Researchers Discover A Way to Bypass Hardware-Based SSD Full Disk Encryption

Doris Richards
November 7, 2018

Researchers from the Netherlands' Radboud University have published a paper detailing how hardware encryption systems built into popular solid-state drives (SSDs) can be bypassed to recover supposedly-protected data - and how that renders Microsoft's BitLocker encryption moot on affected systems. This has the dual goal of isolating encryption tasks from other drive operations for increased security, as well as eliminating overhead from either the main drive controller or system CPU, as neither are tasked with encrypting or decrypting data as needed - effectively making encryption a resource-neutral operation.

Such devices are also known as self-encrypting drives (SEDs) and have become popular in recent years after software-level full disk encryption was proven vulnerable to attacks where intruders would steal the encryption password from the computer's RAM.

Hardware encryption capabilities are often highly-touted selling points of solid state drives (SSD) marketed toward enterprise users, and increasingly toward average consumers, as concerns about data privacy and identity theft increase. For example, they found that one of the drive models had a master password than was just an empty string - so encryption could be bypassed by simply hitting enter.

"(...) CVE-2018-12037 (...) is characterised by the absence of cryptographic binding between the password provided by the end user and the cryptographic key used for the encryption of user data.

In particular, the researchers said, the SSDs fail to cryptographically tie the owner's password to the actual data encryption key (DEK), both of which are stored in the drive.

Other similar and newer offerings by those firms might also be vulnerable, but the researchers didn't test them to confirm.


"One should not rely exclusively on hardware encryption as offered by SSDs for confidentiality", they said. New firmware is availble for Crucial SSD drives, while Samsung has only released new firmware for their T3 and T5 Portable SSD drives.

They successfully tested their exploits against the Crucial MX100, MX200, and MX300 SSDs as well as Samsung's 840 EVO, 850 EVO, T3 Portable, and T5 Portable drives.

But the reported issues go far deeper than researchers initially realized, and especially for Windows users, who are in more danger than others. Only an entirely new installation, including setting the Group Policy correctly and securely erasing the internal drive, enforces software encryption. That means that if you made a decision to use Bitlocker for extra safety and owned one of the above-mentioned drives, you could have basically zero protection.

What's more, since Windows' BitLocker software encryption defaults to hardware encryption when it is available, it can also be bypassed with the same methods.

This behavior can be overridden using a group policy setting, though actually changing this requires users to "format their SSD and reinstall everything because old data will remain encrypted at the hardware level even if they change BitLocker's settings", said ZDNet's Catalin Cimpanu. The duo says that the vulnerabilities they have discovered affect "ATA security" and "TCG Opal", which are two specifications for implementing encryption on SSDs that use hardware-based encryption. "From a security perspective, standards should favor simplicity over a high number of features".

Other reports by Iphone Fresh

Discuss This Article

FOLLOW OUR NEWSPAPER