I'm working on encryption techniques on SSD's and my question is: does the erase before write architecture of SSD's has anything to do with the encryption technique?
What are the problems I might face on implementing hard drive encryption to SSD's?
I'm working on encryption techniques on SSD's and my question is: does the erase before write architecture of SSD's has anything to do with the encryption technique?
What are the problems I might face on implementing hard drive encryption to SSD's?
The whole idea of encryption is that it is meant to bring you confidentiality regardless of how the physical media is managed. Details about how a bit is "erased" (or fails to be erased) is relevant to security; encryption is about getting said security without having to bother with those details.
It turns out that data on a SSD is a fickle thing and it is hard work to track out all the places where it goes; see this question for details. This just emphases that encryption is the only sure method to keep the data confidential.
Disk encryption on a SSD is not different to disk encryption on a "classical" magnetic disk. Their interface is identical: accesses by indexed 512-byte sectors. This does not make SSD encryption simple, only not harder. Disk encryption is by itself a complex problem: it must handle random access (both for reading and writing), be fast (disks have a huge bandwidth), be integrated in the operating system, and should resist active attackers who can shut down the machine, swap some sectors, and power it on again.
Here is one problem that you could have:
Let's say you have a file on your SSD ... it is physically located at address P1 which is currently mapped to the logical address L1.
Now you want to encrypt this file, and replace the plaintext with the ciphertext.
Neither reading the file from L1, nor encrypting it with some standard cipher like AES is a problem.
But now it comes to writing the ciphertext back to the SSD.
Since a SSD has a limited amount of write cycles before the device will fail, there are some wear leveling approaches to extend the lifetime of the SSD. The effect is that you can't be sure, that writing to a logical address twice will result in two writes to the same physical address.
so it could happen, especially if your file is small, that the encrypted file that is written to the logical address L1 will not be written to the physical address P1, but P2. In this case the unencrypted file would still be located at P1.
You wouldn't be able to access that address by usual means, since the SSD will work on logical addresses and let the firmware decide what physical address should be referenced, but this could be a potentially epic security fail if someone reads that file directly from the physical address (direct physical access to the memory chip, different firmware, special firmware specific commands to access physical addresses, etc)
Or if you are talking about encrypting the whole disk, you could be facing the same problem from a different point of view:
Let's say you encrypt everything with a key that is encrypted with a password and stored on that same SSD ...
Now you want to change that password, but keep the key so you don't need to reencrypt the whole disk.
Normally you would read the key, decrypt it with your old password, encrypt it with the new one, write it back.
But now you can't be sure that you will overwrite the old key, so there could still be that old key, encrypted with the old password stored on the SSD.
If you changed the password because someone knows it, changing the password may not be sufficient to ensure that only you can access the encrypted disk.