Flash Padlock. Self-Secured and Host-Independent USB Flash Drive White Paper. April 2007 Prepared by ClevX, LLC for Corsair Memory

Transcription

1 Flash Padlck - White Paper Flash Padlck Self-Secured and Hst-Independent USB Flash Drive White Paper April 2007 Prepared by ClevX, LLC fr Crsair Memry 1 INTRODUCTION Millins f USB Flash Drives (UFDs) are being used fr data backup, transfers, as well as intermediate and primary strage. UFDs pse a unique security challenge. Being tiny and highly prtable, they are easily lst r stlen alng their cntent. Thus, many peple are reluctant t emply UFDs t stre financial data, user names, passwrds, credit card data, and ther sensitive infrmatin. In additin, mst mid and large sized rganizatins restrict the use f UFDs as they pse a ptential crprate infrmatin leak as referenced by Sarbains-Oxley. Sensitive infrmatin, if cpied t ne f these drives, might end up in the wrng hands. T prtect the UFD and its cntent frm malicius and unauthrized access, user authenticatin is required. This white paper describes existing UFD authenticatin practices and their inherited drawbacks. It then describes Flash Padlck - a self-secured, hst-independent (crss platfrm) USB Flash Drive with a hardware authenticatin mechanism*. Finally, we cmpare Flash Padlck with existing slutins t demnstrate its ptimal balance f usability, security, and price. * - US and Freign Patents Pending Cpyright ClevX, LLC Page 1 f 5

2 Flash Padlck - White Paper 2 LACK OF STANDARD AUTHENTICATION Currently, the cmputer's standard USB Mass Strage Class has n prvisin fr authenticatin. The UFD cnnects t the cmputer and the hst s Operating System (OS). The detectin f a USB drive prmpts lading f a standard driver that results in munting the device as standard file system disk. This mechanism is prvided by a number f perating systems and sme embedded equipment such as that used in ffices and manufacturing. Authenticatin, if required, is the respnsibility f the hst; it must engage the user in a authenticatin prcedure t grant access. A cmmnly used methd is sftware based passwrd authenticatin that becmes a prprietary functinal extensin f the USB Mass Strage class. Anther is fingerprint recgnitin knwn as bimetric authenticatin. 2.1 Passwrd Based Authenticatin Passwrd authenticatin requires hst sftware t extend the functinality f the standard driver. Typically, UFDs are shipped with a single public memry partitin. T activate security, the user is required t re-frmat the drive, dividing it int tw, fixed sized, partitins: ne public, ne private. A prgram executed frm the public partitin cntrls access t the private partitin. Typically, a passwrd grants access t the private partitin that results in a switch: the private partitin munts at the expense f the public partitin. File peratins nw pass thrugh an encryptin prcess t the private partitin. This cnfiguratin remains until the user exits t recnnect with the public partitin r unplugs the drive. Passwrd based authenticatin has a number f drawbacks: Authenticatin is Hst and OS dependent. While the public partitin is visible t any USB Mass Strage Class cmpliant OS, access t the private partitin is cntrlled by a prprietary authenticating applicatin. Therefre, authenticating applicatins must be custmized fr different perating envirnments. Cmplex Usability. Many users avid, r give up altgether, because the prcedure is perceived as cmplex and nt particularly intuitive. Nn-cmputer savvy users find it cmplex. Frmatting the device results in erasing the entire the drive. Previusly stred infrmatin requires backup prir t frmatting. Partitining the UFD is static. Users are unable t anticipate the required size fr private partitining. If mre space is needed later, repartitining requires refrmatting. Cumbersme partitin management. Users perceive the UFD as fragmented media and need t be cnsciusly aware f file lcatin (private r public?). Cpying files between partitins is cumbersme as intermediate media is required t hld files during a partitin switch. Backup and restratin f an entire drive is nn-trivial as partitins need t be accessed separately. Gd security requires cmplex passwrds. In rder t defend against dictinary and similar attacks, it is recmmended t use pass phrases that are lng, cmplex, and include special characters. Plicy dictates a frequent change f passwrds that make them even mre difficult t remember. In reality, passwrds dn't frequently change and tend t be simple and easy t remember. Often times, the same passwrd is used fr multiple lgins and access. Security breaches. A keybard prvided passwrd might intrduce a security breach. Cpyright ClevX, LLC Page 2 f 5

3 Flash Padlck - White Paper Passwrd Extractin by malicius sftware. Keybard lggers and ther spyware might intercept passwrds and redirect t a malicius surce. This is risky in security hstile envirnments such as public cmputers in a place such as a library, Internet café, kisk, etc. Extract passwrd by dictinary/brute-frce attack. A malicius applicatin can generate a great number f passwrds in an attempt t gain access t a prtected UFD. This may take sme time and is passwrd dependent. As mentined abve, users typically use simple passwrds as it is difficult t recall strng/gd passwrds. 2.2 Bimetric Authenticatin Less cmmn than passwrds, Bimetrics utilizes a small finger-print scanning sensr. Authenticatin is quite similar t passwrd based drives with bth public and private partitins. The private partitin is made available when the authrized fingerprint is recgnized. Bimetric authenticatin is mre resistive than passwrd based attacks. Hwever, there are drawbacks t this methd as well. Authenticatin is Hst and OS dependent. While the public partitin is visible t any USB Mass Strage Class cmpliant OS, access t the private partitin is restricted t a OS applicatin that is capable f executing authenticatin. Lng-term reliability has nt yet been established. Current methds f finger print recgnitin, when packaged in a small scale UFD, d nt prvide the necessary reliability. There are many reprts indicating prblems with false-psitive and false-negative readings. A back dr passwrd is ften used t cmpensate fr inherit unreliability. This undermines the basis fr bimetric authenticatin in the first place. Thus, it has all the vulnerabilities f passwrd prtectin. Fingerprint recgnitin is best perfrmed when the finger is clean withut cuts. Changes in skin surface can ptentially create prblems. Bimetrics is expensive. Bimetrics adds a cnsiderable price premium. Bimetric drives have seen limited success in the market place. Restricted t ffice envirnments. It is impssible t wrk with bimetric sensrs wearing glves, which may be required fr bitech and military applicatins. 3 FLASH PADLOCK Cpyright ClevX, LLC Page 3 f 5

4 Flash Padlck - White Paper Flash Padlck is a self-secured, hst independent (crss platfrm) USB Flash drive with a hardware authenticatin mechanism. When lcked, a Flash Padlck is invisible t its hst. Authenticatin is based n crrect entry f a user defined PIN using the n-bard keypad. A crrect PIN activates a Flash Padlck allwing it t perate as a standard USB mass strage device. A PIN can cnsume up t 10 digits and is nt stred anywhere that is accessible frm the cmputer. Battery equipped, PIN entry can be perfrmed while detached frm a hst cmputer. Status indicatrs prvide visual feedback fr authenticatin. A red status indicatr means the drive is lcked; green indicates the drive is unlcked and ready fr peratin. An aut-lcking feature allw Padlcks t lck themselves when remved r the hst shuts dwn. If the drive is unlcked under battery pwer, it will autmatically re-lck if a hst is nt detected within 15 secnds. Flash Padlck represents bth usability and security. True Hst Independent and Crss Platfrm. Since authenticatin des nt depend n hst functins, it wrks equally well with all perating systems that supprt the USB Mass Strage Class: fr example Windws, Mac OS, Linux, and ffice equipment. Authenticatin is self cntained. N special sftware r driver installatin required. In fact, the hst cmputer is nt invlved and unaware f the authenticatin prcess. Flash Padlck prvides cmplete PIN management. Zer File System Cnfiguratin. Since the drive can nly munt after authenticatin, there is n need fr extraneus partitining. The user experiences a single partitin that utilizes the entire media. Ease f Use. The Flash Padlck usage mdel is intuitive and resembles that used with debit cards and ATM machines. The user remembers a shrt PIN as ppsed t a lng and cmplex passwrd. Immune t hst-riginated attacks. Since n Flash Padlck cmmunicatin channel exists when lcked, it is immune t attacks riginating frm its hst. Tw Factr Authenticatin. Flash Padlck makes a natural Tw Factr Authenticatin device recmmended by gvernment and financial institutins. The term Tw Factr Authenticatin is used t describe an authenticatin mechanism that requires (1) smething yu have (Flash Padlck) and (2) smething yu knw (PIN). 4 SUMMARY The prliferatin f UFDs pses a unique security threat fr peple and institutins that need t prtect sensitive infrmatin. A rbust authenticatin mechanism is required t secure Flash drives and their cntent. Passwrd authenticatin is hst dependent, cmplex, and susceptible t hacking attacks. Bimetrics are expensive and unreliable. Flash Padlck is a self-secured and crss platfrm USB Flash drive that takes a new apprach t drive security. Flash Padlcks strike the ptimal balance between usability, security, and price. Flash Padlcks are develped and prduced by Crsair Memry ( based n licensed DataLck technlgy frm ClevX, LLC ( ). Cpyright ClevX, LLC Page 4 f 5

5 5 APPENDIX: AUTHENTICATION COMPARISON TABLE Lcking principle Flash Padlck - White Paper Feature Flash Padlck Passwrd Bimetric Electrmechanical - the UFD is inaccessible until the crrect PIN cmbinatin is entered n the device itself Encrypted private znes accessed by passwrd - authenticatin frm hst Requires Media Partitining N Yes Yes Hst exchanged passwrd N Yes Yes* Detectable by hst Only when unlcked At all times At all times Device lcked by default Yes N N Requires pre-cnfiguratin N Yes Yes Functins supplied by hst Nne Yes Yes Offline peratin Yes N N Hst/OS independence Yes N N Vulnerability t hacking frm hst Nne Pssible Pssible Security prfile recnfiguratin Optinal Yes Yes Reliability High High Medium Encrypted private znes accessed by finger print authenticatin with passwrd backup User must remember Shrt PIN Passwrd Backup Passwrd Reliability depends n passwrd length and cmplexity Vulnerability t passwrd grabbing Vulnerability t ff-line passwrd guessing N Yes Yes ** N Yes N N Yes Yes* Impact n price Minr Minr Substantial * Vulnerability is present via the passwrd backup mechanism ** User must remember backup passwrd Cpyright ClevX, LLC Page 5 f 5