Sign in to follow this  
Followers 0
mungewell

Encryption busted on NIST-certified Kingston, SanDisk and Verbatim USB

1 post in this topic

http://blogs.zdnet.com/hardware/?p=6655&tag=nl.e589

While the data on the drive is indeed encrypted using 256-bit crypto, there’s a huge failure in the authentication program. When the correct password is supplied by the user, the authentication program always send the same character string to the drive to decrypt the data no matter what the password used.

I suppose this was done to allow changing of the passphrase.

But...

What’s also staggering is that this character string is the same for Kingston, SanDisk and Verbatim USB flash drives.

Complete fail!!!

Mungewell.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0