Conventional computing devices typically include one to many conventional types of input/output (I/O) ports for communicating with connectable external devices such as mice, keyboards, wireless modems, thumb drives, hard drives, etc., as well as internal devices such as hard drives and SSD drives.
However, the specifications for many I/O interfaces such as Serial AT Attachment (SATA) have no provision for authenticating attached SATA devices or encrypting SATA traffic. One way to secure SATA communications is by changing software layers (drivers, applications). This is impractical to implement due to the variety of different SATA stack implementations and the resulting lack of interoperability. This is one reason why this approach did not gain widespread adoption. Another option is to encrypt the entire file system. This approach also suffers from lack of interoperability. Both approaches have another disadvantage: the key to perform encryption is stored in the same system, which weakens overall security. Example prior art approaches include EP Application Number EP2407905 and EP Application Number EP2517144.
Meanwhile, there are a number of applications that would greatly benefit from efficient SATA data encryption, such as applications for storing sensitive data on SATA mass storage devices. Accordingly there remains a need for efficient techniques for securing SATA communication channels.