[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 584
  • Last Modified:

Hacking 64Bit DES encrypted HDD

I have a hardware device that claims to provide
real time 64bit DES encryption.

http://www.koutech.com/proddetail.asp?linenumber=187

I want to know if this has been hacked or is
actually secure.

Has anyone seen one of these devices ?
do they really provide security ?

How long would it take a large weathy tech corp.
to hack its way into this info ?

I will leave this sit for 2 weeks to see how many results I get.
0
joncolby
Asked:
joncolby
  • 5
  • 5
  • 3
  • +5
1 Solution
 
ccomleyCommented:
64 bit DES can be cracked if you have the time and CPU cycles to use on it.

When DES is used for VPN communication between firewalls, these days it's common to use 3DES as a minimum and then typically one changes the encryption key every 8 hours, or more often. That way if anyone cracks your key, it'll take them several hours, then just as they sit down to start reading your data... the key changes! Even if they *record* the encrypted data stream the most they get is 8 hours worth before they have to start cracking the new key.

But with an encrypited disk you can't change the key "on the fly" coz then you have to stop working altogether whilst the software goes through the WHOLE disk and re-encrypts the existing data with the new key.

As with any security measure, you have to decide how important the data is, how likely it is someone might be trying to get at it, etc. Physical security is *as ever* your primary concern. If people can't get at the disk, they can't look at the disk. With disk encryption your fears are

- someone may steal the computer to try to get the data that's on it
- someone may find the disk at teh junk yard after you throw it away

The former problem is addressed by physical security, you're add disk encryption as an extra "layer". The latter is addressed by proper disposal procedures - hard-erasing the disk, shredding it, etc., before disposing of it.

So if you're worried you mum might find your collection of Nina Hartley pix on your home computer, this is very secure. If you're running a major bank or inventing a new super-weapon that someone might try to steal the plans of, then it's probably not secure enough but you will, of course, be using the disk encryption as an extra layer, anyone who gets in and steals the disk has already killed ten guards, avoided the minefield, dodged around the attack dogs, etc... :-)

0
 
kneHCommented:
DES encryption a valid encryption
Companies like RSA, securecomputing and cryptocard use it.

>Has anyone seen one of these devices ?
Not seen one that encrypts/decrypts in real time before... but then again I've never seen a million dollars either....

>do they really provide security ?
They will provide the encryption they state... DES 64bit... if that's enough for you then yes they provide security. A form of anyways seeing ANYthing can be cracked/hacked.

>>How long would it take a large weathy tech corp. to hack its way into this info ?
Depends... if they duplicate the usb stick (which will take a couple of mins) no time at all (except for those couple of mins)
If they are gonna brute force it... well that'll take them long...
0
 
softplusCommented:
The question is, what do you have that makes it worth the investment needed to hack it?

Sure 64bit DES isn't the highest quality encryption, but sometimes it doesn't even have to be. Maybe there's even no reason to crack the encryption, check the other routes: just steal the stupid key ... Did you hear about some car thieves in India? They kidnap the owner so that they can steal the car with biometric access-control...

Another point of view: How can you be sure the encryption is really 64bit DES and implemented properly? You can't - it's a matter of trust. How do you know that the company hasn't logged your key-ID (say if you call up and need a replacement, etc.)? In this case how easy is it to call the company and ask for a replacement -- for a hacker? How easy is it to hack the company's database with the key-IDs and to reproduce them?

Getting the data through another door: somehow you're going to have to save your data on that harddisk - but how does it get there? Is it downloaded through a network? (install a logger)  Entered through a keyboard? (install a keylogger, sw or hw) Are your running a known operating system? (install a logger, trojan, hack the os while it's running, etc.)

There are so many ways to get to the data, if it's worth the effort. Breaking the 64bit DES is just one way - brute force - and possibly the most "expensive" way (CPU time needed, etc.), unless the implementation is not safe, in which case it could be "easy enough".

I don't quite understand for what you'd use it for: when the system is running, the encryption has no use (i.e. it's done transparently, you don't notice it). when the system is not running, the encryption guards against someone a) starting the computer without a key and b) someone stealing the hard disk. For a) you can use any other authentication device / system, even a long password! If you're worried about b) then the "bad guy" already has physical access to your computer and then you aren't sure what else has been installed / changed / removed / copied - once he has physical access, he can do about whatever he wants; he can even install a hidden camera to watch you use the computer :)

John
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
ahoffmannCommented:
ok, lets assume the data is safe on the disk
Then I guess someone interrested but not authorized in that data simply uses any program/application installed on your computer to get it (trojan, virus, etc.).
This leads to the question (already mentioned in previous comments): how secure is your platform using this devices?
Next question would be: how and where is the backup of your safe data? Is it encrypted too?
Do you know how to get your data back if the device crashes?

Keeping this all in mind, is your data worth all the efforts to do additional after bying and installing such a device? That are the questions your should answer first, IMHO.
0
 
kneHCommented:
Also if you know from whom you wish to shield your data you can create a solution aimed at that.
Would be cheaper :)
0
 
FalconHawkCommented:
Lets start with: NOTHING is unhackable. simple as that. if you put on the time, it can be hacked.

64 bit encryption means that they take a prime number with 64 numbers, and multiplies it with another 64 bit prime number. now, you get a number that can ONLY be devided true 1 and, you guess it, the prime number. To succesfully decrypt, you need to know the prime umer that was used. If a compter trys it the brute force way, it can take a REAL lot of time. i tested it once on my casio calulation, with the PRIME program installed on it. 6 numbers primes took it 5-10 min. 1 digit more and i had to reset or break :). Computers are sure faster, but the number is also longer.

Now, if it takes so long, why is it still hackable then? you can say its hackable, but with time. Well, there is a sleight catch. If the hacker manages to find out how the programs encryption actually works, he might be able to find out what the number really was. Try this line: vsm upi trsf yjod. I typed it one key further right on the keyboard. it sure is unreadable, if you dont take some time to firgure ou what i did. But if i (like the encryption software) do the same trick again, you will sure find out. Hackers try this by seeing a lot of inputs with outputs, and then seeing what the match between them is. Or they simply reverse engineer/decompile the encryption program, to see what encryption is used. Thats also the cause why a 64 bit encrption, most times is better then a poorly written 512 one.

Now, for your harddisk. Well, of course nothing is safe. maybe your code is cracked, maybe it isnt. And second, is it WORTH being cracked? i always compare cracking to breaking into houses. If you see a house with a security system, and another house with none, and you have no idea of whats inside, then you choose the one with the least problems, the one without the system. Even if you have a global idea, you should think about: theres 100 dollar in that house, and it takes me 30 days to get in... is that worth it? most times the answer is NO. I think your capable of translating this to your harddisk, so i wont do that ^^
0
 
fixnixCommented:
Excellent points above (all posts).  Can't really add much except an interesting link on DES itself and exactly what is involved in brute forcing the key (which as earliet stated is merely one way to defeat suce security)

From http://www.tropsoft.com/strongenc/des.htm

"In addition, it has been shown that for a cost of one million dollars a dedicated hardware device can be built that can search all possible DES keys in about 3.5 hours."

I'm not sure when that article was written, the site itself is copyrighted no later than 2004, and as time goes on faster computation can be done for less money.
0
 
softplusCommented:
To crack DES, think "distributed" - one device for 1M, or 1000 devices for 1K (which you already have available for free) - it doesn't quite work that way, but you get the idea. Cracking one DES-encoded dataset is just a function of money + time; more money = less time :)). Wish I had more money AND more time, but such is life.

Looking back at these comments, I can't find any real reason for a device like this, except possibly for a laptop (wouldn't fit). Anyone? Where would a device like this make sense?

John
0
 
kneHCommented:
Public computer containing a drive which people should not be allowed to access.
0
 
softplusCommented:
But what reason would there be for a public computer where there is a drive with data on it, that people have physical access to (i.e. they can open the computer, take a hammer to the drive) but not be allowed to read the data on it? Your data is only valuable if you can "use" it - if it can be effectivly blocked by a 3rd party, it doesn't matter if it's encrypted or not when it's gone :). If the public computer is not connected to anything else (i.e. backup / storage devices, networks) the original data can be destroyed - even if it is not readable. If the data is replicated elsewhere, then there's no reason to keep it localy in a location where it is physically vunerable. Or am I missing something? :)
0
 
Rich RumbleSecurity SamuraiCommented:
If your a "large weathy tech corp" then you see about purchasing the plans for the DES cracker, hardware cracking is much much faster than software cracking (ala brute force on pc's)
http://www.eff.org/Privacy/Crypto/Crypto_misc/DESCracker/
56-bit encryption was broken in 56 hours... using the deep crack machine. It's unknown how long it'd take for 64-bit, most likely a new machine would have to be built
"Another group recently cracked the 56-bit standard in 39 days, using thousands of individual computers working simultaneously to find an encrypted messages' key."

And now combine the two resources of distributed processing and deep crack
http://www.rsasecurity.com/rsalabs/node.asp?id=2108 22hrs 15minutes

DES is old, 1977, try 3DES or IDEA, PGP something more modern.
-rich
0
 
kneHCommented:
>>(i.e. they can open the computer, take a hammer to the drive) but not be allowed to read the data on it?

I'd rather throw my wallet down the drain than give it to a thief.
Same for data.

Just think of something like a small company.
Only one or two computers... and management as well as finance uses it + people from the workfloor (just thinking aloud here).
I'd want to keep certain parts from being viewed. A second HDD with encryption would do the trick.
0
 
softplusCommented:
>DES is old, 1977, try 3DES or IDEA, PGP something more modern.
Age shouldn't matter, unless it's broken :), but you're right, there are alot of newer algorithms.

>I'd rather throw my wallet down the drain than give it to a thief.
Nice comparison :)

>Just think of something like a small company.[...]
Wouldn't PGPdrive or even EFS be enough for a situation like that (probably even just using ACLs..)? Ok, lots of ways to cover a situation like that, including this device. Just wondering, would you recommend it (or something similar) to a user in that situation?
0
 
Rich RumbleSecurity SamuraiCommented:
EFS is flawed, recovery is too easy. I have commented on this time and time again, using a 3rd party solution is better
previous links:
http://www.experts-exchange.com/Security/Win_Security/Q_20945638.html?query=richrumble+EFS&clearTAFilter=true

-rich
0
 
ahoffmannCommented:
PGP/GnuPG answers some of my questions too, see http:#13892863
0
 
joncolbyAuthor Commented:
cool
Thank you all for your input.

Anyone know of a better encryption device for ide or sata hard drives ?
I am trying to find hardware encryption solution.


-Jon
0
 
kneHCommented:
Nope...

But why'd ya need one of those?
Software will do the trick

as ahoffman stated pgp and gnupg are good. Virtually unbreakable.
www.gnupg.org
www.pgpi.com
0
 
softplusCommented:
Hi Jon, what did you decide in the end? (just wondering) :)
0
 
joncolbyAuthor Commented:
I decieded that I want to find a 3des or better hardware encryption device for my hard drive.
anyone know of any such beast. ?
0
 
Rich RumbleSecurity SamuraiCommented:
FYI
http://www.schneier.com/blog/archives/2005/06/seagates_full_d.html (targeted to laptops currently)
-rich
0
 
ahoffmannCommented:
FYI
http://www.heise.de/security/artikel/61431 (targeted to GStor-Plus)
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 5
  • 5
  • 3
  • +5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now