Encrypted USB Flash Drives

[Vanadium 50]

Before I start, a quote: "There are two kinds of cryptography in this world: cryptography that will stop your kid sister from reading your files, and cryptography that will stop major world governments from reading your files."

Today you can buy, for $50-100, a USB stick with hardware encryption. To access the data on the disk, you need to enter a PIN on buttons on the drive. Enter it wrong too often and the data is erased. No software is required on the computer - everything exists on the drive.

My questions are how these things really work (and I hate the word "really" in these threads, because it's often ill-defined) and by "really" I mean that we should disregard what the manufacturers imply, and whether it's possible to build such a device that gets us beyond "little sister" security.

The vendors say they use 256-bit AES. I see no reason to question this. For this to have any meaning, that means the data on the flash chip itself is encrypted. But this means the PIN cannot be part of the key. If it were, changing the PIN would require all the data to be decrypted under the old PIN and reencrypted with the new PIN, a procedure which takes a good fraction of an hour. Yet it happens instantaneously.

If the PIN is not part of the key, there must be somewhere a circuit that determines if the PIN is good, and if so, to release the key. Applying a voltage to the output right these will unlock the stick. This doesn't take a major world government - a minor crime family is all you need. So how does one prevent this exploit from working, and what is needed to make these drives truly secure?

 

[.Scott]

When you change the PIN, it needs to decipher the master key and then reencrypt it with your new pin.
The structure that is encrypted by the pin includes the master key and enough additional invariant data to reliably determine that the supplied pin must be right.

 

[Vanadium 50]

That's very interesting - can you explain in more detail what happens when you enter the PIN?

 

[stoomart]

I will need to research this a bit more, but off-hand, I suspect one of the following two senerios:

- the pin is used to unlock access to the encryption key (think of a briefcase code lock), so simply cracking/circumventing the pin would essentially give you access to the data.

- the pin is used to unlock access to the encryption key in addition to being part of the encryption key. Changing the pin triggers a background reencryption process (similar to iPhone encryption) that uses a journal file to protect the data if unplugged during the process. In this case the pin must be cracked, circumventing wouldn't help.

 

[jack action]

If the PIN is not part of the key, there must be somewhere a circuit that determines if the PIN is good, and if so, to release the key.

You can encrypt the key with the PIN. Thus if you want to change the PIN, all you have to do is decrypt the key and re-encrypt it with the new PIN. Very fast, no matter how much data you have.

I did something similar to ensure that a user's password was not saved into a database, encrypted or not.

But for this type of device, the security strength only depends on the PIN randomness, which is probably very low for typical users.

 

[stoomart]

From what I've read, these devices use a technolgy from ClevX called http://www.clevx.com/datalock.html, which simply prevents access to the encrypted mass storage device until the pin is entered, nothing I've found indicates the pin is used for the encryption process at all.

https://en.wikipedia.org/wiki/USB_flash_drive_security#Hardware_encryption
http://www.clevx.com/documents/Flash Padlock White Paper-1_final_v1.pdf
http://www.corsair.com/en-us/flash-padlock-2-8gb-usb-flash-drive
http://www.kingston.com/us/usb/encrypted_security/dt2000

 

[stoomart]

Without having access to the design documents only available to their partners, I believe the answer to how these devices "really work" is buried somewhere in the ClevX patents, these ones look the most interesting:

9,075,571 - Memory lock system with manipulatable input device and method of operation thereof

A memory lock system is provided that includes: providing a controller; providing a connector connected to the controller for providing data to the controller; providing a memory connected to the controller for receiving and storing information from the controller; and manipulating an input device connected to the controller to unlock or lock data transfer between the connector and the controller, in the controller, between the connector and the memory, or in the memory.​

9,690,952 - Encryption key generation in encrypted storage devices

A system and method of generating an encryption key in a self-encrypting mass storage device that includes using a manual input device as input for a micro-controller that contains a cyclic counter. An input device event triggers the micro-controller to read the current state of the cyclic counter. An accumulation of cyclic counter values is used as a source of entropy to seed a deterministic random number generator. The output of the deterministic random number generator is used as an encryption key for encryption/decryption processes within the mass storage device.​

 

[Vanadium 50]

What have I learned - the AES key is unique, which is good, and not in 1-to-1 correspondence with the PIN, which is good. However, it's still unclear how the drive tells the decryption engine (or the encryption engine, which for AES is the same thing) that a valid PIN has been entered. If it just sets the voltage on a line high, this can easily be exploited.