disks with hardware FDE
Perry E. Metzger
perry at piermont.com
Tue Jul 8 09:18:06 EDT 2008
Dries Schellekens <dries.schellekens at esat.kuleuven.be> writes:
> Perry E. Metzger wrote:
>
>> Has anyone had any real-world experience with these yet? Are there
>> standards for how they get the keys from the BIOS or OS? (I'm
>> interested in how they deal with zeroization on sleep and such.)
>
> Most manufacturer (will) implement the TCG Storage Specification:
> https://www.trustedcomputinggroup.org/groups/storage/
>
>> Lastly, anyone have any idea of whether the manufacturers are doing
>> the encryption correctly or not?
>
> I know that Seagate Secure does not use XTS mode, but something CBC based.
Where do they get their IVs from?
In general, I feel like the only way to really verify that these
things are being done correctly is to be able (in software) to read
the ciphertext and verify that it is encrypted with the right key in
the right mode. The small amount I've heard about the design leads me
to worry that this is not actually possible.
--
Perry E. Metzger perry at piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list