[dm-crypt] Prepare SSD for encrypted linux install

Merlin Büge toni at bluenox07.de
Wed Nov 8 18:36:32 CET 2017

Hello all,

I want to use an SSD (Samsung 850 PRO 512GB) for a fully encrypted Linux
system. I've read the cryptsetup FAQ and various posts in the
internet and I'm familiar with the common problems/pitfalls regarding
dm-crypt on SSDs.

To avoid information leakage about the storage device's usage patterns,
it is generally recommended to fill the entire device with random data
before setting up encryption. It is also recommended to issue an 'ATA
secure erase' to SSDs before using it to avoid performance issues.

But doing these two things, either my (1) random data gets 'deleted' via
the (2) 'ATA secure erase' (the SSD will report all zeros), or I end up
with degraded performance when (1) issuing 'ATA secure erase' before
(2) putting random data on it.

I thought of TRIMing the SSD via 'blkdiscard' instead of using
'ATA secure erase' after putting random data on it (twice, see [0]),
but that should make no difference, since the SSD will most probably
report all zeros for TRIMed sectors. Either way, the flash chips will
contain all random data (making it impossible to distinguish encrypted
data from free space) but the drive controller will still report all
zeros for the entire SSD (making it possible to distinguish encrypted
data from free space).

(Note: I'm assuming that an 'ATA secure erase' does not actually empty
the flash cells, but merely changes the internal encryption key. I'm not
sure on this, but it doesn't really matter.)

Any solution/thoughts on this?



"Second, overwriting the entire visible address space of an SSD twice
is usually, but not always, sufficient to sanitize the drive."

Merlin Büge <toni at bluenox07.de>

More information about the dm-crypt mailing list