Editor’s note: The following was originally published on the blog of Gillware Data Recovery. It was written by Scott Holewinski, President of Gillware Data Recovery and has been reprinted with permission.
We live in a safety net society. Forgot the password for your bank account? No problem. Answer a couple security questions and just like that your password is reset. Locked your keys in the car? Don’t worry. Call the automaker and they’ll unlock your doors for you.
When it comes to today’s technology, people assume there is always a way out. But when it comes to modern storage devices, data is likely stored in a completely encrypted format with an encryption mechanism that can’t be turned off. If the device fails or the user forgets their password, the data is lost forever. When I tell people this, their reaction is usually disbelief.
They say, “There must be another way in,” or “Can’t I call the manufacturer to unlock it?”or “There has to be something I can download that will decrypt it.” My answer is always the same, “No, and that’s by design.”
There is no gray area with self-encrypting storage devices. The data stored within is encrypted. You either have what it takes to decrypt and access the data, or you don’t. Period.
The Pros and Cons of Self-Encryption
For some users the fact that self-encrypting drives are completely secure and locked down is a selling point. For others, it is a completely useless characteristic of modern SSDs. Regardless of what side of the fence you fall on, it is important for you to understand the implications that self-encrypting drive technology have on the recoverability of your data in case the storage device fails.
Before you accuse me of blasphemy against the SSD gods, let me acknowledge that SSDs are no doubt more reliable than HDDs. With no moving parts, there are simply fewer failure points present on an SSD compared to an HDD. That being said, like any other complicated electronic device, SSDs can and do fail.
At Gillware, we see customers looking to recover data from self-encrypting SSDs every day. In rare situations, the SSD failure is caused by a discrete electrical component like a resistor, fuse or capacitor. However, in the vast majority of cases, the issue has to do with an unexpected error occurring within the SSD’s operating system. In other words, the code responsible for running the SSD encounters a condition that the software developer didn’t anticipate and the device becomes inoperable.
Recovering data from devices in this state is extremely difficult and in most cases impossible because of the self-encrypting technology employed by modern SSDs. Self-encrypting devices have been around for quite some time, but they have become more prevalent as SSDs become the primary storage device in many of today’s computing applications.
The vast majority of SSDs being sold today are self-encrypting in order to comply with the Trusted Computing Groups (TCG) Opal specification. The Opal specification is designed to “protect the confidentiality of stored user data against unauthorized access once it leaves the owners control.” The specification includes guidelines aimed at protecting user data during normal day-to-day operation as well as end-of-life processing. Most industry experts predict that in the next couple of years, 100% of the SSDs being sold will be self-encrypting.
So what exactly does it mean for an SSD to be self-encrypting and how does it work?
Let’s think of a self-encrypting SSD in terms of a bank vault. When you save a file, your computer stores it on the SSD, like depositing money in a bank vault. For the purposes of this example, let’s assume that the walls of the vault are completely impenetrable and the only way for money to get in or out is through the vault door. No matter how secure it is, the vault door is rendered totally useless unless someone remembers to lock it.
The primary storage media within an SSD is a number of NAND flash memory chips, usually eight or 16. These chips are thin black rectangular wafers about the size and thickness of a couple of quarters laid side by side. Collectively, the NAND flash memory chips comprise the bank vault in which your files are stored. The last thing we need to understand is what serves as the vault door on an SSD. How does data travel in and out of the NAND flash memory? The answer is the SSD controller.
The controller is arguably the most critical component on a self-encrypting SSD. Without the controller, it’s like putting a brick wall over the opening to our bank vault. The controller has a lot of different duties, but the two most critical are handling the authentication of the device at boot-up and all of the encryption operations.
Authentication is like locking and unlocking the vault door. After the SSD is authenticated, the vault door is open and data can flow in and out, being encrypted or decrypted as it comes and goes. On most self-encrypting SSDs, users can choose to set a boot-up password that must be entered to unlock the device. A properly authenticated drive is completely unlocked, and unencrypted data can be accessed from any computer the device is plugged in to.
Under Lock and Key
There are a handful of key takeaways from this rather verbose explanation of the inner workings of a self-encrypting drive:
- The data on a self-encrypting drive is always being stored in an encrypted format, but the data is only truly secured when the user sets an authentication password which locks the device.
- The SSD must be properly authenticated in order to access unencrypted user data.
- The authentication of a self-encrypting drive may be controlled with a user-defined password entered at boot-up prior to the OS loading. Alternatively the user can choose not to set a password, but in this case the data stored on the device can be accessed in an unencrypted format from any computer.
- The SSD controller literally and figuratively holds the keys to the kingdom. Without the controller, the data may be accessible through various means, but only in an encrypted format. This holds true regardless of whether or not an authentication password has been set.
Now that you have a fundamental understanding of how self-encrypting drives work, it should be fairly clear why the failure of a self-encrypting device is so catastrophic from a data recovery standpoint.
The Future of SSD Data Recovery
This raises a number of important questions about the future of storage technology. Is it possible to build storage devices that are both secure, but also allow for data recovery in case the device fails? Does the safety net society that we have all become accustomed to end with self-encrypting SSDs?
For the vast majority of self-encrypting SSDs being manufactured today, there is still no safety net possible in the way of recovering data from a failed drive, but Gillware is working hard to change this. The key to finding a solution is cooperation between data recovery labs, SSD manufacturers and security organizations like the Trusted Computing Group.
Gillware has been working hard to bring members from all three groups together for more than five years and these efforts are starting to pay off. In 2012, with support from a major SSD manufacturer, Gillware successfully recovered data from a self-encrypting SSD for the first time. Although the number of self-encrypting SSDs Gillware can recover data from is still very limited, the number is growing. With ongoing support from the SSD industry, Gillware is confident that this trend will continue.
To learn more about how Gillware recovers data from failed SSDs, visit them on their website.
Top photo credit: hpbladesystems via Wikimedia