Intel Launches Self-Encrypting SSD

MojoKid writes: Intel just launched their new SSD 2500 Pro series solid state drive, the follow-up to last year's SSD 1500 Pro series, which targets corporate and small-business clients. The drive shares much of its DNA with some of Intel's consumer-class drives, but the Pro series cranks things up a few notches with support for advanced security and management features, low power states, and an extended management toolset. In terms of performance, the Intel SSD 2500 Pro isn't class-leading in light of many enthusiast-class drives but it's no slouch either. Intel differentiates the 2500 Pro series by adding support for vPro remote-management and hardware-based self-encryption. The 2500 Pro series supports TCG (Trusted Computing Group) Opal 2.0 features and is Microsoft eDrive capable as well. Intel also offers an administration tool for easy management of the drive. With the Intel administration tool, users can reset the PSID (physical presence security ID), though the contents of the drive will be wiped. Sequential reads are rated at up to 540MB/s, sequential writes at up to 480MB/s, with 45K – 80K random read / write IOps.

Re:

[arglebargle_xiv]

It's not big brother, it's anyone. All of the IPMI systems used by Intel, Dell, HP, etc, are unaudited cesspits of remote-rootkit capabilities full of buffer overflows, authorisation bugs, parser errors, and so on. It's hard to know where to begin, but here's one starting point [fish2.com]. Hack like it's 1999.

Intel SSD's have had AES encryption built in for years, it's no big deal. What they've added with their IPMI support is a capability for remote attackers to get at the encryption, which is kind of a big deal i

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[NatasRevol]

Probably forced Mcafee scans.

Re:

[Anonymous Coward]

Uh, you aren't really comparing equal things. Your post is incredibly stupid.

Re:

[the_B0fh]

Because you said so...? People have been using full disk encryption on normal drives for a very long time now without too much complains for most workloads. Something designed specifically for full disk encryption should have less of an impact.

Self-encryption

[Little_Professor]

Self-encryption? So it encrypts itself? Wow. On my laptop I have to encrypt my drive myself. Takes ages to work out all the ciphers

Re:

[sasparillascott]

Yes, this has technology called the "Clapper Chip" (formerly known as the "Clipper Chip") that allows this massive increase in speed...the NSA says this technology is very secure. /s

I Have a New Technology for This

[Motard]

My new device is designed to accept any amount of data and any rate imaginable. Once stored, the data can *never* be retrieved, no matter what is tried. And this new technology is surprising affordable. Call now for your new StorageBrick 3K!

Re:

[jbmartin6]

I think you should call this "SecurityBrick 3000" and tout its security features more.

Re:

[mysidia]

Sorry, you're too late. I already subscribed to a competing cloud service [devnull-as-a-service.com] which provides the same functionality, only: I can use it from anywhere in the world, and my provider worries about maintenance.

Re:I Have a New Technology for This / WOM

[neurocutie]

this "new" technology was announced in BYTE mag, some 30+ years ago... then billed as WOM (write-only memory)...

Intel has worked with the NSA

[sasparillascott]

The usual comment, if you care about your drive being able to be unencrypted when the right govt authorities decide to go snooping, it'd be best not to trust this...

Great point of reference:

https://plus.google.com/+Theod... [google.com]

Re:

[sasparillascott]

The Clipper Chip is probably alive and well. Although maybe we should call it the Clapper chip now...

Re:

[Anonymous Coward]

Its sad, but this has made everything american absolutely useless lately. Though the correct word would be "un-usable"

It's sad because the engineers who develop the products themselves aren't to blame, but their bosses. And their bosses bosses and so on. And down the ladder too, with people not caring who they vote, and allowing things to spiral so insanely out of control.

You've brought it on yourselves as a collective I guess.

Re:

[medv4380]

If I actually cared about the Government breaking into my encrypted files I'd be using a One Time Pad. It might be cumbersome, and it might flag it as actually important info, but if I really didn't want someone to have the possibility of breaking it then only a encryption method that cannot be broken with any amount of processing power will do. However, I don't have any need to worry about some trivial thing like are they looking at me today. I don't have that kind of secret to hide.

Re:Intel has worked with the NSA

[Charliemopps]

If I actually cared about the Government breaking into my encrypted files I'd be using a One Time Pad. It might be cumbersome, and it might flag it as actually important info, but if I really didn't want someone to have the possibility of breaking it then only a encryption method that cannot be broken with any amount of processing power will do. However, I don't have any need to worry about some trivial thing like are they looking at me today. I don't have that kind of secret to hide.

You should always be worried about the government breaking into your encrypted files.
There is only 1 group in this country that can legally torture you and put you to death. Only one group that actually does that very thing on a daily basis.
Irrelevant of their current laws and practices, it's in your best interest to protect yourself from their prying eyes.
You've no idea what you're doing today that will be illegal tomorrow. Every device I own has some degree of encryption. Will that protect me if they target me directly? Probably not, but I certainly am not going to make it easy for them if it comes to that. Decent encryption isn't that hard, and just takes a few minutes of your time.

Re:

[medv4380]

If you're really that paranoid then you should be using a one time pad already. If it's not mathematically impossible to break then it's not worthy of that paranoia level. If I ever became worried on that level I'd switch to One Time Pads over night. The fear mongering that the NSA might have instant access to your nude selfies is meaningless fear mongering. Someone who does that should actually be afraid that anyone could get those photos off the phone and post them everywhere. That's not a lesson for why

Re:Intel has worked with the NSA

[eth1]

Not to mention that even if you have "nothing to hide," what about when you piss the wrong person off, and suddenly there's child porn on your encrypted drive that obviously only you could ever have had access to.

Silver Lining

[ThatsNotPudding]

and suddenly there's child porn on your encrypted drive that obviously only you could ever have had access to.

At the bottom of the revealed Pandora's Box of NSA horrors is this: now, even a jury of Red-State yokels have pause for belief when the defense can say to them: planting such evidence is childs' play for the organs of state security - step out of line and you may be next.

Re:

[Luckyo]

The problem is that if you have something that government finds worth torturing over on your drive, you're boned regardless.

Very few people have the sufficient stress and pain tolerance to be able to not divulge the password to the files for extended period of torture by best professionals in the world.

Re:

[Luckyo]

You mean "your data is gone".

Might as well save the pain and just wipe the disk afterwards.

Re:

[mark_reh]

How long do you think you'll keep your pass phrase secret when one of the government sanctioned torturers tightens the screws on your thumbs?

You can't protect your data from the government any more than all the gun "enthusiasts" in the US can protect themselves from the government with their guns. The government ALWAYS has ways and means beyond what any individual or even any group can muster.

Re:

[LordWabbit2]

Obligatory xkycd [xkcd.com]

Re:

[CanHasDIY]

I don't have that kind of secret to hide.

You don't think you do, today, but that doesn't mean you don't, nor does it mean you won't at some point in the future.

The fact that governance is dynamic and contingent solely on the whims of a handful of powerful people are precisely why everyone, yourself included, should actually care about the government snooping on private information.

Oh, that and fetish sex. Because there's nothing wrong with fetish sex, but I'd bet most people who are into that sort of thing want to keep it hidden regardless.

Re:

[niftymitch]

If I actually cared about the Government breaking into my encrypted files I'd be using a One Time Pad. ....snip....

I think this is a place where a big "Woosh" applies.

Someone does not understand the way one-time pads work.
Using a one-time pad is a blunder. To get your files you must also have the pad. For a disk this would be one monster pad.
Since it is a one time pad you use it and toss it (special flushable paper) -- now the data is lost.

One-time pads between two friends are interesting but require a physical exchange of pads.

The Intel trick has one big value in the context of repair, redeployment and intentional a

Re:

[Lehk228]

if the government really wants what is on your disk, they will put you in a small cage until you give up the keys, if they REALLY want it you will take a trip to an officially nonexistant location and find out what successively higher and higher voltage across your genitals feels like until you give up the key, or die.

Can it be updated and run Free Software?

[jbn-o]

If the drive's software were flashable (the device could be updated with different software) and the software were Free Software [gnu.org], there would be no reason to fear Intel's connection to the NSA. Users would have the freedoms they need to make sure the software does what they want it to do. Proprietary encryption, no matter who writes it or distributes it, is always untrustworthy for the same reason proprietary software is untrustworthy—you don't really know what it's doing and neither does anyone you c

Re:

[AmiMoJo]

Realistically most people have to trust a commercial company at some point. Even if you switch from Windows to Linux, you still need a CPU and motherboard with BIOS code on it. Even the SSD's firmware could subvert you.

The encryption used here is good enough for most purposes. Sure, the NSA could probably break it, but they probably won't want to. Aside from the time and money it takes, it would reveal their capabilities. The good news is that this kind of encryption has been shown to keep the cops and othe

Re:

[0123456]

It can loose it's own keys?

My current Intel SSD encrypts everything and has a special command to wipe the key to 'secure delete' the contents. So I'm not sure what's new here.

Re:

[rsmith-mac]

Exactly. Mainstream PC SSDs have been self-encrypting for a couple of years now; in Intel's case they've supported full disk encryption since the SSD 320 released in 2011 [anandtech.com]. This is both to allow the easy use of encryption on the end-user side (ATA password), but it also makes it easy to wipe the drive without immediately zeroing out pages, as you have noted.

Re:

[Anonymous Coward]

It's the explicit Opal TCG encryption support. There's the internal AES encryption of previous drives, which only protects against yanking the NAND chips out and reading back the data, but not moving the whole drive to a new machine as the controller still knows the key. If I'm not mistaken, the internal AES encryption of SandForce drives is primarily a trick for reducing write amplification rather than any kind of security. Not sure if this new drive actually has the SandForce controller, but that's the di

Re:

[AmiMoJo]

Some older drives can use the ATA password for encryption, which is presumably what you are describing. The implementation varies. Some drives store the key in plaintext where it can easily be sniffed as it travels over the the HDD's internal bus. The biggest issue though is that in most cases only laptops support the ATA password feature, with virtually no desktop BIOS implementing it.

This new standard defines how the key is to be stored securely and integrates much better with software like BitLocker. As

"Factory" Encryption == Bullshit

[CanHasDIY]

We all know, at this point, that these tech hardware companies are total butt-fuck buddies with clandestine government organizations.

We all know, at this point, that as a result of the aforementioned butt-fuck buddies relationship, all hardware can be considered compromised before you even open the damn box.

I don't know about you all, but I'm far more concerned that an organization with the power to take away my life and/or freedom can access my data without my permission or knowledge than infamous Russian credit card scammer "Peggy."

That be my 2 pennies.

Samsung drives have encryption

[guantamanera]

Some of the Samsung SSD drives have encryption since 2009. I don't use it because one has to setup the ATA password to enable it, and does not feel as secure. http://www.samsung.com/global/... [samsung.com]

Another unverifiable "encryption product"...

[Kardos]

... treat it as a regular unencrypted drive and apply proper encryption on top. Next.

Re:

[0123456]

... treat it as a regular unencrypted drive and apply proper encryption on top. Next.

While true, the problem with that approach is that the SSDs compress the data you write to them to improve performance and wear-levelling. So, if you encrypt the disk at the operating system level, you lose all that.

Obviously, if most of your data is already compressed, it won't matter.

Re:

[LordLimecat]

Not really.

SSD performance boosts are 95% due to the massively reduced seek times, which are on the order of 1000x faster than traditional platter latency. The throughput is higher too, but only on the order of 2x-3x.

Meanwhile, AES encryption is generally accelerated by AES-Ni so that a typical supporting processor can hit ~2000MB/s, which is easily 5x faster than your average SSD can output.

Re:

[Iniamyen]

It can probably be interpreted to mean that it shares architecture and/or design patterns of some type. While it's not very specific, I wouldn't call it pure marketing jargon.

Re:

[mlts]

IIRC, just a simple TRIM command can zap all data from a drive, no chance of recovery, no way, no how... and all modern operating systems constantly use TRIM to return freed up space to the SSD's controller.

Re:

[Cley Faye]

TRIM don't actually zap the data, it just mark a block as unused. This is to increase performances, because on the next write in this block, there is no need to read it, update it in memory, then write it. But until something is written there, no guarantee that the content itself is erased. Custom firmware could read it, or advanced forensics could get the chips out and get data from it or something.

Re:

[0123456]

I would presume that TRIM marks the block as unused, so a background erase process can zero it when the drive isn't busy. From what I remember, the main goal of TRIM was to eliminate performance bottlenecks when the SSD had to overwrite previously-used blocks which the operating system had already freed up.

Re: How is this news.

[Cley Faye]

Yes, TRIM is there to improve performance when writing in a block, but it don't need to erase it, not when receiving the trim command or afterward. The performance problem comes from a write operation that is smaller thn the block. Imagine a block size of 1kB. If you want to write 200 bytes in it, you have to read the whole block, update the relevant part in memory, and write the updated 1kB. Now, if you have the knowledge that the block is completely unused by the FS, then you can skip the reading part, an

Re:

[viperidaenz]

It's a bit worse than that.

You can't write a block without erasing it first.
Most NAND chips don't let you erase a single block (eg: 4k or 8k), you have to erase a group of them (eg: 512k)
To write one block that already contains data, you need to read all blocks in the group first, erase them all and write out all blocks.

Worse case, to write 1 byte, you need to read in 512k, erase it all and write back all 512k. Normal case, you attempt to write entire blocks at a time and the wear leveling algorithm picks a

Re:

[Rockoon]

Now, if you have the knowledge that the block is completely unused by the FS, then you can skip the reading part, and just write an 1kB chunk of whatever with the correct 200 bytes.

The cases you describe where a logical sector is only partially written to but luckily the sector was trimmed simply is not a frequent occurrence and even if it were it doesnt pass the smell test because it is the OS that handles writing to partial sectors. The OS always writes complete sectors to a drive (there is no "only write part of a sector" command that HDD's or SSD's understand.)

So even in the case where your scenario were amazingly frequently occurring, the OS would be handling it and not the S

Summary of advantages:

[Cley Faye]

This idea is amazing.
Instead of having:
- full control over the encryption software
- full control over the encryption key
- data that goes in clear in the ram, then is never seen in clear by the hard-drive
- performance nearly identical through either hardware-enabled encryption (AES...), or even software based implementations (even a smartphone can do it transparently)
We're trading all this for:
- who knows what really happen down there
- hey, is your secure key even used for anything more than cipherin

Re:

[LordLimecat]

Encrypted RAM would be utterly worthless. The encryption key would have to be in RAM or in the CPU registers, so a RAM dump would get the data either way.

Re:

[LordLimecat]

I can think of no technical reason that someone with access to dump the RAM would not get those registers; the RAM used in the CPU is much less volatile than normal DRAM (its called "static RAM" for a reason).

For example, lets say you manage to catch a VMWare vMotion. You have A) the RAM, B) the current CPU instructions, C) the CPU registers. Ditto with Fault Tolerance.

Lets say you ice the RAM and dump it. If you have access to do that, you could in theory do the same for the CPU; and since CPU memory de

Re:

[viperidaenz]

full control over the encryption software

- performance nearly identical through either hardware-enabled encryption (AES...),

Do you see what you did there?

- performance nearly identical through (supposedly) hardware encryption.

Unless your system can multi-task and uses the hardware encryption resources for other processes. Like a web server that's also doing SSL/TLS.

Simple Security Is The Best Security

[tech.kyle]

I suggest encrypting everything multiple times with a more simple encryption algorithm. I find it gives me twice the security at virtually no performance loss whatsoever. Myself, I use ROT13 twice.

Re:

[viperidaenz]

I use ROT-13 four times.

Intel and 'Encryption'

[Mister Liberty]

Now it's self-encryption. Caveat Emptor, of this self-deceit!

Horrible Slashvertisement

[brunes69]

First of all this article is nothing more than a giant slashvertisement.

Second of all, essentially every SSD on the market self-encrypts, because it is how the secure wipe feature of SSDs functions. Any SSD that is locked with a password is encrypted and unreadable. This is not a new or novel feature at all, and whoever decided this was newsworthy should not be posting articles to slashdot.

But but... haven't we learned anything?

[hacker]

Can I set my own key? Set and maintain my own hash? No?

Not interested.

We want true, user-controlled security, not vendor provided.

We've learned our lessons already. The trust is gone.

Encryption is easy. Decryption is hard.

[Rowanyote]

I have a self encrypting hard drive already.

IBM Deskstar from last decade.

Unfortunately no one has the key....