Sophos SafeGuard Disk Encryption ensures a fast encryption of the hibernation file

  • Article ID: 109111
  • Updated: 30 Sep 2010


Product
Sophos SafeGuard Disk Encryption 4.60

Client OS

Windows 2000 Professional SP4, Windows XP SP3

Server OS

None

Question

How does Sophos SafeGuard Disk Encryption ensures a fast encryption of the hibernation file on Windows XP, while maintaining the highest level of security?

Answer

Sophos SafeGuard Disk Encryption performs volume encryption on a sector basis. It loads blocks of one or more sectors, and en-/decrypts each sector individually.

As a consequence, the hibernation file is nothing else but another (in this case, contiguous) chunk of sectors, which is processed by the Sophos SafeGuard Disk Encryption encryption engine. Although it does require some special treatment by the Sophos SafeGuard Disk Encryption filter device driver in the phase of recovery from hibernation, this is transparent to the user and does not at all affect the character of sector-based encryption. Encryption of the hibernation file and encryption of the rest of the volume have no impact on each other, and do not affect each other negatively or reduce performance.

Sophos SafeGuard Disk Encryption uses the Cipher Block Chaining (CBC) mode with symmetric block encryption algorithms, such as AES. This is the industry standard for block device encryption without data expansion. CBC is initialized for each sector individually. Due to CBC, Sophos SafeGuard Disk Encryption does not introduce any additional integrity check mechanisms beyond the ones that the operating system already has in place. Again, this is transparent to the operating system.


Related documents:
- 109218 Secure hibernation on systems with S-ATA drives
- 109361 Does Sophos SafeGuard Disk Encryption support the Windows hibernation mode (Suspend-to-disk)?

Keywords: Ruhezustand sde

 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments