IEEE Security in Storage Working Group (SISWG)

Title: IEEE Security in Storage Working Group

Scope: The Security In Storage Working Group (SISWG) develops standards that address any aspect of security as it relates to data storage. The work of this group is of interest to storage developers, storage vendors, and storage system operators.

SISWG’s present and past work includes:

  • A family of standards on data sanitization: The IEEE 2883 family.
  • A family of standards on data encryption methods for storage components: The IEEE 1619 family.
  • A standard on Discovery, Authentication, and Authentication in Host Attachments of Storage Devices: The IEEE 1667 specification.

New Standards under Development:

P2883.1Recommended Practice for the Use of Storage Sanitization Methods

This standard will provide recommendations to organizations in making choices in the application of sanitization methods. Recommendations will consider risk, feasibility, effectiveness, economics, and environmental consequences.

Status: On 2025-01-29, the Review Committee will consider this draft standard for publication.

P2883.2Recommended Practice for Virtualized and Cloud Storage Sanitization

This standard will provide recommendations to organizations in applying sanitization methods to virtualized and cloud storage systems. Recommendations  will primarily focus on mitigation of risk within constraints posed by feasibility, effectiveness, economics, and environmental consequences.

Status: SISWG has created a subgroup to develop P2883.2. The subgroup meets every other Tuesday via WebEx at 12:00 PDT.

P3406Standard for a Purge and Destruct Sanitization Framework

This standard will provide a framework of requirements for implementing the Purge and Destruct storage sanitization methods.

Revisions under Development for Published Standards:

P1619Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices (revision of IEEE Std 1619™-2018)

This standard defines the XTS-AES block cipher for logical block-oriented storage devices, also known as “XEX (XOR Encrypt XOR) Tweakable Block Cipher with Ciphertext Stealing (XTS) cryptographic mode of operation for the Advanced Encryption Standard (AES)”.

This new version of 1619 addresses comments from the National Institute of Standards and Technology (NIST) to improve security of data encrypted, by tightening limits on the amount of data that can be encrypted with a single encryption key. Upon publication of this new revision, NIST will revise SP 800-38E (“Recommendation for Block Cipher Modes of Operation: the XTS-AES Mode for Confidentiality on Storage Devices”) to refer to the new revision of 1619.

This new version of IEEE 1619 will be of interest to any vendor of block storage devices, especially those devices with capacities in the terabyte range.

Status: On 2025-01-29, the Review Committee will consider this draft standard for publication.

P1667Standard for Discovery, Authentication, and Authorization in Host Attachments of Storage Devices (revision of IEEE Std 1667™-2018)

SISWG has accumulated a number of requests for changes to 1667. Most are editorial corrections; a few are technical changes, such as specifying the effects of PCIe resets in multi-port devices.

P2883Standard for Sanitizing Storage

The IEEE-SA New Standards Committee (NESCOM) has approved a project authorization request to begin work on the next revision of IEEE Std 2883™-2022.

Published Standards:

IEEE Std 1619™-2018 – IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices

IEEE Std 1619.1™-2018 – IEEE Standard for Authenticated Encryption with Length Expansion for Storage Devices

IEEE Std 1619.2™-2021 – IEEE Standard for Wide-Block Encryption for Shared Storage Media

Note: A recent paper has found a flaw in the XCB mode used in this standard for XCB-AES. The other mode defined in this standard is EME2. SISWG has decided to revise this standard to remove XCB-AES, and has submitted a project authorization request (PAR) to the IEEE New Standards Committee (NesCom). The PAR is on the NesCom agenda for the 2025-01-29 meeting.

IEEE Std 1667™-2018 – IEEE Standard for Discovery, Authentication, and Authorization in Host Attachments of Storage Devices

IEEE Std 2883™-2022 – IEEE Standard for Sanitizing Storage

Meetings:

SISWG meets via WebEx every other Friday from 14:00 to 16:00 Pacific Time.

Membership:

SISWG is an individual membership working group. Members do not formally represent companies or other entities. To join, send an e-mail to the chair, who will send you instructions on how to become a member and how to join the e-mail reflector.