Issue link: https://read.uberflip.com/i/1173416
w w w. m r c y. c o m WHITE PAPER Mode 3: User-generated Session Key, without ATA Password In Mode 3, the CO generates the session key during the initial device configuration. The CO must take ownership of the key, ensuring that it is stored in a secure location away from the SSD device. When power is removed from the device, it automatically purges the key. When power is applied to the device, the session key must be loaded into the SSD to decrypt the contents of the drive. Session keys are useful when the mission cannot rely on a user or system command for a key purge initiation. In military environments, events can happen quickly and unpredictably. Consider an unmanned vehicle containing sensitive intelligence data crashing in enemy territory after a missile attack. Using a session key mode in this scenario guarantees the key is automatically purged at power off, securing high value data without human intervention. A session key adds yet more complexity to the end user's key management process. The CO is responsible for creating the high entropic key value, securely storing the key and having it available at every power up for device operation. Mode 3 meets all requirements for FIPS 140-2 and CC EE. Mode 4: User-Generated Session Key, with ATA Password In Mode 4, the CO creates both the ATA password and the session key during initial configuration. Every time the device is powered, it needs both the ATA password and session key to operate normally. While session keys can be automatically transmitted over network lines at power on, it is always preferable to require additional user authentication prior to giving access to high-value military data. When it is practical to have an individual directly engaged with the data storage system, the addition of an ATA password validates the user prior to key transmission. Thus, the combination of session key with ATA password makes Mode 4 more secure than Mode 3. The addition of the ATA password adds further complexity to the key management mode process. There may be circumstances where it is desirable to have the encryption key and the ATA password managed by different individuals. While the complexity of this key management mode is high, the security benefits realized from this approach outweigh this complexity. Mode 4 meets all requirements for FIPS 140-2 and CC EE. Mode 5: Key Encryption Key with a Black Key, without ATA Password In modes 0 through 4, keys are input into a device as a red, or plain text, key. In Mode 5, KEK with a black key, the key is input as a black, or encrypted, key. First, the CO generates two random 256-bit numbers: a red key and a KEK. The KEK, described in the fundamentals of encryption section of this white paper, encrypts the red key, thus creating the black key. Both the KEK and the black key must be entered into this device for normal operation. However, the order of entry matters. The KEK must first be entered into the SSD before the correct black key is accepted. Readers may question when the use of a KEK with black key is warranted. Some military applications do not allow the transport of plain text key values. When this requirement is in place for a specific military program, a KEK with black key is required. These applications typically require the use of a simple key loader (SKL) for secure storage and transfer of keys between cryptographic devices. Mode 5 meets all requirements for FIPS 140-2 and CC EE. Mode 6: Key Encryption Key a with Black Key and ATA Password In Mode 6, the CO generates three pieces of critical information which must be managed properly throughout the lifecycle of the mission: 1. Random 256-bit red key 2. Random 256-bit KEK 3. ATA password As in Mode 5, the red key and the KEK are used to generate a black key; both the KEK and the black key must be input into the device, but in this mode, after the ATA password, for normal read/write operations to commence. Mode 6 provides the highest level of security yet demands the most stringent implementation and management requirements. Readers may recall earlier in our discussion that self-generated keys are considered more secure in the sense that the key is unknown, and therefore self-generated keys cannot be refilled after the key is purged. Yet the paragraph above states that the highest level of security is attained through the use of Mode 6. This discrepancy is easily explained. Although beyond the scope of this document, there are stringent stipulations surrounding the creation, storage, protection, distribution and destruction of black keys. These protocols used by our government and military forces deem the KEK with black key mode the most secure choice for encryption key management. As a result, this mode is certified for use in CSfC-eligible solutions to protect data up to the top-secret level in accordance with CSfC program guidelines. Modes 5 and 6 also include the option to defend against a replay attack. Consider the scenario where the black key and ATA password have been captured by an enemy. Without replay attack defense, the enemy can use the black key and password to gain access to encrypted data at any time. When replay attack defense is integrated into the security plan, the black key will change to a different value when the device is powered on. As such, the enemy would not be able to access the data using the captured ATA password and black key. Mode 6 meets all requirements for FIPS 140-2, CC AA, EE and CSfC- eligible solutions. 6