Thread: Hardware hard disk encryption for P2P users
View Single Post
Old 01-11-05, 04:11 PM   #8
Drakonix
Just Draggin' Along
 
Drakonix's Avatar
 
Join Date: Apr 2000
Posts: 1,210
Default
Just some thoughts on this....

Quote:
Elkom introduces 128 bit and 192 bit hard drive encryption devices for ordinary citizens and corporations. HDDKEY is a device specially designed to encrypt and decrypt data with the 3DES (Triple DES) encryption engine. HDDKEY is an operating system independent and does not require any software drivers. It works on the hardware layer without software intervention of any kind. The secret random number transferred from the key token never reaches RAM or HDD surface where your sensitive data are stored in the encrypted form. The secret key is erased from the HDDKEY’s internal registers upon reset, reboot or shut down and can never be recovered.
It’s an interesting device. It’s greatest advantage is that it’s not software based, and won’t slow things down. The 192 bit version is $75.00, so it’s not too expensive.

There has to be some smarts in the device so that it does not encrypt commands going to the hard drive, and only deals with data being written to, or read from the drive. It’s application is stated to be hard drive specific, it may not work properly if used on a CD or DVD recorder drive.

There are some limitations on the protection it can give if someone has physical access to your computer, the HDDKEY device and the encrypted drive. For the greatest security, the device and secret key must be separately secured.

The “secret random number” key is generated using a utility program “3des_v2.6.exe” which can be downloaded from the site at http://www.elkom.com.tw/files/3des_v2.6.zip . The utility uses random mouse movements to generate a random hexadecimal key. I used it to generate a “secret key” for 192 bits. A picture below shows the result. The utility then writes the key, unencrypted, to a .bin file on your hard disk. A hex dump of the file written by the utility is also pictured. It’s just the 24 bytes of the key I generated. The program screen says that the key contains parity bits, so any sequence of 24 hexadecimal bytes may not work as a key.

Apparently, this key is then written to the HDDKEY device. The article says the key is erased from the HDDKEY “upon reset, reboot or shut down” , which means the next time you use it the key would have to be re-sent to the HDDKEY device.

Since the key is written to an unencrypted file, the key could be recovered from the file. The entry of the key could also be captured using a key logger. I would be inclined to do something like write these keys only on a smartmedia card (they are very thin) and conceal it. Since the key apparently has to be in computer-readable format to be sent to the HDDKEY device, merely memorizing the key may not be possible.

I would say the HDDKEY device definitely has useful possibilities in the exchange of large amounts of data via hard drives.
Attached Thumbnails
Click image for larger version Name: SecretKeyDump.jpg Views: 1469 Size: 39.0 KB ID: 11707  
Attached Images
 
__________________
Copyright means the copy of the CD/DVD burned with no errors.

I will never spend a another dime on content that I can’t use the way I please. If I can’t copy it to my hard drive and play it using the devices I want, when and where I want, I won’t be buying it. Period. They can all take their DRM, broadcast flags, rootkits, and Compact Discs that aren’t really compact discs and shove them up their bottom-lines.
Drakonix is offline   Reply With Quote