|
![](/i/fill.gif) |
I ordered some office supplied, and as usual they arrived with a flyer
telling me about all the fabulous stuff I could be buying. (E.g.,
is impressive...)
One thing that caught my eye was a USB flash drivewith "AES 256-bit
hardware encryption" and "high strength password enforcement".
Obviously, my first assumption was that this is snake oil. For example,
I read a while back about a HD with "hardware AES-256 encryption", where
all it actually did was XOR all the data with a fixed 32-bit mask, and
then AES-encrypt that mask. So the /mask/ is encrypted with powerful
encryption, but the actual /data/ is trivially XOR-encrypted.
The little "FIPS 140-2" tag is a nice touch. Presumably that's just the
code number of the document that formally specifies the AES algorithm or
something.
Obviously the supplier's website contains no technical data at all. Like
most products, it's quite clearly been copied and pasted from somewhere
else (complete with mis-encoded special symbols). Eventually I tracked
down the product on the manufacturer's website. Apparently it /really
has/ been sent to an independent lab for conformance testing, and
there's actually a FIPS certificate number. I was eventually able to dig
this up on the FIPS website.
It's unclear to me what was actually tested. (E.g., I'm almost certain
they /didn't/ get professional cryptographers to try to crack the
encryption and retried data out of it.) Probably they just tested that
it implements AES correctly or something by comparing it against some
known test vectors.
From what technical details I can find, it appears that it stores the
SHA-1 hash of a user-supplied password, and uses that for
authentication. The AES encryption keys are apparently stored
unencrypted inside the unit. Actual data is encrypted with these keys,
running the cipher in CBC mode. (Not the strongest, but not the weakest
either.) It uses a hardware RNG together with the ANSI X9.31 PRNG
algorithm. And it sounds like physically it's fairly hard to get into
the device.
The documents confirm that the device is certified to FIPS 140-2 level 2
compliance. (The highest level is level 4, and it looks like it wouldn't
be applicable to portable devices, only to complete systems.) It's using
a sensible-looking set of algorithms, and it's been through some kind of
verification process. So I'm reasonably confident that this device isn't
/trivially/ hackable.
(I was, however, amused by the manufacturer's product advert. "This
product is routinely used by the hospitals, banks, the police and the
armed forces." Well, yes, technically that's probably true. And
unencrypted floppy disks are also almost certainly used by the same
people. Does that make unencrypted floppy disks count as "secure"? For
that appears to be what they're trying to imply...)
My next step was to go to my supplier of choice and see what kinds of
encrypted USB devices they could sell me, at what prices.
password protection for added security". No word on how it's
implemented. I imagine it isn't especially secure, it just stops curious
individuals nosing through your files.
All of the cheapest "secure" drives mention the keyword "software". In
other words, it's a normal USB drive, with some [probably Windows-only]
software on it which asks you for a password, and won't let you access
any files unless you type in the correct password. I severely doubt that
any data is actually encrypted; instead, the supplied software merely
refuses to let you look without the password. It's probably trivially
easy to defeat such software. (Perhaps it's as simple as installing
Linux...)
(which is by no means "expensive" compared to the other products in the
list). The fact that the system requirements claim that "2 unused drive
letters" are required suggests that once again, this is a software
solution. In other words, when you insert the thing, it runs some
[Windows] software that transparently encrypts and decrypts data as it
is transferred. Still, that's a small step up in security. Even if the
software doesn't function, you can't get at the data. (Assuming it does
something sensible with the encryption keys.)
Going up the price list, all the "secured" devices still talk about
hardware (although they gradually shout louder and louder about AES).
The cheapest product I could find which is definitely using /hardware/
other big-brand devices.) "Includes XYZ software to access the encrypted
data." So you still need Windows to access it.
on the casing that allows you to enter a PIN (from 4 to 10 digits).
Apparently the LEDs change colour after you've unlocked it. When you
unplug it from the PC, it locks again. It definitely uses AES-256, and
it's probably implemented in hardware. 5^10 is roughly 10 million, and
hence the PIN must be entered by hand, you aren't going to crack this
too easily. (No word on whether the device disables itself given a
number of access attempts.)
The cheapest device I could find that is actually FIPS 140-2 certified
cheapest 4GB drive. On the other hand, it's not drastically more than
lot more expensive. But it's not /drastically/ expensive, really. I
encryption.
It's not so much that the encrypted drives are "expensive", more than
the unencrypted ones are jaw-droppingly cheap. If you actually /needed/
encrypt all your files before putting them onto an external storage
device. Then you know /exactly/ which way it's been encrypted, and
further more you can arrange it so that (for example) it's protected by
a certificate rather than a password...
Post a reply to this message
|
![](/i/fill.gif) |