In today’s world, where data security threats are increasingly severe, ensuring the confidentiality of static data (data at rest) has become a top priority. Relying solely on software encryption is insufficient; a combination of high-performance hardware acceleration and hardware-level key management is essential to build a truly robust defense. This article will delve into how to utilize three mainstream algorithms: AES-128, AES-256, and SM4-XTS, along with a built-in key management system (KMS) and hardware encryption engine, to achieve enterprise-level static data security encryption.
Core Design: The Foundation of Security and Performance
1. Intelligent Algorithm Selection:
AES-128 XTS: The golden balance between performance and security, suitable for ordinary sensitive data (such as user documents and routine business data).
AES-256 XTS: Provides the highest level of security, meeting the needs of highly confidential data or stringent compliance scenarios such as financial transactions, healthcare, and government secrets.
SM4-XTS: Fully compliant with China’s national cryptography standards (GM/T), making it an ideal choice for achieving autonomous and controllable information security.
2. Hardware Acceleration Engine: All encryption/decryption calculations are offloaded to dedicated hardware. This can be the CPU’s built-in AES-NI instruction set, national cryptography acceleration instructions, or a standalone PCIe encryption acceleration card (such as Intel QAT). This completely relieves CPU pressure and provides extreme performance.
3. Hardware-Level Key Management (KMS): Key security is at the core of encryption. Integrating dedicated hardware (such as TPM 2.0 chips or dedicated HSM modules) as a “KMS” ensures that the entire process of generating, storing, and using root keys and encryption keys (DEK) is never exposed to system memory, eliminating memory scanning attacks.
4. Dedicated Storage Mode: XTS: Uniformly adopts the XTS encryption mode optimized for disk/block devices, effectively defending against block replacement attacks, and is the de facto standard for storage encryption.
System Architecture: Full-Stack Protection from Hardware to Data
1. Hardware Layer Foundation:
Encryption Engine Deployment: Choose a CPU that supports the required instruction set or add an encryption acceleration card.
Key Management Hardware Integration: Embed TPM 2.0 or dedicated HSM to build a trusted root.
Secure Boot Chain: Ensure the boot process from BIOS to the operating system is trustworthy, defending against low-level attacks.
2. Key Management System: The Heart of Security
Hierarchical Key Structure:
KEK (Key Encryption Key): The master key, tightly protected by the hardware KMS, never leaves its side during its lifecycle.
DEK (Data Encryption Key): The key actually used for data encryption, dynamically generated based on data type and policy (AES-128/AES-256/SM4).
Full Lifecycle Management:
Generation: Created by a true random number generator (TRNG) within the KMS to produce high-entropy DEK.
Storage: DEK is always stored in ciphertext form (encrypted by KEK), with plaintext never leaking.
Rotation: Supports periodic or event-triggered DEK rotation, where old data is decrypted and re-encrypted with a new DEK, enhancing long-term security.
Destruction: Keys are thoroughly erased using hardware secure erase instructions, making recovery impossible.
3. Static Data Encryption Process:
When data is written, the encryption algorithm (AES-128-XTS, AES-256-XTS, SM4-XTS) is selected based on preset policies (such as file sensitivity tags and directory rules).
The selected algorithm is used for high-speed encryption via the hardware encryption engine.
The DEK used for encrypting the data is immediately protected by the hardware KMS using KEK after generation or use.
Finally, the encrypted data and the encrypted DEK are securely stored together.
4. Decryption and Access Control:
Users/processes must pass strict identity authentication to access data.
The system requests the DEK needed for decryption from the hardware KMS.
After verifying the requester’s permissions, the KMS decrypts the DEK using KEK and securely transmits the DEK to the encryption engine through a secure channel (such as memory encryption bus or DMA protection).
The encryption engine uses the DEK to decrypt the data block. Key Point: The plaintext DEK only exists momentarily in the secure environment of the encryption engine and is never exposed to general memory or CPU.
5. Flexible Algorithm Strategy:
Policy File Driven: Specify encryption algorithms based on directory, file type, or tags through centrally managed security policy files.
Metadata Tagging: Clearly record the encryption algorithm identifier (e.g., ENC_ALG=AES256) in the file header or separate metadata to ensure correct decryption.
Key Security Reinforcement: Building an Impenetrable Fortress
1. Memory Isolation: DMA isolation technology is used between the encryption engine and KMS to block CPU side-channel attacks (such as Spectre, Meltdown).
2. Resistance to Physical Attacks: The hardware KMS must have capabilities to detect tampering, resist power analysis/electromagnetic analysis (SPA/DPA), and other physical protections.
3. Audit Trail: All key operation events (generation, use, destruction, rotation) are meticulously recorded in an append-only secure audit log to meet compliance audit requirements.
4. Compliance Configuration:
AES-256 configuration meets NIST FIPS 140-3 Level 3/4 certification requirements.
SM4 configuration strictly follows national cryptography standards such as GM/T 0054-2018 “Cryptographic Device Application Interface Specification”.
Deployment Example: Quick Start in Linux Environment
# Enable hardware acceleration support (requires kernel and hardware support)
echo 1 > /sys/module/aesni_intel/parameters/enabled
modprobe sm4-generic
# Use cryptsetup to create a LUKS2 encrypted volume (supports algorithm selection & hardware engine & HSM management)
cryptsetup luksFormat /dev/sdb1 –type luks2 \
–cipher aes-xts-plain64 –key-size 256 \ # Optional: sm4-xts-plain64, aes-xts-plain64 –key-size 128
–integrity hmac-sha256 \ # Optional integrity check
–hw-opal \ # Use hardware encryption/decryption engine (e.g., SED/Opal)
–key-slot hsm # Specify that the key is managed by HSM (requires specific HSM driver support)
Performance Optimization Tips
1. Parallel Processing: Fully utilize the multi-queue feature of the encryption engine, configuring the IO queue depth to match the number of CPU cores.
2. Data Alignment: Ensure that the block size (typically 4KB) is aligned with the optimal processing block of the encryption engine to reduce performance loss.
3. Layered Data Encryption: Use AES-128-XTS for frequently accessed “hot data” to optimize performance; use AES-256-XTS or SM4-XTS for less frequently accessed “cold data” or highly sensitive data to provide the strongest protection.
Final Effect: Rock-Solid Data Security
Zero Plaintext on Storage Media: All static data exists in high-strength ciphertext form on disks/storage devices.
Hardware-Level Key Protection: Core keys (KEK) and business keys (DEK) are guarded by dedicated hardware “KMS”; even if the storage device is physically stolen or the host operating system is completely compromised, the data remains secure.
Flexible Algorithm Adaptation: The best encryption algorithm (AES-128, AES-256, SM4) can be freely selected based on data sensitivity and regional compliance requirements (such as national cryptography), with clear policies and unified management.
This solution has been successfully validated in scenarios such as core financial systems and government confidential storage, effectively meeting the requirements of GB/T 39786-2021 “Information Security Technology Basic Requirements for Cryptographic Applications in Information Systems” Level 3 and above, as well as international and domestic authoritative security standards such as ISO 27001 Annex A.10. When deploying, be sure to verify instruction set compatibility and perform fine-tuning for performance based on the specific hardware platform. Build a hardware-based static data encryption system to provide chip-level ultimate protection for your critical data assets!