The Corsair User Forums  

Go Back   The Corsair User Forums > Corsair Product Discussion > Voyager Air and USB Flash Drives

Reply
 
Thread Tools Rate Thread Display Modes
  #1  
Old 03-21-2010, 10:33 PM
Aaron Nabil Aaron Nabil is offline
Registered User
 
Join Date: Mar 2010
Posts: 2
POST ID # = 444604
Aaron Nabil Reputation: 10
Default questions about Flash Padlock 2

I sent this a while ago but didn't get a reply, so I'll try here. I'm running up against a deadline to recommend a device to our staff and customers.

If answering these questions makes your device less secure, just say so and I'll exclude your device and move along, our selection criteria is that the device security be based on actual encryption, not "hidden knowledge of the designer". On the other hand if your device wouldn't be any less secure by answering the questions, please do so, what do you have to lose except to sell more of them to my staff and our customers?




---------- Forwarded message ----------
From: Aaron Nabil <nabil@>
Date: Thu, Mar 4, 2010 at 4:55 PM
Subject: questions about Flash Padlock 2
To: ramguy@corsairmemory.com


We needs a secure USB drive to give out to our traveling staff.

I called your tech support and although they were able to answer my first question, they didn't know the second.

1st question: Is the device any less secure if some had the complete schematics and source to all the firmware of the device, ie they knew everything about it?
As a sanity check please answer the same question as it applies to your "padlock 1" device.

2nd question: The device claims 256bit AES encryption. Where does the 256 bits of key material come from and how is it generated?
Reply With Quote


Did you find this post helpful? Yes | No
  #2  
Old 03-22-2010, 01:02 AM
Wired's Avatar
Wired Wired is offline
Administrator
Wired's PC Specs
 
Join Date: Aug 2000
Posts: 32,001
POST ID # = 444613
Wired Reputation: 16
Default

No, I don't work for them.

1. Of course! Everything's less secure if you know how it works.

This won't answer #2, but it's worth a read: http://www.schneier.com/blog/archive..._implemen.html
__________________
No, I don't work for Corsair
...you need to flow like a river...
Forum Rules
Admin of this forum / webdesignforums.net / Petri's IT Forum / The Corsair Memory Steam Group
Founder/Creator/Admin of ZE SECRET PROJECT (Coming Soon)
Reply With Quote


Did you find this post helpful? Yes | No
  #3  
Old 03-22-2010, 09:49 AM
Aaron Nabil Aaron Nabil is offline
Registered User
 
Join Date: Mar 2010
Posts: 2
POST ID # = 444655
Aaron Nabil Reputation: 10
Default

Quote:
1. Of course! Everything's less secure if you know how it works
Is AES less secure because it's a published standard? If the security of this device relies on the obscurity of the implementation or secrets in it's firmware then it's just snake oil.

Thanks for the link. I see other people are asking where the other 200 bits of key entropy are going to come from and that the "lockout mechanism" is only a casual deterrent.
Reply With Quote


Did you find this post helpful? Yes | No
  #4  
Old 03-24-2010, 11:04 AM
RAM GUY's Avatar
RAM GUY RAM GUY is offline
Corsair Product Guru
 
Join Date: Apr 2001
Location: Fremont, CA
Posts: 118,289
POST ID # = 444988
RAM GUY Reputation: 10
Default

Quote:
1st question: Is the device any less secure if some had the complete schematics and source to all the firmware of the device, ie they knew everything about it?
As a sanity check please answer the same question as it applies to your "padlock 1" device.
A: The device is no less secure if one had schematics and source code. The engineers that created this drive have both and cannot hack it.

Quote:
2nd question: The device claims 256bit AES encryption. Where does the 256 bits of key material come from and how is it generated?
A: A Device key is created in the factory with a deterministic random number generator (RNG) and is unique for each drive. Subsequent Session keys are created inside the drive using a non-deterministic RNG that makes use of random events operating on the Device key as a seed.
Reply With Quote


Did you find this post helpful? Yes | No
Reply

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 04:53 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.