Home > Encryption, Exploits, Mastercard/McAfee/SafeBoot/Intel, Security/Exploits > “Cheap” Secure USB Sticks, you get what you pay for?

“Cheap” Secure USB Sticks, you get what you pay for?

Recently a whole slew of news sites announced a newly discovered vulnerability (care of the German Security firm SySS) on a range of “supposedly” secure consumer USB sticks.

These models from SanDisk, Kingston and Verbatim were apparently easy to defeat and retrieve the data from without knowing the users password or having any prior knowledge or touch on the stick.

The exploit was simple – it seems the software tool shipped with the sticks validates the password, not the stick itself, and the sticks use a fixed authentication key. Yes, ALL sticks use the same auth key. By simply sending this known ack key to the stick, you can unlock it, or any other stick.

Interestingly, some of these insecure devices had been through FIPS 140-2 Level 2 security certification, so should really have been immune to this kind of attack.

The affected device models include:

  • SanDisk Cruzer® Enterprise FIPS Edition with McAfee USB flash drive, CZ46 – 1GB,
  • SanDisk Cruzer® Enterprise FIPS Edition USB flash drive, CZ32 – 1GB, 2GB, 4GB, 8GB
  • SanDisk Cruzer® Enterprise with McAfee USB flash drive, CZ38 – 1GB, 2GB, 4GB, 8GB
  • SanDisk Cruzer® Enterprise USB flash drive, CZ22 – 1GB, 2GB, 4GB, 8GB
  • Kingston DataTraveler BlackBox (DTBB)
  • Kingston DataTraveler Secure – Privacy Edition (DTSP)
  • Kingston DataTraveler Elite – Privacy Edition (DTEP)
  • Verbatim Corporate Secure FIPS Edition USB Flash Drives 1GB, 2GB, 4GB, 8GB
  • Verbatim Corporate Secure USB Flash Drive 1GB, 2GB, 4GB, 8GB

This issue shows a classic design problem – software based password validation. The big mistake here in the design was not making a strong link between the password entered by the user and the cryptographic key on the stick itself.

If the programmers had set a unique key on the stick when the user set their password, the SySS attack would never have worked. Because they just used the password as a validation (effectively giving an entropy of 1 bit), they allowed SySS to bypass this whole “Is the password correct – Yes/No?” routine.

As for the McAfee supplied sticks, our Zero Footprint sticks and hard disks are fully protected from this attack, the exact models are:-

  • McAfee Encrypted USB Standard (v.2)
  • McAfee Encrypted USB Zero-Footprint
  • McAfee Encrypted USB Bio
  • McAfee Encrypted USB Hard Disk

These devices do in-hardware validation of the users credentials, the only thing the software does is send it over. If the stick does not agree that your password is correct, it simply won’t unlock the protected partition. No amount of snooping will help you bypass the protection.

These sticks are made by MXI, and are amongst the most secure on the market. Yes, they are a little more expensive than the non-McAfee sticks, but they are design-secure. You get what you pay for here.

The McAfee devices have been through certifications such as FIPS-140, and also through several rounds of penetration testing by several international companies.

The EUSB 1.2 supported SanDisk models (those connected to and managed by ePolicy Orchestrator) already have the patched firmware on them. They are not subject to this flaw either.

However, I must say if you bought stand alone SanDisk sticks from McAfee last year, you would have got the same device that you could buy anywhere – we just resell them. The “With McAfee” name just means it has our Anti-Virus software on it, not that it has our data protection system. You should check whether you need the firmware update (via SanDisk themselves).

There are a lot of web pages detailing this problem – some of the more popular are:

  1. Azu
    January 10, 2010 at 09:48

    FIPS certification truly is meaningless, it seems. Basically they are all “encrypted” with the same password, which is publicly known, and yet they are still FIPS-140 certified? What a pointless certification!

  2. Simon Hunt
    January 10, 2010 at 11:02

    It’s harsh to say FIPS 140-2 in general is meaningless, but I agree that the certification of these sticks under FIPS did not guarantee that they were “secure”. The value of certifications is in the eye of the beholder a lot of the time, just because something is not certified does not mean it’s insecure, and because it is, does not mean it IS secure (though it is more likely). At least certified products have gone through a modicum of third party evaluation, and in the case of FIPS, you can be sure the algorithms are properly coded (and that recognized algorithms are indeed being used). FIPS though is not a formal design/code review, well not until you get to level 4 anyway, but that’s impossible to achieve with software, or any complex system.

    You can liken the FIPS scheme to the US Patent Office – it tries to ensure that novel and unique designs get protection, and in the majority of cases this is the case, but, things still slip through now and again.

  3. Huas
    January 15, 2010 at 02:09

    “If the programmers had set a unique key on the stick when the user set their password, the SySS attack would never have worked.”
    That would have been also a bad idea…

  4. Mayuresh
    March 16, 2010 at 02:18

    I want to secure my usb.

  1. January 6, 2010 at 19:26

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: