Slashdot Mirror

← Back to Stories (view on slashdot.org)

RSA: Self-Encrypting USB Hard Drives for all Operating Systems (Video)

Posted by Roblimo on from the the-mysteries-of-the-crypt-on-a-portable-hard-drive dept.

Tim Lord met Jay Kim at the RSA Conference in an Francisco. Kim's background is in manufacturing, but he's got an interest in security that has manifested itself in hardware with an emphasis on ease of use. His company, DataLocker, has come up with a fully cross-platform, driver independent portable system that mates a touch-pad input device with an AES-encrypted drive. It doesn't look much different from typical external USB drives, except for being a little beefier and bulkier than the current average, to account for both a touchpad and the additional electronics for performing encryption and decryption in hardware. Because authentication is done on the face of the drive itself, it can be used with any USB-equipped computer available to the user, and works fine as a bootable device, so you can -- for instance -- run a complete Linux system from it. (For that, though, you might want one of the smaller-capacity, solid-state versions of this drive, for speed.) Kim talked about the drive, and painted a rosy picture of what it's like to be a high-tech entrepreneur in Kansas.

7 of 154 comments (clear)

  1. Not new? by Kenja · · Score: 3, Interesting

    How is this different then all the simular systems on the market right now? I use Apricorn drives myself, but there are others using keypads, fingerprint scanners, RFID tokens, etc.

    --

    "Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
  2. No. by bill_mcgonigle · · Score: 5, Interesting

    Encryption software needs to be inspectable and verifiable in order to be trusted with anything worth protecting. Closed-source software burned into the firmware of a USB drive does not meet that requirement.

    That said, somebody make a programmable USB drive with open source encryption that can be flashed to it (probably with a fused write protect) and *that* would be a compelling product.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    1. Re:No. by Anonymous Coward · · Score: 2, Interesting

      Encryption software needs to be inspectable and verifiable in order to be trusted with anything worth protecting. Closed-source software burned into the firmware of a USB drive does not meet that requirement.

      That said, somebody make a programmable USB drive with open source encryption that can be flashed to it (probably with a fused write protect) and *that* would be a compelling product.

      Use TrueCrypt to create an encrypted volume within the USB drive.
      Best Case Scenario: USB drive provides an additional layer of cryptographic protection.
      Worst Case Scenario: Attackers find out easy-to-break USB drive was only the start of their headaches.

      Seems like a win-win to me.

  3. does it have a FBI unlock code? by Joe_Dragon · · Score: 5, Interesting

    does it have a FBI unlock code?

  4. Re:Requires no drivers by mlts · · Score: 5, Interesting

    I have an Apricorn drive that handles the USB password entry with a keypad, and uses the PIN to unlock a 128 bit AES key that is randomly generated.

    Should I want to erase all contents, I plug the device in with the "cancel" button in, watch for the flashing lights, then hold down "cancel" + "2" + "unlock" for ten seconds... and it will generate a new key, render all data inaccessible on it, and use the password 123456 until that gets changed.

    Zero software needed in Windows whatsoever to unlock it.

    Just like the parent, I like the idea of a drive performing its own authentication separate from the computer, but this isn't new territory.

  5. Re:Requires no drivers by AliasMarlowe · · Score: 3, Interesting

    Yep. I'll also give a nod to the Apricorn devices, which we use quite a bit. They are OS-independent (we're Linux-only at home) and require no drivers beyond basic USB, with all of the AES encryption and authorization being internal to the device[*]. They have SSD and spinning disk and USB stick devices, with fingerprint or passcode authorization.

    [*] Unlike the crappy Buffalo "encrypted" drives which need OSX or Windows drivers to decrypt. Hence they might be vulnerable to simpler attacks than the Apricorn devices (e.g. getting passwords via IEEE1394). And their encryption won't work on Linux or BSD.

    --
    Those who can make you believe absurdities can make you commit atrocities. - Voltaire
  6. UDF by DrYak · · Score: 3, Interesting

    UDF - Universal Disk Format

    Is widely supported, but unlike FAT, it was not designed half a century ago.
    So it supports long file name (including UTF8) without the need of extensions.
    It supports files with size which don't fit in 32-bits integers.
    It supports all POSIX attribs.
    Isn't organised around a brain-fucking stupid file allocation table.
    etc.

    It's the same format as DVDs and Bluerays, so virtually any device able to read them can at least read (or is only a firmware update away from being able to read) USB devices using UDF.

    It's of course supported on Linux, on Mac OS-X (sarting from 10.4) and Windows (though on XP it requires 3rd party software for writing, only Windows Vista and up support read/write out of the box).

    But of course, because UDF is a strong concurrent to all the proprietary and/or heavily patented alternative that current OS maker push forward (Apple's HFS+ or the worst contender Microsoft's exFAT), everybody is silent about this.
    So strangely, you won't see it frequently in the wild *EVEN IF* nothing prevents it now already.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]