Allion Labs / Blake Chu

近年来资安问题频传,越来越多装置(个人计算机,行动装置等) 透过云端物联网(IoT)与云端储存相互链接,数据的开放性衍生出许多资安问题和恶意攻击。除了一般常见的防病毒软件,以软件层面来防堵之外,硬件层面部分尤其是储存装置的防护,会以硬件加密为主,例如常见的「ASE 256bit」加密技术,便是透过储存装置内建支持硬件加密的控制器单元,对储存装置进行完整磁盘加密。硬件加密的安全性较高,要将数据从硬盘窃取几乎是不可能的任务。

拥有加密技术的储存装置越来越多,但该如何确保其加密功能是真正安全符合规范?TCG组织(Trusted Computing Group)便规划了「Opal储存装置安全规范(Opal Storage Specification)」,符合TCG Opal规范的储存装置,可于装置内执行加密,在效能、安全和管理方面,皆较软件的加密系统更具数据保密之优势;也更不影响主机系统作业且不占用资源,不需要额外的主机加密组件,所有加密皆于装置内部进行完成。

为了验证是否符合TCG Opal规范,百佳泰已提供了「TCG Opal Certification Test」以及「TCG Opal Protocol Test」来验证其产品是否能通过测试。我们利用通过TCG组织通过认可的测试工具来对储存装置(SATA/NVMe)进行验证。以下为两个测试相关介绍。

  1. TCG Opal Certification Test:

为了验证TCG储存装置是否正常符合TCG规范TCG Storage Architecture Core Specification, Version 2.01; TCG Storage OPAL Family Test Cases Specification, Version 1.00,利用Certification Test针对储存装置进行TCG functional check,确认回传值是否符合spec规范。TCG Opal Certification Test测试项目如下:

TCG Opal Certification Test Items
a.      Use Case Test Cases: b.     Specific Functionality: c.      Error Test Cases:
1.       UCT-01 Level 0 Discovery 1.       SPF-01Transaction 1.       ETC-01 Native Protocol Read/Write Locked Error Responses
2.       UCT-02 Properties 2.       SPF-02 IF-RECV Behavior Tests 2.       ETC-02 General IF-SEND /IF-RECV Synchronous Protocol
3.       UCT-03 Taking ownership of an SID 3.       SPF-03 TryLimit 3.       ETC-03 Invalid IF-SEND Transfer length
4.       UCT-04 Activate Locking SP when in Manufactured Inactive State 4.       SPF-04 Tries Reset 4.       ETC-04 Invalid SessionID – Regular Session
5.       UCT-05 Configuring Authorities 5.       SPF-05 Tries Reset on Power Cycle 5.       ETC-05 Unexpected Token Outside of Method – Regular Session
6.       UCT-06 Configuring Locking Objects (Locking Ranges) 6.       SPF-06 Next 6.       ETC-06 Unexpected Token in Method Header – Regular Session
7.       UCT-07 Unlocking Ranges 7.       SPF-07 Host Session Number (HSN) 7.       ETC-07 Unexpected Token Outside of Method – Control Session
8.       UCT-08 Erasing Ranges 8.       SPF-08 RevertSP 8.       ETC-08 Unexpected Token in the Method Parameter List – Control Session
9.       UCT-09 Using the DataStore table 9.       SPF-09 Range Alignment Verification 9.       ETC-09 Exceeding Transaction Limit
10.    UCT-10 Enable MBR Shadowing 10.    SPF-10 Byte Table Access Granularity 10.    ETC-10 Invalid Invoking ID – Get
11.    UCT-11 MBR Done 11.    SPF-11 Stack Reset 11.    ETC-11 Invalid Invoking ID – Non-Get
12.    UCT-12 Revert the Locking SP using SID, with Locking SP in Mfg state 12.    SPF-12 TPer Reset 12.    ETC-12 Authorization
13.    UCT-13 Revert the Admin SP using SID, with Locking SP in Mfg-Inactive state 13.    SPF-13 Authenticate 13.    ETC-13 Malformed ComPacket Header – Regular Session
14.    UCT-14 Revert the Admin SP using SID, with Locking SP in Mfg state 14.    SPF-15 Random 14.    ETC-14 Exceed TPer Properties – Regular Session
15.    UCT-15 Revert Admin SP using Admin1, with Locking SP in Mfg state 15.    SPF-16 CommonName 15.    ETC-15 Exceed TPer Properties – Control Session
16.    UCT-16 Revert Admin SP using PSID, with Locking SP in Manufactured state 16.    SPF-17 DataStore Table 16.    ETC-16 Overlapping Locking Ranges
17.    SPF-18 Range Crossing Behavior 17.    ETC-17 Invalid Type
18.    SPF-19 Block SID Authentication 18.    ETC-18 RevertSP – GlobalRange Locked
19.    ETC-19 Activate / ATA Security Interaction
20.    ETC-20 StartSession on Inactive Locking SP
21.    ETC-21 StartSession with Incorrect HostChallenge
22.    ETC-22 Multiple Sessions
23.    ETC-23 Data RemovalMechanism – Set Unsupported Value

 

  1. TCG Opal Protocol Test:

接下来验证其Opal Protocol test是否符合TCG规范TCG Storage Architecture Core Specification, Version 2.01; TCG Storage OPAL Family Test Cases Specification, Version 1.00,利用Opal Protocol Test针对储存装置进行functional check,确认回传值是否符合spec规范。TCG Opal Protocol Test测试项目如下:

TCG Opal Protocol Test Items
a.      OPALv1: b.     OPALv1:
1.        A0: Identify Device 1.        AlignSet_DataStore
2.        A1: Trusted Send/Receive 2.        AlignSet_LBA
3.        A2: Protocol ID = 0 related 3.        AlignSet_MBR
4.        A3: Level 0 Discovery 4.        Authenticate
5.        A4: Synchronous Communication Ptc 5.        Protocol2
6.        A5: ComPacket/Packet/SubPacket 6.        Random
7.        A7: Transaction 7.        Revert_Effect2
8.        A8: Ending Session 8.        StackReset
9.        A9: Empty Atom 9.        TPerInfo_SSC
10.     A10: Properties 10.     TPerReset
11.     A11: Start/SyncSession 11.     VerifyGeometry
12.     A6: Method_invoke/response 12.     RevertSP_Pyrite1_0 (for Pyrite1.00 device only)
13.     A12_Get_Byte_GramChk 13.     DataRemoval
14.     A13_Set_Byte_GramChk 14.     StartSyncSession_SessionTO
15.     A14_Next_AdminSP_GramChk c.      TableInfo:
16.     A15_GetACL_AdminSP_GramChk 1.        C1: Level 0 Discovery contents
17.     A19_RevertSP_GramChk 2.        C2: Properties() contents
18.     D1_ACESet 3.        C3: Get() contents
19.     D2_AuthoritySet 4.        C3_Get_ObjTable_LockSP_All
20.     D3_C_PINSet 5.        C4: Next() contents
21.     D4_LockingSet_RangeStartLength 6.        C5: GetACL() contents
22.     D4_LockingSet_WriteLock d.     Features:
23.     D5: MBRControl.Set 1.        Additional_DS
24.     D6: MBR.Set 2.        PSID
25.     D7: DataStore.Set() 3.        SingleUser
26.     D8: K_AES_*.GenKey 4.        BlockSID
27.     D9: Activate
28.     D10: Revert()/RevertSP
29.     D10_RevertSP_Effect
30.     D11: Power Cycle

 

这边举一个实际案例与大家分享。符合TCG储存装置有个「shadow MBR」功能,用户开启此装置时,会先进入一个称为shadow MBR模拟空间进行pre-boot的身份验证动作;通过验证后,才会进入真正的开机程序,与装置链接。在「UCT-10 Enable MBR Shadowing这个item中,我们可以看到该装置因在「subcase 2: Set on ACE_MBRControl_Set_DoneToDOR to include User1 and User8; Set Response: Pass这个地方无法正常回传对应值,无法取得认证,故此item便判定为Fail。

除了提供TCG Opal Certification Test & TCG Opal Protocol Test验证报告以外,百佳泰也可以针对产品无法通过验证的测项进行结果分析,协助厂商解决并通过验证。相信透过这两大项测试层层把关,通过严苛考验的产品能在市面上带给客户信任感。