Comments on: Trust – Certifications

By: jesse Dziedzic

jesse Dziedzic — Thu, 20 Oct 2011 18:41:15 +0000

Thankfully some bloggers can still write. My thanks for this piece..

By: Emmanuel Carabott

Emmanuel Carabott — Tue, 02 Feb 2010 11:42:59 +0000

Hi John, I think I might not have been very clear in my article. You see, the security issue was with the USB drive itself not with the certification. In that FIPS 140-2 lvl2 certifies drives that use approved encryption and have anti physical tempering measures. In the case illustrated in this article the vendor had an application that authenticated the password using approved encryption algorithms but that’s all the application did, once the password was verified it then used the same key to authenticate with the drive itself.

I am speculating a little here since obviously I didn’t do the research myself but I suspect the vendor uses the same cryptographic key to decrypt the data within the USB drive and then encrypts that cryptographic key with the password provided by the user. The security flaw in this was the vendor’s implementation, that is they used the same cryptographic key on every drive meaning that all a malicious person would need to do is patch the USB drive application to send the proper key irrespective of the decrypted key. This would make it so that the patched application would decrypt any USB drive of that vendor even when a bad password is entered. Since the drive was still using an approved encryption algorithm it still could be certified as FIPS 140-2 lvl 2.

In a way it’s like a vendor issues a garage door remote where all remotes send the same encrypted signal. No one can decode the signal itself but they don’t need to as any remote can open any door anyway. Likewise here the vulnerability wasn’t with the encryption but with the implementation of that encryption. Hope I was clear. Let me know if you have any more questions.

Conclusion is if a device is Certified FIPS 140-2 level 2 it doesn’t mean that it’s insecure, it just doesn’t necessarily mean it’s secure. Depends on how good a job the vendor did.

By: John Mello

John Mello — Mon, 01 Feb 2010 16:21:00 +0000

Emmanuel—do you know if the security problem with FIPS 140-2 Level 2 also apply to FIPS 140-2 Level 3?

By: Emmanuel Carabott

Emmanuel Carabott — Fri, 29 Jan 2010 10:05:44 +0000

Yes well I wasn’t expecting any of them to close down really and neither should they. Hopefully they learned from what happened and introduced better QA to ensure something like that doesn’t happen again. I am sure that once the DataTraveler 5000 hits the market it will be very well tested by the community!

On my side I just hope that my article will help people who read it, avoid the mistake of thinking that FIPS 140-2 Level 2 (or any other certification really) is idential to definitely safe. Always remember, certifications just helps one make a good decision by pointing to the right direction, nothing else.

By: John Mello

John Mello — Thu, 28 Jan 2010 19:21:23 +0000

Emmanuel—Despite this flaw, it seems that it’s business as usual for some USB drive makers, as this announcement yesterday by Kingston indicates:

“Flash memory device maker Kingston on Wednesday released its DataTraveler 5000 USB flash drive meant for government and enterprise customers. Secured by SPYRUS technology gives it 256-bit AES hardware-based encryption, FIPS 140-2 Level 2 certification, XTS-AES cipher mode and elliptic curve cryptography (ECC) algorithms to meet the US government’s Suite B standards.

“FIPS 140-2 certification meets federal standards set out by the National Institute of Standards and Technology (NIST). Level 2 means the DataTraveler 5000 has a tamper-evident construction, a power-on self test that verifies encryption is operating as it should every time the drive is plugged into a USB port.”