Good & amazing research paper on harddisk vulnerabilities and encryption. For more details about software vs hardware hard drive encryption, you must read this paper.
Research Paper Author: Carlo Meijer Radboud University, the Netherlands
Abstract—We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. In reality, we found that many hardware implementations have critical security weaknesses, for many models allowing for complete recovery of the data without knowledge of any secret. BitLocker, the encryption software built into Microsoft Windows will rely exclusively on hardware full-disk encryption if the SSD advertises supported for it. Thus, for these drives, data protected by BitLocker is also compromised. This challenges the view that hardware encryption is preferable over software encryption. We conclude that one should not rely solely on hardware encryption offered by SSDs.
Reference Paper:
Categories: Cyber Security, harddisk security, Hardware encryption, Hardware security, SSD Security
Leave a Reply