Table of Contents
Advertisement
9.21.4
Encryption Algorithms
9.21.4.1
Advanced Encryption Standard (AES) Support
AES encryption is implemented in hardware, with support for ECB or XTS mode for 128 bit or 256 bit keys.
A single key is active at any one time within the AES hardware engine. Firmware is responsible for reading the
keys from the hardware and also for determining which key is attached to a given LBA range; the hardware can only
detect if the LBA has been encrypted or not. The TCG protocol does not allow for a user to choose or switch
between AES algorithms, so it is up to the vendor to choose which AES algorithm is used in their implementation.
The WDC TCG Enterprise SSC implementation in firmware supports AES 256-XTS only.
The AES hardware implementation used for the range encryption has received the FIPS 197 certification by the US
National Institute of Standards (NIST), which are available on the NIST CAVP website,
(http://csrc.nist.gov/groups/STM/cavp/documents/aes/aesval.html. Validation No. 3880 and 3881):
9.21.4.2
'Level 0 Discovery' Vendor Specific Data
This section refers to section 3.6.2 of the TCG Storage Security Subsystem Class document (see the Specifications
section of this document). This Vendor Specific section is documented below.
Byte
7
16
17
18
19
RSVD
20
21
RSVD
22
0
23-47
Table 75 Vendor Specific Data for Level 0 Discovery
FDE_s/FDE_e - Full disk encryption is Supported (equivalent to Media Encryption in Locking Feature Descriptor
Enterprise SSC 3.6.2.5) / Full disk encryption is Enabled on one or more band.
Locking_s/Locking_e - LBA band locking is supported - locking object exists in the locking SP of the device
(equivalent to Locking Enabled in Locking Feature Descriptor Enterprise SSC 3.6.2.5) / The locking object for a band
has either ReadLocked or WriteLocked attribute set (equivalent to Locked in Locking Feature Descriptor Enterprise
SSC 3.6.2.5).
Dload_s/Dload_e - support for Admin SP Firmware download port / Firmware download port via Admin SP is locked.
Diag_s/Diag_e - Support for Admin SP vendor specific Diagnostic port / Diagnostics port via Admin SP is locked.
MB_s/MB_e - Multiple encrypting bands supported / multiple encrypting bands enabled. This bit shall be set to 1 if
more than one band exists in addition to the global band and is defined with at least one LBA.
9.21.4.3
Deterministic Random Bit Generation (DRBG)
Pseudo-random number generation is implemented with a certified NIST SP800-90A DRBG. The DRBG uses AES
as a primitive for both entropy mixing and entropy output. DRBG state is kept private to ensure that the keys that are
generated by the device are unpredictable. The entropy source of the DRBG is servo subsystem noise. It has been
verified to NIST SP800-90B.
9.21.4.4
Key Wrap
6
5
Version (set to 0)
Vendor Specific State Information
MB_s
0
MB_e
0
0
0
Western Digital Hard Disk Drive OEM Specification
Bit
4
3
2
Reserved
0
Diag_s
Dload_s
Reserved
0
Diag_s
Dload_e
0
0
0
Reserved
101
1
0
Locking_s
FDE_s
Locking_e
FDE_e
0
0
Advertisement
Table of Contents
