This discussion is locked
1 5 6 7 8 9 Previous Next 124 Replies Latest reply: Feb 26, 2013 10:56 AM by LS1 Go to original post RSS
  • 90. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    Currently Being Moderated

    Hi, I have two computers old Acer 1810tz and new sandy bridge HP 6560b. I bought intel 320series SSD 120GB for both of them.

    But when I enable (and also change) the HDD password in the Acer 1810tz computer the SSD drive stops working and I have to replace the drive in the shop.

    The problem is known and described here: http://www.intel.com/support/ssdc/hpssd/sb/CS-030724.htm

     

    My question is: Is it safe to use the HDD password for encryption with the HP notebook (new sandy bridge platform)?, or should I wait for new drive firmware?

  • 91. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    Currently Being Moderated

    Hi,

     

    thanks for all the information given here - but I'm hanging at some question:

     

    If I've installed my OS on a 320 without HDD-Pass all data is encrypted, ok. Now I want to enable a password. Is it possible to enable the HDD-Pass in this situation without loosing all data? afaik I'm not able to CHANGE the HDD-Pass later on, but can i SET it without loosing data?

     

    If I want to CHANGE it later on, in my understanding I've to do a full backup, secure erase the device and set a new pass, am I right?

     

    I imagine, the same is true if I want to DISABLE the pass?

     

    What happens, if I enable the pass and start hanging in a reboot loop as  somenone wrote here? Same answers as the two questions above?

     

    I read about the different kind (master, user or so) kinds of passes. In my Bios there's onle one pass per HDD. Does this have any security impact?

     

    How does the process of secure erasing and deleting the existing HDD-Pass (I don't mean the aes-keys, I've understood this process) work (aim: getting a "factory state" ssd without hdd-pass)? Giving the right pass in the bios, booting from a different drive, doing secure erase with intel ssd toolbox? What is the thing with disconnecting and connecting the drive (secure lock?), is this needed? How can I enable/disable the "secure erase lock" (my words)?

     

    Very specfic question: Does anyone now if HDD-pass works fine with a dell T3500 workstation (Intel ICH10R, possibility to set HDD-Pass in bios exists for every drive)?

     

    I'm really happy for any hint!

     

    Thanks,

     

    marte

  • 92. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    Currently Being Moderated

    SSDelightful wrote:


    4.   In order to provide the absolute best security possible, there are no available password recovery solutions.  If you lose or forget your ATA User Password and Master Password, your SSD will remain locked without access to read, write, or erase any data within the device.  In this case, your SSD and your data are lost, and cannot be recovered by Intel.

     

     

    This partially only answers the question I posed... http://communities.intel.com/thread/23113

     

    How do we acquire the Master Password?  I'm pretty certain that most of us do not change this and unless I'm mistaken, this would enable us to unlock the drive even if the User Password has been lost or damaged.  Presumably, this is something that should be included with each drive, or provided upon request from Intel Tech Support.

     

    FWIW:  this is becoming a key issue for my company.  I love Intel products, but Intel's implementation of the ATA Password functionality and accompanying toolset does little more to protect the data than the competition, but the implementation + toolset does creates a significant risk of the total loss of the investment in the locked drive.  Like me, I doubt any of the original posters of these threads are thieves, but instead simply trying to recoup their investment.

     

    http://communities.intel.com/message/126101
    http://communities.intel.com/message/108267
    http://communities.intel.com/message/129571
    http://communities.intel.com/message/116558

  • 93. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    Currently Being Moderated

    The Master password is random generated during the Secure Erase procedure. Security ATA Extension requires this password to be set. User can change it of course but one can execute SE even without it using intel SSD Toolbox. That's an equivalent of using MP in Max Security Mode. Unless you want to have two passwords to unlock the same drive Master Password is not needed in intel's implementation.

    I wouldn't trust a solution (especially in safety critical tasks) which has not got any widely recognizable security certificate. AFAIK intel 320 hasn't (yet).

  • 94. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    Currently Being Moderated

    The Master password is random generated during the Secure Erase procedure. Security ATA Extension requires this password to be set. User can change it of course but one can execute SE even without it using intel SSD Toolbox. That's an equivalent of using MP in Max Security Mode. Unless you want to have two passwords to unlock the same drive Master Password is not needed in intel's implementation.

    I wouldn't trust a solution (especially in safety critical tasks) which has not got any widely recognizable security certificate. AFAIK intel 320 hasn't (yet).

     

    Excellent points, of course, which further support my ("Guest") comment above.

     

    The Master PW is set by Intel at time the drive ships -- even if only randomly generated.  Like the drive's serial #, it would be effortless for Intel to record this and release it only to a registered/verified owner.  Frankly, if my bank will accept a few security responses from me to access my bank account over a phone, the same measures could be provided by Intel, but are (apparently) not.  The Intel SSD drive ships ready to use, so unless (and until) a user performs a Secure Erase, the Master PW remains the same.  This is the case with the drive of ours that I discussed and have.  Again, neither I, nor likely the other OP's of the threads I quoted above are thieves, but are instead victims of a Intel's implementation of the ATA Password functionality.

     

    Lawful users of licensed/purchased products should bear the responsibility for data loss, but there's no reason for us to lose the value of our SSD investments, at least as long as other competitors provide products without this risk.

  • 95. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    Jean-Michel Community Member
    Currently Being Moderated

    Hello,

     

    This is my first Post on the mailing list. My name is Jean-Michel Pouré and I am the director of GOOZE, a security company offering smartcards and security tokens.

     

    For our work, we need to secure store some valuable information on servers disconnected from the network. Presently, we are using GNU/Linux with lvm encryption. I bought an Intel 320 SSD with 40 GB of RAM to do some testing under Windows 7 (a system we have nearly 0% trust into) and try to find a solution for customers.

     

    I think we could easily defeat Intel 320 SSD AES encruption, here is how:

     

    1) Our motherboards are ASUS. The system is Windows7. We installed ASUS Flash update, which is a Windows program.

    2) We set up user and admin password in BIOS. The only way to boot and/or access BIOS is to enter a password.

     

    So far, so good, is your system protected? No, here is how:

     

    3) We booted into recovery and flashed the BIOS using ASUS Flash update, with option "reset BIOS to default". You could also buy an ASUS motherboard and transfer the SSD (which we did not do). Or remove the battery from the motherboard (which we did not do).

    4) After reboot, we could access BIOS without admin password. We simply changed the user password and it installed the new password into the Intel SSD!

    5) We rebooted with the newly user created password.

     

    Intel 320 SSD are not secure product, as in most BIOSes the password is not protected by a passphrase.

     

    Under Windows 7, the solution is to use an extra security software level, like using truecrypt with smartcards.

    Check this tutorial for example: http://www.gooze.eu/howto/truecrypt-smartcards-and-security-tokens-howto

     

    We welcome any information allowing us to secure the SSD completely, even changing motherboards.

     

    We are now testing a more complicated setup:

    * Windows system partition encrypted using truecrypt passphrase, from boot.

    * Home partitions encrypted using truecrupt and security tokens.

     

    Kind regards,

    Jean-Michel Pouré

  • 96. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    DesktopMan Community Member
    Currently Being Moderated

    From your post it seems you only set the BIOS password. This will not set an encryption passphrase in the SSD, you would have to set an ATA password for that.

  • 97. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    Dwarf Community Member
    Currently Being Moderated

    Please please please explain why Intel stores ATA password hashed???? Ok, I can admit that Intel 320 stores AES key in controller and do not encrypt this AES key with ATA password. It's the only way to deal with ATA standard "reset-user-password-with-master-password" scenario, it wouldn't be possible to reset user password with master password if FDE AES key was encrypted by this user password. And ok, Intel claims that controller chip satisfy FIPS 140 standard so no one could recover this AES key from it. But in this case why Intel stores ATA password hashed in SSD controller?? This two statement set me to think.... and one of them definitely should be wrong.

  • 98. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    curiouscat Community Member
    Currently Being Moderated

    I have read through this thread. It is pretty interesting. Even more interesting is what isn't answered. The ATA password is stored as a hash on the drive. What hash? Are you storing as an md5 hash? This is really the question that matters. SSDelightful's last reply was about eight months ago but hopefully he can chime in here.

     

    What I would like to do is what has been described where you can use hdparm to set the passwords. Set them as random characters and then you should have a layer of security where those passwords are needed for decryption on each boot. Is that correct? Is it that we cannot choose the AES key or that we cannot choose the key that encrypts the AES key?

  • 99. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    Gouge Community Member
    Currently Being Moderated

    I have recently bought the 80GB 320 and I am still trying to get a simple answer to the FDE passwrd question and think it would be very helpful if the answer were included in the HD manual and the FAQ.

     

    If, as is the case, my pc has a bios and an HD password and I set both of these when installing the SSD, have I in fact set up the bespoke password FDE, or do I need to , as the pdf intel guidance suggests, use the toolbox to then do a new secure erase on the same PC.  It's just that the tablet PC in question only has one sata connection meaning that any secure erase would have to happen on a desktop PC with no HD password option.

     

    Basically a simple step by step answer to how to set it up would be apprciated.

     

    I have assumed up until now that by setting an HD password in the Bios on first using the drive that the FDE is encrypted with reference to the HD password that was set but am increasing believing it isn't.  I am of the thinking that in order for the HD password to be relevant to the encryption of the drive a password has to be in place.

     

    Everyone just seems to be discussing the security levels provided rather than trusting that a described method does achieve a reasonably robust level of data security.

     

    TIA

     

    G

  • 100. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    curiouscat Community Member
    Currently Being Moderated

    [quote]I have Asrock Z68 Extreme4 and cannot boot if password protected  intel SSD is connected to any of the SATA ports of the chipset ATA  controller. The board locks in endless boot loop. I have to hotplug the  drive to make the whole thing work. If the drive is password unlocked or  security disabled motherboard boots without any problem.

    UEFI in Asrock's case do not work with password protected drives!

    Will try Asus P8Z68 Pro next week.[/quote]

     

    Pit you never posted your results from the Asus P8Z68 PRO. Were you able to use the Intel SSD drive with that board? Asrock is a subsidiary of Asus so I'm thinking no but I'm curious. I also have that board and I am considering purchasing an Intel 320 SSD once my questions are answered.

  • 101. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    mojo Community Member
    Currently Being Moderated

    I have checked this entire thread and the situation still isn't clear. It sounds like the Intel SSD encryption is totally insecure, despite what SSDelightful says.

     

    The password is stored as a hash. That strongly suggests that it is not being used for encryption. If it was then hashing it would be pointless and a security risk. Despite what SSDelightful said hashes can be cracked, particularly by dictionary attacks. Normally when used for encryption you don't store the password, you just use it to decrypt the key used for the actual on-disk encryption and see if it works or not. That takes considerably longer to do that a mere hash. So either Intel's implementation is very poor or the ATA password is not used as part of the encryption scheme in which cause it is worthless.

     

    To be fair to Intel they are not alone. Sandforce's implementaton is similarly flawed and pretty much worthless. It might go some way to preventing forensic analysis of the flash memory directly but if the user's password is not used as part of the encryption then it is highly vulnerable to having said password recovered via dictionary attack or even rainbow tables if it isn't salted. It may even be possible to remove the password via software, e.g. Sandforce controllers can be firmware updated to remove the password in some cases and all data becomes accessible.

     

    Can anyone actually confirm that Intel is doing it right? It seems like Intel needs to get their products independently audited to confirm their security because until then we can't rely on it.

  • 102. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    ChemicalX Community Member
    Currently Being Moderated

    @mojo

    1. The use of a password hash doesn't mean the protection is insecure.  In Microsoft's BitLocker encryption, SHA-256 is used to generate a hash from the user's PIN, and the first 160 bits of this hash (plus the TPM protector) are used to "seal" (encrypt) the volume master key (VMK), which in turn encrypts the full volume encryption key (FVEK).  The ATA password hash in the Intel 320 series SSDs is probably used to protect the volume encryption keys in a similar way.

    2. The length of the password and the strength of the hash algorithm are probably sufficient to prevent reconstruction of the password from the hash.

    3. The ATA password hash is probably stored in a "host-protected area" on the SSD.  According to AIDA64 Extreme Edition, my Intel 320 SSDs have a host-protected area and it is enabled.  This should interfere with an attacker's efforts to find and read the hash.

    4. If it is possible to create a firmware update that removes password protection without the user's authorization, and it may not be, Intel has every reason not to create or release it.

    5. I would not say it seems that Intel's SSD encryption is "totally insecure", as you suggest, but it is important to know how Intel protects the ATA password from attacks.  My points 1-4 above are only speculations.  And if a long and/or complex password is needed to protect against attacks with rainbow tables, we should be told that, too.

    6. I am responsible for protecting confidential information under HIPAA regulations.  As I gradually move our desktops and laptops from BitLocker to Intel 320 series SSDs I would like to know that Intel's implementation of a self-encrypting drive is as secure as it should be.

  • 103. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    ryan29 Community Member
    Currently Being Moderated

    Guest wrote:

     

    You can use hdparm utility in linux to unlock ATA-passsword protected drive (ssd included).

    Just boot from a pendrive with one of those micro-small linux distributions (ttyLinux, tinycore, microcore, DSL) and issue:

    hdparm --user-master u --security-unlock <pas> /dev/<your_drive>

    inside your script which asks for password first...

    and then, reboot. Security state of the disk is preserved during the warm reboot.

    Not the most elegant solution as it requires additional restart but you can automate it mostly thanks to grub's fallback function.

    And it could be fast. Small, good configured linux can boot in 5 seconds.

    One can live with that.

     

    I tried this with a Gigabyte P35-DS3R motherboard and have a few tips for anyone else that wants to try:

     

    1) Try it with a live CD before putting any effort into it.  The Ubuntu Live CDs have fairly new versions of hdparm.

     

    2) Your BIOS may put the drive into 'frozen' mode even if it doesn't support ATA password.  Use 'hdparm -I /dev/sd[your drive]' to check.  If your BIOS does this you probably have to hotplug the drive get access to it in unfrozen mode (hotplug at your own risk).

     

    3) The BIOS for your hard disk controller might have trouble querying the drive once it's locked.  Mine did.  Imagine this (http://www.youtube.com/watch?v=y7Qhu1mYdYI), but with an extra 5-10 seconds while it has trouble detecting info for the locked drive.  Edit: I just tested this again and it's closer to 30 seconds to timeout and, for some reason, won't let my machine fail over to the next boot device in the list.  If you have the same board as me, don't waste your time.  You can use the Gigabyte AHCI controller, but it benchmarks much slower for me.

  • 104. Re: Intel 320-series SSD and FDE (Full Disk Encryption) questions...
    mojo Community Member
    Currently Being Moderated

    @ChemicalX, I don't think you appreciate the implications of what you are saying. If the password hash is stored anywhere then it is insecure, in that it can be cracked with some (perhaps considerable) effort. Take all look at the Truecrypt docs, particularly the section "Header Key Derivation".

     

    That being the case then the encryption scheme is broken. There is a severe security flaw that allows an attacker to break it with consdiderably less effort than should be required, an amont of effort that an ordinary person with a high end graphics card can muster in a few weeks or months maximum. If they didn't properly salt it then it might even be crackable in seconds via rainbow tables, but I'll give Intel the benefit of the doubt there.

     

    Of course it depends who your attacker is. The average computer theif might not bother, but if you keep corporate secrets on your laptop or are at risk from oppressive regeims you had better not rely on it. I think SSD manufacturers have rushed to add secure sounding AES encryption because Sandforce did it, but it isn't actually anything like as secure or useful as it sounds.

1 5 6 7 8 9 Previous Next

More Like This

  • Retrieving data ...

Legend

  • Correct Answers - 4 points
  • Helpful Answers - 2 points