Slashdot Mirror

← Back to Stories (view on slashdot.org)

NIST Investigating Mass Flash Drive Vulnerability

Posted by Soulskill on from the 123456-letmein dept.

Lucas123 writes with a followup to news we discussed earlier this week that the encryption on NIST-certified flash drives was cracked. "A number of leading manufacturers of encrypted flash drives have warned their customers of a security flaw uncovered by a German company. The devices in question use the AES 256-bit encryption algorithm and have been certified using the FIPS 140-2, but the flaw appears to circumvent the certification process by uncovering the password authentication code on host systems. The National Institute of Standards and Technology said it's investigating whether it needs to modify its standards to include password authentication software on host systems. Security specialist Bruce Schneier was blunt in his characterization of the flaw: 'It's a stupid crypto mistake and they screwed up and they should be rightfully embarrassed for making it.'"

6 of 71 comments (clear)

  1. Encryption algorithm's aren't the weak link by Anonymous Coward · · Score: 4, Insightful

    Encryption algorithm's aren't the weak link, its the implementation. But most people just look at how big the key is not who implemented it.

    1. Re:Encryption algorithm's aren't the weak link by Anonymous Coward · · Score: 5, Insightful

      My understanding of these devices puts the analogy at:

      A super solid, near uncrackable/breakable safe, but all models use the same 12345 passcode, and the owners cannot change this.

      To make matters worse, the door of the safe has been mounted on a normal house door that only has a sign saying 'do not open if this is not yours'.

      This way, the safe owners dont need to rember such a complex code as '12345', and you get all the security of the full safe. Unless a intruder happens to have a brain, then they will just open the house door that holds the safe door thus negating the entire system.

      If anyone could design a worse system, they are truely rube goldberg masters.

  2. Re:If you want to encrypt your data by MK_CSGuy · · Score: 3, Insightful

    I think simply implementing the breaking algorithm in your favorite language on your PC would be more convenient and also give results much faster ;-))

    You are right of course:

    Nevertheless the victor's 1.4 GHz laptop, running his own code, took less than a minute to find the settings for all 12 wheels... 240 times faster than Colossus. If you scale the CPU frequency by that factor, you get an equivalent clock of 5.8 MHz for Colossus. That is a remarkable speed for a computer built in 1944.

    You still get massive geek cred. either way :)

  3. Re:Doesn't NIST have a clue? by Anonymous Coward · · Score: 3, Insightful

    NIST doesn't actually certify things as "secure", it makes very specific certification of particular tests that may or may not represent what you think of as "secure". It's only the marketing that makes you think that if the words "NIST", "Certified" and "Security" appear in the same sentence that someone has done a proper end-to-end review.

    It's like the way that the auditors' certificate in financial reports makes people think that the auditor is guaranteeing that there cannot be any fraud in the company and that the company is a good investment - in fact neither of those things are true.

  4. Re:If you want to encrypt your data by TubeSteak · · Score: 4, Insightful

    Standard AES-256 is actually just fine, problem with these devices is that the manufacturers screwed up the implementation *majorly* (as I understand it, use the same key for every device and depend on a usermode app to say GOOD_GUY/BAD_GUY to the hardware) - but that's covered elsewhere.

    The fact that so many major companies have the same exact flaw in their product suggests (to me) that there is only one manufacturer and multiple vendors who just rebadged the item.

    I think it's less likely that multiple companies independantly managed to screw up their products in exactly the same way.

    --
    [Fuck Beta]
    o0t!
  5. Re:Doesn't NIST have a clue? by Jaime2 · · Score: 3, Insightful

    So why was this not discovered during the NIST certification process?

    Because the certification the hardware received only verifies that the algorithm strength is sufficient and that the device is hardened against physical tampering.

    It seems to me that NIST blames the software so they will not have to take blame for their faulty certification of the hardware.

    Nope, it seems that the NIST has recognized that the certification, as currently written, isn't sufficient and is looking into making it more robust. Had they audited the software, they would have discovered that the software-to-hardware interface is poorly designed and not granted the certification.