Tuesday, November 6th 2018

SSD the Next Frontier for Cybersecurity: Vulnerabilities Found with Native Encryption

Compared to hard disk drives, the logic that makes solid-state drives (SSDs) tick is far more complex, involving a far more powerful SoC, complete with native storage, and sophisticated firmware that tells the controller where each bit of user data is physically stored across an array of NAND flash chips. Not surprisingly, the more sophisticated you make your SSD firmware, the more security vulnerabilities you leave, as cyber-security researchers at The Radboud University found out.

A research paper draft published by Carlo Meijer and Bernard van Gastel tells us that hardware data encryption technologies built into modern SSDs are easy to bypass and recover protected data, rendering technologies such as TCG Opal useless. Most modern SSDs offer native data encryption, which encrypts data using popular methods such as AES, without posing an overhead for the host machine. "We found that many hardware implementations [of native encryption] have critical security weaknesses, for many models allowing for complete recovery of the data without knowledge of any secret."
The team examines two of the most popular SSD brands, Crucial and Samsung, and their most popular client-segment products: MX100, MX200, MX300, 840 EVO, 850 EVO, T4, and T5 external. "For multiple models, it is possible to bypass the encryption entirely, allowing for a complete recovery of the data without any knowledge of passwords or keys. A pattern of critical issues across vendors indicates that the issues are not incidental but structural,' the researchers argue while naming the TCG Opal standard as being extremely hard to implement correctly, 'and that we should critically assess whether this process of standards engineering actually benefits security, and if not, how it can be improved," the paper reads.

Shortly after the publication of this draft, Samsung responded with an online notice asking customers to immediately switch to software encryption methods to secure their data while it begins to figure out the research and possibly release firmware updates in the near future.

You can access the current draft of the research paper here (PDF).
Add your own comment

23 Comments on SSD the Next Frontier for Cybersecurity: Vulnerabilities Found with Native Encryption

#1
the54thvoid
A quick read of the draft paper has two attack opportunities, both requiring physical access to the machine. Exploit, yes, but at least it's one that requires direct contact. The rest of the matter relies in firmware updates and parallel attack vectors to trick the system.
Posted on Reply
#2
Readlight
i store on other storage devices micro sd, flah drives, games movies on hdd + portable (many different things need different store disk) newer store anything on windows boot drive, because its changing all the time.
Posted on Reply
#3
Ferrum Master
Simply screw it...

I have nothing to hide really... desktop users shoud not even care.
Posted on Reply
#4
SoNic67
Those were targeted more for business or government environments, where full data encryption (storage) is almost a must today. If one of the sensitive laptops is stolen (just an example), then the economical damage can be immense.
The people that need encryption mostly use software encryption anyway, I don't know nobody that would trust hardware (especially if made in a different country).
Posted on Reply
#5
John Doe
"Ferrum Master said:
Simply screw it...

I have nothing to hide really... desktop users shoud not even care.
Please post a complete list of the files that you have on your computer, including creation date, last modified and size. Thank you!
Posted on Reply
#6
windwhirl
Well, not that I care much. I never found how to implement hardware encryption on my SSDs.

"Ferrum Master said:
Simply screw it...

I have nothing to hide really... desktop users shoud not even care.
Uhm, yeah... no offense but that's pretty silly these days. Anyone can be after your data, for whatever reasons.
Posted on Reply
#7
lexluthermiester
"Ferrum Master said:
Simply screw it... I have nothing to hide really... desktop users shoud not even care.
Having been the victim of identity fraud and having had to deal with the god-awful and expensive headache of setting things back in order, I can tell you that not guarding ones personal information like fort-knox is a fools errand and anyone not taking their personal data security seriously deserves the mess they will have to clean up.
Posted on Reply
#8
MyTechAddiction
Another victory for NSA. Well done you sneaky bastards.
Posted on Reply
#9
lexluthermiester
"MyTechAddiction said:
Another victory for NSA. Well done you sneaky bastards.
NSA wouldn't care about something like this, there much easier avenues for them to exploit.
Posted on Reply
#10
kastriot
Just force use of software encryption in gpedit.msc until they "fix" ssd flaws.
Posted on Reply
#11
MyTechAddiction
"lexluthermiester said:
NSA wouldn't care about something like this, there much easier avenues for them to exploit.
not all informations travels the web,some gets stored forever on local storage, and its nice to know there is a easy way to get to it.Not to mention that everyone who is worried about security has locked down its system expecting an attack from the internet.
Posted on Reply
#12
Ferrum Master
"lexluthermiester said:
Having been the victim of identity fraud and having had to deal with the god-awful and expensive headache of setting things back in order, I can tell you that not guarding ones personal information like fort-knox is a fools errand and anyone not taking their personal data security seriously deserves the mess they will have to clean up.
I DO NOT keep anything on be PC that can be crucial. Nor I do stupid things. It is a gaming PC, for gaming, browsing and media. It means, screw it like for most of people. It contains useless data, that can be re downloaded at any moment. So for a home user such countermeasures are act of paranoia. With two factor authentication they can have even the passwords if they are salted or not.

Do backup to an offline harddrive even if you have something? So hard?

So keep in mind guys, Everything made by man can be broken, quit building sky castles and think from a mere consumer point not a tech enthusiast, the feature is seldom used, especially for these consumer drives. It is not enterprise/server area, where things like that matter, get real.
Posted on Reply
#13
DeathtoGnomes
"kastriot said:
Just force use of software encryption in gpedit.msc until they "fix" ssd flaws.
Windows Home doesnt have access to the group policy editor, but it can be installed.

Install GPedit.msc on Win10Home. I've had to use this in the past, not sure if its still valid. :oops:
Posted on Reply
#14
lexluthermiester
"MyTechAddiction said:
some gets stored forever on local storage
Example?

"Ferrum Master said:
I DO NOT keep anything on be PC that can be crucial. Nor I do stupid things. It is a gaming PC, for gaming, browsing and media. It means, screw it like for most of people. It contains useless data, that can be re downloaded at any moment. So for a home user such countermeasures are act of paranoia. With two factor authentication they can have even the passwords if they are salted or not.

Do backup to an offline harddrive even if you have something? So hard?

So keep in mind guys, Everything made by man can be broken, quit building sky castles and think from a mere consumer point not a tech enthusiast, the feature is seldom used, especially for these consumer drives. It is not enterprise/server area, where things like that matter, get real.
Do as you will. Someone steals your identity, don't say you weren't warned.
Posted on Reply
#15
Jozsef Dornyei
The reason this is important is the discarded hardware. SSD or the PC (laptop) containing it can get broken and than discarded.
In that case the SSD can land in the hands of "bad" people who decode and check the data.
If the data is encrypted noone bothers descrypting it as that takes too long.
The real issue here is that people think it is encrypted so they just through the SSD into the recycling bin - however in reality the data is not encrypted.

I use the hammer approach. I recycle broken hardware but remove and destroy HDDs and SSDs before that. That is the safest. :-)
Posted on Reply
#16
lexluthermiester
"Jozsef Dornyei said:
I recycle broken hardware but remove and destroy HDDs and SSDs before that. That is the safest. :)
With hard drives a 3 stage full wipe makes data unrecoverable. With SSD's a single stage wipe is all you need. It's waste to throw them away.
Posted on Reply
#17
srsbsns
"the54thvoid said:
A quick read of the draft paper has two attack opportunities, both requiring physical access to the machine. Exploit, yes, but at least it's one that requires direct contact. The rest of the matter relies in firmware updates and parallel attack vectors to trick the system.
Requiring physical access does not reduce the impact of this if that's what you are implying. Encryption of disks is exactly for that kind of data leakage. Its not to prevent hacking. Organizations encrypt their drives so if stolen, lost or otherwise the data cant be used.

I work in encryption and this is pretty bad. What you have to do disable hardware acceleration for Bitlocker or use software based policy encryption instead. Using a drive's built in SED will make you vulnerable if stolen.
Posted on Reply
#18
StrayKAT
"srsbsns said:
Requiring physical access does not reduce the impact of this if that's what you are implying. Encryption of disks is exactly for that kind of data leakage. Its not to prevent hacking. Organizations encrypt their drives so if stolen, lost or otherwise the data cant be used.

I work in encryption and this is pretty bad. What you have to do disable hardware acceleration for Bitlocker or use software based policy encryption instead. Using a drive's built in SED will make you vulnerable if stolen.
Do some drives tie in Bitlocker with the hardware encryption? I didn't even know you could do that. Mine (an Optane) apparently doesn't. It's either one or the other.
Posted on Reply
#19
R-T-B
"the54thvoid said:
A quick read of the draft paper has two attack opportunities, both requiring physical access to the machine. Exploit, yes, but at least it's one that requires direct contact.
I mean pretty much all encryption on HDD is assuming direct HDD theft, which requires direct contact.

"SoNic67 said:
I don't know nobody that would trust hardware (especially if made in a different country).
A former employer of mine did. Most cloud vendors depend on it for "secure" instant drive erasure.
Posted on Reply
#20
srsbsns
"StrayKAT said:
Do some drives tie in Bitlocker with the hardware encryption? I didn't even know you could do that. Mine (an Optane) apparently doesn't. It's either one or the other.
Yes, Bitlocker will detect if hardware encryption is available on the drive. It will defer the encryption to the hardware and will not encrypt at the software level.
Posted on Reply
#21
StrayKAT
"srsbsns said:
Yes, Bitlocker will detect if hardware encryption is available on the drive. It will defer the encryption to the hardware and will not encrypt at the software level.
Well, that's not an option on mine.. according to Intel themselves (it was an discussion I ran into on their boards not long ago actually.. seeking this very question out).
Posted on Reply
#22
R-T-B
"StrayKAT said:
Well, that's not an option on mine.. according to Intel themselves (it was an discussion I ran into on their boards not long ago actually.. seeking this very question out).
You need support for the OPAL standard (what this article refers to, actually), which Xpoint drives lack right now.
Posted on Reply
#23
Fx
"John Doe said:
Please post a complete list of the files that you have on your computer, including creation date, last modified and size. Thank you!
LOL. Anyone that makes the statement he did is absolutely naive about the history of personal privacy and exactly what it means.
Posted on Reply
Add your own comment