HPE Community
StoreEver Tape Storage
1751692 Members
4778 Online
108781 Solutions
New Discussion

Re: Encryption Concepts

 
L1nklight
Valued Contributor

‎05-16-2013 08:26 AM

‎05-16-2013 08:26 AM

Encryption Concepts

I am currently working on trying to understand the tape encryption process. I have purchased a pair of tokens (one for my production site and one for my DR site). After reading some of the documentation, I am kind of confused about how the encryption process should work. My original intention, was to create a token and leave encryption always on. I would then create a backup token and send it to my DR site for storage and I would do the reverse process at the DR site.

What's confusing me right now, is that I had intended on only using a single key and leaving encryption always on. The tapes in question are in a protected rack and they will only ever be in the tape loader or at the IronMountain facility. The documentation however, seems to indicate that I am supposed to rotate keys on some sort of annual process. My question is if in year 1 I am using key set A and at the end of year 1 I rotate to key set B, how do I restore data from year 1 with key set A if I am no longer using that key set?

Thanks for assisting. I appreciate any and all help.

0 Kudos
Reply
4 REPLIES 4
Dennis Handly
Acclaimed Contributor

‎05-16-2013 12:59 PM

‎05-16-2013 12:59 PM

Re: Encryption Concepts

>how do I restore data from year 1 with key set A if I am no longer using that key set?

 

In general, you would need to keep all of the keys.

Unless by rekey (key rotation) they want you to decrypt with key A and encrypt with key B, each year.

0 Kudos
Reply
L1nklight
Valued Contributor

‎05-17-2013 08:17 AM

‎05-17-2013 08:17 AM

Re: Encryption Concepts

Thanks, I have a follow up question. How would I remove encryption from a tape? Let's say I wanted to format a tape (blank it) and just make it look like a brand new piece of media?

0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎05-17-2013 10:11 AM

‎05-17-2013 10:11 AM

Re: Encryption Concepts

>I wanted to format a tape (blank it) and just make it look like a brand new piece of media?

 

I assume there is no difference if it was encrypted or not.

0 Kudos
Reply
L1nklight
Valued Contributor

‎06-12-2013 11:31 AM

‎06-12-2013 11:31 AM

Re: Encryption Concepts

Say I want to use it in a Tape drive that did not have my hardware encryption keys. I basically want to get it as reasonably close to factory default as I can. 

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.