Difference between pages "Full Disk Encryption" and "File:Huawei-u8655-front.jpg"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
Line 1: Line 1:
'''Full Disk Encryption''' or '''Whole Disk Encryption''' is a phrase that was coined by [[Seagate]] to describe their encrypting [[hard drive]]. Under such a system, the entire contents of a hard drive are encrypted. This is different from [[Full Volume Encryption]] where only certain partitions are encrypted.
Some examples of full disk encryption:
== Hardware Solutions ==
=== Embedded into internal HDD ===
; Hitachi ''Bulk Data Encryption'' ("BDE")
: http://www.hitachigst.com/tech/techlib.nsf/techdocs/74D8260832F2F75E862572D7004AE077/$file/bulk_encryption_white_paper.pdf
* FIPS 197 (Federal Information Processing Standard 197 certification issued by NIST)
* [http://csrc.nist.gov/groups/STM/cavp/documents/aes/aesval.html AES-128]
; Seagate ''Full Disk Encryption'' ("FDE")
: http://www.seagate.com/docs/pdf/marketing/PO-Momentus-FDE.pdf
: Seagate's encrypted drives are only available as OEM products.  Seagate provides no software to utilize encrypted drive features (such as key management).  There is a proprietary Windows-only API, but it is not available to the public.
* [http://www.seagate.com/ww/v/index.jsp?name=st9500422as-momentus-7200-fde-fips-140-2-sata-500gb-hd&vgnextoid=0be9f080d2c55210VgnVCM1000001a48090aRCRD&locale=en-US&pf=1 FIPS 140-2] (Federal Information Processing Standard 140-2 certification issued by NIST)
; Toshiba ''Self-Encrypting Drives'' ("SED")
* [http://sdd.toshiba.com/main.aspx?Path=ServicesSupport/Self-EncryptingDrives AES-256] (certification issued by NIST)
=== Supplemental Hardware / External Chassis ===
; Addonics product lines
: http://www.addonics.com/products/cipher/CPD256U.asp
; Apricorn product lines
: http://www.apricorn.com/products.php?cat_id=72
; DigiSafe
: http://www.digisafe.com/products/products_DiskCryptMobile.htm
; Eracom Technology DiskProtect
: http://www.eracom-tech.com/drive_encryption.0.html
; iStorage DiskCrypt Mobile
: http://www.istorage-uk.com/diskcryptmobile.php
; Network Appliance (Decru)
: http://www.netapp.com/ftp/decru-fileshredding.pdf
: http://www.netapp.com/us/products/storage-security-systems/
: http://www.forensicswiki.org/images/6/6f/Securing_Storage_White_Paper.pdf (Decru white paper)
== Software Solutions ==
; beCrypt
: http://www.becrypt.com/our_products/disk_protect.php
; [[BitArmor]] [[DataControl]]
: FDE tool that protects fixed and removable media.
; [[BitLocker]]
: Part of Windows Vista that uses [[AES]] 128 or 256 bit encryption
; [[CGD]]
: Cryptographic Device Driver. Provides transparent full disk encryption for [[NetBSD]].
: Supports various [[ciphers]]: [[AES]] (128 bit blocksize and accepts 128, 192 or 256 bit keys), [[Blowfish]] (64 bit blocksize and accepts 128 bit keys) and [[3DES]] (uses a 64 bit blocksize and accepts 192 bit keys (only 168 bits are actually used for encryption).
: http://www.netbsd.org/docs/guide/en/chap-cgd.html
; [[Checkpoint Full Disk Encryption]]
: http://www.checkpoint.com/products/datasecurity/pc/
; [[dm-crypt]]
: Transparent [[file system]] and [[swap]] encryption for [[Linux]] using the Linux 2.6 device mapper. Supports various [[ciphers]] and [[Linux Unified Key Setup (LUKS)]].
: http://www.saout.de/misc/dm-crypt/
: http://clemens.endorphin.org/nmihde/nmihde-A4-ds.pdf
; [[FreeOTFE]]
: Transparent on the fly encryption for [[Windows|MS Windows]] and [[Microsoft Windows Mobile|Windows Mobile]] PDAs. Also supports mounting [[Linux]] [[dm-crypt]] and [[Linux Unified Key Setup (LUKS)|LUKS]] volumes
: http://www.FreeOTFE.org/
; [[GBDE]]
: [[GEOM]] Based Disk Encryption. Provides transparent full disk and swap encryption for [[FreeBSD]]. Supported  [[ciphers]]: [[AES]] (128 bit).
: Supports hidden volumes and Pre-Boot Authentification.
: Since data loss can occur on unexpected shutdowns, GELI is recommended instead of GBDE.
: http://www.freebsd.org/cgi/man.cgi?query=gbde&apropos=0&sektion=8&manpath=FreeBSD+6.2-RELEASE&format=html
: http://phk.freebsd.dk/pubs/bsdcon-03.gbde.paper.pdf
; [[GELI]]
: Cryptographic [[GEOM]] class. Provides transparent full disk encryption for [[FreeBSD]]. Supports various [[ciphers]]: [[AES]], [[Blowfish]] and [[3DES]].
: Supports hidden volumes and Pre-Boot Authentification.
: http://www.freebsd.org/cgi/man.cgi?query=geli&sektion=8
; Jetico BestCrypt
: http://www.jetico.com/
; [[loop-AES]]
: Transparent [[file system]] and [[swap]] encryption for [[Linux]] using the loopback device and [[AES]].
: http://sourceforge.net/projects/loop-aes/
; [[PGPDisk]]
: Pretty Good Privacy Whole Disk Encryption provides transparent whole disk encryption with Pre-Boot authentification for [[Windows]]. Also supports [[MacOS]] X 10.4 (non-boot disks only).
: Can use OpenPGP RFC 2440 keys and X.509 keys for authentification.
: Supports USB Tokens for authentification.
: Supported [[ciphers]]: [[AES]] (256 bit keys).
: http://www.pgp.com/products/wholediskencryption/
; [[SafeGuard Easy]]
: Certified according to [[Common Criteria]] EAL3 and FIPS 140-2
: Encryption algorithms supported: [[AES]] (128 and 256 bit) and [[IDEA]] (128 bit)
: Provides complete [[hard drive]] encryption including the boot disk.
: http://www.utimaco.us/products
; [[SECUDE]]
: [[SECUDE]] provides a software and hardware solution for full disk encryption.
: http://www.secude.com
; Securstar DriveCrypt
: http://www.securstar.com/products_drivecryptpp.php
; [[TrueCrypt]]
: Transparent full disk encryption for [[Linux]] and [[Windows]]. Supports [[AES]] (256 bit), [[Serpent]] and [[Twofish]].
: Supports hidden volumes within TrueCrypt volumes (plausible deniability).
: http://www.truecrypt.org/
; [[DiskCryptor]]
: Free solution provided under GNU General Public License.
: http://diskcryptor.net/index.php/DiskCryptor_en
; [[vnconfig]]
: The -K option of [[OpenBSD]] vnconfig(8) associates and encryption key with the svnd device. Supports saltfiles. Supported [[ciphers]]: [[Blowfish]].
: http://www.openbsd.org/cgi-bin/man.cgi?query=vnconfig&sektion=8
==Exernal Links==
[http://www.thinkwiki.org/wiki/Full_Disk_Encryption_(FDE) Wiki page for FDE on Thinkpads]
[[Category:Disk encryption]]

Latest revision as of 01:32, 13 September 2013