RAID systems (which are also defined as “Redundant Arrays of Independent Disks” or sometimes according to the original definition, “Redundant Arrays of Inexpensive Drives”) are computer storage systems that divide and/or replicate data storage among multiple storage devices. This term for using two or more drives to appear as a single device to a host system came from a published paper: “A Case for Redundant Arrays of Inexpensive Disks (RAID)” by David Patterson et al, at SIGMOD (ACM's Special Interest Group on Management of Data) in June 1988.
Commonly recognized categories of RAID systems are divided into seven levels. RAID 0 refers to a system where the data is broken into fragments or striped to multiple drives without parity. RAID 0 provides improved performance and additional storage but no fault tolerance. RAID 1 refers to a system where the data is mirrored on multiple drives without parity. Thus RAID 1 provides fault tolerance from drive errors and single drive failures. RAID 2, which involves Hamming codes for error correction, and is not that commonly used. RAID 3 refers to a system where the data is striped on multiple drives with a dedicated parity drive. Thus RAID 3 provides improved performance and fault tolerance but the single parity disk is a bottle-neck for writing since all writes require updating the parity data. RAID 4 refers to a system that is just like RAID 3 but uses block-level striping instead of byte-level striping. RAID 5 refers to a system where the data is striped on multiple drives using distributed or rotated parity stripes. RAID 5 provides improved performance without the bottle-neck for writing and the distributed parity can survive and/or recover from a single drive failure. RAID 6 refers to a system where the data is striped on multiple drives using two distributed or rotated parity stripes. Thus in RAID 6 the dual distributed parity can survive and/or recover from two drive failures and there is time to rebuild the array without data being volatile while a failed drive is being recovered.
Data security/privacy can be achieved through encryption of the data. Encryption is useful in that it prevents someone with physical access to the drive(s) from getting the data unless they have the passphrase/key. It also enables the data on the drive(s) to be wiped with greater confidence when transferring or discarding the drive(s).
One popular encryption technique is known as the Advanced Encryption Standard (AES). AES was announced in Nov. 26, 2001 by the National Institute of Standards and Technology (NIST) as U.S. FIPS PUB 197 (FIPS 197). AES has a fixed block size of 128 bits and a key sizes of 128, 192 or 256 bits. Key expansion using Rijndael's key schedule transforms the keys of size 128, 192 or 256 bits into 10, 12 or 14 round keys of 128 bits. On systems with 32-bit or larger words, it is possible to implement the AES cipher by converting the SubBytes, ShiftRows and MixColumns transformations of the AES encryption/decryption algorithm into four 256-entry 32-bit tables, which utilize 4096 bytes of memory. One drawback to a software implementation of AES is lowered performance.
In a high performance storage system a cryptographic engine may be deployed in hardware to encrypt/decrypt the data. In an encrypted RAID storage system, computation of a parity syndrome should also be performed in order to recover the encrypted data in the event of a drive failure. One drawback is that such computations of parity syndromes between data segments may require waiting until the segments have been encrypted, increasing delays and lowering performance. Another drawback is that multiple cryptographic engines may be required to avoid waiting for the first two segments to be encrypted serially before computing a parity syndrome. This may increase the cost of such encrypted RAID storage systems. Therefore, design tradeoffs involving desirable features such as data security/privacy and high performance versus undesirable features such as increased costs in RAID storage systems have not, to date, been fully explored.