Today’s news article on computer forensics is about hacking encrypted Fingerprint USB drives. The encryption being talked about is AES 256 hardware encryption, which til date use to be considered a very reputable and safe standard in the world of digital and computer forensics. You must have seen online advertisements about the most secure hardware based AES 256 bit encrypted Fingerprint USB drives from popular brand names such as Kingston USB and SanDisk USB, these are the ones that have been found to be completely vulnerable by a computer forensic company based off Germany called SySS. Their tests show a major design vulnerability that can decrypt the present information on the thumb drive.
SySS is a German company that specializes in Computer and IT Forensics. In a nutshell how they are able to read encrypted data is very simple, it does not even require to put in your password. When a user enters their correct password on the key to decrypt the information, the hardware algorithm passes through a particular string of information or characters to the device storage system which presents the information to the user in clear text. The flaw however comes in with the fact that this “String” passed through after a valid session for any password, is always the same!
SySS used their computer forensic know how to interpret this “string” and were able to demonstrate how they can pass this on to the hardware device and get decrypted information every time. There are two White Papers published by the company on their website that explains this much in depth. This discovery has major implications on Corporate and Law Enforcement officials which often carry sensitive information on such encrypted devices. As a matter of fact, there is school of thought around which is debating if law courts will now accept hardware encrypted thumb drives as “unaltered” secure evidence.