White Paper: ENCRYPTION

As the popularity of using external hard disks to store and back up personal, business, and organizational data increases, the need to consider data protection grows. Confidential data in the hands of unauthorized users can mean financial loss, erosion of public trust, and even legal liability. Encryption has become an effective way to safeguard sensitive corporate, personal, and organizational data. (For more information, refer to LaCies Digital Security White Paper.) This document serves as an introduction to data encryption as well as several robust encryption storage solutions offered by LaCie.

LaCie White Paper: Encryption

What is ENCRYPTION?
As a general term, cryptography is used in order to keep crucial or secret information from unauthorized access. Encryption, a cryptographic implementation, is the conversion of data into a seemingly incomprehensible mixture of characters that, when viewed, cannot be read as simple text. Simple text is defined as standard written text, such as this document. The algorithm used to encrypt data is called a cipher, or ciphertext, while unencrypted data is called plaintext. Decryption is the process of converting encrypted data (ciphertext) back into its original form (plaintext), so it can be understood. The use of encryption/decryption is as old as the art of communication. In wartime, a cipher, often incorrectly called a code, can be employed to keep the enemy from obtaining the contents of transmissions. Simple ciphers include the substitution of letters for numbers, the rotation of letters in the alphabet, and the scrambling of voice signals by inverting the sideband frequencies. More complex ciphers work according to sophisticated computer algorithms that rearrange data bits into digital signals. In storage encryption, the most common ciphers employ random substitution, replacing each letter in a message. This form of encryption is widely used due to its simplicity and general reliability. Block ciphers, however, provide greater security by breaking the message into fixed-length blocks so that each block of plaintext can be converted into a block of ciphertext using a sequence of arithmetical operations and/or substitutions. The most popular block cipher is AES (Advanced Encryption Standard, also known as Rijndael pronounced rein-dahl from the names of its two inventors). AES is a block cipher with very long keys (128, 192 or 256 bits), and is specifically designed to resist the most sophisticated cryptographic attacks. Hackers engaging in timing analysis (looking for correlations between a plaintext and the time taken to encrypt it) and power analysis (looking for variations in the processing power requirements for encrypting different plaintexts) find it very challenging to penetrate AES block ciphers.

Page 2

WHAT IS THE ENCRYPTION KEY?

A cipher uses encryption to scramble the text in a unique manner, making the decryption of the data uniquely available to the person who has access to the key. This key will change the information from the ciphertext to plaintext. For many standard or commonly used encryptions, a password, typically four to eight characters long, acts as a key to view the plaintext. Unfortunately, this exposes inherent weaknesses in the security, as the integrity of the encryption is entirely dependent on the strength of a password and the inability to deduce it. Some products require users to select or accept an assigned password that is usually quite complicated and difficult to remember. Such passwords often contain both upper and lower case letters mixed with numbers or symbols (e.g. myPa$$wor3!). Having an uncommon key may delay a digital intruder from immediately discovering its encryption but, unbeknownst to the user, the skilled hacker may be engaging in a brute force attack from a distance. The unwanted hacker has the tools and the benefit of computers fitted with impressive power to quickly process algorithms that will guess all possible password combinations until the key is discovered. Software-based solutions such as AES 128-bit encryption algorithms, however, can offer greater security against aggressive intrusions due to a password with much greater length, such as 16 characters. While often touted as more secure, hardware-based encryption may suffer from the same forms of attack if the key, or authentication, has a weak password. Much to the relief of many government and corporate organizations, strong research and development has allowed for great leaps in hardware-based data security. LaCie understands the demands for maintaining the integrity of critical info, offering storage solutions such as LaCie SAFE and LaCie Enterprise Class disk drives with hardware authentication protocols that take advantage of the full strength of AES 128-bit encryption

d2 Quadra Enterprise Class

2big Quadra Enterprise Class

4big Quadra Enterprise Class

Page 3

LaCie White Paper: Encryption

how do the safe and enterprise CLASS drives encrypt data?

The SAFE and Enterprise Class drives utilize hardware encryption rather than software. Thus, encryption and decryption do not require extensive manipulation by the user. In fact, encrypted drives are the same as any other external drive when making file transfers, saving data, etc. The data transfer speed is not altered from that of a typical external USB 2.0 drive and encryption is optimized.

What Is the Encryption Mode Used by LaCie SAFE and Enterprise CLASS Drives?
LaCie SAFE and Enterprise Class drives feature highly secure AES ciphers using government-approved algorithms for its proprietary, hardware-based encryption. One element includes electronic codebook mode (ECB), which can protect data from brute force decryption attacks, especially when implemented in hardware. An AES algorithm uses one of three cipher key strengths: a 128-, 192-, or 256-bit encryption key. Each encryption size creates a unique algorithm with increasing levels of strength. Thus, key sizes of greater length offer more bits to scramble data, heightening the complexity of the cipher algorithm. Adding to the high level of security, AES is based on a substitution cipher, which means that it replaces each letter in a message with a symbol. Because the choices for substitution are random, the patterns that make other ciphers vulnerable to compromise are removed. LaCie takes advantage of strong, hardwarebased AES 128-bit algorithms for encryption (encipher) and decryption (decipher). AES is precisely defined to resist the most sophisticated decryption attacks, such as timing analysis and power analysis. Adding to the benefits to the end user, AES, when administered optimally, demands very little memory to encrypt and decrypt, which makes it especially suited for embedded applications that utilize external hard drives.

Page 4

How Secure Is AES Encryption?

In June 2003 the National Security Agency (NSA - U.S. Government) announced that AES is secure enough to safeguard classified information up to TOP SECRET. This has been defined as the highest security level, including information that would cause extreme hazard and potential damage to national security if disclosed to the public. The technical specifications of modern encryption methods have become standardized and are used in most public networks. Of course, the security of many encrypted hard drives is dependent on the key. As noted above, any encryption method can, theoretically, be cracked by trying all the possible permutations of a four to eight digit password. However, security breaches can be deflected when a key of greater length is in effect. To make certain that confidential data is unavailable to those seeking unauthorized entry physically and electronically, the secret key for the SAFE and Enterprise Class drives is not stored in a memory slot. Consequently, it is nearly impossible for intruders to obtain the key and access the data by opening the casing. If seeking entry via the network, unwanted decoders will realize practical limits to breaking encryption block lengths, especially when facing 128-bit AES. After all, it would take a computer with incredible processing power to test the multitude of possible keys when facing such strong encryption. Certainly, the fear of brute force attacks are increasingly affecting the policies of many digital security and IT departments. To counter the looming threat of a security breach, some IT departments trend toward ambitious encryption of data. The prevailing opinion is: If 128-bit is good, then 256-bit is better. While the overall reasoning is sound, encrypting data can reduce workstation performance when the key is especially complicated. Security professionals and IT executives should carefully weigh the need for overly strong encryption versus a potential deterioration in speed and productivity.

Page 5

LaCie White Paper: Encryption

Are Unpublished Algorithms Safer Than Those Publicly Known?

Unfortunate mistakes in encryption design have allowed some keys to be broken. To avoid faulty design, the principles of new or generally approved encryption algorithms are publicized, allowing cryptologists to test for weak points. These algorithms are therefore considered to be more secure and trusted than those whose principle is not known. The majority of contemporary user applications implement generally approved algorithms with great success against the most determined hackers.

Why Prefer Hardware Encryption Compared to Software Encryption?

While software-based encryption applications offer some protection against unauthorized access, they are ultimately vulnerable to vigorous decryption attacks. Hardware-based encryption, however, provides more secure protection against the same types of attacks. For this reason, LaCie has developed a line of SAFE external hard drives, some of which leverage hardware-based encryption to offer mobile yet superior data protection. There are two major considerations for choosing hardware- over software-based encryption: performance and security. Of course, a critical factor in selecting any disk drive is speed, which makes hardware encryption an obvious preference over software. Cryptographic algorithms require complex manipulation of data at the level of individual bits. General-purpose microprocessors such as those found in normal PCs cannot perform these operations efficiently. In addition, encryption is usually a computationally intensive process, handing this off to another processor or to a separate device allows the main processor to concentrate on the primary functions of the server and workstation. Since AES algorithms are more efficient when implemented in hardware, the SAFE drives can offer greater performance than pure software-based storage solutions. Another reason for choosing hardware encryption is added security. A hacker that has successfully broken a software-based encryption cipher will most likely change it for easy access and personal gain. The altered algorithm could insert deliberate backdoors in the encryption software, which may be easily detectable by other hackers. Hardware-encrypted drives do not allow for easy tampering even if the hacker had physical access to the device. Thus, the key cannot be stolen or used elsewhere due to the secure placement of the algorithm key. Private keys in software, once revealed to a hacker, can easily be copied and attacked off-line. In contrast, our hardware encryption solution does not include any backdoors, keeping your data safe. It is clear that critical files are vulnerable when software-based encryption is employed, no matter the complexity of the password. LaCie SAFE and LaCie Enterprise Class drives use hardware-based technology that takes advantage of the full strength of AES 128-bit encryption, making certain that all data is kept secure.

Page 6

SOURCES
http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf http://www.techworld.com/security/features/index.cfm?featureid=993 http://www.iusmentis.com/technology/encryption/des/#SecurityofDES

LaCie SAFE and Enterprise Solutions

Product Type Interface Fingerprint
d2 Quadra Enterprise Class 2big Quadra Enterprise Class 4big Enterprise Class d2 Safe Desktop USB, FireWire 400, FireWire 800, eSATA 3Gb/s USB, FireWire 400, FireWire 800, eSATA 3Gb/s USB, FireWire 400, FireWire 800, eSATA 3Gb/s USB, FireWire 400, FireWire 800 No

Hardware Encryption
AES 128

Security Chain
Yes

Desktop

No

AES 128

No

Desktop

No

AES 128

No

Desktop

Yes

AES 128

Yes

For more information, please visit us at www.lacie.com

Page 7