Credit: Gunnar Alendal and Christian Kison and modg
You didn’t actually think self-encrypting hard drives worked, did you? You think the world’s great cryptographers go work for hard disk companies working on checkbox features? Obviously, they don’t. Obviously, these things don’t work.
But don’t let that keep you from reading a pretty excellent paper on reversing hardware and exploiting comical encryption failures.
See something that looks like an AES key?
It was probably spooled directly off an LFSR.
Unless it wasn’t. If it wasn’t, it was probably encrypted by another AES key hardcoded into the firmware of the device, free from the prying eyes of anyone other than someone who can handle file formats.
It’s not encrypted with a hardcoded key? You can’t work it out by breaking an LFSR? Oh, don’t worry: that just means it’s the value of GetTickCount repeated 4 times.
It gets worse, but you should read the paper to see how.
Got HW crypto? On the (in)security of a Self-Encrypting Drives series