Posted by: Stephen Wildstrom on February 24, 2008
It looks more research is needed before we find out just how safe new disk drives with built-in hardware encryption are.
A group of researchers at Princeton created a stir last week with a paper describing a technique for extracting the hard-drive encryption keys from computers. An email from a reader raised the question of whether the technique would work against self-contained full-disc encrypted drives, such as the Seagate Momentus FDE (PDF) that I wrote about last fall.
I passed the question on to Princeton’s Edward W. Felten, who quickly got back to me with this reply: “The short answer is that we don’t know. A system of that type could be secure, in principle, but there are many details that would have to be gotten right, to make sure that (1) there’s no way to extract the key from the drive controller, and (2) there’s no way to reboot the computer into a different operating system without the key being fully erased from the drive controller.”