Comment: Securing data-at-rest with self-encrypting drives

LSI's Bret Weber examines how data centres can utilise self-encrypting hard drives to protect data-at-rest
LSI's Bret Weber examines how data centres can utilise self-encrypting hard drives to protect data-at-rest
Bret Weber, LSI
Bret Weber, LSI

Securing information in the data centre is critically important. A company’s data is one of its most valuable assets, and a security plan must provide for protection of data throughout all aspects of the storage ecosystem.

Each point in the storage infrastructure provides unique threat models that must be dealt with using best-in-class methodologies. Some examples of these ‘security domains’ would be: data-in-flight, data-at-rest, authentication of devices and users, key management, and end-to-end-data integrity.

It’s critical to protect data-at-rest – data stored on a hard drive or other storage device. Eventually every hard drive in a data centre leaves the premises. It may be stolen or lost; it may be sent back to the vendor for servicing; it may be repurposed.

Most hard drives that leave the data centre are operable and readable. In fact, studies have shown that 90% of failed drives actually have some amount of readable data.

Some data centres hire professional services to dispose of decommissioned hard drives. The drives, however, are still vulnerable. If only one drive is stolen or lost, a company may be forced to pay millions of dollars in remedies for the compromised data.

Many nations have laws requiring a company to publicly disclose the loss or theft of hard drives that contain customer information. Such disclosures can be costly in terms of money, negative publicity and lost customer confidence.

Advantages of self-encrypting drives

For the data-at-rest security domain, you must consider the specific threat models that will be encountered, and then choose the best methodology to protect against those threats.

We believe the best solution for protecting data-at-rest is to use standardised self-encrypting hard drives that automatically encrypt everything written to them. This is better than using a traditional hard drive and encrypting data upstream from the drive. In this case, when the drive leaves the environment, the attacker can read ciphertext at will, and use it as a hint to crack the data encryption keys.

Self-encrypting drives prevent this method of attack, by not allowing any access to data until the drive is authenticated. Ciphertext is never exposed in a self-encrypting drive, and the only way to get at it would be through destructive methods, such as a spin stand.

Another advantage of using self-encrypting drives is that there is no performance impact.

When encrypting data-at-rest, one of the biggest issues is data classification: determining what needs to be encrypted and what doesn’t. This is especially true when the encryption methodology has performance impacts.

With the huge amounts of data that we are talking about, it is a mind-boggling task to sort through the terabytes of information. Additionally, how can you be sure that you found everything and got it encrypted? With self-encrypting drives, the drive automatically encrypts all data written to it, so that no one needs to spend valuable time deciding which information to encrypt.

Once authenticated, self-encrypting drives appear exactly the same as non-encrypting drives to the storage infrastructure. No changes are required to the applications. This is in contrast with encrypting data upstream, which can impact storage system value and operations downstream, such as data de-duplication or compression.

The issue is that encrypted data cannot be de-duplicated because the storage encryption confidentiality ciphers encryption based on location information. In other words, two identical pieces of data stored at two different logical block addresses do not encrypt the same, so they will not be de-duplicated. In the case of compression, the encryption process randomizes the data and impacts the compression ratios.

Interoperability is also a major consideration. The encryption cipher is now tied to a disk drive rather than the application, OS or storage controller. Drives with different encryption algorithms can easily be added to an existing storage array, because the encryption algorithm is transparent to the system. Drives with newer encryption technology can be combined seamlessly with older self-encrypting drives in storage systems that support encryption.

Data encryption keys on self-encrypting drives are secure because each drive holds only an encrypted version of the encryption key, and not the key itself. Hard drive manufacturers assume that an attacker could have complete knowledge of the drive’s design and construction, and the location of any sensitive data. Therefore, no clear text data are stored anywhere on the drive, and potential hackers who know the drive’s design cannot use this information to ‘crack’ the encrypted data on the drive.

In fact, with self-encrypting drives, there is no reason to ever escrow the data encryption key. This also guarantees that the data encryption key has never been compromised because it has never left the drive. Since the key has never left the drive, the drive can be securely erased by simply deleting its encrypted form of the data encryption key.

This is in sharp contrast with methodologies that encrypt data upstream, where data encryption keys must be escrowed. This brings into question assurances about whether the key has ever been compromised. If it has been compromised, and someone has the key from the escrow, the data on a traditional drive could be recovered.

Self-encrypting drive operation basics

The usage model for a self-encrypting drive is pretty straightforward. An authentication key from an outside source is required to unlock the drive for read/write operations. This authentication key will typically come from either an enterprise key management server, or a local key management system, by way of the storage controller. After authentication is completed during power-up, encryption is transparent to the storage system, which can then perform its usual functions in a normal fashion.

Self-encrypting drives are a standards-based solution, and all drive vendors are participating in the Trusted Computing Group (TCG) standard for secure drive commands, which assures interoperability. We fully expect that in the future, all drives will eventually be self-encrypting.

Secure data storage is a real-world problem for enterprises. Encryption on the hard drive, combined with robust key management and a state-of-the-art storage system to house the drives, provides superior performance, manageability and security. This is a significant leap forward to improve security and management in the world’s data centres.


Bret Weber is a fellow for LSI Corporation and in his current role as chief architect for Engenio Storage Group, is responsible for high-level architectural decisions for the RAID and storage product portfolios. Prior to assuming his current role, Weber was director of architecture for the Engenio Storage Group.

Weber has over 25 years of experience in the storage industry with NCR, AT&T, Symbios Logic and LSI, and has been involved with RAID since the first RAID products were developed. He also has 30 issued patents in the area of storage software and hardware.

What’s Hot on Infosecurity Magazine?