17

I have a fresh install of Ubuntu 18.04.1 on a Lenovo ThinkPad L480 with an Opal 2.0 compatible NVMe SSD inside. As far as I understand, the drive is always encrypted, but I need to set a password so that the encrytion key itself is also protected.

Questions:

  1. Is my assumption about the encryption correct?
  2. If so, how can I set that password?
vidarlo
  • 21,954
  • 8
  • 58
  • 84
hielsnoppe
  • 455
  • 3
  • 5
  • 13
  • 1
    Note that a lot of Opal drives has [severe vulnerabilities](https://www.ru.nl/publish/pages/909282/draft-paper.pdf), making the encryption less than useful. – vidarlo Feb 16 '19 at 15:31
  • @vidarlo Note that you referred to the infamous bullshit paper from Radboud University. Most of it is either plain wrong or long ago irrelevant. Good summary is in [On the Lies about Self-Encrypting Drives](http://www.privust.com/sedlies/). – ᄂ ᄀ Dec 21 '22 at 15:02
  • It's old, but the finding fits a pattern: little or no attention paid to security in developing hardware devices. – vidarlo Dec 21 '22 at 19:00
  • @vidarlo There is no pattern, only fantasies exaggerated for the sake and by the incompetent public. How exactly is encryption in Samsung SSDs vulnerable? How are potential vulnerabilities any different from those in software encryption? Show us the exploits. Even the 8-years old 850 EVO mentioned in the paper is not vulnerable to what they describe. They don't even understand that ATA Security has nothing to do with TCG Opal. – ᄂ ᄀ Dec 22 '22 at 09:10
  • Do you have any further sources that refute the findings? So far you've linked to an opinion piece, that *claims* the findings was moot. – vidarlo Dec 22 '22 at 09:13
  • @vidarlo Are you serious? Do you really expect me to fight Russell's teapot? You made a claim about the vulnerabilities. Provide proofs and exploits. That paper is not a proof. There are no findings in there as relates to 850 EVO and Opal 2.0. And most of the "findings" about Crucial disks are relevant to their engineers, not Opal 2.0. – ᄂ ᄀ Dec 22 '22 at 09:20
  • The paper shows a rather systematic problem where the authors managed to bypass encryption on a set of drives. In my opinion that is relevant when considering the same *class* of protection on other drives. Obviously it was relevant enough that Microsoft afaik disabled hardware based encryption by default as well... – vidarlo Dec 22 '22 at 09:26
  • @vidarlo What class of protection? Do you realize that the class of protection they were trying to dismantle is primarily TCG Opal 2.0? And that the described vulnerabilities has nothing to do with it? You may imagine some other class of protection, but please leave Opal 2.0 out of that. – ᄂ ᄀ Dec 22 '22 at 09:35
  • Let us [continue this discussion in chat](https://chat.stackexchange.com/rooms/141467/discussion-between-vidarlo-and--). – vidarlo Dec 22 '22 at 09:36

3 Answers3

10

Opal 2-compliant Self-Encrypting Disk Drives (SED)

The OP's initial understanding is correct:

  • An Opal 2 drive's contents are always encrypted via a factory-set media encryption key (MEK, also known as DEK).
  • Initially, the media encryption key is unprotected (otherwise you could not access the drive).
  • A password must be set to protect the drive. (The password actually encrypts the MEK.)

To correct and/or amend other postings on this topic:

  • There is no protection at all until an Opal 2 drive has been set up and a password has been set.
  • Opal 2 drives do not work with ATA passwords. They use their own pre-boot system (PBA) for unlocking (see below).
  • Vulnerabilities were found in some early SSD models (e.g. Crucial MX100/MX200/MX300, Samsung EVO 840/850, Samsung T3/T5), so these models should not be used with Opal 2 hardware encryption.

Low-Level Requirements for Setting up an Opal 2 Drive on Linux

Before using an Opal 2 SSD for secure full-disk encryption, it has to be set up:

  • A new media encryption key (MEK) should be assigned to be safe. (The factory-set MEK might be vulnerable, such as being dependent on the serial number.)
  • A password must be assigned.
  • Encryption ranges must be specified.
  • Special boot code, a PBA (a pre-boot authentication system), must be provided to unlock the drive.

On Linux distributions, a low-level utility (sedutil-cli) is available to provision and administrate Opal 2 drives. However, it is rather difficult to use directly. The PBA's provided along with sedutil-cli do not support international keyboard layouts or Secure Boot.

How To Set Up Opal 2 Drives on Ubuntu (and other Linux systems)

Relax and Recover (ReaR), a disaster recovery tool included in the repositories of many distributions, can create a bootable USB stick for setting up Opal 2 drives. It supports international keyboards, Secure Boot, booting via BIOS and UEFI, and a graphical screen for password entry on Ubuntu.

ReaR can be installed from the package repository (apt install rear) or in a user directory by downloading it from GitHub. (The GitHub version is more current.) The ReaR User Guide contains a section "Quick Start: Setting up Self-Encrypting Disks" explaining the process in 5 steps.

Oliver O.
  • 201
  • 2
  • 5
  • It sounds fairly complicated with lots of steps! – Porcupine Oct 11 '22 at 18:55
  • You subscribe to spreading lies about SED vulnerabilities, while the paper this information originates from is long known as mostly incompetent. If you insist there are vulnerabilities in hardware encryption in Samsung EVO 840/850, please refer to the corresponding exploits. – ᄂ ᄀ Dec 21 '22 at 20:37
  • This post should be marked as the correct answer. The part about "Relax and Recover (ReaR)" is hugely distracting though. [seduitl](https://github.com/Drive-Trust-Alliance/sedutil) is the only tool needed. A bootable 62MB busybox base. The Github repo contains all the guide to provision your Self-Envrypting-Drive. – Polymerase Aug 06 '23 at 03:38
7

The Lenovo ThinkPad L480 with an Opal supported SSD uses a Samsung "MZ-V6E500BW SSD 960 EVO NVMe M.2 500GB", 256GB, or an Intel "180GB Solid State Drive SATA3.2" OPAL2.0 M.2 drive depending on chosen options. Apparently the Intel SSDs have some management capabilities related to vPro that the non-Intel drives don't, such as remote wiping and the ability to enable/disable certain encryption modes.

It also seems that sometimes other drives, such as the Seagate 1200 Pro SSD, are used; so it's important when using Windows to know which drive is being used so you can visit the manufacturer's website.

Once you install a custom operating system you need to use the tools available for that OS. The two main ones for Linux are hdparm and sedutil, see my answer on UNIX and Linux Stack Exchange.

Additional information:

Samsung SSDs have software available to setup their operation, this only works for certain SSDs and operating systems, otherwise the default is no password and encryption is enabled.

For "Ubuntu 12.04 LTS and later" (source: user manual, DC Toolkit .PDF, page 10) the Samsung SSD DC Toolkit is designed to work with Samsung SSD products including PM863, PM863a, SM863, SM863a, PM963 non-customized, 860 DCT, 883 DCT, 983 DCT, 983 DCT M.2, and 983 ZET.

This software is not compatible with other manufacturers' SSDs, nor is it certain to work with other Samsung SSDs. It also has limited support for Windows Server 2012 R2, Widows Server 2016 RS1 (Version 10.0.14393), RHEL 5.7 up to 6.4 (6.4 and later has full support), and CentOS.

For Windows and Samsung SSDs the software used is called: "Samsung SSD Magician DC 2.0". Using a bootable USB drive with Windows and Samsung's Windows software is another, albeit inconvenient, option for setting up your SSD for use with another operating system.

The user manual for the Enterprise edition of the Magician software claims to only support Samsung SSD SM863 and PM863. The consumer version claims the Magician SSD management utility is designed to work with all Samsung SSD products including 470 Series, 750 Series, 830 Series, 840 Series, 850 Series, 860 Series, 950 Series, 960 Series and 970 Series.

In your circumstances you are probably best off using hdparm or getting sedutil setup.

Don't forget to set your screensaver to a short time and hibernation should also be brief if you want the encrypted drive to remain secure, see my other answer linked to above, a powered on encrypted drive is unlocked once it's successfully booted

A helpful article for Arch Linux explains ATA BIOS Passwords and sedutil with drives supporting Opal under Linux, it explains the need to set libata.allow_tpm. See also the Stack Overflow Q&A: "ATA Trusted commands - How to set libata allow_tpm" and especially Dell's article: "Encrypting Your Ubuntu Operating System Using a SED Hard Drive" where they explain a lengthy procedure (last modified: 01/02/2019 01:05 PM).

Rob
  • 278
  • 1
  • 5
  • 11
4

You are correct in that the encryption is always on. The data will automatically be decrypted once the system is booted. The keys that perform the encryption and decryption for the drive are embedded on a chip in the hardware itself. The secondary ATA password provides an additional level of security. Be aware that if that secondary password is lost, data recovery will be impossible.

Many self-encrypting drive producers provide software tools to enable users to create this additional password.

If you are interested the specification is here

Sources:

https://trustedcomputinggroup.org/wp-content/uploads/TCG_Storage-Opal_SSC_v2.01_rev1.00.pdf

https://www.ontrack.com/uk/blog/concepts-explained/what-is-the-tcg-opal/

https://www.esecurityplanet.com/network-security/The-Pros-and-Cons-of-Opal-Compliant-Drives-3939016.htm

Elder Geek
  • 35,476
  • 25
  • 95
  • 181