Wednesday, October 14, 2020

Samsung T7 Touch 1TB External SSD Drive security mode's security is questionable

 I just purchased a 1TB Samsung T7 Touch External SSD Drive. Main reasons were:

  1. Its hardware based AES-256 encryption capability.
  2. Its USB 3.2 connectivity and claimed max read/write throughput of about 1 GB/s
  3. Its looks
Regarding point 1, the Windows software version that comes with the drive and enables its security mode is buggy. It cannot self-update to the latest version, or tell you if there is one (although it supposedly supports self-update) and although it does work, the drive would freeze, and with it the whole explorer.exe process, after a few hours of continuous use, e.g. while copying over many gigabytes, or having Google Backup and Sync sync those many gigs to Google Drive.

Obviously, like this, the drive would be useless for power users while its coveted security mode is on. Thankfully, the latest software version, which you have to seek out, locate, download and install yourself, does fix the problem; once installed it downloads and installs the latest firmware to the drive which makes the drive work as expected, i.e. it is stable in long term use while security mode is on.

The implementation of its security mode, however, does leave a few serious doubts to those who are security conscious and technically akin to cybersecurity. When I  switched from security to non-security mode and after I disconnected and reconnected the drive I noticed that my files, previously copied over with security mode on, were still accessible as normal. So, how were they encrypted then? Security mode was off and I was never asked for a password when I reconnected the drive, so... This implies the following grim fact: The AES-256 symmetric encryption key is always the same, but probably unique per drive, and potentially known/recorded by Samsung. The are some subcases here - some grimmer than other:

  1. The AES-256 key is hardcoded and therefore potentially fairly easily accessible via hardware/physical attack by a person with some electronics expertise. This would mean that turning on the security mode and supplying a password merely saves your password in a non volatile register (maybe hashed or maybe even in plaintext, though the latter would be unthinkable for a company like Samsung - more to be expected by Chinese companies of the worse kind), the host software compares the password you supply, on each drive connection event, to the one in the register and then either allows files to be decoded by the hardcoded key and appear as available or not. Security-wise, this is a pretty bad predicament.
  2. The AES-256 key is recorded in a non-volatile register, initially in plaintext, but once security mode is turned on, it is encrypted, using an undocumented algorithm, with the user password as key or part of the key, and then re-recorded in the same non-volatile register in encrypted form. When security mode is turned off it is re-recorded in its plaintext form and I remember that the software does ask you for your password when you turn off security mode. This is better but does not change the sobering facts that:
    1. Samsung potentially knows and records the AES-256 key for each drive it puts out in the market.
    2. We do not know how good the key encryption algorithm and overall implementation of the encryption/decryption process is.
Considering the points above, using password only (instead of password & fingerprint) as a more secure option may not be worth not taking advantage of the convenience of the fingerprint unlock feature although if implementation of point 2.2 is good, living with the fact that Samsung may have to disclose your drive's key if you are involved in a major FBI international investigation is not as bad as knowing that some fingerprint sensor fidgeting may unlock your drive.

Regarding point 2, a host computer with a USB 3.0 bus will only give you half the maximum read/write speed of the drive (around 400/500 MB/s); to get close to the maximum speed of 1GB/s you would need a host computer with a USB 3.2 bus.

Regarding point 3, the drive's looks are obviously great.

Finally, here is a tip from Samsung itself on how to improve the drive's performance on Windows hosts.

No comments:

Post a Comment