Results 1 to 11 of 11

Thread: Researchers find “pattern of critical issues” in SSD encryption

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    27,635
    Thanks
    0
    Thanked
    1,705 times in 591 posts

    Researchers find “pattern of critical issues” in SSD encryption

    It is sometimes very easy to “bypass existing protection mechanisms” in self encrypting SSDs.
    Read more.

  2. #2
    Senior Member
    Join Date
    May 2014
    Posts
    853
    Thanks
    53
    Thanked
    111 times in 73 posts

    Re: Researchers find “pattern of critical issues” in SSD encryption

    Whelp, that's 90% of mainstream disk encryption in businesses skagged.

    If there's a data breach due to a lost device and they have to infor the EU ICO then they cannot guarantee the security of the data at rest because of this flaw.

    If this affects the majority of SSDs then we have just witnessed disk encryption just get wiped out if the system reverts to hardware encryption over software...

  3. #3
    root Member DanceswithUnix's Avatar
    Join Date
    Jan 2006
    Location
    In the middle of a core dump
    Posts
    9,276
    Thanks
    440
    Thanked
    940 times in 801 posts
    • DanceswithUnix's system
      • Motherboard:
      • M5A-97 EVO R2.0
      • CPU:
      • FX-8350
      • Memory:
      • 16GB ECC 1333
      • Storage:
      • 500GB Linux, 1TB Games (Win 10)
      • Graphics card(s):
      • Asus Strix RX Vega 56
      • PSU:
      • 650W Corsair TX
      • Case:
      • Antec 300
      • Operating System:
      • Fedora 28 + Win 10 Pro 64 (yuk)
      • Monitor(s):
      • Benq XL2730Z 1440p + Samsung 2343BW 2048x1152
      • Internet:
      • Zen 80Mb/20Mb VDSL

    Re: Researchers find “pattern of critical issues” in SSD encryption

    I've honestly never seen anyone use this encryption. If people care, then the specific data they care about is encrypted in other ways with something like smartcard key management. Payment systems aren't even allowed to have the decrypt key on the same box as the data at rest.

  4. #4
    Senior Member
    Join Date
    May 2014
    Posts
    853
    Thanks
    53
    Thanked
    111 times in 73 posts

    Re: Researchers find “pattern of critical issues” in SSD encryption

    Quote Originally Posted by DanceswithUnix View Post
    I've honestly never seen anyone use this encryption. If people care, then the specific data they care about is encrypted in other ways with something like smartcard key management. Payment systems aren't even allowed to have the decrypt key on the same box as the data at rest.
    The problem is a lot of organisations rely on Bitlocker and Hexus haven't noted this properly that Bitlocker relies on it if it is available for SSDs:

    Unfortunately, the pair also note that some popular data encryption systems, including the BitLocker tool Microsoft uses in Windows 10, do not use software encryption for SSDs and rely on the drive's vulnerable hardware encryption.
    https://www.theregister.co.uk/2018/1...sd_encryption/

  5. #5
    Senior Member
    Join Date
    Nov 2014
    Posts
    211
    Thanks
    2
    Thanked
    9 times in 9 posts

    Re: Researchers find “pattern of critical issues” in SSD encryption

    Quote Originally Posted by Tabbykatze View Post
    Whelp, that's 90% of mainstream disk encryption in businesses skagged.

    If there's a data breach due to a lost device and they have to infor the EU ICO then they cannot guarantee the security of the data at rest because of this flaw.

    If this affects the majority of SSDs then we have just witnessed disk encryption just get wiped out if the system reverts to hardware encryption over software...

    As others mentioned, I'm pretty sure businesses with any sort of salt have their own encryption techniqes for confidential info. Pretty sure this is just the "self-encryption" thing that most wouldn't expect to be secure anyway.

  6. #6
    HEXUS.Squirrel Output's Avatar
    Join Date
    Nov 2007
    Posts
    1,554
    Thanks
    654
    Thanked
    278 times in 210 posts
    • Output's system
      • Motherboard:
      • Biostar TA970
      • CPU:
      • AMD FX-8350
      • Memory:
      • 8GB (2x4GB) DDR3 Patriot 1866MHz @ 1600MHz + 8GB (2x4GB) DDR3 HyperX Fury 1600MHz
      • Graphics card(s):
      • Gigabyte R9 270
      • PSU:
      • Corsair VX450
      • Case:
      • Xclio Touch 787
      • Operating System:
      • Windows 7 x64
      • Monitor(s):
      • 2 x Dell P2214H

    Re: Researchers find “pattern of critical issues” in SSD encryption

    I was just coming to post about this, having come across this Twitter conversation about it (at the end of the conversation is one of the report's authors).

    Quote Originally Posted by Tabbykatze View Post
    The problem is a lot of organisations rely on Bitlocker and Hexus haven't noted this properly that Bitlocker relies on it if it is available for SSDs:



    https://www.theregister.co.uk/2018/1...sd_encryption/
    It's showing as mentioned here, so if it wasn't before it must have been edited in since your post.

    Quote Originally Posted by Article
    Furthermore, if BitLocker sees you install a new SSD with hardware encryption, it is by default set to trust and use the hardware facility – which has now been demonstrated to be vulnerable.

  7. #7
    Senior Member
    Join Date
    Dec 2003
    Location
    Wilmslow
    Posts
    611
    Thanks
    210
    Thanked
    113 times in 81 posts
    • mtyson's system
      • Motherboard:
      • Gigabyte GA-B85M-HD3
      • CPU:
      • Intel Core i7 4790T
      • Memory:
      • 8GB
      • Storage:
      • Sandisk 128GB SSD + Seagate 750GB HDD
      • Graphics card(s):
      • Gigabyte Windforce GTX 660OC
      • PSU:
      • Corsair 400W
      • Case:
      • Zalman Z9 Plus
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Acer IPS 24-inch 1080p
      • Internet:
      • 50MB Virgin fibre

    Re: Researchers find “pattern of critical issues” in SSD encryption

    Note: It hasn't been edited.
    I did mention the BitLocker issue in the story when originally posted.

  8. Received thanks from:

    Output (06-11-2018)

  9. #8
    Senior Member
    Join Date
    Jun 2008
    Posts
    1,367
    Thanks
    1
    Thanked
    120 times in 99 posts
    • BobF64's system
      • Motherboard:
      • Asus P8Z77-V Pro
      • CPU:
      • Intel Core i7-3770K
      • Memory:
      • 16GB Corsair XMS3 PC3-12800
      • Storage:
      • Multiple HDD and SSD drives
      • Graphics card(s):
      • EVGA GeForce GTX460 SC
      • PSU:
      • 750W Silverstone Strider Gold Evolution
      • Case:
      • Silverstone Fortress FT02
      • Operating System:
      • Windows 7 x64
      • Monitor(s):
      • HP ZR24w

    Re: Researchers find “pattern of critical issues” in SSD encryption

    Quote Originally Posted by DanceswithUnix View Post
    I've honestly never seen anyone use this encryption.
    Thats because its a ball ache for most people. To use the OPAL on a Windows bootable disk requires you to configure it before installing Windows, you cant enable it after the fact.

    Quote Originally Posted by plexabit View Post
    As others mentioned, I'm pretty sure businesses with any sort of salt have their own encryption techniqes for confidential info. Pretty sure this is just the "self-encryption" thing that most wouldn't expect to be secure anyway.
    Most businesses buy someone elses "encryption techniques", which may contain any number of unknown flaws, open source is no different because unknown is unknown.

  10. #9
    RGB Champion Ttaskmaster's Avatar
    Join Date
    Nov 2013
    Location
    Reading, UK
    Posts
    4,319
    Thanks
    139
    Thanked
    460 times in 383 posts
    • Ttaskmaster's system
      • Motherboard:
      • Asus X99-PRO
      • CPU:
      • i7 5960X o/c to 4.summat
      • Memory:
      • 16GB Corsair DDR4 somethingorother
      • Storage:
      • Samsung Evo 120GB and Seagate Baracuda 2TB
      • Graphics card(s):
      • Gigabyte G1 GTX980Ti
      • PSU:
      • EVGA Supernova G2 1000W
      • Case:
      • Phankecks Enthoo Luxe perspex window
      • Operating System:
      • Win10 64 Home
      • Monitor(s):
      • Acer Predator XB270HU 1440 IPS GSync
      • Internet:
      • BT 0.7Mbps 'In The Sticks' version

    Re: Researchers find “pattern of critical issues” in SSD encryption

    Quote Originally Posted by plexabit View Post
    I'm pretty sure businesses with any sort of salt have their own encryption techniqes for confidential info.
    Our water not derived from rainfall will have gone through a desalination plant or something, which means we're without any sort of salt at all..... We don't even have on-site canteens any more, so no salt even there!

    Our encrypted drives are usually bought pre-secured from PC World by IT, who then charge us more than 2½ times the retail price, so we get whatever Kingston put on their stuff. Same for most other kit, really.
    But I imagine that, between our shoddy policies and Google's spying techniques, your data has already been intercepted and sold several times over anyway, so nothing to really worry about... and I rather doubt anyone else in the world even cares how big your poos are, let alone would actually pay money to find out?

  11. #10
    Anthropomorphic Personification shaithis's Avatar
    Join Date
    Apr 2004
    Location
    The Last Aerie
    Posts
    10,802
    Thanks
    634
    Thanked
    868 times in 733 posts
    • shaithis's system
      • Motherboard:
      • Asus P8Z77 WS
      • CPU:
      • i7 3770k @ 4.5GHz
      • Memory:
      • 32GB HyperX 1866
      • Storage:
      • Lots!
      • Graphics card(s):
      • Sapphire Fury X
      • PSU:
      • Corsair HX850
      • Case:
      • Corsair 600T (White)
      • Operating System:
      • Windows 10 x64
      • Monitor(s):
      • 2 x Dell 3007
      • Internet:
      • Zen 80Mb Fibre

    Re: Researchers find “pattern of critical issues” in SSD encryption

    Whoops and we just rolled out BitLocker here, mainly with Samsung SSDs!
    Main PC: Asus Rampage IV Extreme / 3960X@4.5GHz / Antec H1200 Pro / 32GB DDR3-1866 Quad Channel / Sapphire Fury X / Areca 1680 / 850W EVGA SuperNOVA Gold 2 / Corsair 600T / 2x Dell 3007 / 4 x 250GB SSD + 2 x 80GB SSD / 4 x 1TB HDD (RAID 10) / Windows 10 Pro, Yosemite & Ubuntu
    HTPC: AsRock Z77 Pro 4 / 3770K@4.2GHz / 24GB / GTX 1080 / SST-LC20 / Antec TP-550 / Hisense 65k5510 4K TV / HTC Vive / 2 x 240GB SSD + 12TB HDD Space / Race Seat / Logitech G29 / Win 10 Pro
    HTPC2: Asus AM1I-A / 5150 / 4GB / Corsair Force 3 240GB / Silverstone SST-ML05B + ST30SF / Samsung UE60H6200 TV / Windows 10 Pro
    Spare/Loaner: Gigabyte EX58-UD5 / i950 / 12GB / HD7870 / Corsair 300R / Silverpower 700W modular
    NAS 1: HP N40L / 12GB ECC RAM / 2 x 3TB Arrays || NAS 2: Dell PowerEdge T110 II / 24GB ECC RAM / 2 x 3TB Hybrid arrays || Network:Buffalo WZR-1166DHP w/DD-WRT + HP ProCurve 1800-24G
    Laptop: Lenovo Flex 2 / 12GB RAM / 240GB Corsair Force 3 Printer: HP CP1515n || Phone: HTC One U11 || Other: Samsung Galaxy Tab 4 Pro 10.1 CM12.1 / Playstation 4 + G29 + 2TB Hybrid drive

  12. #11
    HEXUS.Squirrel Output's Avatar
    Join Date
    Nov 2007
    Posts
    1,554
    Thanks
    654
    Thanked
    278 times in 210 posts
    • Output's system
      • Motherboard:
      • Biostar TA970
      • CPU:
      • AMD FX-8350
      • Memory:
      • 8GB (2x4GB) DDR3 Patriot 1866MHz @ 1600MHz + 8GB (2x4GB) DDR3 HyperX Fury 1600MHz
      • Graphics card(s):
      • Gigabyte R9 270
      • PSU:
      • Corsair VX450
      • Case:
      • Xclio Touch 787
      • Operating System:
      • Windows 7 x64
      • Monitor(s):
      • 2 x Dell P2214H

    Re: Researchers find “pattern of critical issues” in SSD encryption

    Quote Originally Posted by shaithis View Post
    Whoops and we just rolled out BitLocker here, mainly with Samsung SSDs!
    Who gets to be the one to explain this to the bosses?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •