Revision as of 21:05, 18 August 2023 edit Frap (talk \| contribs) Extended confirmed users, File movers, Pending changes reviewers, Rollbackers 35,587 edits →Removable Hard Drive FDE: MOS:HEAD ← Previous edit		Revision as of 16:38, 19 August 2023 edit undo Ira Leviton (talk \| contribs) Extended confirmed users 358,008 edits Fixed references. Please see Category:CS1 errors: unsupported parameter. Next edit →
Line 17: HDD FDE is made by HDD vendors using the [[Opal Storage Specification\|OPAL]] and Enterprise standards developed by the [[Trusted Computing Group]].<ref>{{cite web \|url=http://www.trustedcomputinggroup.org/solutions/data_protection \|title=Trusted Computing Group Data Protection page \|publisher=Trustedcomputinggroup.org \|date= \|access-date=2013-08-06 \|url-status=dead \|archive-url=https://www.webcitation.org/65fUDqdql?url=http://www.trustedcomputinggroup.org/solutions/data_protection \|archive-date=2012-02-23 }}</ref> [[Key management]] takes place within the hard disk controller and encryption keys are 128 or 256 [[bit]] [[Advanced Encryption Standard]] (AES) keys. [[Authentication]] on power up of the drive must still take place within the [[Central processing unit\|CPU]] via either a [[software]] [[pre-boot authentication]] environment (i.e., with a [[Disk encryption software\|software-based full disk encryption]] component - hybrid full disk encryption) or with a [[BIOS]] password. [[Hitachi]], [[Micron Technology\|Micron]], [[Seagate Technology\|Seagate]], [[Samsung]], and [[Toshiba]] are the disk drive manufacturers offering [[Trusted Computing Group~~\|TCG~~]] [[Opal Storage Specification~~\|OPAL~~]] [[Serial ATA~~\|SATA~~]] drives. HDDs have become a commodity so SED allow drive manufacturers to maintain revenue.<ref>{{cite web \|last1=Skamarock \|first1=Anne \|title=Is Storage a commodity \|url=https://www.itworld.com/article/2799690/is-storage-a-commodity-.html \|website=ITWorld.com \|publisher=Network World \|accessdate=2020-05-22 \|date=2020-02-21}}</ref> Older technologies include the proprietary Seagate DriveTrust, and the older, and less secure, [[Parallel ATA\|PATA]] Security command standard shipped by all drive makers including [[Western Digital]]. Enterprise SAS versions of the TCG standard are called "TCG Enterprise" drives. === Enclosed hard disk drive FDE === Line 49: ==={{anchor\|Crypto erase}}Disk sanitisation=== [[Crypto-shredding]] is the practice of 'deleting' data by (only) deleting or overwriting the encryption keys. When a cryptographic disk erasure (or crypto erase) command is given (with proper authentication credentials), the drive self-generates a new media encryption key and goes into a 'new drive' state.<ref>{{cite web \|title=10 Reasons to Buy Self-Encrypting Drives ~~\|author=Trusted Computing Group~~ \|url=https://www.trustedcomputinggroup.org/wp-content/uploads/10-Reasons-to-Buy-SEDs_Sept.2010.pdf \|year=2010 \|publisher=Trusted Computing Group \|accessdate=2018-06-06}}</ref> Without the old key, the old data becomes irretrievable and therefore an efficient means of providing [[Data erasure\|disk sanitisation]] which can be a lengthy (and costly) process. For example, an unencrypted and unclassified computer hard drive that requires sanitising to conform with [[United States Department of Defense\|Department of Defense]] Standards must be overwritten 3+ times;<ref>http://www-03.ibm.com/systems/resources/IBM_Certified_Secure_Data_Overwrite_Service_SB.pdf {{Bare URL PDF\|date=March 2022}}</ref> a one Terabyte Enterprise SATA3 disk would take many hours to complete this process. Although the use of faster [[solid-state drive]]s (SSD) technologies improves this situation, the take up by enterprise has so far been slow.<ref>{{cite web \|title=Slow on the Uptake \|url=https://docplayer.net/30164112-Ssd-story-slow-on-the-uptake.html \|access-date=18 February 2021}}</ref> The problem will worsen as disk sizes increase every year. With encrypted drives a complete and secure data erasure action takes just a few milliseconds with a simple key change, so a drive can be safely repurposed very quickly. This sanitisation activity is protected in SEDs by the drive's own key management system built into the firmware in order to prevent accidental data erasure with confirmation passwords and secure authentications related to the original key required. When [[Cryptographic key\|keys]] are self-generated randomly, generally there is no method to store a copy to allow [[data recovery]]. In this case protecting this data from accidental loss or theft is achieved through a consistent and comprehensive data backup policy. The other method is for user-defined keys, for some Enclosed hard disk drive FDE,<ref>{{cite web \|title=Eclypt Core Encrypted Internal Hard Drive \|url=https://www.viasat.com/products/cybersecurity/data-at-rest-encryption/ \|website=Viasat.com \|publisher=Viasat \|accessdate=2021-02-17 \|date=2020}}</ref> to be generated externally and then loaded into the FDE. Line 61: When a computer with a self-encrypting drive is put into [[sleep mode]], the drive is powered down, but the encryption password is retained in memory so that the drive can be quickly resumed without requesting the password. An attacker can take advantage of this to gain easier physical access to the drive, for instance, by inserting extension cables.<ref name="sed-attacks" /> The firmware of the drive may be compromised<ref>{{cite magazine \| url = https://www.wired.com/2015/02/nsa-firmware-hacking/ \| title = How the NSA's Firmware Hacking Works and Why It's So Unsettling \| first = Kim \| last = Zetter \| date = 2015-02-22 \| magazine = Wired }}</ref><ref>{{cite web \| url = https://www.theregister.co.uk/2015/02/17/kaspersky_labs_equation_group/ \| title = Your hard drives were ~~RIDDLED~~riddled with NSA ~~SPYWARE~~spyware for ~~YEARS~~years \| first = Darren \| last = Pauli \| date = 2015-02-17 \| work = The Register }}</ref> and so any data that is sent to it may be at risk. Even if the data is encrypted on the physical medium of the drive, the fact that the firmware is controlled by a malicious third-party means that it can be decrypted by that third-party. If data is encrypted by the operating system, and it is sent in a scrambled form to the drive, then it would not matter if the firmware is malicious or not. === Criticism === Hardware solutions have also been criticised for being poorly documented{{citation needed\|date=April 2014}}. Many aspects of how the encryption is done are not published by the vendor. This leaves the user with little possibility to judge the security of the product and potential attack methods. It also increases the risk of a [[vendor lock-in]]. In addition, implementing system wide hardware-based full disk encryption is prohibitive for many companies due to the high cost of replacing existing hardware. This makes migrating to hardware encryption technologies more difficult and would generally require a clear migration and central management solution for both hardware- and software-based [[Disk encryption#Full disk encryption\|full disk encryption]] solutions.<ref>{{cite ~~document~~web\|url=http://www.secude.com/html/?id=1375\|archive-url=https://archive.today/20120909075410/http://www.secude.com/html/?id=1375\|url-status=dead\|archive-date=September 9, 2012\|title=Closing the Legacy Gap\|publisher=Secude\|date=February 21, 2008\|accessdate=2008-02-22}}</ref> however Enclosed hard disk drive FDE and Removable Hard Drive FDE are often installed on a single drive basis. ==See also==

Hardware-based full disk encryption: Difference between revisions