I just got a new 1 G usb stick, and it comes with encryption... is there any program out there to attack the encryption on a usb stick
thanks
Printable View
I just got a new 1 G usb stick, and it comes with encryption... is there any program out there to attack the encryption on a usb stick
thanks
Yes,
Just think of it as a regular HDD, the principles are the same. It depends on the architecture/methodology.
Comes with encryption? What kind of USB stick comes encrypted??
A lot of them do these days. Three of my four came with a management software package that allowed for partitioning, encryption and password protection. All of them were under $20 (2 x 512Mb and 1 x 1Gb).Quote:
Comes with encryption? What kind of USB stick comes encrypted??
I think that the critical phrase is, meaning software, not that it is actually encrypted already?Quote:
and it comes with
encryption
So I guess the question is: "how good is the encryption, and how secure is it?"
My answer is that it is the same as for anything else. It depends on the encryption algorithm and the strength of the crypto key.
k_tech needs to check the manual or the manufacturer's website to find this out.
The fact that it is a USB connected drive is not relevant.
:)
How interesting...first time I've heard of that, though admittedly I don't often mess with thumb drives.
I supposed the best encryption is not to lose it and let it fall into the wrong hands in the first place?
Exactly!
You might have caught that security news post I made a few weeks back about the British IRS losing the records of 25,000,000 people by sending them on CD through the post.
Or the MI5 agent who left his laptop in a wine bar?
Or the US Army thumb drives on sale in Bhagdad.
People do tend to forget about physical security I know :D
Myself, I just delete the software to get more space on the drive, because I don't store anything confidential on them ;)
could this be done with Openssl, but instead of attacking a file, attacking a mounted drive?.... also how would you find what type of encryption was used, and the strength.. or you just picked one and hope to guess itQuote:
Originally Posted by nihil
thanks to all
You may be interested in this:
http://www.fox-it.com/downloads/pdf/..._USBreport.pdf
I am afraid that I do not quite understand that. As far as I am aware SSL is a communications protocol, and I do not see the relationship to cracking an encrypted and password protected drive?Quote:
could this be done with Openssl, but instead of attacking a file, attacking a mounted drive?
That should be in the manual or on the manufacturer's website. I am not aware of any USB sticks that offer more than one, although different sticks have different (default) solutions. A Google search for the make and model might also turn up some product reviews that would contain those technical details.Quote:
also how would you find what type of encryption was used, and the strength.. or you just picked one and hope to guess it
If you look at the very interesting article that SirDice has linked to, you will see that the answers to your questions are dependent on particular products/implementations and how the user has applied them. It also raises some questions of clarification regarding your original question:
1. What resources are available ( i.e. what is your attack processing power)?
2. What is an acceptable timescale for the product to resist or be cracked in?
3. Is this a destructive or non-destructive scenario?.......... crudely speaking: "can we take the thing apart?"
4. Can we assume the availability of specialist equipment and competent electronic enginering technician's skills?
5. How long and strong is the password assumed to be?
:)