The IP.com Prior Art Database
English (United States)
3 pages / 25.9 KB
Page 01 of 3
Migrate Band Master Authentication Pin For Self Encrypting Drives Members of Array
In a Self Encrypting Drive (SED) the band master encryption key controls access to the disk and unwraps the media encryption key, which is used to encrypt each sector of the drive. In the Trusted Computing Group specification, there is support to change the media encryption key, which is referred to as "re-encryption" and would essentially involve reading every sector on the drive, decrypting it, encrypting it with a new media encryption key, and writing it back to disk. Another form of rekey changes the band master encryption key, which merely changes the key used to unlock the drive and unlock the media encryption key. This operation is relatively quick compared to re-encryption, as it requires no reads and writes to the locked customer data band.
In the device adapter, there is a pin table, which contains an encryption Group Key (GK) from which is derived the band master encryption key for each SED. While there are N encryption groups in the system, if an encryption group is configured, there is a GK defined in the pin table with a corresponding index into the table. Each drive contains an encryption group index stored in its metadata. The device adapter uses that encryption group index to determine which GK to use in order to derive the band master encryption key to send a locked SED. For example, if an SED has pin index 19 stored in its metadata, if there is a GK stored in the device adapter's pin table with pin index 19, that GK will be used to derive the band master encryption key sent to the SED to unlock it.
In addition, a Data Key (DK) is stored in encrypted form in a key repository (i.e., a file in an open operating system). At system bring-up time, communication is made with a key server to unencrypt the DK. The DK in clear text form is then used to decrypt the GK, which is also stored in the key repository in encrypted form. Next, the GK is passed to the device adapter along with the pin index, as described above, in order to unlock the self encrypting disks.
The disclosed invention provides a safe and efficient way to change the credentials required to access a Self Encrypting Drive. If a hacker determined the band master key, the solution provides a customer the ability to change it. It is preferable to a re-encryption solution because it does not require reading, decrypting, re-encrypting, and rewriting every sector on the disk.
This disclosure documents an algorithm for an encryption group rekey. The objective is to change the Customer Data Band Credential on every drive in an encryption group. It could also be used to enable encryption on a machine with encryption capable drives previously being run in non encrypting mode (i.e., belonging to encryption group 0). While there may be some attack vectors associated with this support, the security vector could be fought by saying Key Repository Manager or Device Adapter Firmware will n...