FIPS-certified USB drives have security flaws

The recently reported discovery of a vulnerability in supposedly secure USB flash drives has prompted a review of the certification process for cryptographic modules under the Federal Information Processing Standards. The flaw could potentially allow unauthorized access to encrypted data

At least three USB drive models subject to the vulnerability discovered by the German security firm SySS had received the FIPS 140-2 certification, a requirement for government encryption tools administered in this country by the National Institute of Standards and Technology.


Related story: South Korean military bans USB flash drives


“We are in the process of reviewing the information on this vulnerability,” NIST officials said in a statement issued Friday. “From our initial analysis, it appears that the software authorizing decryption, rather than the cryptographic module certified by NIST, is the source of this vulnerability. Nevertheless, we are actively investigating whether any changes in the NIST certification process should be made in light of this issue.”

Affected FIPS certified devices include the SanDisk Cruzer Enterprise FIPS Editions CZ32 and CZ46 in 1G, 2G, 4G and 8G; and the Verbatim Corporate Secure FIPS Edition in 1G, 2G, 4G and 8G. A number of other USB drive models from SanDisk, Verbatim and Kingston not certified under FIPS also are affected by the vulnerabilities.

All three companies have issued software updates to correct the problem.

The vulnerability was reported in December by SySS, where researchers also created a tool to exploit it. The drives use the AES encryption algorithm with a strong 256-bit key to encrypt data stored on the devices. The AES algorithm remains secure, but the problem lies in the application running on the host computer to validate the password used to authorize decryption of data. Researchers found that the program sends the same character string to the drive to authorize decryption when the proper password is used. By inserting a tool in the password entry program to ensure that it always sends that authorization string, regardless of the password entered, users can decrypt data without using the proper password.

To date, FIPS certificates for the affected USB drives have not been revoked.

The FIPS Cryptographic Module Validation Program is a joint effort of NIST and the Communications Security Establishment of Canada to ensure that cryptographic tools meet government standards for performance and security. The most recent cryptographic standard, FIPS 140-2, was released in 2001. Testing is done by independent labs accredited by NIST, and the FIPS validation is required in cases where encryption of data is required.

About the Author

William Jackson is a Maryland-based freelance writer.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Tue, Jan 12, 2010 RayW

http://news.techworld.com/storage/3209946/sandisk-verbatim-warn-of-usb-drive-security-flaw/ has a more complete writeup of the issue and there are several other sites with varying information. What it looks like is that the computer software sends the same stream to all the devices (of a given model). So how does modifying the PC software solve the problem? From what some 'analysts' are saying over the past few days, the drives are fine, but the access to the drives is a one key fits all (of any given model) system. Sounds like a rewrite time for the FIPS.

Mon, Jan 11, 2010 PD

CMVP means just that -- module validation, and you can't rely on module validation as some kind of imprimatur on an entire solution. If you want software or functionality assurance you need to be looking at Common Criteria evaluations, not just CMVP results in a vaccuum. This debacle is the inevitable result of firms taking clearly-defined security evaluation terms into the blurry consumer/retail space, and over-selling their offerings.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group