3

I have an Intel 660p NVMe SSD whose spec lists:

  • Hardware Encryption Yes
  • Encryption Algorithm 256-bit AES

I used it as a replacement drive for Fujitsu Lifebook U748. That's the laptop I used to enable the hardware encryption on it using the facility available in BIOS. At some point I had to return the laptop and now I am left with the encrypted drive that I have no idea how to access.

The Fujitsu laptop's configuration lists various hard drive options including some that are "OPAL capable". I currently have access to Lenovo Thinkpad X280 where the spec lists "hard disk password" and which came with Hynix NVMe drive with "OPAL 2.0" on the sticker. I though I could use it to access my drive then.

I put the disk in and used sedutil-cli to query the drive but it didn't appear possible:

/dev/nvme0 No INTEL SSDPEKNW512GB

For completeness the output for the Hynix drive was:

/dev/nvme0 12 SKHynix_HFS256GD9TNG-L5B0B

I then tried with hdparm but got:

HDIO_DRIVE_CMD(identify) failed: Inappropriate ioctl for device

and that's apparently because hdparm talks ATA which the drive being NVMe doesn't understand.

Finally, I put the drive into ASRock H470M-ITX/ac motherboard, as its explicitly listed on the QVL, but no joy, the system immediately froze, I wasn't even able to get into BIOS.

Is there anything I can do to access my drive?

Giacomo1968
  • 53,069
  • 19
  • 162
  • 212
Johnny Baloney
  • 465
  • 4
  • 11

1 Answers1

0

I don't think you can recover your data. From what I have read, on the disk there is a encryption key stored in the encrypted form. It can be decrypted using your BIOS password. Nothing more is disclosed nor the precise algorithm how that is actually done.

So I would be interested to know:

  • When there is no BIOS password is the encryption key stored on the disk unencrypted and can you migrate such disk from one PC to another?
  • What happens if you happen to modify BIOS password? Is your HDD then useless?
  • When you take your disk into another computer with the same BIOS password will it work?

I am not aware Intel answering such questions nor disclosing any details.

So in theory if you were Intel and knew the password, you have a way to recover it, because on the disk it is encoded by your BIOS password. Unless they mix also password with some specific hardware information.

However there seems to be a way to erase the device and put it to factory state while losing data but at least having the disk working https://www.intel.com/content/www/us/en/support/articles/000057452/memory-and-storage.html

VojtaK
  • 121
  • 3