CC Certificate 

Security Target 

Validation Report 

Assurance Activity 

Administrative Guide: KLC Group LLC CipherDriveOne Kryptr 1.1.0 Common Criteria Guide 

Administrative Guide: This manual covers CDO Kryptr 1.1.0 build 17 (and later) 

The KLC Group LLC CipherDriveOne Kryptr 1.1.0 Target of Evaluation (TOE) is software that provides full disk encryption including pre-boot user authentication, chain-boot to the host Operating System (OS) and management capabilities to control user access and settings. It applies full drive encryption to protect all locally stored data from unauthorized access, loss, and exposure in the event a protected device is lost or stolen. The TOE has two distinct modules:

a)      PBA / Management module.  Provides pre-boot authentication and TOE configuration services.

b)      Encryption Engine / Driver. Disk encryption for Linux and Windows Operating Systems.

The evaluated configuration encompasses the KLC Group LLC CipherDriveOne Kryptr 1.1.0 software (including Linux Kernel 5.15).

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the product meets the security requirements contained in the Security Target. The criteria against which the KLC Group LLC CipherDriveOne Kryptr 1.1.0 was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 5, April 2017. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1, Revision 5, April 2017. The product, when delivered and configured as identified in the KLC Group LLC CipherDriveOne Kryptr 1.1.0 Common Criteria Guide, Version 1.1, April 2024, satisfies all the security functional requirements stated in the KLC Group LLC CipherDriveOne Kryptr 1.1.0 Security Target, Version 1.5, April 2024. The project underwent CCEVS Validator review. The evaluation was completed in April 2024. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-11399-2024) prepared by CCEVS.

The TOE provides the following security functions:

User Data Protection

The TOE performs full drive encryption on all storage devices to protect data from unauthorized disclosure in the event of loss or theft of the device. All protected data is encrypted by default without user intervention and with NIST approved algorithms.

Security Management

The TOE provides dedicated interfaces for the management of its security functions. Access to these management functions can be controlled by way of role-based group assignment to administrative users.

Protection of the TSF

The TOE ensures the authenticity and integrity of software updates by verifying their digital signatures prior to installation. Various software and cryptographic self-tests are performed at start-up to ensure the secure and correct operation of the TOE. All keying material used for storage encryption is securely generated and protected from disclosure.

Cryptographic Support

The TOE performs cryptographic operations, which are tested via relevant Cryptographic Algorithm Validation Program (CAVP) certificates. Secure destruction of cryptographic keys and keying material is implemented and occurs during transition to a compliant power saving state, or when the key or keying material is no longer needed.

Vendor Information