Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cracking a Crypto Hard Drive Case

Posted by kdawson on from the easy-button dept.

juct writes "A label on the box reading 'AES' does not ensure that your data are protected. heise examined a hard drive enclosure with an RFID key that is typical of many similar products. They found that the 128-bit AES hardware encryption claimed in advertisements was in fact a simple XOR encryption that they were able to break easily with a known plaintext attack." The manufacturer of the drive examined has announced that the product is being retooled and will be reintroduced later this year, presumably with actual AES encryption.

6 of 238 comments (clear)

  1. Re:Criminal prosecution? by Nero+Nimbus · · Score: 5, Funny

    Hey, that's better than ROT26.

  2. Re:So what happens... by palegray.net · · Score: 5, Funny

    All the fobs are encoded with the special key: QWERTYUIOP1234567890. Don't worry though, the key is copyrighted internationally and cannot be used without proper authorization. Devilishly ingenious, those wily engineers...

    --
    512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
  3. Re:Criminal prosecution? by Spy+der+Mann · · Score: 5, Funny

    It'll be so good, it'll do ROT13 twice!

    Hah! That doesn't compare with DOUBLE-XOR encryption! :D

  4. Re:Criminal prosecution? by Anonymous Coward · · Score: 5, Funny

    Double-ROT-13 is funny
    Quadruple-ROT-13 is twice as funny
    Sextuple-ROT-13 is thrice as funny, and gets a two bonus points for the 's-e-x' string in it
    Octuple-ROT-13 is twice twice as funny, and gets a bonus point for sounding a bit like the word 'octopus', which has 'p-u-s' in it, which sounds a bit like 'pussy', which is a synonym for 'vagina', which is related to 'sex'
    Decuple-ROT-13 is twice plus thrice as funny
    Duodecuple-ROT-13 is twice thrice as funny

    After that it just gets lame.

  5. Perfect XOR encryption. by Ihlosi · · Score: 5, Funny
    XOR is not an encryption method, it's just a binary operation. It's what you XOR your data with that determines if your encryption is good or not. That's what is the problem in this case.



    Indeed. I XOR the data with itself, making sure that it can never, ever be decrypted.

  6. Re:Criminal prosecution? by alexgieg · · Score: 5, Funny

    Octuple-ROT-13 is twice twice as funny, and gets a bonus point for sounding a bit like the word 'octopus', which has 'p-u-s' in it. . .
    And tentacles.
    --
    Conservatism: (n.) love of the existing evils. Liberalism: (n.) desire to substitute new evils for the existing ones.