Re: SSD and WDE

[coderman <coderman () gmail com>]

On Fri, Dec 17, 2010 at 3:16 PM, Paul Schmehl <pschmehl_lists () tx rr com> wrote:
> ... anyone aware of any academic or technical
> studies of whole disk encryption for solid state discs.

what kind of details are you looking for?

solid state and full disk encryption are a match made in heaven. the
rest is just details... *grin*

SLC over MLC and pair with on die accelerated AES. as with disk based,
encryption renders all reads and writes effectively randomized. SSD
removes seek hit but you have still invalidated read-ahead caching and
other common optimizations.

update firmware as nearly all devices have undergone wear-leveling, hw
driver, and other fixes post launch.

regarding wear leveling, FDE means never having to worry about secure
delete, which may not be possible with  reasonable effort on MLC SSD
storage.

SSD make fine compliment to hybrid storage; small fast SLC first tier
backed by platters for extended duration and volume. key management of
hybrid / multi LVM encrypted systems too long a tale to discuss here.
but also not unique to SSD.

hardware-based FDE is also just as applicable to SSD as other media.
invoking CDE on demand a useful convenience. but also not unique to
SSD.

aside from MLC algorithm specific difficulties of data remanence all
the usual disclaimers on zerisation and key management apply,
including secure mode of operation.
   this also not unique to SSD.
;)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/