• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

SSD the Next Frontier for Cybersecurity: Vulnerabilities Found with Native Encryption

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
46,283 (7.69/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
Compared to hard disk drives, the logic that makes solid-state drives (SSDs) tick is far more complex, involving a far more powerful SoC, complete with native storage, and sophisticated firmware that tells the controller where each bit of user data is physically stored across an array of NAND flash chips. Not surprisingly, the more sophisticated you make your SSD firmware, the more security vulnerabilities you leave, as cyber-security researchers at The Radboud University found out.

A research paper draft published by Carlo Meijer and Bernard van Gastel tells us that hardware data encryption technologies built into modern SSDs are easy to bypass and recover protected data, rendering technologies such as TCG Opal useless. Most modern SSDs offer native data encryption, which encrypts data using popular methods such as AES, without posing an overhead for the host machine. "We found that many hardware implementations [of native encryption] have critical security weaknesses, for many models allowing for complete recovery of the data without knowledge of any secret."



The team examines two of the most popular SSD brands, Crucial and Samsung, and their most popular client-segment products: MX100, MX200, MX300, 840 EVO, 850 EVO, T4, and T5 external. "For multiple models, it is possible to bypass the encryption entirely, allowing for a complete recovery of the data without any knowledge of passwords or keys. A pattern of critical issues across vendors indicates that the issues are not incidental but structural,' the researchers argue while naming the TCG Opal standard as being extremely hard to implement correctly, 'and that we should critically assess whether this process of standards engineering actually benefits security, and if not, how it can be improved," the paper reads.

Shortly after the publication of this draft, Samsung responded with an online notice asking customers to immediately switch to software encryption methods to secure their data while it begins to figure out the research and possibly release firmware updates in the near future.

You can access the current draft of the research paper here (PDF).

View at TechPowerUp Main Site
 

the54thvoid

Intoxicated Moderator
Staff member
Joined
Dec 14, 2009
Messages
12,378 (2.37/day)
Location
Glasgow - home of formal profanity
Processor Ryzen 7800X3D
Motherboard MSI MAG Mortar B650 (wifi)
Cooling be quiet! Dark Rock Pro 4
Memory 32GB Kingston Fury
Video Card(s) Gainward RTX4070ti
Storage Seagate FireCuda 530 M.2 1TB / Samsumg 960 Pro M.2 512Gb
Display(s) LG 32" 165Hz 1440p GSYNC
Case Asus Prime AP201
Audio Device(s) On Board
Power Supply be quiet! Pure POwer M12 850w Gold (ATX3.0)
Software W10
A quick read of the draft paper has two attack opportunities, both requiring physical access to the machine. Exploit, yes, but at least it's one that requires direct contact. The rest of the matter relies in firmware updates and parallel attack vectors to trick the system.
 
Joined
Sep 15, 2015
Messages
1,019 (0.33/day)
Location
Latvija
System Name Fujitsu Siemens, HP Workstation
Processor Athlon x2 5000+ 3.1GHz, i5 2400
Motherboard Asus
Memory 4GB Samsung
Video Card(s) rx 460 4gb
Storage 750 Evo 250 +2tb
Display(s) Asus 1680x1050 4K HDR
Audio Device(s) Pioneer
Power Supply 430W
Mouse Acme
Keyboard Trust
i store on other storage devices micro sd, flah drives, games movies on hdd + portable (many different things need different store disk) newer store anything on windows boot drive, because its changing all the time.
 
Joined
Nov 18, 2010
Messages
7,108 (1.46/day)
Location
Rīga, Latvia
System Name HELLSTAR
Processor AMD RYZEN 9 5950X
Motherboard ASUS Strix X570-E
Cooling 2x 360 + 280 rads. 3x Gentle Typhoons, 3x Phanteks T30, 2x TT T140 . EK-Quantum Momentum Monoblock.
Memory 4x8GB G.SKILL Trident Z RGB F4-4133C19D-16GTZR 14-16-12-30-44
Video Card(s) Sapphire Pulse RX 7900XTX + under waterblock.
Storage Optane 900P[W11] + WD BLACK SN850X 4TB + 750 EVO 500GB + 1TB 980PRO[FEDORA]
Display(s) Philips PHL BDM3270 + Acer XV242Y
Case Lian Li O11 Dynamic EVO
Audio Device(s) Sound Blaster ZxR
Power Supply Fractal Design Newton R3 1000W
Mouse Razer Basilisk
Keyboard Razer BlackWidow V3 - Yellow Switch
Software FEDORA 39 / Windows 11 insider
Simply screw it...

I have nothing to hide really... desktop users shoud not even care.
 
Joined
Sep 27, 2014
Messages
550 (0.16/day)
Those were targeted more for business or government environments, where full data encryption (storage) is almost a must today. If one of the sensitive laptops is stolen (just an example), then the economical damage can be immense.
The people that need encryption mostly use software encryption anyway, I don't know nobody that would trust hardware (especially if made in a different country).
 
Joined
Nov 28, 2013
Messages
8 (0.00/day)
Simply screw it...

I have nothing to hide really... desktop users shoud not even care.
Please post a complete list of the files that you have on your computer, including creation date, last modified and size. Thank you!
 
Joined
Dec 16, 2017
Messages
2,722 (1.19/day)
Location
Buenos Aires, Argentina
System Name System V
Processor AMD Ryzen 5 3600
Motherboard Asus Prime X570-P
Cooling Cooler Master Hyper 212 // a bunch of 120 mm Xigmatek 1500 RPM fans (2 ins, 3 outs)
Memory 2x8GB Ballistix Sport LT 3200 MHz (BLS8G4D32AESCK.M8FE) (CL16-18-18-36)
Video Card(s) Gigabyte AORUS Radeon RX 580 8 GB
Storage SHFS37A240G / DT01ACA200 / WD20EZRX / MKNSSDTR256GB-3DL / LG BH16NS40 / ST10000VN0008
Display(s) LG 22MP55 IPS Display
Case NZXT Source 210
Audio Device(s) Logitech G430 Headset
Power Supply Corsair CX650M
Mouse Microsoft Trackball Optical 1.0
Keyboard HP Vectra VE keyboard (Part # D4950-63004)
Software Whatever build of Windows 11 is being served in Dev channel at the time.
Benchmark Scores Corona 1.3: 3120620 r/s Cinebench R20: 3355 FireStrike: 12490 TimeSpy: 4624
Well, not that I care much. I never found how to implement hardware encryption on my SSDs.

Simply screw it...

I have nothing to hide really... desktop users shoud not even care.

Uhm, yeah... no offense but that's pretty silly these days. Anyone can be after your data, for whatever reasons.
 
Joined
Jul 5, 2013
Messages
25,559 (6.52/day)
Simply screw it... I have nothing to hide really... desktop users shoud not even care.
Having been the victim of identity fraud and having had to deal with the god-awful and expensive headache of setting things back in order, I can tell you that not guarding ones personal information like fort-knox is a fools errand and anyone not taking their personal data security seriously deserves the mess they will have to clean up.
 
Joined
Aug 14, 2012
Messages
225 (0.05/day)
System Name "Big E"
Processor I5 2400
Motherboard Intel DQ67OW
Cooling Scythe Samurai ZZ
Memory 4 X 2 Gb Kingmax 1333
Video Card(s) MSI RX470 gaming x 4gb
Storage samsung F3 500 GB
Display(s) Acer S271HLBbid
Case "Big E"
Power Supply Gembird 450 W
Mouse Generic
Keyboard Generic
Software W10 LTSC
Benchmark Scores Nothing worthy to mention
Another victory for NSA. Well done you sneaky bastards.
 
Joined
Jun 15, 2016
Messages
1,042 (0.37/day)
Location
Pristina
System Name My PC
Processor 4670K@4.4GHz
Motherboard Gryphon Z87
Cooling CM 212
Memory 2x8GB+2x4GB @2400GHz
Video Card(s) XFX Radeon RX 580 GTS Black Edition 1425MHz OC+, 8GB
Storage Intel 530 SSD 480GB + Intel 510 SSD 120GB + 2x500GB hdd raid 1
Display(s) HP envy 32 1440p
Case CM Mastercase 5
Audio Device(s) Sbz ZXR
Power Supply Antec 620W
Mouse G502
Keyboard G910
Software Win 10 pro
Just force use of software encryption in gpedit.msc until they "fix" ssd flaws.
 
Joined
Aug 14, 2012
Messages
225 (0.05/day)
System Name "Big E"
Processor I5 2400
Motherboard Intel DQ67OW
Cooling Scythe Samurai ZZ
Memory 4 X 2 Gb Kingmax 1333
Video Card(s) MSI RX470 gaming x 4gb
Storage samsung F3 500 GB
Display(s) Acer S271HLBbid
Case "Big E"
Power Supply Gembird 450 W
Mouse Generic
Keyboard Generic
Software W10 LTSC
Benchmark Scores Nothing worthy to mention
NSA wouldn't care about something like this, there much easier avenues for them to exploit.
not all informations travels the web,some gets stored forever on local storage, and its nice to know there is a easy way to get to it.Not to mention that everyone who is worried about security has locked down its system expecting an attack from the internet.
 
Joined
Nov 18, 2010
Messages
7,108 (1.46/day)
Location
Rīga, Latvia
System Name HELLSTAR
Processor AMD RYZEN 9 5950X
Motherboard ASUS Strix X570-E
Cooling 2x 360 + 280 rads. 3x Gentle Typhoons, 3x Phanteks T30, 2x TT T140 . EK-Quantum Momentum Monoblock.
Memory 4x8GB G.SKILL Trident Z RGB F4-4133C19D-16GTZR 14-16-12-30-44
Video Card(s) Sapphire Pulse RX 7900XTX + under waterblock.
Storage Optane 900P[W11] + WD BLACK SN850X 4TB + 750 EVO 500GB + 1TB 980PRO[FEDORA]
Display(s) Philips PHL BDM3270 + Acer XV242Y
Case Lian Li O11 Dynamic EVO
Audio Device(s) Sound Blaster ZxR
Power Supply Fractal Design Newton R3 1000W
Mouse Razer Basilisk
Keyboard Razer BlackWidow V3 - Yellow Switch
Software FEDORA 39 / Windows 11 insider
Having been the victim of identity fraud and having had to deal with the god-awful and expensive headache of setting things back in order, I can tell you that not guarding ones personal information like fort-knox is a fools errand and anyone not taking their personal data security seriously deserves the mess they will have to clean up.

I DO NOT keep anything on be PC that can be crucial. Nor I do stupid things. It is a gaming PC, for gaming, browsing and media. It means, screw it like for most of people. It contains useless data, that can be re downloaded at any moment. So for a home user such countermeasures are act of paranoia. With two factor authentication they can have even the passwords if they are salted or not.

Do backup to an offline harddrive even if you have something? So hard?

So keep in mind guys, Everything made by man can be broken, quit building sky castles and think from a mere consumer point not a tech enthusiast, the feature is seldom used, especially for these consumer drives. It is not enterprise/server area, where things like that matter, get real.
 
Joined
Jul 16, 2014
Messages
8,115 (2.29/day)
Location
SE Michigan
System Name Dumbass
Processor AMD Ryzen 7800X3D
Motherboard ASUS TUF gaming B650
Cooling Artic Liquid Freezer 2 - 420mm
Memory G.Skill Sniper 32gb DDR5 6000
Video Card(s) GreenTeam 4070 ti super 16gb
Storage Samsung EVO 500gb & 1Tb, 2tb HDD, 500gb WD Black
Display(s) 1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s) onboard (realtek?) - SPKRS:Logitech Z623 200w 2.1
Power Supply Corsair HX1000i
Mouse Steeseries Esports Wireless
Keyboard Corsair K100
Software windows 10 H
Benchmark Scores https://i.imgur.com/aoz3vWY.jpg?2
Joined
Jul 5, 2013
Messages
25,559 (6.52/day)
some gets stored forever on local storage
Example?

I DO NOT keep anything on be PC that can be crucial. Nor I do stupid things. It is a gaming PC, for gaming, browsing and media. It means, screw it like for most of people. It contains useless data, that can be re downloaded at any moment. So for a home user such countermeasures are act of paranoia. With two factor authentication they can have even the passwords if they are salted or not.

Do backup to an offline harddrive even if you have something? So hard?

So keep in mind guys, Everything made by man can be broken, quit building sky castles and think from a mere consumer point not a tech enthusiast, the feature is seldom used, especially for these consumer drives. It is not enterprise/server area, where things like that matter, get real.
Do as you will. Someone steals your identity, don't say you weren't warned.
 
Joined
Jun 28, 2017
Messages
34 (0.01/day)
The reason this is important is the discarded hardware. SSD or the PC (laptop) containing it can get broken and than discarded.
In that case the SSD can land in the hands of "bad" people who decode and check the data.
If the data is encrypted noone bothers descrypting it as that takes too long.
The real issue here is that people think it is encrypted so they just through the SSD into the recycling bin - however in reality the data is not encrypted.

I use the hammer approach. I recycle broken hardware but remove and destroy HDDs and SSDs before that. That is the safest. :)
 
Joined
Mar 13, 2018
Messages
68 (0.03/day)
A quick read of the draft paper has two attack opportunities, both requiring physical access to the machine. Exploit, yes, but at least it's one that requires direct contact. The rest of the matter relies in firmware updates and parallel attack vectors to trick the system.

Requiring physical access does not reduce the impact of this if that's what you are implying. Encryption of disks is exactly for that kind of data leakage. Its not to prevent hacking. Organizations encrypt their drives so if stolen, lost or otherwise the data cant be used.

I work in encryption and this is pretty bad. What you have to do disable hardware acceleration for Bitlocker or use software based policy encryption instead. Using a drive's built in SED will make you vulnerable if stolen.
 
Joined
Sep 7, 2017
Messages
3,244 (1.35/day)
System Name Grunt
Processor Ryzen 5800x
Motherboard Gigabyte x570 Gaming X
Cooling Noctua NH-U12A
Memory Corsair LPX 3600 4x8GB
Video Card(s) Gigabyte 6800 XT (reference)
Storage Samsung 980 Pro 2TB
Display(s) Samsung CFG70, Samsung NU8000 TV
Case Corsair C70
Power Supply Corsair HX750
Software Win 10 Pro
Requiring physical access does not reduce the impact of this if that's what you are implying. Encryption of disks is exactly for that kind of data leakage. Its not to prevent hacking. Organizations encrypt their drives so if stolen, lost or otherwise the data cant be used.

I work in encryption and this is pretty bad. What you have to do disable hardware acceleration for Bitlocker or use software based policy encryption instead. Using a drive's built in SED will make you vulnerable if stolen.

Do some drives tie in Bitlocker with the hardware encryption? I didn't even know you could do that. Mine (an Optane) apparently doesn't. It's either one or the other.
 
Joined
Aug 20, 2007
Messages
20,714 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
A quick read of the draft paper has two attack opportunities, both requiring physical access to the machine. Exploit, yes, but at least it's one that requires direct contact.

I mean pretty much all encryption on HDD is assuming direct HDD theft, which requires direct contact.

I don't know nobody that would trust hardware (especially if made in a different country).

A former employer of mine did. Most cloud vendors depend on it for "secure" instant drive erasure.
 
Joined
Mar 13, 2018
Messages
68 (0.03/day)
Do some drives tie in Bitlocker with the hardware encryption? I didn't even know you could do that. Mine (an Optane) apparently doesn't. It's either one or the other.

Yes, Bitlocker will detect if hardware encryption is available on the drive. It will defer the encryption to the hardware and will not encrypt at the software level.
 
Joined
Sep 7, 2017
Messages
3,244 (1.35/day)
System Name Grunt
Processor Ryzen 5800x
Motherboard Gigabyte x570 Gaming X
Cooling Noctua NH-U12A
Memory Corsair LPX 3600 4x8GB
Video Card(s) Gigabyte 6800 XT (reference)
Storage Samsung 980 Pro 2TB
Display(s) Samsung CFG70, Samsung NU8000 TV
Case Corsair C70
Power Supply Corsair HX750
Software Win 10 Pro
Yes, Bitlocker will detect if hardware encryption is available on the drive. It will defer the encryption to the hardware and will not encrypt at the software level.

Well, that's not an option on mine.. according to Intel themselves (it was an discussion I ran into on their boards not long ago actually.. seeking this very question out).
 
Joined
Aug 20, 2007
Messages
20,714 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
Well, that's not an option on mine.. according to Intel themselves (it was an discussion I ran into on their boards not long ago actually.. seeking this very question out).

You need support for the OPAL standard (what this article refers to, actually), which Xpoint drives lack right now.
 

Fx

Joined
Oct 31, 2008
Messages
1,332 (0.24/day)
Location
Portland, OR
Processor Ryzen 2600x
Motherboard ASUS ROG Strix X470-F Gaming
Cooling Noctua
Memory G.SKILL Flare X Series 16GB DDR4 3466
Video Card(s) EVGA 980ti FTW
Storage (OS)Samsung 950 Pro (512GB), (Data) WD Reds
Display(s) 24" Dell UltraSharp U2412M
Case Fractal Design Define R5
Audio Device(s) Sennheiser GAME ONE
Power Supply EVGA SuperNOVA 650 P2
Mouse Mionix Castor
Keyboard Deck Hassium Pro
Software Windows 10 Pro x64
Please post a complete list of the files that you have on your computer, including creation date, last modified and size. Thank you!

LOL. Anyone that makes the statement he did is absolutely naive about the history of personal privacy and exactly what it means.
 
Top