Bug on LSI/SandForce SF-2000 Controller

To read this article from Tom’s Hardware, click on:
SandForce SF-2000 Controllers Limited to 128-Bit Encryption
In a quality audit, it was discovered that the SF-2000 Series Controllers don’t operate at its 256-Bit Encryption specificaton, but currently is limited to 128-Bit Encryption

Intel and Kingston, utilizing these processors,
as well as LSI provided responses to the issue.

LSI says that "the necessary hardware and firmware updates are currently in process to enable full 256-bit encryption for those customers who need it."

Intel’s Response:

As part of ongoing quality assurance, Intel Corporation has discovered a limitation of the AES (Advanced Encryption Standard) encryption feature in the Intel SSD 520 Series, code-named Cherryville. Intel has published a Specification Update for the Intel SSD 520 Series product, updating the specification from AES 256-bit encryption to AES 128-bit encryption. Other Intel Solid-State Drives with data encryption, such as Intel SSD 320 Series, also feature AES 128-bit encryption.

The AES feature in the Intel SSD 520 Series, when used in combination with a strong user and master HDD password (if supported, consult your system manufacturer), helps secure the data from access by anyone that does not know the password. AES 128-bit refers to the length of the key used for data encryption. In the Intel SSD 520 Series, the key length is 128 bits. The higher the number of bits in a key, the stronger the level of encryption. Intel believes AES 128-bit encryption meets the data encryption requirements of most customers.

Intel stands behind its products and is committed to product quality, and is working to bring full AES 256-bit encryption to future products. If, however, our customers are not satisfied with the 128-bit encryption in an Intel 520 Series SSD purchased before July 1, 2012, they can contact Intel customer support prior to October 1, 2012 to return their product and Intel is offering to provide a full refund of the purchase price. For further information or questions about this specification change, consumers should contact Intel Customer Support.

Kingston’s Response:

Kingston Digital, Inc., the Flash memory affiliate of Kingston Technology Company, Inc., the independent world leader in memory products, along with LSI, its SSD processor partner, have recently been in discussions related to the encryption capabilities of the SF-2000 platform. It was discovered that the ‘self encrypting’ feature that Kingston markets on both the SSDNow V+200 and KC100 lines runs in 128-bit AES encryption mode, not the originally stated 256-bit mode. Both AES modes encrypt and secure the data on the SSD from unauthorized access – just to different encryption standards.

Kingston is working with LSI to correct this and to ensure that future production of the aforementioned drives delivers 256-bit AES encryption mode.

Feedback from Kingston’s customer base regarding the SSDNow V+200 and KC100 model SSDs does not indicate that the encryption feature is critical or widely used in most deployments. Kingston’s teams will work closely with customers who require 256-bit AES encryption to ensure that they are taken care of, and are able to swap out their current drives for ones with the correct encryption level when it becomes available. Kingston customers with further questions are encouraged to contact Kingston technical support for additional clarification.

Kingston will notate the 128-bit AES encryption mode going forward on all literature to avoid confusion until the issue is remedied. Please note that this issue affects all manufacturers of SSDs utilizing the SF-2000 family of products and is not a Kingston-centric issue. Kingston believes in the importance of a great customer experience and will continue to communicate openly with our valued customer base.