Lets cut the security thing also:
Are 320-series SSDs FIPS 140-x certified?
I would really appreciate Security Policy Documents from Intel directly.
This is how it looks in case of other manufacturers:
The thing is that we have some precedences from the past which indicate that the drive could support internal AES128 encryption along with ATA password and NOT be more secure against thieves than conventional typical hdd.It is worth to addmit that ATA password could be set on any drive supporting Security ATA Extension Feature Set and most of the devices available today allow that.
All SandForce 12xx equipped drives offer internal AES128 and at the same time OCZ officially states that in his Vertex2 both mechanisms: ATA pass and AES128 are chained which means that if someone will broke any (whichever) of these two protections the whole security is defeated.
This is unacceptable considering how easy is to broke ATA password. The manufacturers used to save them in plain text (sic) on the firmware areas of their drives. They are not even hashed !!
So the whole matter is not a made up problem.
Clarifications are required.
We all are deeply interested in intel's new 320 series drives and some of us want to use them in the environment which requires security. And before making purchase decision we have to be sure that the confidential data of our firms could not be as easy to retrieve from stolen devices as in the case of competitive products.
Wrong thinking that you are secure is much worse then not being secured at all.
I believe that the ATA password and the disk encryption system are two totally separate items. All data written to the SSD is encrypted by the disk controller. It operates transparently without any user input. It is also completely useless you can restrict access to the SSD. Setting an ATA password is the key. ATA passwords are well known to be hardware crackable but only if the disk is unencrypted. If the disk is encrypted then the password cannot be recovered. Does the Intel 320 store the ATA password in encrypted form? Presumably it does. If this is indeed the case then data stored on the SSD will be secure.
However, there are two ATA passwords, User and Master. Some computer's BIOS only allow you to set the User password. The manufacturer-set Master password is not accessable. Anyone that knows the manufacturers password will be able to access your data (they may be only able to delete it, depending on whether the ATA security level is set to High or Maximum, a setting you probably do not have access to). Without being able to set a Master password your data is not secure.
The operative words in what I wrote are the first two, I believe. I only believe that what I wrote is correct I don't know for sure. Only Intel can come up with the answers to the questions this topic has asked.
But are you sure ATA password isn't stored in plain text? Are you sure it is properly hashed with FIPS certificated algorithm?
Besides, the security system in which one side has all the keys and user is only authorizing himself for access is always less secure than the security system in which the key is decomposited - scattered across two sides: user and hardware. And no side has all the secrets. The hacking history has proved above many, many times.
I believe there is a way to set a user and master passwords outside bios. Unless the device is not frozen. I suspect is up to bios implementation if it properly freezes the disk after the password was beeing entered. If no, it should be possible to set a master password or user password in Max security mode even if bios doesn't support the feature with some tool run inside OS. At least in some cases.
I wouldn't be surprised if intel blocks High Security mode altogether. Leaving the device in permanent Max security mode and blocking the chance of changing Master password. This alone insures intel that no device is being warranty returned in "I forgot the password" state.
Well at least I hope, that there is no service backdoor for all those Max security devices with changed Master passwords. Theoretically such devices are unservicable. They are locked and you can't secure erase them. Dead end.
I am absolutely with you guys. I am trying to figure how this REALLY works for a couple of weeks and it is a huge gray area. On the other side you can see how good is for example BDE drivers from Hitachi using Trusted Platform Module.
I abolutely don't want to have only ATA password secure notebook. I want to use as you proper security like on Hitachi (seagate) drives. Somebody from Intel really should answer this question properly.
BTW I have searched the OCZ forums support, and it is the same as here. Nobody knows.
I cannot understand why this is not claryfied exactly. Anyway I have red somewhere that this AES on SSDs are protecting only from ironing the memory modules to another board. So about the access it does nothing.
Believe it or not but this is the only place in the internet where this topic is even discused. Can't find any place, at least in the context of 320 series. It seems, people do not care. No demand no supply. The same applies to the reviewers. Saying some fancy words like AES or FIPS in marketing brochure is enough, it seems. Most of addressees find saying obviousness (like that AES128 is FIPS certified) as The proof and look no farther (i.e using certified algorithm does not make the device certified). I've seen that kind of marketing in the past. Obviously it is not reassuring for me. And for you, guys?
The way I think/hope it works and the way I think other FDE drives protected by ATA passwords work such as the Seagate Momentus FDE drives, is that the ATA password is used internally encrypt the original AES encryption key.
So without the ATA password it shouldn't be possible to retrieve/decrypt the AES encryption key. If no ATA password is set then the AES encryption key isn't encrypted. If the ATA password is changed then the AES key is decrypted and then re-encrypted with the new ATA password.
Protecting the whole drive with a key derived from the ATA password isn't practical because everytime the password changed the whole drive would need to be decrypted and re-encrypted with the new key.
Anyway these are just my assumptions. Intel should confirm ASAP how the drive works before more businesses start using it thinking their confidential information is safely stored in the drives.
A simple yes that's how it works, or no, they're completely unrelated would be enough.
It is discussed on many places, but not the 320 of course because it is new. Some people are saying that OCZ Vertex 3 PRO can do it, but it is not released yet so we don't know either.
Anyway I have found this Samsung SSD with FDE label:
BUT it is from 2009 and it seems a bit old and slow.
I also found that Seagate offers 2,5" Enterprise FDE discs, but oh my god the smallest is 400 GB so I think this is for some ultra-servers and not for usable for any notebook at all.
I haven't bought the Intel 320 yet, because I want to figure this FDE think before purchase. I just want FDE on my drive! The only ata password is just not enaugh. It is not that super easy to bypass it, but it can be done and this is just not acceptable.
Hope the following responses help with your questions:
1. Intel® SSD 320 Series drives are always encrypting the user data stored on the media, whether or not an ATA Password is set. In order to control access to your data or lock your SSD you do need to enable an ATA Password.
The encryption keys are securely held within the SSD device, hidden and encrypted using standard security techniques. These keys cannot be read by the user. All Intel SSD 320 Series drives do this. No user intervention is needed to enable data encryption on the NAND devices within the SSD.
If you were to remove a NAND component from the SSD, all data contained within the component is encrypted and keys are securely encrypted and hidden, therefore it is extremely low probability that any data could be recovered. Executing a SECURE ERASE function, such as that found in the Intel® SSD Toolbox, will cause the Intel SSD 320 Series drives to generate a new internal encryption key.
The ATA Password security interface is used to control the SSD’s internal access to the encryption keys, and therefore the user’s access to their data through the SATA interface. In order to lock access to the user data you do need to enable an ATA Password.
2. Support for ATA Passwords within BIOS or other means are system implementation specific. Most commercially available notebook / netbook systems include ATA Password functionality within their BIOS. The ATA Password is often referred to as an “HDD Password” in system BIOS. If the system allows, it is recommended that both “User” and “Master” passwords are configured for maximum security. Consult your system manufacturer’s documentation, or contact your system manufacturer for support.
The Intel® Desktop Board DQ67SW, DQ67OW, and DQ67EP support the ATA Password functionality, called “HDD Password”. On these boards, the HDD password support works in all SATA modes (IDE, RAID, or AHCI). The HDD password will only be applied to the drive on SATA port 0.
Note: The ATA Password is not a standard BIOS system password, as a standard BIOS system passwords control access to the specific platform / BIOS, not the SSD. Consult your system manufacturer’s documentation, or contact your system manufacturer for support.
3. The ATA Password standards, and therefore Intel SSD 320 Series drives, allow for up to 32 byte passwords and contain no specific password “strength” requirements. 32 bytes enables users to create passwords with significant security “strength”. It has been noted that some systems support ATA Passwords which are significantly shorter than 32 characters in length, and contain no password “strength” requirements. The utilization of the ATA Password security interface in system BIOS is system implementation specific. Consult your system manufacturer’s documentation, or contact your system manufacturer for support.
4. In order to provide the absolute best security possible, there are no available password recovery solutions. If you lose or forget your ATA User Password and Master Password, your SSD will remain locked without access to read, write, or erase any data within the device. In this case, your SSD and your data are lost, and cannot be recovered by Intel.
5. ATA Password support in RAID or multi-drive installations are host system BIOS implementation specific. Consult your system manufacturer’s documentation, or contact your system manufacturer for support.
Thanks. One major question: Where and how is stored that ATA password? There are utilities and tools how to read ATA password, and remove it. If you do this (can do this) the data if I understand this right is readable again. Is that true? I understand the "ironing" thing when memory chips are removed, thats great. But what about these utilities that can be used on "non FDE" drives?
Thanks for your response! I think you have cast some new light on the topic. I'm second Jan's questions concerning linking between AES keys and ATA keys but I have a few additional ones. They seem to be a little too specific but they touching very practical issues. Issues you as a producer and guarantor will have to cope with.
1. Point 4.3.2 of Intel Toolbox User Guide (ver 2.0) states that before any Secure Erase procedure the user has to remove all ATA passwords set on particular ssd device. To do that one has to unplug and replug SATA cable while SSD Toolbox is running which effectively unlocks the SSD. As far as I can understand this is not true for 320 and you can't strip the device's ATA passwords so easily? Am I right?
Because otherwise it contradicts your statment: "If you lose or forget your ATA User Password and Master Password, your SSD will remain locked without access to read, write, or erase any data...." Note that point 4.3.2 say nothing about knowing Master and User passwords.
2. You said: "If you were to remove a NAND component from the SSD, all data contained within the component is encrypted and keys are securely encrypted and hidden, therefore it is extremely low probability that any data could be recovered.".
Are you sure that all data contained within is encrypted? What about so called "negative cylinders" or firmware area where vital data for drive functioning is being stored (along with ATA passwords - usually)? Are they encrypted as well?
Are ATA passwords (not AES keys) encrypted, hashed or secured in any other way within the device?
3. Let's assume that User had set his own ATA User Password and Master Password and then he forgot both of them. Now he's returning the drive as broken. Does his warranty still valid? I can understand that ATA locked device is unreadible, unwritable and unerasable. But is it unservicable?
4. Using Intel Toolbox for Secure Erase requires running additional (external) operating system. Sometimes this in not possible. In case of conventional platter-based drives there are some tools which allow to invoke Secure Erase from bootable medium (cd/dvd or pendrive). To be specific they send ErasePrepare and following SecureErase ata commands from linux or dos-based enviroment. Could these tools (i.e MHDD) be used to trigger Secure Erase procedure on intel's ssds?
5. It is worth to notice that according to ATA Security Mode Specification the ATA Master Password is always being set. Even if the user has not set it manually (never) every drive leaving the factory has to have one. The question is very important: In case of intel 320 ssds is the ATA Master Password device specific or the same across all devices? If the second, is intel aware of how insecure it is considering the fact that most users will use their drives in High (not Maximum) Security Mode. In this mode you can fully unlock (for read and write) the device with Master Password. What if the default one leaks someday? Does intel plan to provide a tool for changing Master Password if bios does not support this feature (and most doesn't)?
Thanks in advance.
The Cryptographic Devil is always in the details (so to speak) so you will have to elaborate further than to refer to "standard security techniques."
Unless encryption is properly implemented, attacking an encrypted device becomes an exercise in hacking electronics rather than attacking a cipher and there are numerous examples of this (e.g. Sony).
Now to the question:
Is the ATA password, maybe together with something else (e.g. a random salt) used to encrypt the AES encryption key stored on the SSD?
When the 320 SSD is powered off, is the AES encryption key always stored in an encrypted form and is that encryption dependent on the ATA password?