Slashdot Mirror

← Back to Stories (view on slashdot.org)

RSA: Self-Encrypting USB Hard Drives for all Operating Systems (Video)

Posted by Roblimo on from the the-mysteries-of-the-crypt-on-a-portable-hard-drive dept.

Tim Lord met Jay Kim at the RSA Conference in an Francisco. Kim's background is in manufacturing, but he's got an interest in security that has manifested itself in hardware with an emphasis on ease of use. His company, DataLocker, has come up with a fully cross-platform, driver independent portable system that mates a touch-pad input device with an AES-encrypted drive. It doesn't look much different from typical external USB drives, except for being a little beefier and bulkier than the current average, to account for both a touchpad and the additional electronics for performing encryption and decryption in hardware. Because authentication is done on the face of the drive itself, it can be used with any USB-equipped computer available to the user, and works fine as a bootable device, so you can -- for instance -- run a complete Linux system from it. (For that, though, you might want one of the smaller-capacity, solid-state versions of this drive, for speed.) Kim talked about the drive, and painted a rosy picture of what it's like to be a high-tech entrepreneur in Kansas.

3 of 154 comments (clear)

  1. No. by bill_mcgonigle · · Score: 5, Interesting

    Encryption software needs to be inspectable and verifiable in order to be trusted with anything worth protecting. Closed-source software burned into the firmware of a USB drive does not meet that requirement.

    That said, somebody make a programmable USB drive with open source encryption that can be flashed to it (probably with a fused write protect) and *that* would be a compelling product.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  2. does it have a FBI unlock code? by Joe_Dragon · · Score: 5, Interesting

    does it have a FBI unlock code?

  3. Re:Requires no drivers by mlts · · Score: 5, Interesting

    I have an Apricorn drive that handles the USB password entry with a keypad, and uses the PIN to unlock a 128 bit AES key that is randomly generated.

    Should I want to erase all contents, I plug the device in with the "cancel" button in, watch for the flashing lights, then hold down "cancel" + "2" + "unlock" for ten seconds... and it will generate a new key, render all data inaccessible on it, and use the password 123456 until that gets changed.

    Zero software needed in Windows whatsoever to unlock it.

    Just like the parent, I like the idea of a drive performing its own authentication separate from the computer, but this isn't new territory.