self-encrypting hard drives: from laptops to the data … · self-encrypting hard drives: from...

33
Storage Developer Conference 2009 © 2009 All rights reserved. Self-Encrypting Hard Drives: From Laptops to the Data Center Jason Cox, Seagate Technology

Upload: lekiet

Post on 09-Aug-2018

221 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Self-Encrypting Hard Drives: From Laptops to the Data Center

Jason Cox, Seagate Technology

Page 2: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved. 2

SNIA Legal Notice

The material contained in this tutorial is copyrighted by the SNIA. Member companies and individuals may use this material in presentations and literature under the following conditions:

Any slide or slides used must be reproduced without modificationThe SNIA must be acknowledged as source of any material used in the body of any document containing material from these presentations.

This presentation is a project of the SNIA Education Committee.Neither the Author nor the Presenter is an attorney and nothing in this presentation is intended to be nor should be construed as legal advice or opinion. If you need legal advice or legal opinion please contact an attorney.The information presented herein represents the Author's personal opinion and current understanding of the issues involved. The Author, the Presenter, and the SNIA do not assume any responsibility or liability for damages arising out of any reliance on or use of this information.NO WARRANTIES, EXPRESS OR IMPLIED. USE AT YOUR OWN RISK.

Page 3: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved. 3

Abstract

Trusted Computing Group (TCG) Storage SpecificationsThe Trusted Computing Group (TCG) Storage Work Group recently published formal specifications for security and trust services on storage devices, including hard drives, flash, and tape drives. The majority of hard drive and other storage device manufacturers participated. Putting security directly on the storage device avoids the vulnerabilities of platform OS-based software security. The details of the Specification will be highlighted, as well as various use cases, including Self Encrypting Drives with enterprise key/credential management.

Page 4: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Storage WG Jorge Campello

HGSTKey Management

Services Walt Hubis

LSI

Storage Interface Interactions

James HatfieldSeagate

Optical Storage Bill McFerrin

DataPlay

Storage Conformance

Cyril Guyot-HGST/Dmitry Obukhov-

Samsung

TCG Storage Work Group Structure

Page 5: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Document Roadmap

Trusted Storage Core Architecture Specification 1.0Published May 2007Optical Storage Subsystem Class Specification

Published September 2008

Enterprise Security Subsystem Class SpecificationPublished January 2009

Storage Interface Interactions SpecificationPublished January 2009

Trusted Storage Core Architecture Specification 2.0Published April 2009Opal Security Subsystem Class Specification

Published April 2009

Page 6: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

TCG SWG Document Structure

TCG Storage Core Architecture Specification

Storage Interface Interactions

Security Subsystem Class (SSC)

Compliance App Note Compliance App NoteAux

iliar

y D

ocum

ents

Spec

ific

Doc

umen

tsG

ener

al

Doc

umen

ts

Security Subsystem Class (SSC)

Page 7: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Core Spec/SSC Relationship

TCG Storage Core Architecture Specification v1.0

Storage Interface Interactions

Enterprise SSC

Compliance App Note Compliance App NoteAux

iliar

y D

ocum

ents

(c

urre

ntly

in

prog

ress

)

Spec

ific

Doc

umen

tsG

ener

al

Doc

umen

ts

TCG Storage Core Architecture Specification v2.0

Opal SSC

Page 8: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Here is the un-encrypted

text

P%k5t$@sg!7#x1)

#&%

Self-Encrypting Drive Basics

Data protected from loss, disclosure

Write

Read

100% performance encryption engine

in the drive

The storage device LOCKS when it powers OFF.The storage device remains LOCKED when it is powered back ON.Authentication UNLOCKS the storage device.The storage devices Reads and Writes data normally while drive is unlockedThe plaintext data sent to the device is encrypted before being writtenThe encrypted data read from the device is decrypted before being returned

Authentication Key

Management Service

Page 9: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

SED in the Data Center

Enterprise SSC MotivationProvide a solution to address current market needs:

Protect the confidentiality of stored data.Minimize the time to bring devices online.Provide secure disposal / end of life.

Page 10: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

SED in the Data Center

Enterprise SSC Threat ModelUnauthorized access to data on the device once it leaves the owner’s control.

FeaturesEncryptionDrive Locking with Password-based authorizationRangesFast Secure EraseStatic Access Control Model

Page 11: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

SED in the Client

Opal SSC MotivationProvide a solution to address current market needs:

Stolen / lost laptop data leakage.End of life / disposal.

Trade-off between time-to market and feature addition.

Simple password based authentication.Provide encryption and locking

Page 12: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

SED in the Client

Opal SSC Threat ModelOffline leakage of data.

FeaturesEncryptionDrive Locking with PW access controlRangesMBR ShadowingFast Secure EraseDynamic Access Control Model

Page 13: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Encryption & Locking

Storage Device

Independent Locks for read and write.

User

Secure (Cryptographic) Erase performed by erasing the key.

Keys are generated internally.

Page 14: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

LBA Ranges

Storage DeviceIndependent encryption and access control for each range.

Ran

ge 1

Ran

ge 2

Ran

ge 3

… User 2

User 1

Ranges are not necessarily aligned with partitions, though we expect that will be the case in the majority of uses in the client space.

Page 15: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

MBR Shadowing

External AuthoritiesMain System Board Notebook / PC

HDDManagement

Software

Initial Power-upWhen the system first requests the MBR, the HDD returns the pre-boot code (the MBR shadow).

Platform Authorities

UserUsb key, etc

External AuthoritiesMain System Board Notebook / PC

HDDManagement

Software

Authentication and UnlockThe pre-boot code manages the authentication process with both internal and external authorities.After the appropriate authentications, the management software unlocks the regular user space.

Platform Authorities

UserUsb key, etc

External AuthoritiesMain System Board Notebook / PC

HDDOS

Resume Normal BootAfter the HDD is unlocked, the management software sends the system back to the boot process.The system’s request for the MBR now returns the true MBR and the OS is loaded completing the boot process.

Platform Authorities

UserUsb key, etc

ReservedPre-boot

OS

User space

ReservedPre-boot

OS

User space

ReservedPre-boot

OS

User space

ReservedPre-boot

ReservedPre-boot

Page 16: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Define an architecture that:Enables application of access control over select device featuresPermit configuration of these capabilities in conformance to the platform security policy

TCG Storage Specification Purpose

Page 17: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

TCG Storage Architecture Overview

Devices

Applications

End Users

Service Providers

ATA/SCSI

I/F

TCG Storage API

Internet

SW

and

HW

feat

ures

and

fu

nctio

n (e

.g.,

Cry

pto

Cal

ls) TCG Storage Architecture

SP 1

SP 2

SP 3

SP 4

SD or TPer

ADMIN

The host platform, applications, devices, local end users, or remote users/service providers can gain exclusive control of selected features of the storage device. This allows them to simultaneously and independently extend their trust boundary into the storage device or trusted peripheral (TPer).

TPM

Host

Mobile Devices

Page 18: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Security Providers (SPs)

TCG Storage specifications are intended to provide a comprehensive command architecture for putting selected features of storage devices under policy-driven access control.

SP

Table

M

Method Name ACL

……Get User1

Set User2

MAuthorities

Features are packaged into individual functionality containers called “SECURITY PROVIDERS(SPs).

Each SP is a “sand box” exclusively controlled by its owner. SP functionality is a combination of pre-defined functionality sets called SP TEMPLATES

SPs are a collection of TABLES and METHODS that control the persistent trust state of the Storage Device (SD).

Method invocation occurs under access control.The SP has a list of authorities and their respective credentials for access control.User1

User2

BaseAdminCrypto

LogClockLocking

Page 19: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

TablesTables provide data storage in SPs. Each template defines a set of tables. Capabilities provided by the Base template allow the host to create additional tables.

Two types of tables:Object – organized storageByte – raw data

UID Col2 Col3 Col48 byte unique identifier Data Data Data… … … …

Object TableUID column contains SP-wide unique, addressable value for that row.

Rows associate column values.

Each column stores data all of the same type.

Index Column0 0x411 0x422 0x43… …

Byte Table

Byte tables have a single column.

Each cell stores one byte

Byte tables have 0 or more rows indexed by position in the table.

Page 20: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Methods

Methods are remote procedure calls invoked by the host to manipulate SP state. Methods operate on tables or the SP itself, and are used for session startup, authentication, table manipulation, and access control customization.

InvokingUID.MethodUID [ Method Parameters ] => [ Method Result ]

UID of the table or object upon which the method is being invoked.

UID of the invoked method.

List of method parameters sent by host. List of results

generated by TPer

Key MethodsGet – Retrieve values stored in tables.Set – Change values stored in tables.Authenticate – Prove host knowledge of a secret

Other methods provide capability to: Create/delete tables/table rowsGenerate encryption keys on the devicePerform cryptographic operations on the device

Page 21: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Access Control

Access control defines the authorization required to invoke specific methods. Access control permissions apply at the SP, table, or table row level. Access control settings are configurable and assignable.

UID Name Key Material8 byte identifier Auth Key 1 ------ Auth Key 2 ------ --- ---

C_RSA_1024

UID Name PIN8 byte identifier Auth PWD 1 ------ --- ---

C_PINUID Name Credential Operation8 byte identifier Admin C_RSA_1024 UID Sign--- User C_PIN UID Password--- User C_RSA_1024 UID Sign--- --- --- ---

Authority

Authorities are authentication agents

Link to authentication credential Authorities required

authentication operation

Credential (C_*) tables store authentication secrets

The Host Application invokes the Authenticate method, identifying the Authority to be authenticated and the required proof (password, signed challenge, etc.)

Page 22: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Communications Architecture

Page 23: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Opal SSC Range Encryption & LockingRanges are individually encrypted with different encryption keysThe access to a range is given from the Admin to any combination of users either for read,

write, or both.The secure erase capability of a range is given from the Admin to any combination of users.

Global Range

Range 1K1

Range 2K2

Range 3K3

Range NKN

K0

Read Un/Lock

Read Un/Lock

Read Un/Lock

Read Un/Lock

Read Un/Lock

Write Un/Lock

Write Un/Lock

Write Un/Lock

Write Un/Lock

Write Un/Lock

Secure Erase

Secure Erase

Secure Erase

Secure Erase

Secure Erase

Admin User1 User2 User3 User4

Configurable by AdminFixed, not configurable

Page 24: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Enterprise SSC Range Encryption & Locking

Ranges are individually encrypted with different encryption keysThe access to ranges is assigned at manufacturing and non-modifiableMinimum support requires Global Range, and EraseMaster and BandMaster0 authorities

Global Range

Range 1K1

Range 2K2

Range NKN

K0

Read Un/Lock

Read Un/Lock

Read Un/Lock

Read Un/Lock

Write Un/Lock

Write Un/Lock

Write Un/Lock

Write Un/Lock

Secure Erase

Secure Erase

Secure Erase

Secure Erase

EraseMaster BandMaster0 BandMaster1 BandMaster2 BandMasterN

Fixed, not configurable

Page 25: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

SSC-Based Device ComponentsThe SSCs define two SPs. The Admin SP is used for retrieving device information and configurations. The Locking SP is used to control the data encryption and locking/unlocking of LBA ranges in the storage device.

Locking SP

Storage Device

Admin SP

M

Auth.Org 1

Admin SP

M

App A invokes Get to retrieve configurations.

Get

User authenticates to the SP and retrieves configuration information using App A.password

App A

User

Page 26: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

LBA Range Encryption & Locking

The storage device can have only one SP with Locking capability. Access control to user data can be configured. The storage device will support a certain number of independent ranges of user data.

AppLocking SP

Storage DeviceIndependent encryption and access control for each range.

Ran

ge 1

Ran

ge 2

Ran

ge 3

MAuth.

Locking Table

M

User 2

User 1

There can only be one Locking SP per Storage Device.

App is responsible for configuring encryption and access control for all users

Page 27: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Locking Ranges

The Locking SP enables independent ranges of the user data space to be separately configured for read/write access control.

AppLocking SP

Storage Device

Ran

ge 1

Ran

ge 2

Ran

ge 3

M

Locking Table

M Range settings are stored in the Locking table.

App Authenticates and then invokes Set to configure the starting address and length of each range.

Separately configured portions of user data space

Set

Page 28: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Configuring Passwords

Each user can be assigned a separate password that is used for authentication to the Locking SP.

AppLocking SP

Storage Device

Ran

ge 1

Ran

ge 2

Ran

ge 3

M

C_PIN Table

M Passwords are stored in the C_PIN table.

App Authenticates and then invokes Set to change the password.

Set

Page 29: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Unlocking Ranges

The user authenticates with a password and then unlocks the ranges accessible ranges.

AppLocking SP

Storage Device

Ran

ge 1

Ran

ge 2

Ran

ge 3

MAuth.

Locking Table

M Range settings are stored in the Locking table.

App authenticates and then invokes Set to change the locking values of the appropriate ranges.

Set

Unlocked range

Page 30: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

Secure Erase

The Locking SP provides the host with the ability to erase data, securely and quickly, by replacing the encryption key for a range with a new key randomly generated securely in the drive.

AppLocking SP

Storage Device

Ran

ge 1

Ran

ge 2

Ran

ge 3

MAuth.

K_* Table

M

App Authenticates and then invokes GenKey (Opal) or Erase (Enterprise) to generate a new key for the range.

GenKey

New encrypting key for the range

Page 31: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

EncryptionAutomatic performance scaling, manageability, security

Standards-basedMultiple vendors; interoperability

Unified key managementHandles all forms of storage

The Future…

Page 32: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved.

www.trustedcomputinggroup.org

Thank You!

Page 33: Self-Encrypting Hard Drives: From Laptops to the Data … · Self-Encrypting Hard Drives: From Laptops to the Data Center . ... Optical Storage . Bill ... The storage devices Reads

Storage Developer Conference 2009 © 2009 All rights reserved. 33

Q&A / Feedback

Please send any questions or comments on this presentation to SNIA: [email protected]

Many thanks to the following individuals for their contributions to this tutorial.

- SNIA Education Committee

Robert Thibadeau Michael WillettJorge Campello

All Storage Manufacturers (contributors)