Crucial and Samsung SSDs' Encryption Is Easily Bypassed

Researchers from Radboud University in The Netherlands reported today their discovery that hackers could easily bypass the encryption on Crucial and Samsung SSDs without the user’s passwords. The researchers also pointed at Microsoft for defaulting to using these broken encryption schemes on modern drives.

The Dutch researchers reverse-engineered the firmware of multiple drives and found a “pattern of critical issues." In one case, the drive’s master password used to decrypt data was just an empty string, which means someone would have been able to decrypt it by just pressing the Enter key on their keyboard. In another case, the researchers said the drive could be unlocked with “any password” because the drive’s password validation checks didn’t work.

The drives the researchers found to be plagued by these encryption issues include: Crucial’s MX100, MX200 and MX300 SSDs, Samsung’s T3 and T5 portable SSDs and the popular Samsung 840 EVO and 850 EVO SSDs. The researchers noted that the issues likely affect many more products from the two companies’ SSD lineups, considering most if not all of them share the same firmware.

Microsoft’s BitLocker Partly to Blame

It’s bad enough that Crucial and Samsung have done poor jobs of protecting the decryption key (or even creating one to begin with, in some cases). However, drive encryption has never been that good, and researchers suggested Microsoft should have known better.

They said Microsoft shares some of the blame for Windows user data that can easily be stolen from their encrypted drives by people with access to the users’ laptops. That’s because Microsoft’s BitLocker, which is available only on Professional, Enterprise and Education editions of Windows 10, uses the drive’s own encryption by default instead of its own. In other words, BitLocker is mostly just an intermediary interface for modern drive’s own encryption. It doesn't do much else on its own.

Cryptography Professor Matthew Green called Microsoft’s decision to trust device maker’s own encryption schemes “the single dumbest thing that company has ever done" via Twitter.

A Call for Open-Source Encryption Schemes

The researchers also blamed the drive makers for using proprietary encryption schemes that tend to be much weaker in practice than well-known open source solutions. The drive makers weren’t even publishing their proprietary encryption schemes, which is why the researchers had to reverse-engineer the software.

The researchers recommended users use the open-source and audited VeraCrypt software instead of the proprietary BitLocker or custom and unproven SSD drive encryption schemes. The researchers concluded there is no point in using the encryption options provided by these drives. They argue that's because on one hand software solutions such as VeraCrypt are simply better and more secure, and on the other hand, the encryption acceleration offered by the SSDs is unnecessary because the AES-NI encryption acceleration found on most processors has become mainstream. AES-NI offers the same hardware acceleration as the drive’s own crypto accelerators do.

In an advisory, Samsung also told consumers to install encryption software available online to avoid “potential breach of self-encrypting SSDs.” Meanwhile, Micron, the owner of the Crucial SSD brand, said that it will issue a firmware update for its drives in the future, but didn’t provide a schedule.

Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.
  • Brian28
    No wonder the FBI never raised a stink about hard drives like they did with the iPhone.
    Reply
  • cryoburner
    Logically, the encryption used in all drives probably has a backdoor, just some companies do a better job hiding it than others.

    They said Microsoft shares some of the blame for Windows user data that can easily be stolen from their encrypted drives by people with access to the users’ laptops. That’s because Microsoft’s BitLocker, which is available only on Professional, Enterprise and Education editions of Windows 10, uses the drive’s own encryption by default instead of its own.
    Well, that makes sense. Software encryption tends to create additional performance overhead, and CPU acceleration for it is only common in newer CPUs from the last 5 to 7 years or so, while companies will likely have a lot of older hardware in use, so if the drives themselves are already offering to handle it on their own, it's reasonable for Microsoft to let them do so. If some of the drives in question have poor locks on the doors, that's hardly Microsoft's fault. They're simply providing an interface to access it. And do you really think that if they used their own software encryption, that it wouldn't have a backdoor? Perhaps they would do a better job disguising the entrance to keep the common riffraff out, but I wouldn't expect much more than that. The same goes for this open-source software these researchers are recommending. You can bet that various groups around the world have spent billions compromising software like that.
    Reply
  • xrodney
    Well as I did find out accidentaly even Home version of W10 does have bitlocker or some other tool and might come as enabled.
    Wanted update Bios and FW on Yoga 920 and it failed with status that disk is encrypted.

    W10 Home are missing menu and option in control panel but still have command line tool: manage-bde -status
    This showed disk as 100% encrypted and I had to decrypt it (took about 2 hours for 256GB SSD) before rerun FW update tool.
    Reply
  • stdragon
    21462087 said:
    Logically, the encryption used in all drives probably has a backdoor, just some companies do a better job hiding it than others.

    They said Microsoft shares some of the blame for Windows user data that can easily be stolen from their encrypted drives by people with access to the users’ laptops. That’s because Microsoft’s BitLocker, which is available only on Professional, Enterprise and Education editions of Windows 10, uses the drive’s own encryption by default instead of its own.
    Well, that makes sense. Software encryption tends to create additional performance overhead, and CPU acceleration for it is only common in newer CPUs from the last 5 to 7 years or so, while companies will likely have a lot of older hardware in use, so if the drives themselves are already offering to handle it on their own, it's reasonable for Microsoft to let them do so. If some of the drives in question have poor locks on the doors, that's hardly Microsoft's fault. They're simply providing an interface to access it. And do you really think that if they used their own software encryption, that it wouldn't have a backdoor? Perhaps they would do a better job disguising the entrance to keep the common riffraff out, but I wouldn't expect much more than that. The same goes for this open-source software these researchers are recommending. You can bet that various groups around the world have spent billions compromising software like that.

    CPU acceleration is the AES-NI instruction set; and the first consumer based CPUs to have it first arrived in 2010 and became more common with each passing generation thereafter. Besides, back then SED drives weren't all that common, so falling back to AES-NI was more of the norm than not...assuming the software was even compiled to utilize it. If I recall, not many applications did at the time. In fact, I think Apple's OSX was the first consumer level OS to support AES-NI via the build-in disk encryption Filevault

    That all said, if given the option with BitLocker to choose, I'd much rather go with the software implementation paired with the TPM chip on the MB based on this news. Performance isn't going to be that noticeable on a laptop unless you're working with some serious IOP intensive local databases or whatnot. And given laptops are prone to being lost or stolen, I'd much rather have the peace of mind that the data didn't fall into the wrong hands.

    Reply
  • stdragon
    21463020 said:
    Well as I did find out accidentaly even Home version of W10 does have bitlocker or some other tool and might come as enabled.
    Wanted update Bios and FW on Yoga 920 and it failed with status that disk is encrypted.

    W10 Home are missing menu and option in control panel but still have command line tool: manage-bde -status
    This showed disk as 100% encrypted and I had to decrypt it (took about 2 hours for 256GB SSD) before rerun FW update tool.

    Yoga 920's ship with Windows 10 Home. That, and the fact Bitlocker is only available in Windows 10 Pro or Enterprise.

    If this laptop upgraded with Pro/Enterprise and Bitlocker enabled, then you can just suspend the encryption prior to performing a BIOS update. Which BTW is recommended so you don't force the system to reboot asking for a recovery key. If you don't have that printed or stored elsewhere in a secure location, you'll be SOL when it asks for one. Anyways, with Bitlocker, there's no need to fully decrypt the drive just to update the BIOS.

    If you are running Windows 10 Home, then perhaps you have an FDE (Full Disk Encryption, aka SED / Self Encrypting Drive) with encryption enabled in BIOS. That, or you had some 3rd party application managing its own implementation in Windows.
    Reply
  • xrodney
    21463217 said:
    21463020 said:
    Well as I did find out accidentaly even Home version of W10 does have bitlocker or some other tool and might come as enabled.
    Wanted update Bios and FW on Yoga 920 and it failed with status that disk is encrypted.

    W10 Home are missing menu and option in control panel but still have command line tool: manage-bde -status
    This showed disk as 100% encrypted and I had to decrypt it (took about 2 hours for 256GB SSD) before rerun FW update tool.

    Yoga 920's ship with Windows 10 Home. That, and the fact Bitlocker is only available in Windows 10 Pro or Enterprise.

    If this laptop upgraded with Pro/Enterprise and Bitlocker enabled, then you can just suspend the encryption prior to performing a BIOS update. Which BTW is recommended so you don't force the system to reboot asking for a recovery key. If you don't have that printed or stored elsewhere in a secure location, you'll be SOL when it asks for one. Anyways, with Bitlocker, there's no need to fully decrypt the drive just to update the BIOS.

    If you are running Windows 10 Home, then perhaps you have an FDE (Full Disk Encryption, aka SED / Self Encrypting Drive) with encryption enabled in BIOS. That, or you had some 3rd party application managing its own implementation in Windows.
    Nope, that was definitely W10 home and no it was not any bios set encryption, it was fully os side thing, and even if use bitlocker it will per default utilize internal disk encryption.

    For TPM firmware upgrade its still recommended to rather decrypt disk to completely avoid issues, especialy for non standartized TPM 1.2 .
    - TPM may in some cases not Accept recovery key
    - You might not have online MS account and use local one instead in which case you cant get recovery key easily.
    - recovery key might not be stored online for home version of W10

    Reply
  • thomas.mcneill
    Most SSD drives count on the ability to compress data to save space and increase throughput. If we send it encrypted data to write we lose that benefit.
    Reply
  • Gryphon Serpente
    my question is this. Is this article solely about SESD (Self Encrypting SSD)? We use MBAM as an enterprise level monitoring tool on NON Self Encrypting SSD drives and utilize the TPM chip built on the motherboards. Are these drives at risk as well?
    Reply
  • TJ Hooker
    21463939 said:
    Most SSD drives count on the ability to compress data to save space and increase throughput. If we send it encrypted data to write we lose that benefit.
    What's stopping you from compressing encrypted data?
    Reply
  • stdragon
    21463763 said:
    Nope, that was definitely W10 home and no it was not any bios set encryption, it was fully os side thing, and even if use bitlocker it will per default utilize internal disk encryption.

    For TPM firmware upgrade its still recommended to rather decrypt disk to completely avoid issues, especialy for non standartized TPM 1.2 .
    - TPM may in some cases not Accept recovery key
    - You might not have online MS account and use local one instead in which case you cant get recovery key easily.
    - recovery key might not be stored online for home version of W10

    If it's Windows 10 Home, I can promise you it's not Bitlocker. Unless perhaps the underlying API still exists to be leveraged and managed by a 3rd party disk encryption application?? Either way, you must pay the Microsoft tax to un-cripple the OS to support Bitlocker as a feature natively.

    https://www.microsoft.com/en-us/windows/compare

    As for BIOS updates - that's doesn't touch the TPM module. In fact, on many of the Dell Latitude notebooks I've worked on, they often have their own Broadcom TPM firmware update that's separate from BIOS. So updating the TPM firmware I could see needing to decrypting the drive prior. But again, with BIOS updates, you should only have to "suspend" the Bitlocker encrypted boot drive (C drive).
    Reply