Self-Encrypting Hard Drives and the New Security

In a recent blog post, CNet's Jon Oitsik has called for a policy shift with respect to data encryption. A new standard by the Trusted Computing Group promises the availability of self-encrypting hard drives soon, leading some to call for immediate adoption. Will this create even more security problems due to lazy custodians, or should someone responsible for keeping your information safe be required to move to the new hardware? Hopefully the new hardware comes with a warning to continue to use other data protection measures as well.

hmm

[n3tcat]

if encrypted hard drives become the norm, will authorities be more apt to treat it as a protected right rather than as a method of hiding shit?

Hardware crypto leads to better security? BULL!

[Chas]

Spoken (or typed in this case) like someone who's completely misunderstood the security process and thinks that [Insert Buzzword] = Security

Lock out vs lose data

[uberdilligaff]

While the focus will be on preventing data from being accessed when the PC is stolen, this will come with the rather severe side effect that a significant number of users will irreversibly lock themselves out of all their data by losing/forgetting their pass phrase. Too bad you can't reduce the first problem without increasing the second.

Trusted Computing Group reputation?

[steve_bryan]

I hope this proposal is considered with more than the usual amount of skeptical reserve. The name was changed more than once but I'm fairly certain that the "Trusted Computing" group was previously acting as a lackey of the entertainment cartel. They managed to introduce new points of possible breakage making computer based media more prone to failure (e.g. HDCP and the forced failure of expensive monitors purchased by early adopters).

If this is the same group then you can almost guarantee that they will include backdoors and other nastiness intended to inhibit unapproved behavior by the owner of the drive.

Bill of Rights

[OldFish]

Just as important as the technology will be the legal framework that applies. Myself, I like the Bill of Rights and I want to see data storage be treated as an extension of my memory with all rights that apply to my testimony extended to the digital media that is protected by a key that is in my memory. I know, naive idealism is dumb.

Prove it's encrypted?

[noidentity]

How can a security-conscious end-user verify that my data is encrypted on one of these drives, as opposed to simply being stored in the clear and the drive just refusing to read it? Sure seems it'd be cheaper if they just left out the crypto and had the drive lie, taking only a few hundred bytes of extra firmware and no extra processing power to implement the new "encryption" command set. Who's going to know?

Flaws? So what.

[manif3st]

Personally, I can't wait for these to become commonplace. I use whole disk encryption not because I don't want my partner/friends accessing my data (my computer's on all the time anyway in an unencrypted state any business documents and porn are tucked away using TrueCrypt), not because I'm scared of LEOs or G-men (they're welcome to my files), but because I don't want some prick burgling my house, plugging in my hard drive to their computer, and posting my photographs and poking around looking for passwords to sell. So bring on the back doors, I can remember my passwords, and anyone with the knowledge to hack the hard drive to get at the data is doing it for more than my photos and old university papers. I can change my passwords faster than they can sell them.

Key escrow

[davidwr]

If there were multiple keys, each one of which could unlock the drive this would be fine. The owner, i.e. the IT dept., gets the main key and the user and others get backup keys.

One way to implement it:

The drive will accept either its on-board key or a key from a dongle. The on-board key of course will be encrypted with a passphrase that can be changed without changing the underlying key. If EITHER the passphrase is entered OR another copy of the key with ITS passphrase is present, the drive is unlocked.

Paranoid users could invalidate the on-board key, requiring the use of a dongle to unlock the drive.

Another option:
A 3-layer version, where a heavily-encrypted "super key" is on the drive, with multiple "supplemental keys" which may or may not be on the drive which decrypt the super key AND which define access, e.g. a "read only" key, a "read/write key," and an "administration key." Zero or more of these could be stored on the drive, encrypted with passphrases. Others could be stored on dongles, again, encrypted with passphrases. In this scenario, IT would control the administrator key and the person in possession of the laptop would control the read-write key and the read-only key. The read-only key would be turned over in response to subpoenas or customs officials where required by law. In draconian societies like America^H^H^H^H^H^H^H China, an additional, non-removable backdoor key would probably be held by the government.