While we know the crypto design is a fail, because all the encryption related data is stored on the drive itself,...
I don't see why this makes it weaker, could someone explain?
The only apparent weakness I see from this page is that the secret key is a 4-8 digit number, meaning that the device could be realistically brute-forced by someone who knew the encryption algorithm.
The encryption algorithm is immaterial. a 4-8 digit password is just not strong to survive bruteforcing for more than a day, likely sooner with the right equipment.
The specific reason it is mentioned is because their recommendation is that the encryption key should be derived from both the input numbers and a secret baked into the hardware - which would then require brute-forcing the entire key rather than just the input numbers if the attacker only had the data on the drive.
With properly assembled hardware (yay, epoxy) protecting the crypto chip, extracting that key could be made very difficult, protecting against the attacker having the enclosure as well (the secure chip would need to enforce the rate limit itself).
Regardless of vulnerabilities, from a data safety/recoverability point of view it never seems like a good idea to me to use an encryption system that doesn't have a documented on-disk format.
8 comments
[ 3.4 ms ] story [ 37.6 ms ] threadI don't see why this makes it weaker, could someone explain?
The only apparent weakness I see from this page is that the secret key is a 4-8 digit number, meaning that the device could be realistically brute-forced by someone who knew the encryption algorithm.
You could try all possible passphrases with the wrong algorithm and you wouldn't get the plaintext, the algorithm is most certainly material.
The specific reason it is mentioned is because their recommendation is that the encryption key should be derived from both the input numbers and a secret baked into the hardware - which would then require brute-forcing the entire key rather than just the input numbers if the attacker only had the data on the drive.
With properly assembled hardware (yay, epoxy) protecting the crypto chip, extracting that key could be made very difficult, protecting against the attacker having the enclosure as well (the secure chip would need to enforce the rate limit itself).
How can intelligent people possibly not know how to spell the word "lose"?
http://www.h-online.com/security/features/Enclosed-but-not-e...