As known, Full Disk Encryption Drives (FDEs) encrypt all data that comes into them and, once the data is authorized, decrypts all data that goes out. This “blanket” encryption process helps reassure users that everything will be encrypted. As can be expected, however, such a comprehensive process can slow down, a system considerably, meaning that measures have conventionally been sought to speed the process up.
In one solution, external flash memory (or NVRAM, non-volatile random access memory) is used to provide a non-volatile cache for the hard disk (the terms “hard disk” and “hard drive” should be understood to be interchangeable herein), thus helping promote system speed (since a flash memory will not be tied up with “seek time”). However, in this context, it is possible that critical files may be cached without being written to the hard drive, thereby opening up a vulnerable attack point against such files if the machine is stolen, since an unencrypted file may well reside inside the flash.
Accordingly, a compelling need has been recognized in connection with providing full disk encryption in a manner that ensures reasonable system speed while maintaining at the same time a reasonable level of system security.