1
Data security for portable storage devices Hiddn Crypto Adapter REVIEW DATA SECURITY Losing USB storage devices can be a disaster in terms of sensitive data, but a Norwegian company has come up with a possible solution To test the Hiddn Crypto Adapter, we took a Kingston DataTraveler 102 4GB USB flash drive and formatted it using the VFAT file system – the most common choice for flash drives. We copied files to the drive as a native, unencrypted device and achieved an average write speed of 7MB/s. We then placed the DataTraveler into the Crypto Adapter and re-created the partition table and file system before copying the same files across again. While CPU utilisation was unaffected thanks to the AES encryption taking place in the Adapter itself rather than on the host system, throughput did suffer – dropping to an average 5.6MB/s write speed. Despite this drop in performance, the Hiddn Crypto Adapter is easy to use and an excellent way to ensure heightened levels of security for external storage devices. www.hdd.no More information Hiddn Crypto Adapter Review Hiddn Crypto Adapter £151 that harks back to the days of the original Big Trak – with integrated smartcard reader. The side of the device has a mini-USB input, while the top features a single USB port to connect the device to be secured. Inside its plastic housing is some clever hardware. Each unit includes the power required to read the smartcard, verify the PIN and unlock the storage device – and a processor which takes on the task of encrypting the data on the fly using the AES-256 algorithm, which is FIPS 14-2 Level 3 and Common Criteria EAL4+ approved. It’s this integration of cryptography hardware that makes the Hiddn Crypto Adapter so clever. Unlike rival systems, the cryptography is transparent to the host operating system and requires no drivers or elevated permissions to operate – if the host platform supports USB mass storage devices, it will work with the Adapter. The built-in cryptographic hardware also removes the strain from the host processor, making the Hiddn Crypto Adapter a better choice for slower systems than a software-based encryption solution. The integrated code-entry pad and smartcard reader also offer an additional level of protection: because the two-factor authentication is carried out on the Adapter itself, with the card being inserted and the PIN entered to unlock the storage device, eavesdropping packages on the host PC aren’t able to capture the PIN or smartcard code at any point. In use, the Hiddn Crypto Adapter is pleasingly straightforward: connect it to two USB ports on a host system – or a single port if you’re using the optional mains adapter for power – and insert the USB storage device to be secured. Slide the smartcard into the reader, enter the PIN and it will appear on the host system. At this point, the drive is encrypted – which means that any data on the device will be invisible to the operating system. A new partition table will need to be written, along with a new file system – after which the drive will no longer operate without the Adapter unless wiped clean once again. If the host platform supports USB mass storage devices, it will work with the Adapter At no point during testing did we feel limited by the speed, or run into any incompatibilities. The Hiddn Crypto Adapter is a very smart piece of kit, offering impressive security in an easy-to-use package. While its price puts it out of the reach of most home users, for companies with large quantities of storage devices to secure it works out significantly cheaper than buying ‘secure’ flash drives. Sadly, the company’s claims of no performance loss weren’t proven during our testing of the device. Gareth Halfacree Pros An easy way to quickly increase the security of any USB mass storage device Cons Expensive for firms with few devices to protect; some speed is sacrificed for security It’s a topic which is, sadly, becoming increasingly commonplace in the press: large businesses or government departments losing high-capacity USB storage devices, which are now often no larger than a keyring, containing confidential customer lists. The most common solution to the problem is software encryption, which can be complex, or buying flash drives with built-in cryptography, which is typically expensive. Norway-based High Density Devices has another solution, however: the Hiddn Crypto Adapter, a device that turns any USB mass storage compliant device into an encrypted lockbox, protected via two- factor authentication. The device itself takes the form of an external keypad – with a design Also consider Kingston DataTraveler Vault £26 (4GB model) The Kingston DataTraveler Vault series integrates the same 256-bit AES encryption technology as the Hiddn Crypto Adapter into the device itself, removing the requirement for additional hardware. However, it’s more expensive than buying a plain flash drive – a concern for companies with large quantities of storage devices – and doesn’t include two- factor authentication. www.kingston.com TrueCrypt Free TrueCrypt offers impressive software-based whole-drive encryption for any device for free, and can even integrate with smartcard readers for two-factor authentication with the purchase of a third-party smartcard reader. Usage can be complex for less technical users, however, and the software encryption is slow on older hardware. www.truecrypt.org System USB mass storage support Requirements (OS agnostic) Power 2x USB or optional 5V@1A DC power supply Processor Custom Hiddn Crypto module Authentication Smartcard, PIN entry Maximum 40MB/s (manufacturer’s Throughput rating) Encryption AES, 256-bit Size 111 x 85 x 27mm Weight 133g, excluding cables Technical specs The keypad allows PIN entry that can’t be eavesdropped on by the host system An integrated smartcard reader provides two-factor authentication Any USB mass storage compatible device can be connected to the top USB port The supplied mini-USB cable connects the Adapter to two USB ports on the system A custom processor inside the Adapter takes the pressure off the system CPU during encryption and decryption When copying files to a USB flash drive, we found that the write speed dropped slightly when using the Crypto Adapter Reproduced by kind permission of Linux User & Developer Issue 101 072-073_LUD_101.indd 72-73 21/6/11 11:47:26

[hiddn] crypto adapter reviewed

  • Upload
    crypsys

  • View
    214

  • Download
    1

Embed Size (px)

DESCRIPTION

[hiddn] crypto adapter reviewed by Linux user 101.

Citation preview

Page 1: [hiddn] crypto adapter reviewed

Data security for portable storage devicesHiddn Crypto Adapter

REVIEW

DATA SECURITY

Losing USB storage devices can be a disaster in terms of sensitive data, but a Norwegian company has come up with a possible solution

To test the Hiddn Crypto Adapter, we took a Kingston DataTraveler 102 4GB USB fl ash drive and formatted it using the VFAT fi le system – the most common choice for fl ash drives. We copied fi les to the drive as a native, unencrypted device and achieved an average write speed of 7MB/s.

We then placed the DataTraveler into the Crypto Adapter and re-created the partition table and fi le system before copying the same fi les across again. While CPU utilisation was unaffected thanks to the AES encryption taking place in the Adapter itself rather than on the host system, throughput did suffer – dropping to an average 5.6MB/s write speed.

Despite this drop in performance, the Hiddn Crypto Adapter is easy to use and an excellent way to ensure heightened levels of security for external storage devices. www.hdd.no

More information

Hiddn Crypto AdapterReview

Hiddn Crypto Adapter £151

that harks back to the days of the original Big Trak – with integrated smartcard reader. The side of the device has a mini-USB input, while the top features a single USB port to connect the device to be secured.

Inside its plastic housing is some clever hardware. Each unit includes the power required to read the smartcard, verify the PIN and unlock the storage device – and a processor which takes on the task of encrypting the data on the fl y using the AES-256 algorithm, which is FIPS 14-2 Level 3 and Common Criteria EAL4+ approved.

It’s this integration of cryptography hardware that makes the Hiddn Crypto Adapter so clever. Unlike rival systems, the cryptography is transparent to the host operating system and requires no drivers or elevated permissions to operate – if the host platform supports USB mass storage devices, it will work with the Adapter. The built-in cryptographic hardware also removes the strain from the host processor, making the Hiddn Crypto Adapter a better choice for slower systems than a software-based encryption solution.

The integrated code-entry pad and smartcard reader also offer an additional level of protection: because the two-factor authentication is carried out on the Adapter itself, with the card being inserted and the PIN entered to unlock the storage device, eavesdropping packages on the host PC aren’t able to capture the PIN or smartcard code at any point.

In use, the Hiddn Crypto Adapter is pleasingly straightforward: connect it to two USB ports on a host system – or a single port if you’re using the optional mains adapter for power – and insert the USB storage device to be secured. Slide the smartcard into the reader, enter the PIN and it will appear on the host system.

At this point, the drive is encrypted – which means that any data on the device will be invisible to the operating system. A new partition table will need to be written, along with a new fi le system – after which the drive will no longer operate without the Adapter unless wiped clean once again.

If the host platform supports USB mass storage devices, it will work with the Adapter

At no point during testing did we feel limited by the speed, or run into any incompatibilities.

The Hiddn Crypto Adapter is a very smart piece of kit, offering impressive security in an easy-to-use package. While its price puts it out of the reach of most home users, for companies with large quantities of storage devices to secure it works out signifi cantly cheaper than buying ‘secure’ fl ash drives. Sadly, the company’s claims of no performance loss weren’t proven during our testing of the device.

Gareth Halfacree

ProsAn easy way to quickly increase the security of any USB mass storage device

ConsExpensive for fi rms with few devices to protect; some speed is sacrifi ced for security

It’s a topic which is, sadly, becoming increasingly commonplace in the press: large businesses or government departments losing high-capacity USB storage devices, which are now often no larger than a keyring, containing confi dential customer lists.

The most common solution to the problem is software encryption, which can be complex, or buying fl ash drives with built-in cryptography, which is typically expensive.

Norway-based High Density Devices has another solution, however: the Hiddn Crypto Adapter, a device that turns any USB mass storage compliant device into an encrypted lockbox, protected via two-factor authentication.

The device itself takes the form of an external keypad – with a design

Also consider

Kingston DataTraveler Vault £26 (4GB model)The Kingston DataTraveler Vault series integrates the same 256-bit AES encryption technology as the Hiddn Crypto Adapter into the device itself, removing the requirement for additional hardware. However, it’s more expensive than buying a plain fl ash drive – a concern for companies with large quantities of storage devices – and doesn’t include two-factor authentication. www.kingston.com

TrueCrypt FreeTrueCrypt offers impressive software-based whole-drive encryption for any device for free, and can even integrate with smartcard readers for two-factor authentication with the purchase of a third-party smartcard reader. Usage can be complex for less technical users, however, and the software encryption is slow on older hardware.www.truecrypt.org

System USB mass storage support Requirements (OS agnostic) Power 2x USB or optional 5V@1A

DC power supply Processor Custom Hiddn Crypto

module Authentication Smartcard, PIN entry Maximum 40MB/s (manufacturer’s Throughput rating) Encryption AES, 256-bit Size 111 x 85 x 27mm Weight 133g, excluding cables

Technical specs

The keypad allows PIN entry that can’t be eavesdropped on by the host system

An integrated smartcard reader provides two-factor authentication

Any USB mass storage compatible device can be connected to the top USB port

The supplied mini-USB cable connects the Adapter to two USB ports on the system

A custom processor inside the Adapter takes the pressure off the system CPU during encryption and decryption

■ When copying files to a USB flash drive, we found that the write speed dropped slightly when using the Crypto Adapter

Reproduced by kind permission of Linux User & Developer Issue 101

072-073_LUD_101.indd 72-73 21/6/11 11:47:26

Crypto Virology

Crypto Virology

Documents
Coding & Crypto

Coding & Crypto

Documents
Exposé crypto

Exposé crypto

Documents
Crypto Blunders

Crypto Blunders

Documents
crypto - Erlang Programming Languageerlang.org/doc/apps/crypto/crypto.pdf · 1.1 Licenses 2 | Ericsson AB. All Rights Reserved.: crypto 1 Crypto User's Guide The Crypto application

crypto - Erlang Programming Languageerlang.org/doc/apps/crypto/crypto.pdf · 1.1 Licenses 2 | Ericsson AB. All Rights Reserved.: crypto 1 Crypto User's Guide The Crypto application

Documents
Web Crypto

Web Crypto

Internet
Crypto Code - insomnihack.ch · Street cred Wrote and reviewed some crypto code Like code for millions unpatchable devices Made many mistakes Tested many tests

Crypto Code - insomnihack.ch · Street cred Wrote and reviewed some crypto code Like code for millions unpatchable devices Made many mistakes Tested many tests

Documents
Crypto Aes

Crypto Aes

Documents
Crypto Map

Crypto Map

Documents
Crypto notes

Crypto notes

Technology
Crypto Theory

Crypto Theory

Documents
Classic Crypto

Classic Crypto

Documents
pset2: Crypto oldman pset2: Crypto Caesar Vigenere

pset2: Crypto oldman pset2: Crypto Caesar Vigenere

Documents
Crypto Application Coding - New Era · Crypto Application Coding ... NONINFRINGEMENT. In no event will Greg Boyd or Mainframe Crypto, LLC be ... • Refresher • Crypto Functions

Crypto Application Coding - New Era · Crypto Application Coding ... NONINFRINGEMENT. In no event will Greg Boyd or Mainframe Crypto, LLC be ... • Refresher • Crypto Functions

Documents
Water Crypto

Water Crypto

Documents
From Crypto-Theory to Crypto-Practice 1 CHAPTER 12: From Crypto-Theory to Crypto-Practice I I.SHIFT REGISTERS The first practical approach to ONE-TIME

From Crypto-Theory to Crypto-Practice 1 CHAPTER 12: From Crypto-Theory to Crypto-Practice I I.SHIFT REGISTERS The first practical approach to ONE-TIME

Documents
Defcon Crypto Village - OPSEC Concerns in Using Crypto

Defcon Crypto Village - OPSEC Concerns in Using Crypto

Internet
Crypto winter or Crypto spring? - mmcventures.com€¦ · MMC Ventures Crypto winter or Crypto spring? easons to be optimistic about the UK’s blockchain ecosystem 5 Different consensus

Crypto winter or Crypto spring? - mmcventures.com€¦ · MMC Ventures Crypto winter or Crypto spring? easons to be optimistic about the UK’s blockchain ecosystem 5 Different consensus

Documents
CHAPTER 14 : From Crypto-Theory to Crypto-Practice

CHAPTER 14 : From Crypto-Theory to Crypto-Practice

Documents
Crypto Inactivation

Crypto Inactivation

Documents
Crypto Seminar

Crypto Seminar

Documents
CRYPTO-MAP User Guideportal.cryptocard.com/documentation/MAS/CRYPTO-MAP_Guide-EOU.… · CRYPTO-MAP Guide – End User Edition CRYPTO-MAP User Guide Page 3 1. Introduction The purpose

CRYPTO-MAP User Guideportal.cryptocard.com/documentation/MAS/CRYPTO-MAP_Guide-EOU.… · CRYPTO-MAP Guide – End User Edition CRYPTO-MAP User Guide Page 3 1. Introduction The purpose

Documents
CHAPTER 1 2: From Crypto-Theory to Crypto-Practice I

CHAPTER 1 2: From Crypto-Theory to Crypto-Practice I

Documents
Crypto Key

Crypto Key

Documents
Crypto hlug

Crypto hlug

Technology
crypto arthematic

crypto arthematic

Documents
Airbitz crypto

Airbitz crypto

Documents
Introduction to Virtio Crypto Device · 2017. 12. 22. · Guest: crypto Apps Frontend: virtio-crypto driver Backend: virtio-crypto device alt Symmetric services with session mode

Introduction to Virtio Crypto Device · 2017. 12. 22. · Guest: crypto Apps Frontend: virtio-crypto driver Backend: virtio-crypto device alt Symmetric services with session mode

Documents
Entrust Crypto Health Check and Crypto Governance Consulting

Entrust Crypto Health Check and Crypto Governance Consulting

Documents
Crypto Slides

Crypto Slides

Documents