Proposed standards for protecting data on disk or tape are gathering steam within the IEEE and could be supported in products this year, according to proponents.
Such standard technology could go a long way toward safeguarding organizations and their customers from the perils of lost or stolen disks and tapes, backers say. The need to push through such standards has been made more urgent since high-profile companies such as Ameritrade and Bank of America earlier this year lost unencrypted tapes containing customer data.
"For businesses in regulated industries or that store personal financial information, encryption may very well be a requirement," says Stephanie Balaouras, a senior analyst for Forrester Research. "For other businesses it's a matter of managing risk, and encryption is one of many options that businesses must consider."
The proposed standards for how data is encrypted on disk and tape are the IEEE P1619 and P1619.1 Standard Architecture for Encrypted Shared Storage Media. The IEEE's Security in Storage Working Group is fine-tuning the standards, hopefully for approval in months to come.
"We have a draft standard for disk that is three years in the making and is very close to being complete. We have a stable draft for disk and a very preliminary draft for tape," says Jim Hughes, Sun fellow and chair of the working group. "I expect both to be approved in 2006."
The standards would address encrypting data at rest on disk or tape, whereas protocols such as IPSec, Secure Sockets Layer (SSL) and Secure Shell (SSH) are used to encrypt data in transit. While some storage-product companies already support one sort of encryption or another, having standard implementations could make it easier for customers to safeguard data across heterogeneous storage environments, standards supporters say.
The proposed standards define three encryption algorithms and a method of key management designed to ensure the compatibility and interoperability of different storage gear. For encryption on disk, the specification proposes using the new Liskov, Rivest, Wagner-Advanced Encryption Standard (LRW-AES) cryptographic algorithm. For tape encryption, it proposes using the National Institutes of Standards and Technologies' (NIST) AES Galois/Counter Mode (AES-GCM) and AES Counter with CBC-MAC Mode (AES-CCM) standards.
Each of these encryption modes is less susceptible to compromise or attack than current techniques such as counter-mode encryption or Cipher Block Chaining (CBC) encryption. CBC mode, for instance, is not resilient against attackers arbitrarily changing bits in plain text by manipulating bits of the ciphertext (the output of an encryption function), according to Hughes.
"If I know where my salary is on the disk, I can make changes to the ciphertext to increase my salary to any amount I want without breaking the algorithm," he says.
Defining a standard for encrypting data on tape has been particularly challenging, Hughes says. Encryption of data on disk deals with fixed-sized blocks of data. With tape, the block size can vary, and because data needs to be kept for longer amounts of time the encryption algorithms become more complex and require more keys to decrypt the data that is retained.
NeoScale, which makes storage security devices, says it will start implementing the storage encryption standards in its appliances when the standards have been published by NIST as a Federal Information Processing Standard. Decru, another storage security company, says it will implement P1619 encryption in its DataFort appliance via a flash firmware upgrade. Sources say the standards will also be supported by Fibre Channel director switch vendors.
Members of the standards working group include Cisco, HP, IBM, McData and the U.S. Army, among others.
It is difficult to isolate the size of the storage security market from that of general network security. Jon Oltsik, senior analyst for the Enterprise Strategy Group, estimates it at no more than US$50 million in 2005.