Weak self-scrambling SSDs opens up Windows BitLocker

Users whose believe the data on their drives are protected with Microsoft's Windows Bitlocker could be in for lengthy workarounds, after researchers showed that the default hardware-based encryption on solid state storage isn't secure.

Carlo Meijer and Bernard van Gastel of Radboud University, Netherlands, detailed in their paper [pdf] how techniques known to be used by the US National Security Agency (NSA) can get around encryption that looks strong and impenetrable on paper.

This is a problem for Bitlocker which defaults to hardware encryption on SSDs as per the Trusting Computing Group Opal Self Encrypting Drive (SED) specification.

Bitlocker can be coaxed into using software encryption with the Windows Group Policy tool, if users have admin rights on the computers in question.

However, on Bitlocked drives that are already using the default hardware encryption, changing Group Policy settings has no effect.

"Only an entirely new installation, including setting the Group Policy correctly and securely erasing the internal drive, enforces software encryption," the researchers noted.

As a workaround to boost Bitlocker security, the researchers suggested using an open source utility such as VeraCrypt along with the SSD hardware encryption.

Using different techniques such as Joint Test Action Group (JTAG) industry standard debugging ports, and modified firmware or password validation, the researchers found that they could bypass full disk encryption on the following solid-state drives:

• Crucial MX100
• Crucial MX200
• Crucial MX300
• Samsung 840 EVO
• Samsung 850 EVO
• Samsung T3
• Samsung T5 

Crucial and Samsung were given six months by the researchers to issue fixed firmware for the SSDs; while the former company updated all three models, Samsung only issued new firmware for the T3 and T5, and recommends software encryption for the 840 and 850 EVO drives.

With improved cryptographic hardware in modern processors the main reason for using only the built-in encryption feature in SSDs - improved performance - no longer applies, the researchers said.

Instead, they suggested a combination of the two for users to keep their data on SSDs secure.

"One should not rely solely on hardware encryption as offered by SSDs for confidentiality," they said.

"We recommend users that depend on hardware encryption implemented in SSDs to employ also a software full-disk encryption solution, preferably an open-source and audited one.