01-16-2014 08:52 PM
Knowing a little about the ATA Security command set, SED SSDs, etc., I would like some clarification on what, exactly, the two functions (1 - Normal Erase and 2- Resetting the Cryptographic Key) do.
The standard ATA Security commands are "SECURITY ERASE UNIT" and "ENHANCED SECURITY ERASE UNIT". Both can be used, if supported, via specialty utilities such as the DOS-based HDDErase, recent releases of linux-based Partition Magic, etc. Most drives report the same amount of time required to execute each one, if available, and the time is generally scaled to drive size for HDDs (sometimes > 2 hrs for large drives) but is reported as a pretty standard 2 minutes for SSDs (though running usually takes less time than that on SSDs).
When I boot the utility on my W520 and choose option #1 from the lenovo utility that sets up the BIOS function on reboot, only item #1 indicated it will take two minutes and \item #1 takes at least 20 second or more. Pretty good evidence that item #1 is a SECURE ERASE UNIT call.
Item #2, "Resetting the Cryptographic Key", however, takes < 5 seconds. This indicates to me that it may not actually be a call to "ENHANCED SECURITY ERASE UNIT", but some other call.
Alternately, it might be "ENHANCED SECURITY ERASE UNIT" and the drives (different models) aren't being up front about the time it takes to do this.
Any ideas from folks experienced in this area or from Lenovo reps?