[Cryptography] Encrypted flash drives: Secure?
John Ioannidis
jayeye at gmail.com
Mon Jul 31 10:54:52 EDT 2017
On Thu, Jul 27, 2017 at 4:44 PM, Paul Renault
<thaumatechnician at gmail.com> wrote:
> In contrast, the Kingston DataTraveler 2000, which at least is FIPS 197
> certified, uses a 7-15 digit PIN with a ten-character character set, giving
> 1,111,111,110,000,000 possible PINs. After ten failed attempts, it deletes
> the stored PIN, the AES key, then wipes the flash, returning it to the blank
> state it was when it left the factory.
>
How hardened against physical attacks is it?
If the pin is what unlocks the drive, either the key is stored in the
clear somewhere on flash, or it's encrypted with the pin, effectively
reducing it to 50 bits. Any adversary worth worrying about will crack
the drive open, etch the potting compound, if any, with nitric acid,
and access the flash directly.
As far as I'm concerned, there are only two things these encrypted
drives are good for: plausible deniability so your clients will have a
harder time suing you when you lose their data, and storing long keys
or other access credentials and hope that they delay the adversary
long enough for you to invalidate *those*. Of course, a sufficiently
powerful adversary will simply use rubberhose cryptanalysis and be
done with it.
More information about the cryptography
mailing list