HP LaserJet Enterprise 600 HP Color LaserJet Enterprise 500 Color M551, 600/M6 - Page 2

Description, Data Encryption, Key Management, Secure Cryptographic Erase of Customer Job Data

Get HP LaserJet Enterprise 600 PDF manuals and user guides View all HP LaserJet Enterprise 600 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 2 highlights

DESCRIPTION Solid State Drives (SSD) and Solid State Modules (SSM) used in some models of HP printing devices do not support data overwrite or native encryption. Files deleted from these storage devices are not immune from forensic recovery. To protect customer data, HP is implementing firmware encryption to specific areas of the storage device containing job data. The encrypted data is volatile as the encryption keys are not preserved after a system power cycle, effectively performing a cryptographic erase of the customer data. This behavior is similar to a non FutureSmart firmware single function printer without a HDD, which stores job data in volatile system memory. Customers are assured that job data is not recoverable on printing devices after powered off, allowing for secure redeployment and decommission use cases. DATA ENCRYPTION File encryption is accomplished using Microsoft's encrypting file system filter. File encryption and decryption use the Microsoft Enhanced Cryptographic API using AES 128 encryption. The filter encrypts the data for all files written to and read from the customer partitions. Secure Volatile Encryption is limited to AES 128 encryption at this time due to technical limitations. Key Management Initially a cryptographically strong key is generated called a MasterKey, which is then encrypted with AES-128. The MasterKey is then used to create a symmetric session key generated based on the MasterKey, random data and additional entropy. The session key is then used to protect the data. Secure Cryptographic Erase of Customer Job Data Data required to reconstruct the encryption key for the customer data partitions is stored in RAM. Since the encryption key can't be regenerated after a device restart all customer data partitions are cryptographically erased. Note: A "Cryptographic erase" is a method of rendering access to encrypted data impossible by destroying the encryption key needed to decrypt the data. CUSTOMER DATA ENCRYPTED The following classes of customer data are encrypted using Secure Volatile Storage: • Customer Data Stored print jobs, maser (multiple copies) temporary job files, PJL and PostScript filesystem files including downloaded fonts, extensibility customer data (if stored there by the extensibility solution). • Commit to Buffer data When the imaging system runs low on memory, it will render the current page data and store it in this section of the disk. This allows the system to free memory and continue imaging the page. • Interrupt data Stored page data when a job is interrupted (e.g. interrupted by an intercycle calibration job). Note: Customer configuration settings are not stored in these areas. 2

  • 1
  • 2
  • 3
  • 4
2
DESCRIPTION
Solid State Drives (SSD) and Solid State Modules (SSM) used in some models of HP printing devices
do not support data overwrite or native encryption. Files deleted from these storage devices are not
immune from forensic recovery. To protect customer data, HP is implementing firmware encryption to
specific areas of the storage device containing job data. The encrypted data is volatile as the
encryption keys are not preserved after a system power cycle, effectively performing a cryptographic
erase of the customer data.
This behavior is similar to a non FutureSmart firmware single function printer without a HDD, which
stores job data in volatile system memory. Customers are assured that job data is not recoverable on
printing devices after powered off, allowing for secure redeployment and decommission use cases.
DATA ENCRYPTION
File encryption is accomplished using Microsoft’s encrypting file system filter. File encryption and
decryption use the Microsoft Enhanced Cryptographic API using AES 128 encryption. The filter
encrypts the data for all files written to and read from the customer partitions.
Secure Volatile Encryption is limited to AES 128 encryption at this time due to technical limitations.
Key Management
Initially a cryptographically strong key is generated called a MasterKey, which is then encrypted with
AES-128. The MasterKey is then used to create a symmetric session key generated based on the
MasterKey, random data and additional entropy. The session key is then used to protect the data.
Secure Cryptographic Erase of Customer Job Data
Data required to reconstruct the encryption key for the customer data partitions is stored in RAM.
Since the encryption key can’t be regenerated after a device restart all customer data partitions are
cryptographically erased.
Note:
A “Cryptographic erase” is a method of rendering access to encrypted data impossible by
destroying the encryption key needed to decrypt the data.
CUSTOMER DATA ENCRYPTED
The following classes of customer data are encrypted using Secure Volatile Storage:
Customer Data
Stored print jobs, maser (multiple copies) temporary job files, PJL and PostScript filesystem files including
downloaded fonts, extensibility customer data (if stored there by the extensibility solution).
Commit to Buffer data
When the imaging system runs low on memory, it will render the current page data and store it in this
section of the disk. This allows the system to free memory and continue imaging the page.
Interrupt data
Stored page data when a job is interrupted (e.g. interrupted by an intercycle calibration job).
Note:
Customer configuration settings are not stored in these areas.