Universal Disk Encryption Spec Finalized

Lucas123 writes "Six of the largest disk manufacturers, along with encryption management software vendors, are backing three specifications finalized [Tuesday] that will eventually standardize the way encryption is used in firmware within hard disk drives and solid state disk drive controllers ensuring interoperability. Disk vendors are free to choose to use AES 128-bit or AES 256-bit keys depending on the level of security they want. 'This represents interoperability commitments from every disk drive maker on the planet,' said Robert Thibadeau, chief technologist at Seagate Technology."

It's not an encryption spec...

[(Score.5,+Interestin]

... it's TPM glue for hard drives. The spec says almost nothing about encryption and authentication, it's just a bunch of TPM command and control mechanisms for hard drives. The IEEE P1696 working group is the one working on secure hard-drive encryption. Unfortunately the TPM people have better PR people than the CS and EE types doing the IEEE work do.

Re:It's not an encryption spec...

[this+great+guy]

The parent poster made a typo in the IEEE project name. It's P1619. Their main full disk encryption spec is XTS-AES, and is currently implemented by the Linux dm-crypt layer (cipher name aes-xts-plain), and by OpenBSD. I have been using it for almost a year on my laptop.

Why not just use TrueCrypt?

[Futurepower(R)]

Why not just use TrueCrypt pre-boot system partition encryption? The benefit of a hardware standard is not immediately clear to me.

True Crypt Source

[RationalRoot]

What' is this then ?

http://www.truecrypt.org/downloads2.php

Source Code ?

I have not compiled it, nor gone through it in detail, but it looks like source code to me.

D

Re:that is true, Defective by Design.

[AlecC]

If you read further down, it says you can do a global reset, which loses the key and unlocks the disk as full of encrypted garbage, "with a few keystrokes".