17-03-2014, 07:23 PM
Abstract—Data storage devices such as disk drives and
personal storage devices (PSD) such as flash disks are now
widely used in everyday appliances. Data breaches have grown
rapidly in the recent years due to compromised confidential
data from storage devices. These trends forced standardization
of encryption methods to secure storage devices. This paper
provides a comparison review of existing encryption
algorithms and modes of operations that are suitable for
securing storage devices, mainly disk drives. The recent IEEE
approved standard for encryption mode of operation, XTS will
be evaluated in term of performance with different algorithms
(AES, Twofish, and RC6). The performance of XTS mode with
other modes of operations (LRW and CBC) will be explored.
This detailed review and performance analysis will provide
guidelines for storage devices designers to implement disk
encryption.
Keywords-component; Disk encryption, modes of operation,
XTS mode, Discryption, encryption algorithms.
I. INTRODUCTION
Security of data in storage devices are becoming one of the
main issues in computer security. One main threat against
storage devices especially PSDs is theft or loss due to their
small size. Unauthorized access of confidential data from
these storage devices may lead to huge organizational loss.
A recent survey shows that two thirds of IT professionals
who use removable storage devices at work did not protect
them with encryption [1]. Physical access to storage devices
may also provide an opportunity for an intruder to view the
information and compromise the security of the data. In a
recent work, a researcher demonstrates a cold boot attack
[2] against computer memory (i.e. DRAM or SRAM) to
retrieve sensitive data such as encryption keys. The attack is
possible as memories retain their data for several seconds
(to minutes) after power is removed.
Apart from physical security, securing storage devices using
encryption is a common method to overcome this problem
[3-5]. Several disk storage encryption methods are available
which includes software-based encryption [6], controllerbased
encryption [3, 7], and internal disk encryption [8].
There are several issues that need to be resolved before disk
storage encryption could be adopted widely. These issues
include standardizing a suitable encryption mode of
operation for storage devices, and secure management of
encryption keys. To address some of these issues, the IEEE
P1619 Security in Storage Working group (SISWG) has
proposed a new standard for that purpose [9]. However, this
standard is still widely being discussed and various factors
have to be considered before the standard can be accepted
[10].
Encryption algorithms and modes of operations are
important tools for data protection. Researches have been
conducted to evaluate the security of these algorithms [11-
13] and modes of operation [14-16] for storage devices.
In this paper, the performance aspect of the IEEE P1619
mode of operation, XTS [9] is compared with an earlier
proposed mode, LRW [15]. Three well known encryption
algorithm has been implemented with these modes and their
performance will been analyzed. An important point need to
be mentioned here is that while comparing the performance
of algorithms, the security issue of algorithms and time
required to setup the keys have been ignored.
personal storage devices (PSD) such as flash disks are now
widely used in everyday appliances. Data breaches have grown
rapidly in the recent years due to compromised confidential
data from storage devices. These trends forced standardization
of encryption methods to secure storage devices. This paper
provides a comparison review of existing encryption
algorithms and modes of operations that are suitable for
securing storage devices, mainly disk drives. The recent IEEE
approved standard for encryption mode of operation, XTS will
be evaluated in term of performance with different algorithms
(AES, Twofish, and RC6). The performance of XTS mode with
other modes of operations (LRW and CBC) will be explored.
This detailed review and performance analysis will provide
guidelines for storage devices designers to implement disk
encryption.
Keywords-component; Disk encryption, modes of operation,
XTS mode, Discryption, encryption algorithms.
I. INTRODUCTION
Security of data in storage devices are becoming one of the
main issues in computer security. One main threat against
storage devices especially PSDs is theft or loss due to their
small size. Unauthorized access of confidential data from
these storage devices may lead to huge organizational loss.
A recent survey shows that two thirds of IT professionals
who use removable storage devices at work did not protect
them with encryption [1]. Physical access to storage devices
may also provide an opportunity for an intruder to view the
information and compromise the security of the data. In a
recent work, a researcher demonstrates a cold boot attack
[2] against computer memory (i.e. DRAM or SRAM) to
retrieve sensitive data such as encryption keys. The attack is
possible as memories retain their data for several seconds
(to minutes) after power is removed.
Apart from physical security, securing storage devices using
encryption is a common method to overcome this problem
[3-5]. Several disk storage encryption methods are available
which includes software-based encryption [6], controllerbased
encryption [3, 7], and internal disk encryption [8].
There are several issues that need to be resolved before disk
storage encryption could be adopted widely. These issues
include standardizing a suitable encryption mode of
operation for storage devices, and secure management of
encryption keys. To address some of these issues, the IEEE
P1619 Security in Storage Working group (SISWG) has
proposed a new standard for that purpose [9]. However, this
standard is still widely being discussed and various factors
have to be considered before the standard can be accepted
[10].
Encryption algorithms and modes of operations are
important tools for data protection. Researches have been
conducted to evaluate the security of these algorithms [11-
13] and modes of operation [14-16] for storage devices.
In this paper, the performance aspect of the IEEE P1619
mode of operation, XTS [9] is compared with an earlier
proposed mode, LRW [15]. Three well known encryption
algorithm has been implemented with these modes and their
performance will been analyzed. An important point need to
be mentioned here is that while comparing the performance
of algorithms, the security issue of algorithms and time
required to setup the keys have been ignored.