[Cryptography] Security on TRIM for full-disk encrypted SSDs
Darren Lasko
dlasko at ieee.org
Wed Apr 20 15:12:53 EDT 2016
On Wed, Apr 20, 2016 at 1:52 PM, james hughes <hughejp at me.com> wrote:
>
> On Apr 19, 2016, at 5:03 PM, Valmiky Arquissandas <
> crypto-metzdowd at kayvlim.com> wrote:
>
> I understand at least some of the theory - encrypted information is
> supposed to be indistinguishable from random noise, and TRIM reveals
> patterns; and a plausible deniability scenario would probably be
> unacceptable.
>
>
> Can you please explain?
>
> Assuming reasonable encryption, I do not understand what patters are being
> revealed.
>
TRIM as supported in SATA devices has several flavors, see
https://en.wikipedia.org/wiki/Trim_(computing)#ATA. It's fairly typical
for SATA devices to return all 0's for any LBA that has been TRIM'ed.
Therefore, an attacker can read the entire drive, and make note of which
LBAs return all 0's. These will be the LBAs that are currently "not in
use" by the filesystem.
-Darren
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160420/1a5290fa/attachment.html>
More information about the cryptography
mailing list