Are you an EPFL student looking for a semester project?
Work with us on data science and visualisation projects, and deploy your project as an app on top of Graph Search.
Concept
Hardware-based full disk encryption
Summary
Hardware-based full disk encryption (FDE) is available from many hard disk drive (HDD/SSD) vendors, including: ClevX, Hitachi, Integral Memory, iStorage Limited, Micron, Seagate Technology, Samsung, Toshiba, Viasat UK, Western Digital. The symmetric encryption key is maintained independently from the computer's CPU, thus allowing the complete data store to be encrypted and removing computer memory as a potential attack vector.
Hardware-FDE has two major components: the hardware encryptor and the data store.
There are currently four varieties of hardware-FDE in common use:
Hard disk drive (HDD) FDE (self-encrypting drive)
Enclosed hard disk drive FDE
Removable hard disk drive FDE
Bridge and Chipset (BC) FDE
Hardware designed for a particular purpose can often achieve better performance than disk encryption software, and disk encryption hardware can be made more transparent to software than encryption done in software. As soon as the key has been initialised, the hardware should in principle be completely transparent to the OS and thus work with any OS. If the disk encryption hardware is integrated with the media itself the media may be designed for better integration. One example of such design would be through the use of physical sectors slightly larger than the logical sectors.
Usually referred to as self-encrypting drive (SED).
HDD FDE is made by HDD vendors using the OPAL and Enterprise standards developed by the Trusted Computing Group. Key management takes place within the hard disk controller and encryption keys are 128 or 256 bit Advanced Encryption Standard (AES) keys. Authentication on power up of the drive must still take place within the CPU via either a software pre-boot authentication environment (i.e., with a software-based full disk encryption component - hybrid full disk encryption) or with a BIOS password.
Hitachi, Micron, Seagate, Samsung, and Toshiba are the disk drive manufacturers offering Trusted Computing Group Opal Storage Specification Serial ATA drives.
About this result
This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.