Researchers said that the hardware encryption of SSD solid state drives can be bypassed

Often SSD vendors offer hardware encryption when they make their products, but researchers have found that hardware encryption can be bypassed even without a password.

Two Researchers, Carlo Meijer and Bernard van Gastel from Radboud University published an analysis report on the weaknesses of SSD encryption, and they successfully bypassed password verification.

The tested products include the MX100/MX200/MX300 from Crucial and the 840EVO/850EVO and Samsung T3/T5 mobile hard drives from Samsung.

Reverse engineering for SSD encryption:

The researchers reverse-engineered several fully-encrypted SSD firmware and found that there were serious security vulnerabilities in this firmware that could be decrypted entirely.

To bypass the decryption code, researchers use a variety of techniques to test, including debug ports, ATA security encryption, and TCG Opal SED specifications.

Among them, the Crucial MX100/MX200 and Samsung T3 portable solid-state hard drives, researchers tamper with the password verification process through the JTAG debug interface.

So no matter what characters are entered, the password can be directly displayed, and the file is decrypted. The JTAG debug interface physically accessible on the SSD motherboard.

 

MX300 solid state drive, although it has a JTAG debug interface, has been disabled, so researchers have not cracked the encryption in this way.

The Samsung 840 EVO/850 EVO also uses a similar approach, but instead of using an arbitrary password, the decryption key for recovering the file is obtained through a vulnerability.

Hard drive vulnerabilities have also made encryption software such as BitLocker ineffective:

Most operating systems also include an encryption scheme to protect hard disk files. For example, Microsoft supports Windows BitLocker for full disk encryption in the system.

Researchers have found that when using BitLocker to encrypt a disk if it detects a hard drive that already has encryption, it will use the encryption scheme that comes with the hard disk.

This will allow the user to encrypt the disk through BitLocker, but it is the encryption of the hard drive itself. The way to crack is the one discussed in the article above.

The researchers finally recommended that users force the hard disk encryption through Group Policy, so using BitLocker encryption would use the encryption scheme provided by Microsoft.

Forcibly disable the hard disk’s encryption scheme as follows:

Open “Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives” called “Configure use of hardware-based encryption for operating system drives.”

Find the configuration to use the hardware-based encryption option for the operating system drive. Set to Disabled to disable the encryption scheme that comes with the hard drive.

Via: bleepingcomputer