Hardware-based full disk encryption
- Hardware-based full disk encryption
Hardware-based Full Disk Encryption is being pursued by a number of HDD vendors including Intel, Seagate Technology, and Hitachi, Ltd. with the rest of the hard drive industry following. Encryption and the symmetric encryption key is maintained independently from the CPU, thus removing computer memory as a potential attack vector. There are current two varieties of hardware-FDE being discussed:
#Hard Disk Drive FDE
#Chipset FDE
Hard Disk Drive FDE
HDD FDE is being pushed by HDD vendors and a standard is being pursued for greater adoption via the Trusted Computing Group [ [https://www.trustedcomputinggroup.org/ Trusted Computing Group: Home ] ] . Key management takes place within the HDD and encryption keys are protected by the drive firmware. However, some level of authentication must still take place within the CPU via either a software Pre-Boot Authentication [ [http://secude.com/htm/707/en/Pre-Boot_Authentication.htm SECUDE IT Security - Pre-Boot Authentication ] ] Environment or with a BIOS password.
Currently there are three software solutions for Pre-Boot Authentication available from Secude [ [http://secude.com/ SECUDE IT Security - Homepage ] ] ,SafeNet and Wave Systems.
Chipset FDE
Intel has announced the release of the Danbury chipset [http://www.theregister.co.uk/2007/09/21/intel_vpro_danbury/] series which promises full disk encryption and a Trusted Platform Module (TPM) in the south bridge. However, as the chipset is not yet released and will not be broadly available until 2009, extensive research is not yet available.
ee also
*Disk encryption hardware
*Disk encryption software
References
Wikimedia Foundation.
2010.
Look at other dictionaries:
Full disk encryption — (or whole disk encryption) is a kind of disk encryption software or hardware which encrypts every bit of data that goes on a disk or disk volume. The term full disk encryption is often used to signify that everything on a disk, including the… … Wikipedia
Disk encryption — uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. Disk encryption prevents unauthorized access to data storage. The term full disk encryption (or whole disk encryption) is often used to… … Wikipedia
Disk encryption hardware — To protect confidentiality of the data stored on a computer disk a computer security technique called disk encryption is used. This article discusses hardware which is used to implement the technique (for cryptographic aspects of the problem see… … Wikipedia
Disk encryption theory — Disk encryption is a special case of data at rest protection when the storage media is a sector addressable device (e.g., a hard disk). This article presents cryptographic aspects of the problem. For discussion of different software packages and… … Wikipedia
Comparison of disk encryption software — This is a technical feature comparison of different disk encryption software. Contents 1 Background information 2 Operating systems 3 Features 4 Layering … Wikipedia
BitLocker Drive Encryption — infobox software caption = developer = Microsoft latest release version = 1.0 latest release date = January 30, 2007 programming language = C, C++, AssemblerFact|date=June 2008 operating system = Windows Vista, Windows Server 2008 language =… … Wikipedia
Advanced Encryption Standard — Infobox block cipher name = AES caption = The SubBytes step, one of four stages in a round of AES designers = Vincent Rijmen, Joan Daemen publish date = 1998 derived from = Square derived to = Anubis, Grand Cru related to = certification = AES… … Wikipedia
Lenovo Group — Infobox Company company name = Lenovo Group Limited 联想集团有限公司 company type = Privately owned company (Red chip) company company slogan = foundation = 1984 location = flagicon|China Beijing, China flagicon|USA Morrisville, North Carolina, USA… … Wikipedia
Pre-boot authentication — (PBA) serves as an extension of the BIOS or boot firmware and guarantees a secure, tamper proof environment external to the operating system as a trusted authentication layer. The PBA prevents anything being read from the hard disk such as the… … Wikipedia
History of computing hardware — Computing hardware is a platform for information processing (block diagram) The history of computing hardware is the record of the ongoing effort to make computer hardware faster, cheaper, and capable of storing more data. Computing hardware… … Wikipedia