CottageDefeat Posted July 18, 2019 Share Posted July 18, 2019 (edited) The big question...does the MP510 drive support hardware encryption of any kind? The Corsair MP510 spec sheet states "Encryption: AES 256-bit Encryption": https://www.corsair.com/eu/en/Categories/Products/Storage/M-2-SSDs/Force-Series-MP510/p/CSSD-F1920GBMP510#tab-tech-specs Two questions: (1) What does Corsair mean when they say "Encryption: AES 256-bit Encryption"; and (2) Does the Phison E12 controller support TCG Opal? On question (1), assuming this is not TCG-OPAL but is some other kind of hardware encryption, does anyone have any idea how to enable this mysterious "AES 256-bit Encryption" feature? There seems to be zero discussion, instructions, or any mention anywhere of anyone enabling hardware encryption on the MP510. On question (2), scattered across the Internet are claims that the Phison E12 supports hardware encryption via TCG Opal. However, I have not been able to find a single report of anyone actually enabling TCG Opal preboot encryption on a Phison E12 drive (either with NVME Class 0 encryption, as supported by newish Lenovo Thinkpads, or via SEDutil preboot authentication). There is one comment I found regarding enabling TCG Opal via SEDutil that mentions the MP510 that states "Most drives mention AES-256 somewhere on their spec sheet, but that doesn't mean they are TCG Opal compliant. The Corsair MP510 definitely is not detected as Opal-capable by sedutil.": This comment is very interesting, particularly because Phison, via its spec sheet for the E12 controller makes encryption claims, interestingly stating "Self Encrypting Function (Optional):AES, TCG Opal, TCG Pyrite": https://www.phison.com/images/products_datasheet/Embedded-PCIe_PS5012-E12.pdf What does "Optional" mean in "Self Encrypting Function (Optional):AES, TCG Opal, TCG Pyrite"? Also, the comment above "The Corsair MP510 definitely is not detected as Opal-capable by sedutil." may have been written regarding an older version of Phison E12 firmware. The original firmware version (12.1) is now updated to 12.3 - perhaps some form of encryption has been enabled in a firmware version after 12.1? In the case of the MP510, even though Corsair has not officially released the 12.3 firmware update, it is available in the dark corners of the Internet. Does anyone have answers to these questions? I would love to get some kind of hardware encryption enabled on the MP510. it is beyond ridiculous that the MP510 spec sheet says "Encryption: AES 256-bit Encryption" but there is absolutely zero information regarding how to enable hardware encryption. Edited July 18, 2019 by CottageDefeat Link to comment Share on other sites More sharing options...
CottageDefeat Posted July 20, 2019 Author Share Posted July 20, 2019 So, is the answer that the so-called and advertised "Encryption: AES 256-bit Encryption" on the MP510 is just made up vaporware? Link to comment Share on other sites More sharing options...
CottageDefeat Posted July 22, 2019 Author Share Posted July 22, 2019 Is there seriously no information whatsoever on how to enable hardware "Encryption: AES 256-bit Encryption"??? Seriously??? Link to comment Share on other sites More sharing options...
CottageDefeat Posted July 29, 2019 Author Share Posted July 29, 2019 (edited) Vaporware? The answer to the question, "Does the MP510 drive support hardware encryption of any kind, even though the Corsair MP510 spec sheet states "Encryption: AES 256-bit Encryption?" is... ...vaporware??? Seriously, no answer to this question??? Edited July 30, 2019 by CottageDefeat Link to comment Share on other sites More sharing options...
Pacman45 Posted July 30, 2019 Share Posted July 30, 2019 I wish I could have gotten that far with my MP510...I couldn't get the NVME formatted in my Windows 10 machine. After trying scores of recommendations from this board and others, I'm finally sending it back under the assumption it's defective. As I read this and other posts, I'm beginning to think it's an over-hyped dud. Link to comment Share on other sites More sharing options...
CottageDefeat Posted August 6, 2019 Author Share Posted August 6, 2019 Still no answer on how to enable hardware encryption on this drive? Link to comment Share on other sites More sharing options...
Administrators Technobeard Posted August 6, 2019 Administrators Share Posted August 6, 2019 I’d suggest asking our support team through a ticket at https://help.corsair.com . Link to comment Share on other sites More sharing options...
CottageDefeat Posted August 6, 2019 Author Share Posted August 6, 2019 I’d suggest asking our support team through a ticket at https://help.corsair.com . For serious? LOL! Hardware encryption is advertised as a feature, yet there is no way to enable the feature, and the appropriate course of action for the consumer is to open a support ticket? WT#? FAIL! Link to comment Share on other sites More sharing options...
Administrators Technobeard Posted August 6, 2019 Administrators Share Posted August 6, 2019 (edited) Update: I bumped into a subject matter expert who said that encryption is drive internal, i.e. between controller and NAND, and that bitlocker / 3rd party encryption would be up to the user of the drive. OPAL is not available for the MP510. Take this with a grain of salt as I could be misinterpreting what they said. Contacting the support team would be the appropriate next step for product support. Edited August 6, 2019 by Technobeard Link to comment Share on other sites More sharing options...
CottageDefeat Posted August 6, 2019 Author Share Posted August 6, 2019 Update: I bumped into a subject matter expert who said that encryption is drive internal, i.e. between controller and NAND, and that bitlocker / 3rd party encryption would be up to the user of the drive. OPAL is not available for the MP510. Take this with a grain of salt as I could be misinterpreting what they said. Contacting the support team would be the appropriate next step for product support. Thanks for the response. But, that makes no sense and can't be the answer. That makes no sense. Link to comment Share on other sites More sharing options...
CottageDefeat Posted August 12, 2019 Author Share Posted August 12, 2019 Any update on whether anyone has been able to enable hardware encryption on the MP510? Link to comment Share on other sites More sharing options...
CottageDefeat Posted September 17, 2019 Author Share Posted September 17, 2019 Does anyone know how to activate the vaporware hardware encryption on this drive? Link to comment Share on other sites More sharing options...
CottageDefeat Posted September 27, 2019 Author Share Posted September 27, 2019 How can they advertise hardware encryption, yet not have hardware encryption? Very strange. Link to comment Share on other sites More sharing options...
CottageDefeat Posted October 4, 2019 Author Share Posted October 4, 2019 Any news on how to enable the hardware encryption that is advertised to be available on the MP510? Link to comment Share on other sites More sharing options...
Corsair Employee Corsair Kevin Posted October 9, 2019 Corsair Employee Share Posted October 9, 2019 Directly from our DRAM/SSD team (paraphrased a bit): The MP510 doesn't support hardware encryption. AES 256-bit Encryption refers to software encryption, specifically Windows Bitlocker. Link to comment Share on other sites More sharing options...
CottageDefeat Posted October 9, 2019 Author Share Posted October 9, 2019 Directly from our DRAM/SSD team (paraphrased a bit): The MP510 doesn't support hardware encryption. AES 256-bit Encryption refers to software encryption, specifically Windows Bitlocker. Thank you for providing the answer that everyone knows to be true. You need to contact the marketing department and have them drop the "Encryption: AES 256-bit Encryption" claim, as shown here: https://www.corsair.com/us/en/Categories/Products/Storage/M-2-SSDs/Force-Series-MP510/p/CSSD-F1920GBMP510#tab-tech-specs ...because the answer is that the drive isn't encrypting anything, but relying on third party software encryption, the drive does not have "Encryption: AES 256-bit Encryption". This would be analogous to a car company advertising a car as "self driving". Yet, when you ask how the car drives itself, the car company says, "well, it is self driving if there is a driver in the car driving it. So long as our car has a driver in it driving the car, it is self driving." Link to comment Share on other sites More sharing options...
Corsair Employee Corsair Kevin Posted October 9, 2019 Corsair Employee Share Posted October 9, 2019 While it may not support TCG Opal, there is apparently encryption between the controller and NAND. I personally don't know the full details, but I'm still trying to get more information on it as well. Link to comment Share on other sites More sharing options...
Monstieur Posted December 30, 2019 Share Posted December 30, 2019 (edited) Directly from our DRAM/SSD team (paraphrased a bit): The MP510 doesn't support hardware encryption. AES 256-bit Encryption refers to software encryption, specifically Windows Bitlocker. This is misinformation as it has nothing to with BitLocker. NVMe drives that claim AES encryption without OPAL usually refer to ATA Security command support. There is a utility called NVMe ATA Security which lets you configure the ATA password on NVMe drives. If your BIOS doesn’t support NVMe ATA passwords you cannot boot directly from the drive and must unlock it from another boot disk, or use it as a data drive after unlocking it in the OS. From the factory, the data is always encrypted using a key derived from a blank password, so the encryption is always “on”. Setting the ATA password re-encrypts the key based on the new password. This is true of all manufacturers with similar AES-only drives and is just ignorance on the part of the marketing department. There are also AES & OPAL (but not IEEE 1667) drives which don’t work with BitLocker hardware encryption and fallback to software encryption. These drives can be unlocked on UEFI systems using SED Util or commercial OPAL software. If the drive supports IEEE 1667 as well it can be used with BitLocker hardware encryption and is usually marketed as eDrive compliant. Edited December 30, 2019 by Monstieur 1 Link to comment Share on other sites More sharing options...
dr_pangloss Posted April 8, 2020 Share Posted April 8, 2020 I recently wen through this same process with a Corsair MP600 SSD I purchased because it said it had hardware AES encryption support. It does not, the encryption is "between the controller and the NAND", what use is that? In case someone tries to desolder the NAND and use it with another controller? This marketing is dishonest. During the Covid-19 outbreak with many people working from home and being required to use encryption --this is not secure, there is no password, no anything. This drive will mount anywhere and no files will appear encrypted to the OS. Link to comment Share on other sites More sharing options...
Recommended Posts