Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lexar JumpDrive Password Scheme Cracked

Posted by CmdrTaco on from the now-thats-just-funny dept.

Saint Aardvark writes "Lexar describes the JumpDrive Secure as "loaded with software that lets you password-protect your data. If lost or stolen, you can rest assured that what you've saved there remains there with 256-bit AES encryption." @stake has a different take: The password can be observed in memory or read directly from the device, without evidence of tampering." And best of all, the punch line: "[The password] is stored in an XOR encrypted form and can be read directly from the device without any authentication." That's why I use ROT-13 for my encryption needs."

5 of 565 comments (clear)

  1. Drive Crypt by xombo · · Score: 5, Informative

    That's why I use DriveCrypt. I got my version years ago and it's pretty antiquated but it supports up to 1024 bit encryption (granted it makes things relatively slow).

  2. Re:Almost... by Anonymous Coward · · Score: 5, Informative

    XOR means "exclusive or". A regular "or": if one of the inputs is 1, return 1. An "exclusive or": if one of the inputs is 1, but not both, return 1.

    OR:
    0101
    0011
    ----
    0111

    XOR:
    0101
    0011
    ----
    0110

    AND:
    0101
    0011
    ----
    0001

  3. Not so fast! by PaulBu · · Score: 5, Informative

    Because of this, hashing is irreversable, and therefor only an idiot would use it for encryption. It's proper purpose is for checksuming.

    MD5 *does* have something to do with cryptography (why else would Schneier devote the whole 14th chapter of Applied Cryptography to "One-way hash functions"), and the reason is simple: it is used to encrypt your *password*, not your data (Lexar was claiming that they use 256-bit AES encryption for the data itself).

    For authentication you do not store the password in plaintext, only its MD5 hash, when user enters the password, MD5 of that is computed and compared to the stored MD5 string, if they match -- your user is authenticated. Of course XOR with a "magic number" could be used for the same purposes, but it would be much weaker. Thus, I think that the GP was not a troll and made a valid point: use MD5 to hash your passwords, and preferrable add some salt value to prevent against dictionary attack.

    The other questiuon is why did Lexar had to store passwords on the drive at all, one does not need to authenticate users in their scenario (the drive itself is not a self-cointained computer to which a user needs to gain access) -- they could've just asked for the password, convert it to the key used in AES algorithm, decode the data and give the result: if password is incorrect, the decoded data is garbage.

    Paul B.

  4. UPDATE from conversation with Lexar... by Vexler · · Score: 5, Informative

    After being put on hold for over twenty minutes, I finally spoke with a man named Henry who said that he has never heard that JumpDrive had a security problem (even after I confronted him with the advisory from @Stake), and did not know that @Stake was trying to contact them for over a month. He was quite shocked but promised to check out /. and @Stake to verify the claim.

    The ostrich finally wakes up.

  5. Re:the punchline by hymie! · · Score: 5, Informative

    Um...

    If A XOR B = C , then A XOR C = B and B XOR C = A.

    So if MYPASSWD XOR SECRET = ENCRYPTEDCODE, and I know both MYPASSWD and ENCRYPTEDCODE, then I can find SECRET.

    I don't know if all of the drives have the same SECRET or not, but, having determined what SECRET is on my drive, I can give the drive to you, or I can try my SECRET on another drive and see if it works.

    --hymie!