Researchers Break Full-Disk Encryption of Popular SSDs
7.11.2018 securityweek Safety
The encryption mechanism used by several types of solid state drives contains vulnerabilities that an attacker could exploit to access encrypted data without knowing a password.
The issues were discovered by Carlo Meijer and Bernard van Gastel from the Radboud University in the Netherlands and impact popular drives from Samsung and Crucial. The bugs impact both internal and external drives, the researchers explain in a paper (PDF).
Hardware encryption is meant to address weaknesses in software encryption and is performed on the drive itself, usually through a dedicated AES co-processor, with the drive’s firmware in charge of key management.
Full-disk encryption software could even switch off when hardware encryption is available, and rely solely on the latter. This is what Microsoft Windows’ BitLocker does, meaning that the data is not encrypted at all if hardware encryption fails.
When it comes to the implementation of a full-disk encryption scheme, there are pitfalls that should be avoided, such as not linking the user password and the disk encryption key (DEK), using a single DEK for the entire disk, or not using enough entropy in randomly generated DEKs.
Wear levelling could also prove an issue, if the DEK is initially stored unprotected and not overwritten after encryption. Similarly, DEVSLP (device sleep) could prove problematic, if the drive writes its internal state to non-volatile memory and the memory is not erased upon wake-up, as it would allow an attacker to extract the DEK from the last stored state.
The researchers investigated the security of various popular SSD models and discovered that their encryption schemes are impacted by one or more of these issues.
Crucial MX100 and MX200, for example, lack cryptographic binding between password and DEK, meaning that decryption is possible without actually providing the user-password. This is true for both ATA security and Opal standard implementations that are supported by the models.
“The scheme is essentially equivalent to no encryption, as the encryption key does not depend on secrets,” the researchers note.
The drives also support a series of vendor-specific commands that engineers use to interact with the device, but which need to be unlocked first. However, the researchers discovered it was trivial to unlock these commands, which allows for code execution on the device.
On the Samsung 840 EVO, a SATA SSD released in 2013, the ATA password may be cryptographically bound to the DEK, and no weakness was identified in the TCG Opal implementation, the researchers say. However, it would be possible to recover the DEK due to the wear levelling mechanism.
However, the ATA security mechanism can be tricked into revealing the drive content, and the issue was also found to impact the Samsung 850 EVO (released in 2014). The newer model isn’t vulnerable to the wear levelling attack either, and no weaknesses were found in the TCG Opal implementation either.
On the Samsung T3 USB external disk, however, there was no cryptographic binding between password and DEK, an issue present on the Samsung T5 portable as well.
“The results presented in this paper show that one should not rely solely on hardware encryption as offered by SSDs for confidentiality. We recommend users that depend on hardware encryption implemented in SSDs to employ also a software full-disk encryption solution, preferably an open-source and audited one,” the researchers note.
“A pattern of critical issues across vendors indicates that the issues are not incidental but structural, and that we should critically assess whether this process of standards engineering actually benefits security, and if not, how it can be improved,” they also point out.
The vulnerabilities were reported to the affected vendors half a year ago but made public only now. Samsung has publicly acknowledged the flaws and also issued firmware updates to address them on the portable SSDs.