Attacking FDE hardware solutions: Difference between revisions
Jump to navigation
Jump to search
added citations from seagate web page and hgst whitepaper, and links to hitachi entries in nist aes validation list |
JeffreyATW (talk | contribs) m Reverted edits by 185.163.1.11 (talk) to last revision by Patrickod |
||
| (17 intermediate revisions by 9 users not shown) | |||
| Line 13: | Line 13: | ||
** [http://www.hitachigst.com/tech/techlib.nsf/techdocs/03E516A3C41738C78625743B005AD957/$file/TS7K320_DS.pdf Travelstar 7K320] | ** [http://www.hitachigst.com/tech/techlib.nsf/techdocs/03E516A3C41738C78625743B005AD957/$file/TS7K320_DS.pdf Travelstar 7K320] | ||
** [http://www.hitachigst.com/tech/techlib.nsf/techdocs/C51A283F52498251862573FA005A3C98/$file/Travelstar_5K320_DS.pdf Travelstar 5K320] | ** [http://www.hitachigst.com/tech/techlib.nsf/techdocs/C51A283F52498251862573FA005A3C98/$file/Travelstar_5K320_DS.pdf Travelstar 5K320] | ||
* IBM | |||
** [http://www-03.ibm.com/systems/storage/product/systemx/scsi_raid.html IBM RAID products for System x (including support for disk encryption)] | |||
* Lenovo | |||
** [http://www-307.ibm.com/pc/support/site.wss/MIGR-68776.html ThinkPad 160GB and 200GB FDE 7200rpm Serial ATA Hard drives] | |||
* Maxtor | |||
** [http://www.maxtor.com/en/hard-drive-backup/external-drives/maxtor-blackarmor.html BlackArmor] | |||
* Ironkey | |||
** [https://www.ironkey.com/basic Basic] | |||
** [https://www.ironkey.com/enterprise Enterprise] | |||
== Previously published research == | == Previously published research == | ||
| Line 19: | Line 28: | ||
== Standards and Whitepapers relating to FDE at the hardware level == | == Standards and Whitepapers relating to FDE at the hardware level == | ||
* Trusted Computing Group | |||
** [https://www.trustedcomputinggroup.org/specs/Storage/ Storage Specifications] | |||
** [https://www.trustedcomputinggroup.org/specs/Storage/TCG_Storage_Architecture_Core_Specification_v01.9.pdf Storage Architecture Core Specification v1.0 rev0.9] this is what the drives implement | |||
* IEEE | * IEEE | ||
** http://en.wikipedia.org/wiki/IEEE_P1619 | ** http://en.wikipedia.org/wiki/IEEE_P1619 | ||
** [http://grouper.ieee.org/groups/1619/email/msg01842.html Letter of Assurance from IBM re P1619.1/D17] | |||
* Seagate | * Seagate | ||
| Line 30: | Line 43: | ||
** http://www.seagate.com/docs/pdf/whitepaper/tp596_128-bit_versus_256_bit.pdf | ** http://www.seagate.com/docs/pdf/whitepaper/tp596_128-bit_versus_256_bit.pdf | ||
** http://www.seagate.com/docs/pdf/whitepaper/Server&Drive%20Security%20Threats%20rev%204%203.pdf | ** http://www.seagate.com/docs/pdf/whitepaper/Server&Drive%20Security%20Threats%20rev%204%203.pdf | ||
** http://www.seagate.com/docs/pdf/whitepaper/DataCtrSec_TP583-1-0711USr4.pdf | ** http://www.seagate.com/docs/pdf/whitepaper/DataCtrSec_TP583-1-0711USr4.pdf Also mentions participation in IEEE 1619 | ||
* Hitachi | * Hitachi | ||
| Line 37: | Line 50: | ||
== Other related documents == | == Other related documents == | ||
[http://www.full-disk-encryption.net/Full_Disc_Encryption.html List of FDE (SW & HW) providers] | *[http://www.full-disk-encryption.net/Full_Disc_Encryption.html List of FDE (SW & HW) providers] | ||
*[http://www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovo&lndocid=MIGR-69621 IBM FAQ on FDE] | |||
*[http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9126869&intsrc=hm_ts_head Computer World (heavy on the marketing)] | |||
== Terminology == | == Terminology == | ||
* FDE - Full Disk Encryption | * FDE - Full Disk Encryption | ||
* BDE - Bulk Data Encryption | * BDE - Bulk Data Encryption | ||
* OTFE - [http://en.wikipedia.org/wiki/OTFE On-the-fly encryption] | * OTFE - [http://en.wikipedia.org/wiki/OTFE On-the-fly encryption] | ||
Latest revision as of 13:21, 4 October 2017
Many companies tout hard drives with built in encryption as the solution to the Cold Boot Attack. Additionally, these drives are sold as a major step forward in overall data security. In theory, this sounds like a good idea; in practice this could go horribly wrong.
This project is currently in a research state to find different drives that claim to offer specific security properties. It is expected that many products will fail even the most cursory look.
Please add links to products, vendors, standards, prices and places to purchase hardware. At some point, we'll start acquiring hardware to do specific implementation analysis.
Drive manufacturers and specific drive models
[edit | edit source]- Seagate
- Cheetah® 15K.6 and Cheetah FDE Hard Drives
"The Cheetah 15K.6 FDE drive is available only to major OEM suppliers."
- Cheetah® 15K.6 and Cheetah FDE Hard Drives
- Hitachi
"Hitachi offers the BDE option on all new 2.5-inch SATA hard disk drive products beginning with those launched in 2007, including both the 7200 RPM and 5400 RPM product lines. Hitachi also offers the BDE option on Deskstar products introduced in 2008 and beyond." - IBM
- Lenovo
- Maxtor
- Ironkey
Previously published research
[edit | edit source]- Heise successfully attacked the Easy Nova Data Box PRO-25UE RFID
Standards and Whitepapers relating to FDE at the hardware level
[edit | edit source]- Trusted Computing Group
- Storage Specifications
- Storage Architecture Core Specification v1.0 rev0.9 this is what the drives implement
- IEEE
- Seagate
- http://www.seagate.com/staticfiles/SeagateCryptofaceoff.pdf
- http://www.seagate.com/staticfiles/docs/pdf/whitepaper/tp596_128-bit_versus_256_bit.pdf
- http://www.seagate.com/staticfiles/docs/pdf/security/Tech_Paper_Enables_Robust_Security.pdf
- http://www.seagate.com/docs/pdf/whitepaper/HDpasswrd_TP580-1-0710US.pdf
- http://www.seagate.com/docs/pdf/whitepaper/Seagate-crypto-bakeoff.pdf
- http://www.seagate.com/docs/pdf/whitepaper/tp596_128-bit_versus_256_bit.pdf
- http://www.seagate.com/docs/pdf/whitepaper/Server&Drive%20Security%20Threats%20rev%204%203.pdf
- http://www.seagate.com/docs/pdf/whitepaper/DataCtrSec_TP583-1-0711USr4.pdf Also mentions participation in IEEE 1619
- Hitachi
- http://www.hitachigst.com/tech/techlib.nsf/techdocs/74D8260832F2F75E862572D7004AE077/$file/bulk_encryption_white_paper.pdf
The above whitepaper refers to FIPS 197 certification and the NIST AES Validation List, which informs us that Hitachi uses AES 128 or 256 in ECB mode: Part # 1 entry, 128-bit Part # 4 entry, either 128-bit or 256-bit (NB: large slow HTML table) - Bulk Data Encryption FAQ
- http://www.hitachigst.com/tech/techlib.nsf/techdocs/74D8260832F2F75E862572D7004AE077/$file/bulk_encryption_white_paper.pdf
Other related documents
[edit | edit source]Terminology
[edit | edit source]- FDE - Full Disk Encryption
- BDE - Bulk Data Encryption
- OTFE - On-the-fly encryption