Most are familiar with the issues surrounding SSDs where if you overwrite data it may not necessarily be gone due to wear leveling.
However if we previously have data on an SSD USB THEN encrypt the entire drive - is it possible there could be remnants of UNencrypted data due to wear leveling?
Most are familiar with the issues surrounding SSDs where if you overwrite data it may not necessarily be gone due to wear leveling.
However if we previously have data on an SSD USB THEN encrypt the entire drive - is it possible there could be remnants of UNencrypted data due to wear leveling?
Wear leveling or usage of overprovisioning?
Not exactly the same thing.
http//
jaclaz
However if we previously have data on an SSD USB THEN encrypt the entire drive - is it possible there could be remnants of UNencrypted data due to wear leveling?
Due to wear levelling? No. No data will be left unencrypted due to wear levelling.
WL only ensures that writes get distributed, so that the 'wear' on one 'block' is minimized. It does not necessarily mean that blocks disappear or get inaccessible. That's something else.
But if we drop that specific reason … as always, it depends. It depends on how the encryption is performed. I can immediately think of two main methods, but there may be others. One only encrypts blocks that are accessible through the main interface, the other *may* encrypt also blocks that are inaccessible through the main interface, but I know too little of the ATA specification to say definitely.
Count on a particular manufacturer doing as little as required by some standard, and probably even less. Count on there being faulty implementations.
Maybe it is a bit off-topic, maybe it is not… I had a test made with 2 encrypted SSDs.
During the Debian 8 install, when partitioning disks, I selected "Guided - use entire disk and set up encrypted LVM". After selecting this option, before the encryption would start, another process starts to fill the drive with random data. The documentation said that this would make the encryption harder to be cracked (well, not with these exact words, but yes).
I used the same long password with both disks. With the first SSD I let the process run and fill the drive with random data, with the second also brand new SSD I stopped this random filling process at the very beginning of it and continued the install process.
At the end I compared in hex view the disks, both containers looked similar, being filled with pretty random data.
If anybody got some deep analysis results about SSD encryption, including the effects of previously existing data or factory null SSD, OP or WL, I'd be interested to learn a bit )