Revision as of 17:55, 5 May 2010 edit Rhtcmu (talk \| contribs) 121 edits No edit summary ← Previous edit		Revision as of 17:57, 5 May 2010 edit undo Rhtcmu (talk \| contribs) 121 edits →Feature - Benefits Next edit →
Line 26: The two main use cases are Data At Rest protection, and Cryptographic Disk Erasure. In Data At Rest protection a laptop is simply closed which powers down the disk. The disk now self-protects all the data on it. Because all the data, even the OS, is now encrypted, with a secure mode of [[AES]], and locked from reading and writing the data is safe. The drive requires an authentication code which can be as strong as 32 binary bytes (2^256) to unlock. With Cryptographic Disk Erasure the drive is commanded, with proper authentication credentials, to ~~change~~self-generate ~~its~~a new media encryption key and go into a 'new drive' state. Unlike other forms of sanitization, this action takes a few milliseconds at most. So a drive can be safely repurposed very quickly. ▼ ▲With Cryptographic Disk Erasure the drive is commanded, with proper authentication credentials, to change its media encryption and go into a 'new drive' state. Unlike other forms of sanitization, this action takes a few milliseconds at most. So a drive can be safely repurposed very quickly. ==References== {{reflist}}

Hardware-based full disk encryption: Difference between revisions