Intel is committed to rapidly addressing security vulnerabilities affecting our customers and providing clear guidance on the solution, impact, severity and mitigation.

Please report any security vulnerabilities in this project utilizing the guidelines here.

This repository contains a functional reference demonstrating a Full Disk Encryption (FDE) solution. The following sub-sections are about this FDE solution.

The setup instructions in the README.md are for development, testing, and demo purposes ONLY. For a production setup, please apply appropriate security measures.

The secure management of cryptographic keys, certificates, and other secrets is a critical user responsibility and is out of scope for this solution's setup guide. The methods shown, such as storing keys as plaintext files or using environment variables, are for convenience in a development setting and are not representative of a secure production deployment.

Users are responsible for securing sensitive assets, including but not limited to:

• Private Keys: kbs.key.pem, sk_kbs_admin.pem
• Secrets: VAULT_ROOT_TOKEN, k_RFS
• Certificates: kbs.cert.pem

This solution uses the cryptographic algorithms ECC-256 and Ed25519 due to dependencies on the underlying Trustee Key Broker Service (KBS). These algorithms are provided for reference purposes. Users should evaluate their security, performance, and suitability requirements before deployment.

For users planning to build a production system based on this solution, we strongly recommend implementing security best practices, including but not limited to:

• Key generation and provisioning must be done in secure facility to ensure security of the key(s) is not compromised.
• Avoid storing secrets in environment variables. Instead, use secure device provisioning solutions (e.g., Kubernetes Secrets, Docker Secrets, and HSMs) or fetch them from a Key Management Service (KMS) at runtime.
• Use TLS certificates issued by a trusted internal or public Certificate Authority (CA) instead of self-signed certificates.
• Run all third-party services, such as HashiCorp Vault, in a production-hardened configuration. This includes using persistent storage, enabling TLS, configuring proper authentication and authorization policies, and complying to license requirements.
• Current configuration is not PQC ready and the customer must do their due diligence for PQC security needs.
• Adhere to applicable cryptographic standards, such as those mandated by NIST and FIPS.
• Conduct a comprehensive threat assessment to identify and implement necessary security mitigations.
• Carry out robust security validation to ensure all security requirements are thoroughly tested.