8 comments

[ 3.4 ms ] story [ 37.6 ms ] thread
While we know the crypto design is a fail, because all the encryption related data is stored on the drive itself,...

I don't see why this makes it weaker, could someone explain?

The only apparent weakness I see from this page is that the secret key is a 4-8 digit number, meaning that the device could be realistically brute-forced by someone who knew the encryption algorithm.

The encryption algorithm is immaterial. a 4-8 digit password is just not strong to survive bruteforcing for more than a day, likely sooner with the right equipment.
And how do you plan on brute-forcing any password without knowing the encryption algorithm in use? Which was the parent's point.

You could try all possible passphrases with the wrong algorithm and you wouldn't get the plaintext, the algorithm is most certainly material.

Ah. I misread the initial comment. You are correct and I was too hasty to comment.
You're spot-on with the weakness.

The specific reason it is mentioned is because their recommendation is that the encryption key should be derived from both the input numbers and a secret baked into the hardware - which would then require brute-forcing the entire key rather than just the input numbers if the attacker only had the data on the drive.

With properly assembled hardware (yay, epoxy) protecting the crypto chip, extracting that key could be made very difficult, protecting against the attacker having the enclosure as well (the secure chip would need to enforce the rate limit itself).

"If the temperature of your soldering iron is too high, metal traces on the PCB could separate from the board and loose connectivity."

How can intelligent people possibly not know how to spell the word "lose"?

Regardless of vulnerabilities, from a data safety/recoverability point of view it never seems like a good idea to me to use an encryption system that doesn't have a documented on-disk format.