Encryption busted on NIST-certified Kingston, SanDisk and Verbatim USB flash drives
Summary: A word of warning to those of you who rely on hardware-based encrypted USB flash drives. Security firm SySS has reportedly cracked the AES 256-bit hardware-based encryption used on flash drives manufactured by Kingston, SanDisk and Verbatim.
A word of warning to those of you who rely on hardware-based encrypted USB flash drives. Security firm SySS has reportedly cracked the AES 256-bit hardware-based encryption used on flash drives manufactured by Kingston, SanDisk and Verbatim.
The crack relies on a weakness so astoundingly bone-headed that it's almost hard to believe. While the data on the drive is indeed encrypted using 256-bit crypto, there's a huge failure in the authentication program. When the correct password is supplied by the user, the authentication program always send the same character string to the drive to decrypt the data no matter what the password used. What's also staggering is that this character string is the same for Kingston, SanDisk and Verbatim USB flash drives.
Cracking the drives is therefore quite an easy process. The folks at SySS wrote an application that always sent the appropriate string to the drive, irrespective of the password entered, and therefore gained immediate access to all the data on the drive.
This is a big deal also from a point of certification. These drives are sold as meeting security standards making them suitable for use with sensitive US Government data (unclassified rating) and have a FIPS 140-2 Level 2 certificate issued by the US National Institute of Standards and Technology (NIST).
Vendors have had a mixed reaction to the news. Kingston has done the right thing and issued a recall. Verbatim and SanDisk has issued a statement and have updates available, but the threat is downplayed.
Bottom line, check your flash drives!
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Wow
RE: Encryption busted on NIST-certified Kingston, SanDisk and Verbatim USB flash drives
oops
U3 = Cr@p
um...
Your answer is YES
U3 works for me on Win7
No, I meant the ENTIRE U3 Launchpad doesn't work
Finally had to use the 'U3 uninstaller' to totally remove the U3 stuff from the drive and treat it like a regular flash drive.
I'll espouse a bit more: I have gotten the Launchpad to work by setting it for Windows Vista compatibility mode... but that's a pain.
U3 has also been totally discontinued now... it was bought out by Microsoft and they are not supporting it anymore and have such down that section totally.
Yes U3 drives are subject.
NIST = NOT Secure!... IronKey = SAFE :D
"Plenty of USB storage keys are on the market, but Ironkey is the first to use military level encryption. Sold in 1GB, 2GB, and 4GB sizes, the key features a processor called the Cryptochip, which uses Public Key Cryptography ciphers linked to an online account to create encryption keys on the hardware. A Federal Information Processing standard 140-2 compliant true random number generator on the Cryptochip ensure that encryption keys are extremely secure and totally random."
Link!!!
http://hackaday.com/2008/06/26/ironkey-usb-key-has-military-grade-encryption/
This works on the principle of Secure Java. Which runs on all Secure CC transactions. Along with other Secure Banking Transactions even on Cell Phones.
The Mighty unhackable Sony PS3 and BD+ Game Disks also have a similar system. Using remote encryption authentication techniques. Random Keys are guaranteed every time. Hack one and it's changed, disabled then listed. Remote authentication ensures in both direction who each party is and the identity of the device.
On the other hand Xbox 360 has been hacked since 6mos after it came out with DVD Game Disks and no remote key authentication!
So Microsoft should quit using security techniques even kindergartners can hack in ActiveX .NET! :D
Ironkey
The encryption is not proprietary.
but the encryption itself if not proprietary,
and you don't want it to be proprietary.
Proprietary == untested, unproven. Reverse
engineering has often proven to be the downfall
of proprietary encryption algorithms.
The best encryption algorithms are those that
are tested and proven under the scrutiny of the
larger security community and the general
public.
Ironkey uses 256 bit AES, which is tested and
found to be very strong. Even though it's a
publicly available algorithm, there's yet to be
found a major weakness. That says a lot about
the security of the algorithm.
Note that the weakness was not the encryption
itself, but rather terrible handling of the
encryption key. AES itself wasn't broken.
According to Ironkey, their devices have been
checked and don't have that vulnerability.
https://www.ironkey.com/usb-flash-drive-flaw-
exposed
https://www.ironkey.com/hardware-encryption
MXI Security
A bit confused
Don't call it NIST certified
standards, but that's far different than being NIST
certified. If you wanted to sell a device to the
government for top secret usage for example, and even if
all the components meet the standards, the NSA still
inspects the implementation. Just because you're using
AES doesn't mean you implemented AES correctly.
In this case, the products implement strong encryption
but useless authentication.
I may be mistaken
Sandisk and Kingston have NIST certified CMs
RE: Encryption busted on NIST-certified Kingston, SanDisk and Verbatim USB flash drives
The emperor wears no clothes!
question is just how the affected vendors will handle it.
I mean it should be simple enough for them to write new firmware that doesn't use the same decryption key regardless of password.
Then the drives could be retrofitted and saved.
Additionally, one would have to have physical possesion of the device to get the data anyway.
But this is like a big stink on the face of these manufacturers....!
SHHhhhhs!