Attacking FDE hardware solutions: Difference between revisions
Jump to navigation
Jump to search
(added tcg specs) |
|||
| Line 17: | Line 17: | ||
* Lenovo | * Lenovo | ||
** [http://www-307.ibm.com/pc/support/site.wss/MIGR-68776.html ThinkPad 160GB and 200GB FDE 7200rpm Serial ATA Hard drives] | ** [http://www-307.ibm.com/pc/support/site.wss/MIGR-68776.html ThinkPad 160GB and 200GB FDE 7200rpm Serial ATA Hard drives] | ||
* Ironkey | |||
** [https://www.ironkey.com/basic Basic] | |||
** [https://www.ironkey.com/enterprise Enterprise] | |||
== Previously published research == | == Previously published research == | ||
Revision as of 10:49, 21 January 2009
Many companies tout hard drives with built in encryption as the solution to the Cold Boot Attack. Additionally, these drives are sold as a major step forward in overall data security. In theory, this sounds like a good idea; in practice this could go horribly wrong.
This project is currently in a research state to find different drives that claim to offer specific security properties. It is expected that many products will fail even the most cursory look.
Please add links to products, vendors, standards, prices and places to purchase hardware. At some point, we'll start acquiring hardware to do specific implementation analysis.
Drive manufacturers and specific drive models
- Seagate
- Cheetah® 15K.6 and Cheetah FDE Hard Drives
"The Cheetah 15K.6 FDE drive is available only to major OEM suppliers."
- Cheetah® 15K.6 and Cheetah FDE Hard Drives
- Hitachi
"Hitachi offers the BDE option on all new 2.5-inch SATA hard disk drive products beginning with those launched in 2007, including both the 7200 RPM and 5400 RPM product lines. Hitachi also offers the BDE option on Deskstar products introduced in 2008 and beyond." - IBM
- Lenovo
- Ironkey
Previously published research
- Heise successfully attacked the Easy Nova Data Box PRO-25UE RFID
Standards and Whitepapers relating to FDE at the hardware level
- Trusted Computing Group
- Storage Specifications
- Storage Architecture Core Specification v1.0 rev0.9 this is what the drives implement
- IEEE
- Seagate
- http://www.seagate.com/staticfiles/SeagateCryptofaceoff.pdf
- http://www.seagate.com/staticfiles/docs/pdf/whitepaper/tp596_128-bit_versus_256_bit.pdf
- http://www.seagate.com/staticfiles/docs/pdf/security/Tech_Paper_Enables_Robust_Security.pdf
- http://www.seagate.com/docs/pdf/whitepaper/HDpasswrd_TP580-1-0710US.pdf
- http://www.seagate.com/docs/pdf/whitepaper/Seagate-crypto-bakeoff.pdf
- http://www.seagate.com/docs/pdf/whitepaper/tp596_128-bit_versus_256_bit.pdf
- http://www.seagate.com/docs/pdf/whitepaper/Server&Drive%20Security%20Threats%20rev%204%203.pdf
- http://www.seagate.com/docs/pdf/whitepaper/DataCtrSec_TP583-1-0711USr4.pdf Also mentions participation in IEEE 1619
- Hitachi
- http://www.hitachigst.com/tech/techlib.nsf/techdocs/74D8260832F2F75E862572D7004AE077/$file/bulk_encryption_white_paper.pdf
The above whitepaper refers to FIPS 197 certification and the NIST AES Validation List, which informs us that Hitachi uses AES 128 or 256 in ECB mode: Part # 1 entry, 128-bit Part # 4 entry, either 128-bit or 256-bit (NB: large slow HTML table) - Bulk Data Encryption FAQ
- http://www.hitachigst.com/tech/techlib.nsf/techdocs/74D8260832F2F75E862572D7004AE077/$file/bulk_encryption_white_paper.pdf
Terminology
- FDE - Full Disk Encryption
- BDE - Bulk Data Encryption
- OTFE - On-the-fly encryption