AES HDD encryption was XOR

Jerry Leichter leichter at
Sun Dec 7 15:05:52 EST 2008

On Dec 7, 2008, at 4:10 AM, Alexander Klimov wrote:

> < 
> >:
> With its Digittrade Security hard disk, the German vendor
> Digittrade has launched another hard disk housing based on the
> unsafe IM7206 controller by the Chinese manufacturer Innmax.
> The German vendor prominently advertises the product's strong
> 128-bit AES encryption on its packaging and web page. In
> practice, however, the hard disk data is only encrypted using
> a primitive XOR mechanism with an identical 512-Byte block for
> each sector.
Oh, but that 512-byte block is generated using Triple AES, and is  
highly, highly secure!  :-)

An interesting bit of wording from the site linked to above:   
"According to current cryptography research, this would be virtually  
impossible, even with a short key length of only 128 bits."  Although  
the sentence accurately states that AES-128 is thought to be secure  
within the state of current and expected cryptographic knowledge, it  
propagates the meme of the "short key length of only 128 bits".  A key  
length of 128 bits is beyond any conceivable brute force attack - in  
and of itself the only kind of attack for which key length, as such,  
has any meaning.  But, as always, "bigger *must* be better" - which  
just raises costs when it leads people to use AES-256, but all too  
often opens the door for the many snake-oil "super-secure" cipher  
systems using thousands of key bits.
                                                        -- Jerry

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list