Intel Discovers SandForce SF-2281 Controller Can't Do AES-256 Encryption, Offers Return Program
by Anand Lal Shimpi on June 11, 2012 4:50 PM ESTAlthough SandForce's SF-2281 controller has been shipping for well over a year at this point, it took Intel to discover a bug in the controller that prevents it from properly supporting AES-256 encryption. The bug is at the controller level and can't be fixed with a firmware update. AES-128 encryption works perfectly fine as does the drive's standard, un-encrypted operation mode. If you have an Intel SSD 520 and need AES-256 support, Intel has introduced a return program. If you purchased your 520 on or before July 1, 2012 you can contact Intel for a full refund of purchase price. You have to complete the request by October 1, 2012. If you want a Cherryville/SF-2281 drive with proper AES-256 support you'll have to wait a few months for a new spin of the controller it seems.
Source: Intel
Facebook
Twitter
RSS
45 Comments
View All Comments
ComputerNovice22 - Monday, June 11, 2012 - link
Unless this is a Intel only issue, in which case it does make them look silly... So is this a Intel only issue or Sandforce related?BSMonitor - Tuesday, June 12, 2012 - link
Sandforce. Read the article.ComputerNovice22 - Tuesday, June 12, 2012 - link
I read the article however Intel made their own custom firmware for their 520 SSD so it's possible that something they did to their own special version of the SSD combined with the SandForce controller caused the issue, however it does appear to be Sandforce related since it says "it can't be fixed via a firmware update" which most likely eliminates Intel's special firmware as the cause (most likely).gamoniac - Monday, June 11, 2012 - link
It sounds like this affects all SF-2281 SSDs. I wonder if other SF-2281 SSD vendors would offer the same return/refund Intel does? Given the amount of vendors and people that have collectively failed to find this bug, this has got to be the most embarassing tech HW moments in recent years.Tommyv2 - Monday, June 11, 2012 - link
You're all missing the obvious thing - Intel isn't saying anything about the 330 series, because it only talks about the 256-bit on the 520. Ditto on the other vendors - no one promised it, hence no PR problem.Per Hansson - Tuesday, June 12, 2012 - link
This article makes it clear that it was Intel that discovered the bug but "The SSD Review" has another view of it:http://thessdreview.com/latest-buzz/lsi-discovers-...
BSMonitor - Tuesday, June 12, 2012 - link
Of course the parent company would "say" that. Why would they paint it that they need their manufactures to find bugs for them.ekerazha - Tuesday, June 12, 2012 - link
Actually, AES-128 is *more* secure than AES-256.Complexity to recover the key:
AES-256: 2^99.5 (related-key attacks)
AES-128: 2^126.1 (bicliques based attacks)
AES-192: 2^176 (related-key attacks)
Actually, AES-256 is the weakest.
Narrlok - Tuesday, June 12, 2012 - link
how many users actually use Intel's own FDE instead of using something like TrueCrypt or BitLocker? Does this affect anyone using these SSDs if they don't use Intel's FDE?ekon - Tuesday, June 12, 2012 - link
The concept of FDE is actually very appealing to users of TrueCrypt/DiskCryptor/BitLocker, which have significant performance impacts on SSDs and question marks about wear effects.But FDE is undermined by poor (practically nonexistent) documentation for consumer end users, spotty implementation (no guarantee you'll be able to access the data if you move the drive from one motherboard to another) and significant limitations (e.g. not functioning when the interface is set to AHCI or RAID mode).