Discretix - Products - Secure Disk Solution (DxSD)

BLOG |

Search:

PRODUCTS & SOLUTIONS

Platforms

CryptoCell®

CryptoFlash®

Anti-Cloning | Anti-Hacking

Peripheral Binding

Secure Disk

Content Protection

Multi-Scheme DRM Client

OMA DRM

WM DRM

CPRM

Mobile TV Security Client

Modules

IPSec Accelerator

Cryptographic Accelerators

PKA, AES, DES, HASH OR
RNG

Cryptographic Software Library

HDCP

Secure Database

Secure Boot | Secure Debug

Key Storage & Management

Certificate Handling

Discretix Secure Disk Solution (DxSD)

Discretix DxSD is a comprehensive "in-storage" data protection Highlights solution for solid-state disks (SSD) or hard disk drives (HDD) embedded into the disk controller as semiconductor IP.

Market Needs

Today, our most valuable assets, whether personal or work-related, are stored on numerous fixed and mobile devices. Data backup is also shifting away from tapes and moving towards disk-based backup and recovery, continuously improving accessibility. The massive volume of stored information, its critical importance and the ease of access, significantly increases the risk associated with theft and loss.

Moreover, government and industry regulations mandate strict control of data privacy and security with severe penalties for violations. To achieve true protection, data must be protected where it is stored, and not by the application that uses it.

DxSD Use Cases

Technical Overview

DxSD protects disk content from unauthorized access or misuse. A secure boot function verifies that the controller firmware has not been tampered with or modified, guaranteeing a known and trusted starting point. In addition, the Master Boot Record authenticity is verified.
At system boot, DxSD requests a pre-boot password and verifies its authenticity before allowing access to the disk contents. Data stored on the disk is encrypted. Once access to the disk is granted, the DxSD AES engine decrypts data that is read from the disk and encrypts data that is written to the disk.

Block Diagram

Configuration Options

Click to enlarge

Download Brochure

Key Benefits:

	Prevents theft of sensitive information
	Averts information leaks from inaccurate classification
	Inhibits usage in unauthorized systems
	Decreases financial liability, exposure, and risk
	Platform and OS independent

Highlights:

	Full Disk Encryption (FDE)
	Strong, robust encryption
	Encryption at disk throughput
	Very Fast Secure Data Sanitization
	Secure Boot
	Secure firmware updates
	Master Boot Record tampering detection
	Mutual authentication with host system
	Pre-Boot event logging
	Multiple User support

Key Features:

	AES-128 encryption using FIPSapproved mode, e.g. AES-CTR, or IEEE 1619 XTS-AES
	AES-192/256 – optional
	On-the-fly Encryption/decryption AES throughput: 133MB/sec to 1066MB/sec @ 100Mhz
	RSA-based boot-time integrity checking
	Based on FIPS validated cryptographic algorithms
	Host authentication based on IEEE 1667 Transient Storage Authentication certificate silo
	Synthesizable up to 200MHz

Deliverables:

	Synthesizable Verilog RTL source code
	Synthesis script and constraints
	User Manual with hardware integration guidelines
	ANCI-C source code firmware
	Hardware and Firmware acceptance and integration tests
	Complete Hardware and Firmware technical documentation
	PC tool generating signed controller firmware image