[unisog] OT: Putting Encyption Functions in the HDDs
Saqib Ali
docbook.xml at gmail.com
Mon May 1 14:16:16 GMT 2006
On 28 Apr 2006 18:23:22 -0000, securityfocus at slickwillies.net
<securityfocus at slickwillies.net> wrote:
> I have used similar type drives. Mainly those equipped with an e-nova encryption chip. These drives run flawlessly for me. They encrypt all incoming data and decrypt outgoing data on the fly. Unlike the drive mentioned here, e-nova equipped drives only use a token key
One of the problems with the e-Nova solutions is that the e-Nova
controller MUST be present on each computer from which the hard drive
needs to be accessed. Plus if you lose the key you lose the data.
There is no concept of key escrow or master keys.
Full Disc Encryption drives by Seagate, on the other hand, have the
TPM (Trusted Platform Module) built-into drive, which is used for
storing the keys. Software like Wave System's Embassy Trust Suite can
be used to manage the TPM, password, 2-fact authentication, master
key, key escrow etc.
--
Saqib Ali, CISSP, ISSAP
Support http://www.capital-punishment.net
-----------
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15
-----------
More information about the unisog
mailing list