none
Windows 8.1 BitLocker Full Disk Encryption RRS feed

  • Question

  • Hello all,

    I recently purchased a Samsung SSD 840EV that supports Encrypted Drive (eDrive) hardware encryption.  I followed the Samsung directions on enabling eDrive by doing a secure erase and a fresh Windows 8.1 install with UEFI BIOS enabled.  The Samsung software sees that eDrive is enabled.  I turned on BitLocker which successfully encrypts the drive.  In order to verify that the drive is encrypted and also to have a contingency plan, I removed the drive and connected it to another computer via USB.  When I do this, I can't access any data on the drive, the file system shows as RAW, and if I try to explore the drive I get "Data error: Cyclical Redundancy Check".  I've also tried using command line tools to unlock the drive and opened the BitLocker management on the PC to see if I could see and unlock the drive in there, but I don't.  I know the drive is good and I can remove it and put it back in the laptop and boot back into Windows just fine.  

    I used the same drive on Windows 7 which does not support eDrive and therefore could only use software encryption with BitLocker.  In this scenario, I could pull the drive and attach it to another computer and then windows would prompt me for my recovery key and allow me to access it.

    At this point I am wondering if because the new drive uses eDrive, it is not possible to access it from another computer.  However, this doesn't really make sense because if my computer got hosed then there should be SOME way to recover the data from another machine.  And again, this worked fine with the same drive and Windows 7/software BitLocker encryption.

    Any thoughts?

    Thursday, April 3, 2014 1:55 PM

All replies

  • Hi,

    About your confusion, I think it would be better to consult with eDrive support to check if this problem caused by eDrive.

    http://www.edrive.co.nz/


    Roger Lu
    TechNet Community Support

    Friday, April 4, 2014 8:27 AM
    Moderator
  • When I say eDrive, I'm referring to hardware encrypted drive support in Windows 8.1.  The link you provided seem to be online driving training in New Zealand??
    Monday, April 7, 2014 8:04 PM
  • I think the whole point of eDrive is that the encryption is hardware based which means that unless the keys are loaded by the UEFI BIOS into the drive firmware at boot time (from the TPM) that the drive will just represent the data with the wrong keys - i.e. garbage.

    In software encryption only the data volume, not the boot volume are encrypted and so you get easy recovery.

    When the entire drive is encrypted (all volumes), the result is as you describe.

    This does provide a higher level of protection and potentially higher performance, but backing up drives then becomes more important as you see.

    Saturday, May 24, 2014 11:07 PM