Explore a critical vulnerability in Self-Encrypting Drives (SED) that allows bypassing their protection mechanisms in enterprise environments. Learn about the advantages and disadvantages of hardware-based encryption, the Opal standard, and various attack vectors including forced restarts, soft resets, and key capture. Understand the impact of these vulnerabilities on organizations using SED and discover how to protect against this new threat. Gain insights into the inner workings of drives, previous research in the field, and real-world demonstrations of exploits. Delve into the technical aspects of Full-Disk Encryption (FDE) solutions and their implementation in enterprise settings.
Bypassing Self-Encrypting Drives in Enterprise Environments
Overview
Syllabus
Introduction
Daniels Background
Classical Full Disk Encryption
Advantages and Disadvantages
HardwareBased Encryption
HardwareBased Encryption Advantages
HardwareBased Encryption Overview
Opal Standard
Key Encryption
Microsoft Encrypted Drive
Custom Encrypted Drives
Open Technology
Previous Research
System Area
How Drives Work
Opel Standard
Previous Work
Demo
Miller Research
User Perspective
Forced Restart Attack
Soft Reset
Shorting Memory Pins
Triggering Crashes
Blue Screen of Death
Lenovo laptops
User options
Power cycle
Hot unplug attack
SATA extension
Key capture attack
Have I been hacked
TCG disclosure
Vulnerability notes
Impact of vulnerabilities
Questions
Taught by
Black Hat
