Your All-in-One Guide to Self-Encrypting Drives (SEDs)
by Brett Daniel, on Oct 13, 2020 9:00:00 AM
Graphic: Self-encrypting drives conforming to TCG Opal 2.0, AES, and FIPS 140-2 are in incredibly high demand right now, particularly for mission-critical applications requiring state-of-the-art cybersecurity solutions for sensitive or controlled unclassified data at rest. We'll discuss SEDs, what they are, how they work, and common specifications in this blog post, as well as talk about how Trenton is incorporating FIPS 140-2-certified drives into its systems.
Table of Contents
- What is a self-encrypting drive (SED)?
- Where can I find self-encrypting drives?
- How do self-encrypting drives work?
- Are self-encrypting drives secure?
- How do I know if my drive is self-encrypting?
- What level of encryption do self-encrypting drives provide?
- What's the difference between AES-compliant, FIPS 140-2-compliant, and Opal-Compliant?
- FIPS 140-2 SEDs: Achieving Compliance & Avoiding Pitfalls
- Trenton Systems: Incorporating FIPS 140-2 SEDs You Can Depend On
This 2020 article by software company Varonis compiles 107 statistics on data breaches. Reading them will make your stomach turn somersaults.
We've highlighted seven particularly nauseating ones below:
- Data breaches exposed 4.1 billion records in the first six months of 2019.
- The United States saw 1,244 data breaches in 2018 and had 446.5 million exposed records.
- The average time to identify a breach in 2019 was 206 days, and the average time to contain a breach was 73 days.
- Ninety-five percent of breached records came from the government, retail, and technology in 2016.
- Data suggests that cybercrime cost businesses over $2 trillion total in 2019.
- A cyberattack occurs every 39 seconds.
- Twenty-four percent of data breaches are caused by human error.
Now, review some of those statistics, and consider what they could mean for your business's or organization's sensitive data. One major takeaway is that hundreds of thousands of your most vital records can be accessed in just seconds, yet you might not even know that such access occurred until nearly seven months later, and even then, it could take you nearly two-and-a-half months to develop and implement an effective solution. The amount of time and money spent on such a disaster is alarmingly palpable.
If these statistics alone, and the 100 other frightening ones listed in the Varonis article, don't motivate you to begin seriously investing in advanced cybersecurity solutions, or at least continue to build upon your already existing cybersecurity infrastructure, then adequate data security for the military, industrial, and commercial sectors as we know it is headed for trouble.
There are three states of digital data, each of which is highly vulnerable to cyberattacks: data at rest, data in motion, and data in use. Each state needs adequate protection, and because of their distinct positions, require different methods for ensuring said protection, ranging from simple anti-virus software to hardware-based full disk encryption. We're focusing on the latter in this blog post because we believe it to be one of the most effective data at rest protection solutions available today.
We've touched briefly on hardware-based full disk encryption, data at rest protection, and FIPS 140-2 drives before, but in this post, we're going to zero in on a FIPS 140-2-associated technology that's becoming an increasingly in-demand solution for data at rest protection: self-encrypting drives, or SEDs.
We'll describe what SEDs are, how they work, common standards and specifications, including FIPS 140-2 and TCG Opal 2.0, and some common pitfalls to be aware of. You'll also learn how Trenton Systems is staying ahead of the cybersecurity curve by partnering with innovative cybersecurity companies like Star Lab and FUTURA Cyber to develop a resilient line of ruggedized, hardened, mission-critical servers and workstations and JBOD storage enclosures that incorporate truly tamper-resistant FIPS drives.
Photo: Self-encrypting drives, or SEDs, are a form of hardware-based full disk encryption. They use an on-board cryptoprocessor to protect your data and don't store your encryption keys in RAM, where it can be accessed by cybercriminals via a cold boot attack or memory dump.
What is a self-encrypting drive (SED)?
A self-encrypting drive (SED) is a hard disk drive (HDD) or solid-state drive (SSD) designed to automatically encrypt and decrypt drive data without the need for user input or disk encryption software.
The Trusted Computing Group (TCG) maintains the most widely used SED encryption specifications in use today, TCG Opal 2.0 and Enterprise, with the latter being more common in large-scale data centers. According to the TCG, the SED encryption process is designed to be transparent, or completely unbeknownst to the user or system application software. This imperceptible process is aptly named transparent encryption. We'll discuss how this process is beneficial to data security in a later section.
Essentially, from the moment the SED leaves the manufacturer and is powered on in the host system, data being written to and read from the drive is constantly being encrypted and decrypted. Additional steps to encrypt and decrypt the drive’s data are not necessary, unlike with software-based disk encryption solutions. With hardware-based full disk encryption, you just turn your system on, and ceteris paribus, it's business as usual.
Several major technology and data storage companies, including Samsung, Seagate, and Toshiba, have SEDs on the market today. (Learn more about different vendors of SEDs here.) They can be purchased commercial-off-the-shelf for installation in an existing server or workstation or purchased pre-installed in a solution of your choice from your trusted systems manufacturer.
Because of their on-board key management, general conformance to TCG Opal 2.0 or Enterprise, and use of the NIST's Advanced Encryption Standard (AES), SEDs are some of the most secure and widely available forms of data at rest protection available on the market today.
Outside of the consumer market, SEDs are being increasingly adopted by the government and military for use in mission-critical applications. These drives typically require an added layer of security in the form of the NIST's FIPS 140-2. We’ll get to this requirement a little later.
Photo: SEDs are out there, but you have to know where to look, and if you're looking for a FIPS 140-2-compliant drive, that's a different story.
Where can I find self-encrypting drives?
SEDs are a bit of a paradox in that they are simultaneously easy and difficult to find. There’s a belief that SEDs are mostly hard to find, but this depends on two things: how you interpret “hard to find" and whether FIPS 140-2 drives are a requirement for your program or application.
If you interpret "hard to find" to mean “difficult to know whether a particular drive is self-encrypting,” you’re correct. SEDs can be slightly more difficult to find than conventional, non-encrypting drives because marketing for self-encrypting drive features is not as robust. But if you interpret it to mean that SEDs in general are “scarce” or “not widely available,” well, that's not entirely the case.
This seemingly conventional Samsung SSD is a perfect case in point. It’s readily available for purchase on Amazon for just $50, but you’ll have to read the fine print to see that the drive “supports AES 256-bit hardware-based encryption and is compliant with TCG Opal.” This is actually a great solution for commercial and industrial programs and applications that don't require FIPS 140-2 validation.
You see, when it comes to HDDs and SSDs, major drive manufacturers are still focused on touting storage capacity, read and write speeds, and form factors first and foremost, but these will always be important features to any drive purchaser or acquisition specialist.
Constantly overshadowed by these important but standard storage features, self-encrypting drive technology often takes the promotional backseat when it comes to HDDs and SSDs, but it’s out there, and it’s becoming an increasingly desirable feature as demand for data at rest protection and FIPS 140-2 drive compliance booms.
Now, locating SEDs that are FIPS 140-2-certified can be more of a challenge, as these require more rigorous tamper resistance. Trenton Systems, through its current and future partnerships with innovative cybersecurity companies like Star Lab, will soon include in its rugged servers and workstations SEDs compliant with FIPS 140-2, Opal 2.0, and AES 256-bit hardware-based encryption, which, when combined with our ruggedized hardware, Star Lab's Titanium Security Suite, and related solutions, makes for a truly hardened rugged computer.
Graphic: How the encryption process for SEDs works. Credit: Trusted Computing Group
How do self-encrypting drives work?
SEDs use an on-board cryptoprocessor to encrypt and decrypt your data.
They accomplish this goal by generating a unique, randomized, symmetric data encryption key (DEK) that’s stored in the drive itself, which the drive controller then uses to convert your files into virtually indecipherable text, or ciphertext. Whenever you access your data, that same DEK is used to decrypt the ciphertext, and presto, you now have access to your files.
Unlike with software-based disk encryption, the DEK never makes its way to the host system’s random-access memory (RAM), where it can be accessed by attackers using a cold boot or software-level attack.
Furthermore, because the DEK is stored within the drive, its value is not known to the user. The DEK can generate a new key upon request, of course, but its mystery to users and transparency to the host system are partly what make SEDs so resistant to common software-level attacks.
Generation of a new DEK causes what’s known as a secure erase, cryptographic disk erasure, or crypto-shred, during which the drive’s data is rendered irretrievable, given that original DEK used to decrypt it is no longer available. This is effectively a factory reset of the drive, and as one can imagine, this feature is quite useful if a drive needs to be quickly discarded or reused.
In addition, because SEDs make use of a dedicated processor for encryption and decryption, you won’t suffer a decline in host system performance, unlike with software-based disk encryption.
With a software-based solution, the host system must use the CPU’s already limited processing resources to encrypt and decrypt your data, which can be an incredibly compute-intensive undertaking resulting in a performance decline. SEDs solve this problem by displacing the processing power needed for encryption and decryption onto the drive itself.
Photo: There are a few things to be aware of when shopping around for SEDs or systems that incorporate SEDs, not the least of which is proper authentication, sometimes referred to as "drive locking."
Are self-encrypting drives secure?
SEDs are considered a secure form of data at rest protection, but there's one glaring caveat to that statement: users need to set a unique password on their SEDs to have them lock when they're powered off.
Basically, the drive’s DEK is just that – a key for encrypting and decrypting the data stored on your drive. But without the establishment of a unique password or Authentication Key (AK), which prevents decryption of the DEK, your data is being encrypted and decrypted but not fully protected from unauthorized access.
We know what you're thinking. If your data isn't being fully protected, then what's the point of even buying an SED? Does this mean that an SED can be hacked?
Well, given that SEDs encrypt your data and store its DEK internally, you're still being protected from common software-level attacks that seek to steal, alter, or delete your most sensitive data. AES algorithms are next-to-impossible to crack, after all. But without the establishment of a unique AK, physical access to your drive’s data is still a possibility.
For example, if an adversary were to ever get his or her hands on your drive, they could just plug it into a system, turn it on, and access your data, like they would with a conventional HDD or SSD. Why? Because without the unique AK, the drive remains unlocked and allows for decryption of the drive's DEK, which, in turn, allows the user to access your files.
Okay, but that assumes an adversary can break into your base of operations and steal your drives in the first place. They’ll never get past your defenses, right?
Well, imagine that a highly disgruntled employee wants to sell some of your organization’s sensitive data to a third party. So, after work hours, when you’ve left your system unattended, they steal your SED and sell it later that evening. And because the drive has not been properly authenticated, its data is readily accessible the moment it's powered on. It’s behaving like a conventional, non-encrypting HDD or SDD, its precious data exposed and free for the taking, or deleting.
Thankfully, SEDs that conform to TCG’s Opal 2.0 specification, which are most SEDs, allow for this authentication. But remember that not every SED is Opal-compliant, and without proper authentication, you're essentially leaving a room full of precious valuables unlocked. Not to mention, setting a unique AK for every SED can be a time-consuming process, especially if you've deployed numerous SEDs.
Now, if you’ve set an AK, the drive becomes locked, and you’ll have to enter that key during boot to access the contents of the drive, just like you would with your operating system user account. And just like the passcode on your smartphone, entering too many incorrect passwords can temporarily lock the drive. Nonetheless, once your system is powered off, the drive locks automatically and remains locked until your AK is entered upon boot again.
The great thing about authentication is that, if someone were to take your SED and plug it into another system, they’d need to know your AK to unlock the drive and access its contents. So, the age-old recommendation of choosing strong passwords and keeping them private continues to remain an altogether important step in securing your most sensitive data.
Unfortunately, once you’ve unlocked the SED with the AK, it remains unlocked while your system is powered on. This includes during sleep mode and during a simple restart. Keep in mind, too, that adversaries can boot into a different environment without nixing system power, a method that totally circumvents your authentication, given that power is still being delivered to the drive. So, it’s best to practice turning off your system completely whenever you’re not using it. That way, your drives remain locked in case of an incident.
Photo: You may have already purchased a drive that's self-encrypting. There are a few ways you can find out if that's the case.
How do I know if my drive is self-encrypting?
Because self-encrypting drive technology isn't considered a major feature by many drive manufacturers, it's possible you've purchased an SED and don't know it. So, if you're already in possession of an HDD or SDD that you believe to be self-encrypting, there are a few things you can do to find out if that's actually the case.
If you purchased a standalone HDD or SDD, the packaging, instructions, or user manual will likely tell you if the drive is equipped with self-encryption. If you no longer have the packaging, instructions, or user manual, you can research the drive model online to find these documents or contact the manufacturer directly. They should also be able to tell you whether your drive is compliant with Opal 2.0 or FIPS 140-2 and whether it's using 128-bit or 256-bit AES encryption.
Likewise, if you purchased a system that contains what you believe to be an SED or multiple SEDs, you can contact the manufacturer and ask them whether that specific system contains self-encrypting drives. The manufacturer may also be able to assist you with support for your specific SED model, including such actions as setup, pre-boot authentication, and cryptographic erasure. Otherwise, you can identify the system’s HDD or SDD model and research its capabilities online, as previously mentioned.
As with the self-encrypting Samsung SSD available on Amazon, a drive’s self-encryption capability may also be listed in the brief online product description, its dedicated website landing page, or in its datasheet or list of specifications. Regardless, if you're in doubt about whether your SED is self-encrypting, it’s best to just call the manufacturer and ask.
Graphic: Used in most SEDs today, AES encryption algorithms are notoriously difficult to crack.
What level of encryption do self-encrypting drives provide?
SEDs conforming to TCG Opal 2.0 use 128-bit block sizes with 128-bit and 256-bit AES keys.
The latter two numbers refer to the actual key lengths used to encrypt and decrypt your data. The longer the key, the more difficult the encryption is to crack. As you can imagine, due to the sheer key length and the size of the block, SEDs employing these algorithms are next-to-impossible to crack. Seriously, it would take billions of years, and this is why hackers focus more so on physical access or obtaining your authentication keys.
This is how AES encryption works in simple terms: Your data is divided into blocks according to an established block size. So, in the case of TCG Opal 2.0, that's 128 bits, or a four-by-four array of 16 bytes, or eight bits per byte. From there, each bit of data is replaced with another according to the established key length, 128-bit or 256-bit, with new keys, called round keys, being generated with each round of encryption for an added layer of bit substitution.
To make things even more abstract and intricate, all of this is happening as the columns and rows in that four-by-four array are being shifted around and mixed. At the end of this fascinatingly complex process, you have ciphertext. Decryption just reverses this process, returning that ciphertext to the recognizable form of data you've requested.
Graphic: Three Things You Need to Know About SEDs
What's the difference between AES-compliant, FIPS 140-2-compliant, and Opal-compliant?
SEDs are sometimes marketed as “AES-compliant," FIPS-140-2-compliant," and “Opal-compliant,” so you might be wondering what the differences are or whether it’s important to comply with all three.
FIPS 140-2 is usually required for military and government applications transmitting controlled unclassified information, so if that doesn't apply to you, just look for an Opal 2.0-compliant drive. Both AES 128-bit and 256-bit encryption algorithms are nearly impossible to crack - remember, billions of years - so either choice is suitable, but 256-bit encryption is technically more secure.
Now, if your drives are compliant with Opal 2.0, they're compliant with the AES because Opal 2.0 uses these same encryption algorithms. Similarly, if your drives are compliant with FIPS 140-2, they're compliant with AES encryption and many Opal 2.0 requirements.
Opal 2.0 is just the TCG’s specification for managing the SEDs and their encryption capabilities. It’s the specification used by most SED manufacturers today to achieve interoperability among the drives. AES, on the other hand, is the actual encryption algorithm, or block cipher, established by the NIST that most SEDs employ. FIPS 140-2 encompasses these standards and others and adds some hardware ruggedization as well.
Graphic: We've discussed how data on SEDs can still be accessed, but we want to take a moment to discuss FIPS 140-2 and its relationship with SEDs for mission-critical applications.
FIPS 140-2 SEDs: Achieving Compliance & Avoiding Pitfalls
The NIST's FIPS 140-2 specifies design, implementation, and testing requirements for cryptographic modules using four levels of security, with each level becoming increasingly secure with regard to tamper resistance and the likelihood of unauthorized access.
Certification, or validation, to FIPS 140-2 is mandatory for any federal government product or system that stores and transmits sensitive and controlled unclassified information. Naturally, because SEDs are the storage media for this data, they are required to undergo FIPS 140-2 validation as well.
SEDs conforming to FIPS 140-2 requirements are often referred to as simply "FIPS drives." FIPS 140-2 lists all sorts of important measures that must be taken to ensure proper data protection and drive-level encryption, including approved algorithms, SED firmware authentication requirements, adequate management of encryption keys and passcodes, and hardware ruggedization requirements.
As previously mentioned, FIPS 140-2 incorporates many TCG Opal 2.0 and TCG Enterprise requirements. So, a system with TCG Opal 2.0 or Enterprise SEDs, role-based authentication, and hardware ruggedization is already on the right track to FIPS 140-2 Security Level Two validation.
Unfortunately, it's possible to purchase FIPS 140-2 SEDs and not set up authentication properly or have the right software that allows for authentication, which, again, leaves your data just as vulnerable as if you were using a regular, non-encrypted HDD or SSD. We can't stress enough the importance of ensuring your SED is properly authenticated so that your drive will remain locked if stolen, and always remember to:
- Choose and keep private strong AKs
- Power down your system when you're not using it for an extended period
- Consider a key management solution if you're using multiple SEDs
Photo: Trenton Systems is currently testing SEDs for FIPS 140-2 validation. We plan to offer them in our systems soon.
Trenton Systems: Incorporating FIPS 140-2 SEDs You Can Depend On
Trenton Systems is aware of the increasing need for FIPS 140-2-certified hard disk drives and solid-state drives in demanding mission-critical applications. Through trusted partnerships with top-notch cybersecurity companies, we're working to incorporate FIPS drives into our systems to help our customers improve their data security at the hardware level.
We are currently testing several SEDs in our systems to assess our hardware compatibility and optimize the drives for eventual FIPS 140-2 validation. We will announce the availability of these drives at a later date. Furthermore, our support team is aware of common FIPS drive authentication issues and will work with you on setting up your specific drives once Trenton begins offering them in its systems.
It's important to remember that SEDs are just one piece of the cybersecurity puzzle and can only protect data at rest. You'll need other solutions, mainly software-based, to protect data in motion and data in use, and don't forget that the Cybersecurity Maturity Model Certification (CMMC) has become a requirement for many military programs and applications as well.
As always, Trenton Systems takes data security very seriously. That's why we recently partnered with Star Lab to offer our customers the innovative Titanium Security Suite for Linux-based mission-critical systems.
We will continue to work toward ensuring that our customers not only have a rugged, mission-critical server or workstation for their programs and applications but also cybersecurity solutions to protect the integrity of their data when it matters most.
If you have any questions at all about the work we're doing to serve you, don't hesitate to reach out to us. We're ready when you are.