TCG Opal is the most common security protocol for SSDs. It handles the encryption/decryption of information within the device without requiring a host, enabling fast encryption/ decryption and minimizing the risk of data leakage without affecting system performance.

The main functions of TCG Opal are as follows:

• Encryption: AES 256-bit Hardware Encryption Technology
• Drive Locking with Password Protection: Password Lock
• Range Based Locking/Unlocking: Function settings can be divided into multiple regions
• Authentication

To be TCG Opal compliant, an SSD would have the following characteristics:

• Both encryption and decryption are automatically executed within the device without being processed by the Host end, while the key is stored in the device with AES-128 or AES-256 advanced encryption standard.
• Prior to power up, authentication is carried out. The user is required to enter a Shadow MBR to perform identity confirmation, and once passed, the actual power-up procedure is initiated.
• Zoning and Authorization Setting functions where the manager can establish a Logical Block Address (LBA) to set different access limit for a different LBA, as those with the corresponding keys is authorized to enter the designated Block to execute authorized operations.