• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

SandForce 256-bit AES Encryption Limited to 128-bit, Fix En Route

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,194 (7.56/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
Post acquisition, an audit by LSI reportedly discovered that the 256-bit AES native data encryption by SandForce SSD processors never was, and that the feature really just encrypted data with 128-bit AES. The problem has been resolved and a fix is in the works. LSI will share the fix with all SSD manufacturers with SandForce-based products, who could then release firmware updates to end-users.



View at TechPowerUp Main Site
 

Mussels

Freshwater Moderator
Joined
Oct 6, 2004
Messages
58,413 (7.96/day)
Location
Oystralia
System Name Rainbow Sparkles (Power efficient, <350W gaming load)
Processor Ryzen R7 5800x3D (Undervolted, 4.45GHz all core)
Motherboard Asus x570-F (BIOS Modded)
Cooling Alphacool Apex UV - Alphacool Eisblock XPX Aurora + EK Quantum ARGB 3090 w/ active backplate
Memory 2x32GB DDR4 3600 Corsair Vengeance RGB @3866 C18-22-22-22-42 TRFC704 (1.4V Hynix MJR - SoC 1.15V)
Video Card(s) Galax RTX 3090 SG 24GB: Underclocked to 1700Mhz 0.750v (375W down to 250W))
Storage 2TB WD SN850 NVME + 1TB Sasmsung 970 Pro NVME + 1TB Intel 6000P NVME USB 3.2
Display(s) Phillips 32 32M1N5800A (4k144), LG 32" (4K60) | Gigabyte G32QC (2k165) | Phillips 328m6fjrmb (2K144)
Case Fractal Design R6
Audio Device(s) Logitech G560 | Corsair Void pro RGB |Blue Yeti mic
Power Supply Fractal Ion+ 2 860W (Platinum) (This thing is God-tier. Silent and TINY)
Mouse Logitech G Pro wireless + Steelseries Prisma XL
Keyboard Razer Huntsman TE ( Sexy white keycaps)
VR HMD Oculus Rift S + Quest 2
Software Windows 11 pro x64 (Yes, it's genuinely a good OS) OpenRGB - ditch the branded bloatware!
Benchmark Scores Nyooom.
does this open them up to lawsuits?
 
Joined
May 22, 2010
Messages
387 (0.07/day)
Processor R7-7700X
Motherboard Gigabyte X670 Aorus Elite AX
Cooling Scythe Fuma 2 rev B
Memory no name DDR5-5200
Video Card(s) Some 3080 10GB
Storage dual Intel DC P4610 1.6TB
Display(s) Gigabyte G34MQ + Dell 2708WFP
Case Lian-Li Lancool III black no rgb
Power Supply CM UCP 750W
Software Win 10 Pro x64
smells like a destructive firmware update will be coming down the pipe for whoever wants this feature, i don't see how they can change the cypher length without maintaining the data...
 

deleted

New Member
Joined
Jan 12, 2011
Messages
79 (0.02/day)
System Name Monolith
Processor i5 2500K, 4.6 GHz at 1.30v
Motherboard P8Z68-V Pro
Cooling CM Hyper 212+
Memory 2x4 GB G.Skill Ripjaws 1333 MHz CL9
Video Card(s) EVGA GTX 570, 920/1840/2050 at 1.100v
Storage SanDisk Extreme 240 GB, WD Caviar Black 1 TB
Display(s) LG W2363D
Case Silverstone FT02B
Audio Device(s) Creative Audigy 2
Power Supply Kingwin LZG-850
AES-256 as an encryption standard is broken. It's actually slightly less secure than AES-128 (though still secure enough that it's basically impossible to brute force). The fact that it took nearly two years for anyone to realize that this feature has never worked is a testament to how irrelevant it is.
 
Joined
Nov 4, 2005
Messages
11,966 (1.72/day)
System Name Compy 386
Processor 7800X3D
Motherboard Asus
Cooling Air for now.....
Memory 64 GB DDR5 6400Mhz
Video Card(s) 7900XTX 310 Merc
Storage Samsung 990 2TB, 2 SP 2TB SSDs, 24TB Enterprise drives
Display(s) 55" Samsung 4K HDR
Audio Device(s) ATI HDMI
Mouse Logitech MX518
Keyboard Razer
Software A lot.
Benchmark Scores Its fast. Enough.
Who cares except if you are using the security. So that means that 99% of users don't need it.

With that being said, watch out, here come the lawsuits from idiots who don't even know the difference.
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
26,259 (4.47/day)
Location
IA, USA
System Name BY-2021
Processor AMD Ryzen 7 5800X (65w eco profile)
Motherboard MSI B550 Gaming Plus
Cooling Scythe Mugen (rev 5)
Memory 2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s) AMD Radeon RX 7900 XT
Storage Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s) Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse Nixeus REVEL-X
Keyboard Tesoro Excalibur
Software Windows 10 Home 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
does this open them up to lawsuits?
Yes, but they're being proactive about fixing it and, unless there's some documents out there that SandForce knew about it and didn't do anything, the case would be weak against them.


smells like a destructive firmware update will be coming down the pipe for whoever wants this feature, i don't see how they can change the cypher length without maintaining the data...
Flag the drive as 128-bit encrypted and require format to change to 256-bit encrypted.
 

Kreij

Senior Monkey Moderator
Joined
Feb 6, 2007
Messages
13,817 (2.13/day)
Location
Cheeseland (Wisconsin, USA)
Flag the drive as 128-bit encrypted and require format to change to 256-bit encrypted.

They really don't even need to do that. They could just release a utility that decrypts the data and re-encrypts it with a 256 bit cypher and writes it back to the drive.
 
Joined
May 22, 2010
Messages
387 (0.07/day)
Processor R7-7700X
Motherboard Gigabyte X670 Aorus Elite AX
Cooling Scythe Fuma 2 rev B
Memory no name DDR5-5200
Video Card(s) Some 3080 10GB
Storage dual Intel DC P4610 1.6TB
Display(s) Gigabyte G34MQ + Dell 2708WFP
Case Lian-Li Lancool III black no rgb
Power Supply CM UCP 750W
Software Win 10 Pro x64
They really don't even need to do that. They could just release a utility that decrypts the data and re-encrypts it with a 256 bit cypher and writes it back to the drive.

that would waste a ton of erase cycles on your flash, there's no chance in hell.

it will be a flash upgrade->secure erase firmware, but as some of you said, completely irrelevant
 
Top