Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cracking a Crypto Hard Drive Case

Posted by kdawson on from the easy-button dept.

juct writes "A label on the box reading 'AES' does not ensure that your data are protected. heise examined a hard drive enclosure with an RFID key that is typical of many similar products. They found that the 128-bit AES hardware encryption claimed in advertisements was in fact a simple XOR encryption that they were able to break easily with a known plaintext attack." The manufacturer of the drive examined has announced that the product is being retooled and will be reintroduced later this year, presumably with actual AES encryption.

3 of 238 comments (clear)

  1. Re:How about a software solution? by blackwing0013 · · Score: 5, Informative

    Call me back when they have released something based on version 5.0 that "works" with Linux. Right now, the newly released 5.0 series is broken on Linux. It will cause your machine to lockup on most kernel versions used by Linux distros. Apparently, according to the authors of Truecrypt, they require you to upgrade to the latest release of the Linux kernel, which may not be an option for most of us.

    Secondly, even if you were able to make it work the Linux kernel on your machine, the new FUSE-based Truecrypt 5.0 series is only 1/20-1/10 of the speed I get from the 4.x series. From 20-40 MB/s, now I only get 1-5 MB/s.

    I am now considering to switch to dmcrypt+luks.

  2. Re:XOR encryption can be good by kiltyj · · Score: 5, Informative

    To enforce parent's point, many (if not all) of the best modes of operation (CCM, etc) for block ciphers like AES use XOR -- it would be silly to think of cryptography without XOR.

    It is also true that one can use AES (ignorantly) in a way that allows decryption as described in the article. Using Electronic codebook (ECB), for example, with the same key for each block, would provide no security beyond what would be provided by a reused OTP. Sadly (though obviously insecure), this is still technically using AES as a block cipher -- it's just using an insecure mode of operation. My first thought was that the manufacturers used ECB, or a similar insecure mode of operation (trusting the claim of using AES).

    From reading the article, though, it seems the manufacturers even admitted only using AES "when saving the RFID chip's ID in the controller's flash memory" and that "actual data encryption is based on an algorithm developed in-house." Just goes to show that if tried-and-true algorithms / ciphers are available, you should NEVER have to develop your own.

  3. It's not the company's fault... by msauve · · Score: 5, Informative
    although they perhaps didn't do due diligence.

    They used a chipset from INNMAX, the IM7206, believing it provided AES encryption to data. INNMAX's marketing strongly implies that AES encryption is being used for data on disk.

    According to the article, when confronted with this situation, INNMAX's response was

    The IN7206 merely uses AES encryption when saving the RFID chip's ID in the controller's flash memory. The company explained that actual data encryption is based on a proprietary algorithm. The company claims the IM7206 only offers basic protection and is designed for "general purpose" users.
    Cheap Chinese Crap.
    --
    "National Security is the chief cause of national insecurity." - Celine's First Law