Sign in with
Sign up | Sign in
Your question
Solved

General Questions about Self Encrypting SSD drives.

Tags:
  • Samsung
  • Storage
  • Command Prompt
  • SSD
  • SMB
Last response: in Storage
Share
April 16, 2014 7:35:13 AM

Hello All,
I have been doing some research on SSDs, and I have decided on the Samsung Evo 840 500GB. I am also planning on buying a Lenovo IdeaPad z510 and adding the new samsung drive. Looks good, but some questions:

1.) I understand that this drive uses Self Encryption, and I know that there is an AES key set at the factory. I am not comfortable with that, so I want to reset that when I get it. Will the 'Secure Erase' ATA command RESET that aes key, or will it just clear the memory as in a non self encrypting ssd? If the Secure Erase command doesn't reset the AES key, what can I use to do that??

2.) I understand that if you set the HDD password in the bios, and then forget it, then all your data is lost forever. In this case, there is a PSID on the drive that you can use to clear the drive/ reset it. Exactly how do you do that? I can't find a clear explanation of this anywhere.

Alright Thanks in advance for your help!!

More about : general questions encrypting ssd drives

a b G Storage
April 16, 2014 7:46:38 AM

Can't speak on your #1, but on #2, there is nothing you can do, the drive must be sent back to the factory and there they will apply the master key to unlock the drive (all data is forever lost). It is not a free service, and you have to prove ownership.
m
0
l
a b Ô Samsung
a c 133 G Storage
April 16, 2014 7:58:41 AM

Personally, I wouldn't use a self-encrypting drive. Too much room for backdoors, if you're worried about that.

If your CPU has hardware AES support, that should be just as fast as built into the SSD.
m
0
l
Related resources
April 16, 2014 8:31:35 AM

@Someone_Somewhere, I think the whole reason to use a self encrypting drive is so you don't have to use software encryption. The software encryption has to write to the entire hard drive, regardless of how much data you have on the disk. This reduces performance, because you constantly have to write to used sectors/pages.

Also, what room for backdoors? Please elaborate. I have been doing some research and the hardware option seems really secure. I am just concerned that I will brick my new drive if I forget the password one time.
m
0
l
a b Ô Samsung
a c 133 G Storage
April 16, 2014 8:43:43 AM

Writing ~250GB of data at 500MB/s? Not a major issue. That's first time only, and doesn't happen continually.

TRIM commands still go through Truecrypt (I'd imagine that Bitlocker would be the same), so there shouldn't be any issue with writing to used areas.

There's no way to validate that the key storage is safe, because nobody's going to open source the firmware. It would be trivial to save that AES key when the drive is made at the factory, or have the controller store the key in clear in the permanent memory and just not use it until unlocked, or dozens of other ways.

EDIT: Clarity.
m
0
l
a b G Storage
April 16, 2014 8:48:51 AM

The backdoors are the same with ALL forms of encryption. At some point the key/s are sitting in memory, unencrypted, where they can be harvested with the right tools. With self encrypting drives once the drive is unlocked, as long as power is not interrupted, the drive can be connected to another system and read without having to authenticate again. There's no such thing as absolute security.
m
0
l
a b Ô Samsung
a c 133 G Storage
April 16, 2014 8:57:18 AM

See above edit.

My point is that if during manufacturing I copy the key, you can do whatever you want to the drive short of wiping it, and I can still get the data.

Similarly, if the key is stored in clear in the permanent memory, but the controller won't relinquish it without the passphrase, you can probably use a debug interface to grab it or similar.

Unless the only permanent copy of your AES key is encrypted with the hashed passphrase, you're in trouble. And that's before you consider the question of how good the PRNGs are.

The issue is that it's difficult to get data about exactly how the key is treated in the drive.
m
0
l
April 16, 2014 9:23:45 AM

@Someone_Somewhere - Ok, I see you point. It was better that you explained it a little more. As far as the key being in the clear, I don't think that is an issue, as I do plan on using the HDD Password functionality on the bios, which will hash the encryption key using some form of standard key hashing (some form of PKCS maybe).

I don't think ANY encryption software stores the decryption key in the clear IF you are using some sort of password or other method to challenge you (keyfile, usb, smartcard, etc.).

I do also understand ex_bubblehead's point that the key may be in the clear while the drive/pc is ON in system memory or otherwise. I do also understand that your system is only secured when it's off, and no keys are in memory in the clear.
m
0
l
a b Ô Samsung
a c 133 G Storage
April 16, 2014 9:27:20 AM

They could easily be storing your passphrase in the clear. I'm pretty sure that your passphrase gets sent down the SATA cable in the clear to the drive controller, which can do as it likes with it (any hashing happens in the drive, not the PC). Including comparing it to a cleartext passphrase, then releasing a cleartext key for it, if the coders were incompetent. Or had someone asking them to include a 'magic' passphrase.

EDIT: PKCS is public-key. Drives usually use symmetric. I'd hope that they're using something like PBKDF2 with SHA2-256.
m
0
l
April 16, 2014 9:32:06 AM

And just another thing about knowing how keys are dealt with on the drive, and on encryption solutions in general, I guess it's kind of hard to be 100% sure about that.

I have used Truecrypt and Bitlocker at the company I work for, and both have questions about how secure/reliable encryption is:

- BitLocker is proprietary, but we have to trust that Microsoft is securing our data correctly
- Truecrypt is open source, and seems to be generally good, but despite being open source, no one has ever actually validated the code, and confirmed that we are using what is represented in the code posted on their website. And no one knows who coded and compiled it.

Both make me nervous about using. in the end though, samsung claims that they secure their keys correctly in the firmware/hardware on the drive. The question is do we trust Samsung??
m
0
l
a b Ô Samsung
a c 133 G Storage
April 16, 2014 9:36:37 AM

Truecrypt posts PGP sigs of the binaries on their site.

You can compile it yourself, if you want.

'Correctly' has a big number of issues with it. Many companies are forced to put backdoors into software or release data to intelligence agencies; I expect that they would try to get backdoors in drives.

Off to bed now for me.
m
0
l
April 16, 2014 9:46:03 AM

Someone Somewhere said:
They could easily be storing your passphrase in the clear. I'm pretty sure that your passphrase gets sent down the SATA cable in the clear to the drive controller, which can do as it likes with it (any hashing happens in the drive, not the PC). Including comparing it to a cleartext passphrase, then releasing a cleartext key for it, if the coders were incompetent. Or had someone asking them to include a 'magic' passphrase.

EDIT: PKCS is public-key. Drives usually use symmetric. I'd hope that they're using something like PBKDF2 with SHA2-256.


Yes, so I was referring to PKCS #5 standard as a whole , which PBKDF2 is a part of.
source: ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-5v2/pkcs5v2-0.p...

And just to get back on topic a little, I have done some further research:

for question 1, apparently you can't use Secure Erase to destroy the keys. There is another command called 'Crypto Erase' that has to be used, and that actually uses the PSID and apparently can be used if you forget the password that you set on your drive. It is strange that the samsung drives provide the PSID to you, but does NOT give you software to use it in case you loose the passwords. I found that SeaTools from Seagate will do that for you, and they work with Samsung drives (crypto erase appears to be a standard command on the ATA standard). So I guess I answered #2 as well.

m
0
l

Best solution

a b G Storage
April 16, 2014 9:51:33 AM

Bitlocker (256-bit AES) is used by very large enterprises every day for years now and has never been cracked. You can most definitely trust it. Each 16KB block on disk is encrypted with a different key, calculated off of the master key, and is quite secure. The + factor is that in an AD environment you have single point of control and recovery of keys. This doesn't exist with the self encrypting drives.
Share
!