The first 256-bit AES protected hard disk

Fujitsu launched the first AES 256 bits protected hard disk. The processor of the hard disk encrypts and decrypts every stored data. It is announced that the 256-bits never leaves the embedded processor. An interesting feature is the fast secure erasing of the full hard disk in less than 1 second. It seems that it is performed by simply erasing the secret key. Thus, the stored data are useless (if of course the key is securely erased)

The use of AES-256 bits rather than AES 128 bits is only a marketing argument. Seagate offers AES 128 bits protected hard disk. Currently, the cryptographic community estimates that AES 128 is secure for the next 20 years (until we find an attack :Wink:) Is this solution really more secure than software based encryption as claimed in the press release? I have some doubts. It will depend on the way the encryption is activated.

  • If the decryption is automatic at boot without presentation of any passphrase/password, then it is rather useless. The protection of the data then relies on the login of the computer.
  • If the decryption is activated by the presentation of a passphrase/password, then the security relies on this protection. It will not be stronger than the implementation of this checking
  • If the decryption is activated after the control of a pairing with the host computer, then there is a risk to loose every data in case of failure of the host computer.
  • If the description is activated by a remote RFID, as for easy nova hard disk, then the security is the one of the RFID

Unfortunately, the public information does provide no details.

Leave a Reply

Your email address will not be published. Required fields are marked *