The Always-Encrypted Firewire Hard Drive

ducman points to the announcement of an encrypted hard drive running on the MacNN website. The drive features a DES 64-bit/ 40bit key strength and "is intended for use by banks, insurance providers, government agencies, and those individuals with sensitive digital intellectual property. It supports the IEEE 1394a connectivity standard, in addition to USB 1.1 and 2.0. It offers data transfer rates over FireWire 400 of 100, 200, or 400 Mbps. The SuperGuard is expected to be available February 7." Sounds great -- but the USB key stuck in the back looks like a likely point of failure.

worthless

the key length is too short.

3rd post!

Encrypted loopback devices on linux and bsd (and MacOS) are easier and cheaper.

And more secure IMHO.

Wow super secure

And it only took 6.4 seconds to crack into once the harddrive was hooked up to a standard PC.

Anyone in here actually read Applied Cryptography? This was 1995 when it was published, and especially for bank use, you'd NEVER use anything less than a 128 bit key.

Also, did they say DES or 3DES? Hasn't DES been cracked?

Drive Failure

[po8]

...the USB key stuck in the back looks like a likely point of failure.

Conceivably. Anyone who is running one of these drives without backups somewhere is even more insane than the folks running un-encrypted drives without backups. The backups themselves can easily be encrypted, so there's no need for major security risk. If your key dongles stop working or your drive fries, you'd better have some way of getting the bits back from outside, 'cause they're not coming from the platter.

OTOH, what is "64-bit/ 40-bit DES" supposed to be? Presumably this means the drive supports "40-bit watered-down DES keys" and "64-bit normal DES blocks". So I guess I'm wrong: this drive is designed to be break-inable in an emergency. Great. I'll wait until they offer 3DES or AES-128 options, thanks.

In the meantime, check out the BSD Cryptographic disk driver cgd: SW on-disk encryption at the block level.