Security

Your Data Might Be At Risk Even In Encrypted Drives, Researchers Find Major Vulnerabilities In Hardware Encryption Present In Some SSDs

This year we have seen a lot of activism on user data and privacy. The Facebook fiasco also happened along with tons of malware and zero-day attacks, which had a very big impact in the global Cybersecurity space. This shows how vulnerable data is and how damaging it can be if it falls into the wrong hands.

One of the most common ways of protecting personal data is to use encrypted storage devices. But researchers Carlo Meijer and Bernard van Gastel from Radboud University were able to find vulnerabilities in the encryption of SSDs provided by manufacturers. They tested for vulnerabilities in the Crucial MX100, MX200 and MX300 Solid State Drives. For Samsung they used the EVO 840, EVO 850, T3 and T4 Solid State Drives.

Vulnerabilities In tested drives
Vulnerabilities In tested drives Source – TheHackerNews

The chart above shows the vulnerabilities tested, the ticks show the tested drive passed, but the cross implies a vulnerability. The attacker can also use the JTAG debugging interface to change the password validation routine in RAM and bypass the decryption. Although drives with disabled JTAG ports won’t be vulnerable, as in the case of the Crucial MX300.

Both the Samsung EVO drives show vulnerabilities in ATA security. But the EVO 840 shows additional vulnerability in the wear leveling function. ATA security makes the drive faster as its encrypted by the controller, but locked data can be unlocked with a compromised firmware.

Wear Levelling can be helpful

Wear leveling is used to prolong the life of an SSD. Flash controllers of drives use an algorithm to determine in which block data should be stored, this reduces wear on specific blocks on the SSD. But like any drive, data isn’t completely erased until its overwritten, thus the unprotected variant of the DEK (disk encryption key) can still be retrieved.

Both Samsung and Crucial were notified before the researchers went public with their findings. Crucial released a firmware update to address these issues. Even Samsung pushed updates in their portable T4 and T5 SSDs, but for the EVO drives they recommended Samsung’s own Software encryption app.

The BitLocker Problem

Hardware-level encryption has never been very reliable. Especially the ones coming from manufacturers, as some of them leave intentional backdoors for data recovery. Software level encryption is way more reliable, more so from the free software companies with their source codes being public.

Talking about software, BitLocker is a full-disk encryption software offered by Windows. Although the researchers show its very unreliable. It uses the hardware encryption present on the drives by default, thus the vulnerabilities remain. The researchers state “BitLocker, the encryption software built into Microsoft Windows, can make this kind of switch to hardware encryption but offers the affected disks no effective protection in these cases. Software encryption built into other operating systems (such as macOS, iOS, Android, and Linux) seems to be unaffected if it does not perform this switch.” This can be fixed by forcing software encryption on BitLocker.

You can read the source article and detailed research here.

Close