Ruby Cipher Frequently Asked Questions

Q. What are all the differences between Ruby Cipher and regular Ruby drive kit?
A. Other than the additional encryption feature in the Ruby Cipher drive enclosure, the Ruby Cipher drive kit has identical feature of the regular Ruby drive kit. They both share the same enclosure, drive cradles and associated accessories. This make implementing encryption to any hard drive very easily if you already has a regular Ruby kit installed. All you would need is just the Ruby Cipher drive enclosure. For more detail relating to the Ruby drive kit feature, please review the Ruby Q&A page.

Q. What is the largest 3.5" hard drive can be installed into the Ruby or Ruby Cipher Hard Drive enclosure?
A. There is no capacity limitation on the hard drive. You can partition and format any hard drive as 1 large volume.

Q. Does the Ruby or Ruby Cipher Hard Drive kit support IDE hard drive?
A. At this time there are no Ruby enclosures which support IDE hard drives.

Q: What is &ldquoRuby Cipher&rdquo?
A. Ruby Cipher is a family of Addonics Hard Drive enclosures that incorporate a real-time hard drive cryptographic bridge ASIC (Application Specific Integrated Circuit) to encrypt and decrypt the entire hard drive including boot sector, temp files, swap files and the operating system without degrading system overall performance. Inside the Ruby Cipher cryptographic engine is the AES (Advanced Encryption Standard) algorithms certified by the NIST (National Institute of Standards and Technology) of the United States of America and CSE (Communications Security Establishment) of Government of Canada.

Q. If I already have Ruby drive cradle installed in a system, can I just purchase the Ruby Cipher enclosure for encrypting some of my hard drives?
A. Yes. The Ruby Cipher and the regular Ruby hard drive kit shares the same drive cradle. You can mix encrypted and regular hard drive in the same system. The encryption is with the Ruby Cipher enclosure. The convenience of the Ruby Cipher design is that it can be taken to anywhere you want and still access the data in your encrypted hard drive so long you have the Ruby Cipher key with you.

Q. How is Ruby Cipher differs from other hardware based hard drive encryption solutions out in the market?
A. Ruby Cipher is the first drive enclosure solution that incorporates hardware AES-256 encryption in the market. All the hardware based encryption solutions in the current market have one or more of the following limitations:

  • Hard drive can only be encrypted or decrypted on the same computer
  • Hard drive is limited to a single interface connection
  • Limited to IDE hard drive. No solution for SATA hard drive at this time

    Ruby Cipher does not have any of these limitations. Ruby Cipher is by far the most flexible and most secure. Because we are offering this solution in the form of a a drive kit, you can encrypt whatever capacity hard drive you need and as many hard drives as you want

Q. Can the Ruby AES encryption key be used on the Saturn Cipher or Jupiter Cipher drive enclosure?
A.No. It cannot. The Ruby Cipher enclosure has an AES crypto engine which is different than the crypto engines inside the Saturn Cipher or Jupiter Cipher enclosure.


Q. Can the Saturn Cipher or Jupiter Cipher key be used on the Ruby Cipher enclosure?
A. No. The Ruby Cipher enclosure has an AES crypto engine which is different than the crypto engines inside the Saturn Cipher or Jupiter Cipher enclosure.


Q. I have the Cipher key management system for the Saturn Cipher and Jupiter Cipher drive kit, can I use this key management system to program and duplicate the Ruby Cipher key?
A.Yes. The Addonics Cipher key management system can be used for programming and duplicating all DES, TDES and AES cipher keys. The key code generating software for the Ruby AES is different from the Saturn Cipher or Jupiter Cipher. Please contact our tech support department for a copy of this new software. For security purpose, we are required to have your company name and contact information for verification.


Q: Is the Ruby Cipher certified?
A. Addonics hardware encryption is based on the eNova's XO DES/TDES Cryptographic engine that has been certified by NIST and CSE. These certificates are available on NIST web links: (http://csrc.nist.gov/cryptval/des/desval.html and http://csrc.nist.gov/cryptval/des/tripledesval.html).


Q: How can Ruby Cipher encrypt the entire disk without losing performance?
A. Ruby Cipher is specifically engineered for high speed communications with the disk drive. It's high throughput enables real-time communications with all SATA hard drives. The operations of encryption and decryption are accomplished using high speed hardware circuit to ensure no performance loss. There isn't&rsquot any extra software device driver required. Thus memory and interrupt overheads are completely eliminated.


Q: Can Ruby Cipher work with all types of SATA disk drives?
A. Yes. It supports both SATA I and SATA II hard drives


Q: Can Ruby Cipher work with all types of operating systems?
A. The Ruby Cipher cryptographic engine requires no device drivers and is compatible with all operating systems. However some OS may not offer support to certain interface. Below is a list of OS support using different interface connection:

  • IDE - DOS, all Windows OS, Linux, Solaris, Unix, Mac OS
  • SATA - DOS, Windows NT4, 98SE, Me, 2000, 2003, XP, Linux, Solaris, Mac OS
  • USB 2.0/1.1 - DOS, Windows 98SE, Me, 2000, 2003, XP, Linux kernel 2.4 and above, Solaris 9 and above, Mac OS 9 and above
  • Firewire - Windows 98SE, Me, 2000, 2003, XP, Mac OS9 and above

Q: What are the advantage of Ruby Cipher hardware encryption comparing to Software encryption?
A. Addonics Ruby Cipher enclosure kit, a hardware encryption solution for the hard drive, is by far the most secure and simplest to deploy, particularly for large organizations. Below are some of key benefits of Addonics hardware encryption products:

  • High performance - Data is encrypted and decrypted on the fly by a certified cryptographic engine inside an ASIC without taking any CPU resources
  • Platform independency - There is no software or driver to install to use Addonics encryption products. As a result, it can be deployed in any systems running any OS. This is important in organization with multi platform computing and legacy systems.
  • Data portability - Addonics encryption storage device, designed with its USIB interface, can be used as an internal removable hard drive or an external hard drive with USB, SATA, Firewire or CardBus/PCMCIA interface. Unlike many software or hardware products that limit accessing the encrypted hard drive to certain specified computer system, Addonics encryption storage device can be accessed by practically any system while still maintaining high level of security.
  • No training required - There is no password to remember nor running any special program commands. The solution is truly plug and play. Encryption and decryption is all controlled by a physical key.
  • Low TCO (Total cost of ownership) - With hardware based encryption, there is no IT maintenance required, no software version to maintain nor any updates to keep track of.

Q: Are everything in the hard drive encrypted?
A: Ruby Cipher encrypts every thing on your disk drive without exception. It encrypts the entire volume of your disk drive such that if you have a 300GB hard drive, the entire 300GB will be encrypted including the boot sector and partition tables.


Q: Do I need to establish a separate &ldquoencrypted folder&rdquo under file directory as required by some software solutions?
A: No. Everything you write to the disk drive is automatically strongly encrypted. There is no need to establish a separate &ldquoencrypted folder.&rdquo


Q. Can the Ruby Cipher encrypted data on an existing hard drive?
A. No. To ensure absolute security, the Ruby Cipher Enclosure is designed to encrypted everything in the hard drive. When a hard drive is installed into the Ruby Cipher enclosure the first time, the drive must go through an initialization process with the Ruby Secure Key. This process will reformat the hard drive by the Ruby Cipher Cryptographic Engine, thus all previous data stored on the hard drive will be erased. So if you have valuable data on an existing hard drive that need to be preserved, this data must be saved in a safe location and restored to the Ruby Cipher hard drive after it has been prepared with the Ruby Secure key


Q: Do I need any training to use Ruby Cipher?
A: No. The good news is that you don&rsquot have to learn or manage anything. After ing the Ruby Cipher Secure Key, everything will function as before. There isn't&rsquot any GUI for you to learn and manage and you don&rsquot have to memorize your password.


Q: Will I expect a multi-step log on procedures & complex GUI (Graphical User&rsquos Interface) like other systems require?
A: No. the Ruby Cipher solution does NOT change user&rsquos regular computing behavior, nor does it require learning a complex GUI. It does not require you to memorize frequently used and cumbersome log on procedures. It is totally transparent to all users. You need only to present your Secure Key token every time before you attached the hard drive to any computer.


Q: How does Ruby Cipher compare with Smart Card and PCMCIA encryption products?
A: Ruby Cipher is dramatically faster than PCMCIA or Smart Card solutions, and encrypts the entire hard drive instead of just ed files. There is no possibility that any data or credentials can be left unprotected on the hard drive. Drive locking and boot sector encryption solutions do not encrypt the data, and thus it is vulnerable to attack.


Q. Can a Ruby Cipher encrypted hard drive be taken out of the drive enclosure and connect directly to IDE or SATA controller?
A. Yes. The hard drive will appear as a blank hard drive without any data to any Operating Systems. If new data is written onto the drive, all the encrypted data will be gone and the hard drive becomes an ordinary hard drive.


Q: Can I encrypt multiple hard drives via a single Ruby Cipher secure key?
A: Yes. You can encrypt multiple hard drives installed in different Ruby Cipher enclosures with the same Ruby Cipher secure key. You can also encrypt multiple hard drives using the same Ruby Cipher enclosure with one Ruby Cipher secure key.


Q: Does Ruby Cipher support 48-bit LBA addressing?
A: Yes. Ruby Cipher supports 48-bit addressing and support hard drive volume over 137GB per drive.

Q: What happens if my Secure Key is lost or stolen?
A:
There are no &ldquobackdoors&rdquo into Ruby Cipher encrypted hard drive, so without the Secure Key you will not be able to access the data on the protected disk drive. This means you must keep the backup key in a safe place at all times.


Q: Can I order duplicate Secure Keys?
A: Yes. You can order duplicate Secure Keys directly from us. To have additional keys made, you must send in your backup key with your order for duplication. If you are down to the last key, be sure to make a back up of all the data stored inside your encrypted hard drive prior to sending the last key to Addonics. Addonics is not responsible for key lost in the mail or retrieval of the data inside the encrypted hard drive. For customers who are interested to manage and make their own keys, they can purchase the Addonics Cipher key duplicating system. The cost of the key duplicating system is $2000. Please contact an Addonics Sales representative for the purchase of the key duplicating system.


Q: Can I remove the Secure Key while my hard drive is connected?
A: Yes, you can safely remove the Secure Key for safekeeping after the hard drive is detected by system. Remember that the Secure Key MUST be used again the next time you reconnect the hard drive or restart your system.


Q: If the Ruby Cipher malfunctions, will I lose my data?
A: No. the SCCE is a generic cryptographic engine and the Secure Key contains the DES/TDES cryptographic key. Consequently, you can simply replace the defective Ruby Cipher enclosure, if that ever occurs, and use your original Secure Key to access the data on your hard drive.


Q: Does Ruby Cipher increase the original file size after encryption?
A: No. DES/TDES is a complicated mathematical algorithm that computes the original data with 64/128/192-bit cryptographic key length. Regardless of the size of the key, the size of data file after encryption remains unchanged.


Q: Can I encrypted a hard drive already with data on it?
A. No. When a hard drive already has data on it is installed into the Ruby Cipher drive enclosure. The computer detects the hard drive as a brand new drive or a drive that is unallocated. Once you proceed to partition the drive, the data that was on the hard drive will be erased and cannot be recovered. So to retain your valuable data, it must be backed up first and then transferred to the encrypted hard drive.

The same holds true for the Ruby Cipher encrypted hard drive, It will look like a brand new drive when attach directly to the IDE or SATA controller of a computer. There will be no partition or any hint to indicate that the drive contains encrypted data. When the drive is partitioned, all the encrypted data
will be lost.


Q: How does Ruby Cipher encryption work?
A: Ruby Cipher Cryptographic Engine (SCCE) sits before your disk drive. It intercepts, interprets, translates, and relays commands & data to and from the disk drives, encrypting the data with DES/TDES 64/128/192-bit key strength. Before all data reach the disk drive, the SCCE encrypts it then saves to disk drive. When there is a read to the disk drive, the SCCE decrypts it before sending the data to the host. The operation of encryption and decryption is totally transparent to all users thus the SCCE is invisible to the entire system. The Ruby Cipher Secure Key Token contains the &ldquoCryptographic Key&rdquo that is to be used by the the SCCE. At power up, the &ldquoCryptographic Key&rdquo will be delivered to the SCCE register sets using a proprietary hardware protocol. If somehow the Cryptographic Key was incorrect or missing, the SCCE will not decrypt the hard drive thus the Ruby Cipher encrypted hard drive will only be detected by any Operating System and the entire content is secure. Attempts to surface scan the entire disk drive platters will only prove futile. As the SCCE is a generic engine and it relies on the &ldquoCryptographic Key&rdquo to enable all functionalities, a malfunctioned SCCE can be easily replaced with the same model and the content of your disk drive can be safely retrieved as long as your original &ldquoCryptographic Key&rdquo is intact.


Q: How is key length related to security?
A: In the case of Symmetric Cipher (DES, TDES, and AES), a larger Cryptographic Key length creates a stronger cipher, which means an eavesper must spend more time and resources to find the Cryptographic Key. For instance, a DES 40-bit strength represents a key space of 1,099,511,627,776 (240, 2&rsquos power 40) possible combinations. While this number may seem impressive, it is definitely feasible for a microprocessor or a specially designed ASIC to perform the huge number of calculations necessary to derive the Cryptographic Key. Surprisingly an investment of only about US$10,000 investment in FPGA (Field Programmable Gate Arrays) will be able to recover a 40-bit key in 12 minutes. Further, a US$10,000,000 investment in ASIC will be able to recover a 40-bit key in 0.05 second. A government agency that can afford investing US$100,000,000 or more will be able to recover a 40-bit key in a whopping 0.002 second! Thus a 40-bit length cipher offers a bare minimum protection for your confidentiality and privacy. Fortunately the &ldquowork factor&rdquo increases exponentially as we increase the key length. For example, an increase of one bit in length doubles the key space, so 241 represents key space of 2,199,023,255,552 possible combinations. A 2112 bit (128-bit) TDES cipher offers extremely strong security (5,192,296,858,534,827,628,530,496,329,220,096 possible combinations) that should resist known attacks for the next 15 to 20 years, considering the advance of semiconductor design and manufacturing.


Q: Why do I need to use the Secure Key token?
A: The Secure Key token contains the AES &ldquoCryptographic Key&rdquo that is used by Ruby Cipher to encrypt or decrypt data. Without the key, the protected disk drive cannot be detected and there is no access possible. Together the Secure Key token and Ruby Cipher Cryptographic Engine comprise an effective user authentication for access control and encryption for data protection. The Secure Key token serves as user authentication for access control while Ruby Cipher Cryptographic Engine encrypts and decrypts.