1 Reply Latest reply on Dec 15, 2011 11:21 AM by SafeBoot

    Wear Leveling on SSDs -- problematic to security?

      As I understand it, full disk encryption as deployed by EEPC encrypts every sector of the disk that is accessible to the OS.  If a system contains sensitive information and FDE is added, each physical sector of the disk is encrypted leaving no trace of the plaintext data.  At least that's how it seems to work with magnetic media.

       

      What about solid state disks using wear-leveling?  If sensitive data exists on a disk prior to it being encrypted, isn't there a probability that through various wear-leveling techniques the hardware/BIOS may report that each sector is encrypted when the reality is that certain sectors contain plaintext?  This is an issue identified by TrueCrypt: http://www.truecrypt.org/docs/?s=wear-leveling   Does McAfee EEPC do anything differently to avoid this issue, or does the same warning apply?

       

      Of course this has implications for securely destroying data on any SSD, regardless of encryption.

        • 1. Re: Wear Leveling on SSDs -- problematic to security?

          The probability of an issue like this with full disk encryption is low, as data equalling the entire published capacity of the device is written during the initial encryption phase, so given "perfect" wear leveling, every memory block would be refreshed.

           

          You are right though, that there's no way to validate the fact.

           

          On the up side, there's no way to read the blocks directly without disassembling the drive, and once you write more data following the encryption, you are again increasing the probability of an overwrite of Pre-encryption sectors.

           

          SSDs at the moment have no callable "zero" feature, though that may come in the future.