Is it normal for secure erase on a Samsung SSD to take only a few seconds?

I've run several secure erase operations on my 500GB Samsung SSD 850 EVO using the procedure described on the Linux ATA wiki and it takes only a few seconds to complete:

linux-203v:~ # time hdparm --user-master u --security-erase foo /dev/sdb
security_password="foo"

/dev/sdb:
 Issuing SECURITY_ERASE command, password="foo", user=user

real    0m2.745s
user    0m0.001s
sys     0m0.003s

When viewed in a hex editor after the erase, the drive is indeed completely blank.

Is this normal? Has the drive actually erased all NAND cells this quickly?


Solution 1:

One thing to know is that data is never stored "in clear" in a SSD because storing random data (instead of long series of zeros and ones that are naturally present in a lot of files) has benefits for the SSD endurance and reliability. Older SSD were using LSFR but most (all?) newer SSD are using AES encryption to randomise the data. If you don't set a password the SSD is still encrypted but the key is "publicly available".

For more information, and sources, see Journeyman Geek's answer at Why does my SSD internally encrypt data, even without a password set?

To secure erase the deletion of the encryption key is enough, and that's pretty much instantaneous. A TRIM of all sectors will also be done for wear leveling purposes, that's what takes your 3 seconds.

When you check that the sectors are really blank they are most probably not even read, there is no need from the controller point of view as you told it to TRIM them so it knows they are blank.

Solution 2:

Yes, that's normal.

Mechanical disks need to go to each sector on the disk one at a time and actually write over the previous data with a random data bit.

SSDs can simply send a wipe command to each of their sectors more or less simultaneously and the same thing happens.

This capability is built into the SATA interface, though different drives support it in different ways.