Fujitsu launched the first AES 256 bits protected hard disk. The processor of the hard disk encrypts and decrypts every stored data. It is announced that the 256-bits never leaves the embedded processor. An interesting feature is the fast secure erasing of the full hard disk in less than 1 second. It seems that it is performed by simply erasing the secret key. Thus, the stored data are useless (if of course the key is securely erased)
The use of AES-256 bits rather than AES 128 bits is only a marketing argument. Seagate offers AES 128 bits protected hard disk. Currently, the cryptographic community estimates that AES 128 is secure for the next 20 years (until we find an attack :Wink:) Is this solution really more secure than software based encryption as claimed in the press release? I have some doubts. It will depend on the way the encryption is activated.
- If the decryption is automatic at boot without presentation of any passphrase/password, then it is rather useless. The protection of the data then relies on the login of the computer.
- If the decryption is activated by the presentation of a passphrase/password, then the security relies on this protection. It will not be stronger than the implementation of this checking
- If the decryption is activated after the control of a pairing with the host computer, then there is a risk to loose every data in case of failure of the host computer.
- If the description is activated by a remote RFID, as for easy nova hard disk, then the security is the one of the RFID
Unfortunately, the public information does provide no details.