How does full disk encryption cater for overprovisoned disk space in flash devices and can this result in data leakage?

FDE does not need to know anything about overprovisioning. If the partition is encrypted, no plain-text will ever be written anywhere. Blocks reserved for wear leveling will either have un-initialized random data, or encrypted blocks.

If you are using the encryption provided by the controller, encryption/decryption occurs inside the controller, so no plain text data is written on the blocks. If the encryption is done by the OS, the controller already receives encrypted data.


If you encrypt the disk from the start, when you first start using it, then this isn't a problem. All data you write is encrypted and remapped sectors just lead to encrypted data being remanent on the over-provisioned area. Since the data is encrypted, you can't do anything with it even if you recover it using direct flash reads on a disassembled SSD.

Furthermore, identifying where that data came from in the encrypted stream is particularly difficult, and since most FDE block cipher modes (e.g. XTS) include the sector number (or some other position value) as part of the initialisation vector it becomes exceedingly difficult to recover plaintext from those remanent sectors even if you are in possession of the FDE master key.

On top of that, most SSDs implement the ATA Secure Erase feature. This feature allows you to send a single command to safely erase the disk without needing to write over every sector. Overwriting sectors is costly as flash cells have limited write cycles. This feature works by transparently encrypting all sectors using a randomly generated key which is stored in the disk controller's nonvolatile memory. When you run the ATA Secure Erase command, the disk controller discards the old key and generates a new one. This instantly makes all data on the disk unreadable. As a side-effect, all over-provisioned areas are also encrypted this way, meaning that even without using your own FDE on the SSD the over-provisioned areas are still encrypted and difficult to recover even if you extract the Secure Erase master key from the controller's nonvolatile memory. If you later do a Secure Erase command, the overprovisioned areas become unreadable too.

Tags:

Ssd

Disk Encryption

Data Leakage

Sensitive Data Exposure

Related

Does the destruction of sensitive information limit the choice of hard drives to non-flash based devices? Why is Gbt3fC79ZmMEFUFJ a weak password? How do I monitor what a penetration tester is doing? How can SSH server know private key is incorrect if passphrase havent been provided yet? Is ssh with public key authentication, no passwords secure enough? Is there a way to make sure my government does not swap out SSL certificates? Can someone read my E-Mail if I lose ownership of my domain? A site supports Public key length of 256 bits while best practice is 1024+ - what does this mean? How does medium.com know my google account? Apparmor - how to 'allow everything' rule, then tighten up? MAC randomization for Bluetooth? How can WhatsApp do both targeted advertisement and end-to-end encryption?

Recent Posts