On Thu, 9 Apr 2009, Dmitry Obukhov wrote:
> Fran, > > Typically the software FDE solution should intercept BIOS interrupt (I'm not > Windows programmer, but back in old DOS times it was int 13h and 76h) and > individually encrypt/decrypt each 512 bytes sector. It is very CPU-consuming > process. Up to 48% of the CPU power can be spent on encryption. The HW FDE > (SED, self-encrypting drives) is much more efficient, and no changes in OS > is required. I would love to have some FDE hardware drives, but the hour I spent at the Seagate website didn't tell me how the key was established. Can I just buy such a drive and install it in a white-box computer and have it work? WIthout any evidence on the website to the contrary, I just assumed the drive came with a windows driver for setting the key, and that a special motherboard with a tpm circuit was required for the driver to work. If that isn't the case, it makes the drives much more attractive. Are there instructions somewhere on the net? This would be of interest to us for both Windows and Linux. Daniel Feenberg > > Dmitry > > > > -----Original Message----- > From: fde-boun...@www.xml-dev.com [mailto:fde-boun...@www.xml-dev.com] On > Behalf Of Garrett M. Groff > Sent: Friday, April 03, 2009 6:12 AM > To: fde@www.xml-dev.com > Subject: Re: [FDE] how FDE is implemented at system layer > > Software-based FDE products install a "filter driver" and transparently > encrypt/decrypt disk sectors on-demand. > > G > > > > ----- Original Message ----- > From: "Fran Baena" <franba...@gmail.com> > To: <FDE@www.xml-dev.com> > Sent: Thursday, April 02, 2009 5:42 AM > Subject: [FDE] how FDE is implemented at system layer > > >> Hi everyone, >> >> i'm a newbie in FDE and i'm interested in how all this protecting >> methods are implemented in OS level. I mean, the cryptographic >> mechanism is more or less clear, but how does it interact with the >> file system layer? Does the OS vendor provide an API to manage all the >> I/O operations that implies disk encryption/decryption? >> >> Thanks for your help >> >> Fran >> _______________________________________________ >> FDE mailing list >> FDE@www.xml-dev.com >> http://www.xml-dev.com/mailman/listinfo/fde >> > > _______________________________________________ > FDE mailing list > FDE@www.xml-dev.com > http://www.xml-dev.com/mailman/listinfo/fde > > _______________________________________________ > FDE mailing list > FDE@www.xml-dev.com > http://www.xml-dev.com/mailman/listinfo/fde > _______________________________________________ FDE mailing list FDE@www.xml-dev.com http://www.xml-dev.com/mailman/listinfo/fde
