backtop

Print E-mail del.icio.us 31 comment(s) - last by saqib.. on May 23 at 11:02 PM

Specifications for the FDE drives - Click to Enlarge
Upcoming notebook hard disk drive include encryption virtually impossible to decypher if removed

Seagate Technology introduced its Momentus Full Disk Encryption line of notebook drives last year along with perpendicular magnetic recording in its 5400.3 series of notebook drives. The 5400.3 notebook drives kept our mouths watering this past January but we were still left longing for Seagate's Momentus FDE line of fully encryptable notebook hard disk drives.

We had a chance to talk to the Momentus FDE Product Marketing Manager, Joni Clark, who answered our questions regarding the new technology, how it works, what features it holds, and things we should expect to see in the near future from Seagate.

DailyTech: How does the Full Disc Encryption Technology work?
Clark: Once the Momentus FDE drive is installed in a notebook PC and a password is set during the first boot, the onboard ASIC, or application specific integrated circuit, will be ready to encrypt data on-the-fly. Upon startup of a system the user will be asked to enter a password to allow access to the disk's contents. As a user's system writes data to the disk it will be encrypted with a 192-bit TDEA or 3DES encryption algorithm. The algorithm involves using three 64-bit keys to do an encrypt-decrypt-encrypt function with the keys in that order.  A string is encrypted with key 1 followed by a decryption with key 2 and is again encrypted with the 3rd key. Encryption is disc-wide and cannot be limited to certain parts of the disc yet. Seagate may choose to implement selective encryption features in future versions of the technology but the initial launch will be limited to full disc encryption only. Upon shutdown of the system the Momentus FDE drive will automatically lock the contents of the drive to prevent unauthorized access.

Currently all encryption is done automatically without the aid of software or customizable configurations. One of the benefits of a hardware encryption technology is that there is no performance hit while Seagate says there is a 30-40% hit in performance with software encryption. However, Clark mentioned that software support is more than just a possibility for future editions for customization of the drive encryption and other features. Additionally there were talks of providing bundles of the drive with authentication products such as USB keys, finger print scanners, biometric scanners, etc., along with software.

DailyTech: Can encryption be turned off for those who do not need it?
Clark: The short answer: No. The initial launch version of FDE will not feature an 'off-switch' so data will always be secured whether a user wants it to be or not. We assumed this product would be aimed at organizations that require a high level of security where data needs to be encrypted at all times. Seagate pointed out that even day-to-day information is just as sensitive as government level classified information to many organizations and Seagate is aiming the Momentus FDE line at just about any userbase with that requirement.

DailyTech: To what extent does the encryption operate?
Clark: Once data is written to the drive and the system is shut down the only way to access the contents of the encrypted drive is to use the user assigned password during startup. There can be a total of 4 master passwords and 4 user passwords. This helps organizations to allow access to more than one indivual such as managers and other users who require that access.

A concern we brought up during our interview with Momentus FDE's Product Marketing Manager pertained to the scenario where all passwords were lost. How would an organization access that encrypted data then?

Seagate's answer to this, as we would expect it to be, is that they do not keep any keys for any drives they manufacturer because of concerns over security. Holding on to the encryption keys for each FDE drive would defeat the purpose of designing the drive in the first place. The only way to access data on a protected drive without any keys would be through data recovery, and even then a cryptologist would need to be present to crack the triple-DES encryption.  The short answer is, losing all keys to the drive makes you data practically unusable.

DailyTech: Has there been a launch date decided for Momentus FDE?
Clark: A limited launch has been scheduled during which Seagate will begin to roll out the first batch of Momentus FDE notebook drives to a select group of organizations as a pilot which will continue over the next few months. Seagate states that launching a new technology such as FDE to test markets will help them gauge the usefulness of the product and feedback from these pilot organizations will allow them to improve the product for the final/official launch to the mass market.

We were not able to squeeze any names of the pilot organizations out of our Seagate contacts as we are sure policies are in place to ensure confidentiality but we have asked the kind folks at Seagate to keep us in the loop as things progress.  It would be fairly safe to say the top-tier notebook manufacturers that work with Seagate probably have something on the way.

DailyTech: What are the technical specifications of the Momentus FDE line?
Clark: Seagate's Momentus FDE line of notebook hard drives are the first to offer full hardware-based encryption and are planned to launch with capacities at 40, 60, 80, 100, and 120GB with an Ultra ATA/100 interface.

The peak transfer rates are factory clocked at 57.6MB/sec with the 5400 RPM rotational speed, an 8MB buffer, and average seek time on these models will be around 12.5ms. The product sheet lists the 120GB model to utilize 4 heads on 2 platters which probably pack in about 60GB each.

Our contacts at Seagate informed us that if the limited launch goes according to plan they may begin to implement perpendicular recording as early as the first half of 2007 with desktop drives using PMR coming later this year.

Our article last week about Seagate's 750GB Barracuda 7200.10 line piqued the interests of many of you and we are certain there will be news on that side of Seagate's product line soon (tommorow) and we will keep you updated on FDE as the launch progresses.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
Snap
By Scabies on 4/25/2006 3:50:07 PM , Rating: 2
I think my brain just exploded. Are HDDs really in need of this triple-keyed encryption? Theyre talking on the fly, but shoot that was the most complex thing I've read since my tax returns. Surely there is some performance lost in this. And perhaps there is a disc mishap or power loss during encryption/decryption.. would a 1/3 encrypted drive work?

quote:
Upon shutdown of the system the Momentus FDE drive will automatically lock the contents of the drive to prevent unauthorized access.

I've got that. I call it the "Power Switch." My second backup would be the lock on my front door. Third is our 12ga.

Also, the momentus 5400's are for laptops.. 2.5" drives, but this sounds like the kind of security you would rather have in a server backup or offsite storage or something. Extravagant?




RE: Snap
By shadowzz on 4/25/2006 3:59:46 PM , Rating: 2
"server backup or offsite storage or something. Extravagant?"

http://news.google.com/news?hl=en&ned=us&ie=UTF-8&...

read the news much?


RE: Snap
By Phynaz on 4/25/2006 4:45:19 PM , Rating: 2
How would you like to be one of the 250,000 Marines that just had all their personal information compromised because it was on a laptop? Social sercurity numbers, bank account, addresses, the works.

Still think this is extravagent?


RE: Snap
By armagedon on 4/25/2006 5:07:53 PM , Rating: 2
you have to use common sense as for backing up your data. There is tons of fast and good software encrypter. You only need to encrypt some files not all Windows. I use a small freeware encrypter (Axcrypt) which let me open an app or data after a password prompt and then reencrypt it when i close it.


RE: Snap
By segagenesis on 4/25/2006 5:13:33 PM , Rating: 2
Like the replies to the above poster ... *ahem* the threat from losing data due to power loss is far far less than the threat of losing the data to the wrong hands. Unfortunately the article is a bit off on recovery also... there is no recovery from triple DES if it really is such. Trying to brute force that is about as productive as trying to sell an Alaskan an air conditioner... its pretty damn secure.


RE: Snap
By psychobriggsy on 4/26/2006 9:34:18 AM , Rating: 2
Which a software based keylogger can compromise.

With a firmware-based hard drive password request, you'd either need to compromise and change the firmware to include a keylogger, or install a hardware keylogger between the keyboard and system. That's only useful until authentication is done with a fingerprint reader...

Face the facts, in certain areas of business, the data is very important to keep secure, but it will be on laptops or systems that aren't in secured zones. This hard drive is useful in these markets.


RE: Snap
By psychobriggsy on 4/26/2006 9:37:57 AM , Rating: 2
Forgot to add - the best way to get the password whilst it is simply a string is probably social engineering (given the strength of the encryption) - the MBA or politician using the laptop will probably set the password to something easy to remember like the name of their cat.

I guess that means in a corporation, the IT dept. should set the password, and force the owner to remember it.


RE: Snap
By Keeir on 4/25/2006 5:55:06 PM , Rating: 2
No, not extravagent at all

IT departs need to be able to place laptops in the hands of luddites and be confident that information on the laptop is secure.

Keep in mind that the average corporate laptop user (or in this case the bottom 25% of corporate laptop users) are the most likely to have sensitive data on a laptop, to not use encryption properly on all sensitive data, and the most likely to behave in a "risky" fashion with the company data.

Almost on a daily basis large companies have a company provided laptop stolen in a simple snatch and grab. This type of device would force even the most lazy and un-techie laptop user to encrypt all data on the company machine. Yes, it is a hammer, but when thosands of employee's SSN and personal data can be lost... thats alot of expense to the company.


RE: Snap
By PandaBear on 4/25/2006 5:56:42 PM , Rating: 2
Power interruption while read/write will be just like what it is today, if it is partially written the journal file system (NTFS, etc) will keep a transaction record on how to recover to a last known state.


RE: Snap
By electriple9 on 4/25/2006 8:07:20 PM , Rating: 2
I must make my own point on not needing encryption on the laptop. I think alot of business man on the word, who got valuelable information might need this kind of encryption.
Thanks


RE: Snap
By Spoelie on 4/26/2006 5:51:33 AM , Rating: 2
Anything less than that is stupid. DES (data encryption standard) was conceptualized a long time ago and isn't all that secure anymore. A single DES (64bit) ecryption would be easily bypassed/broken. Triple DES or 3DES (3*64 = 192bit) is a stopgap measure that companies use to have sufficient security nowadays with the old standard. There's a new standard AES (Rijndael - advanced encryption standard) with more advanced security. I guess the reason they didn't implement that one was a speed issue.

So it might seem complex, but anything less is a no-go. Certainly for a harddrive that should be in use multiple years, while computing power keeps rising exponentially.


RE: Snap
By Spoelie on 4/26/2006 5:54:35 AM , Rating: 2
I wonder how effective it really is
By OCedHrt on 4/25/2006 5:17:47 PM , Rating: 2
It seems that the 3 keys are independent of the user supplied passwords as they are determined at manufacturing and not kept by Seagate. This means that the keys are stored somewhere on the drives themselves, and are thus recoverable. Otherwise, how would the drive know what key to use to encrypt with? Furthermore, if the keys are determined at manufacture, then they can't be based/derived from the user supplied passwords, and makes possible key recovery even more likely.

Additionally, in order for the user passwords to validate, they must be stored somewhere else, altough probably encrypted with the hardware embedded keys. With support for multiple user passwords, there is no way the keys could be derived from the passwords unless all passwords were supplied at the same time, otherwise a decrypt and re-encrypt of the entire drive would need to be performed.




By Samus on 4/25/2006 5:45:53 PM , Rating: 2
I use Nero Back-it-up which has 192-bit RSA encryption support, however, you must use a nero utility to unlock/mount the encrypted disc, which is conveniently burned to the disc in an unencrypted track. I'm confident only serious hackers would be able to recover this data, and for the most part, if they're that determined to see pics of my teenaged friends (most not nude) and stupid AIM logs, so be it.


By PandaBear on 4/25/2006 5:55:05 PM , Rating: 2
Most likely the key is stored either in the utility zone of the HD (non-user usable, like firmware, bad sector list, and calibration info) or burnt into the PROM or ASIC PROM. Another possibility is it is stored in the motherboard's bios.

It helps prevent people from stealing HD or laptop for its information. Having the key stored in the PC and the encryption done on a removable storage will be safer, but if it is a main HD and the whole thing get stolen together, it won't be much help. The only save way to do it, IMO, is to store the key in a USB that BIOS can read before posting, and upon posting a command is send to the HD and it start reading back decrypted info.


By mpteach on 4/25/2006 7:36:44 PM , Rating: 2
They could use a random number generator at manafacturing to create the keys. If the dont record the number coming out of the machine and the serial number of the drive they wouldnt know what it was. Most likely the key is stored in several small files and each file is encrypted with a different user or master password.

Mechanical Hard drives are much, much slower than the CPU or RAM, so i belive the Latency from the ASIC encryping or decryting would be negligable.

DES is a major standard of encyrpion but its key is only 64 bits long. 3DES or TDEA (triple DES) uses a 192bit key (3x64). It uses the DES encryption function on the data with the first 64 bits of the key then the DES decryption funcion with the second 64 bits of the key, yeilding gibberish since it was a different key. Lastly it uses the last 64 bits to run the encryption funcion again.

Why are people worried about power failure? Laptops have batteries. On mine, if the power starts to ge low it goes into standby or hibernation. Id be more worried about windows crashes corrupting your data.

Lasly i doubt that these drives can be used easily and securly with standby, at least not without changes to the mobo, bios and software. I would think they'd work fine with hibernation though since thats basically a regular form of startup.


OK, so
By boinkle on 4/25/2006 8:18:36 PM , Rating: 2
This "asks for a password at startup" - it can't be OS independent, then, can it. How does it go about prompting the user?

So, what about Linix/Unix/BSD/Mac OS support? Why didn't you ask?




RE: OK, so
By Motley on 4/26/2006 12:10:21 AM , Rating: 2
The same way it asks you to hit F2, Delete, or Insert to go into the BIOS during boot? Or to set up your raid array?


RE: OK, so
By boinkle on 4/26/2006 4:06:47 AM , Rating: 2
BIOS is neither the beginning nor the end.