Slashdot Mirror
The Always-Encrypted Firewire Hard Drive
ducman points to the announcement of an encrypted hard drive running on the MacNN website. The drive features a DES 64-bit/ 40bit key strength and "is intended for use by banks, insurance providers, government agencies, and those individuals with sensitive digital intellectual property. It supports the IEEE 1394a connectivity standard, in addition to USB 1.1 and 2.0. It offers data transfer rates over FireWire 400 of 100, 200, or 400 Mbps. The SuperGuard is expected to be available February 7." Sounds great -- but the USB key stuck in the back looks like a likely point of failure.
the key length is too short.
Encrypted loopback devices on linux and bsd (and MacOS) are easier and cheaper.
And more secure IMHO.
Does my mp3 collection count?
http://metapundit.net
And it only took 6.4 seconds to crack into once the harddrive was hooked up to a standard PC.
Anyone in here actually read Applied Cryptography? This was 1995 when it was published, and especially for bank use, you'd NEVER use anything less than a 128 bit key.
Also, did they say DES or 3DES? Hasn't DES been cracked?
DES has been replaced by Rijndael (AES)in the govt. Or at least that's what's supposed to happen, DeS is no longer secure enough. I would bet that with the huge ammounts of data stored on a disk differential techniques would make it a snap to get the key. What's worse is an easy to crack crypto system that you believe in is worse than no crypto system at all since you're likely to store data on it that you might not store otherwise.
Patrik
----------
Just your ordinary BOFH
http://killertux.org
Make a big file image, format it, mount it via loopback, encrypt everything that goes on it.
That's what encrypted DiskCopy images essentially are, just wrapped in a nice interface. It's actually a pretty neat system.
The ACs in this thread are correct. 40 bit encryption isn't going to keep anyone but a casual snooper out of your data.
How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
From the article:
*Device driver free, operating system independent
*Microsoft Windows98 SE, Windows ME, Windows 2000, Windows XP and Mac OS compatible
First off, how can it be OS independent and have a list of compatible OS's? If it's a hardware-based solution, then how can some OS's not work with it?
An encrypted drive is a cool idea, but i would much rather use CFS (crypted file system) on a regular drive than this. DES offers no security to the people who want your data.
If you want to prevent someone from getting your data, just buy a Western Digital drive. No one will be able to recover it!
Karma: Excellent (In Soviet Russia, karma pimps YOU)
The people who designed this hard disk are confused about how DES works. First of all, DES has a 56-bit, not a 64-bit key. Second of all, the days of being forced to use 40-bit encryption are, thankfully, over.
If one is going to all of the effort to encrypt a hard disk, why will they encrypt it using only Single DES? It is possible to build a single-DES cracker for under $10,000 US; the 56-bit key which single DES has to offer is just not long enough.
They would have been much better off encrypting this unit with AES, which uses Rijndael to encrypt files. Rijndael has a key size between 128 and 256 bits long, which can not be brute forced with current technology. Rijndael is also more efficient than DES when implemented in software.
Also, security is only as strong as its weakest link. If the hard disk is always readable when the key card is attached, then great care must be taken to detatch and hide the key card. Far better security can be obtained by a system which asks for a passphrase. Ideally, have a system which needs both the key card and the passphrase.
While I think this is a good idea, I think one is better off with the kernel patches which allow one to encrypt filesystems in Linux.
(For windows and Mac users, sorry, I use neither so can not help you)
- Sam
The secret to enjoying Slashdot is to realize that it should not be taken too seriously.
Part of the security of this device is the fact that you shouldn't let it get into unwanted hands. Yes, I agree the encryption standard is weak as hell. This is a first generation technology, so give it a break. I think the weak encrypion was compromise since, as many have pointed out, the hard drive is rather slow and it has to encrypt things...
I'll bet there are other companies working on a similar technology, I won't purchase one until I get variable key length and some decent speed specs.
-Code
---PRESS ANY KEY TO CONTINUE---
"Now, where's the damn 'any' key?"
Encrypted disk images are really easy to use on OS X. They're encrypted using AES-128 (much more secure than the above hardware solution) and the performance is really quite good (fast enough to playback Quicktime movies from, even on a G3.) The Apple KBase entry on how to use them is here.
Those who've criticised it for it's key length have missed a perhaps an important point, which its that it encrypts without consuming the processor power of the host machine and supports full bus transfer rates whilst encrypting. If your system processor load is a bit hairy, you perhaps don't want to add to it by trying to encrypt on the CPU.
Still, the same device with AES, 3DES or similar would be much better....maybe next time!!
Donte Alistair Anderson Roberts - hi son!
Karma: Chameleon
It looks like as long as you've got the little dongle-thingy your drive will work; without it you're toast. So aside from any concern about the (only) 40-bit encryption, it seems like you'd have to make sure you hid the key (and not forget where you hid it). And if the key or its socket were to, ummmm... break or something (it's an external enclosure, so it could fall and the wires break), well you wouldn't have any data at all. And if the key got stolen, well then the thief only has to stick the thing into the drive and voila, there's your data.
I know a lot of corporate IT types will think this is exciting, especially as new data security laws keep hitting the books. Full time encryption seems pretty secure. And the price seems fair, especially since it seems to take any EIDE drive and secure it, and (quoted from the article), "capable of maneuvering 66MByte/ sec throughput without taking any system resources." Just don't lose that darn key! And maybe they'll develop an internal version that would be more secure from bumps, knocks, and falls.
Now, I've gotta get one of them new-fangled firewire (or USB 2.0) ports. And a hook to hang the little dongle from.
Everything I've ever learned the hard way was based on a statistically invalid sample.
From FireWire Depot page:
"...offers the military grade protection for your classified data."
Calling DES "military grade protection" is pretty close to a blatant lie.
Conceivably. Anyone who is running one of these drives without backups somewhere is even more insane than the folks running un-encrypted drives without backups. The backups themselves can easily be encrypted, so there's no need for major security risk. If your key dongles stop working or your drive fries, you'd better have some way of getting the bits back from outside, 'cause they're not coming from the platter.
OTOH, what is "64-bit/ 40-bit DES" supposed to be? Presumably this means the drive supports "40-bit watered-down DES keys" and "64-bit normal DES blocks". So I guess I'm wrong: this drive is designed to be break-inable in an emergency. Great. I'll wait until they offer 3DES or AES-128 options, thanks.
In the meantime, check out the BSD Cryptographic disk driver cgd: SW on-disk encryption at the block level.
'Cuz if you lose it, you can always bruteforce the encryption key anyway!
*ducks*
Note to M1-ers: a curt but otherwise insightful message is not "Flamebait" or "Troll".
OS X users can use Disk Copy
t y. html
http://www.apple.com/macosx/technologies/securi
___ www.lingo24.com Language and translation solutions - online
"40-bit DES", on the other hand, is either a well-designed crock or poorly-designed crock, which is pretty trivial to crack. The only reason to use such any 40-bit key is to comply with anti-Communist US export regulations that got dropped a few years ago, largely due to the EFF's DES-cracker machine and the internet distributed DES crack effort, both of which emphasized the weakness of 16-bit DES.
On a technical note, cracking well-designed 40-bit DES subsets is not 2**16 times faster than cracking 56-bit DES, or John Gilmore could do it in 3 minutes in his basement. DES has two main phases, a key-scheduling phase and an S-box phase, and the DES cracking efforts took advantage of some interesting work by Peter Trei on key scheduling, which found a search order that makes each key-schedule a simple modification of the previous one, instead if its normal relatively slow calculation. So a 40-bit DES crack might take 5-10 times as long per key as a 56-bit DES crack, unless the 40-bit subset was designed to avoid that. On the other hand, the EFF and Internet DES cracks were in 1998, and computers have gotten about 8-10 times faster since then...
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Well, it appears in this particular case there is less than an advantage to going the hardware route, but theoretically, hardware could could provide a much faster and secure solution.
For instance, encrypting and decrypting the data via software would cause cpu and memory overhead on the host machine. The encryption software would also need to be installed on all machines that you want to use it on, and this is looking to be a portable drive. Also, using an external encrypter, it's less likely that a keygrabber or trojan can grab your password.
It uses software to allow the user to enter their passphrase from the keyboard. By the time of the expo, I had got the AES encryption working in the FireWire/IDE bridge but had only done the passphrase application for Mac OS X.
I've since got it working for Mac OS 9 (and earlier Mac OS versions). Windows and Linux remain before the product can ship. I don't expect either to be hard to do but they do require some work because they have to do some raw FireWire I/O.
I think it is best that I not comment any beyond this until FireWire Encrypt ships. But I think users will like what they see.
Request your free CD of my piano music.
No, for the same reason that 2^40 + 2^128 != 2^168. You're not combining the keys, you're just using them after eachother. In the end, the 40 bits DES encryption doesn't even really matter, since the 128 AES key dwarfs its complexity (like in efficiency analysis, O(n) + O(n^2) = O(n^2)).
Donate free food here
Read this paper to see why 40-bit keys are so bad.
However, to point to where the "military grade" security claim is coming from is the fact that in many military situations information is only needed to remain secure for minutes or a few hours. Unfortunately for FW Depot, that generally applies to wireless communications, not data stored on hard drives.
Maybe they are hoping that people will use it to courier sensitive data...but then they could just hire Johnny Mnemonic.
Yeah, bad product trying to meet ITAR regulations so they can export.
If you look at the actual specs, and the fact that the enclosure provides "Real-time... Encryption/ Decryption" all this enclosure does is to encrypt the data going out, and decrypt traffic coming in. The data on the actual hard drive does not seem to be encrypted. This enclosure is not going to stop anyone who bothers to actually open the case, remove the hard drive and put in their own enclosure/install it in their own computers. Nobody in their right mind should use this case, unless potential data thieves are going to nicely agree to keep the hard drive in its pretty enclosure, or the manufacturer adds a lock to the case.