Hacker News new | comments | show | ask | jobs | submit login

That kind of encryption is useless, because I can't audit it. How do I know my data really IS encrypted and the key isn't just stored on the drive itself?



Yup. And who tells me that the manufacturer doesn't keep a master key to himself?

When I go so far as to encrypt my drive then I'd rather use an open source product that I can download and compile myself. Not that I'd ever actually audit the source code myself - but at least I can be reasonably sure that multiple independent third parties have done it for me.


Proprietary hardware encryption schemes are assessed by third parties all the time. If you just aren't comfortable with anything but open source, that's fine. But you already rely on plenty of other security systems you can't audit.


I don't. And I really do believe that I should be able to audit any security solution I use.

I don't understand what you mean by "Proprietary hardware encryption schemes are assessed by third parties all the time". Sounds like corporate speak to me. First, any "proprietary encryption scheme" is rubbish, and second, I should be the one to assess it.

My point with the drive encryption solution was that you are told that your data is encrypted, but you have no way of checking it yourself. What if encryption is disabled in your drive? Can you tell?

The final output of any encryption solution needs to be independently accessible, so that you can verify if it resembles white noise (which it should, ideally).


So go ahead and audit them. The vendors will pay you to do it. Go thumb through a couple years of Black Hat talks for examples of people finding vulnerabilities in firmware, microcode, and closed-source cryptosystems in their spare time.

By "proprietary encryption scheme", I'm just referring to crytosystems for which you don't have the source code. You will have trouble finding any mainstream full-disk encryption vendor that isn't using something like AES, LRW-AES, or XTS-AES.

Nobody you care about is ever going to ship a product based on Super-Mega-40960-Bit-Matrix encryption. It's not 1994 anymore. There is absolutely no business case to be made for using nonstandard encryption: if you do it, you can't sell to the government, you can't sell it to any Fortune 500 company, and you get made fun of in magazine reviews.

I don't understand your "what if encryption is disabled in your drive" comment. What makes you think that's hard to check? Also, what makes you think that "secretly not encrypting an encrypted drive" would be a sane business decision for any vendor? They'd be open to spectacular liability. The first credit card processor that lost a secretly unencrypted disk drive would end up owning Seagate.


So, how do you check if your data is encrypted? Open the hard drive and look at the platters?

I'm sorry, I am not convinced. I would much rather run software than I can a) audit and b) check the output of.


(1) I think all your questions are answered at the Opal spec site: http://tinyurl.com/aulrpj

(2) If you think that hardware-level analysis is out of scope for assessing a corporate full disk encryption system, you're out of step with the security industry; hobbyists do hardware analysis in their spare time. There are obviously likely to be much simpler way to verify encrypted storage than "looking at the platters".

(3) Like I said originally, if you're religious about open source, more power to you. It's obvious that there's little I can say to make you happy with the TCG. But, and I mean no offense, from what little I know of you it seems like they know much more about this topic than you do.


As to (2), my point was that I have no way of doing it.

As to (3), I am not "religious about open source". My point was that at the very least I would like to be able to verify what the output is, which I can't.

Your arguments about companies' reputations being on the line are something I don't buy. This is hacker news, I buy technical arguments. And if you believe "reputable companies" don't do strange things with your keys or our data, may I kindly remind you of http://en.wikipedia.org/wiki/NSAKEY

Regarding (1), thanks for the reference, I will certainly learn more about the technology involved.


I don't think it's really reasonable to rule out hardware security simply because jwr from Hacker News isn't capable of assessing it, but I don't blame you for not using it.


It isn't just me, Bruce Schneier doesn't trust the vendors either, and for good reasons:

http://www.schneier.com/blog/archives/2009/02/the_doghouse_r...

(yes, I know this is about a hardware enclosure, not about a drive, that's actually lucky because someone could _check_ if the bytes are actually encrypted)

Now let's hear you mock Bruce :-)


If you really want to know, you could always unplug the drive, plug it into another computer, and try your best to recover data--but other people are trying that; people like tptacek, and you could just rely on their assessments.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: