At CES, Singapore-based ST Electronics was showing off a new security device that can be installed in nearly any notebook computer to protect its data from prying eyes—Digisafe DiskCrypt, a hard-disk enclosure that turns any 1.8-inch micro-SATA device into removable and fully encrypted storage. The enclosure, which is the size of a 2.5″ drive, can be used as a drop-in replacement for existing drives.
…
Before boot, DiskCrypt requires a USB dongle to be plugged in to pass the key, and it can also be optionally configured to require the user to enter a password for two-factor authentication. The hardware can handle up to150MBps of data throughput, so once it has been activated it’s completely transparent. ST Electronics’ deputy director Jimmy Neo claimed the encryption module has no impact on read/write performance.
All this is pretty standard for a self-encrypted drive. The main advantage of DiskCrypt is that it can be put into nearly any existing notebook. If there’s a drive failure, a need to move from hard disk to SSD—or just swap out the drive—the enclosure can be quickly opened and the storage device popped out. Separated from the encryption enclosure, the drive is practically the same as destroyed.
It will be important to test this against a hostile attacker, or situate it in a hostile general environment. There is a depressing history of encrypted storage solutions along these lines failing when confronted by a serious attacker. While the crypto itself might be secure, a side-channel attack (the most common means of subverting encryption schemes) could compromise the drive.
Excited Pixels 