Manualshelf

User Manual

ManualsBrandsSeagate Technology ManualsSeagate Technology Hard Drives & Storage2TB ENT CAP 2.5 HDD SATA 7200 RPM 128MB 2.5IN
12345678910
Enterprise Self-Encrypting Drive User’s Guide, Rev. B 7
Now that we know something about AES and CBC, theres one more subject that we need to visit before we take a
look at how the disk drive applies and manages encryption in data storage. That subject is hash functions.
1.2 Hash functions
Hash functions take an arbitrarily long string of bytes and produce a fixed size result, sometimes called the digest or
fingerprint. In Figure 4, we see a string of bytes m being input to a hash function which produces a fixed size hash out-
put h(m).
Figure 4. The hash function
The properties of a hash function can be simply stated as follows:
It must be a one-way function. Given m it’s easy to compute h(m) but given h(m) it’s not possible to find m. That is,
you cannot create the original message from the digest.
It must have good collision resistance. A collision means computing the same hash h(m) for two different input
streams. In other words it should be practically impossible to find two messages m1 and m2 such that
h(m1) = h(m2).
Hash functions have been used in disk drives since the early days of magnetic storage. They have been used as an
integrity check on data fields to signal an error condition when data corruption has taken place.
There are various hash functions in use but one of the more common provides a digest called Cyclic Redundancy
Check (CRC). Today, we append a 4-byte CRC check to Fibre Channel and Serial Attached SCSI (SAS) data frames
before they are sent by a controller across the interface to the drive. As the data frame is received, the drive computes
the CRC (hash) of the data and compares it to the appended CRC. Any discrepancy indicates the data has been cor-
rupted and the frame should be resent.
So, how do we select a suitable hashing algorithm that adequately meets the properties given above? Once again, the
federal government made our job of selecting a good hashing function a lot easier because the NSA (National Secu-
rity Agency) designed the Secure Hash Algorithm (SHA) which fits the bill very nicely. The SHA algorithm used in
Seagate drives produces a digest of 256 bits and is consequently called SHA256.