One key driver: "Intel is putting AES in the CPU"; *assuming* we stick with EDS for a while, this ought to give an advantage to software encryption in most multicore CPU, single-user scenarios (ex.- laptops).
I don't see why drive CPU's wouldn't ultimately benefit from similar technology. If Intel can produce AES as a CPU sub-feature, then the same thing can be implemented in onboard drive controllers. Ideally I should much prefer an intermediate crypto-controller for storage that uses firmware. Then my crypto implementation and keying scheme can be independent of drive hardware, and also relatively (though usually not completely) platform-agnostic. > -----Original Message----- > From: fde-boun...@www.xml-dev.com [mailto:fde-boun...@www.xml-dev.com] > On Behalf Of Scott S scott-at-u.washington.edu |FDE081212| > Sent: Tuesday, April 28, 2009 7:13 PM > To: .................... > Subject: Re: [FDE] mgie...@pgp.com has shared: The Strange Rise and > Fall of Hardware Disk Encryption > > In early days of data storage, there was on-the-fly software > compression. > These products would compress and uncompress" data realtime in order to > save disk space. This was a good idea, however, these products no > longer exists today because hard drives became larger and cheaper. I'm > poiting this out because I think it will ultimately come down to cost. > If self-encrypting drives become cheap enough, I can not see a > compelling reason for implementing a software based encryption when the > encryption is already there in the drive. > > Also software based encryption relies on the OS being healthy and > stable, whereas, hardware based encryption is totally transparent to > the OS or to any application installed on the OS. > > scott > > On Wed, 22 Apr 2009, mgie...@pgp.com wrote: > > > The Strange Rise and Fall of Hardware Disk Encryption > > http://blog.pgp.com/index.php/2009/04/the-strange-rise-and-fall-of- > ... > > > > > > mgie...@pgp.com sent this using ShareThis. > > _______________________________________________ FDE mailing list FDE@www.xml-dev.com http://www.xml-dev.com/mailman/listinfo/fde