Title :
Efficient disk encryption and verification through trusted nonce
Author :
Hou, Fangyong ; Gu, Dawu ; Xiao, Nong ; Cai, Zhiping
Author_Institution :
Sch. of Comput., Nat. Univ. of Defense Technol., Beijing
Abstract :
Approach that integrates encryption and verification is proposed to protect hard disk data. For each data sector, MAC is calculated and the (data sector, MAC) pair is encrypted through the encryption key deduced from the secret root key and a unique nonce. By assuring the nonce to be trusted or untampered through hash tree, data can then be properly decrypted and authenticated. To achieve satisfiable performance, it applies stream cipher to offload the encryption cost, and adopts special structure hash tree with hot-access-windows to fulfill nonce checking efficiently. Ultimately, it can provide data protection with characteristics like solid resistance against any attacks, online working mode, low-level protecting, and high performance. Related model, approaches and system realization are elaborated, as well as testing results. Theoretical analysis and experimental simulations show that it is a practical and available way to build secure disk.
Keywords :
cryptography; integrated software; message authentication; program verification; build secure disk; disk encryption-verification; hard disk data; hash tree; hot-access-windows; secret root key; Computer science; Costs; Cryptography; Data engineering; Data security; File systems; Hard disks; Protection; Solids; System testing;
Conference_Titel :
Computers and Communications, 2008. ISCC 2008. IEEE Symposium on
Conference_Location :
Marrakech
Print_ISBN :
978-1-4244-2702-4
Electronic_ISBN :
1530-1346
DOI :
10.1109/ISCC.2008.4625600
