Explore the critical security weaknesses in hardware full-disk encryption of solid state drives (SSDs) in this 20-minute IEEE conference talk. Delve into the analysis of firmware from various SSD manufacturers, covering both internal and external models produced between 2014 and 2018. Discover how these vulnerabilities can lead to complete data recovery without any secret knowledge, compromising even BitLocker-protected data on Windows systems. Learn about the specification, design, and implementation issues affecting approximately 60% of the market, and understand why additional measures are necessary to protect data beyond relying solely on hardware encryption offered by SSDs.
Self-Encrypting Deception: Weaknesses in the Encryption of Solid State Drives
Overview
Syllabus
Introduction
What is self encrypting
Hardware vs software
Security guarantees
Encryption standards
Pitfalls
Methodology
Questions
Taught by
IEEE Symposium on Security and Privacy
