1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Hardware-based disk encryption can be bypassed in certain SSDs

By Cal Jeffrey · 14 replies
Nov 5, 2018
Post New Reply
  1. They successfully tested their exploits against the Crucial MX100, MX200, and MX300 SSDs as well as Samsung’s 840 EVO, 850 EVO, T3 Portable, and T5 Portable drives. The researchers say they were able to reverse engineer the firmware on these devices and reprogram them to validate the password no matter what is entered.

    “We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. In reality, we found that many hardware implementations have critical security weaknesses, for many models allowing for complete recovery of the data without knowledge of any secret.”

    What’s more, since Windows’ BitLocker software encryption defaults to hardware encryption when it is available, it can also be bypassed with the same methods.

    There are three techniques that Meijer and van Gastel found to exploit these flaws.

    With the Crucial MX100, MX200, the Samsung 850 EVO, and T3 Portable, they were able to able to physically connect to the drives’ JTAG debugging interface and modify the password verification checks. Any password typed in would decrypt the drive.

    The Crucial MX300 also has a JTAG port, but they discovered it is disabled by default. So instead the researchers flashed the drive with a counterfeit firmware. This allowed them to authenticate with an empty password field.

    With the remaining drives, they were able to recover data encryption keys (DEK) using a “wear leveling” exploit.

    “Suppose that the DEK is stored unprotected, after which a password is set by the end user, replacing the unprotected DEK with an encrypted variant,” they explain. “Due to wear leveling, the new variant can be stored somewhere else within the storage chip and the old location is marked as unused. If not overwritten later by other operations, the unprotected variant of the DEK can still be retrieved.”

    Crucial and Samsung were notified of the flaw well in advance of announcing it publicly. Crucial has already released patched firmware for all affected drives except the MX300, which has not been updated since 2017. Samsung also rolled out updates for its T3 and T5 Portable SSD. For its EVO drives, however, the company recommends using software encryption.

    Meijer and van Gastel are preparing to publish a paper on the flaws titled “Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs).” It is currently in the peer-review process, but if you’re into the nitty-gritty details, they have made a preliminary copy available for download on the Radboud University website.

    Permalink to story.

    Last edited: Nov 7, 2018
  2. EClyde

    EClyde TS Evangelist Posts: 1,555   +555

    There is not anything that cannot be exploited.
  3. Bullwinkle M

    Bullwinkle M TS Rookie Posts: 26   +13

    This is not news

    I have been writing about this problem for years

    I showed that Kingston thumb drives had static hardware encryption keys and I covered the problem before Bruce Schneier or anyone else did back in 2010

    Bitlocker software encryption is also backdoored!
    Vito05 and Reehahs like this.
  4. GreenNova343

    GreenNova343 TS Maniac Posts: 307   +204

    Surprise, surprise: if you have full physical access to a storage drive, including the ability to take it apart & get to the internal components, you can eventually find a way around the encryption.
  5. iamcts

    iamcts TS Booster Posts: 113   +64

    You should automatically assume that any encryption method - whether software or hardware - is backdoored if it isn't open source.
  6. fktech

    fktech TS Addict Posts: 337   +93

    All encryption is crackable!
  7. Bullwinkle M

    Bullwinkle M TS Rookie Posts: 26   +13

    Always assume that hardware encryption is backdoored as there is no open source

    For software, always assume that Microsoft, if forced, will provide the incorrect source code for a specific component of Windows, for a specific version of Windows

    It's like the Mob....
    Always keep a second set of books,...... just in case
  8. Bullwinkle M

    Bullwinkle M TS Rookie Posts: 26   +13


    Where did you find my one-time pad?
  9. noname

    noname TS Enthusiast Posts: 21   +28

    Cal Jeffrey likes this.
  10. jobeard

    jobeard TS Ambassador Posts: 12,274   +1,367

    When physical security is breached (ie: direct access to the device), all bets are off for all known means of data protection. Now try the same stunt with the device properly install and a remote access vector -- when you repeat the results, THEN you will have a story to tell.
  11. fktech

    fktech TS Addict Posts: 337   +93

    Not sure of your point???
  12. Cal Jeffrey

    Cal Jeffrey TS Evangelist Topic Starter Posts: 1,292   +318

  13. Bullwinkle M

    Bullwinkle M TS Rookie Posts: 26   +13

    The point is.....
    ALL encryption is "NOT" crackable!
  14. fktech

    fktech TS Addict Posts: 337   +93

    I disagree!
  15. fktech

    fktech TS Addict Posts: 337   +93

    All encryption is crackable...

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...