The convenience of external hard drive, portable
storage and the increasing amount of data stored onto hard drives have also introduced an increasing risk of
exposing sensitive data. To safe guard the sensitive confidential
and personal information, many private and public organizations
have implemented various software and hardware encryption. Most
software or hardware data encryption products in the market are
based on the industry standard proven data encryption algorithms
(Advanced Encryption Standard), DES (Data
Encryption Standard) and TDES
(Triple DES) that are certified by NIST (National
Institute of Standards and Technology) of USA and CSE (Communications
Security Establishment) of Canada. The AES 256-bit cryptographic engine is FIPS and NIST certified.. To learn more detail on data
encryption and its various industrial standards, please visit the
following URL link http://en.wikipedia.org/wiki/Cipher
encryption solution, the CipherChain, Diamond Cipher, Ruby Cipher, Saturn Cipher, Jupiter Cipher and the Cipher UDD are by far the most secure
and simplest to deploy, particularly for large organizations. Below
are some of key benefits of Addonics hardware encryption products:
- High performance - Data is encrypted
and decrypted on the fly by a certified cryptographic engine inside
an ASIC without taking any CPU resources as in the case of software encryption. There is no noticeable performance difference between an Addonics hardware encrypted hard drive and a regular hard drive.
- Platform independency - There
is no software or driver to install to use Addonics encryption
products. As a result, it can be deployed in any system running
any OS. This is important in organization with multi-platform
computing and legacy systems.
- No training required - There is
no password to remember nor running any special program commands.
The Addonics encryption solution is truly plug and play. Encryption and decryption
are all controlled by a physical key (Cipher key).
- Data portability - Unlike many software or hardware products that limit accessing
the encrypted hard drive to certain specified computer system,
Addonics encrypted storage device can be accessed by practically
any system while still maintaining high level of security. For example, the Addonics' Diamond Cipher or Ruby Cipher drive enclosure with an encrypted hard drive can be attached to any systems externally via eSATA or USB ports. As long as you have the Cipher key with you, you can access the hard drive.
- Low TCO (Total cost of ownership)
- With hardware based encryption, there is no IT maintenance required,
no software version to maintain nor any updates to keep track
Bullet Proof security
The Addonics hardware encryption implementation offers
practically bullet proof security in comparing to software encryption
implementation. All Addonics encryption solution are based on a certified Crypto engine from eNova. The CipherChain, Diamond Cipher or Ruby Cipher are the first in the market that implement the AES-256 hardware encryption on SATA hard drive and SSD. Together with the implementation strategy in the Addonics hardware encryption solution, it is mathematically impossible to break the Cipher code.
It is well documented that a modern computer may
break software-based DES 40-bit encryption in a few days or in
a few hours if you can somehow manage to increase your computing
power. To break software based DES 64-bit encryption, the scale
of computing power you must gather with will dramatically exceed
your imagination. There are only specialized organizations capable
of managing supercomputers or thousands of personal computers
running in parallel that can discern the secrecy. Depending on
the level of actual investment, a few months or even years are
normally expected. Having stated that, breaking software DES 40/64-bit
requires special skills and expertise. It is not something that
regular Joe Smith can do efficiently.
It is extremely hard to break hardware-based
full disk encryption. The technique deployed to break software-based
encryption cannot be practically deployed to break hardware-based
encryption implemented in our design.
All Addonics' hardware-based full disk encryption solutions
encrypt everything on the hard drive including boot sector, OS,
temp./swap files. There is not any clear text left on the hard drive
for trace, thus eliminates entirely the possibility of analyzing
useful patterns. Thus, traditional wisdom and techniques of breaking
software-based DES 40/64-bit is no longer applicable as no OS information
is available. There is no software application can be executed,
which greatly deters the process of key breaking as every wrong
attempt will require a new power on reset process of the hardware
or reconnection of the Addonics hardware encryption storage device..
So what’s so important about the power on reset and how does it
deter the key breaking process?
An Addonics hardware-based full disk encryption solution at
DES 40-bit strength offers a possible combination of 1,099,511,627,776
keys. The actual key will normally be yielded when the 50% of the
key domain is eliminated. A typical power on reset process lasts
0.4 second or more. The following simple calculation displays time
required in order to run through the 50% of the 40-bit possible
1,099,511,627,776 x 50% x 0.4 seconds = 219,902,325,555 seconds
= 3,665,038,759 minutes = 61,083,979 hours = 2,545,165 days = 6,973
By increasing from DES 40 to DES 64-bit encryption, the possible
combination keys increase dramatically to 72,057,594,037,927,936.
When combined with the minimum 0.4 sec hardware reset,
the time required in order to run through
the 50% of the 64-bit possible key domain jumps up to 456,982,528
years! When applying this analysis to the TDE-192 and AES-256 bit encryption, the time it takes to find the right code combination will be so long that it is mathematically not possible to break these high bit level encryptions.
Or, a trained code breaker maybe able to directly connect to Addonics hardware-based full disk encryption hardware circuit
interface then attempt to intercept a complete data transfer for
deciphering, assuming known exact position of both clear text and
cipher text. Even if a potential hacker who has the clear text and
its corresponding cipher text, attempts to derive the cryptographic
key would still consume years as DES/TDES are known for resisting
“Known Answer Test.” A 40-bit hardware-based full disk encryption
solution specifically under the known answer attack is somewhat
weak but encryption solution with 64-bit and higher bit levels will be a totally different scale.
Basing on the above analysis, we feel confident that all the Addonics hardware encryption products are more than adequate for most applications.
We do realize, however, there are rigid security requirements that
can not stand a chance from being compromised. In that case, we
shall recommend using the TDES 192-bit or AES-256 bit version.