General

January 05, 2010, Most major memory brands such as Sandisk, Kingston and Verbatim provide Secure Flash Drives in addition to their standard flash drive range on the market. Secure flash drives promise to keep your data secure from hackers, viruses, water, earthquakes and other natural disasters. On January 05, 2010, a design flaw was reported, which would allow an attacker to gain access to secure flash drives manufactured by some of the big brand flash memory-makers. it was reported that it is possible to send a “unlock” flag to the devices which would trigger them to unlock via the computer without requiring the user-set password. German Pen-Test firm SySS GmbH published a paper highlighting the flaws. Affected Devices

SanDisk Cruzer® Enterprise FIPS Edition with McAfee USB flash drive, CZ46 – 1GB, SanDisk Cruzer® Enterprise FIPS Edition USB flash drive, CZ32 – 1GB, 2GB, 4GB, 8GB
SanDisk Cruzer® Enterprise with McAfee USB flash drive, CZ38 – 1GB, 2GB, 4GB, 8GB
SanDisk Cruzer® Enterprise USB flash drive, CZ22 – 1GB, 2GB, 4GB, 8GB
Kingston DataTraveler BlackBox (DTBB)
Kingston DataTraveler Secure – Privacy Edition (DTSP)
Kingston DataTraveler Elite – Privacy Edition (DTEP)
Verbatim Corporate Secure FIPS Edition USB Flash Drives 1GB, 2GB, 4GB, 8GB
Verbatim Corporate Secure USB Flash Drive 1GB, 2GB, 4GB, 8GB

The flaw is pretty straight-forward. When the secure flash drive is connected to the computer, software accompanied with the flash drive is run on the computer, which authenticates the password supplied and sends an “unlock” flag to the drive. When analyzed under a debugger, the code simply translates to a common “conditional jump”, which can be patched to unlock the device. Such implementations of security have been criticized by reserve-engineers around the world and certainly raise questions on the design process of the compromised flash drives. Many “cracks” for software are based around the same technique of changing the logic of software during runtime, which is easily visible under a good debugger, say OllyDbg and Softice. The concerning fact for public and many users who have purchased these devices is that they had boasted as being certified to FIPS 140-2 Level 2 security validation from the US Government organization NIST (National Institute of Standards and Technology). SySS GmbH used OllyDgb to change a flag in the software accompanying the secure flash drives to gain access to the drive without knowing the original password. Of course this begs the question, how and why did NIST certify the affected products as secure flash drives when they had such inherent flaws in design. NIST is of course upholding their position and said

“From our initial analysis, it appears that the software authorizing decryption, rather than the cryptographic module certified by NIST, is the source of this vulnerability”

Yes of course.

“Nevertheless, we are actively investigating whether any changes in the NIST certification process should be made in light of this issue.”

The NIST certification is concerned with the cryptographic modules which encipher and decipher the data held on the device. As security buffs will argue, if you put the most secure encryption module behind insecure implementations, it will result in an overall insecure system. For secure flash drives, it is pretty embarrasing to see the top vendors failing to deliver what their product had promised. As demonstrated by this flaw, media-led consumers have an incorrect perception of certifications issued by big organizations. These certifications don’t ensure that the device is secure, only that the cryptographic module is secure, right. Ironkey users would be happy to know that the flaw has not affected their products. Ironkey uses hardware based authentication rather than sending unlock flags to the device. All Ironkey Secure Flash drives remained unaffected by this flaw, and we are not surprised to see sales of this device hitting the roof. Remember, not only software is vulnerable, but also hardware. It is easier to analyze software under a debugger, but with the right tools, analyzing hardware under a debugger is just as easy. Particularly vulnerable is the sequence which unlocks the drive once the authentication is complete – which nodoubt should be one of the most guarded routines on the flash drive. Luckily, Ironkey has designed its protection from the ground up. Chips on the secure flash drive are melted in ePoxy which means gaining access to the hardware is almost impossible, even by the most determined hackers. As we understand, if you have spent over the odds to buy a secure flash drive, you shouldn’t have to worry about implementation of security on the device. Although Kingston, Sandisk and Verbatim will furiously try to do whatever they can to remedy and bury the problem, we believe it wont be an easy task to restore consumer confidence. As expected, Kingston is replacing all affected secure flash memory drives and issued the following statement to reassure its customers;

Kingston Digital Inc. considers the safety of our customer’s data as paramount. Kingston customer’s affected by any security risks should please visit our website for further direction on how to address any issues at: http: //www. kingston. com/driveupdate