Microsoft BitLocker Security Will Not Rely on SSD Hardware Encryption Following Update 5m4x3i Technology News

The change follows a report that SSD manufacturers were not implementing hardware encryption adequately. 2s4z59

By Jamshed Avari | Updated: 1 October 2019 11:07 IST

Microsoft BitLocker Security Will Not Rely on SSD Hardware Encryption Following Update

Highlights

Research has shown that some SSDs have flawed hardware encryption
BitLocker will no longer rely on SSDs to implement their own encryption
Existing BitLocker volumes are not affected and will not be changed

ment

According to release notes Microsoft has published for the incremental KB4516071 update for Windows 10, the company will no longer use the hardware encryption capabilities built into some SSDs when the BitLocker security framework is enabled. Instead, Windows will apply its own software encryption. The change has been attributed by security experts to reports that major SSD manufacturers have not been taking adequate security measures with their implementations of encryption, resulting in potentially easy ways to by the security protections that s might take for granted. Microsoft is effectively taking control of the process, rather than trusting SSD manufacturers. The change will not affect existing BitLocker volumes. 48ki

As pointed out by the popular Twitter SwiftOnSecurity, the change comes almost a year after a research report published by Radboud University in the Netherlands revealed that some implementations of hardware encryption on an SSD can be defeated by simply using a manufacturer's master , or by intercepting the DEK (Disk Encryption Key) which itself is not cryptographically encoded. These processes can be used by an attacker to defeat an SSD's own security without needing to know the 's own encryption key.

The research report identified several popular consumer SSD models sold by Crucial and Samsung. The findings applied to internal as well as external SSDs, and the researchers stated that many more drives might be affected. Both companies have since released security patches that are said to address this issue.

As Microsoft by default allows SSDs to handle their own encryption. The company now seems to have changed its mind, and is taking control of the process, at least for newly created volumes.

Modern PCs can take advantage of specific instructions on newer Us that are designed to accelerate software encryption without creating significant overhead in of U workload. SSDs can be encrypted and decrypted on the fly, for most kinds of applications, negating the advantages of native hardware encryption.

s (or IT s) who wish to switch from hardware to software encryption will first have to decrypt their drives entirely and then re-encrypt them. As always, there will still be the ability to rely on hardware encryption, which s can take advantage of if they are certain that their SSDs are secure.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.