Opal Storage Specification

The Opal Storage Specification ^[1] is a set of specifications for features of data storage devices (such as hard disk drives and solid state drives) that enhance their security. For example, it defines a way of encrypting the stored data so that an unauthorized person who gains possession of the device cannot see the data. That is, it is a specification for self-encrypting drives (SED).

The specification is published by the Trusted Computing Group Storage Workgroup.

Overview

The Opal SSC (Security Subsystem Class) ^{[2] [3]} is an implementation profile for Storage Devices (SD) built to:

• Protect the confidentiality of stored user data against unauthorized access once it leaves the owner's control (involving a power cycle and subsequent deauthentication).
• Enable interoperability between multiple SD vendors. ^[4]

Functions

The Opal SSC encompasses these functions:

• Security provider support
• Interface communication protocol
• Cryptographic features
• Authentication
• Table management
• Access control and personalization
• Issuance
• SSC discovery

Features

• Security Protocol 1 support
• Security Protocol 2 support
• Communications
• Protocol stack reset commands

Security

Radboud University researchers indicated in November 2018 that some hardware-encrypted SSDs, including some Opal implementations, had security vulnerabilities. ^[5]

Implementers of SSC

Device companies

• Hitachi
• Intel Corporation ^[6]
• Kingston Technology ^[7]
• Lenovo ^[8]
• Micron Technology ^[9]
• Samsung ^[10]
• SanDisk ^[11]
• Seagate Technology ^{[12] [13]} as "Seagate Secure"
• Toshiba ^{[14] [15] [16]}

Storage controller companies

• Marvell ^{[17] [18]}
• Avago/LSI SandForce flash controllers ^[19]

Software companies

• Absolute Software ^[20]
• Check Point Software Technologies ^[21]
• Dell Data Protection ^[22]
• Cryptomill ^[23]
• McAfee ^[24]
• Secude ^[25]
• Softex Incorporated ^[26]
• Sophos ^[27]
• Symantec ^[28] (Symantec supports OPAL drives, but does not support hardware-based encryption.) ^[29]
• Trend Micro ^[30]
• WinMagic ^[31]
• OpalLock ^[32] (OpalLock support Self-Encrypt-Drive capable SSD and HDD. Develop by Fidelity Height LLC)

Computer OEMs

• Dell ^[33]
• HP ^[34]
• Lenovo ^[35]
• Fujitsu ^[36]
• Panasonic ^[37]
• Getac ^[38]

References

1. "TCG Storage Security Subsystem Class: Opal Specification". Trusted Computing Group. Retrieved 2025-12-26.
2. "Flash Memory Security: Increased Confidentiality & Integrity". www.penguinsolutions.com. Retrieved 2025-12-26.
3. Yumpu.com. "Opal Storage Specification - Trusted Computing Group". yumpu.com. Retrieved 2025-12-26.
4. TCG Storage Security Subsystem Class: Opal Specification Version 2.01 Revision 1.00 . Trusted Computing Group, Incorporated. 05 August 2015. Retrieved 2019-11-22.
5. Meijer, Carlo; van Gastel, Bernard (19–23 May 2019). Self-Encrypting Deception: Weaknesses in the Encryption of Solid State Drives. 2019 IEEE Symposium on Security and Privacy (SP). San Francisco, CA, USA: IEEE. pp. 72–87. doi: 10.1109/SP.2019.00088 . hdl: 2066/207837 . ISBN   978-1-5386-6660-9. ISSN   2375-1207.
6. "Intel® SSD Pro 1500 Series (M.2): Specs". Intel.com. Retrieved 2017-05-03.
7. "Solid State Hard Drives for Business". Kingston.com. 2017-03-05. Retrieved 2017-05-03.
8. Clain Anderson (2011-02-16). "Opal – More than a Semi-Precious Stone | Lenovo". Blog.lenovo.com. Retrieved 2017-05-03.
9. "Micron Technology, Inc. - Full SSD Part Catalog". Micron.com. Retrieved 2017-05-03.
10. "Samsung V-NAND SSD". Samsung.com. Retrieved 2017-05-03.
11. "SanDisk's X300s Solid State Drive". Archived from the original on 2014-08-03. Retrieved 2014-08-02.
12. "News". Seagate. Retrieved 2017-05-03.
13. "Full Disk Encryption Software, Hard Drives, SSDs & Whole Disk". WinMagic. Retrieved 2017-05-03.
14. "Fujitsu Develops HDD Security Technology based on Opal SSC Standards - Fujitsu Global". Fujitsu.com. Retrieved 2017-05-03.
15. "Specialty | TOSHIBA Storage & Electronic Devices Solutions Company | Americas". Storage.toshiba.com. Retrieved 2017-05-03.
16. "Specialty | TOSHIBA Storage & Electronic Devices Solutions Company | Americas". Storage.toshiba.com. Retrieved 2017-05-03.
17. "Marvell Technology Group Ltd". Marvell.com. Retrieved 2017-05-03.
18. "Marvell, Kingston Collaboration Proves Positive with Over Six Million SSD Units Shipped". Kingston Technology. Retrieved 30 December 2021.
19. "SandForce Flash Storage Processor SSD Controllers". Archived from the original on 2013-08-08. Retrieved 2013-08-01.
20. "Self-Healing Endpoint Security". Absolute. Retrieved 2017-05-03.
21. "Industry-Leading Cyber Security Keeps Networks, Data Centers, Mobile Devices & Endpoints One Step Ahead | Check Point Software". Checkpoint.com. Retrieved 2017-05-03.
22. "Data Security | Dell United States". Dell.com. 2017-04-26. Retrieved 2017-05-03.
23. "CryptoMill :: Products & services". Archived from the original on 2012-02-09. Retrieved 2012-01-14.
24. "McAfee Corporate KB - KB75045". Kc.mcafee.com. Retrieved 2017-05-03.
25. "FinallySecure™ Enterprise - SECUDE AG". Archived from the original on 2012-01-26. Retrieved 2012-01-14.
26. "Comprehensive Data Encryption and Protection Solutions - SecureDrive". Softexinc.com. 2014-06-20. Retrieved 2017-05-03.
27. "Full Disk Encryption | Always-On, Multi-Platform Enterprise Encryption Synchronizes Devices, Hard Drives, Removable Media, BitLocker, and Cloud Storage Protection in Real-Time". Sophos.com. Retrieved 2017-05-03.
28. "Endpoint Encryption Powered by PGP Technology". Symantec.com. Retrieved 2017-05-03.
29. "Archived copy". Archived from the original on 2017-09-25. Retrieved 2016-02-03.
30. "Data Protection – Endpoint and Gateway Suites | Trend Micro". Us.trendmicro.com. Retrieved 2017-05-03.
31. "Full Disk Encryption Software, Hard Drives, SSDs & Whole Disk". WinMagic. Retrieved 2017-05-03.
32. "Software management of TCG self-encrypting drives". Fidelity Height LLC.
33. "Dell Official Site | Dell United States". Dell.com. 2017-04-26. Retrieved 2017-05-03.
34. "Laptop Computers, Desktops, Printers and more | HP® Official Site". Hp.com. Retrieved 2017-05-03.
35. Archived 2008-08-28 at the Wayback Machine
36. "Fujitsu News Updates - Fujitsu UK". Fujitsu.com. Retrieved 2017-05-03.
37. "Panasonic Toughpad | Rugged Tablet | Toughpad". Panasonic.com. 2015-10-27. Retrieved 2017-05-03.
38. "Rugged Notebooks, Tablets, Handhelds and Laptops from". Getac.com. Retrieved 2017-05-03.

External links

• Storage Work Group Storage Security Subsystem Class: Opal