Solidigm

I know about Samsung and Sharp (1.8"). I have no more information about them, but they are exactly selling them as a self-encrypting drives. But who knows, what theyi mean by that.

I hope that Intel will clear this, c'mon it is a serious company...

At the 2010 Storage Developers Conference Mr. Dmitry Obuhkov of Sandforce gave a presentation entitled "The Seven Myths of SED" (SED; Self Encrypting Drives). The links for this presentation are very lengthy: Google Obuhkov Sandforce. Myth number two was "ATA security is enough". He stated that "ATA Security + Encryption, This might be enough for simple use cases." The implication is that an ATA password provides only a modest amount of data protection.

Samsung recently released a new version of their encrypted SSD. Significantly, they are not relying on ATA Passwords. They state "The Samsung SSD supports a variety of management software. SSD's self-encryption and management software work together as essential parts of a fully managed hardware-based encryption solution."

If you require that data stored on your drive being completely protected it appears that third party software is going to be needed in order to restrict access to your disk. Intel's contention that data is secure because AES cannot be broken is absurd when you consider the insecurities inherent in ATA passwords.

It is up to the user, as always, to determine how much security is good enough. ATA passwords may or may not work for you. For now, I personally am staying with an HDD and Truecrypt.

Lew

All,

We've put some time into satisfactorily answering your questions. Thank you for your interest; hopefully these help. The questions are bulleted and the answers are in bold underlined text. Have a great weekend!

-Scott, Intel Corporation

• Where and how is stored that ATA password? There are utilities and tools how to read ATA password, and remove it. If you do this (can do this) the data if I understand this right is readable again. Is that true? I understand the "ironing" thing when memory chips are removed, thats great. But what about these utilities that can be used on "non FDE" drives?

ATA Password is stored in media as a non-reversible hashed value. This answer also applies to other questions in the blog. See below.

• Point 4.3.2 of Intel Toolbox User Guide (ver 2.0) states that before any Secure Erase procedure the user has to remove all ATA passwords set on particular ssd device. To do that one has to unplug and replug SATA cable while SSD Toolbox is running which effectively unlocks the SSD. As far as I can understand this is not true for 320 and you can't strip the device's ATA passwords so easily? Am I right? Because otherwise it contradicts your statment: "If you lose or forget your ATA User Password and Master Password, your SSD will remain locked without access to read, write, or erase any data...." Note that point 4.3.2 say nothing about knowing Master and User passwords.

Unplugging the drive does not unlock the drive, it just removes ATA SECURITY FREEZE LOCK. In order to secure erase the drive, the SECURITY FREEZE LOCK needs to be removed and after that, drive needs to be unlocked using a master/user password.

• You said: "If you were to remove a NAND component from the SSD, all data contained within the component is encrypted and keys are securely encrypted and hidden, therefore it is extremely low probability that any data could be recovered.".Are you sure that all data contained within is encrypted? What about so called "negative cylinders" or firmware area where vital data for drive functioning is being stored (along with ATA passwords - usually)? Are they encrypted as well?

All data contained(this includes user and system) within the components is encrypted.

• Are ATA passwords (not AES keys) encrypted, hashed or secured in any other way within the device?

See answer to this in a previous question.

• Let's assume that User had set his own ATA User Password and Master Password and then he forgot both of them. Now he's returning the drive as broken. Does his warranty still valid? I can understand that ATA locked device is unreadible, unwritable and unerasable. But is it unservicable?

Warranty is not valid since SSD works per specification. It is not serviceable by Intel.

• Using Intel Toolbox for Secure Erase requires running additional (external) operating system. Sometimes this in not possible. In case of conventional platter-based drives there are some tools which allow to invoke Secure Erase from bootable medium (cd/dvd or pendrive). To be specific they send ErasePrepare and following SecureErase ata commands from linux or dos-based enviroment. Could these tools (i.e MHDD) be used to trigger Secure Erase procedure on intel's ssds?

Any tool that issues an ATA SECURITY ERASE UNIT command (Secure Erase) as normal or enhanced mode will be able to secure erase an Intel SSD. However, user must provide the correct password (User or Master) within the SECURITY ERASE UNIT command to unlock the drive before doing secure erase.

• It is worth to notice that according to ATA Security Mode Specification the ATA Master Password is always being set. Even if the user has not set it manually (never) every drive leaving the factory has to have one. The question is very important: In case of intel 320 ssds is the ATA Master Password device specific or the same across all devices? If the second, is intel aware of how insecure it is considering the fact that most users will use their drives in High (not Maximum) Security Mode. In this mode you can fully unlock (for read and write) the device with Master Password. What if the default one leaks someday? Does intel plan to provide a tool for changing Master Password if bios does not support this feature (and most doesn't)?

Intel will ship the drive with random keys. User has the responsibility to enable security state and set their own passwords themselves to get the benefit of the security features. Third party tools such as HDAT2, HDPARM can be used to set master/user password if user system does not have the capability to set them.

• Is the ATA password, maybe together with something else (e.g. a random salt) used to encrypt the AES encryption key stored on the SSD?

Yes, ATA password is used to encrypt the encryption keys stores on the SSD.

• When the 320 SSD is powered off, is the AES encryption key always stored in an encrypted form and is that encryption dependent on the ATA password?

Yes, even during power off data is kept in encrypted form. On the other question regarding dependency on ATA password please refer to earlier answers.

Thank you very much for explanation. Just two things, if I may:

1) is this applied also in 510 SSDs?

2) you said that ATA password is used to encrypt the encryption key. That means, that you cannot change the ATA password after it is set for the first time, right? Because if you do, the encryption key will be different and cannot decrypt the data stored on chips.

Thanks