SSD for FDE...

Hello,

Can anyone recommend a 128g ssd that perform will with FDE (full disk encryption) like mcafee endpoint encryption.

I've tried Crucial M4 and OCZ Vertex 3. Performance dropped dramatically after FDE.

thx
3 answers Last reply
More about tomshardware
  1. No, but I can look for the various articles on why you should never use external FDE on an SSD. Seriously, there are a few. For one thing, the software makers specifically state that it's not secure, because writing the encrypted data back over the same block leaves the unencrypted version somewhere else. So a serious attacker could read your disk.

    Plus, there is massive write amplification.

    Look for a self-encrypting SSD. In the meantime, if I find the articles, I'll post links.
  2. WyomingKnott said:
    No, but I can look for the various articles on why you should never use external FDE on an SSD. Seriously, there are a few. For one thing, the software makers specifically state that it's not secure, because writing the encrypted data back over the same block leaves the unencrypted version somewhere else. So a serious attacker could read your disk.

    Plus, there is massive write amplification.

    Look for a self-encrypting SSD. In the meantime, if I find the articles, I'll post links.


    thx. But that's not what I'm looking. The reason I ask for FDE because my company requires us using it.
  3. Well, no SSD will perform well with these. They are known SSD-killers. The best thing that you can do is to start encryption on the disk while it is blank; that will be better then post-encrypting a loaded disk.

    If the company's security officer is willing to listen, and if I find the links, you might get him/her to try a self-encrypting SSD instead of a setup that is known to work poorly and have security risks.

    If you are not sick of me already, have a look at my post in this thread: http://www.tomshardware.com/forum/268261-32-full-disk-encryption . It has links to the articles. To quote the TrueCrypt site: "Due to security reasons, we recommend that TrueCrypt volumes are not created/stored on devices (or in file systems) that utilize a wear-leveling mechanism (and that TrueCrypt is not used to encrypt any portions of such devices or filesystems). "
Ask a new question

Read More

SSD Encryption Storage