SandForce 256-bit AES Encryption Limited to 128-bit, Fix En Route

btarunr · Jun 12, 2012

Post acquisition, an audit by LSI reportedly discovered that the 256-bit AES native data encryption by SandForce SSD processors never was, and that the feature really just encrypted data with 128-bit AES. The problem has been resolved and a fix is in the works. LSI will share the fix with all SSD manufacturers with SandForce-based products, who could then release firmware updates to end-users.

View at TechPowerUp Main Site

Mussels · Jun 12, 2012

does this open them up to lawsuits?

L'Eliminateur · Jun 12, 2012

smells like a destructive firmware update will be coming down the pipe for whoever wants this feature, i don't see how they can change the cypher length without maintaining the data...

deleted · Jun 12, 2012

AES-256 as an encryption standard is broken. It's actually slightly less secure than AES-128 (though still secure enough that it's basically impossible to brute force). The fact that it took nearly two years for anyone to realize that this feature has never worked is a testament to how irrelevant it is.

Steevo · Jun 12, 2012

Who cares except if you are using the security. So that means that 99% of users don't need it.

With that being said, watch out, here come the lawsuits from idiots who don't even know the difference.

FordGT90Concept · Jun 12, 2012

Mussels said:
does this open them up to lawsuits?

Yes, but they're being proactive about fixing it and, unless there's some documents out there that SandForce knew about it and didn't do anything, the case would be weak against them.

L'Eliminateur said:
smells like a destructive firmware update will be coming down the pipe for whoever wants this feature, i don't see how they can change the cypher length without maintaining the data...

Flag the drive as 128-bit encrypted and require format to change to 256-bit encrypted.

Kreij · Jun 12, 2012

FordGT90Concept said:
Flag the drive as 128-bit encrypted and require format to change to 256-bit encrypted.

They really don't even need to do that. They could just release a utility that decrypts the data and re-encrypts it with a 256 bit cypher and writes it back to the drive.

L'Eliminateur · Jun 12, 2012

Kreij said:
They really don't even need to do that. They could just release a utility that decrypts the data and re-encrypts it with a 256 bit cypher and writes it back to the drive.

that would waste a ton of erase cycles on your flash, there's no chance in hell.

it will be a flash upgrade->secure erase firmware, but as some of you said, completely irrelevant

System Name	RBMK-1000
Processor	AMD Ryzen 7 5700G
Motherboard	Gigabyte B550 AORUS Elite V2
Cooling	DeepCool Gammax L240 V2
Memory	2x 16GB DDR4-3200
Video Card(s)	Galax RTX 4070 Ti EX
Storage	Samsung 990 1TB
Display(s)	BenQ 1440p 60 Hz 27-inch
Case	Corsair Carbide 100R
Audio Device(s)	ASUS SupremeFX S1220A
Power Supply	Cooler Master MWE Gold 650W
Mouse	ASUS ROG Strix Impact
Keyboard	Gamdias Hermes E2
Software	Windows 11 Pro

System Name	Rainbow Sparkles (Power efficient, <350W gaming load)
Processor	Ryzen R7 5800x3D (Undervolted, 4.45GHz all core)
Motherboard	Asus x570-F (BIOS Modded)
Cooling	Alphacool Apex UV - Alphacool Eisblock XPX Aurora + EK Quantum ARGB 3090 w/ active backplate
Memory	2x32GB DDR4 3600 Corsair Vengeance RGB @3866 C18-22-22-22-42 TRFC704 (1.4V Hynix MJR - SoC 1.15V)
Video Card(s)	Galax RTX 3090 SG 24GB: Underclocked to 1700Mhz 0.750v (375W down to 250W))
Storage	2TB WD SN850 NVME + 1TB Sasmsung 970 Pro NVME + 1TB Intel 6000P NVME USB 3.2
Display(s)	Phillips 32 32M1N5800A (4k144), LG 32" (4K60) \| Gigabyte G32QC (2k165) \| Phillips 328m6fjrmb (2K144)
Case	Fractal Design R6
Audio Device(s)	Logitech G560 \| Corsair Void pro RGB \|Blue Yeti mic
Power Supply	Fractal Ion+ 2 860W (Platinum) (This thing is God-tier. Silent and TINY)
Mouse	Logitech G Pro wireless + Steelseries Prisma XL
Keyboard	Razer Huntsman TE ( Sexy white keycaps)
VR HMD	Oculus Rift S + Quest 2
Software	Windows 11 pro x64 (Yes, it's genuinely a good OS) OpenRGB - ditch the branded bloatware!
Benchmark Scores	Nyooom.

Processor	R7-7700X
Motherboard	Gigabyte X670 Aorus Elite AX
Cooling	Scythe Fuma 2 rev B
Memory	no name DDR5-5200
Video Card(s)	Some 3080 10GB
Storage	dual Intel DC P4610 1.6TB
Display(s)	Gigabyte G34MQ + Dell 2708WFP
Case	Lian-Li Lancool III black no rgb
Power Supply	CM UCP 750W
Software	Win 10 Pro x64

System Name	Monolith
Processor	i5 2500K, 4.6 GHz at 1.30v
Motherboard	P8Z68-V Pro
Cooling	CM Hyper 212+
Memory	2x4 GB G.Skill Ripjaws 1333 MHz CL9
Video Card(s)	EVGA GTX 570, 920/1840/2050 at 1.100v
Storage	SanDisk Extreme 240 GB, WD Caviar Black 1 TB
Display(s)	LG W2363D
Case	Silverstone FT02B
Audio Device(s)	Creative Audigy 2
Power Supply	Kingwin LZG-850

System Name	Compy 386
Processor	7800X3D
Motherboard	Asus
Cooling	Air for now.....
Memory	64 GB DDR5 6400Mhz
Video Card(s)	7900XTX 310 Merc
Storage	Samsung 990 2TB, 2 SP 2TB SSDs, 24TB Enterprise drives
Display(s)	55" Samsung 4K HDR
Audio Device(s)	ATI HDMI
Mouse	Logitech MX518
Keyboard	Razer
Software	A lot.
Benchmark Scores	Its fast. Enough.

SandForce 256-bit AES Encryption Limited to 128-bit, Fix En Route

btarunr

Editor & Senior Moderator

Mussels

Freshwater Moderator

L'Eliminateur

deleted

New Member

Steevo

FordGT90Concept

"I go fast!1!11!1!"

Kreij

Senior Monkey Moderator

L'Eliminateur

System Name	BY-2021
Processor	AMD Ryzen 7 5800X (65w eco profile)
Motherboard	MSI B550 Gaming Plus
Cooling	Scythe Mugen (rev 5)
Memory	2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s)	AMD Radeon RX 7900 XT
Storage	Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s)	Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case	Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s)	Realtek ALC1150, Micca OriGen+
Power Supply	Enermax Platimax 850w
Mouse	Nixeus REVEL-X
Keyboard	Tesoro Excalibur
Software	Windows 10 Home 64-bit
Benchmark Scores	Faster than the tortoise; slower than the hare.