Intel, Kingston to Replace SSDs Due to Errors with 256-Bit Encryption by SandForce Controllers

LSI Acknowledges Issues with AES-256 Encryption by SandForce SF-2000 Controllers

by Anton Shilov
06/12/2012 | 12:56 PM

LSI Corp. on Monday acknowledged that its latest SandForce SF-2000 solid-state drives controllers fail to encrypt data using 256-bit AES algorithm. As a result, Intel Corp. and Kingston Technology will either recall solid-state drives with controllers incapable of 256-bit data encryption or will change them for new ones.


As part of a detailed validation and quality assurance analysis of the security implementation in the SF-2000 series controllers, it was discovered that the AES-XTS engine was restricted to 128-bit encryption, LSI said in a statement. The necessary hardware and firmware updates are currently in process to enable full 256-bit encryption for those customers who need it.

"LSI believes AES 128-bit encryption meets the data encryption requirements of most customers. Customers that believe they require 256-bit encryption should contact their SSD manufacturer to obtain specific information about their SSD," the official statement by the designer of the SSD controllers reads.

Both Intel and Kingston utilize SandForce SF-2000 controllers inside their 520-series and SSDNow V+200 and KC100 lines of solid-state drives. The two companies are working to bring AES 256-bit encryption to future products, but will replace or exchange SSDs incapable of 256-bit encryption to customers who require the feature.

"Customers not satisfied with the 128-bit encryption in an Intel 520-series SSD purchased before July 1, 2012, they can contact Intel customer support prior to October 1, 2012 to return their product and Intel is offering to provide a full refund of the purchase price," a statement by Intel reads.

Feedback from Kingston's customer base regarding the SSDNow V+200 and KC100 model SSDs does not indicate that the encryption feature is critical or widely used in most deployments. Kingston’s teams will work closely with customers who require 256-bit AES encryption to ensure that they are taken care of, and are able to swap out their current drives for ones with the correct encryption level when it becomes available.