Hardware USB encryption is broken on three major brands

Data encryption has been an important topic in education, as well as the whole of the public sector, ever since the UK government lost the personal financial details of millions of people on an unencrypted disk that was mislaid by courier company TNT, back in 2007.

As a result, hardware-encrypted USB sticks have seemed like a good idea, even if they are hideously expensive (the SanDisk Cruzer Enterprise 8GB retails for nearly £300 at the time of writing; 10 times more than a non-encrypted version). Trouble is, it turns out they’re utter rubbish. When it comes down to it, all Verbatim, SanDisk, and Kingston hardware-encrypted USB sticks use the same encryption system. That system uses AES-256. Unfortunately, every single stick uses the same encryption key, regardless of the password the user sets, as reported on ZDNet:

“The crack relies on a weakness so astoundingly bone-headed that it’s almost hard to believe. While the data on the drive is indeed encrypted using 256-bit crypto, there’s a huge failure in the authentication program. When the correct password is supplied by the user, the authentication program always send the same character string to the drive to decrypt the data no matter what the password used.”

Good work, morons. Nice to see you’re taking this security lark seriously.

What this essentially means is that if you can disassemble the authentication software (which a security firm did), you could write a program that send the required string to the USB stick to decrypt the data without ever having to know the user’s password. Which the security firm did. If you can read German you can download PDFs of the specific details of the SanDisk and Verbatim cracks.

Kingston have issued a product recall. Verbatim and SanDisk have both issued firmware updates. Competing company IronKey have been quick to point out their (actually cheaper) products use a different system that is not vulnerable to this type of attack.

Tags: , ,

About The Angry Technician

The Angry Technician is an experienced IT professional in the UK education sector. Normally found in various states of annoyance on his blog. All views are those of his imaginary pet dog, Howard.

2 responses to “Hardware USB encryption is broken on three major brands”

  1. Lukas Beeler says :

    Did people ever trust these things?

    About a year ago, the German magazin c’t already published similar findings for non-brand encrypted USB sticks (some of them weren’t encrypted at all – you could get the flash of the stick and read it just like that. The software just unlocked access to them).

    Truecrypt and BitLocker To Go seem like the only way this can be done, though the latter has some serious interoperability issues.

    • AngryTechnician says :

      Well, these ones are the high-end ones that were supposed to actually be properly encrypted, and they damn well should have been for the price. Hopefully after the fix, they will be.

      I agree that TrueCrypt is probably the best option right now, and I use it myself. I think BitLocker To Go will certainly be a contender in the coming years, but as you say, right now its use is limited.