SecureIDE is a very interesting product made by ABIT, although most of the credit should probably go to eNova, the company who actually developed the technology behind the product. People are more and more worried about securing their data, and there are a multitude of encryption packages available today for protecting sensitive data. It does require a certain amount of discipline though as you do have the actually encrypt the data (and then destroy the plaintext). This can be inconvenient if you are working on these files and have to decrypt and encrypt them on a regular basis. Certain programs make this slightly easier, for example Apple's FireVault places the user's entire home directory on an encrypted disk image.

But even this type of solution still has its flaws. Beyond the speed hit that you take, what about swap files or temporary files left hanging around? Ideally one might wish for the entire contents of the hard-drive to be encrypted, however doing this by software would entail a performance hit and be problematic to implement, since if the entire disk is encrypted, how does the BIOS read the boot sectors?

ABIT's solution is wonderfully simple. Their SecureIDE system is a small piece of circuit board with a male IDE connector on one side and a female connector on the other. Instead of plugging your IDE cable straight into the hard-drive you plug it in via the SecureIDE module. On this module eNova's X-Wall ASIC encrypts all data going towards the hard disk and decrypts anything coming out of it. The chip is specially designed to perform this task and ABIT claims that it can handle a throughput of 1.6 GBit/s, well in excess of what current hard-drives or IDE interfaces can handle.

Also attached to this module is a firewire cable, the other end of which is placed outside the computer (a blanking plate is supplied so that this can be done cleanly via a PCI slot). When one wishes to be able to access the data on the drive it is a simple matte of plugging in a "key" that contains the encryption key. When the computer is booted the module reads the encryption key and if it is correct the computer will startup and you can remove the key.

The solution is an elegant one. It requires no special driver software to use and should therefore work regardless of the operating system used. The likelihood of forgetting to remove the key is reduced by the fact that it does not need to be in place all the time, only when the computer is booting.

Unbreakable! (If by unbreakable you in fact mean as safe as a cardboard box)

There is a but. A big one. ABIT claims "ABIT's SecureIDE will keep government supercomputers busy for weeks and will keep the RIAA away from your Kazaa files." However the algorithm used to protect your data is good old 40bit DES. Now granted your cat or neighbour's toddler is probably unable to break 40bit DES but just about anyone else can. If you look at's statistics for their 56bit DES project, you will see that a 266 Mhz Pentium II can on average do 3 million DES keys/s, so such a computer would be able to search the entire keyspace in 4 days or so. In other words 40 bit DES could be broken in a couple of hours by anyone with a half decent PC. For someone with a little more money to spend, the EFF's DES cracker, a specially designed machine built at the cost of $250,000 in 1998 can find a 40bit DES key in around 3 to 12 seconds. Somehow I think that both the government and the RIAA could afford such devices.

It is a bit surprising that ABIT chose such weak encryption. They are a Taiwanese company so it's not as if they are subject to export restrictions. It's not a technical problem either, since eNova make a 3DES version that is pin to pin compatible with the version that ABIT is using. Even if one were to accept that given the value of their data, 40bit encryption is safe enough for the casual home user, to claim that this would keep government supercomputers busy for weeks isn't just being enthusiastic, it is a total and utter lie.

Were it not for the small key issue, SecureIDE could be a very useful product, hopefully ABIT or some other manufacturers will start to offer products based on the more secure version of eNova's chip. It's not a complete solution, as once your computer is running any program on your computer can access your hard drive as usual (so it would not offer any protection if a computer was hacked), but it does provide a convenient solution if one is worried about actual thefts of hard-drives.


Log in or register to write something here or to contact authors.