There are multiple variations of hardware encryptions. The most common is Class 0 where an HDD password is used for the encryption, but Dell systems don’t support that on NVMe SSDs. I don’t know why, but they have a KB article about it. However, Class 0 can become a real problem if you ever need to recover data from another system.
Hardware encryption with BitLocker, called eDrive, requires prepping the drive in advance. Last I checked, basically that involves installing Windows normally, then installing Samsung Magician and running the prep routine, which includes immediately wiping the drive — then you install Windows again and enable BitLocker. I’ve personally just stuck to BitLocker software encryption because CPUs for the last decade have included hardware acceleration for AES endryption operations that means software encryption can be used with no performance penalty even with NVMe SSDs.
I have the same problem with Samsung SSD 970 PRO. I didn't found any solution for my Dell G5 15 Gaming (5587). I use BitLocker with software encryption :smileysad:
I have the same problem with Samsung SSD 970 PRO. I didn't found any solution for my Dell G5 15 Gaming (5587). I use BitLocker with software encryption :smileysad:
That may not have turned out to be such a bad thing, based on a recent discovery by security researchers that hardware encryption on Samsung and Crucial SSDs they tested could be easily bypassed. Granted, the specific SSD models listed above weren’t tested, but on the other hand the researchers found major problems in 100% of the SSDs they tested, which doesn’t bode well for the others. Here’s one of many articles about their research: https://www.tomshardware.com/news/crucial-samsung-ssd-encryption-bypassed,38025.html
And again, software encryption carries no performance penalty here, so it’s just not an issue. Lastly, have you ever looked into how you would secure erase a hardware BitLocker drive? Microsoft says to check with the SSD vendor for a tool, and Samsung says to check with Microsoft if you’re using BitLocker. Nice, right?
jphughan
9 Legend
•
14K Posts
0
October 21st, 2018 08:00
There are multiple variations of hardware encryptions. The most common is Class 0 where an HDD password is used for the encryption, but Dell systems don’t support that on NVMe SSDs. I don’t know why, but they have a KB article about it. However, Class 0 can become a real problem if you ever need to recover data from another system.
Hardware encryption with BitLocker, called eDrive, requires prepping the drive in advance. Last I checked, basically that involves installing Windows normally, then installing Samsung Magician and running the prep routine, which includes immediately wiping the drive — then you install Windows again and enable BitLocker. I’ve personally just stuck to BitLocker software encryption because CPUs for the last decade have included hardware acceleration for AES endryption operations that means software encryption can be used with no performance penalty even with NVMe SSDs.
PajaBeny
1 Message
0
February 2nd, 2019 01:00
I have the same problem with Samsung SSD 970 PRO. I didn't found any solution for my Dell G5 15 Gaming (5587). I use BitLocker with software encryption :smileysad:
jphughan
9 Legend
•
14K Posts
0
February 2nd, 2019 07:00
That may not have turned out to be such a bad thing, based on a recent discovery by security researchers that hardware encryption on Samsung and Crucial SSDs they tested could be easily bypassed. Granted, the specific SSD models listed above weren’t tested, but on the other hand the researchers found major problems in 100% of the SSDs they tested, which doesn’t bode well for the others. Here’s one of many articles about their research: https://www.tomshardware.com/news/crucial-samsung-ssd-encryption-bypassed,38025.html
And again, software encryption carries no performance penalty here, so it’s just not an issue. Lastly, have you ever looked into how you would secure erase a hardware BitLocker drive? Microsoft says to check with the SSD vendor for a tool, and Samsung says to check with Microsoft if you’re using BitLocker. Nice, right?