Flaws in SSD hardware encryption have been uncovered by researchers in the Netherlands. The study from Radboud University has exposed serious weak spots in hardware encryption, potentially leaving user data open to decryption by nefarious beings. The solution: turn hardware encryption off and get safer software.
The paper, authored by researchers Carlo Meijer and Bernard van Gastel, outlines some rather glaring issues with the hardware encryption employed across a handful of Samsung and Micron (Crucial) SSDs. These drives all offer on-drive encryption baked into the hardware itself. Encryption keys are subsequently stored solely on the drives, in theory creating a self-contained impenetrable lockbox.
But the reality is far from the theoretical implementation, according to the study. The encrypted drive requires a user with valid access (a password) to access the DEK (data encryption key) to subsequently decrypt and access the stored files within. However, as it turns out, anyone hoping to gain access to the drive without supplying the password can essentially bypass the password bit with a little firmware tweak and get straight to the decryption bit. Oops.
This essentially renders the whole encryption process obsolete on the affected drives. The study’s guinea pigs include: Samsung T3, T5, 840 Evo, and 850 Evo drives, and Crucial MX100, MX200, and MX300 drives.
These are affected to varying degrees, with the 840 and 850 Evo both notably standing up a little better than others. You can see the full list of drives and exact vulnerabilities within the study (PDF warning).
The hardware encryption flaws also has implications for Microsoft’s BitLocker. This is encryption software included with every Windows build intended to offer users ingrained data protection functionality within the OS. Due to the implementation of this software, when an SSD is capable of hardware encryption, BitLocker simply turns off all software-side encryption measures.
“The results presented in this paper show that one should not rely solely on hardware encryption as offered by SSDs for confidentiality,” the researchers say in the paper. “We recommend users that depend on hardware encryption implemented in SSDs to employ also a software full-disk encryption solution, preferably an open-source and audited one.”
Luckily, the researchers recommend a few mitigations. One is VeraCrypt: a free and open-source utility that is capable of cohabiting your PC alongside SSD-side hardware encryption. Another is to force BitLocker to utilise software encryption even if hardware-side measures are available. Be warned, however, this mitigation requires a full-reinstallation and reformat, so might not be ideal for users that don’t want to lose all their data.
Van Gastel, in a comment to The Register, outlines how the security standard the hardware vendors tried to meet, TCG Opal, is difficult to implement correctly. One potential avenue going forward would be to make a standardised security method simpler and easier to implement – which I’m sure is easier said than done.