Kingston Announces Encryption Issue with The LSI/SandForce SF-2000 and any SSDs That use this Controller

Kingston-logoWith all of the security related news flying around we have received word from Kingston about an issue that affects the encryption feature in their SSDNow V+200 and KC100 lines. The issue is with the level of encryption that the SF-2000 is presenting. According to LSI (Pronounce that SandForce) the SF-2000 should be encrypting your data with 256-bit AES encryption. The problem is that it is not providing that and is instead only hitting 128-Bit AES Encryption.

Now so far we have not heard of any complaints or of anyone breaking through the existing encryption (at 128-Bit), but it is still good that Kingston is stepping forward and bringing this to light now instead of waiting until after there is an issue with a breach of security. 128-bit AES still provides some level of encryption, just not as good as it can be.

According to the release that Kingston sent out they are working with LSI/Sandforce to ensure that the SF-2000 will provide the stated encryption levels and that they are going to change all documentation to reflect the 128-bit AES mode until such time as the issue is corrected.

We have reprinted the whole press release below so you can read what Kingston has to say on the issue.

For Release 1:30 p.m. PDT, June 11, 2012:

 

Kingston Digital Statement on SF-2000-based Encrypted SSDs

Fountain Valley, CA -- June 11, 2012 -- Kingston Digital, Inc., the Flash memory affiliate of Kingston Technology Company, Inc., the independent world leader in memory products, along with LSI, its SSD processor partner, have recently been in discussions related to the encryption capabilities of the SF-2000 platform. It was discovered that the ’self encrypting’ feature that Kingston® markets on both the SSDNow V+200 and KC100 lines runs in 128-bit AES encryption mode, not the originally stated 256-bit mode. Both AES modes encrypt and secure the data on the SSD from unauthorized access ― just to different encryption standards.

Kingston is working with LSI to correct this and to ensure that future production of the aforementioned drives delivers 256-bit AES encryption mode.

Feedback from Kingston's customer base regarding the SSDNow V+200 and KC100 model SSDs does not indicate that the encryption feature is critical or widely used in most deployments. Kingston’s teams will work closely with customers who require 256-bit AES encryption to ensure that they are taken care of, and are able to swap out their current drives for ones with the correct encryption level when it becomes available. Kingston customers with further questions are encouraged to contact Kingston technical support for additional clarification.

Kingston will notate the 128-bit AES encryption mode going forward on all literature to avoid confusion until the issue is remedied. Please note that this issue affects all manufacturers of SSDs utilizing the SF-2000 family of products and is not a Kingston-centric issue. Kingston believes in the importance of a great customer experience and will continue to communicate openly with our valued customer base.

For more information visit www.kingston.com.

Discuss this in our Forum

No comments

Leave your comment

In reply to Some User