Hard drive manufacturers back new disk encryption standard

Six hard drive manufacturers have joined forces behind a standard for firmware-level hard drive encryption, an important step for security interoperability.

The Trusted Computing Group (TCG) has released three final specifications for hardware-level data encryption, and virtually all the major storage manufacturers have declared that they intend to adopt the new standards in the near future. Self-encrypted disks are already available on the market— Seagate has been actively pushing its DriveTrust technology for several years—but there was no central standard for drive encryption developers to refer to. The two new encryption standards provide a blueprint for desktop, laptops, and enterprise-level protection, while the third (dubbed the Storage Interface Interactions Specification) details how self-encrypted drives should interact with various communication protocols.

These new encryption methods do not require the presence of a Trusted Platform Module (TPM), but it's hard to imagine why an OEM would bother to build a system using self-encrypting hard drives and not include one. The TCG expects self-encrypting drives (and presumably TPM modules) to become ubiquitous across the enterprise/business market over the next few years. "With 48 states and many countries enforcing data protection laws, it has become crucial for enterprises to protect all data to avoid fines, lawsuits or even being put out of business. Encryption with authentication directly in the drive or enterprise storage devices as outlined in the Trusted Computing Group specifications is one of the most effective ways to ensure data is secure against virtual and physical attacks,” noted Jon Oltsik, senior analyst, Enterprise Strategy Group.

Expect future versions of consumer hardware to eventually adopt Opal (TCG's moniker for the desktop/laptop version of the standard) as well. ""This represents interoperability commitments from every disk drive maker on the planet," Robert Thibadeau, chief technologist at Seagate Technology and chairman of the TCG, told Computer World. "We're protecting data at rest. When a USB drive is unplugged, or when a laptop is powered down, or when an administrator pulls a drive from a server, it can't be brought back up and read without first giving a cryptographically-strong password. If you don't have that, it's a brick. You can't even sell it on eBay."

Thibadeau's last comment would seem to imply that the drive can't even be formatted or otherwise wiped without the requisite password. If that's actually true, it substantially diminishes the value of a stolen laptop, provided said machine is stolen for personal use rather than data theft. Enterprise users and anyone with access to sensitive data obviously can't afford to ignore the possibility that someone might steal their system for the purposes of accessing the information it contains, but I rather think this is not the case. The TPC reports that some 12,000 notebooks are lost/stolen in US airports, and only one-third are ever recovered by the rightful owner. Unless you carry a laptop case with "BIG IMPORTANT SECRETS" embroidered on the side, the thefts are most likely aimed at the hardware, not the data on the hardware. If the would-be thief knows in advance that he won't be able to use the system, the value of the laptop drops.

Manufacturers that have announced support for the new encryption standard include Fujitsu, Hitachi, Toshiba, Samsung, Seagate, and Western Digital. Drive manufacturers will be able to choose between 128-bit and 256-bit AES encryption, which should prove adequate to protect the drive's data even in situations where a TPM module is unavailable. Combined with TPM, any data stored on the encrypted drive would be as secure as modern technology can make it.

Source: ars technica

Tags: HDDs

Comments
Add comment

Your name:
Sign in with:
or
Your comment:


Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party


Last news

 
Google’s voice assistant platform has been known as Google Now
 
The SanDisk 1TB SD card prototype represents another significant achievement as growth of high-resolution content
 
Microsoft is developing a new “Skype for Life” client
 
Siri on the Mac is new, and is similar to that on the iOS
 
The latency in this test was supposedly no more than 2 milliseconds
 
Apple has made to the iPhone 7/7 Plus is by making the home button a solid state button
 
Android Nougat should eventually extend back to the Galaxy S6 generation
 
You’re not supposed to expose the iPhone to water anyway
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /
HP Slate 7 is a 7-inch Android 4 Tablet PC with good sound
A cost-effective, 7-inch tablet PC from a renowned manufacturer
October 25, 2013 / 4
 
 

News Archive

 
 
SuMoTuWeThFrSa
    123
45678910
11121314151617
18192021222324
252627282930 




Poll

Do you like Windows 10?
or leave your own version in comments (32)