Enova X-Wall MX+, Real-Time Cryptographic ASIC

Enova Technology Corp. announcing availability of X-Wall MX+, SATA-to-SATA (Gen 3, 2 and 1) real-time cryptographic ASIC protecting sensitive data-in-transit and data-at-rest with AES CBC 256-bit strength.

The X-Wall_ MX+ family ASIC is the 10th generation of patented ⁽¹⁾ X-Wall Technology. It is engineered specifically to encrypt/decrypt entire SATA disk drive including boot sector and OS with SATA Generation III at 6Gb/s performance. The X-Wall MX+ enhances both security and performance of its predecessor MX and is progressing for FIPS 140-2 level 2/3 single chip crypto module certification.

How does it work?

Click to enlarge

The X-Wall MX+, an SATA-to-SATA cryptographic ASIC, sits right in between host SATA adapter and the device SATA controller, encrypting entire SATA drive with wire speed performance while providing 256-bit AES hardware strength in ECB, CBC or XTS mode of operation. System performance with X-Wall MX+ engaged is unaffected. XWall MX+ can be operated with SATA Generation III, II and I compliant storage drives with a maximum cryptographic throughput at 6G/ps. The AES hardware engine performs all encryption and decryption. There are no extra software driver to be loaded, eliminating entirely the memory and interrupt overheads. X-Wall MX+ is independent from and invisible to all known OSs including embedded OS. As long as the drive is SATA compliant, X-Wall MX+ will work in the system. Once authenticated, its operation is transparent to all users. There is no complex GUI involved therefore your regular computing behavior is unchanged.

Full Disk Encryption or FDE
The X-Wall MX+ can be configured to perform full disk encryption like its predecessor MX, protecting entire data-at-rest. This is the default function and solution which is OS independent.

File Folder Encryption or FFE
With add-on software components, the X-Wall MX+ can be configured to perform file/folder encryption, encrypting data-in-transit such that files stored in the cloud storage remain MX+ hardware encrypted. Only the right secret key can successfully decrypt those encrypted files, solution that is OS dependent.

Enhanced security for authentication
The X-Wall MX+ has equipped with HMAC, SHA256, RSA 2048, and DRBG, all in hardware. Those cryptographic components, when proper procedures are applied, can be allowed to perform secure authentication. Therefore, key management can be versatile, which includes PIN/Password through Pre-boot authentication, TPM, Smartcard, Fingerprint, Single Sign On, or USB type external key token. One or more factor authentications are applicable.

Benefits

Offers real-time performance at SATA Generation III speed (6Gb/s) on all encryption strengths

OS independent
Provides iron-clad security through FIPS 140-2 Level 2/3c certified hardware-based cryptographic components

As the entire SATA disk drive is encrypted, there is no possibility of any secret being left unprotected on the drive, including password and Secret Key. In an X-Wall MX+ protected system (drive), there is no simple way to read the data without the right Secret Key. Only you have the right key to unlock your data.

The X-Wall MX+ technology is compatible with all system designs incorporating SATA disk drive technologies. A limited amount of sample chips will be made available for qualified customers for testing and evaluation.

Features

Power-On-Self-Test (POST) ability to ensure productc reliability
Versatile key management
100% hardware AES ECB, CBC or XTS cryptographic enginec producing real-time SATA Gen 3/2/1 performance
HMAC, SHA256, RSA 2048 and DRBG hardwarec cryptographic components
64-pin TQFP small form factor
64-pin QFN package can be requested
RoHSc and lead-free compliant