Security specification for storage devices defined by TCG.
Opal SSC is Security Subsystem Class for storage devices defined by Trusted Computing Group.
Questions tagged [opal-2.0]
9 questions
23
votes
3 answers
Free/Libre software to handle TCG OPAL 2.0-compliant Self-Encrypting Drives (SEDs)?
I'm in search of a free/libre software that is able to handle OPAL (2.0)-compliant SEDs (i.e. manage the setting of Pre-Boot Authentification (PBA) environment, encryption keys...).
It could be a utility that runs as a live image (thus…
neitsab
- 343
- 1
- 2
- 7
9
votes
1 answer
Is the Shadow MBR used in SEDs a security vulnerability?
I've been reading up on Self Encrypting Drives and I'm having trouble understanding how the Shadow MBR is not a security problem.
I found these slides which indicate that the Shadow MBR is stored in clear text (which makes sense because it needs to…
Dominic P
- 365
- 1
- 10
3
votes
1 answer
How to enable OPAL SSD encryption on Windows without BitLocker?
A lot of SSDs now implement OPAL-compliant AES hardware encryption, which seems to be the only option to get full-disk encryption on modern PCs without buying the (very expensive) Windows 10 Pro edition.
I enabled this encryption with a HDD password…
Hey
- 1,905
- 1
- 16
- 23
2
votes
0 answers
How does the Shadow MBR improve security for Opal v2 SEDs?
Opal v2 and above drives are required to support multiple locking ranges, so it's possible to block access entirely to the majority of the drive and only have the bootloader w/ PBA support section visible and read-only on such drives.
What security…
WolfWings
- 21
- 1
2
votes
1 answer
How secure is OPAL 2.0?
I basically cannot find any credible information online as to how secure OPAL 2.0 drives are, and so I don't really know how much, or in what cases, I can trust their encryption to keep my data safe if the drives get into the wrong hands.
Do they do…
user541686
- 2,502
- 2
- 21
- 28
0
votes
1 answer
Opal 2.0 motherboard compatibility
I need to know if my motherboard is Opal 2.0 compatible.
I have asked the question to it's manufacturer but he answers that he doesn't know, claiming that the tests to determine the Opal 2.0 compatibility haven't been done (and probably won't be…
Oliver
- 105
- 5
0
votes
1 answer
Is Opal-based full disk encryption fully working for Linux?
I'd like to know to manage the password purely via the BIOS and not need to run any utility e.g. sedutil.
user209307
0
votes
1 answer
How is the DEK in a SED drive encrypted?
I am using a Samsung Evo 960 NVME SSD. I have encrypted the SSD using its built in hardware encryption features, which follow the tcg opal standard. If I understood correctly, the disk encrypts all data using AES-256. The key for this encryption is…
Gasp0de
- 133
- 6
0
votes
0 answers
Disk Encryption - Extended Boot Record protection
I posted something like this on SuperUser some months ago, but thought I'd try the security focused site. Anyway, I am working on a Disk Encryption project using OPAL drives. The OS is Linux, and is contained on an extended partition. This partition…
Kyle Preiksa
- 101
- 1