Think your SSD offers rock-solid encryption? Here’s why it’s time to think again…

The value of encryption is hard to overestimate. When it works, it means that even if your data is accessed without authorisation, it cannot be read (and by extension, cannot be exploited) by the attacker; something that makes encryption an essential layer of defence for anyone who’s serious about IT security.

So how should you go about encrypting the data stored on your devices? Well, these days, security-savvy buyers have been gravitating towards self-encrypting drives (SEDs) – and it’s easy to see why. With these, every data file that goes onto the drive gets encrypted automatically at hardware level. It’s fast, effective – and doesn’t involve any additional software. What’s not to love?

There’s just one killer flaw: researchers have just discovered that if you have access to the targeted device (along with just a little bit of technical know-how), for many SEDs, it’s possible to bypass the hardware encryption altogether.

Here’s a closer look at the vulnerabilities – and at what you can do to guard against it…

Self-encrypting solid state drives: what are we talking about?

First off, a word about device storage and the choice between Hard Disk Drive (HDD) and Solid State Drive (SSD) components…

  • It wasn’t so long ago that Solid State Drives (SSDs) were the preserve of power users. But as the price of SSDs has fallen, it’s now the case that if you want quick, reliable performance from a laptop or PC, SSD is an increasingly affordable option (even if you have an entire workforce to kit out).
  • If you go for SSD, the choice is usually dictated by performance-related reasons (in particular, boot-up time, copy/write speeds, file & program opening speeds all tend to be that much quicker). At the same time, wearing your security hat, you should also be seriously considering Full Disk Encryption to protect the data stored on devices. As it happens, many SSDs (e.g. Samsung’s popular Evo 840, 850 and 860 ranges) are also self-encrypting drives.

How SEDs work

With these, the encryption process is carried out with the use of a unique and random Data Encryption Key (DEK). When data is written to the drive, the DEK encrypts it – and the same DEK decrypts it when the data needs to be read by an authorised user.

Access is controlled via an Authentication Key (AK): a form of password authentication that locks the drive until the correct key is entered.

So what’s the problem?

Researchers at Radboud University in the Netherlands have recently uncovered what they refer to as “a pattern of critical issues” that affect SEDs on sale from various vendors. You can view the full paper here. Crucially, their research has shown that in many popular self-encrypting SSDs, it is possible to bypass the encryption entirely, meaning that in theory, you can access the data, even if you don’t have access to the authentication key.

Which SSDs are affected?

The researchers were able to successfully attack the following SSD models:

  • Crucial MX100, MX200 and MX300
  • Samsung Samsung 840 EVO, 850 EVO, T3 Portable and T5 Portable

The researchers point out, however, that this was not a full-market test. Many other SSDs may also be exposed.

What are the specific vulnerabilities?

Summarising the issues found, one of the researchers tweeted, likening the situation to “leaving the keys to the safe, under the safe”. The main vulnerabilities were as follows:

  • No proper link between the DEK and the AK. The researchers said they were able to connect to the drive’s debug interface on its circuit board. This gave them direct access to the drive’s firmware, enabling them to modify the password-checking routine to accept any passphrase.
  • A blank master password by default. With the Crucial MX 300 SSD, the researchers found that the device’s master password was set as an empty string by default. If this remained unaltered, it meant that the data could be unlocked simply by submitting an empty field!

There’s more: issues with BitLocker

BitLocker is Windows’ proprietary inbuilt encryption software. The researchers highlighted a problem relating to the way in which BitLocker interacts with SEDs. Basically, where hardware-based encryption is available, BitLocker uses this by default – in place of its own software-based encryption process.

So if your SSD is vulnerable, then even if you have BitLocker running, your data is still exposed.

How to deal with the problem

For the BitLocker issue, you can change the default setting and instruct the program to use software-based encryption only. This is done by accessing the Local Group Policy Editor (enter “gpedit.msc” in the Run dialog. Navigate to “Computer Configuration/Administrative Templates/Windows Components/BitLocker Drive Encryption. Double click on “Configure use of hardware-based encryption for fixed data drives – and select “Disabled”.

As an alternative to BitLocker, you can also use the open source ​VeraCrypt​ tool for ​encryption. (Unlike BitLocker, this can also be used on Windows Home editions).

For its EVO drives, Samsung now recommends installing encryption software. Crucial has already released patches for its affected drives – as has Samsung for its T3 and T5 SSD models.

I have always been concerned about possible flaws in SSD encryption, so have always been recommending open source software encryption like VeraCrypt​ instead of SSD encryption, where the code has been audited.

The message is clear: consider using full disk encryption at the software level – and always keep on top of your patch updates.

CATEGORIES
  • Mildo says:

    Very very thankful man! Prety good tip!

    Mildo

  • rancis Bentum says:

    Powerful lecturer

  • Grigol says:

    Thank you for usedul information.
    I have 850 EVO :(. At least I know now that I’m not so secured as was stated.

  • Roland says:

    Thank you, Nathan. Quick and precise as always. 🙂

  • Brandon says:

    Thanks for the information Nathan as well as the VeraCrypt recommendation. Can you recommend a public-key encryption software as well?

    Regards,
    Brandon

    • Nathan House says:

      What do you want to use the public-key encryption software for?

      • Brandon says:

        For emails mostly and I also will probably use it for digital signing/authentication. Encryption is completely new to me and as I am in course 1 I want to get started with something, but not sure what is trustworthy. Since I posted my original comment I have tried out GPG4win because it was open source.

        Regards,
        Brandon

  • Gian says:

    Thank you for the heads up Mr. House.

  • Stef3 says:

    Thank you for the heads up. Not happy to hear that, the main reason for me to go with hardware based full disk encryption is that it is faster than software based, or at least not atrociously slow. So back to veracrypt, or pretend I did not read your alert

    • Nathan House says:

      Using SSD encryption is a risk as it’s not gone through the rigor of public security testing other solutions have.

  • Harry says:

    Thank you Nathan. This is a great thread about SSD and SED’s

  • Zen says:

    Thanks Nathan

  • KingJump says:

    Nathen, always surprise me with your alerts. Happy i click the link of your YouTube course that day. Thanks is not enough for what your passion an knowledge of CS has done for me and others.

    Mr. A, MSIT, IAS

  • Karmender says:

    Thanks Mr.Nathan for this information.

  • Dave says:

    Thanks for the information, Nathan. As always you keep us up to date on security issues, much appreciated.

  • Margarita karachristou says:

    Thank you for sharing those info! Amazing lecturer though!

  • Ladislav says:

    Thank you for the information.

    Do you have any link with information on what impact does it have to use software vs hardware based Bitlocker encryption on Samsung SSD HDDs?

    And do you know if I make a change to existing Bitlocker encrypted SSD hardrives with hardware encryption method to Disable using group policy and force the drives to use software based encryption method if they will re-encrypt?
    Or if I have to remove encryption first and then redeploy the encryption using group policy to use software based encryption method?

    Thank you,

    Ladislav

  • mehdi smichi says:

    thanks nathan for these awesome updates !

  • mehdi smichi says:

    thanks nathan for these awesome updates

  • Matteo says:

    Thanks for this value update. Just thinking about implementing Bitlocker on my laptop…

  • Yuri says:

    Nice and very useful post!!
    Thanks Nathan!

  • Mohammad Noba says:

    Great Job , always your subjects are useful and real ideas. Keep going .

  • Misael says:

    Very beneficial and educational.
    Thank you so much

  • Matias says:

    Nathan, what is a good and more secure Encryption and Hash Algorithm ? for use with VeraCrypt or other software?

    Thanks

  • Michael Dube says:

    You are Awesome Sir. Thank you for all you do to keep us updated. Awesome instructor as well.

  • Deepak Prasad Landigi says:

    Thank you for information, Nathan

  • SANDY says:

    Could you put more information on TPM(Trusted Platform Module) devices

    • Nathan House says:

      This is covered on The Complete Cyber Security course. Volume 4. Doesn’t really relate to this article though.

  • guest says:

    I use bitlocker primarily to separate my different Windows installations, so that I can run one in more risky ways, watch videos on sites loaded with adware, download torrents and whatever, and I take less a risk of some malware being able to write something malicious to my other installations.

  • 8Mile says:

    Nice Lecture! Thanks for this informations.

    I’m running BITdefender on macOS.

    Is it useless or even worse harmful??

    Thank you.

  • Ronald Perrier says:

    Usefull Information, I didn`t know SED existed and they are vulnerable, the alternative to Bit Locker is also interesting and the solution to Bit Locker vulnerability is amazing

  • ThaCrip says:

    A quick question about a Samsung 850 EVO… if someone issues a “secure erase” on the drive, there is no way this flaw would effect that correct? ; in that once the Secure Erase command is issued, all data on it prior to that point is not recoverable, correct?

    • Nathan House says:

      In theory it should work yes unless there is a bug. To be double safe encrypt the drive again with something like Veracrypt and loose the key.

  • Alvin says:

    This is certainly eye-opening, and very surprising as I was relying on hardware SSD encryption for a while.
    You mentioned that Crucial has released patches for their drives. Does that mean that the problem is solved at least for the Crucial SEDs?? Thanks.

    • Nathan House says:

      It means that the vulnerability that was discovered at the time was fixed. Might there be others? Yes. The message is to be careful if you think SSD encryption can be relied upon. Maybe use something like veracrypt which has had more testing on it. Or both.

  • Alishia says:

    Nathan, does this mean that the root cause of the problem resides in how vendors have implemented hardware-level encryption specifications?

  • kc73 says:

    Hi Nathan Excellent article. Your advice on disabling the hardware-based encryption for fixed data drives is duly noted but I note that accessing the Local Group Policy Editor and then Configure use of hardware-based encryption – this option reads as “NOT CONFIGURED” and in the explanatory notes under the “help” it further states that “If you do not configure this policy setting, BitLocker will use software-based encryption irrespective of hardware-based encryption availability.”

    So does that mean that I should leave this option “as-is” to “NOT CONFIGURED” setting? Because this is what we essentially want Bitlocker to do that this “not use hardware-based encryption – correct?

    I have couple of internal SSD’s already encrypted by bitlocker and I’m afraid if I select “Disabled” option I may need to re-do the encryption and then encrypt it again

    Pleased to hear

    thanks/kc

  • >