Microsoft Issues Security Advisory on Solid-State Drive Hardware Encryption
Microsoft issued security advisory ADV180028 on Tuesday for computer users that have self-encrypting solid-state drives (SSDs) that are ostensibly protected by Microsoft's BitLocker encryption scheme.
In such cases, BitLocker will default to using the SSD's hardware encryption, rather than using BitLocker's own software encryption approach. However, researchers at Radboud University in the Netherlands have found a way to bypass the secrets used to keep the hardware-encrypted data secure on SSD drives.
The technique to bypass hardware encryption requires being able to execute code on the SSD's controller. It could be done through "JTAG [Joint Test Action Group], memory corruption, storage chip contents manipulation and fault injection," the researchers wrote, although they didn't describe how they specifically broke the encryption.
The researchers described how they bypassed the security of self-encrypting drives (SEDs) in an advisory (PDF download):
We analysed the full-disk encryption implementation of several SEDs from different vendors through reverse engineering of their firmware. Combined, these vendors cover roughly half of the SSDs sold today. We found that critical security vulnerabilities in the drives studied exist. It is in many cases possible to recover the contents of the drive without knowledge of any password or secret key, thereby bypassing the encryption entirely.
In other words, SSD hardware encryption isn't secure. Moreover, BitLocker users are subject to this issue because BitLocker defaults to using the SSD's hardware encryption scheme.
The researchers tested and confirmed that the following SSDs were affected:
- Crucial (Micron) MX100, MX200, MX300 internal hard disks
- Samsung T3 and T5 portable (external) disks
- Samsung 840 EVO and 850 EVO internal hard disks (when ATA security in High mode is used)
They downplayed the notion that a firmware fix will be arriving for these drives:
Conceptually, it is possible that the issues found can be solved through firmware updates. Unfortunately, at the time of writing, all drives found vulnerable either do not have firmware updates available, or do, but they inadequately address the issues.
The researchers suggested switching to using software encryption on the SSD, which can be done on Windows systems using Group Policy settings, plus a few more steps. The researchers recommended using "an open-source and audited" full-disk software encryption scheme, such as VeraCrypt, as the software encryption scheme.
For BitLocker users, it's possible to switch over to Microsoft's internally built software encryption scheme, which is called "BitLocker Drive Encryption." Microsoft's advisory recommended using BitLocker Drive Encryption, which can be done through Group Policy changes. The idea is to override BitLocker's default setting that compels the use of hardware-based encryption.
In cases where the SSD had used hardware encryption, there's a process to get it to switch to using BitLocker Drive Encryption. Here's Microsoft's cautionary note in that respect:
Note: After a drive has been encrypted using hardware encryption, switching to software encryption on that drive will require that the drive be unencrypted first and then re-encrypted using software encryption. If you are using BitLocker Drive Encryption, changing the Group Policy value to enforce software encryption alone is not sufficient to re-encrypt existing data.
IT pros will have to set Group Policy to enforce software encryption, turn off BitLocker (which decrypts the drive) and then enable BitLocker again on these SSDs, Microsoft's advisory indicated. It explicitly stated that there's no need to reformat the drive in such cases.
Unfortunately, Microsoft and the researchers don't appear to be in agreement on the need to reformat the drive. Here's how the researchers described it:
For the affected models, the default setting must be changed so that only software encryption is used. This change does not solve the problem immediately, because it does not re-encrypt existing data. Only a completely new installation, including reformatting the internal drive, will enforce software encryption. As an alternative to reinstallation, the above-mentioned VeraCrypt software package can be used.
When asked about the discrepancy on reformatting the drive, a Microsoft spokesperson said that Microsoft had nothing further to share beyond its advisory.
The researchers have published a draft paper describing their findings (PDF download). They promised not to release exploit tools for the SSD flaws, and noted they had practiced "responsible disclosure" by informing the SSD makers of the issue in advance back in April.
Samsung has published a consumer notice on the matter. For its portable SSDs. Samsung recommends updating the device's firmware with a patch. For its nonportable SSDs, Samsung recommends installing encryption software.
It's possible to check if hardware or software encryption is being used on SSDs in a computing environment. IT pros can "run 'manage-bde.exe -status' from elevated command prompt" to perform this check, Microsoft's advisory explained.
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.