Now that the cat is out of the bag, and it is known that the authentication method used on certain secure USB devices is broken, there has been a ton of hype and confusion in the news. So much so, that the NIST is now looking into the matter after being dragged into the hype by the press.
Last week, The Tech Herald published a small article on the Kingston announcement that three of their secure USB drives were being recalled after security researchers from SySS discovered a weakness in the method used to authenticate access to the drive. The Kingston drives in question are DataTraveler BlackBox, DataTraveler Secure - Privacy Edition, and the DataTraveler Elite - Privacy Edition.
Soon after Kingston’s announcement, SanDisk and Verbatim announced problems with some of their secure USB drives, each of them impacted by the authentication flaw.
SanDisk says that their Cruzer Enterprise USB drives are impacted, which include the 1GB, 2GB, 4GB, and 8GB versions of the Cruzer Enterprise CZ22, CZ32, CZ38, and CZ46. Verbatim reports that their Corporate Secure USB and Corporate Secure FIPS Edition drives are vulnerable, and both companies are offering fixes to the problem. Kingston is offering technical support as well, but you will need to call them to work out the details.
Once the Kingston story broke, the news slanted towards the fact that secure USB drives were busted, and that “hackers” could access the data contained on them at will. This simply isn’t the case, and despite the blogosphere’s and technical trade’s opinions on the matter, this is not an issue of broken encryption. This is an issue of how authentication is implemented, and why trusting a computer is a bad idea.
For those curious, the flaw discovered by SySS centers on how the listed USB drives access the encrypted data. When you go to decrypt the data you enter a password, which must be checked, before you can do anything with the drives. The process of checking the authentication is the heart of the problem.
Each device vulnerable to the methods detailed in the SySS research has software that will reside on the host computer to verify the password used to decrypt the drive. This software will send an unlock code if the password is correct. The problem is that the unlock code is essentially the same, no matter the vendor or device. SySS developed an application that will skip the process used by the host software to check passwords, and simply send an unlock code. As you can tell by the number of USB drives listed, they had a decent amount of success with their work.
This is a design flaw, not a failure in encryption. So when news started to spread that the National Institute of Standards and Technology (NIST) was looking into the matter, more FUD appeared across the wires.
No one thought to ask why NIST is involved, choosing instead to focus on a statement from them that said they are looking into their certification criteria. Most of the recent media reports hinge on the fact that the vendors and products impacted by SySS’s work tout Federal Information Processing Standard (FIPS) 140-2 certification.
Essentially, FIPS is an accreditation standard used to certify encryption algorithms. FIPS 140-2 consists of four levels, most of which deal with the usage of at least one approved encryption algorithm or security function and various degrees of tamper resistance. It is great for a company’s marketing to have a product FIPS certified. At the same time, FIPS is a security guideline, and like other guidelines, such as PCI, FIPS does not mean secure, nor does it promise actual data security.
At no time will FIPS certify that the method used to authenticate the owner of the device is secure. This is up to the manufacturer of the device, and because of that a lot of trust is placed into their hands.
However, scanning the headlines, the larger picture is missing and the focal point of many of the stories online is that three of the larger vendors in the secure USB sector are vulnerable to attack, and as a result, so are their customers. While that is true in a sense, it only skims the surface. Not all of the customers using SanDisk, Verbatim, or Kingston are vulnerable.
Each of the vendors impacted by the SySS research offers other products that can be used for data security. There are other vendors, such as IronKey or SPYRUS, which do not use the vulnerable method of authentication. IronKey for example, never once uses the host system for authentication checks. There is biometric protection as well if you wanted it.
Still, you are better off using TrueCrypt and a regular USB drive if you have to encrypt data. The only problem is, because USB drives are easily lost, stolen, or broken, Enterprise or Government operations ban the use of USB media. Another point missing is that in several of the larger Government agencies, even Enterprise on some levels, they disable USB access completely on the network.
If you have to encrypt something, spend $20.00 on a normal USB drive and use TrueCrypt. If you have to purchase a secure drive, remember that FIPS 140-2 is a great certification for a product to have, but it does not mean proof of data security.
The problems in the authentication processes discovered by SySS are the result of solid research. SySS did a great job, both in how they went about the work and reported it to the public. However, the coverage related to their work is quickly becoming the first FUD-based news cycle for 2010.
SySS Report on SanDisk
[This editorial is the opinion of Steve Ragan and not necessarily those of the staff on The Tech Herald or the Monsters and Critics (M&C) network. Comments can be left below or sent to [email protected]]