Compliant Product - Cigent PBA Software v1.0.6
Certificate Date: 2023.10.24CC Certificate Security Target Validation Report
Validation Report Number: CCEVS-VR-VID11378-2023
Product Type: Encrypted Storage
Conformance Claim: Protection Profile Compliant
PP Identifier: collaborative Protection Profile for Full Drive Encryption - Authorization Acquisition Version 2.0 + Errata 20190201
CC Testing Lab: Lightship Security USA, Inc.
Administrative Guide: Cigent PBA Software v1.0.6 Common Criteria Guide Version 1.2
Administrative Guide: Cigent PBA Installation Guide and User Manual
The TOE is software that provides pre-boot authentication (PBA) for use with a self-encrypting drive (SED).
The TOE is Cigent PBA Software v1.0.6.
The physical boundary of the TOE encompasses the Cigent PBA Software v1.0.6. Users may download the software after purchase from Cigent’s web portal (https://download.cigent.com/Cigent_PBA_v1.0.6.zip). The TOE runs on Ubuntu 22.04 and is provided and installed as a single software package. Alternatively, the TOE may come preinstalled on a partner original equipment manufacturer (OEM) Opal2 compatible solid state drive (SSD).
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Cigent PBA Software v1.0.6 TOE was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 Rev. 5. The product, when configured as identified in the Cigent PBA Software v1.0.6 Common Criteria Guide, v1.2, satisfies all of the security functional requirements stated in the Cigent PBA Software v1.0.6 Security Target, v2.5. The project underwent CCEVS Validator review. The evaluation was completed in October 2023. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
The TOE enables encryption of data on a storage device to protect it from unauthorized disclosure. The TOE enables the data encryption function of a SED drive by providing pre-boot user authentication and key management capabilities.
Secure Key Material
The TOE ensures key material used for storage encryption is properly generated and protected from disclosure. It also implements cryptographic key and key material destruction during transitioning to a Compliant power saving state, or when all keys and key material are no longer needed.
The TOE enables management of its security functions.
The TOE ensures the authenticity and integrity of software updates through digital signatures using Rivest Shamir Adleman (RSA) 4096 with Secure Hash Algorithm (SHA) SHA-512.
The TOE implements a cryptographic module. The cryptographic module uses t Cryptographic Algorithm Validation Program CAVP) validated cryptographic algorithms.