lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 20 Dec 2010 16:24:24 -0800
From: coderman <coderman@...il.com>
To: Paul Schmehl <pschmehl_lists@...rr.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: SSD and WDE

On Fri, Dec 17, 2010 at 3:16 PM, Paul Schmehl <pschmehl_lists@...rr.com> wrote:
> ... anyone aware of any academic or technical
> studies of whole disk encryption for solid state discs.

what kind of details are you looking for?

solid state and full disk encryption are a match made in heaven. the
rest is just details... *grin*

SLC over MLC and pair with on die accelerated AES. as with disk based,
encryption renders all reads and writes effectively randomized. SSD
removes seek hit but you have still invalidated read-ahead caching and
other common optimizations.

update firmware as nearly all devices have undergone wear-leveling, hw
driver, and other fixes post launch.

regarding wear leveling, FDE means never having to worry about secure
delete, which may not be possible with  reasonable effort on MLC SSD
storage.

SSD make fine compliment to hybrid storage; small fast SLC first tier
backed by platters for extended duration and volume. key management of
hybrid / multi LVM encrypted systems too long a tale to discuss here.
but also not unique to SSD.

hardware-based FDE is also just as applicable to SSD as other media.
invoking CDE on demand a useful convenience. but also not unique to
SSD.

aside from MLC algorithm specific difficulties of data remanence all
the usual disclaimers on zerisation and key management apply,
including secure mode of operation.
   this also not unique to SSD.
;)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ