Intel Discovers SandForce SF-2281 Controller Can't Do AES-256 Encryption, Offers Return Program
by Anand Lal Shimpi on June 11, 2012 4:50 PM ESTAlthough SandForce's SF-2281 controller has been shipping for well over a year at this point, it took Intel to discover a bug in the controller that prevents it from properly supporting AES-256 encryption. The bug is at the controller level and can't be fixed with a firmware update. AES-128 encryption works perfectly fine as does the drive's standard, un-encrypted operation mode. If you have an Intel SSD 520 and need AES-256 support, Intel has introduced a return program. If you purchased your 520 on or before July 1, 2012 you can contact Intel for a full refund of purchase price. You have to complete the request by October 1, 2012. If you want a Cherryville/SF-2281 drive with proper AES-256 support you'll have to wait a few months for a new spin of the controller it seems.
Source: Intel
45 Comments
View All Comments
jayhawk11 - Monday, June 11, 2012 - link
How the heck do you screw this up?N4g4rok - Monday, June 11, 2012 - link
Weird, As long as it's been out, i'm surprised this hasn't been discovered before. Hopefully it didn't mess too many people up.mckirkus - Monday, June 11, 2012 - link
Step 1> Review features checklist on the side of the box.Step 2> Write test cases to ensure the features are working
Step 3> Send to QA
Step 4> Assume nobody will find out about bugs revealed by QA testing?
dananski - Monday, June 11, 2012 - link
I think Sandforce have a parallel step 3: release product to partners for public distribution.Is it a hard-to-spot bug, like it appears to be doing the encryption but it's not doing it / not in the way it should, or is it a blindingly obvious bug like you try to enable AES-256 and there is some big error / your data gets corrupted?
Kudos to Intel on not only being the only ones with enough testing emphasis to spot this, but also immediately offering appropriate refunds.
MrSpadge - Tuesday, June 12, 2012 - link
It seems to be a bug which is hard to catch. Otherwise Intel wouldn't have needed as much time to do so, would they?Marsolin - Tuesday, June 12, 2012 - link
It's hard to catch because the drive is doing the encryption, it's just 128-bit instead of 256-bit like the user expects. And since everything is done through the controller there's nothing else that sees the mistake.rs2 - Monday, June 11, 2012 - link
Step 1> Review features checklist on the side of the box.Step 2> Write test cases to ensure the features are working
Step 3> ???
Step 4> Profit!
There, I fixed it for you.
meloz - Monday, June 11, 2012 - link
Very embarassing, but at least they are handling the issue in a way to minimize the pain for consumers.I wonder when -if ever- we will see Intel return to using their in-house controllers again? They had to use SF because I suppose their internal design was too conservative (performance wise), but eventually you would expect them to do it all inside Intel.
Kevin G - Monday, June 11, 2012 - link
Considering the cut throat nature of the consumer SSD market, Intel will likely stay out of the controller side. They may return to the enterprise market however.In the long term, I do see Intel integrating their SSD controllers into mobile SoC to further reduce board space and improve performance.
Kevin G - Monday, June 11, 2012 - link
"If you purchased your 520 on or before July 1, 2012 you can contact Intel for a full refund of purchase price. "Because I like to go back to the future to order my SSD's.