Manualshelf

User Manual

ManualsBrandsSeagate Technology ManualsSeagate Technology Hard Drives & StorageSeagate 2TB EXOS 7E2000 ENT CAP 2.5 HDD - ST2000NX0273
12345678910
Enterprise Self-Encrypting Drive User’s Guide, Rev. B 8
1.3 Drive locking
In the previous section we showed that all data from the host is encrypted prior to being recorded on the media with
a write command, and decrypted to plain text before being returned to the host in a read operation. So where’s the
security in that? Well the answer is that there is no security implicit in the encryption process when anyone can have
access to the drive, or more specifically the data encryption key (DEK).
What do we know about the DEK? Well, we know that it’s a random number, and we’ll find out shortly that it never
leaves the drive. In other words, no one knows the value of the DEK. So now what? How do we stop anyone from
accessing the data? The answer is that even though we don’t know the value of the DEK, we can tell the drive to pre-
vent anyone from using it unless they have appropriate authorization. In other words the drive owner can put access
to the DEK, and hence access to the data, under password (authentication key) control. This is called drive locking.
The drive keeps track of the locked status of the data in a portion of the security electronics called the “Locking Secu-
rity Partition
1
” or “Locking SP.” To lock/unlock the user data we would need to talk to the Locking SP, prove that we
have the authority to access the data by providing the correct authentication key, and set the locked/unlocked
parameter to the appropriate value. When the drive is powered off and on, it will automatically go into the locked
state and will require the user to present the correct password to unlock the drive for data access. The Locking SP
allows us to control access to other things in the drive, but more about that in due course.
There is a second security partition in the drive called the “Admin SP.” Access to this security partition is controlled by
another authentication key which allows the owner to set up access permissions to other functions within the drive
which might otherwise compromise drive security. For example, the Admin SP allows the owner to enable or disable
firmware download operations. Since a firmware download could be thought of as a brain transplant for the drive,
strict precautions need to be taken, not just in allowing the download in the first place, but ensuring that the firmware
is genuine, it came from the right source, and it is compatible in form, fit, and function.
1.4 The Self-Encrypting Drive (SED)
Self encryption simply means that all of the data written to the storage medium is encrypted by the disk drive before
being written and decrypted by the disk drive when it is read. All interface data passing between the host controller
and the disk drive is in clear text and therefore, as far as read/write operations from the host controller are concerned,
it’s business as usual. As shown in Figure 5, the encryption engine is located between the drive’s interface electronics
and the data buffer (cache) so that all information which is temporarily at rest in the data buffer is encrypted, as is all
data on the media side of the encryption engine.
Figure 5. Division of clear text and cipher text in the disk drive
1 Also called “Locking Security Provider” in the standards documents.