What are your thoughts on USB storage drives that have keypad encryption?
What are your thoughts on USB storage drives that have keypad encryption?
It seems like the benefits are having the device lock/wipe itself after a set amount of attempts in case of a brute force attack and not having to run software to decrypt the drive on the device you plug it into.
I included a picture of the IronKey Keypad 200 but that's just because it's the first result that came up when I was looking for an example. There seem to be a few other manufacturers and models out there and they probably have different features.
I am curious what do you think of them? Do you think they are useful? Do you find it more a novelty?
It was an ExplainingComputers video titled Very Useful Small Computing Things that made me think of them.
Nice just look at the most worn buttons
Damn. Dude just comes in and ends the entire discussion.
It seems like these drives can use up to 15 digit pins and lock out after a set number of attempts. I don't know if that would be a huge issue
Permutations have entered the chat
It still drastically narrows down the search space and makes social engineering a LOT easier.
Because you tend to have one of two sources for any password that people need to remember.
- Randomly generated with no rhyme or reason. And written down on a sticky note as a result
- Something with meaning to the user
And it is the latter where this becomes an issue. Because let's say they are a 50 year old and 1, 4, 6, 7, and 9 are heavily worn. Well, they were born in the 70s so let's verify exactly when. Hmm, May. No 5 means it probably isn't their birthday. Wait... their partner was born on April 7th, 1976. No luck. Oh, but what if they were clever and it is actually 197647 instead of 471976? Boom, in.
Just press the rest of the keys after you unlock it. Or use all the keys in the password. Or purposefully scuff them up.
Ironkey has been more careful than some other vendors but the concept still seems dubious to me, if you are trying to stop serious attackers. You want the decryption key to be completely separated from the storage.
Ironkey has been more careful than some other vendors
In what aspects? I don't know much about these specific devices
Cryptography and tamper resistance implementation. E.g. search "ironkey fips certification". Ironkey is a Kingston brand now though, and Kingston has traditionally been crap, so be careful. Anyway if it's for run of the mill personal files where you just want some extra protection, the device is probably ok if you don't mind the semi-ridiculous cost. This is interesting though: https://www.wired.com/story/unciphered-ironkey-password-cracking-bitcoin/
Also a teardown report: https://hardwear.io/netherlands-2021/presentation/teardown-and-feasibility-study-of-IronKey.pdf
There are more serious technical approaches to data protection, but fairly quickly the weak spot becomes the humans in the loop, which are harder to handle with pure technology.
Does this matter if it needs a password? Luks stores the key in storage too
If I understand Luks, the raw key is encrypted using the passphrase, so that is an ok scheme if the passphrase itself is too random to attack by brute force (unlike the 8 digit code that the Ironkey device uses). Look up "diceware" for a reasonable way to generate random phrases. Luks with this approach can be pretty good, though still potentially vulnerable to key loggers and other such attacks. Basically, put careful attention into what you are trying to protect against. High security commercial crypto (e.g. for banking) uses hardware modules in secure data centers, surrounded by 24/7 video surveillance. Check out the book "Security Engineering" by Ross Anderson if this sort of thing interests you. 1st and 2nd editions are on his website, use web search. Parts of the current 3rd edition are there too).
Do encryption in software. History taught us hard lessons about this.
Can you think of some notable examples of hardware based encryption failing?
Besides the actual device dying I mean
The downside with doing encryption in software is that you can't limit attempts. If you are using a high-entropy key this is fine. But getting users to use high-entropy keys has problems. If there is an HSM integrated into the device you can limit the potential guesses before the key is wiped which is critical without high-entropy keys.
A blog I follow recently had a good post about this: https://words.filippo.io/dispatches/secure-elements/
Of course you are still better off with a high-entropy key and software. But if you trade off too much usability in the name of security you will likely find that your users/employees just work around the security.
I had one of the SanDisk flash drives that had some launcher thing on it and I had a password for some reason on it.
In high school, a classmate tried to guess it, 3 times and I lost everything on it forever, since it stupidly locked forever after 3 tries.
I had software projects from back then that I can never get back.. including a web browser. I could have had the next Firefox..
If you're out there, Liz: I'll never forgive that.
Liz taught you to make backups of data you value
Was it going to be open source ?
I didn't know what that was yet.. but probably.
Hardware signing devices have lots of utility because they keep the key from ever being on the machine (which is more likely to be compomised). Think ledger or trezor for your Bitcoin. Hardware encryption devices are just really expensive and black-box ways to avoid Veracrypt.
If your encryption algorithm is secure, you have no use for automatic lock-out. If it's not, automatic lockout won't do much against an attacker with physical access to the device. Unless they are dumb enough to trigger the lockout AND the internal memory wipes itself sufficiently well AND/OR the attacker doesn't have the resources to reverse engineer the device.
If your encryption algorithm is secure, you have no use for automatic lock-out.
This isn't true. You need your algorithm and your key to be secure. If the key needs to be remembered or entered often it probably can't be secure. So brute force protection becomes very important.
If it’s not, automatic lockout won’t do much against an attacker with physical access to the device.
This isn't true. Yes, with enough time and effort it is possible to extract any data from any device. But in practice physical HSMs do an excellent job at raising the cost of key extraction. I would much rather have an attacker steal my Yubikey than a USB with my GPG key lying on it.
Like most things, it's important to remember what threats you're trying to protect yourself against.
Are you trying to protect yourself against dropping a USB in a parking lot and someone picking it up? Or are you trying to protect yourself from a nation state?
Just my opinion but I don't really like the common belief of separating nation and non nation state actors. We're getting to the point where nation states are making up a large portion of the really damaging attacks, and it's frequently ones own government or a government they're in conflict with which means there are very kinetic consequences for failure even if you're a nobody. It's not just someone stealing some money anymore.
Only buy stuff with upgradeable firmware.
They occupy a strange niche full of contradictions.
Entering the code on the device itself should increase security as opposed to entering it on a compromised computer.
But plugging it into a compromised computer means the data is compromised anyway.
Their security is way harder to audit than a software solution like PGP. The actual "encryption" varies from actual decent setups to "entering the code connects the data pins with no actual encryption on the storage chip"
Not having to instal/use software to use them means they are suitable for non-technical users which in turn means more support calls for "I forgot the pin, it wiped itself, can you restore my data"
They are kind of useful to check the "data is transported on encrypted media" box for compliance reasons without having to manage something bigger.
Yeah i dont see how this would be better then a run of the mill thumb drive (that doesnt scream im worth stealing) and just creating a cryptomator vault on it.
Is that solution portable for any device and os you might plug it into?
Obligatory XKCD
These are handy if you have to move sensitive information but I've experienced more than one event at work where irreplaceable files were lost due to user error on these type of drives.
I couldn't tell you about the lifespan of these devices either, something tells me the keys won't last more than a few years if it's being used regularly.
If your only copy of critical data is on a portable storage device you are doing so many things wrong.
Agreed.
Have to stay within hipaa, sadly that means tech-illiterate c suite dipshits make decisions on hardware.
I wouldn't trust any part of its hardware and software to store anything worth encrypting on it
Looks find to me, depending on your use case, everything would have a use case
Many people mention airport red flags and checks, for me I never had any issues with the airport stuff, except one time in China when I had a full case of wires, really 10kg of wires, and they just asked me me to open and show, np
Why did you have a 10kg bag of wires?
The ones that went through FIPS 140-2 Type 3 or above validation are legit. We used Apricorn for CUI data…examples: https://www.archives.gov/cui/registry/category-list
I don't trust hardware implementations of encryption in the same way I don't trust hardware raid arrays.
Useful for what? Hiding stuff from family-member or coworkers? Yeah sure. Why not.
Hiding stuff from professionals that really want your data? Probably not very helpful.
Also what about backup? One controller-malfunction and your stuff goes poof. I just assume the data is somehow important or else you wouldn't care about such a device 😊
Too expensive. Use software encryption instead
First time I've seen something like that, but my initial thought was: wow, that's a lot of parts that can break and things that can go wrong (compared to only encrypting the data itself before storage).
like everyone else has said hardware level encryption doesn’t seem like the most sound option.
Personally i’ve just encrypted sensitive files with picocrypt, only just started looking into better encryption techniques though so there’s probably better alternatives.
Same problems as any firmware based encryption (encrypting SSDs, etc.). Firmware is quickly outdated and the triangle price - speed - security usually neglects the security part.
As long as the security software it uses is solid I think it's a decent idea.
Good until you spill a Cuppasoup on it's chinesium keyboard.
What is your use case for this?
- Confidential files in a public setting? Don't fucking bring confidential files to a public setting. But if you must, a big bulky laptop with (good) FDE is a lot more sequre than a flash drive someone can pickpocket.
- Border crossing? Guess what? You paint a MASSIVE red flag on your back and get to learn that you don't actually have all that many rights in the time between stepping on foreign soil and being admitted by customs. Congrats, you gave them the wrong code three times and it got wiped. They are going to break your face and put you in a black site.
- Hiding sensitive/highly illegal content in the event of a police investigation: Yeah... if you are at the point where there is a warrant (or black van) out for your arrest than it really doesn't matter if they can see whatever you were looking at last night.
At my old job we required these for "thumb drives" and all they ever did was make reformatting machines pure hell.
What is your use case for this?
In the ExplainingComputer's video he was using it to store his passwords. I'm not sure if he was doing it in conjunction with something like an encrypted password database or a plain text file.
So it is confidential files in a public setting.
This is a solved problem that doesn't involve a small overly expensive flash drive that requires very blatant operation to unlock when needed.
Stopping low effort attempts to get data it seems good, as an addition too software encryption it seems great. Of course hardware can range from child toys, gimmicks, to serious hardened hardware, so results WILL vary.
They are interesting. But they are a huge red flag and scream examine me if it's in your luggage and your crossing a boarder.
I'm somewhat dubious about a hardware system not having long term undiscovered flaws. Be sure to use software based data protection on top of the hardware solution.
Depending one where you are this may may be seen as normal in many airports as this isn't uncommon in a business setting
But they are a huge red flag and scream examine me if it’s in your luggage and your crossing a boarder.
Good point. I guess you'd need to look into key disclosure laws at that point if they were in your threat model
I have one as a 'last resort' option. It's got backups of BitWarden, Aegis and Standard Notes and is only connected to my machine during backups.
Seems like it's a good starting point.
I wonder if you can encrypt the files prior to storing them on the key, which would then encrypt them a second time with a different method. Would the compromise the data in any meaningful way? Or would it mean that you had to decrypt the key and then decrypt the data a second time?
I believe you would have to decrypt them a second time. For example if you wanted to be real secure you could have the USB device, an encrypted folder that holds important documents and files you want to back up, and inside of that could be a password database that requires a Yubikey or similar device.
I believe what you are talking about is kind of like using a combination of cascading algorithms like AES->Twofish–>Serpent.
I could be wrong though. If I am I hope someone can correct me.
I have this device and use it to store my keepassxc and onlykey backups, and it's useful to me because I've stopped using passwords (I only need to remember the pins for these devices which can unlock my keepass dbs that have everything else).
It seems secure enough for my use case, especially since the files I store in it are themselves encrypted (the onlykey backup still requires a pin), but I still want them to be difficult to access.
I've had to rely on it before but only because I didn't prepare a backup onlykey ahead of time- ideally it should be one of many recovery methods. But so far it's worked great for me.
Couldn't the data be cloned and cracked off device without having to worry about the pin code?
Yes, but it's meant to be difficult to do. Encryption algorithms are designed and chosen to be expensive to crack, so that you'd need NSA-level clusters to find the key in our lifetime.
I don't know if you could attack the encryption controller itself to brute-force the PIN to release the key. I assume in theory it's possible, but unless you're a very desirable target, they probably won't spend the effort, and attack something weaker. Like your cell phone, or your kneecaps.
If they did it right it'd not store the key, but instead use something like PBKDF2
I use them in my job and I find them better than the software only solution and I like them when I have to use them for sensitive file transfers.
I see one use-case, If you're going w/ sth illegal as hell to a place where you might get arrested and searched for just being there i.e a protest, nuking your (illegal) data might save your ass.
I have a USB drive with a keypad on it, it stores my FIPS Compliant SSH-key for IL-5 government systems. I unlock it to add my key into my ssh-agent, and don't use it for anything else. Though it is an 8gig USB stick, so I could in theory run some kind of security/pen testing flavor of linux plus a VPN Client to connect to said systems.
Is there a specific benefit to that over something like a security key with a keypad, or even just a passphrase?
The government is slow, so using a yubikey isn't authorized, but the datasur pro is, and the private key does have a passphrase.
Something else to break down.
I'll store my weird shit on an unsecured hard drive stashed in the woods. Like those that came before me, and those before me.
You meant and those before them right ?
You heard what I said. You heard it just like those before me.
Store it in your bosses garden.
It's very hard to actually secure something someone has physical access to and that can be disassembled.
Mere disassembly doesn't get you the date. Even if you read the chip directly, it would still be encrypted.
Yeah. It does add another layer of security but if someone has the resources and motivation to get into an encrypted file or folder I suppose they could probably find a way around the hardware aspect. A bit of a niche use case.
I'm not sure how difficult it would be to get around the hardware aspect though especially with the higher end versions of these drives.
One thing I can tell you, it's that you can't use them as bootable drives to install an OS from. And if you try to pass the USB connection from an ESXi host to a VM on it, it won't work.
Aside from that, they're really annoying to work with.
Didn't use ironkey specifically but you can totally boot from an apricorn. Basically involved plugging it in, rebooting the machine, and VERY rapidly entering the unlock code before the bios finishes starting up and gets to the "so which drives are bootable?" phase.
It was hellish but it was also corporate policy to not use any USB storage devices that did not have a keypad for encryption. And DVDs were strongly controlled by the IT department (who were about as stupid as you would expect to have signed off on a policy like that).
Ah it was easy enough to get the iron key unlocked during post, as those HP servers take forever to boot, problem was the bios couldn't recognize the USB. Whatever firmware is on it that does the security confused the system, and while it saw the drive, it didn't know what it was and wouldn't boot from it. In both uefi mode, and in legacy bios mode
If you are lucky enough to know the admin key for the apricorn drives you can put them in lock override mode which keeps it unlocked till it completely loses power off the USB bus