So I'm considering looking into setting up a hardware brute force decryption machine for the purpose of breaking WD's encryption. Perhaps something like this: https://sagitta.pw/hardware/gpu-compute-nodes/invictus/ only homemade.
According to this article it seems that it's totally doable to crack the user password once you have the key sector stored in the SA. From what the article explains most WD encryption works like this:
User password is used to generate Key Encryption Key (KEK)
KEK is then used to encrypt Disk Encryption Key (DEK - what we normally use to decrypt data)
This results in a eDEK which can be read the normal way by PC-3000 in lieu of the DEK (which was replaced with the eDEK).
So a brute force attack would basically be running every possible AES-256 password possible to see which one results in the key for the eDEK so it can be decrypted back to the DEK and used in PC-3000 to decrypt.
A simple open source tool like hashcat could probably be employed and run on hardware with multiple GPUs to accomplish it.
Of course such a service would only be offered to law enforcement agencies. Doing this commercially would simply be unethical.
According to this article it seems that it's totally doable to crack the user password once you have the key sector stored in the SA. From what the article explains most WD encryption works like this:
User password is used to generate Key Encryption Key (KEK)
KEK is then used to encrypt Disk Encryption Key (DEK - what we normally use to decrypt data)
This results in a eDEK which can be read the normal way by PC-3000 in lieu of the DEK (which was replaced with the eDEK).
So a brute force attack would basically be running every possible AES-256 password possible to see which one results in the key for the eDEK so it can be decrypted back to the DEK and used in PC-3000 to decrypt.
A simple open source tool like hashcat could probably be employed and run on hardware with multiple GPUs to accomplish it.
Of course such a service would only be offered to law enforcement agencies. Doing this commercially would simply be unethical.