NIAP: Compliant Product
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Cigent PBA Software v1.0.6

Certificate Date:  2023.10.24

Validation Report Number:  CCEVS-VR-VID11378-2023

Product Type:    Encrypted Storage

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Full Drive Encryption - Authorization Acquisition Version 2.0 + Errata 20190201

CC Testing Lab:  Lightship Security USA, Inc.

CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide: Cigent PBA Software v1.0.6 Common Criteria Guide Version 1.2 [PDF]

Administrative Guide: Cigent PBA Installation Guide and User Manual [PDF]

Product Description

The TOE is software that provides pre-boot authentication (PBA) for use with a self-encrypting drive (SED).

Evaluated Configuration

The TOE is Cigent PBA Software v1.0.6.

The physical boundary of the TOE encompasses the Cigent PBA Software v1.0.6. Users may download the software after purchase from Cigent’s web portal ( The TOE runs on Ubuntu 22.04 and is provided and installed as a single software package. Alternatively, the TOE may come preinstalled on a partner original equipment manufacturer (OEM) Opal2 compatible solid state drive (SSD).

Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Cigent PBA Software v1.0.6 TOE was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 Rev. 5. The product, when configured as identified in the Cigent PBA Software v1.0.6 Common Criteria Guide, v1.2, satisfies all of the security functional requirements stated in the Cigent PBA Software v1.0.6 Security Target, v2.5. The project underwent CCEVS Validator review. The evaluation was completed in October 2023. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.

Environmental Strengths

Data Protection

The TOE enables encryption of data on a storage device to protect it from unauthorized disclosure. The TOE enables the data encryption function of a SED drive by providing pre-boot user authentication and key management capabilities.

Secure Key Material

The TOE ensures key material used for storage encryption is properly generated and protected from disclosure. It also implements cryptographic key and key material destruction during transitioning to a Compliant power saving state, or when all keys and key material are no longer needed.

Secure Management

The TOE enables management of its security functions.

Trusted Update

The TOE ensures the authenticity and integrity of software updates through digital signatures using Rivest Shamir Adleman (RSA) 4096 with Secure Hash Algorithm (SHA) SHA-512.

Cryptographic Operations

The TOE implements a cryptographic module. The cryptographic module uses t Cryptographic Algorithm Validation Program CAVP) validated cryptographic algorithms.

Vendor Information

Tom Ricoy
(844) 256-1825
Site Map              Contact Us              Home