My Intel 320 SSD - is encryption automatic?

ssd disk-encryption

So, I have just received an Intel 320 series SSD. They state that once I set my ATA passsword (through the BIOS), that encryption will then be active. I see no sign of this noted in the SSD Toolkit from intel, so I'm just trying to double check that it's actually active... Can anyone confirm through their experience or another source they know about?

P.S. I am not super impressed with this encryption methodology so far. For example, my ATA password can only be 8 characters - when my usual drive encryption password with my old method (True Crypt) was 25...

Thanks all.


Solution 1:

Intel's 320 SSD are always encrypting the data. It is built into the hardware and cannot be turned off. Your ATA password is not used to encrypt the data. The SSD generates its own encryption keys, and the length of these keys do not depend on the length of the ATA password.

But, by default the encryption keys are stored unencrypted and can be read. When you set a ATA password, a hash of that password is used to encrypt the encryption keys. In that case the data is unrecoverable without the ATA password.

Solution 2:

Intel's 320 series SSDs use AES-128 encryption to make secure erase very fast, because if you generate a new encryption key, then the old data cannot be read. So, encryption is always used, regardless of your password setting.

Actually, these are two completely unrelated technologies. The ATA password's sole purpose is to prevent you from using the drive without it (say, in another computer), but the scheme is far from perfect, according to Sandforce. It is very likely that it can be removed and then the encryption is useless, because it's completely transparent.

(I found these informations in this thread.)

My advice is to use a software-based solution. TrueCrypt (in “system encryption” mode) and BitLocker doesn't lower the life expectancy of the drive, because they issue the TRIM command after deletion.

Related

Windows 7 Virtual PC + Linux Ubuntu
How to print with ghostscript in silent mode
7zip command not extracting to specified output directory
Crop triangular area with FFMPEG
Installing VirtualBox has broken my remote desktop - how can I resolve this?
Creating map of countries colored using country statistics
Has VMWare Workstation become incompatible with VMWare Server?
Automatic text replacement in Ubuntu
Way to stop windows explorer from prepending http to unknown names in address bar? [duplicate]
Unable to connect to multiple WiFi networks via multiple virtual interfaces
Windows, not admin: Proxy working in Firefox but not in cmd, why?
Batch File that copies the first 2 lines of a text file into another text file