Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

My question relates to the hardware encryption of samsungs 840 Evo SSD (maybe al

ID: 659485 • Letter: M

Question

My question relates to the hardware encryption of samsungs 840 Evo SSD (maybe also other models):

The theory: Samsung specifies that their SSD encrypts each data with AES by default. So if I choose a HDD password in my bios, I can protect my whole disk (instead of encrypting e.g. my personal data folder later). If I understood it correctly, then using this hdd password, does not change the performance of the ssd, because the encryption happens anyway (with or without the hdd password). The only difference is that I have to enter my password when the BIOS starts.

This seems a pretty good security feature, because all data are protected (protecting e.g. against thiefs) and there is no perfomance gap.

Unfortunately, I do not find any information or tests confirming samsung's claim. Is it really so simple to use? Are there disadvantages?

And by the way? What is the relation to trusted computing? To be honest, I only heard bad things about this topic.

Explanation / Answer

I can confirm that the performance of hardware encrypted drives is much better than software encryption. In fact, I find software encryption hinders performance so much, it is almost unbearable to do "heavy lifting" like using virtual machines, compiling software, etc.

The design of these drives seems basically right. They're based on the password model like TrueCrypt, rather than the TPM model like BitLocker, which is fine - as long as you use a good password.

I don't have any reason to disbelieve Samsung's claims. However, I have not personally seen any direct evidence of their encryption. To check this would need some moderately serious work, as you'd need to remove the controller board from a drive and swap it for a non-encrypting one. Well, that's what you'd do for a hard drive, I don't know if that's possible for an SSD. Anyway, it's not something I will be attempting.

These kinds of drives have nothing to do with "trusted computing". BitLocker (Microsoft's disk encryption) stores the keys in the TPM, which is related to trusted computing. Opinions on this vary, and I have no inherent objection to TPMs, but for a drive that takes a BIOS password they are irrelevant.

Related Questions

My question is how do you turn the following output code i have into a proper on
Question #3640800
My question is how is value in percentage calculated what alpha needs to pay and
Question #2781303
My question is how to I get my program to return to the main menu after using ei
Question #3566282
My question is how to add an element to the beginning of the IntArray, moving fo
Question #3587473
My question is how to complete the Balance sheet. I have put some information on
Question #2459322
My question is how to pull data from the file given (data.txt) word by word to g
Question #3818618
My question is how would I calculate the present worth (PW) ofa future amount wi
Question #1229685
My question is in a sense a follow up of this post on Time Series in .Net. Ideal
Question #642217

Navigate

Previous
My question reads: How much work does the electric field do in moving a proton f
Next
My question was how would my style css would look. I need the style of the page

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.