Security of Solid-State-Drive Encryption

Discussion in 'other security issues & news' started by longshots, Nov 6, 2018.

Thread Status:
Not open for further replies.
  1. longshots

    longshots Registered Member

    Joined:
    Oct 20, 2017
    Posts:
    100
    Location:
    Australia
  2. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    636
    "Basically, the cryptographic keys used to encrypt and decrypt the data are not derived from the owner's password, meaning, you can seize a drive and, via a debug port, reprogram it to accept any password. At that point, the SSD will use its stored keys to cipher and decipher its contents. Yes, it's that dumb."

    What the **** :eek:



    Sure, maybe this could be extremenly bad engineering...but on second thought...maybe this thing belongs to "unintentional" backdoor category.

    Just like the Ciscos five "unintentional" backdoors in five months this year...
     
    Last edited by a moderator: Nov 6, 2018
  3. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    636
    From that research paper under ATA Security:

    Yaaaaaaay!!!

    EDIT: And the fact that there is a such thing as master password in the first place....
    Nope, not a backdoor...just unintentional slip....
     
    Last edited: Nov 6, 2018
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    71,322
    Location:
    Texas
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.