Classic black, small and secure
USB hard disk with AES encryption
by Christiane Rütten
This article originally appeared in c't 8/09, p. 59.
The Lenovo ThinkPad USB Secure Drive exhibits strong design values, inside and out.
Having examined some low cost USB crypto hard disks and found them disappointing we take a look at a more up-market product from Lenovo.
The physically elegant but rather awkwardly named "ThinkPad USB Secure Hard Drive" from Lenovo, is available in 160 or 320 gigabytes capacities. This crypto disk is supplied with a neoprene carry pouch, a USB extension, a USB power cable and brief instructions. Its USB transfer rates: 33 MB/s read and 30 MB/s write are more or less state of the art. The drives can be ordered from the Lenovo UK web site at £108.16 for the 160 gigabyte drive and £159.50 for the 320 gigabyte version.
When you plug the drive into a USB port on a PC, initially nothing happens – apart from the status LED lighting up. Only after you log in with a six to sixteen-digit PIN, using the built-in numeric pad, does the controller allow the PC to access data. Once unlocked the drive does not require a driver and it acts like any other USB mass storage device. There is an admin mode that allows the user to set access codes for up to ten users.
Crypto oddities
In contrast to the low cost drives[1] we looked at, even if you take this product apart, which in this case is quite easily done, you won't get at the data. No PINs or cryptographic keys are kept on the disk; all the key related data is stored in the controller. As we found, the controller encrypts the complete disk with the AES-128 algorithm, which has withstood all cryptological attacks so far.
Oddly it does this in the most inelegant block mode, ECB. This means that there is precisely one 16-byte block of cipher for every 16-byte block of plain text, so despite the encryption, certain structures such as block repetitions remain discernible in the encrypted data. It is possible to use a codebook attack to reconstruct a small number of the total of 2128 possible 16-byte blocks, without knowledge of the crypto key.
Why the developers skimped on the block mode of all things is hard to understand, because otherwise the product seems to be of high quality and well designed throughout. However, practically speaking this is nit-picking because the ECB mode only reduces data integrity by an insignificant amount. Lenovo's ThinkPad USB Secure Hard Drive is a rock solid data security product.
(cr/c't)
References
[1] Christiane Rütten, Budget encryption – Attacking a weak crypto system, a feature from The H Security.
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
