SandForce SF-2000 series controller limited to 128-bit AES encryption

By on June 12, 2012, 9:30 AM

SandForce announced their SF-2000 series controller way back in 2010 as an overall improvement to the SF-1200 and SF-1500 series. Part of that upgrade included better security as the controller adopted a 256-bit AES algorithm, up from the 128-bit AES encryption on previous models. The problem, however, is that the 256-bit AES encryption on the SF-2000 controller doesn’t work properly.

The result is that SF-2000 controllers are still using 128-bit encryption, although that wasn’t exactly in the plans. The Tech Report spoke with SandForce to get a better understanding of the situation. As they were told, the US government doesn’t allow products with 256-bit encryption to be sold to certain countries.

There is an internal mechanism of sorts that is supposed to switch the drive between 128-bit and 256-bit encryption but it’s not working. When probed as to what exactly was wrong, SandForce said they couldn’t say due to security reasons. They did reveal that the issue is hardware-related and can be fixed with a firmware update.

The issue was recently uncovered during a security audit with Intel taking some of the credit as part of a specification update to their 520 Series SSDs. Although SandForce didn’t specifically say when the problem came to light, the publication got the impression that it had been within a number of days rather than weeks.

Intel will be offering refunds to buyers until October 1 while Kingston will offer users an exchange program where they cover the cost of return shipping. SandForce said that manufacturers would be responsible for dealing with customer returns with regards to the issue.




User Comments: 3

Got something to say? Post a comment
cliffordcooley cliffordcooley, TechSpot Paladin, said:

"As they were told, the US government doesn't allow products with 256-bit encryption to be sold to certain countries."

WTF

Opus Opus said:

"As they were told, the US government doesn't allow products with 256-bit encryption to be sold to certain countries."

WTF

I guess to self presumed axis of evil countries. LOL as if 256 bit encryption can not be broken?

Jibberish18 said:

I always chuckle when I read "Axis Of Evil". Think Will Ferrell.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.