Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
As the popularity of using external hard disks to store and back up personal, business, and organizational data increases, the need to consider data protection grows. Confidential data in the hands of unauthorized users can mean financial loss, erosion of public trust, and even legal liability. Encryption has become an effective way to safeguard sensitive corporate, personal, and organizational data. (For more information, refer to LaCies Digital Security White Paper.) This document serves as an introduction to data encryption as well as several robust encryption storage solutions offered by LaCie.
What is ENCRYPTION?
As a general term, cryptography is used in order to keep crucial or secret information from unauthorized access. Encryption, a cryptographic implementation, is the conversion of data into a seemingly incomprehensible mixture of characters that, when viewed, cannot be read as simple text. Simple text is defined as standard written text, such as this document. The algorithm used to encrypt data is called a cipher, or ciphertext, while unencrypted data is called plaintext. Decryption is the process of converting encrypted data (ciphertext) back into its original form (plaintext), so it can be understood. The use of encryption/decryption is as old as the art of communication. In wartime, a cipher, often incorrectly called a code, can be employed to keep the enemy from obtaining the contents of transmissions. Simple ciphers include the substitution of letters for numbers, the rotation of letters in the alphabet, and the scrambling of voice signals by inverting the sideband frequencies. More complex ciphers work according to sophisticated computer algorithms that rearrange data bits into digital signals. In storage encryption, the most common ciphers employ random substitution, replacing each letter in a message. This form of encryption is widely used due to its simplicity and general reliability. Block ciphers, however, provide greater security by breaking the message into fixed-length blocks so that each block of plaintext can be converted into a block of ciphertext using a sequence of arithmetical operations and/or substitutions. The most popular block cipher is AES (Advanced Encryption Standard, also known as Rijndael pronounced rein-dahl from the names of its two inventors). AES is a block cipher with very long keys (128, 192 or 256 bits), and is specifically designed to resist the most sophisticated cryptographic attacks. Hackers engaging in timing analysis (looking for correlations between a plaintext and the time taken to encrypt it) and power analysis (looking for variations in the processing power requirements for encrypting different plaintexts) find it very challenging to penetrate AES block ciphers.
Page 2
Page 3
What Is the Encryption Mode Used by LaCie SAFE and Enterprise CLASS Drives?
LaCie SAFE and Enterprise Class drives feature highly secure AES ciphers using government-approved algorithms for its proprietary, hardware-based encryption. One element includes electronic codebook mode (ECB), which can protect data from brute force decryption attacks, especially when implemented in hardware. An AES algorithm uses one of three cipher key strengths: a 128-, 192-, or 256-bit encryption key. Each encryption size creates a unique algorithm with increasing levels of strength. Thus, key sizes of greater length offer more bits to scramble data, heightening the complexity of the cipher algorithm. Adding to the high level of security, AES is based on a substitution cipher, which means that it replaces each letter in a message with a symbol. Because the choices for substitution are random, the patterns that make other ciphers vulnerable to compromise are removed. LaCie takes advantage of strong, hardwarebased AES 128-bit algorithms for encryption (encipher) and decryption (decipher). AES is precisely defined to resist the most sophisticated decryption attacks, such as timing analysis and power analysis. Adding to the benefits to the end user, AES, when administered optimally, demands very little memory to encrypt and decrypt, which makes it especially suited for embedded applications that utilize external hard drives.
Page 4
Page 5
Page 6
SOURCES
http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf http://www.techworld.com/security/features/index.cfm?featureid=993 http://www.iusmentis.com/technology/encryption/des/#SecurityofDES
Hardware Encryption
AES 128
Security Chain
Yes
Desktop
No
AES 128
No
Desktop
No
AES 128
No
Desktop
Yes
AES 128
Yes
Page 7