256-bit AES encryption broken in SandForce SSD controllers
When SandForce announced the SF-2000 SSD controller family, it touted the controller's ability to encrypt data with a 256-bit AES algorithm. The previous generation of SandForce controllers did 128-bit AES encryption, but the new chip added a second hardware engine with AES-256 support. Trouble is, the SF-2000 controller's 256-bit encryption doesn't work properly. Although the latest SandForce controllers encrypt data using AES, they do so using only 128 bits.
We just got off the phone with SandForce, who we contacted in order to better understand this issue. A company representative told us the SF-2000 controllers retained their AES-128 support because the US government doesn't allow products with 256-bit encryption to be sold to some countries. Sounds like the mechanism that determines whether the controller uses 128- or 256-bit encryption is broken, although SandForce wouldn't go into specifics for "security reasons." The firm did say the problem exists in hardware and requires accompanying firmware changes. SandForce characterized the necessary hardware tweak as a "manufacturing step" rather than a re-spin of the silicon.
- Fri, 2013-05-10 00:15
- Thu, 2013-05-09 01:43
- Tue, 2013-02-19 07:19