Earlier this week it was revealed that LSI's Sandforce 2000-series controllers couldn't quite live up to the features major manufacturers and LSI themselves claimed it could. Intel was one of the first to announce that their market-leading 520-Series SSD, which utilises a Sandforce SF-2281 controller, was not operating to AES-256 encryption protocols. This will be something of an embarrassment to Intel even though it appears to be a 3rd party controller at fault - the company quite rightly pride themselves on their Quality Assurance and were quick to reassure those concerned that there would be no dip in quality when moving to the Sandforce performance platform.
Intel SSD 520 Series - Encryption Spec Update
As part of ongoing quality assurance, Intel Corporation has discovered a limitation of the AES (Advanced Encryption Standard) encryption feature in the Intel® SSD 520 Series, code-named Cherryville. Intel has published a specification update for the Intel SSD 520 Series product, updating the specification from AES 256-bit encryption to AES 128-bit encryption. Other Intel Solid-State Drives with data encryption, such as Intel SSD 320 Series, also feature AES 128-bit encryption.
The AES feature in the Intel SSD 520 Series, when used in combination with a strong user and master HDD password (if supported, consult your system manufacturer), helps secure the data from access by anyone that does not know the password. AES 128-bit refers to the length of the key used for data encryption. In the Intel SSD 520 Series, the key length is 128 bits. The higher the number of bits in a key, the stronger the level of encryption. Intel believes AES 128-bit encryption meets the data encryption requirements of most customers.
Intel stands behind its products and is committed to product quality, and is working to bring AES 256-bit encryption to future products. If, however, our customers are not satisfied with the 128-bit encryption in an Intel 520 Series SSD purchased before July 1, 2012, they can contact Intel customer support prior to October 1, 2012 to return their product and Intel is offering to provide a full refund of the purchase price. For further information or questions about this specification change, consumers should contact Intel Customer Support.
As part of ongoing quality assurance, Intel Corporation has discovered a limitation of the AES (Advanced Encryption Standard) encryption feature in the Intel® SSD 520 Series, code-named Cherryville. Intel has published a specification update for the Intel SSD 520 Series product, updating the specification from AES 256-bit encryption to AES 128-bit encryption. Other Intel Solid-State Drives with data encryption, such as Intel SSD 320 Series, also feature AES 128-bit encryption.
The AES feature in the Intel SSD 520 Series, when used in combination with a strong user and master HDD password (if supported, consult your system manufacturer), helps secure the data from access by anyone that does not know the password. AES 128-bit refers to the length of the key used for data encryption. In the Intel SSD 520 Series, the key length is 128 bits. The higher the number of bits in a key, the stronger the level of encryption. Intel believes AES 128-bit encryption meets the data encryption requirements of most customers.
Intel stands behind its products and is committed to product quality, and is working to bring AES 256-bit encryption to future products. If, however, our customers are not satisfied with the 128-bit encryption in an Intel 520 Series SSD purchased before July 1, 2012, they can contact Intel customer support prior to October 1, 2012 to return their product and Intel is offering to provide a full refund of the purchase price. For further information or questions about this specification change, consumers should contact Intel Customer Support.
Kingston Digital, whose SSDNow V+200 and KC100 lines also make use of LSI SF-2000 series controllers, were quick to join Intel in offering a replacement service to affected users. Noting that relatively few customers make use of AES-256, they vowed to work closely with those who require this higher level of protection:
Kingston Digital Statement on SF-2000-based Encrypted SSDs
Sunbury – on – Thames, UK June 12th Kingston Digital Europe Ltd, an affiliate of Kingston Technology Company Inc., the independent world leader in memory, along with LSI, its SSD processor partner, have recently been in discussions related to the encryption capabilities of the SF-2000 platform. It was discovered that the ’self encrypting’ feature that Kingston® markets on both the SSDNow V+200 and KC100 lines runs in 128-bit AES encryption mode, not the originally stated 256-bit mode. Both AES modes encrypt and secure the data on the SSD from unauthorized access ― just to different encryption standards.
Kingston is working with LSI to correct this and to ensure that future production of the aforementioned drives delivers 256-bit AES encryption mode.
Feedback from Kingston's customer base regarding the SSDNow V+200 and KC100 model SSDs does not indicate that the encryption feature is critical or widely used in most deployments. Kingston’s teams will work closely with customers who require 256-bit AES encryption to ensure that they are taken care of, and are able to swap out their current drives for ones with the correct encryption level when it becomes available. Kingston customers with further questions are encouraged to contact Kingston technical support for additional clarification.
Kingston will notate the 128-bit AES encryption mode going forward on all literature to avoid confusion until the issue is remedied. Please note that this issue affects all manufacturers of SSDs utilizing the SF-2000 family of products and is not a Kingston-centric issue. Kingston believes in the importance of a great customer experience and will continue to communicate openly with our valued customer base.
For more information visit www.kingston.com/europe
Sunbury – on – Thames, UK June 12th Kingston Digital Europe Ltd, an affiliate of Kingston Technology Company Inc., the independent world leader in memory, along with LSI, its SSD processor partner, have recently been in discussions related to the encryption capabilities of the SF-2000 platform. It was discovered that the ’self encrypting’ feature that Kingston® markets on both the SSDNow V+200 and KC100 lines runs in 128-bit AES encryption mode, not the originally stated 256-bit mode. Both AES modes encrypt and secure the data on the SSD from unauthorized access ― just to different encryption standards.
Kingston is working with LSI to correct this and to ensure that future production of the aforementioned drives delivers 256-bit AES encryption mode.
Feedback from Kingston's customer base regarding the SSDNow V+200 and KC100 model SSDs does not indicate that the encryption feature is critical or widely used in most deployments. Kingston’s teams will work closely with customers who require 256-bit AES encryption to ensure that they are taken care of, and are able to swap out their current drives for ones with the correct encryption level when it becomes available. Kingston customers with further questions are encouraged to contact Kingston technical support for additional clarification.
Kingston will notate the 128-bit AES encryption mode going forward on all literature to avoid confusion until the issue is remedied. Please note that this issue affects all manufacturers of SSDs utilizing the SF-2000 family of products and is not a Kingston-centric issue. Kingston believes in the importance of a great customer experience and will continue to communicate openly with our valued customer base.
For more information visit www.kingston.com/europe
Though the problem only affects a small number of end users, this latest set-back will do nothing to aid the reputation of Sandforce-based drives. Thankfully AES 128-bit encryption does appear to be up to the required standards, and it doesn't sound like data was appreciably more vulnerable than 128-bit encryption if AES-256 was selected. Following early issues such drives had turned a corner on reliability whilst retaining excellent speed figures, culminating in Intel picking them up for the 520-series. Hopefully LSI can move past this and remain competitive in the next few months, as newer drives with non-LSI controllers become more common.
Source: Intel Statement, Kingston Statement, LSI Corporation Statement
