June 11th, 2012 by Brian Beeler
LSI SandForce AES Encryption Strength Flaw Revealed
Intel sent a moderate chill through the SSD world this afternoon by announcing that their Intel SSD 520 is getting a spec change from AES 256-bit encryption to AES 128-bit encryption. As it turns out, the problem affects all SandForce SF-2000 series controllers (SF-2200 consumer and SF-2500 enterprise controllers) and spec change announcements from all the manufacturers who use SandForce controllers are rolling out. For most users the change isn't an issue, the National Security Agency (NSA) still qualifies AES 128-bit encryption for secret classification, where top secret requires 256-bit encryption.
How Did The AES Issue Happen?
SandForce first generation SSD controllers used 128-bit encryption, the step up to 256-bit encryption in the current generation two line was more of a progressive update to enhance security for more demanding users. There is a catch however, some governments around the world don't allow the sale of 256-bit encrypted devices into their respective countries. As a result SandForce had to create two versions of the SF-2000 family processors, one with 128-bit encryption and one with 256-bit.
During a planned controller analysis study SandForce discovered a problem where all the SF-2000 controllers were showing 128-bit encryption. The issue appears to be traced back to a configuration problem along the way where the encryption setting was simply incorrect for the line.
How Does The AES Issue Get Fixed?
SandForce is already working on a new controller and firmware build that will enable 256-bit encryption as was intended. Unfortunately there's not an upgrade path for current SSDs in the market, a new controller is needed to enable the higher security encryption. SandForce hasn't issued a timeline for the fix however.
Does This Affect Me?
If you're asking the question then probably not. If you're a government client then you likely already know about the problem and have adjusted accordingly.
Intel and Kingston have already issued "Spec Sheet Updates" and all other SandForce buyers will follow suit in the near term. Concerns should route through each SSD manufacturer and while official policies are to be determined, the spec sheet change could be viewed as a material change that warrants a replacement drive when new hardware is available. We're not legal experts but it would also seem likely that LSI SandForce will be compelled to account in detail as to why it took a year and a half to find this problem when the innevitable class action lawsuit gets filed.