LSI Discovers SandForce 256-Bit Encryption Limited To 128-Bit – Problem Resolved and Fix On The Way

KINGSTON RESPONSE

Fountain Valley, CA — June 11, 2012 Kingston Digital, Inc., the Flash memory affiliate of Kingston Technology Company, Inc., the independent world leader in memory products, along with LSI, its SSD processor partner, have recently been in discussions related to the encryption capabilities of the SF-2000 platform. It was discovered that the self encrypting feature that Kingston® markets on both the SSDNow V+200 and KC100 lines runs in 128-bit AES encryption mode, not the originally stated 256-bit mode. Both AES modes encrypt and secure the data on the SSD from unauthorized access ? just to different encryption standards.

Kingston is working with LSI to correct this and to ensure that future production of the aforementioned drives delivers 256-bit AES encryption mode.

Feedback from Kingston’s customer base regarding the SSDNow V+200 and KC100 model SSDs does not indicate that the encryption feature is critical or widely used in most deployments. Kingstons teams will work closely with customers who require 256-bit AES encryption to ensure that they are taken care of, and are able to swap out their current drives for ones with the correct encryption level when it becomes available. Kingston customers with further questions are encouraged to contact Kingston technical support for additional clarification.

Kingston will notate the 128-bit AES encryption mode going forward on all literature to avoid confusion until the issue is remedied. Please note that this issue affects all manufacturers of SSDs utilizing the SF-2000 family of products and is not a Kingston-centric issue. Kingston believes in the importance of a great customer experience and will continue to communicate openly with our valued customer base.

            For more information visit www.kingston.com.

User Rating: Be the first one !

16
Leave a Reply

avatar
7 Comment threads
9 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
9 Comment authors
Les@TheSSDReviewRapidSSL CeritificatesCrunchMikeZPommieB Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
The Muss
Guest
The Muss

That statement about ..monkeys!!! I loved it

Zaxx
Guest
Zaxx

Looks like Intel is offering to exchange 520 128 AES drives for 256 when they come available or refund full purchase price! Doubt Ocz will do the same tho…

seaem
Guest
seaem

Does OCZ have SF-models with encryptions enabled?

Azten
Guest
Azten

http://www.ocztechnologyforum.com/forum/showthread.php?102264

OCZ statement so far (at least on their international board, nothing on the German one so far)

PommieB
Guest
PommieB

The error or bug was found by Intel on there yearly audit, not LSI, Intel are giving returns, in there specifications they state both encryption states, and they sell a lot of these drives to companies who require good encryption, all I’ve seen so far from LSI is excuses. According to Sandforce, you need to set a password for the encryption to work anyway and they consider 95% of users don’t use it anyway and OCZ at some time or other have advertised the 256 bit encryption so the email is also a excuse. If both OCZ and Sandforce new… Read more »

Les@TheSSDReview
Guest

I spoke with LSI in the initial interview and then subsequent to the Intel release and was told it was a LSI discovery. I might have thought if Intel had discovered it they would have ramrodded the initial release and not been held back until the LSI release. To this point, there is no discussion by anyone with Intel other than there release, whereas, I spoke with LSI at length about this under NDA.

PommieB
Guest
PommieB

No offense meant Les and I can understand why you would have that opinion, the fact that Sandforce drives didn’t have the advertised 256bit encryption didn’t worry me at all, even LSI statement, I found it rather amusing actually, ( I wish my x-wife gave me statements like that, I’d have known about the affair she was having behind my back ) I read this report when you first published it. What annoyed me was the link made by OCZ, I’m sure LSI discovered and notified OCZ who removed the 256bit encryption from there specs. Had OCZ not made that… Read more »

Les@TheSSDReview
Guest

Never an argument with you Pommie and we go back a long way now. I appreciate you visiting and jumping in here when you have the opportunity and have to concede that it would be great to see your presence here.

Crunch
Guest

I wonder what, if anything, OWC offers. They make nothing but SandForce-based SSD’s.

Les@TheSSDReview
Guest

256 Bit encryption has been proven to be less secure than 128 bit. Add to that the fact that, unlike other manufacturers, LSI SandForce has encryption engines on both sides of the data and the fact that very few even use 256 Bit. Most manufacturers have simply not jumped in to respond because this isn’t as bif of a story as most would like it to be.

Crunch
Guest

It goes to show how much more Intel stands behind its products 100%, as compared to XXX, for example. They still list “256-bit chip-based encryption” on their site as of 6/24/12 @ 4:23pm PT.

Les@TheSSDReview
Guest

I appreciate your response and have edited out the specific manufacturer as your point led me to check others to which I found the same. Interesting…

Apologies if it offends in any way but I believe the point is best served without ‘targeting’ if I might mention it in that way. Tx!