[144514] in cryptography@c2.net mail archive
Re: Seagate announces hardware FDE for laptop and desktop machines
daemon@ATHENA.MIT.EDU (james hughes)
Sun Jun 14 14:01:48 2009
Cc: Simon Josefsson <simon@josefsson.org>,
Cryptography <cryptography@metzdowd.com>
From: james hughes <hughejp@mac.com>
To: travis+ml-cryptography@subspacefield.org
In-reply-to: <20090610231953.GD443@subspacefield.org>
Date: Fri, 12 Jun 2009 10:12:20 -0700
On Jun 10, 2009, at 4:19 PM, travis+ml-cryptography@subspacefield.org
wrote:
> Reading really old email, but have new information to add.
>
> On Wed, Oct 03, 2007 at 02:15:38PM +1000, Daniel Carosone wrote:
>> Speculation: the drive always encrypts the platters with a (fixed)
>> AES
>> key, obviating the need to track which sectors are encrypted or
>> not. Setting the drive password simply changes the key-handling.
>>
>> Implication: fixed keys may be known and data recoverable from
>> factory
>> records, e.g. for law enforcement, even if this is not provided as an
>> end-user service.
>
> There was an interesting article in 2600 recently about ATA drive
> security.
>
> It's in Volume 26, Number 1 (Spring 2009). Sorry that I don't have an
> electronic copy.
>
> The relevant bit of it is that there are two keys. One key is for the
> user, and one (IIRC, it is called a master key) is set by the factory.
>
> IIRC, there was a court case recently where law enforcement was able
> to read the contents of a locked disk, contrary to the vendor's claims
> that nobody, even them, would be able to do so.
All of these statements may be true. The standardization of the
command set for encrypting disk drive does has a "set master key"
command. If this command does exist, and if the user had software that
resets this master password, then the backdoor would have been closed.
(I know, there area lot of "ifs" in that sentence.)
http://www.dtc.umn.edu/disc/resources/RiedelISW5r.pdf
http://www.usenix.org/events/lsf07/tech/riedel.pdf
http://www.t10.org/ftp/t10/document.04/04-004r2.pdf
and from universities you can access
http://ieeexplore.ieee.org/iel5/10842/34160/01628480.pdf
https://www.research.ibm.com/journal/rd/524/nagle.html
Jim
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
