Review: Secure Flash Drives
- 13 September, 2012 09:00
Verbtaim Store'N'Go Business Secure
USB flash drives are the modern floppy, albeit considerably larger and faster. They make our lives easy for taking data on the road, sharing with colleagues over sneakernet, and given their rapidly increasing size even acting as backup devices. They're also darn handy for installing software from ISO images.
But inherent to their nature, they can be incredibly easy to lose. And if a lost or stolen flash drive should contain something important, you don't necessarily want the data on it falling into the wrong hands.
So if USB flash drives are part of your work, and security is important, can you rely on secure USB flash drives to really be secure?
It's a good question that we set out to answer with a sample of secure USB flash drives currently available. We deliberately chose a cross-section of manufacturers and models to get a snapshot of what devices are out there and what you can expect from secure USB drives.
Page Break
Types of securityThere are various methods to secure the data on a USB flash drive:
• Software encryption. The cheapest solution, some secure USB keys will come with software that encrypts data for you. Unlike their hardware-based counterparts, this is often little more than individual encrypted files on the drive. However, this may be all you need, and since the security software is bundled free bundled with standard USB flash drives, they're often very cheap and affordable.
• Hardware encryption. To prevent any chance of hacking a software security solution, more secure devices use on-board chips to encrypt and decrypt on the fly, with keys stored on the device itself. This also allows for an entire partition on the device to be encrypted, as well as prevent this secure partition from being read on a machine where the password isn't known. To ensure the device is always readable by a user with the password, a second unencrypted but read-only partition is included that carries the necessary software to unlock the encrypted partition. It's the optimal solution in terms of secure USB flash drive encryption, but it also costs more as a result.
• Password strength. Different products place different emphasis on how strict the password must be. As a minimum most devices will insist on upper and lower-case characters and a numeral, while others won't let you proceed unless the password meets these guidelines plus the inclusion of a special character. Good for security, harder to remember. Hardware-encryption based devices also validate the password on the device itself, preventing hacking involving reading regions in memory of software on the PC to determine legitimate passwords.
• Tamper prevention. Like encryption this can be broken down into hardware and software. Hardware is often very sophisticated and only found on the most expensive devices, and usually entails circuitry to detect physical tampering. Software can be as simple as the device secure wiping itself if the incorrect password is entered too many times (see Fail-safe wipe, below), preventing brute-force attempts to gain access.
• Physical security. Technically as non-volatile RAM the chips on-board a USB drive could be manually removed in an attempt to raw-read data, so to make this as hard as possible some drives incorporate solid nigh-unbreakable designs or, like the Ironkey, throw in an interior swamped into an epoxy to make a dismantled USB drive little more than an artistic show-piece.
• Fail-safe wipe. Also, known as a self-destruct, this is triggered if the wrong password is entered too many times or when restored as a new device with a new password set (for example to be given to a new user). In these situations you want to make sure there is no data left behind, and so a destructive wipe is employed to zero or randomise all sectors on the device to prevent any data from being recovered.
Secure USB flash drives can incorporate some or all of these features, it really depends on the make and model of the device. Ultimately the goal is the same however: to safeguard your data.
Page Break
How we tested
To test the efficacy of the devices we developed the following methodology.
First, two files with different keyword contents (to make it easier to confirm search results) are copied across, and then one of them deleted. We then run the following tests:
• Secure delete test. While logged in with the password we raw-read the disk using disk-analytical software to detect the presence of both the live file and the deleted one -- if the contents of the deleted file are found, the device doesn't pass this test. This is designed to see what happens if someone gets access to your key and knows the password, to see if they can recover deleted information. Ideally, a device would wipe the affected areas when deleting to prevent this (or more likely, fill the file with 0s or random junk then delete it, to negate any shenanigans with Windows' Recycle Bin).
• Secure wipe test. This tests what happens when the password is changed, such as when the device is given to another to use or if a lost/stolen device has the incorrect password entered too many times (if this feature is supported). After resetting the device like this, we search for the contents of both files raw-reading the device sector by sector. A good result here is a complete and unrecoverable wipe of the encrypted area, ensuring that no data can be recovered.
• Readable without password. This is a simple test to see if the device can be read when plugged into another machine (in this case a Linux box, with access to its extensive disk tools) and without access to the password. In most cases secure USB drives don't even show up if the password hasn't been entered (technically they can appear to the OS as a device with no media, much like a DVD drive with no disk inserted, which prevents attempts at even raw-access to the device). If the drive is readable, we check whether encrypted files can be read and if so the drive fails this test -- as encrypted files, once copied off, can be susceptible to brute-force attacks.
• Transfer speeds. Encryption can be CPU intensive, and while hardware-based devices do this on-board this doesn't necessarily mean it will be fast. While there are numerous tools to measure disk throughput, we settled on the sequential read and write results from an average of three runs of 64-bit Crystal DiskMark on our 64-bit Windows 7 test bench for a comparable score. Again, these are results when encryption is active and aren't necessarily comparative with USB drives when not using encryption.
• Auto-destruct. Whether the device initiates a forced secure wipe if the incorrect password is entered too many times. This is a feature that may be over the top for some users (don't go entering passwords if you're drunk!), but for some organisations this level of prevention may also be considered a necessity. It's worth noting that devices can provide secure wipe functionality (see above) while not necessarily providing an auto-destruct function as well.
Page Break
ResultsPage Break
Imation Secure+Of all the drives on test, Imation's Secure+ is the cheapest by a large margin compared to the other 2GB and 4GB units, despite being a hardware-encryption enabled device. It doesn't have as fast a read speed as its competitors, and only supports Windows, but most will likely find this isn't an issue for the price.
Imation's setup software is plain and simple -- in its favour however is an option for a 'Corporate' mode and, within this, a neat one-time password feature. The Corporate mode allows an IT administrator to setup drives and maintain full ownership while creating an additional username and login that has access to the secure partition, but unable to access other features (like changing the password).
The only downside to Imation's software is that in order to wipe the device and reset it (perhaps to hand to another user) the original first-install password must be known -- you can't simply launch the application and reset the device with a new password, as with the other devices tested here.
Page Break
Ironkey Personal D200
Ironkey is renowned as the cream of the crop for secure USB drives, but as you'd expect this comes at a price. The Personal D200 we tested here is just a 2GB unit, but weighs in at $110.
Ironkey sports a level of security most people don't need -- like an epoxy filled chassis -- but would be appealing for the most security conscious. Its software is more extensive than the other products covered here, and includes an online backup of your password (also encrypted, naturally) should the worst happen and you forget it. In addition to flexible management options (like being able to auto-lock the key after a period of inactivity) it also bundles in a 'secure' version of Firefox that can be launched directly from the key. In essence, this is keeping all of your browsing and other data encrypted on the key, ensuring the utmost privacy.
You do get what you pay for, however, with the Personal D200 the only device tested here that properly executes a secure delete when deleting files (doing a direct sector read where the file resided revealed the contents of the sector had been zeroed). It's also the fastest drive in our test, and bundles support for Windows, MacOS X and Linux.
It's easy to see why Ironkey has made a name for itself, it just bears comparing your needs versus what you're willing to pay.
Page Break
Kingston DataTraveler 6000Kingston's DataTraveler series aims its sights on Ironkey's crown, and the DataTraveler 6000 we tested here clocks in at around the same price but for a 4GB unit. It doesn't go so far as to fill its keys with epoxy, and it fails the secure delete test, but it does have a solid, waterproof and tamper-proof design and support for auto-destructing (secure wipe) if the wrong password is entered too many times.
The software works well and gets out of your way once the correct password has been entered, but doesn't sport any extra features like Imation's Corporate mode or flexible options of the Ironkey. A secure wipe can be performed directly from a tray-icon that appears when the software is running, or simply clicking on 'Forgot password', which securely formats the device and asks you to set a new password.
On the whole the DataTraveler 6000 feels solid and durable, has cleanly-designed and easy to use software, and supports MacOS X if you lean that way. Unfortunately it's also the slowest device in our test for read speed, which is disappointing given the price.
Page Break
DataTraveler Blue
Kington's DataTraveler Blue is ostensibly the cheaper, and less fully featured, offering in its secure USB drive series. However, it offers much of the same functionality with the added bonus of Linux support too – which is interesting, given they are appear to have the same hardware under the hood.
The Windows software for the Blue is also essentially the same, providing a tray-icon to easily lock/unlock or format the device. In testing it returned identical results to the DT6000 in terms of security features, but with a slightly faster read-speed for performance which is welcome.
The Linux software is command-line based and works exactly like its Windows counterpart, enabling you to login or out of the device, and format it (set a new password). Out of interest we thought we'd see if the software worked on the DT6000 too, but it didn't recognise it.
While not the fastest drive on test, it bundles clean and easy to use software and all the essential security features you expect, while being the only other drive to offer support for Linux – and at half the price of the other 2GB drive on test, the Ironkey D200.
Page Break
Sandisk Cruzer Edge
The Cruzer Edge is the only software-encryption based flash drive included here, and is essentially a standard USB flash drive with optional software that makes it easy to encrypt and manage encrypted files. In this sense, the Cruzer Edge is significantly different -- and cheaper -- than its hardware encryption based counterparts here.
Sandisk's solution works on a file-by-file basis, utilising the Sandisk SecureAccess software which first needs to be installed and a password set. Files can then be dragged onto the main SecureAccess window or to a pop-up, and rather unsightly, 'safe' icon to copy files to the USB flash drive in encrypted form.
Encrypted files are simply stored within a 'My Vaults' directory. It's not the most elegant of solutions, but we confirmed that files copied to the drive were indeed encrypted and unreadable when browsing the flash drive directly.
Files in a vault can't be edited through the SecureAccess software and, as it points out, you first need to copy them out of the vault, make changes, and copy them back. Sadly, the software is also bundled with advertising and prompts you to sign-up for newsletters and online storage with YuaaWaa. On the whole, we think you'd be better off using a free encryption solution (see the Do It Yourself boxout).
As the security is simply encrypted files on a standard flash disk, it's possible to mount the disk in another machine and copy encrypted files from it, making them vulnerable to brute-force attacks. There's also no password self-destruct function or other means of wiping the disk. That being said, the Cruzer Edge doesn't promise anything more -- it's not marketed as a secure USB flash drive, just a standard USB flash disk with optional encryption software, and for the price it's hard to argue. The software will defeat casual access should the drive be lost or stolen.
Page Break
Verbtaim Store'N'Go Business SecureVerbatim's offering sits somewhere between the Kingston DataTraveler 6000 and the Imation Secure+. In terms of design it's light and flimsy, and asks $69 for a 4GB unit. It also failed the secure delete test, and only supports Windows (no MacOS X or Linux). That said, it did clock in with the fastest write speed of all the devices, and the third-fastest read speed. It's also only one of three drives on test that can auto-destruct if the wrong password is entered too many times.
Verbatim's V-Secure software is also very pedantic about the password you choose, being the only software among all the devices on test to insist on not only upper-case, lower-case and numerals in the password but also special characters. Good for security, a little harder to remember perhaps.
Unfortunately, following the very simple steps outlined by the program during setup -- choosing a password and hint -- produced an error and the program aborted. Not a good start. Running and going through setup worked on the second try. The software only provides for changing the password or secure-formatting the device, which is fine, because you want it to get out of your way.
For the price you might expect a little more -- a more rugged design, perhaps -- but if you want a basic secure USB flash drive with simple software and good read performance it fits the bill.
Page Break
Encryption with AESThe de-facto for encryption with these devices is AES (Advanced Encryption Standard) and is so secure it's used by both government and military. For the USB flash drives on test, the hardware solutions use 256-bit AES while the software solution is 128-bit.
Should your encrypted files be accessed, without the decryption key, the most likely form of assault is a brute-force attack -- systematically attempting every possible combination of key until the correct one is found.
The length of the password you choose, which forms the key for encryption, can have an impact on how hard an encryption is to break: a 128-bit key ideally should be 16 characters long, and 32 characters for a 256-bit key. Most people won't use long passwords because they are hard to remember, so encryption software often fills the gaps with 0s, reducing the effectiveness of the key. Which is why when you're prompted for a password, it's actually better to use a pass [i]phrase[/i] that contains more characters than a password while still being easy to remember. Despite requiring very powerful hardware to crack AES using brute-force, simple passwords are conceivably discoverable.
Using a full 32-character string of random characters, however, is considerably tougher. Just how tough? This is somewhat of a moving target given the acceleration of computer science, but you shouldn't have too much to worry about: it would take some fifty of the world's most powerful supercomputers today working 24/7 up to 3 [i]sexdecillion[/i] years to brute-force crack 256-bit AES. Or, in a numeric prefix we're more familiar with -- approximately 3 trillion trillion trillion trillion years.
Page Break
Do it yourselfHardware-encrypted devices are their own market and if that's the level of security you need, then you need to pay for that level of protection.
If however you just want to encrypt a few files, you don't need anything more than your standard-fare flash drive and some free software.
There are a range of tools available for all the major platforms. For Windows, two good examples are GPG4Win and AxCrypt. Alternatively, you can do whole-partition encryption just like the hardware-based flash drives we tested here (where all data written to the partition is encrypted) using tools likes TrueCrypt and PGPDisk (part of the PGP tools).
Follow @CSO_Australia and sign up to the CSO Australia newsletter.