TCG OPAL 2.0 Specification on technical Implementation?

Question

Where can one find more technical information on the TCG OPAL 2.0 standard regarding how exactly the crypto has to been implemented in self encrypting drives?

I couldn't find OPAL 2.0 implementation technical papers on: https://trustedcomputinggroup.org/resource-directory/

I don't believe the standards specify exactly how the encryption must be implemented. Most likely it points to another standard like FIPS. For example, it mentions that keys generated for SED must be generated with a "suitable HWRNG". It doesn't say what the HWRNG's source of randomness must be or the theory of operation, nor whether or not whitening should be applied, etc. — forest, Feb 23 '18 at 04:44

score 1 · Answer 1 · answered Aug 09 '21 at 21:34

The TCG Opal specs define the user-data encryption in use to be one of several options. The options are listed in the “symmetric_mode_media” table. The options are: ECB, CBC, CFB, OFB, GCM, CTR, CCM, XTS, LRW, EME, CMC, XEX.

This table resides in the core spec which is publicly available at TCG: https://trustedcomputinggroup.org/resource/tcg-storage-architecture-core-specification/

TCG OPAL 2.0 Specification on technical Implementation?

1 Answers1