Disk Manufacturers Settle on Encryption Standard

Disk drive manufacturers of the world, unite!

According to Computer World, the six biggest disk drive companies on the planet have put their heads together and agreed upon a set of encryption standards, which will eventually make their way onto every hard drive and solid state drive on the market. The Trusted Computing Group (TCG), which includes Seagate, Western Digital, Hitachi and Toshiba as some of its storage members, has released details on three encryption standards which cover desktop, laptop and enterprise storage drives.

The three specifications introduced by the group today each target a different segment of the hard drive industry. The Opal specification gives requirements for hard drives used in desktops and laptops. The Enterprise Security Subsystem Class specification focuses on enterprise hard drives, which are typically found in data centers. The last standard, or Storage Interface Interactions specification, focuses on the connection types, including Parallel ATA, Serial ATA, SCSI and ATAPI.

“Lost and stolen data costs industry and consumers hundreds of millions of dollars, not to mention loss of credibility, legal issues and lost productivity," said Robert Thibadeau, chief technologist at Seagate and chairman of TCG's Storage workgroup. "TCG’s approach to Trusted Storage gives vendors and users a transparent way to fully encrypt data in hardware without affecting performance so that data is safe no matter what happens to the drive.”

With universal encryption standards, end-user security is now already in place. If Joe Q. Consumer buys a new internal hard drive at retail, or an IT department is refitting its servers with new enterprise drives, the security is already there, making their lives and jobs a lot easier, as well as potentially saving them money.

According to the statement released by the TCG, over 250 million records have been lost and/or stolen since 2005. With these new universal specifications, perhaps that number will be drastically reduced over the next several years.

You can find the TCG's statement in its entirety here.

  • jhansonxi
    Trusted Computing Group - the ultimate in DRM:
  • joex444
    This is pathetically unspecific. What kind of encryption did they decide on, a Caesar shift cipher or AES256?
  • TheViper
    Maybe it uses a Rotating Clear Text.

  • We can make harddrive password mandatory during boot up, to access the content of harddrive.
    If we dont know the password, then we need to re-format the harddrive.

    So the control is actually at bios level by using hardware, not software.

  • dconnors
    joex444This is pathetically unspecific. What kind of encryption did they decide on, a Caesar shift cipher or AES256?
    This is a news post, so the details were few for a reason. Check out the statement (PDF) @ the bottom of the post.
  • jawshoeaw
    Hail Caeser!
  • slapdashzero
    Maybe this is just the cynic in me, but by creating a standard, on the other side of the blade, does that not also mean that once someone figures out a workaround/crack for the encryption, they can just dance from machine to machine and open them all up with the same method?
  • bounty
    Yeah slap-0, but this way the cops have a standardized backdoor.
  • hellwig
    slapdashzero: are you striving for security through interoperability? So far, having Windows, Linux, Unix, and MacOs hasn't stopped virii from being developed for all the OSs. Sure, Windows is a bigger target, and thus affects more people, but that's Microsofts fault for lax security development, not because its OS is nearly ubiquitous.

    Hopefully by working together, there will be a single, stronger encryption rather than 6 weaker ones that require your company to purchase 6 different types of software, or only purchase from a single harddrive manufacturer.
  • jrabbitb

    ever hear of resetting the bios. password gone. access granted. the only way to prevent it is custom bios w/ a password build in and a requirement on password at the bios level. good luck getting custom bios written.

    also, remove drive, put in other box, bios totally removed from the equation.

    Physical access means i have broken your security, in time, i WILL brute force you. current encryption standards wont hold up, that's why we keep making new standards.