Encryption Cracked On NIST-Certified Flash Drives

Please create an account to participate in the Slashdot moderation system

Encryption Cracked On NIST-Certified Flash Drives 252

Posted by timothy on Tuesday January 05, 2010 @02:37PM from the whoopsie-daisy dept.

An anonymous reader writes "USB Flash drives with hardware based AES 256-bit encryption manufactured by Kingston, SanDisk and Verbatim have reportedly been cracked by security firm SySS. These drives are advertised to meet security standards suitable for use with sensitive US Government data (unclassified, of course) as emphasized by the FIPS 140-2 Level 2 certificate issued by the US National Institute of Standards and Technology (NIST). It looks likes the Windows-based password entry program always sends the same character string to the drive after performing various crypto operations."

This discussion has been archived. No new comments can be posted.

Encryption Cracked On NIST-Certified Flash Drives

Search 252 Comments Log In/Create an Account

Comments Filter:

Always sends the same character string (Score:2, Funny)

by Anonymous Coward writes: on Tuesday January 05, 2010 @02:42PM (#30658466)

"12345"

Share
twitter facebook
Oops. (Score:3, Funny)

by Brian Recchia ( 1131629 ) writes: <brian@recchia.name> on Tuesday January 05, 2010 @02:43PM (#30658482) Homepage

Looks like they forgot the ROT13

Share
twitter facebook
Re:Article title misleading... (Score:5, Funny)

by maxume ( 22995 ) writes: on Tuesday January 05, 2010 @03:25PM (#30659060)

At least they used an industry standard for the key.

Parent Share
twitter facebook
Re:Always sends the same character string (Score:4, Funny)

by pushf popf ( 741049 ) writes: on Tuesday January 05, 2010 @03:25PM (#30659062)

"12345"

That's the stupidest combination I've ever heard in my life! The kind of thing an idiot would have on his luggage!

Parent Share
twitter facebook
Re:How does this differ from Truecrypt? (Score:3, Funny)

by sjames ( 1099 ) writes: on Tuesday January 05, 2010 @04:19PM (#30659792) Homepage Journal

More to the point, what's the point of a super lock if you're going to tape the key to the door?

Parent Share
twitter facebook
Do it 256 times (Score:3, Funny)

by cromar ( 1103585 ) writes: on Tuesday January 05, 2010 @05:47PM (#30661206)

No, no, no be sure to do it 256 times. That's the most secure (assuming 8-bit char are used).

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Encryption Cracked On NIST-Certified Flash Drives 252

Encryption Cracked On NIST-Certified Flash Drives More Login

Encryption Cracked On NIST-Certified Flash Drives

Always sends the same character string (Score:2, Funny)

Oops. (Score:3, Funny)

Re:Article title misleading... (Score:5, Funny)

Re:Always sends the same character string (Score:4, Funny)

Re:How does this differ from Truecrypt? (Score:3, Funny)

Do it 256 times (Score:3, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot