[unisog] OT: Putting Encyption Functions in the HDDs

Logan Browne logan.browne at gmail.com
Fri Apr 28 17:59:48 GMT 2006

Valdis.Kletnieks at vt.edu wrote:
> I do believe this is implemented totally in the BIOS, the same way the
> BIOS password itself is implemented.  You don't enter the right password,
> the BIOS routes the disk's IRQ to Zimbabwe. ;)

There are a few different ways to implement this, but it's very likely
done following the AT Attachment standards [1], and implemented
separately from any BIOS password on the motherboard. It is part of the
IDE controller initialization.

The feature of prompting for a password appeared as part of the Security
Mode Feature Set in the ATA-3 standard [2]. It requires certain protocol
from the IDE controller to the AT Attached device during the initial

Just don't trust it with really sensitive data unless they are willing
to release details. What the disk does with the supplied password and
keys is all up to the manufacturer, and this is where I'd be a little
suspicious about the implementation.

Many vendors will put this kind of data into the Host Protected Area [3]
or use a Device Configuration Overlay [4] to hide it from the system. It
is possible to retrieve this kind of data, and there's some interesting
technical work being done to this end by computer forensic specialists.
Look for some products on the market in a few months that will let one
very easily retrieve passwords or keys from such a protected area.

[1] INCITS T13 Published standards website

[2] Last T13 Committee Draft of the expired ATA-3 standard

[3] 1153 AT Attachment - 4 with Packet Interface (ATA/ATAPI - 4)

[4] 1410 AT Attachment - 6 with Packet Interface (ATA/ATAPI - 6)

Logan Browne, CISSP, CISM
Network Security Manager
University of California, San Diego
<lcb at ucsd.edu>

More information about the unisog mailing list