Close

May 28, 2018

ATA Security Feature Set Guide With introduction to TCG Opal and SEDs with AES 256 Encryption

The US DoD, including all branches of the military, requires vast amounts of data to ensure operational efficiency and combat readiness.  Data must be protected regardless of how and where it is created, used, stored or transferred – physically and across networks.  All sensitive and top-secret data must be secure.

This paper provides a guide for the implementation and limitations of the ATA Security Feature Set.  It also provides an introduction to TCG Opal as an alternative to the ATA Security Feature Set and the requirement for SED’s (self-encrypting devices) equipped with AES 256 encryption.

ATA Security Feature Set

The ATA Security Feature Set is a set of commands which is part of the ATA specification. This feature set is used to allow the SSD to authenticate the user. It provides a password system to restrict access to data stored on ATA SSD devices.  If a user password is set in the BIOS of the system, this password must be provided each time the system is started before the system can access the data stored on the SSD.

Security Feature Set Commands

The ATA Security Feature Set provides the following ATA commands. These commands are also used by the BIOS (e.g. if passwords are set in BIOS to unlock a protected SSD during the boot process). These commands are divided into three categories:

Password manipulation commands

 SECURITY SET PASSWORD

The drive is initially usable. When a user password is set with the SECURITY SET PASSWORD command the drive is locked once powered on or after the hardware is reset.  In this locked state, it does not allow access to the data and accepts only a few commands such as Identify Device.

SECURITY DISABLE PASSWORD

Permanently deactivates the lock and makes the drive permanently usable. The drive accepts the command only in the unlocked state.   If the SSD is locked, it will not accept the command.

Access control commands

SECURITY UNLOCK

Temporarily unlocks the drive for normal use.  However, the safety function remains activated: After the next cold start, the drive is automatically locked again.

SECURITY FREEZE LOCK

The Security Freeze Lock command protects against unauthorized changes to the security settings of the SSD. This command is initiated from the BIOS of the host system. You can assign a password in the BIOS setup, which the BIOS then queries each time you power on the SSD.   Security Freeze freezes the security settings of the SSD, including the password

During the boot process, the BIOS unlocks the SSD for regular use, the BIOS then freezes the security settings so they cannot be changed.  It freezes the security settings and password before the operating system starts. This is to protect against operating system level attacks such malware which can change the security settings.  Once the SSD is powered on and is in a frozen state, it is impossible to carry out any further changes to the security settings and security state of the SSD

As an example you cannot secure erase a SSD which is in a “frozen” state.  BIOS protects the SSD if you have a password set.  The password and the frozen state of the SSD are controlled from the BIOS, not the operating system.

Media recovery command

SECURITY ERASE UNIT

This command tells the drive controller to irretrievably delete all the data on the device while taking the load off the CPU and PCIe bus by overwriting all addressable LBA sectors, mostly with null bytes. If DCO (Device Configuration Overlay) is running, that is, if the drive shows fewer sectors and therefore a smaller capacity than the maximum possible, and if it spoofs a different geometry to the operating system and the BIOS, then only this small area is cleared, because only this area is LBA addressable.

ENHANCED SECURITY ERASE UNIT

Ignores DCO (but does not reset it) and overwrites all sectors, including all de-allocated areas from the defects list with manufacturer-specific data. The defect list is a list of all sectors marked as defective and de-allocated in the past whose LBA addresses have been reallocated to reserved areas. The operating system cannot directly access these areas. Only the drive controller has access.  It does not reveal the contents, but it does delete them reliably.

 

Implementing ATA Security Key Management 

There are a number of tools for sending ATA commands depending on the operating system environment.  Some examples are STB Suite for Windows, customized programs, hdparm and smartmontools for Linux.

Since working directly with the BIOS can be difficult, it is recommended to use a third party tool like hdparm to activate ATA security and set both user and master passwords for the SSD. When working with the BIOS, you need to be aware of the limited allowable character set, the limited length, and the use of scan codes.

Hdparm  tool, which is included with almost all Linux distributions, lets you control the ATA security features by scripting or with manual commands. This section describes how you can control access to your SSD through ATA security using hdparm as a tool for sending commands.

The following figure shows the possible ATA security state transitions.

blog-pic-1
Fig.1 Example of state security transition of ATA Security Concept

To determine the security state of a SSD, a query with hdparm (e.g. hdparm –I /dev/sdb..) provides the initial security settings of the drive.

blog-pic-2
Fig.2 Initial ATA Security Setting – Features are not enabled

To prevent security-related manipulation of the SSD, such as disabling all I/O, either accidentally or by malware with root privileges, you can use the “Security Freeze” discussed earlier. It takes a hardware reset or power cycle to revert to the unfrozen state.

At root type: “# hdparm –security-freeze /dev/sdb”

blog-pic-3
Fig.3 Frozen Security State

To lock data, enable the security by “Security Set-Pass”

# hdparm –user-master u –security-set-passwd “Secret” /dev/sdb

security_password=”Secret”

/dev/sdb:

Issuing SECURITY_SET_PASS command, password=”Secret”, user=user, mode=high

The drive is now security enabled, unlocked, and not in a frozen state.

blog-pic-4
Fig. 4 Security Enabled State

The locked state is automatically enabled after reboot see Fig.5. The SSD does not allow any data I/O in this state until a “SECURITY_UNLOCK” command is issued stating the password.

blog-pic-5
Fig 5. Locked Security State

 

Secure Erase

The ATA standard supports the SECURITY_ERASE_UNIT command. This command tells the drive controller to irretrievably delete all the data on the device. The erase has two modes, normal and enhanced mode. The device must be in security enabled and unfrozen state (See Fig.4) to run the command. “SECURITY_ERASE_UNIT ATA” command is used to restore a drive to a pristine state.

# hdparm –user-master u –security-erase “Secret” /dev/sdb

security_password = “Secret”

/dev/sdd:

Issuing SECURITY_ERASE command, password = “Secret”, user = user

0.000u 0.000s 0:39.71 0.0% 0+0k 0+0io 0pf+0w

or

# hdparm –user-master u –security-erase-enhanced “Secret” /dev/sdb

 

Master Password

The master password can be used as a fallback if the user password is not known.

The initial master password is unknown to the user but can be overwritten by the first call of the “SECURITY_SET_PASSWORD” command, this time using the –user-master m switch:

# hdparm –user-master m –security-set-pass “UltraSecret” /dev/sdb

security_password=”UltraSecret”

/dev/sdb:

Issuing SECURITY_SET_PASS command, password=”UltraSecret”, user=master, mode=high

All security settings can then be disabled either with the user or with master password using the “SECURITY_DISABLE_PASSWORD” ATA command:

# hdparm –user-master [m|u] –security-disable “UltraSecret” /dev/sdb

The ATA standard specifies two different security levels that are defined when setting the user password. These levels also define the scope and capabilities of the master password: HIGH and MAXIMUM. HIGH is the default (LOW would mean no security features are enabled). Set the MAXIMUM security level as follows:

# hdparm –user-master u –security-mode m –security-set-passwd “Secret” /dev/sdb

security_password = “Secret”

/dev/sdb:

Issuing SECURITY_SET_PASS command, password=”Secret”, user=user, mode=maximum

The hdparm output reflects the new status Fig. 6. In this state, you can no longer unlock the device with the master password or directly disable the security features. If you do not know your user password, a transition from initial state (i.e. Fig. 2) requires a “SECURITY_ERASE_UNIT”, which will restore the device to a usable, pristine state.

blog-pic-4
Fig. 6 Security Enabled Maximum Level

It is important to remember that the HIGH security level is usually sufficient, and that devices should be frozen to prevent malware from changing the security settings – whether security is enabled or not.  For highly confidential data, the security level should be set to MAXIMUM. At this level, loss of the user password is equivalent to loss of data.

The ATA Security Features Set of modern ATA drives offer useful protection against unauthorized data access provided they are applied correctly.  It allows the user to configure the security level on the SSD so that the SSD will remain locked unless the correct password is provided.

 

Limitations of the ATA Security Feature Set

The ATA Security Feature set is a password system that restricts access to user data stored on a device. In addition, access to some configuration capabilities is restricted. The ATA Security Feature Set provides a simple password system for granting access to a device. While the use of ATA password security to accomplish authentication prior to access to the device is a well-known security method, there are several risks that need to be considered:

  • It does not protect the data through encryption, it only restricts access
  • If the media is separated from the device, the data is available for access

In addition the following are examples of spoofing or bypassing ATA security password:

  • While read/write operations to the drive are restricted, firmware updates are not. Illegal firmware may be available that can remove or disable the ATA passwords.
  • Hardware devices and software applications are readily available that can break the password through brute force, vendor back door passwords, and other techniques.
  • Data recovery services can obtain a copy of the unencrypted data through direct device observation.

 

Introduction to TCG Opal and SED’s with AES Encryption
An alternative to the ATA Security Feature Set

The ATA Security Feature Set commands are used to lock and unlock drives by using a password.  It was a widely used method to restrict unauthorized access to storage devices such as SSDs (solid state drives).

But after the introduction of SEDs (self-encrypting devices), the ATA Security Feature Set, became less popular.  The ATA Security Feature Set can still be used to manage SEDs, but it can be cumbersome and complicated because it lacks ease of integration and many management features such as the use of recovery keys, management across a wide enterprise,  and Single Sign-On (SSO) user authentication.

An alternative method to controlling access to SED/SSDs is to use the Trusted Computing Group (TCG) Opal Storage Specification. Opal is a defined standard specifically created to manage access to SED/ SSDs and to fully take advantage of AES 256 encryption.  Moreover, the Opal standard provides a richer set of features than the ATA Security Feature Set and is easily used in combination with pre-boot authentication software that implements encryption key management and SSO.

Note on SEDs and Opal – A SED (or Self-Encrypting Drive) is a type of storage device, such as an SSD, that automatically and continuously encrypts the data on the drive without any user interaction. This encryption process is done internally through the use of a unique and random Data Encryption Key (DEK) which is hidden and never leaves the SSD.  The DEK is used to encrypt and decrypt the data. Data written to the SSD is encrypted according to the DEK and decrypted when read and delivered to the system. SEDs, such as compliant SSDs, adhering to the TCG Opal standard specification implement key management via an Authentication Key ( The AK is the user-facing password which decrypts the DEK so the data can be decrypted and read).

The Opal specifications provide a scalable infrastructure for managing encryption of user data on the SEDs.  The protocols associated with management of encryption capabilities provided by Opal and its subset specs, Opalite and Pyrite, range from light to heavy, with scalability to meet even fuller featured capabilities.  Opalite and Pyrite were designed as an alternative to the ATA Security Feature Set.

Note on NVMe -In addition to supporting SED/ATA SSDs, the scalability of the architecture and solutions embodied in the TCG specification provides an ideal match for the scalability provided by the NVMe specification.  TCG Opal aligns with the security management interface for SED/NVMe SSDs.

 

Requirement for self-encrypting SSDs (SEDs) equipped with AES 256 encryption

When considering the inherent limitations and risks of the ATA Security Feature Set for protecting sensitive data, a more secure approach is needed.  If possible, it is recommended to implement TCG Opal and SED/SSDs which support AES 256 encryption. In addition to the management and integration benefits of using TCG Opal, AES 256 encryption provides additional security:

  • Encryption keys remain encrypted and hidden within the SSD and are never exposed to the host memory, processor, or OS where they can be compromised.
  • Encryption keys keep the SSD locked even if the SSD is stolen or intercepted and installed on another host.
  • New firmware cannot be loaded on a SSD locked by the internal AES mechanism.
  • The data stored on the SSD flash media is encrypted with AES 256 and is unreadable.
  • Brute force is theoretically impossible with AES 256 encryption.
  • Vendor back door passwords do not exist.
  • Performance of the computer is unaffected as the encryption is hardware-based, done by the SSD controller and not at the operating system level.
  • Encryption is always on and cannot be disabled or bypassed.
  • All operating systems, platforms, multi-boot environments are supported.
  • Encryption is maintenance and error free.  Host system upgrades, repairs, security patches, and breaches have no impact on the encryption performed and data stored inside the SSD.

Note on AES 256 encryption: The Advanced Encryption Standard is a standard ratified by National Institute of Standards and Technology (NIST).  AES is approved as the FIPS standard and is included in ISO/IEC 18033-3.  AES is the only publicly available cipher approved by the NSA for storage and communication of top secret data.  AES encryption is available in different levels.  AES 256 is the highest level used to protect top secret data.  AES utilizes multiple blocks of highly complex algorithms to scramble data.  An “encryption key – DEK” is needed to unscramble or decrypt the data so it can be used. Currently, no weakness has been found in AES. This means brute force is the only existing form of attack that can decrypt AES encrypted data. Brute force can also be described as the method of trial and error.  Every possible “key” is tried until the correct one is found.  As an example, this could take a trillion machines, testing a billion keys per second, two billion years to discover the correct key.

Conclusion

The ATA Security Feature Set provides a simple, BIOS level, password system for granting access to a device. While the use of ATA password security for authentication prior to device access is a well-known, it does not fully ensure that the data will be secure.  The host system of the SSD can be attacked at the BIOS level and the SSD can be accessed.  Since the data on the SSD is not encrypted and there is no SSD level authentication mechanism, it is relatively simple to bypass or spoof the BIOS and freely use any stored data on the SSD.

To ensure data stored on SSDs is more secure, it is recommend to use SED/SSDs, with AES 256 encryption in conjunction TCG Opal.   TCG Opal manages access to SEDs (SSDs).  It is defined standard specifically created to manage access to SED/SSDs and to fully take advantage of AES 256 encryption.  Moreover, the Opal standard provides a richer set of features than the ATA Security Feature Set and is easily used in combination with pre-boot authentication software that implements encryption key management and SSO.

Hardware-based encryption on SED/SSDs is the clear choice to secure and protect top secret DoD data. AES 256 encryption, the advanced encryption standard, has been ratified by National Institute of Standards and Technology (NIST) and is approved as the FIPS standard.  AES is the only publicly available cipher approved by the NSA for storage and communication of top secret data and currently has no weaknesses.

Contact your BiTMICRO representative to learn more about our SSDs with Opal compliance and AES 256 hardware-based encryption, military grade data erasure and sanitization, and verified rugged certification for all DoD applications requiring SSDs.

 

Writer: Zophar Sante, Business Development

Date: 5/28/2018

For all inquiries including, Sales Inquiries, please contact or call us:

Sales & General Inquiries:
+1 888-72-FLASH
Costumer & Technical Support:
+1 888-723-0123