Encryption broken on some Flash Drives
07-01-2010, 09:09
|
#1
|
|
Old dog, New tricks
Join Date: Dec 2006
Location: Lincoln UK
Age: 63
Services: 50Mb, TV & Phone
Posts: 3,511
|
Encryption broken on some Flash Drives
A word of warning to those of you who rely on hardware-based encrypted USB flash drives. Security firm SySS has reportedly cracked the AES 256-bit hardware-based encryption used on flash drives manufactured by Kingston, SanDisk and Verbatim.
The crack relies on a weakness so astoundingly bone-headed that it’s almost hard to believe. While the data on the drive is indeed encrypted using 256-bit crypto, there’s a huge failure in the authentication program. When the correct password is supplied by the user, the authentication program always send the same character string to the drive to decrypt the data no matter what the password used. What’s also staggering is that this character string is the same for Kingston, SanDisk and Verbatim USB flash drives.
http://blogs.zdnet.com/hardware/?p=6655&tag=nl.e589
__________________
-= David =-
Under socialism ideology always trumps rationality.
|
|
|
|
07-01-2010, 09:36
|
#2
|
|
Been around a while ...
Join Date: Feb 2004
Location: There's no place like 127.0.0.1
Services: Depends on the person and the price they're offering
Posts: 12,365
|
Re: Encryption broken on some Flash Drives
Unbelievable.....
|
|
|
|
|
07-01-2010, 09:39
|
#3
|
Join Date: Jul 2003
Location: Poole, Dorset
Age: 27
Services: Sky+
V-Box
VM 10MBit
Posts: 12,927
|
Re: Encryption broken on some Flash Drives
LoL what a load of rubbish
__________________
Desktop: Intel i7 SandyBridge 2600k 3.4GHz @ 4.7GHz - 8GB DDR3 - ATI Radeon HD 5770 1GB - OCZ Agility 3 60GB SSD Laptop: Dell Studio 15 - Intel i3 M350 @ 2.27GHz - 3GB DDR3 - ATI Radeon Mobility 4570
|
|
|
|
|
16-01-2010, 00:39
|
#4
|
|
cf.addict
Join Date: Jul 2009
Location: In the thick of East Anglia
Posts: 339
|
Re: Encryption broken on some Flash Drives
Quote:
Originally Posted by Graham M
LoL what a load of rubbish
|
A comment based on knowledge or more commonly - alcohol.?
I suggest you re-read and then re-post.
|
|
|
|
|
16-01-2010, 07:37
|
#5
|
|
Anyone can play guitar
Join Date: Jun 2003
Location: London way
Age: 36
Services: Women for money
Posts: 7,847
|
Re: Encryption broken on some Flash Drives
Quote:
Originally Posted by Waldo Pepper
A comment based on knowledge or more commonly - alcohol.?
I suggest you re-read and then re-post.
|
that's a a bit rude
__________________
Cheap Domain Name Registration
And this is not my face, and this is not my life
And there is not a single thing here I can recognize
And this is all a dream, and none of you are real
|
|
|
|
|
16-01-2010, 08:19
|
#6
|
|
cf.mega poster
Join Date: Dec 2004
Posts: 3,366
|
Re: Encryption broken on some Flash Drives
Quote:
Originally Posted by Mr_love_monkey
that's a a bit rude
|
LOL, yeh, and to a moderator also, I nearly spat out my tea.
__________________
Toto
|
|
|
|
|
16-01-2010, 12:06
|
#7
|
|
cf.mega poster
Join Date: Jan 2007
Location: Doncaster, S. Yorks.
Age: 28
Services: TV:Sky+, BB:DRL VDSL2 40/10 with Ask4, Phone:Mobile Only
Posts: 2,227
|
Re: Encryption broken on some Flash Drives
I read something similar on El Reg last week. But I thought it only affected Kingston Drives of particular types. We use some Kingston drives at work that are hardware encrypted so we've been in contact with them about it. Most of ours will be unaffected but we do have a few that might be and are being sent for replacements that will not be affected.
---------- Post added at 12:06 ---------- Previous post was at 12:05 ----------
Quote:
Originally Posted by Toto
LOL, yeh, and to a moderator also, I nearly spat out my tea.
|
 me too! Although, there is free speech to a point isn't there  it was just an opinion Graham was expressing
__________________
"Only two things are infinite, the universe and human stupidity, and I'm not sure about the former." - Albert Einstein
 |
|
|
|
|
16-01-2010, 12:55
|
#8
|
|
Been around a while ...
Join Date: Feb 2004
Location: There's no place like 127.0.0.1
Services: Depends on the person and the price they're offering
Posts: 12,365
|
Re: Encryption broken on some Flash Drives
Quote:
Originally Posted by haydnwalker
[...]we do have a few that might be and are being sent for replacements that will not be affected.[...]
|
If you're sending them back drives with possibly faulty crypto implementations, and you've previously had data on them that you thought sensitive enough to be encrypted, I hope to God that you've properly sanitised them 
|
|
|
|
|
16-01-2010, 13:25
|
#9
|
|
cf.mega poster
Join Date: Dec 2004
Posts: 3,366
|
Re: Encryption broken on some Flash Drives
Quote:
Originally Posted by haydnwalker
I read something similar on El Reg last week. But I thought it only affected Kingston Drives of particular types. We use some Kingston drives at work that are hardware encrypted so we've been in contact with them about it. Most of ours will be unaffected but we do have a few that might be and are being sent for replacements that will not be affected.
---------- Post added at 12:06 ---------- Previous post was at 12:05 ----------
me too! Although, there is free speech to a point isn't there it was just an opinion Graham was expressing |
Yes indeed, but still, never wise to cloud the water is it.
__________________
Toto
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT +1. The time now is 08:39.
|
Join CF
You are here: 
Tetris
