Unsolved
This post is more than 5 years old
3 Posts
0
4462
October 21st, 2018 08:00
hardware encryption nvme ssd for a system disk
Hello everyone, are there any owners of nvme ssd samsung 950/960/970?
Has anyone been able to enable hardware encryption for a system disk using a bitlocker?
I read this topic here https://us.community.samsung.com/t5/Memory-Storage/HOW-TO-MANAGE-ENCRYPTION-OF-960-PRO/td-p/66475 and it says that it’s not like will work.
But there is a chance that our bios supports it. Has anyone been able to set up hardware encryption?
0 events found
No Events found!
jphughan
11 Legend
•
14K Posts
•
79.9K Points
0
October 21st, 2018 08:00
There are multiple variations of hardware encryptions. The most common is Class 0 where an HDD password is used for the encryption, but Dell systems don’t support that on NVMe SSDs. I don’t know why, but they have a KB article about it. However, Class 0 can become a real problem if you ever need to recover data from another system.
Hardware encryption with BitLocker, called eDrive, requires prepping the drive in advance. Last I checked, basically that involves installing Windows normally, then installing Samsung Magician and running the prep routine, which includes immediately wiping the drive — then you install Windows again and enable BitLocker. I’ve personally just stuck to BitLocker software encryption because CPUs for the last decade have included hardware acceleration for AES endryption operations that means software encryption can be used with no performance penalty even with NVMe SSDs.
PajaBeny
1 Message
0
February 2nd, 2019 01:00
I have the same problem with Samsung SSD 970 PRO. I didn't found any solution for my Dell G5 15 Gaming (5587). I use BitLocker with software encryption :smileysad:
jphughan
11 Legend
•
14K Posts
•
79.9K Points
0
February 2nd, 2019 07:00
That may not have turned out to be such a bad thing, based on a recent discovery by security researchers that hardware encryption on Samsung and Crucial SSDs they tested could be easily bypassed. Granted, the specific SSD models listed above weren’t tested, but on the other hand the researchers found major problems in 100% of the SSDs they tested, which doesn’t bode well for the others. Here’s one of many articles about their research: https://www.tomshardware.com/news/crucial-samsung-ssd-encryption-bypassed,38025.html
And again, software encryption carries no performance penalty here, so it’s just not an issue. Lastly, have you ever looked into how you would secure erase a hardware BitLocker drive? Microsoft says to check with the SSD vendor for a tool, and Samsung says to check with Microsoft if you’re using BitLocker. Nice, right?