Questions & Answers

advertisement
Data Security Using TCG
Self-Encrypting Drive (SED) Technology
Questions and Answers
On June 11, 2013 the Trusted Computing Group (TCG) alongside its key panelists, Tom Coughlin of
Coughlin Associates, Michael Willett, Samsung and Hussein Syed of Barnabas Health hosted a webcast on
the realities of using self-encrypting drives today, now that they are becoming widely available for client
and enterprise. The presentation materials are also available for download.
The following questions were posed during this webcast. TCG’s panelists and storage security experts
have answered them for you. For any others, please contact admin@trustedcomputinggroup.org.
Questions & Answers

Can you talk more about the customer service experience and capabilities that were enabled by using
this technology?
Use of SED based drives has the big benefit: there is no performance trade off on the device. The only
areas where we (Barnabas) have developed support processes are around password recovery and reprovisioning of devices.

In healthcare, if you lose or have lost a device, how did SED technology help you with reporting, costs
and securing data?
In healthcare, if a device is lost, a risk assessment is required to determine if there is patient
information at risk. SED, if implemented properly, offers a ‘safe harbor’. If the password used to lock
the drive is strong and a provider can demonstrate it, SEDs can help an organization not go through an
expensive breach notification and reporting exercise.

If these technologies start to become more consumer oriented and in several types of different devices,
would this satisfy any compliance or regulatory successes for healthcare providers?
The BYOD initiatives will gain momentum if SED can be used to protect data, as long as an organization
can manage the SED and demonstrate setup is secure.

What is the average TCO differential between SEDs and the best software encryption?
This can be referenced in the new Ponemon study on TCO of SED/FDE available here.

Regarding Hardware Acquisition, when is price parity expected between a normal hard drive and a selfencrypting drive?
Several providers of SEDs have already gone to no-markup. And, any current markups are in the ‘few
dollars’ range; all moving to the point in the future when ALL drives will be SEDs.

What is your long range view of using SEDs in the enterprise?
SEDs in the data center will make it easier to retire, replace and repurpose storage devices while
preserving security for sensitive data. In addition, security management is easier for SEDs than for
software encryption. Thus SEDs in the enterprise will provide advantages, driving universal adoption.

What are the future forecast and adoption curves for SEDs for consumers?
Non-mobile consumer devices such as DVRs and game consoles don’t gain much benefit to the
consumers and thus this is a market that will generally adopt SEDs as these drives become universally
uquiquitous.

You mentioned the details of doing a “NIST-approved crypto-erase”. Do you know if the NIST is going
to be working the “crypto-erase” into any of their FIPS documentation under the destruction of media?
Revision 1 of NIST SP800-88 – “Guidelines for Media Sanitization” contains CryptoErase, based on SEDs.
After the draft is accepted in final form and CryptoErase is a formal NIST-sanctioned sanitization
method, we can expect other government documents related to sanitization to officially recognize
CryptoErase. A draft of this document can be found here.

How do we escrow the key to allow for forensics on a SED in the enterprise?
You cannot escrow the ENCRYPTION key(s) for an SED, since those keys are never externalized. You can
escrow the AUTHENTICATION key(s), as do all the software products that manage SEDs. If you do not
have the authentication key for an SED, then you cannot perform ‘forensics’ on the drive; that is, read
the on-board encrypted data. The encryption is doing the job it was designed to do: keep the
‘unauthorized’ person from reading the encrypted data. Of course, assuming the data is important to
the owner, that data is backed up in the enterprise; available otherwise to the authorized person.

How do I handle forensics on an SED?
Refer to the answer above for more information. The only information available on the SED media are:
encrypted data, hashed authentication key(s), and only an encrypted copy of the encryption key. Given
the strength of the underlying standard cryptography, “Crypto 101” says that the data cannot be
recovered from those elements. In that sense, you cannot do “forensics” on an SED. Reputable recovery
companies have already found this to be true.

How to use SED in an unattended environment such as servers? If the server is rebooted, in some
cases, it is not acceptable that an admin has to enter a password so the server can be back online
again.
The pre-boot authentication scenario presented in the webinar applies to the OPAL/laptop, not the
enterprise and data center environment. Two similar but different TCG trusted storage specifications
apply. The enterprise specification assumes an unattended/automated environment such as a data
center server and/or RAID system. In this case, the RAID controller (and/or key manager) is
programmed to present the authentication credentials in an automated fashion. Products that have
already announced support for enterprise SEDs take this approach.

Is TCG doing any work to get this level standardization of encryption and manageability on a thumb
drive?
If the thumb drive supports on board AES-based hardware encryption and has the ability to securely
store and execute microcode, then the TCG trusted storage specifications can be considered by the
product vendor. Most thumb drives support a USB interface, which is based on the SCSI command set.
The standardized “container” commands that carry the SED management commands are both T13
(SATA) and T10 (SCSI) based, as well as any derivatives of those command sets. The advantage of
adhering to the TCG specifications for any encrypting storage device is the common manageability
afforded such products. We encourage such product vendors to consider the TCG specifications in their
designs.

Is there intention to expand TCG storage standards to mobile phone’s memory, or to usb flash drives?
Refer to the previous question for more information. The Mobile Phone Workgroup has published
specifications for a trusted phone, including a hardware module called the Mobile Trusted Module
(MTM). Prototypes have already been implemented to those specifications.

Will OPAL be implemented in other device types?
As noted earlier, the prerequisites for a storage device to implement OPAL (or the enterprise
specification) for SEDs are:
-
on-board AES encryption engine in hardware
-
processor capable of securely storing and executing microcode
-
support for the standardized “container” commands that carry the SED management
commands
The rest is programming. Besides the encryption, the SED advantage is the common manageability.

Is the Authentication Key equal to the user’s password? If so, isn’t there a risk of it being too short?
And therefore, exposed to dictionary attack on the hash value? Moreover, how is the authentication
password turned into an AES 128/256 key?
The Authentication key(s) are managed by the user/owner and can be up to 32 bytes long (256 bits!).
As you have noted, due diligence dictates that long AKs be used. The AKs are used to authorize
unlocking the drive and internally decrypting the encryption key(s). In that sense, the AK is one of the
user’s passwords, but albeit a long password. Passphrases, Active Directory, external dongles, or other
automated functions can be used to create long AKs that are still manageable.
The AK is NOT used to generate the Encryption keys. The EK are generated randomly on-board the
drive and never externalized.

What do you recommend for AK management in systems that don’t have an interactive user or that
need to reboot automatically?
For OPAL/laptop drives, you can integrate AK management with Active Directory (as supported by
multiple management vendors) or some other resident function. The management vendors have their
own automation capabilities. The TCG specification does not specify these behaviors. That is left to the
management vendors in differentiating their products. To the SED management interface, the
authentication key is a 32-byte “blob”.

How do we change the AK key without the loss of data on the SED? Is not a single AK used to encrypt
the SED and changing this key destroys the data or makes it unreadable?
Refer to the above questions for more information. The Authentication key(s) and the Encryption key(s)
are distinct.
The EK is generated internal to the drive and never externalized; not derived from the AK.

-
The AK is used to encrypt the EK inside the drive so that the EK is never stored in the clear.
-
Only the hashed value of the AK is stored on the drive, not the AK itself.
-
When I change the external AK, the internal EK does not change. Rather, only the hashed
value of the AK and the encrypted/stored value of the EK. The same EK continues to
encrypt/decrypt the data.
How difficult is it to convert existing servers to use SED drives?
You are encouraged to contact enterprise SED vendors and integrators and review their deployment
strategies. Such conversions are beyond the scope of the TCG (a standards group). But, we have
observed with satisfaction that such vendors are making the transition ‘graceful’. For example, SEDs
can possibly be added to a RAID system in ‘unmanaged/unlocked’ mode until the time when the SEDs
become ‘managed’; all in automated fashion. “Managed” means locked/unlocked using Authentication
key(s). The server and/or RAID controllers (and key management systems) need to support such
management; ie, administering the authentication key(s) and presenting the AK to the SED. Since SED
management is carried over a standardized set of ‘container’ commands (either SATA or SCSI and
derivatives), modifications to servers and RAID controllers can be minimal to none.

What happens with SEDs when the drive fails and requires recovery? Backups are not always
implemented even though they should be. Is there a way to recover lost data from SEDs?
See the discussion of forensics above. Briefly, the answer is NO. The whole design point was to prevent
the ‘unauthorized’ person from having the data on the SED. Backup of valuable data is necessary. The
strength in design of an SED cannot be compromised simply because an I.T. person (or myself) failed
to adhere to one of the fundamental best practices in I.T.: Backup.

What is meant by DATA CLASSIFICATION in this context?
Some customers have been forced to ‘classify’ data into sensitivity categories (eg, public, sensitive,
confidential, personal, etc) in order to decide which data sets get which level of security protection,
such as encryption, because the encryption function (eg, crypto co-processor) does not have the
capacity to encrypt all data. With SEDs, every drive has a full-drive-speed encrypting engine, so that ALL
stored data in the enterprise can be encrypted. Of course, you may classify data for purposes other
than preserving a limited encryption resource.

If I have a SED installed on my desktop and am viewing this TCG presentation, is ALL of my data
unreadable to a hacker, who is also on this channel?
If you are the authorized user of that desktop and you have unlocked the drive with the correct
Authentication key during the pre-boot authentication process, then your drive is operating as a normal
(open) drive. Everything written to the drive is always being encrypted transparently, but any function
on your desktop that can read/write an open drive can also read/write your drive. Once you shut down
the desktop, the drive goes into locked mode and will not unlock without the proper authentication
key. Keep in mind: the encryption only applies to data written on the drive media, not to reads outside
the drive. All reads come out as plain text.
So, for your scenario, ask the same question for any open drive (not just an SED). Can a hacker read
data on your desktop from a webinar channel? I doubt it. What would be the ‘communication’ channel?
More Information:
Data Security Architect’s Guide:
https://www.trustedcomputinggroup.org/resources/tcg_data_security_architects_guide
Self-Encrypting Drive Market and Technology Report, Tom Coughlin, Coughlin Associates:
http://www.tomcoughlin.com/Techpapers/2011%20SelfEncrypting_Drive_Market_and_Technology_Analysis%20Brochure,_092011.pdf
Saint Barnabas Health Care System Case Study: http://www.wave.com/buzz/pr/saint-barnabas-health-caresystem-selects-wave-protect-personal-health-information-laptops
Storage Specifications: http://www.trustedcomputinggroup.org/developers/storage/specifications
Interested in Getting Involved with TCG – Join Us: http://www.trustedcomputinggroup.org/join_now
Download