Secure IDE?

Trei, Peter ptrei at rsasecurity.com
Wed Jul 30 14:02:38 PDT 2003


> Trei, Peter
> 
> ABIT has come out with a new motherboard, the 
> "IC7-MAX3" featuring something called 'Secure 
> IDE', which seems to involve HW crypto in the 
> onboard IDE controller:
> 
> From the marketing fluff at
> http://www.abit.com.tw/abitweb/webjsp/english/news1.jsp?pDOCNO=en_0307251
> 
> 	"For MAX3, the ABIT Engineers listened 
> 	to users who were asking for information 
> 	security. SecureIDE connects to your IDE 
> 	hard disk and has a special decoder; 
> 	without a special key, your hard disk cannot 
> 	be opened by anyone. Thus hackers and 
> 	would be information thieves cannot access 
> 	your hard disk, even if they remove it from your 
> 	PC. Protect your privacy and keep anyone 
> 	from snooping into your information. Lock 
> 	down your hard disk, not with a password, 
> 	but with encryption. A password can be 
> 	cracked by software in a few hours. ABIT's 
> 	SecureIDE will keep government 
> 	supercomputers busy for weeks and will 
> 	keep the RIAA away from your Kazaa files."
> 
> No, I have no idea what this actually means either.
> I'm trying to find out.
> 
> Peter Trei
> 
Yeah, I know it's tacky to followup ones own messages, but
I found a little more:

http://www.abit.com.tw/abitweb/webjsp/english/SecureIDE.htm

	"SecureIDE is a encryption device that uses 
	the eNOVA X-Wall chipset that ensures 
	confidentiality and privacy of your data 
	through disk encryption. When booting 
	up your system, go to DOS and implement 
	the FDISK instruction. This instruction will 
	make a partition to format the Hard Disk 
	to accept the secure IDE key. After this 
	procedure, there are no more extra steps 
	to perform besides using the key to "open" 
	the hard disk each time you boot up your system."

The accompanying diagram shows a daughterboard 
sitting between the HD and the system, with a USB
dongle coming off the side. eNova has more info at:

http://www.enovatech.com/w/html/about.htm

The USB dongle apparently acts only as a key
store, for a DES or 3DES key. It needs to be
present at boot time. It appears that the key
is put on the device by the manufacturer !!!!
though they promise "Enova Technology 
does not maintain a database of X-Wall 
Secure Keys". On the good side, it seems
to encrypt the whole disk, including the
boot sector and swap.

No info on chaining modes, if any, nor of
IV handling. There is no mention of a PIN
or other 'something you know' required to
use the USB key. I can't tell if pulling the
dongle shuts down the system.

Might be neat, but as yet, insufficient information.

Peter





More information about the cypherpunks-legacy mailing list