Self-Encrypting Hard Drives and the New Security

In a recent blog post, CNet's Jon Oitsik has called for a policy shift with respect to data encryption. A new standard by the Trusted Computing Group promises the availability of self-encrypting hard drives soon, leading some to call for immediate adoption. Will this create even more security problems due to lazy custodians, or should someone responsible for keeping your information safe be required to move to the new hardware? Hopefully the new hardware comes with a warning to continue to use other data protection measures as well.

hmm

[n3tcat]

if encrypted hard drives become the norm, will authorities be more apt to treat it as a protected right rather than as a method of hiding shit?

Hardware crypto leads to better security? BULL!

[Chas]

Spoken (or typed in this case) like someone who's completely misunderstood the security process and thinks that [Insert Buzzword] = Security

Lock out vs lose data

[uberdilligaff]

While the focus will be on preventing data from being accessed when the PC is stolen, this will come with the rather severe side effect that a significant number of users will irreversibly lock themselves out of all their data by losing/forgetting their pass phrase. Too bad you can't reduce the first problem without increasing the second.

Trusted Computing Group reputation?

[steve_bryan]

I hope this proposal is considered with more than the usual amount of skeptical reserve. The name was changed more than once but I'm fairly certain that the "Trusted Computing" group was previously acting as a lackey of the entertainment cartel. They managed to introduce new points of possible breakage making computer based media more prone to failure (e.g. HDCP and the forced failure of expensive monitors purchased by early adopters).

If this is the same group then you can almost guarantee that they will include backdoors and other nastiness intended to inhibit unapproved behavior by the owner of the drive.

Power Outage Hickups

[MBHkewl]

So while the disk is self-encrypting itself, what if the power went out?

Complete data corruption/loss?

Or are you gonna mandate that everyone uses a UPS?

Bill of Rights

[OldFish]

Just as important as the technology will be the legal framework that applies. Myself, I like the Bill of Rights and I want to see data storage be treated as an extension of my memory with all rights that apply to my testimony extended to the digital media that is protected by a key that is in my memory. I know, naive idealism is dumb.

Prove it's encrypted?

[noidentity]

How can a security-conscious end-user verify that my data is encrypted on one of these drives, as opposed to simply being stored in the clear and the drive just refusing to read it? Sure seems it'd be cheaper if they just left out the crypto and had the drive lie, taking only a few hundred bytes of extra firmware and no extra processing power to implement the new "encryption" command set. Who's going to know?

Flaws? So what.

[manif3st]

Personally, I can't wait for these to become commonplace. I use whole disk encryption not because I don't want my partner/friends accessing my data (my computer's on all the time anyway in an unencrypted state any business documents and porn are tucked away using TrueCrypt), not because I'm scared of LEOs or G-men (they're welcome to my files), but because I don't want some prick burgling my house, plugging in my hard drive to their computer, and posting my photographs and poking around looking for passwords to sell. So bring on the back doors, I can remember my passwords, and anyone with the knowledge to hack the hard drive to get at the data is doing it for more than my photos and old university papers. I can change my passwords faster than they can sell them.

Key escrow

[davidwr]

If there were multiple keys, each one of which could unlock the drive this would be fine. The owner, i.e. the IT dept., gets the main key and the user and others get backup keys.

One way to implement it:

The drive will accept either its on-board key or a key from a dongle. The on-board key of course will be encrypted with a passphrase that can be changed without changing the underlying key. If EITHER the passphrase is entered OR another copy of the key with ITS passphrase is present, the drive is unlocked.

Paranoid users could invalidate the on-board key, requiring the use of a dongle to unlock the drive.

Another option:
A 3-layer version, where a heavily-encrypted "super key" is on the drive, with multiple "supplemental keys" which may or may not be on the drive which decrypt the super key AND which define access, e.g. a "read only" key, a "read/write key," and an "administration key." Zero or more of these could be stored on the drive, encrypted with passphrases. Others could be stored on dongles, again, encrypted with passphrases. In this scenario, IT would control the administrator key and the person in possession of the laptop would control the read-write key and the read-only key. The read-only key would be turned over in response to subpoenas or customs officials where required by law. In draconian societies like America^H^H^H^H^H^H^H China, an additional, non-removable backdoor key would probably be held by the government.

Re:Hardware encryption...

[afidel]

How do you deal with the key in memory problem? That's right you can't without a hardware keystore, hardware is the only way to get true unbreakable encryption.

FIPS 140-2

[Digital_Quartz]

In theory, if these drives are being used by a US government agency for encryption, then the drives need to be FIPS 140-2 [nist.gov] certified.

In order be certified, there is a stringent list of algorithms that may be used, for both encryption and random number generation, and these algorithms need to be tested and certified themselves.

We'll have to see if the hard drive companies want to go through the headaches involved to get FIPS certification, or whether this is meant as a gimmick for consumers.

Re:Propriety Encryption

[PitaBred]

Fire a few of them, and let people know why they were let go. Users learn pretty well when they have proper incentives. You're not asking for a lot, and if they can't perform the duties of their job, they need a new job.

Re:self encrypting, probably self-defeating too

[__aasqbs9791]

I would agree with that, I was just commenting on the wallet as the best place to keep things.

I had a problem losing my wallet when I was about 14. This had two results. One, I became rather good at finding lost things. Two, I'm obsessive about knowing the location of certain things (wallet, cell phone, and keys mostly). Drives my wife nuts sometimes since she losing things all the time (actually, she's gotten much better in the last year or two) but I rarely have trouble finding anything.

Re:Propriety Encryption

[mlts]

Even though the TPM is specced to not be armored against attack, it would take someone with access to a chip fab to try to get the key off the silicon itself.

With a TPM and a hard disk that can use this the way BitLocker does (where it boots to the OS without needing any passwords, but attempts to boot to other media to access the drive require access to the volume's recovery key), this is good protection for a laptop, making the main attack front the username/password of users or administrators. One can also have the TPM require a PIN and enough wrong guesses the TPM either locks access or adds substantial increasing delays between password attempts.

One note here:

This functionality is more aimed at the enterprise than individual users. The enterprise needs to be able to have some way of regaining access to a laptop of an employee should they forget their password or leave the company. They also require access due to data retention laws.

I'm almost certain that the drives will end up tested for FIPS compliance. If not, then they won't pass a lot of DAR (data at rest) encryption specs that the US government has put in place.

As for comparing this with TrueCrypt, this and TC are apples and oranges, or more like a ball peen hammer versus a claw hammer. Both hammer nails, but one is suited to one type of job versus another. For home machines where there is only one person using them, I'd go with TrueCrypt (because TC doesn't require hardware support to provide top notch protection). For machines that have more than one user, or require access by another party due to various regulations, I'd go with TPM based functionality. Or do like I do and use both. BitLocker functionality for the boot volume, and TrueCrypt to automount external drives using a keyfile. This way, if I need to use the volumes on a machine that doesn't support BitLocker, I can just plug them in, read the keyfile off a smart card, and mount it without needing Windows Server 2008 or Vista Enterprise/Ultimate [1].

[1] I really wish Microsoft would put BitLocker in Windows 7 Professional. It is hard to beat for "install and forget" protection of data.