Content deleted Content added
←Created page with 'Hardware-based Full Disk Encryption is being pursued by a number of vendors including Intel, Seagate, and Hitachi with the rest of ...' |
No edit summary |
||
Line 1:
Hardware-based Full Disk Encryption is being pursued by a number of vendors including [[Intel]], [[Seagate]], and [[Hitachi]] with the rest of the hard drive industry following. Encryption and the symetric encryption key is maintained independantly from the [[CPU]], thus removing computer memory as a potential attack vector. There are current two varieties of hardware-FDE being discussed:
1) Hard Disk Drive FDE<br />
2) Chip Set FDE
Line 7:
HDD FDE is being pushed by HDD vendors and a standard is being pursued for greater adoption via the [[Trusted Computing Group]]<ref>https://www.trustedcomputinggroup.org/</ref>. Key management takes place within the HDD and encryption keys are protected by the drive firmware. However, some level of authentication must still take place within the CPU via either a software [[Pre-Boot Authentication]]<ref>http://secude.com/htm/707/en/Pre-Boot_Authentication.htm</ref> Environment or with a BIOS password.
Currently there are only two software solutions for [[Pre-Boot Authentication]] available from [[Secude]]<ref>http://secude.com/</ref> and [[Wave Systems]].
==Ship Set FDE==
| |||