Hello James,
So that I understand that you want FDE on the entire RAID array (please
identify if they are SATA, PATA, or SCSI drives) and you want AES 256-bit
strength.
To better understand your system requirement, please educate me the following:
1. Why would a RAID 5 array, for instance, require FDE? RAID 0, 1, 10 may
require as no XORed parity has been written to the disk array. However, a
potential eavesdropper may have hard time in trying to discern/reconstruct the
complete file/data block on one or two stolen RAID 5 disk as an evenly
distributed and written XORed parity presents the bottleneck (of course, this
is assuming that the entire RAID array is not being taken);
2. Why would AES 256-bit require? Why not TDES, say 192-bit strength? I would
understand reason if it's only a preference and it's not from the comparison of
cryptographic strength;
3. What is the "Key storage on a network appliance"?
4. What is the "hardware based key storage appliances"?
Look forward to hearing from you.
Thanks,
Robert Wann
Enova Technology
www.enovatech.com
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Thursday, May 03, 2007 2:00 AM
Subject: FDE Digest, Vol 8, Issue 1
> Send FDE mailing list submissions to
> [email protected]
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://www.xml-dev.com/mailman/listinfo/fde
> or, via email, send a message with subject or body 'help' to
> [EMAIL PROTECTED]
>
> You can reach the person managing the list at
> [EMAIL PROTECTED]
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of FDE digest..."
>
>
> Today's Topics:
>
> 1. FDE With RAID5 Support? (James McEachern)
> 2. Re: FDE With RAID5 Support? (James Wilmington)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 1 May 2007 04:58:19 -0700
> From: "James McEachern" <[EMAIL PROTECTED]>
> Subject: [FDE] FDE With RAID5 Support?
> To: <[email protected]>
> Message-ID:
> <[EMAIL PROTECTED]>
> Content-Type: text/plain; charset="us-ascii"
>
> Hello,
>
>
>
> I am researching a FDE solution for a widely dispersed network. The
> trouble I am having is finding a solution that supports RAID drives. Key
> storage on a network appliance at the home office is out of the question
> and buying hardware based key storage appliances for each office is also
> out of the question.
>
>
>
> Requirements:
>
>
>
> AES-256 Encryption
>
> RAID5 Support in a W2K3 environment
>
> Key stored locally
>
> Pre-Boot Authentication can be disabled (I know the security holes this
> opens up)
>
>
>
> Thank You,
>
> James
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://www.xml-dev.com/pipermail/fde/attachments/20070501/f7bd2b62/attachment-0001.html
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 2 May 2007 16:37:35 +0100
> From: "James Wilmington" <[EMAIL PROTECTED]>
> Subject: Re: [FDE] FDE With RAID5 Support?
> To: <[email protected]>
> Message-ID:
> <[EMAIL PROTECTED]>
>
> Content-Type: text/plain; charset="us-ascii"
>
> I am not sure about SOFTWARE packages that support RAID FDE.
>
>
>
> However you could buy as many Seagate Momentus FDE.2 drives that you need.
>
>
>
> These drives have encryption built into the hardware of the drive.therefore
> there is no system overhead, and you wouldn't have to worry about finding a
> suitable software solution.
>
>
>
> Good luck.
>
>
>
> _____
>
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of James McEachern
> Sent: 01 May 2007 12:58
> To: [email protected]
> Subject: [SPAM] [FDE] FDE With RAID5 Support?
>
>
>
> Hello,
>
>
>
> I am researching a FDE solution for a widely dispersed network. The trouble
> I am having is finding a solution that supports RAID drives. Key storage on
> a network appliance at the home office is out of the question and buying
> hardware based key storage appliances for each office is also out of the
> question.
>
>
>
> Requirements:
>
>
>
> AES-256 Encryption
>
> RAID5 Support in a W2K3 environment
>
> Key stored locally
>
> Pre-Boot Authentication can be disabled (I know the security holes this
> opens up)
>
>
>
> Thank You,
>
> James
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://www.xml-dev.com/pipermail/fde/attachments/20070502/563214db/attachment-0001.html
>
>
> ------------------------------
>
> _______________________________________________
> FDE mailing list
> [email protected]
> http://www.xml-dev.com/mailman/listinfo/fde
>
>
> End of FDE Digest, Vol 8, Issue 1
> *********************************
_______________________________________________
FDE mailing list
[email protected]
http://www.xml-dev.com/mailman/listinfo/fde
