

Enterprise SSC

CK10

CF04

Exos™ 15E900,  2.5-Inch, 15K-RPM, SAS Interface

ST900MP0126
ST600MP0026

Enterprise SSC

CKF1

NF04

FireCuda™ 2.5", SATA Interface (Hybrid)

ST2000LX003
ST1000LX017

Opal SSC
ATA Security

SSM1

BarraCuda 2.5", SATA Interface

ST2000LM010
ST1000LM038
ST500LM033

Opal SSC
ATA Security

SDM2

RSE3 (1D)

RDE3 (2D)

RTE2

REE2

BarraCuda Pro 2.5", SATA Interface

ST1000LM050
ST500LM035

Opal SSC
ATA Security

SDM2

RXE2

RXE3

LXM7

RPE2

0001

Exos™ 10E2400, 2.5-Inch, 10K-RPM, SAS Interface

ST1200MM0069

Enterprise SSC

CSF2

NF04

Exos™ 10E2400, 2.5-Inch, 10K-RPM, SAS Interface

ST2400MM0149
ST1800MM0149
ST1200MM0149

Enterprise SSC

CS10

CF04

Exos™ X10, 3.5-inch, 7K-RPM, SAS Interface

ST10000NM0246

Enterprise SSC

CT10

Exos™ X10, 3.5-inch, 7K-RPM, SAS Interface

ST10000NM0236

Enterprise SSC

CT12

ExosTM 7E8, SAS Interface

ST4000NM014A

ST8000NM010A

ST6000NM033A

Enterprise SSC

EF01

EFA2

 

ExosTM 7E8, SAS Interface

ST4000NM015A

ST3000NM005A

Enterprise SSC

EF01

NFA2

 

ExosTM 7E8, SATA Interface

ST4000NM012A

ST8000NM008A

ST6000NM025A

Enterprise SSC

SF01

SFA2

 

ExosTM 7E8, SATA Interface

ST3000NM004A

ST4000NM013A

Enterprise SSC

TF01

TFA2

ExosTM 16, SAS Interface

ST10000NM010G

ST12000NM008G

ST14000NM012G

ST16000NM009G

Enterprise SSC

EF01

EF02

EF03

Exos™ X10, 3.5-inch, 7K-RPM, SATA Interface

ST10000NM0186

Enterprise SSC
ATA Security

CT14

Exos™ X10, 3.5-inch, 7K-RPM, SATA Interface

ST10000NM0176

Enterprise SSC
ATA Security

CTF1

BarraCuda 3.5", SATA Interface

ST2000DM011

Opal SSC

ATA Security

0001


Evaluated Configuration


Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Seagate Secure®   TCG SSC Self-Encrypting Drives were judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 5. The product satisfies all of the security functional requirements stated in the Seagate Secure®   TCG SSC Self-Encrypting Drives Security Target, version 1.0, November 9, 2021, when delivered and configured as identified in the product documentation listed in the aforementioned security target.

The evaluation underwent CCEVS Validator review. The evaluation was completed in December 2021. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.


Environmental Strengths

Seagate Secure TCG Enterprise SSC and TCG Opal SSC Self-Encrypting Drives enforce the following TOE security functional policies as specified in the ST.

Cryptographic Support

The TOE includes NIST-validated cryptographic algorithms supporting cryptographic functions.  The TOE provides Key Wrapping, Key Derivation, and BEV Validation.

User Data Protection

The TOE performs Full Drive Encryption such that the drive contains no plaintext user data. The TOE performs user data encryption by default in the out-of-the-box configuration using XTS-AES-256 mode.

Security Management

The TOE supports management functions for changing and erasing the DEK, for initiating the TOE firmware updates, and for configuring the number of failed validation attempts required to trigger corrective action.

Protection of the TSF

The TOE provides trusted firmware update and access control functions; protects Key and Key Material; and supports a Compliant power saving state.  The TOE runs a suite of self-tests during initial start-up (on power on), before the function is first invoked.


Vendor Information


Seagate Technology, LLC
Cathy Sand-Soll
(720) 684-2008
(720) 684-2008
catherine.sand-soll@seagate.com

www.seagate.com
Site Map              Contact Us              Home