Universal Disk Encryption Spec Finalized

Lucas123 writes "Six of the largest disk manufacturers, along with encryption management software vendors, are backing three specifications finalized [Tuesday] that will eventually standardize the way encryption is used in firmware within hard disk drives and solid state disk drive controllers ensuring interoperability. Disk vendors are free to choose to use AES 128-bit or AES 256-bit keys depending on the level of security they want. 'This represents interoperability commitments from every disk drive maker on the planet,' said Robert Thibadeau, chief technologist at Seagate Technology."

It's not an encryption spec...

[(Score.5,+Interestin]

... it's TPM glue for hard drives. The spec says almost nothing about encryption and authentication, it's just a bunch of TPM command and control mechanisms for hard drives. The IEEE P1696 working group is the one working on secure hard-drive encryption. Unfortunately the TPM people have better PR people than the CS and EE types doing the IEEE work do.

Re:It's not an encryption spec...

That should be P1619, not P1696.

Re:It's not an encryption spec...

[this+great+guy]

The parent poster made a typo in the IEEE project name. It's P1619. Their main full disk encryption spec is XTS-AES, and is currently implemented by the Linux dm-crypt layer (cipher name aes-xts-plain), and by OpenBSD. I have been using it for almost a year on my laptop.

Why not just use TrueCrypt?

[Futurepower(R)]

Why not just use TrueCrypt pre-boot system partition encryption? The benefit of a hardware standard is not immediately clear to me.

Re:Why not just use TrueCrypt?

It's not that hardware raid is faster on $$ controllers, it's that its battery backed and makes it possible for the storage system to commit the transactions they have in the caches.

Furthur "Edition" Separation

[iSzabo]

It looks like they're using the "Opal" standard as a way of selling essentially the same hard drive slightly crippled since if you don't have the key for the thing you "can't even sell it on eBay", whereas admins can "cryptographically erase" their data with ease. Does this mean that the well priced one has a one-key no-reselling system, and the artificially inflated "server" class one can be rotated? I'm going to ere on the side of "companies get together in order to hurt us all" and fear the worst.

True Crypt Source

[RationalRoot]

What' is this then ?

http://www.truecrypt.org/downloads2.php

Source Code ?

I have not compiled it, nor gone through it in detail, but it looks like source code to me.

D

Re:True Crypt Source

[AusIV]

When TrueCrypt released version 5.0, they lacked a 64 bit version. Myself and a couple of others on the Ubuntu forums hacked at the source until we got a 64 bit version to compile and run smoothly. It may not be an OSI approved license, but the source is definitely there for those who want to pick at it.

Re:True Crypt Source

[the_other_chewey]

What' is this then ?

http://www.truecrypt.org/downloads2.php

Source Code ?

I have not compiled it [...]

I have. It works.

Re:Problems abound...

[Antique+Geekmeister]

That was called 'Trusted Computing', and formerly it was called 'Palladium'. It's a toolkit built into some modern motherboards to do robust encryption, and authentication, and most especially DRM. And Microsoft planned to be the root authority for signing and issuing keys, and storing the private keys "for recovery and law enforcement purposes".

Be very, very frightened of any such approach of storing centralized keys.

Re:that is true, Defective by Design.

[AlecC]

If you read further down, it says you can do a global reset, which loses the key and unlocks the disk as full of encrypted garbage, "with a few keystrokes".

Re:Yes this is all true

[hairyfeet]

Uuuhhh.....Maybe I missed something here, but how exactly is TrueCrypt Not "open source"? When I pick downloads at the bottom of the page it has a nice link that says source code, which you click and it take you to this page which says, and I quote "The complete source code (in C, C++ and assembly) of the latest stable version of TrueCrypt.". So how exactly are they NOT open source? And as many folks out there that use TrueCrypt and as many security experts that recommend it I am sure that the source code has been looked over with a fine tooth comb, if for no other reason than those that would like to brag "I found a hole!". So maybe I am missing something here, but I always thought Open Source meant anyone could download the source files and check the code. Is it fake code or something?

Re:that is true, Defective by Design.

[adolf]

It is my understanding that modern OSes which are follow the ATA standards will issue the security freeze during hardware probe. At least, my *BSD systems do, and I've seen indications that even Windows does.

This doesn't matter. I've seen my share of odd virii living inside of the boot sector.

A particularly clever virus or trojan could even go forth and re-write the BIOS to disable the "security freeze" function you speak of. It sounds far-fetched, until you realize that BIOS code is generally written in assembly, is generally unprotected, generally doesn't change much over time as systems evolve, and generally has some free space available for extra code. Such a hack would be easy for a weekend video game cracker to create.

I, for one, don't like this spec one bit.

Re:OTOH, a reason to trust

> The secret would eventually leak and my company would be toast, overnight.

Even if the government grants them immunity to lawsuits over this?