For one chip they found that the KEK is stored in plain text in its EEPROM, making its recovery easy. In another chip, the KEK was stored in encrypted form, but it was encrypted with a hardcoded key that can also be extracted. For a third chip the KEK can be extracted from RAM using a vendor-specific command.
For one JMicron chip, the researchers managed to use a commercial data recovery tool to delete some bits from a drive's service area, completely unlocking the drive's data. This compromises the encryption without the need to recover any password or KEK.
For the two remaining chips that did not have authentication backdoors, the researchers determined that the data encryption key (DEK) was generated using poor sources of random data obtained from the host computer and a predictable on-chip random number generator.
For one bridge, the JMicron JMS538S, the researchers estimate the complexity to be at best 2^40, which, according to them, allows the DEK to be recovered in a few hours on a normal high-end computer. On an Initio INIC-1607E chip the complexity is 2^57, making DEK recovery harder, but within the reach of attackers with access to suitable hardware resources, the researchers said.
The firmware update process on the tested hard drives does not use cryptographic signature verification and can therefore be hijacked. This could allow attackers to implant malware inside the firmware to infect host computers or to add cryptographic backdoors. There is no easy way to recover from such firmware modifications, the researchers said.
Western Digital has been in a dialog with the independent security researchers regarding their findings for certain models of My Passport hard drives and is currently evaluating their observations, a Western Digital representative said via email. "We highly value and encourage this kind of responsible community engagement because it ultimately benefits our customers by making our products better."
Sign up for Computerworld eNewsletters.