Secure IDE?
Trei, Peter
ptrei at rsasecurity.com
Wed Jul 30 14:02:38 PDT 2003
> Trei, Peter
>
> ABIT has come out with a new motherboard, the
> "IC7-MAX3" featuring something called 'Secure
> IDE', which seems to involve HW crypto in the
> onboard IDE controller:
>
> From the marketing fluff at
> http://www.abit.com.tw/abitweb/webjsp/english/news1.jsp?pDOCNO=en_0307251
>
> "For MAX3, the ABIT Engineers listened
> to users who were asking for information
> security. SecureIDE connects to your IDE
> hard disk and has a special decoder;
> without a special key, your hard disk cannot
> be opened by anyone. Thus hackers and
> would be information thieves cannot access
> your hard disk, even if they remove it from your
> PC. Protect your privacy and keep anyone
> from snooping into your information. Lock
> down your hard disk, not with a password,
> but with encryption. A password can be
> cracked by software in a few hours. ABIT's
> SecureIDE will keep government
> supercomputers busy for weeks and will
> keep the RIAA away from your Kazaa files."
>
> No, I have no idea what this actually means either.
> I'm trying to find out.
>
> Peter Trei
>
Yeah, I know it's tacky to followup ones own messages, but
I found a little more:
http://www.abit.com.tw/abitweb/webjsp/english/SecureIDE.htm
"SecureIDE is a encryption device that uses
the eNOVA X-Wall chipset that ensures
confidentiality and privacy of your data
through disk encryption. When booting
up your system, go to DOS and implement
the FDISK instruction. This instruction will
make a partition to format the Hard Disk
to accept the secure IDE key. After this
procedure, there are no more extra steps
to perform besides using the key to "open"
the hard disk each time you boot up your system."
The accompanying diagram shows a daughterboard
sitting between the HD and the system, with a USB
dongle coming off the side. eNova has more info at:
http://www.enovatech.com/w/html/about.htm
The USB dongle apparently acts only as a key
store, for a DES or 3DES key. It needs to be
present at boot time. It appears that the key
is put on the device by the manufacturer !!!!
though they promise "Enova Technology
does not maintain a database of X-Wall
Secure Keys". On the good side, it seems
to encrypt the whole disk, including the
boot sector and swap.
No info on chaining modes, if any, nor of
IV handling. There is no mention of a PIN
or other 'something you know' required to
use the USB key. I can't tell if pulling the
dongle shuts down the system.
Might be neat, but as yet, insufficient information.
Peter
More information about the Testlist
mailing list