Manualshelf

User Manual

ManualsBrandsSeagate Technology ManualsSeagate Technology Hard Drives & StorageSeagate 2TB EXOS 7E2000 ENT CAP 2.5 HDD - ST2000NX0273
12345678910
Enterprise Self-Encrypting Drive User’s Guide, Rev. B 5
It isn’t rocket science to deduce that our decryption engine would need to perform a similar but opposite function
(subtraction in this case) in order to reconstitute the original message:
MSUSAAAB SQ – ENIGMAENIGM => HELLO WORLD
Cipher text Decryption Key Message
Any prying eyes that got access to our cipher text would not be able to deduce the original plain text message unless
two things were known:
1. The secret key
2. How the encryption engine works—the algorithm used to compute the cipher text.
Any cryptographer worth his salt would be able to break our code in a heartbeat, so we could beef it up by making the
algorithm more complex. Instead of assigning sequential numbers to the letters of the alphabet, we could use a
lookup table, assign any unique number we want to each of the alphabetic characters, process the message in reverse
order, add redundant characters, and add any number of other algorithm complexities to make the key more secure.
The other thing we could do is to use a more complex key which is as large as manageably possible (to cut down the
number of repetitions) and one that does not form a readable word or phrase, making it more difficult for an attacker
to break the code. A key made up of random characters would fit the bill since its structure is entirely unpredictable.
To make the encrypting process easier to handle by the electronic hardware, we could perform the encryption on a
block by block basis. Additionally, if we made the key size equal to the block size, we could avoid having to repeat
(concatenate) the key within the block. This is the technique that is used and though block sizes vary depending on
the algorithm and the current state of the technology, the more common block sizes in Self-Encrypting Drives are 128
and 256 bits.
1.1.2 The Advanced Encryption Standard (AES)
Believe it or not, in the real world of disk drive cryptography, the only secret is the encryption key itself. The algorithm
(encrypting process) is not only well known but is a standard called the Advanced Encryption Standard (AES) which is
recommended by the US government.
Two versions of this standard are used in Seagate disk drives, AES128 and AES256. The numbers refer to the bit-size
of the encryption key (and the block size) used by the algorithm, which must be a 128-bit (16 byte) or 256-bit (32 byte)
random number. Without knowing the encryption key, this algorithm makes it virtually impossible to decipher the
code and since the algorithm is in general use, the more exposure it gets to being unsuccessfully attacked and bro-
ken, the higher our confidence in it.
Another advantage of being a standard is that it provides a common denominator for the manufacture of encrypting
devices. So, all vendors are dancing to the same tune—this makes it easier to check that all vendors of encrypting
hardware are compliant with government requirements.
For those interested in reading a short description of the AES128 algorithm and seeing a simplified block diagram,
refer to Section 6.0.