Questions: Intel S1200KP and 520 series SSD Full Disk Encryption

I’m writing this post to remind myself to pick up an Intel 520 Series SSD in *hopes* that the Intel S1200KP supports ATA passwords to utilize the 520’s AES, 256-bit, full disk encryption. I really want these two products to play nice for a couple of reasons:

  1. The S1200KP is mITX, has two SATA III ports, has two Intel GbE ports, and a 3 year warranty
  2. The 520 is SATA III and has a 5 year warranty (unlike the slightly cheaper 330 with a 3 year warranty)

The 520 series product spec includes:

Advanced Encryption Standard (AES) 256-bit EncryptionAES 256-bit encryption is an  industry standard in data security, providing a hardware-based mechanism for encryption and decryption of user data. Utilizing a 256-bit encryption key, AES encryption — when combined with an ATA drive password — helps protect user data.

But the S1200KP product spec isn’t verbose about ATA passwords:

3.9    BIOS Security Features

The BIOS includes security features that restrict access to the BIOS Setup program and who can boot the computer. A supervisor password and a user password can be set for the BIOS Setup program and for booting the computer, with the following restrictions:

  • The supervisor password gives unrestricted access to view and change all the Setup options in the BIOS Setup program. This is the supervisor mode.
  • The user password gives restricted access to view and change Setup options in the BIOS Setup program. This is the user mode.
  • If only the supervisor password is set, pressing the <Enter> key at the password prompt of the BIOS Setup program allows the user restricted access to Setup.
  • If both the supervisor and user passwords are set, users can enter either the supervisor password or the user password to access Setup. Users have access to Setup respective to which password is entered.
  • Setting the user password restricts who can boot the computer. The password prompt will be displayed before the computer is booted. If only the supervisor password is set, the computer boots without asking for a password. If both passwords are set, the user can enter either password to boot the computer.
  • For enhanced security, use different passwords for the supervisor and user passwords.
  • Valid password characters are A-Z, a-z, and 0-9. Passwords may be up to 16 characters in length.

More info:

The ATA Password is often referred to as an “HDD Password” in system BIOS.  If the system allows, it is recommended that both “User” and “Master” passwords are configured for maximum security.

Good news update! The S1200KP looks promising with the most current BIOS update!

Up-to-date BIOS
HDD password options!

It’s really odd though–Intel’s complete lack of documentation on how to use FDE for their own products. No benchmarks and no security reviews or whitepapers. Even on the Intel forums, people are bewildered. On third-party review sites, they mention the ability but don’t test it. Ridiculous.

I’ll see if the S1200KP can do it. It might be a month, but I’ll update this post when I do.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s