Universal Disk Encryption Spec Finalized 237
Lucas123 writes "Six of the largest disk manufacturers, along with encryption management software vendors, are backing three specifications finalized [Tuesday] that will eventually standardize the way encryption is used in firmware within hard disk drives and solid state disk drive controllers ensuring interoperability. Disk vendors are free to choose to use AES 128-bit or AES 256-bit keys depending on the level of security they want. 'This represents interoperability commitments from every disk drive maker on the planet,' said Robert Thibadeau, chief technologist at Seagate Technology."
Disk vendors are free to choose (Score:5, Insightful)
Why should this be trustable?
itsatrap? (Score:3, Insightful)
Re:Disk vendors are free to choose (Score:5, Insightful)
Re:ok (Score:3, Insightful)
Re:A few questions... (Score:5, Insightful)
Re:Disk vendors are free to choose (Score:5, Insightful)
Re:Why not just use TrueCrypt? (Score:5, Insightful)
Re:Why not just use TrueCrypt? (Score:5, Insightful)
Specialized hardware will always be faster and use less power to do a specific job than general-purpose hardware like your CPU.
Not "always", and not "and".
Specialized hardware will usually be faster than the CPU, and will usually yield an overall faster system by virtue of the fact that the CPU is free from those tasks.
However (and purely as an example), Linux's software RAID is faster than many hardware RAID controllers, and a system lacking a dedicated hardware RAID controller very well may use less power than an equivalent system with one.
that is true, Defective by Design. (Score:3, Insightful)
I thought this kind of talk was over the top, then I read the article.
No reset so that you can repartion the thing? Users are supposed to trust the hardware won't betray them? No way. It's like they are trying to clog landfills with these things.
The whole article reeks of "trusted path" and other defective by design tech beyond the obvious "oops, I forgot the password" inevitability. To be trusted by sane users, the controller boards must come with easy to change free software doing the dirty work. If not, all sorts of malicious features can be hidden that negate all benefits of hardware encryption. These things could turn themselves if "premium" content is ever placed on the drive and then accessed with a "non trusted" OS, for example. Your data is never secure when you use non free software, it is always at the mercy of the software's owner. This kind of "firmware" is something that should be rejected.
Re:Pardon my ignorance (Score:5, Insightful)
The risk is that the drive may, unbeknownst to the owner, cache and store the encryption keys somewhere inside the drive, either on the media or in nonvolatile memory, making it available to those that know where to find it.
Even if the standard drive firmware doesn't do that, how would you know that the firmware of the drive wasn't modified sometime after manufacture and before purchase to install such a back door?
If you were an agent of some government that wanted to be able to access data on disk drives whose owners believe them to be encrypted, what better way to do that than to either convince the drive vendors to install a back door for you, or to let you tamper with the drives at some point in the process? That would eliminate a whole lot of hassle for you, and there are only a few drive vendors you'd have to subvert.
I think I'll stick to LUKS and dm-crypt. It's not a perfect solution, and it's still possible that someone could subvert my encryption, but doing it in the software I have some measure of control over clearly makes it harder for them than doing it in hardware that I have no choice but to trust blindly.
Am I paranoid? Sure. Probably no one is trying to steal my keys or my data. But the likelyhood of the existence of a back door has NOTHING to do with whether the bad guys (or maybe the good guys?) are interested in my data. Even if no one intends to steal my data today, once a back door exists it can be used against me in the future.
Re:Disk vendors are free to choose (Score:3, Insightful)
A standard is a good thing. Assuming you can get at the encrypted blocks, this makes it possible to *test* that a certain implementation is conforming to the standard. This gives better guarantees than simply to trust the undocumented, untested encryption invented by some manufacturer.
There can be bugs in the standard, offcourse, but it's going to get heavy scrutiny by very competent crypto-heads, so any obvious mistakes should be discovered quickly.
Put your own encryption on top of the drive's... (Score:3, Insightful)
Nothing says you can't use Truecrypt or what have you on top of the hardware-based encryption built into the hard drive.
This way you'll have AT LEAST as much protection as you would've with just your software-based encryption.
Re:that is true, Defective by Design. (Score:3, Insightful)
Re:Do STD's make it easier to 'see' encrypted disk (Score:5, Insightful)
This use-case is more or less dying out though. Because transporting bits across a border by having someone hand-carry them is just too large a risk, assuming it's the kind of bits the government of either country would rather not have crossing the border.
Much better to transmit the bits out, in encrypted form, over some kind of network. Even if there's no internet, you can always do it over satelite-phone or something. Yeah, I know that's like $3/minute, but how many minutes do you need to transmit the ascii-text of an interview or something ?
It's sligthly more of a problem if it's something largish, particularily if it's HD-video though, but even this problem is going away. Even if you're in Iran, it's not very hard to find an access-point with a megabit or more of capacity.
There's no question; the safest way to store "dangerous" bits on your laptop while crossing a border, is to NOT store them on there at all. They can't find what is genuinely not there.
Re:A few questions... (Score:5, Insightful)
And yet, somehow I don't believe you.
To be more specific, I find it illogical to assume that the NSA would require you to provide them with the keys and at the same time let you talk about it.
Given this, I am suspicious of your claim in the extreme.
Re:Disk vendors are free to choose (Score:1, Insightful)
It's called competition. I know that if I led one of the six, I would ask my research development to periodically test if all the others are doing what they should. If not, I would make sure that everyone would hear about it.
Re:Why not just use TrueCrypt? (Score:4, Insightful)
The best RAID coprocessors are made by companies like Intel and AMD. You can find them under names like "Xeon" or "Opteron".
Shamelessly stolen from Alan Cox.
Re:that is true, Defective by Design. (Score:5, Insightful)
Comment removed (Score:5, Insightful)
Short-sighted. (Score:3, Insightful)
How short-sighted is it to tie into one encryption standard? Idiots.
You need to *at least* make various encryptions pluggable and software-upgradeable because I guarantee that Murphy's Law says that once EVERYONE has one of these hard drive, AES will be cracked sufficiently and we'll be back to square one but tied into millions of devices incorporating a useless and obsolete security "standard. It'll be WEP all over again, even down to 99% of people being "assured" that their hard drive is safe, and then finding out the reality.
Plus, the DRM potential is obvious. I thought the ATA standard had the facility to implement disk encryption anyway - isn't that one of the features used on the XBox or something to lock the hard drives to a particular machine? - you have to send a password across the bus as an ATA packet before the drive will permit any access at all.
Bullshit. RAID5 is fine in read only file systems. (Score:3, Insightful)
Read about where the bottlenecks are before suggesting nonsense.
OTOH, a reason to trust (Score:4, Insightful)
I'm not as worried about that as some. Here's how I look at it - if there's a back door, it doesn't matter as long as it doesn't get used. If it gets used even a few times, word will get out. When some ring of baby-rapers gets caught and prosecuted with evidence that was obtained through said back door, word *will* get out.
So what happens then? A million drive purchasers demand their money back. A million businesses that bought the drives because they were guaranteed unbreakable encryption join in class-action lawsuits against the drive manufacturers and resellers, blasting them into legal oblivion.
If I were a drive manufacturer, I wouldn't risk it. The secret would eventually leak and my company would be toast, overnight.
128-bit -vs- 256-bit (Score:3, Insightful)
"Disk vendors are free to choose to use AES 128-bit or AES 256-bit keys depending on the level of security they want"
More likely, they will choose based on the power of the controller. Nobody would want less security.
Re:that is true, Defective by Design. (Score:3, Insightful)
I think they're basically modernizing the old ATA security lockout, as made popular by the original Xbox. I do agree it's rather domineering to not include a "clear password" option. Sure, you'll lose the encryption key and the data is lost, but I'd much rather have a blank drive than a bricked one. This sort of draconian "security" is a sysadmin's nightmare, as now you can't just reimage a drive any old way, you have to reimage it in the target PC. If that board dies (as Dell/HP machines just love to do), you have to toss out the drive. You can't boot it elsewhere :P It will result in a few more hard drive sales at a hefty premium, but the benefit to end-users and their employers is hugely trumped by the nuisance caused by this "feature".
And twitter, take a chill pill with your open-source FUD. You're making us all look like religious fanatics. FOSS is about choice, not war.
Re:Pardon my ignorance (Score:3, Insightful)
Yes. But even more important to bear in mind is Bruce Schneier's admonition that security is a process, not a product. Far too many people will buy these FDE disk drives, and then blindly assume that since they have bought "security", don't have to do anything else, and that their problem is solved.
That's not a criticism of FDE; it happens with every kind of security-related hardware and software. However, the more security products people buy, the more likely they are to get lulled into thinking that it's a solved problem.