Hardware-based full disk encryption: Difference between revisions

When a cryptographic disk erasure (or crypto erase) command is given (with proper authentication credentials), the drive self-generates a new media encryption key and goes into a 'new drive' state.<ref>{{cite web |title=10 Reasons to Buy Self-Encrypting Drives |author=Trusted Computing Group |url=https://www.trustedcomputinggroup.org/wp-content/uploads/10-Reasons-to-Buy-SEDs_Sept.2010.pdf |year=2010 |publisher=Trusted Computing Group |accessdate=2018-06-06}}</ref> Without the old key, the old data becomes irretrievable and therefore an efficient means of providing [[Data erasure|disk sanitisation]] which can be a lengthy (and costly) process. For example, an unencrypted and unclassified computer hard drive that requires sanitising to conform with [[United States Department of Defense|Department of Defense]] Standards must be overwritten 3+ times;<ref>http://www-03.ibm.com/systems/resources/IBM_Certified_Secure_Data_Overwrite_Service_SB.pdf</ref> a one Terabyte Enterprise SATA3 disk would take many hours to complete this process. Although the use of faster [[solid-state drive]]s (SSD) technologies improves this situation, the take up by enterprise has so far been slow.<ref>http://www.researchandmarkets.com/reports/683004/ssd_story_slow_on_the_uptake.pdf</ref> The problem will worsen as disk sizes increase every year. With encrypted drives a complete and secure data erasure action takes just a few milliseconds with a simple key change, so a drive can be safely repurposed very quickly. This sanitisation activity is protected in SEDs by the drive's own key management system built into the firmware in order to prevent accidental data erasure with confirmation passwords and secure authentications related to the original key required.

 

 

===Protection from alternative boot methods===