Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs)
https://www.ru.nl/publish/pages/909275/draft-paper_1.pdf [www.ru.nl]
2018-11-05 21:52
We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. In reality, we found that many hardware implementations have critical security weaknesses, for many models allowing for complete recovery of the data without knowledge of any secret.
Everything is terrible.
This challenges the view that hardware encryption is preferable over software encryption. We conclude that one should not rely solely on hardware encryption offered by SSDs.
source: green