Slashdot Mirror
ABIT's Secure IDE Motherboard
Frank Caviggia writes "The Inquirer has a story about ABIT's spiffy new IC7-MAX3 motherboard. Apparently, this motherboard has a feature called 'Secure IDE,' which is marketing-speak for hardware-based encryption ... ABIT goes on to claim that 'Secure IDE' 'will keep government supercomputers busy for weeks and will keep the RIAA away from your Kazaa files.' Pretty bold claims for a motherboard maker ..."
Nothing is ever completely secure, but I could see where this would help some. Genuinely a cool idea, but I'll wait a couple of years to see if it matures some first.
US Democracy:The best person for the job (among These pre-selected choices...)
Here's the bit on secure IDE:
For MAX3, the ABIT Engineers listened to users who were asking for information security. SecureIDE connects to your IDE hard disk and has a special decoder; without a special key, your hard disk cannot be opened by anyone. Thus hackers and would be information thieves cannot access your hard disk, even if they remove it from your PC. Protect your privacy and keep anyone from snooping into your information. Lock down your hard disk, not with a password, but with encryption. A password can be cracked by software in a few hours. ABIT's SecureIDE will keep government supercomputers busy for weeks and will keep the RIAA away from your Kazaa files.
Now, when it says Lock down your hard disk, not with a password, but with encryption... that seems to me that there's a hardware key on the motherboard that prevents the HDD from being read in other machines.
Meaning... that instead of stealing just your hard drive, they have to steal the whole computer? =p
Either that, or there is a password in addition to that. It could probably be gotten around by flashing the BIOS, or just taking the CMOS battery out for a brief stint. Either way, no, I don't imagine the NSA is shaking in fear just now.
How many more comments like this will there be? If you click the stupid link, you see that you need a USB key each time you boot if you want to be able to decrypt the hard drive. They need the MB, the HD, and your key.
ABIT's site shows a little key that contains the decoder.
There is a key. If you did quotation properly: "without a special key, your hard disk cannot be opened by anyone."
Given ABIT's tendancies to add quite a bit to their BIOSes, I'd wager that's where the key is kept.
I certainly doubt the NSA it too worried, and I doubt that the majority of people will generate good passwords/keys, but it's a step in the right direction.
By following these easy instructions, you too can encrypt your data and swap partitions with Loop-AES. (The instructions are for Linux From Scratch, but they worked fine on my Debian box.) This way, no unencrypted data ever touches the disk; even if your computer is stolen, the thief can't read your data.
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
As I mentioned here, the key appears to be a USB memory stick put into a proprietary SUB port on some kind of daughter card. There's a diagram here.
US Democracy:The best person for the job (among These pre-selected choices...)
Actually, it seems to do 64bit DES and 128/192 bit Triple DES according to the chipset's manfucaturer Enova Technologies.
Here's a drive bay adapter by same, which uses an external key, I can't tell about the motherboard, though.
I've seen some high-security encryption keys that you basically keep on a keychain with you all the time. They have a "panic button" on them that destroys (either electronically, or physically) the internal memory, making recovery of the encryption key impossible.
Although I havn't seen them, I'd imagine it would be easy to make one with a built-in clock of some sort, so if you didn't correctly utilize the key every so-often, it would automatically self-destruct.
Of course, they're probably rather more expensive than what ABIT is proposing.
"Nothing strengthens authority so much as silence." - Charles de Gaulle
I don't believe the gov can take your whole computer. They can only copy files from the hard drive to another. They aren't *supposed* to turn the machine on or anything like that. Its tampering with evidence. Theres a reason they have those big black vans, they gotta have plenty of room for that big machine that copies the data from the hard drive they got to the one they have extra. Oh well, who knows? Its something I learned on TLC.
Also, here's the key.
Not going to stop the RIAA from catching you (although they'd have difficulty decrypted the drive once they did I guess), but looks moderately useful for protecting a harddrive from theft. I'd love one on a laptop. If someone stole it in an airport or somesuch - at least they couldn't get my data without some effort.
I write code.
Hmm, don't mind me while I keep using a software solution...
/home on my laptop. Otherwise you're SOL...
: //loop-aes.sourceforge.net/loop-AES.README - see example 4
Loop-AES is trivially ease to set up under linux,
and you can have it require a GPG key etc that live on a USB keychain.
If you have my keychain, and you know the password, you can mount
http://sourceforge.net/projects/loop-aes/
http
Something you have and something you know...
Nope. You have to click on the article, and click on the "Secur" picture. THere you will see that the drive connects to a daughter-card thingy, that also has a USB connection, and at the end is a USB keychain--which has your special key.
Why are there only 19 people folding@home for slashdot?
You are such an idiot. Learn to read past what you want to read.
You are incorrect. If it cannot be shown that the contents of the files on your computer are in fact in violation of copyright, then they cannot (or should not) bring suit against you.
Even if you have a file on your computer named "Nirvana - Lithium - 192kbps.mp3", you cannot sued for copyright infringement unless it is proven that the file in question is actually as named, and thus is actually violating copyright. (Conversely, you cannot just name "Nirvana - Lithium - 192kbps.mp3" as "Happy Birthday.mp3" and expect protection.)
the blood has stopped pumping, and he's left to decay
the me that you know is now made up of wires
All the RIAA has to do is see your username on a P2P network and trace the IP address behind it. They don't need to search your hard disk drive - all they need is evidence of a particular kind of modem activity and they can bust you anyway, hard disk or no!
How about that little thing called "the burden of proof"?
Just having your IP address and username means squat - those files named "Usher-1.mp3" might be (oh, I don't know) legitimate transcripts from a unversity professor?
If they take you to court, they have to prove that the files which they saw on your computer were, in fact copyrighted by someone who had not given you permission to distribute them, instead of files you legitimately have the rights to distribute, that may have a co-incidental name to something they are authorized to prosecute.
There's another nice product there as well:
http://www.enovatech.net/html/ps_mobile.htm
It's a mobile HD rack with the key/encryption hardware built-into it. Sounds reasonably secure too. From the site:
- Real-time hardware based encryption with 1-1Gigabit per second throughput and zero performance degradation
- NIST Certified DES 64-bit and TDES 128/192-bit encryption engine
- Automatic transparent operation encrypts entire hard drive bit-by-bit, including Boot Sector and OS
- Portable X-Wall Secure Key for BIOS level user authentication and access control
- Operating System and software independent ; does not require device drivers
Sounds like a nice product. With bandwidth in the gigabit range, it isn't going to be a problem on any mechanical storage device.
Regular DES is pretty weak though... Triple DES is reasonably secure though, assuming those are actually the key-lengths shown, and not just marketingspeak. If the price is right, I could see this type of gear becoming quite popular.
Law enforcement would hate it though. Assuming they couldn't get ahold of the key before it was destroyed, they'd be TSOL as far as getting anything out of the drive.
N.
"Nothing strengthens authority so much as silence." - Charles de Gaulle
Actually, this page shows the key plugging into a cable outside the box. The encryption device itself is a card that connects between the hdd and motherboard.
No trees were harmed in posting this message. However, a large number of electrons were terribly inconvenienced
A USB storage keychain holds 128MB, which we can assume is XOR'd against each 128MB block on the hard drive.
Forget this fast. If there is human readable text on the disk, two blocks "encrypted" in this way already give you a significant part of the key. With some more blocks of text a complete key compromise is easy to do and can be automatized.
Note to all the non-experts: A One-Time Pad is secure exactly if it is used for one encryption. Why so many people do not get this, even with the "one-time" in the name is beyond me.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Copyright violation is also a federal crime, hence the FBI warnings on videos. They may not be able to send you to jail, but they can still suck you dry in civil court. It may be harder for them to get the maximum dollar penalty though.
Still, I agree though. If you have used your key to open and run your system, any data transferred over the internet has your encryption removed. Another example of BS marketing at it's best. It's a good thing that any individual who is in the target market would probably know better. It could be a good selling point to orginizations in need of tighter security though. Would you feel a bit better if your accountant used this on his system?
Looking at their user manual, and specs, here are some corrections to your post:
- No special motherboard needed. This thing plugs in between the ide cable and the driver.
- As with all encryption. Lose the key and you're the proud owner of a high tech paperweight. Not unique to this connector.
- I suspect they mention fdisk because it's commonly used. It's a transparent encryption system, so
card + drive = normal drive
They're just saying to reformat the drive after putting the adapter on.
- Any file system/operating system will do. "Device driver free" too. Again, they're just saying you have to start over.
Also worth noting:
- The encryption card can use an extension cable get the dongle to the outside of the case. So no, you don't have to pop the cover each time you walk away.
- Once you boot up, the key doesn't need to be in any more.
- They give you a backup key too.
You are checking your backups, aren't you?
Yes, once they have possession they are going to tread lightly and copy because the kiddie pr0nster's tricks are to wipe the HDD if a security precaution isn't followed during boot/login. But hell yes, they can take anything (including you) with the correct paperwork (warrants and whatnot).
That's clearly incorrect, the gov't can take your pc and do whatever they want with it, read about how Steve Jackson Games was raided by the Secret Service and had their equipment taken and many files compromised. Sure the SS lost that case, but do you think that ws an isolated incident? I don't.
Strange claims, but this technology could be useful for other purposes. Encrypted CD-R's which can only be read on a specific computer, for example.
You can alreay do this specific task with Linux via Loop-AES and GPG keys. You can store the GPG key on a dongle and encrypt ISO images with it. Then, copy to CD. You can mount the CD just like any other encrypted loopback device on Linux. In fact, I believe people have been doing this sort of thing for a while now with Loop-AES and CryptoAPI/Loop.
Loop-AES README.
The difference between the motherboard implementation and what has been in use for a while is lack of flexibility with greater ease of use.
That's the speed they quote in the pdf on abit's site. Now, assuming they really mean 1.6 gb/s and not GB/s that's still faster than serial ata, and these are ata133 connectors, and you use one per drive, so it's supposed to be transparent both to software and performance-wise.
Not exactly, but it does allow sneak and peek warrants for secret searches where they try to break in undetected and never notify the suspect. In that scenario, you could imagine the Feds opening the computer to clone the hard drive and putting things back the way they found them. This would slow them down if the person took the dongle with them when he left the house.
That is what is used:
from enova's web site:
Q: What is "X-Wall SE"?
A: The X-Wall SE is an ASIC (Application Specific Integrated Circuit) that encrypts and decrypts the entire hard disk bit by bit (including boot sector, temp files, swap files and the operating system) with real-time performance using the NIST (National Institute of Standards and Technology) certified DES (Data Encryption Standard) and TDES (Triple DES) algorithms.
Q: How can X-Wall SE encrypt the entire disk in "real-time"?
A: X-Wall SE is specifically engineered for high speed communications with the disk. X-Wall SE offers 1.1 Giga bit per second or higher real-time performance to all IDE compatible hard drives. Since X-Wall SE hardware performs all encryption and decryption tasks, there is no software to cause memory and interrupt overhead.
Q: Can X-Wall SE work with all types of operating systems?
A: The X-Wall SE requires no device drivers and is independent from all operating systems. The only requirement is an Ultra ATA (Ultra DMA) compliant disk drive.
Q: What is "DES/TDES"?
A: DES (Data Encryption Standard) was originally introduced by NSA (National Security Agency) and IBM and has since become a Federal data encryption standard as defined in FIPS 46-3 (Federal Information Processing Standard). DES works on 64-bit data segments with a 64-bit key of which 8 bits provide parity, resulting in a 56-bit effective length. A variant on DES is TDES, in which the plain text is processed three times with two or three different DES secret keys. With two encryption keys used, the result is an encryption equivalent to using a 112-bit key. With three keys, the result is an encryption equivalent to using a 168-bit key. In practice with a 128-bit TDES, the plain text is encrypted with the first key, decrypted with the second key, and then encrypted again with the first key.
Q: How is key length related to security?
A: In general, a larger key length creates a stronger cipher, which means an eavesdropper must spend more time and resources to find the decryption key. For instance, 240 (a DES 40-bit strength) represents a key space of 1,099,511,627,776 possible combinations. While this number seems impressive, it is definitely feasible for a microprocessor or a specially designed ASIC to perform the huge number of calculations necessary to derive the key. Surprisingly an investment of only about US$10,000 investment in FPGA (Field Programmable Gate Arrays) will be able to recover a 40-bit key in 12 minutes. Further, a US$10,000,000 investment in ASIC will be able to recover a 40-bit key in 0.05 second. A government agency that can afford investing US$100,000,000 or more will be able to recover a 40-bit key in a whopping 0.002 second! Thus a 40-bit length cipher offers a bare minimum protection for your confidentiality and privacy. Fortunately the "work factor" increases exponentially as we increase the key length. For example, an increase of one bit in length doubles the key space, so 241 represents key space of 2,199,023,255,552 possible combinations. A 2112 bit TDES cipher offers extremely strong security (5,192,296,858,534,827,628,530,496,329,220,096 possible combinations) that should resist known attacks for the next 15 to 20 years, considering the advance of semiconductor design and manufacturing.
oh and here's the link: http://www.enovatech.net/html/ps_se_qa.htm
No! Bad!
> However it's be no means easily crackable
It is *trivially* crackable, by which I mean Joe College Student could break it in an afternoon with an old 486. Observe:
I'm going to take two chunks from your hard drive, say the first two. I'll call them A and B. They're actually encrypted, though, with your 128MB random key, which makes them (A xor K) and (B xor K).
That doesn't faze me, though. I'm going to take my chunks and XOR them together on you. As you, my learned colleague, know, n xor n is 0, so watch the carnage:
(A xor K) xor (B xor K) = A xor B
Voila! In a puff of logic, your 128MB key has been cast aside, and I now have the contents of the two chunks, XORed with each other. Now, they're still gibberish, but I have some more tricks up my sleeve. I'll start by guessing what your hard drive starts with - probably an MBR, right? And chances are it's a WinXP MBR, so let's go with that.
ababababababababab (my A xor B), xorred with
mbrmbrmbrmbrmbrmbr (a standard WinXP MBR) =
icrosoft Windows X
A-ha! So I was right about the MBR - I can tell because the contents of the second chunk are exposed in the result. Now, for my next trick, I'll go back to the first chunk I got from you, AK:
akakakakakakakakak (A xor K) xorred with
mbrmbrmbrmbrmbrmbr (the confirmed beginning of A) =
kkkkkkkkkkkkkkkkkk
Now I have a tasty piece of your key - and I can go and decrypt the beginning of every chunk on your drive. Now I'll just take a cursory glance through the plaintext, looking for known data. Hello, here's a piece of MSHTML.DLL. I can predict what's around it for a couple of megs - and recover that piece of your key. And over here is a little bit from your web cache. I'll just google it up and find out what surrounds that, recover more of your key, and carry on, cackling evilly.
Of course, all this complication is rarely necessary; the first 128 megs of your disk are probably the same as the first 128 megs of every other XP user's, which I can check with a simple XOR - and have your key instantly.
One-time pads used more than once are permanently, tragically, irrevocably insecure, and trivially breakable. Don't let this happen to you.
"and will keep the RIAA away from your Kazaa files."
I'm not understanding this statement. If you are running a program that shares files then the RIAA will not magically be locked out. If they're talking about someone hacking your computer then I guess it depends on how they do it.
Once you boot using the key your computer is going to have to store and use that key in order to decrypt data on your drive. This has got to be done in the background by the MOBO. What a pain in the ass it would be to have to explicitly and in person tell the computer to decrypt every file you access!
That being the case, if someone forces one of your programs to crash but leave open a shell wouldn't the MOBO go on happily decrypting data for any process running in that shell?
If encryption/decryption is happening at the hardware level it would seem to me that the only real protection you would be getting is if someone steals your computer but doesn't take the device that you use to feed the MOBO the key. How many of us would just leave that device plugged in to the computer anyway?
The race isn't always to the swift... but that's the way to bet!
I tried this and need a more reliable USB key. Mine kept falling apart spewing the guts out. Looked strikingly similar to a CueCat. Anyone have better luck with theirs?
Intelligent Life on Earth
When the police sieze your computer and discover the lock, they can have a judge demand you turn over the key. When you don't, your in contempt of court... And they can then hold you, in jail, until you agree to comply. You could fight it if you want to; although, I wouldn't recommend it.
This is a bit offtopic, but I think it's valuable for anyone wanting to know about encryption - really GOOD encryption when someone's life/freedom may be on the line.
One of the biggest problems with regards to encryption (aside from snakeoil salesmen) is that if someone suspects/knows you're using encryption, they're going to try and get the key out of you. Either by legal means like locking you away in a hole for years until you make with the key, or just resorting to good old fashioned torture to make you cough up the info. Neither option is particularly appealing, so a rather smart solution to the problem was devloped.
Naturally, it's called "Rubberhose" (The website)
The gist of it is that you make a large container file (say, 1gb for example). Inside that container file, are many smaller container files, each one having their own encryption key. You'd have one container with moderate-level stuff that you could "give up" if forced, and another container with the "real good stuff" that you'd get imprisoned/killed if the badguys discovered it.
The interesting way that it works is that in order to get access to the "real good stuff", you need to input the keys to all of the other containers to both decrypt the containers in question, and to fully map the filesystem. No container knows about any other container, nor where it's data is stored inside the 1gb file. Of course the data isn't stored in contigious blocks, and the containers could be fragmented into millions of pieces interwoven with eachother. It's also impossible to "prove" by any means that another container even exists.
So you can open any container and see the info inside it, but all of the containers appear to utilize the entire 1gb of storage space. You never know that anything other than empty space exists in the drive.
It's kind of complex, and I may not have explained it all that well, so before jumping on me, please read up at the website.
It's absolutely elegant, although perhaps not currently easy enough to be utilized by the masses. Still, if I was going into hostile territory, this would be the first thing I got operational on my portable equipment.
N.
"Nothing strengthens authority so much as silence." - Charles de Gaulle
Possibly because software encryption kills performance?
AES ceratinly was designed with performance in mind. And it can be implemented efficiently on 8-bit and 32-bit general purpose architectures as well as dedicated hardware. What interests me even more is what mode of operation they are using. I'm researching in modes aimed at disk encryption. It certainly is more complicated than just using CBC and be done with that.
Now if all you wanted to do was ECB mode encryption of the disk, that could be done very efficient in hardware. With 512 byte sectors and 256 bit blocks, you would have 16 blocks per sector, which could be encrypted and decrypted in parallel by 16 independend AES circuits. But of course that is not particular secure.
I have designed a more secure encryption that uses a tree structure on the disk. And involves both hashing and symmetric and assymetric encryption. Obviously it does have a price in terms of disk space, memory requirements, and I/O efficiency. But you get impressive security properties.
I doubt ABIT have done any of that, because the customers probably only want encryption if they can get it for free. Besides it would be stupid anyway considering the ridiculously small key of just 40 bits as mentioned in the specification. They claim it is adequate for general users. I say it is adequate for anybody who doesn't need encryption.
Do you care about the security of your wireless mouse?
And of course, this this classic case from 1995.
There was an article called "alt.war.scientology" in a 1995 Wired feature article which went into much greater detail, but it's not on the Wired website, apparently.
That 1995 article set off alarms that are still clanging today.
Yes, indeed, they can do anything they like to you, and you can't do squat to stop them.
you would need a key of a size equal to the total storage of the hard drive itself for a true "one time pad" encryption of the HD.
:-)
You are wrong. That is simply not enough. It would be enough if you never changed any contents on the HD. But as soon as you change something, you would need more key bits.
I have seen a research document suggesting an algorithm to produce a pseudo one time pad from a key, and use that for encrypting the disk. For practical purposes it might be as secure as a one time pad. But since the one time pad is only secure as long as you never change anything on the disk, I don't consider that a good solution.
When I realized that might be state of the art in disk encryption, I decided to start researching it myself. Perhaps I should submit an article for slashdot when I have something interesting and new to tell the world about.
Do you care about the security of your wireless mouse?
NerveGas is right, it's not particularly strong encryption. It's single DES, with a shortened 40-bit key, and the key itself is stored on an external USB dongle.
m .htm
7 25 #93796
For those wondering about the details what exact encryption is used, it's using one of enova's x-wall chips. The device family (depending on version) can do single or triple DES in hardware and has been used in enova's own NIST certified 3des device.
http://www.enovatech.net/html/ps_usb_ide.htm
The SE family of these chips is summarized here (abit uses an LX device, but I'd assume at least a vague relation between them):
http://www.enovatech.net/html/ps_se_syste
The exact part used on ABITs board appears to be a enova x-wall LX40 model. Enova's website doesn't list the device, but based on other part numbers, it's a single DES encryption with a shortened 40-bit key as input.. 40-bit keys are as we all know very weak and can be brute forced in a reasonable timeframe even on a desktop PC.
http://www.digit-life.com/archive.shtml?dl20030
So it is fairly weak, but not entirely useless, I'd not trust company financial data to this kind of security mechanism. It is however a significant step up from the "bios password" feature.. I'd think this kind of thing would be a lot better on say a laptop. You could keep the dongle on your keychain and at least know that if someone steals your laptop they'll have to spend some time cracking the key to get any data off. If it's a casual thief not a corporate spy, they'll likely just reformat it and sell it. Little security is gained against pros and high school students that know about keycracking, but at least some of the less educated thieves aren't a problem.
It's also done in a way that's OS independent, and has little or no performance impact..
Of course, a loopack encrypted filesystem with decent keysize would be substantially more secure.
-Matt
I'd say they would be equally concerned with both sets of spooks. Actually, they would be more concerned about the under-the-table trouble the U.S. would inflict if they didn't do as they were asked. Maybe a Mad Cow Disease or SARS infected microchips? (Canadians are convinced that the U.S. administration boosted the Toronto SARS threat, and went ape over one cow, to punish the nation for not supporting the Iraq invasion. It cost Canada millions.) Or seriously, sub rosa trade interference, which could be quietly mentioned by U.S. agents to Abit executives. Or much more simply, federal lawsuits up the wazoo could be mentioned.
And the poster said "Patriot Act stuff", which indicates both the Act itself, and the atmosphere which surrounds it. Tho I think I'll leave the rest of the defense to the original poster.
This reminds me of my old old old PC from 1990 (An old Apricot Qi) which came with what was quaintly termed 'Apricot LOC Technology'.
The hard disks were encrypted in hardware even back then. Also, there was no reliance on any USB dongle to just get the disk unencrypted.
LOC tech worked by the user having an IR transmitting card which authenticated you to the machine. If it was in secure mode, you had to transmit from your card (encrypted transmission.. No copying the transmission and replaying), which then gave you the login screen for your user (this is the first point the keyboard unlocked).
You enter the password and it lets you use the system.
The encryption was independant of OS. This was damn cool 'paranoid' gear. It won me a few contract jobs on the basis that nobody else could get into the machine apart from me, and a couple of my clients at the time were pretty much requiring security and confidentiality.
Nice for the single user PC where you really don't want someone else turning it on and reading your email.
Still, I'd much prefer to use something that can be used to hold differently available data depending on the user.. The day they put rubberhose in hardware, I think they'll really have a winner...
Still, it seems odd they they are trying to hype tech that's a cutdown version of 13 year old tech as something new and revolutionary..
Malk