Académique Documents
Professionnel Documents
Culture Documents
Drive Firmware
Security Overview
Security is a Trade-Off …!
Seagate Confidential
Topics
Seagate Confidential
SED Cryptography and Completeness
Seagate Confidential
What’s Inside One of These Drives:
Read
Write
ASIC SP
SP
SP
SP
TCG SP
SP
Data Table Col1 Col2
SP Data Table Col1 Col2
Row1 Method ACL
SP …
SP SP Row1
Row2
row3
Row2 Create User1
row3 Get User2
Set User1
Industry standard …
protocol to access
User Authentication
security services,
Uncircumventable access User1 Password
methods & data. High Quality RNG
control User 2 Challenge response
Supports secure partly derived from
communication & strong Signed firmware media signals
authentication AES encryption in ASIC
Cryptographic methods:
Security Providers = Logical “SmartCards”
AES,RSA,RNG, SHA-1,
SHA-256… Isolated from all others & to be securely issued
Seagate Confidential
Self-Encrypting Drive Basics
Seagate Confidential 6
Authentication in the Drive
Storage Server
AK
Authentication Key
DEK
Data Encryption
Correct AK? Key
Clear Data
Drive Hash
responds to AK
No Read or
Write Reqs
Hashed Encrypted
AK DEK Encrypted
User Data
7 Seagate Confidential
Encryption Process
Seagate Instant Secure Erase
Description
The quick brown %$#@bdelijrui
Instant Secure Erase changes the drive’s Data Encryption Key fox jumps over l.skd%$#@i&&
(DEK). the lazy dog 6544ty899#@&$
Data encrypted with previous key is unintelligible when
“decrypted” with new key User Data DEK Data on Drive
Benefits
Instantaneous erase for secure disposal or repurposing
Change DEK
All spares, all virtual copies, Everything written with the
original Key is instantly securely erased!
Xe %$#@bdelijrui
! l.skd%$#@i&&
6544ty899#@&$
Seagate Confidential 9
Encryption and Authentication Basics
Client or Controller
Internet
11 Seagate Confidential
Secure Firmware Download
Field Engineer authenticates drive to Seagate Firmware signed
server with private key
Firmware download allows only Seagate signed (using RSA2048 and SHA-256) firmware.
To load new controller firmware onto the drive, the drive verifies the integrity and authenticity of the firmware,
using a replay resistant protocol exchange, before activating it.
Seagate Confidential
Authenticated Diagnostics Command Access
employs Diagnostics
Drives ship with the Diagnostic Port locked and with no Diagnostic commands. Diagnostics Port unlock via
authentication through a Seagate Secure Server.
Non-repudiation log maintained for all security management activities Seagate Confidential
My Thoughts on Protecting Firmware: Key to Drive Business
You cannot outsmart the world
Secrets are eventually found out
See Brian Williams, Gary Hart, etc
Obviously NSA cannot keep a secret (Snowden)
Thinking you can is clearly no basis for intelligent action
Seagate Confidential