Re: Re: [unisog] OT: Putting Encyption Functions in the HDDs

["Saqib Ali" <docbook.xml () gmail com>]

On 28 Apr 2006 18:23:22 -0000, securityfocus () slickwillies net
<securityfocus () slickwillies net> wrote:
> I have used similar type drives.  Mainly those equipped with an e-nova encryption chip. These drives run flawlessly for 
> me.  They encrypt all incoming data and decrypt outgoing data on the fly.  Unlike the drive mentioned here, e-nova 
> equipped drives only use a token key

One of the problems with the e-Nova solutions is that the e-Nova
controller MUST be present on each computer from which the hard drive
needs to be accessed. Plus if you lose the key you lose the data.
There is no concept of key escrow or master keys.

Full Disc Encryption drives by Seagate, on the other hand, have the
TPM (Trusted Platform Module) built-into drive, which is used for
storing the keys. Software like Wave System's Embassy Trust Suite can
be used to manage the TPM, password, 2-fact authentication, master
key, key escrow etc.

--
Saqib Ali, CISSP, ISSAP
Support http://www.capital-punishment.net
-----------
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15
-----------

-------------------------------------------------------------------------
This List Sponsored by: Webroot

Don't leave your confidential company and customer records un-protected.
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no
obligation. See why so many companies trust Spy Sweeper Enterprise to
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise

http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------