[127661] in cryptography@c2.net mail archive
Re: disks with hardware FDE
daemon@ATHENA.MIT.EDU (Arshad Noor)
Tue Jul 8 10:44:05 2008
Date: Mon, 07 Jul 2008 14:57:09 -0700
From: Arshad Noor <arshad.noor@strongauth.com>
To: "Perry E. Metzger" <perry@piermont.com>
CC: cryptography@metzdowd.com, P1619-3@LISTSERV.IEEE.ORG,
ekmi@lists.oasis-open.org
In-Reply-To: <874p71qvsj.fsf@snark.cb.piermont.com>
Perry E. Metzger wrote:
> There are now a number of drives on the market advertising AES based
> FDE in hardware, and a number of laptops available on the market that
> claim to support them.
>
> Has anyone had any real-world experience with these yet? Are there
> standards for how they get the keys from the BIOS or OS? (I'm
> interested in how they deal with zeroization on sleep and such.)
> Lastly, anyone have any idea of whether the manufacturers are doing
> the encryption correctly or not?
>
Perry,
I have copied the IEEE 1619.3 Working Group where disk-drive
manufacturers are working on some of these KM issues.
There is a debate going on on that list about the value of
encrypting data at the disk-drive layer vs. encrypting at the
application layer - I believe the latter is a more strategic
solution - and the voices from the Crypto forum would be
welcome on these issues.
I will let the FDE vendors respond to you so you can forward
as appropriate. Thanks.
Arshad Noor
StrongAuth, Inc.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
