• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

SSD the Next Frontier for Cybersecurity: Vulnerabilities Found with Native Encryption

btarunr

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,670 (7.43/day)
Location
Dublin, Ireland
System Specs
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard Gigabyte B550 AORUS Elite V2
Cooling DeepCool Gammax L240 V2
Memory 2x 16GB DDR4-3200
Video Card(s) Galax RTX 4070 Ti EX
Storage Samsung 990 1TB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
Compared to hard disk drives, the logic that makes solid-state drives (SSDs) tick is far more complex, involving a far more powerful SoC, complete with native storage, and sophisticated firmware that tells the controller where each bit of user data is physically stored across an array of NAND flash chips. Not surprisingly, the more sophisticated you make your SSD firmware, the more security vulnerabilities you leave, as cyber-security researchers at The Radboud University found out.

A research paper draft published by Carlo Meijer and Bernard van Gastel tells us that hardware data encryption technologies built into modern SSDs are easy to bypass and recover protected data, rendering technologies such as TCG Opal useless. Most modern SSDs offer native data encryption, which encrypts data using popular methods such as AES, without posing an overhead for the host machine. "We found that many hardware implementations [of native encryption] have critical security weaknesses, for many models allowing for complete recovery of the data without knowledge of any secret."



The team examines two of the most popular SSD brands, Crucial and Samsung, and their most popular client-segment products: MX100, MX200, MX300, 840 EVO, 850 EVO, T4, and T5 external. "For multiple models, it is possible to bypass the encryption entirely, allowing for a complete recovery of the data without any knowledge of passwords or keys. A pattern of critical issues across vendors indicates that the issues are not incidental but structural,' the researchers argue while naming the TCG Opal standard as being extremely hard to implement correctly, 'and that we should critically assess whether this process of standards engineering actually benefits security, and if not, how it can be improved," the paper reads.

Shortly after the publication of this draft, Samsung responded with an online notice asking customers to immediately switch to software encryption methods to secure their data while it begins to figure out the research and possibly release firmware updates in the near future.

You can access the current draft of the research paper here (PDF).

View at TechPowerUp Main Site
 
A quick read of the draft paper has two attack opportunities, both requiring physical access to the machine. Exploit, yes, but at least it's one that requires direct contact. The rest of the matter relies in firmware updates and parallel attack vectors to trick the system.
 
i store on other storage devices micro sd, flah drives, games movies on hdd + portable (many different things need different store disk) newer store anything on windows boot drive, because its changing all the time.
 
Simply screw it...

I have nothing to hide really... desktop users shoud not even care.
 
Those were targeted more for business or government environments, where full data encryption (storage) is almost a must today. If one of the sensitive laptops is stolen (just an example), then the economical damage can be immense.
The people that need encryption mostly use software encryption anyway, I don't know nobody that would trust hardware (especially if made in a different country).
 
Well, not that I care much. I never found how to implement hardware encryption on my SSDs.

Ferrum Master said:
Simply screw it...

I have nothing to hide really... desktop users shoud not even care.
Click to expand...

Uhm, yeah... no offense but that's pretty silly these days. Anyone can be after your data, for whatever reasons.
 
Ferrum Master said:
Simply screw it... I have nothing to hide really... desktop users shoud not even care.
Click to expand...
Having been the victim of identity fraud and having had to deal with the god-awful and expensive headache of setting things back in order, I can tell you that not guarding ones personal information like fort-knox is a fools errand and anyone not taking their personal data security seriously deserves the mess they will have to clean up.
 
Another victory for NSA. Well done you sneaky bastards.
 
Just force use of software encryption in gpedit.msc until they "fix" ssd flaws.
 
lexluthermiester said:
NSA wouldn't care about something like this, there much easier avenues for them to exploit.
Click to expand...
not all informations travels the web,some gets stored forever on local storage, and its nice to know there is a easy way to get to it.Not to mention that everyone who is worried about security has locked down its system expecting an attack from the internet.
 
lexluthermiester said:
Having been the victim of identity fraud and having had to deal with the god-awful and expensive headache of setting things back in order, I can tell you that not guarding ones personal information like fort-knox is a fools errand and anyone not taking their personal data security seriously deserves the mess they will have to clean up.
Click to expand...

I DO NOT keep anything on be PC that can be crucial. Nor I do stupid things. It is a gaming PC, for gaming, browsing and media. It means, screw it like for most of people. It contains useless data, that can be re downloaded at any moment. So for a home user such countermeasures are act of paranoia. With two factor authentication they can have even the passwords if they are salted or not.

Do backup to an offline harddrive even if you have something? So hard?

So keep in mind guys, Everything made by man can be broken, quit building sky castles and think from a mere consumer point not a tech enthusiast, the feature is seldom used, especially for these consumer drives. It is not enterprise/server area, where things like that matter, get real.
 
MyTechAddiction said:
some gets stored forever on local storage
Click to expand...
Example?

Ferrum Master said:
I DO NOT keep anything on be PC that can be crucial. Nor I do stupid things. It is a gaming PC, for gaming, browsing and media. It means, screw it like for most of people. It contains useless data, that can be re downloaded at any moment. So for a home user such countermeasures are act of paranoia. With two factor authentication they can have even the passwords if they are salted or not.

Do backup to an offline harddrive even if you have something? So hard?

So keep in mind guys, Everything made by man can be broken, quit building sky castles and think from a mere consumer point not a tech enthusiast, the feature is seldom used, especially for these consumer drives. It is not enterprise/server area, where things like that matter, get real.
Click to expand...
Do as you will. Someone steals your identity, don't say you weren't warned.
 
The reason this is important is the discarded hardware. SSD or the PC (laptop) containing it can get broken and than discarded.
In that case the SSD can land in the hands of "bad" people who decode and check the data.
If the data is encrypted noone bothers descrypting it as that takes too long.
The real issue here is that people think it is encrypted so they just through the SSD into the recycling bin - however in reality the data is not encrypted.

I use the hammer approach. I recycle broken hardware but remove and destroy HDDs and SSDs before that. That is the safest. :-)
 
the54thvoid said:
A quick read of the draft paper has two attack opportunities, both requiring physical access to the machine. Exploit, yes, but at least it's one that requires direct contact. The rest of the matter relies in firmware updates and parallel attack vectors to trick the system.
Click to expand...

Requiring physical access does not reduce the impact of this if that's what you are implying. Encryption of disks is exactly for that kind of data leakage. Its not to prevent hacking. Organizations encrypt their drives so if stolen, lost or otherwise the data cant be used.

I work in encryption and this is pretty bad. What you have to do disable hardware acceleration for Bitlocker or use software based policy encryption instead. Using a drive's built in SED will make you vulnerable if stolen.
 
srsbsns said:
Requiring physical access does not reduce the impact of this if that's what you are implying. Encryption of disks is exactly for that kind of data leakage. Its not to prevent hacking. Organizations encrypt their drives so if stolen, lost or otherwise the data cant be used.

I work in encryption and this is pretty bad. What you have to do disable hardware acceleration for Bitlocker or use software based policy encryption instead. Using a drive's built in SED will make you vulnerable if stolen.
Click to expand...

Do some drives tie in Bitlocker with the hardware encryption? I didn't even know you could do that. Mine (an Optane) apparently doesn't. It's either one or the other.
 
the54thvoid said:
A quick read of the draft paper has two attack opportunities, both requiring physical access to the machine. Exploit, yes, but at least it's one that requires direct contact.
Click to expand...

I mean pretty much all encryption on HDD is assuming direct HDD theft, which requires direct contact.

SoNic67 said:
I don't know nobody that would trust hardware (especially if made in a different country).
Click to expand...

A former employer of mine did. Most cloud vendors depend on it for "secure" instant drive erasure.
 
StrayKAT said:
Do some drives tie in Bitlocker with the hardware encryption? I didn't even know you could do that. Mine (an Optane) apparently doesn't. It's either one or the other.
Click to expand...

Yes, Bitlocker will detect if hardware encryption is available on the drive. It will defer the encryption to the hardware and will not encrypt at the software level.
 
srsbsns said:
Yes, Bitlocker will detect if hardware encryption is available on the drive. It will defer the encryption to the hardware and will not encrypt at the software level.
Click to expand...

Well, that's not an option on mine.. according to Intel themselves (it was an discussion I ran into on their boards not long ago actually.. seeking this very question out).
 
StrayKAT said:
Well, that's not an option on mine.. according to Intel themselves (it was an discussion I ran into on their boards not long ago actually.. seeking this very question out).
Click to expand...

You need support for the OPAL standard (what this article refers to, actually), which Xpoint drives lack right now.
 
John Doe said:
Please post a complete list of the files that you have on your computer, including creation date, last modified and size. Thank you!
Click to expand...

LOL. Anyone that makes the statement he did is absolutely naive about the history of personal privacy and exactly what it means.
 
You must log in or register to reply here.
Back
Top