Issue link: https://read.uberflip.com/i/1173420
www.mrcy.com INNOVATION THAT MATTERS ™ Corporate Headquarters 50 Minuteman Road • Andover, MA 01810 USA (978) 967-1401 • (866) 627-6951 • Fax (978) 256-3599 TRRUST-Stor, ASURRE-Stor, Mercury Systems and Innovation That Matters are trademarks of Mercury Systems, Inc. Other products mentioned may be trademarks or registered trademarks of their respective holders. Mercury Systems, Inc. believes this information is accurate as of its publication date and is not responsible for any inadvertent errors. The information contained herein is subject to change without notice. Copyright © 2017 Mercury Systems, Inc. 3287.00E-0217-wp-storage Team 3 loaded the encrypted contents of NAND into an array of 50 PCs in a brute force attack to determine the DEK. Team 3 also locates what they believe is the SSD boot code in another small component. The code appears encrypted. Team 4 conducts an attack designed to determine the boot code encryption key using numerous power cycles while monitoring and probing power to the NAND controller. At some point, Team 4 didn't notice exactly when, the SSD detected the attack. The drive executed a fast clear operation of the NAND media, destroyed keys and other security parameters, and began a partial overwrite of the boot code. Custom Anti- tamper features built into the SSD detected the intrusion and took a severe penalty. The engineers are frustrated, but the battle appears to be over. Team 4 has one more idea, if the DEK in the SSD was resident for a long period of time it might be possible to recover the DEK by locating the AES core logic in the NAND controller and examining for signs of DEK remnants. It is a costly and difficult process and unfortunately, it yields no results. This Defense Grade SSD is either immune to data remnants, incorporates techniques to mitigate the effect, or keys were changed frequently. Three more weeks pass. The overseas source was finally able to acquire a single sample of the drive. The teams continue evaluation of the captured drive and the sample and instruct their source to get creative. They must get the technical documents for the drive so they can be better prepared should they encounter this same model in the future. Two months pass. The array of 50 PCs tasked with cracking the encrypted contents of NAND has not determined the DEK. A decision is made to abandon the effort, for now. The encrypted data is archived. There is talk of a new type of ultra-fast computer, a quantum computer. Maybe it will be fast enough to crack the encryption. Unfortunately it may be too late; every passing day lessens the value of the data contained in the SSD. A phone rings. An engineer hangs up and heads down to receiving. There is new work to begin. Field personnel have captured another defense asset, this time a new system in transit to a defense customer. Today will be another long day… Summary In terms of reading and writing capabilities, both COTS SSDs and Defense Grade SSDs are similar. They use the same communication protocols, the same media type, and are offered in the same physical form-factors. The differences between the two products become apparent when they are evaluated against the requirements of the application. Defense applica- tions vary greatly, however harsh environmental conditions, sustained 24-7 operation, the potential to fall in to enemy hands are real. When protection for data-at-rest is crucial, COTS SSDs, designed for enterprise, office and home environments will not be up to the task. As portrayed in Scenario 2, Defense Grade SSDs are rugged work horses capable of incorporating numerous security features including the flexibility to accommodate cus- tom Anti-Tamper (AT) capabilities to help delay and thwart aggressive and invasive attacks. Mercury Systems TRRUST-Stor™ and ASURRE-Stor™ series of ruggedized SSDs include advanced security features and key management techniques that allow them to meet the ever-changing security challenges in defense applications. SSDs in the Asurre-Stor series include models that are FIPS 140-2, Common Criteria (CC), and CSfC certified. The CSfC models are com- pliant to NIAP, CPP_ FDE_EE and CPP_FDE_AA profiles and are pending inclusion on the CSfC approved components list. When considering an SSD for a defense storage application, it is important to select a Defense Grade product designed to meet the challenges of advanced attacks. If your storage application requires a mission critical level of security and reliability, Mercury Systems SSDs meet the challenge. Note 1: Hacker extracts crypto key from TPM chip, February 2010. http://www.h-online.com/ security/news/item/Hacker-extracts-crypto-key-from-TPM-chip-927077.html Note 2: Data Remanence in Semiconductor Devices (Peter Gutmann) About the Author Robert Lazaravich is Director of Research and Development for the Secure Solid State Drive product line at Mercury Systems in Phoenix, Arizona. In addition to managing a talented and focused engineering team, Bob frequently engages with customers to imple- ment custom security features tailored to address application-specific requirements. Bob received his BSE and MSE degrees in Electrical Engineering from Arizona State University. AES Advanced Encryption Standard AT Anti-Tamper BGA Ball Grid Array BIOS Basic Input/output System COTS Commercial Off The Shelf CSfC Commercial Solutions for Classified programs DARPA Defense Advanced Research Projects Agency DEK Data Encryption Key DWPD Drive-Writes-Per-Day ECC Error Correction Codes EOL End OF Life FIPS Federal Information Processing Standards FPGA Field Programmable Gate Array KAT Known Answer Tests MLC Multi-Level Cell OPAL Trusted Computer Group standard PCB Printed Circuit Board RNG Random Number Generator SED Self-Encrypting Drive SLC Single-Level Cell SSD Solid State Drive TBW Total Bytes Written TCG Trusted Computer Group TLC Triple Level Cell TPM Trusted Platform Module Table of Acronyms Learn more at www.mrcy/SSD