How do encrypted USB flash drives work and how can we make them more secure?

  • Thread starter Thread starter Vanadium 50
  • Start date Start date
  • Tags Tags
    Flash Usb
Click For Summary

Discussion Overview

The discussion centers on the workings of encrypted USB flash drives, particularly focusing on their security mechanisms and potential vulnerabilities. Participants explore the technical details of how these devices operate, the role of the PIN in encryption, and ways to enhance their security. The conversation includes theoretical considerations and practical implications of hardware encryption.

Discussion Character

  • Exploratory
  • Technical explanation
  • Debate/contested

Main Points Raised

  • One participant notes that encrypted USB drives require a PIN for access and suggests that the data is encrypted using 256-bit AES, questioning how the PIN interacts with the encryption key.
  • Another participant proposes that changing the PIN involves decrypting the master key and re-encrypting it with the new PIN, implying a structure that includes the master key and additional data for validation.
  • A request for further detail on the PIN entry process is made, indicating a desire for deeper understanding.
  • One participant speculates on two scenarios regarding the PIN's role: either it unlocks access to the encryption key or is part of the encryption key itself, suggesting a potential reencryption process during PIN changes.
  • Another participant argues that if the PIN is not part of the key, a circuit must validate the PIN to release the key, emphasizing that the security relies on the randomness of the PIN chosen by users.
  • A reference to ClevX technology is made, suggesting that the PIN is not involved in the encryption process but merely unlocks access to the encrypted storage.
  • One participant mentions the need for access to design documents to fully understand the operation of these devices, referencing relevant patents that may contain crucial information.
  • A participant concludes that while the AES key is unique and not directly tied to the PIN, it remains unclear how the device confirms a valid PIN, raising concerns about potential exploits.

Areas of Agreement / Disagreement

Participants express various viewpoints on the relationship between the PIN and the encryption key, with no consensus reached on the exact mechanisms or security implications. The discussion remains unresolved regarding the specifics of how the devices operate and their vulnerabilities.

Contextual Notes

Limitations include the lack of access to proprietary design documents and the ambiguity surrounding the encryption process and PIN validation mechanisms. The discussion also highlights the dependence on user behavior regarding PIN selection for security strength.

Vanadium 50
Staff Emeritus
Science Advisor
Education Advisor
Gold Member
Dearly Missed
Messages
35,014
Reaction score
21,712
Before I start, a quote: "There are two kinds of cryptography in this world: cryptography that will stop your kid sister from reading your files, and cryptography that will stop major world governments from reading your files."

Today you can buy, for $50-100, a USB stick with hardware encryption. To access the data on the disk, you need to enter a PIN on buttons on the drive. Enter it wrong too often and the data is erased. No software is required on the computer - everything exists on the drive.

My questions are how these things really work (and I hate the word "really" in these threads, because it's often ill-defined) and by "really" I mean that we should disregard what the manufacturers imply, and whether it's possible to build such a device that gets us beyond "little sister" security.

The vendors say they use 256-bit AES. I see no reason to question this. For this to have any meaning, that means the data on the flash chip itself is encrypted. But this means the PIN cannot be part of the key. If it were, changing the PIN would require all the data to be decrypted under the old PIN and reencrypted with the new PIN, a procedure which takes a good fraction of an hour. Yet it happens instantaneously.

If the PIN is not part of the key, there must be somewhere a circuit that determines if the PIN is good, and if so, to release the key. Applying a voltage to the output right these will unlock the stick. This doesn't take a major world government - a minor crime family is all you need. So how does one prevent this exploit from working, and what is needed to make these drives truly secure?
 
  • Like
Likes   Reactions: fluidistic
Computer science news on Phys.org
When you change the PIN, it needs to decipher the master key and then reencrypt it with your new pin.
The structure that is encrypted by the pin includes the master key and enough additional invariant data to reliably determine that the supplied pin must be right.
 
That's very interesting - can you explain in more detail what happens when you enter the PIN?
 
I will need to research this a bit more, but off-hand, I suspect one of the following two senerios:

- the pin is used to unlock access to the encryption key (think of a briefcase code lock), so simply cracking/circumventing the pin would essentially give you access to the data.

- the pin is used to unlock access to the encryption key in addition to being part of the encryption key. Changing the pin triggers a background reencryption process (similar to iPhone encryption) that uses a journal file to protect the data if unplugged during the process. In this case the pin must be cracked, circumventing wouldn't help.
 
Vanadium 50 said:
If the PIN is not part of the key, there must be somewhere a circuit that determines if the PIN is good, and if so, to release the key.
You can encrypt the key with the PIN. Thus if you want to change the PIN, all you have to do is decrypt the key and re-encrypt it with the new PIN. Very fast, no matter how much data you have.

I did something similar to ensure that a user's password was not saved into a database, encrypted or not.

But for this type of device, the security strength only depends on the PIN randomness, which is probably very low for typical users.
 
  • Like
Likes   Reactions: stoomart
From what I've read, these devices use a technolgy from ClevX called http://www.clevx.com/datalock.html, which simply prevents access to the encrypted mass storage device until the pin is entered, nothing I've found indicates the pin is used for the encryption process at all.

https://en.wikipedia.org/wiki/USB_flash_drive_security#Hardware_encryption
http://www.clevx.com/documents/Flash Padlock White Paper-1_final_v1.pdf
http://www.corsair.com/en-us/flash-padlock-2-8gb-usb-flash-drive
http://www.kingston.com/us/usb/encrypted_security/dt2000
 
Last edited:
Without having access to the design documents only available to their partners, I believe the answer to how these devices "really work" is buried somewhere in the ClevX patents, these ones look the most interesting:

9,075,571 - Memory lock system with manipulatable input device and method of operation thereof

A memory lock system is provided that includes: providing a controller; providing a connector connected to the controller for providing data to the controller; providing a memory connected to the controller for receiving and storing information from the controller; and manipulating an input device connected to the controller to unlock or lock data transfer between the connector and the controller, in the controller, between the connector and the memory, or in the memory.​
9,690,952 - Encryption key generation in encrypted storage devices

A system and method of generating an encryption key in a self-encrypting mass storage device that includes using a manual input device as input for a micro-controller that contains a cyclic counter. An input device event triggers the micro-controller to read the current state of the cyclic counter. An accumulation of cyclic counter values is used as a source of entropy to seed a deterministic random number generator. The output of the deterministic random number generator is used as an encryption key for encryption/decryption processes within the mass storage device.​
 
What have I learned - the AES key is unique, which is good, and not in 1-to-1 correspondence with the PIN, which is good. However, it's still unclear how the drive tells the decryption engine (or the encryption engine, which for AES is the same thing) that a valid PIN has been entered. If it just sets the voltage on a line high, this can easily be exploited.
 

Similar threads

What Factors Affect USB 3.0 Flash Drive Performance?
  • · Replies 3 ·
Replies
3
Views
2K
Are SSDs susceptible to data corruption from power loss?
  • · Replies 19 ·
Replies
19
Views
15K
Current and Future AI Threats to Humanity and the Human Response
  • · Replies 10 ·
Replies
10
Views
5K
Graduate BRS: PKI Cryptosystems for SA/Ms: A Tutorial
  • · Replies 13 ·
Replies
13
Views
4K
I could really use some help picking my optional module [GameDev]
  • · Replies 2 ·
Replies
2
Views
3K
How Do Everyday Concepts Become Mind-Boggling When We Think Deeply About Them?
  • · Replies 16 ·
Replies
16
Views
2K
Is Alan Turing given too much credit when it comes to computers?
  • · Replies 29 ·
Replies
29
Views
6K
Why do so many people hate science?
  • · Replies 28 ·
Replies
28
Views
12K
Requesting suggestions for languages, libraries, and architectures for parallel (and sometimes non parallel) numerical and scientific computations
  • · Replies 8 ·
Replies
8
Views
4K
Math What are the challenges faced by disillusioned math majors in finding a job?
  • · Replies 127 ·
5
Replies
127
Views
23K