Thursday, December 29, 2011

Review: [hiddn] USB Crypto Adapter

[Picture from www.hiddn.no]
A representative from High Density Devices (HDD) participated at Passwords^10, and after that I've been talking to them from time to time. Especially their marketing manager Tormod Fjellgård has been very forthcoming, and granted me the chance to do a review of 2 of their crypto adapters. This is my first review of their USB crypto adapter, and I've warned Tormod that I just might have some critical comments for them. So here we go:

The adapter comes in a small box, here's a picture of the contents:

[Sorry for blurring the PIN & PUK codes there.. Bad habit. :-)]
Here you can see the crypto adapter itself, USB cable with optional 1xUSB connector for more power, a small paper manual, primary and backup user chip card, a zeroing card and a small piece of paper with PIN, PUK and instructions.

For my testing I used my own Windows 7 x64 system, standard USB 2.0 ports, a Kingston DataTraveler G3 8GB usb stick, and a LaCie 250GB external USB2 disk. 8 files of equal size, for a total of 3GB were copied to the external device, with and without using the crypto adapter.

Now I won't do this review plastered with screenshots of performance numbers from PCmark, Atto or other benchmark tools. I'm interested in the security as well as usability of the product. Although performance is nice, security can sometimes be of preference over performance. :-)

First looks:
Military grade 90's style. Period. It's big, awkward buttons that you need to press rather hard, and certainly takes up space in any modern ultrabook bag. Simple manual, prints on smartcards clearly states their mission, PIN & PUK printed on the same small piece of paper - in the same box - part of the same shipment... Hmmm. Skeptical.

Installation:
Easy. <1 minute, and you are ready to go. Connect, insert smartcard, type PIN and #, wait a few seconds. Insert Kingston G3, and Windows says a new device has been connected, but needs formatting first. Ok, so I did a quick format, finishing in a few seconds. Hm. I would say that in order to "securely" format any device, you should always to a "slow" format. Oh well, the data that will be saved with AES encryption, according to HDD.

Usage:
I actually did try running Atto for disk benchmarking. It worked as expected without the adapter, but with the adapter the entire test crashed, and I had to reformat the G3. Not good - I wonder if it is a problem that can be recreated - say if you actually were to move a lot of small files back and forth and you end up with crash/reformat?

I also tried connecting the LaCie disk, but no luck. Windows didn't see anything, and the disk didn't spin up. Too low power from the crypto adapters USB port? (Yes, I tried with both usb cables connected to my computer for the extra power...)

Performance:
Sorry, but I have to say this... Without the adapter, I get approximately 11,5MB/second write speed, using my 8 files totalling 3GB. With the adapter, write speed is down to approximately 7.6MB/second. Not that much in this setting, but my gut feeling says that the adapter doesn't perform much better with faster devices either? In that case I'm all Truecrypt or Bitlocker, putting my trust into my own passwords.

(Security) Usability:
Where to begin...

1) I can't change the 6-digit PIN or the 16-digit PUK. 
I wonder how HDD generate the PINs and PUKs? Separate & isolated environment, true random generator, no people ever get to see the printed codes etc?

2) PIN & PUK printed on the same piece of paper inside the package.

3) Backup card, zeroing card, PIN and PUK "must be kept in a secure place". Uh. Yeah, I can do that. But I still need to bring the user card, and what if I forget my PIN or lose my user card while travelling?

4) Data encryption bound to chip + PIN. Data cannot be accessed by others without them.

5) The chip cards cannot be used for anything else and sticks out - why not just leave it in there permanently? (I've seen cut off chip cards inside card readers many times before)

6) Manual isn't really end-user friendly - unless you are a G33k of course.

The manual says that HDD offers a Key Management System, delivered as a dedicated workstation. I guess that system is just a bit more expensive than the adapter itself, and not something I would purchase for personal use anyway.

Summary:
I can hardly see this USB crypto adapter as part of any standard equipment for anyone travelling around with a laptop. It's just too ... bulky. 

It's a "single user" product - but why would I use this at home or at the office for myself, when I have Bitlocker, Truecrypt and other similar technologies at hand? The alternatives offer better performance, multi-factor authentication, and at least (non-certified) compliance with a bunch of standards?

I'm sorry guys. It's a nice idea doing hardware encryption combined with multi-factor authentication, but the wrapping is all wrong. To me this USB adapter is costly, slow & bulky. I can't see how this can give me any better security than other cheaper or even free alternatives available. Go back to square 1 and start over.

--
Oh; and for the FIPS-140 and Common Criteria / Mordac fans out there - this product is for you. ;-)

5 comments:

  1. At HDD, we welcome peer reviews and find the prospect of being evaluated and tested by "our own" very interesting and exciting. Reviews are objective and at the account of the reviewer, and we do not wish to in any way influence this, however, as this review contains some misunderstandings and open questions, I feel compelled to make a response.

    First, the [hiddn] Crypto Adapter is a "commercial-off-the-shelf" product for encryption of any USB storage media. Although HDD primarily sell through an established partner network, on occasions we ship directly (very often to reviewers and journalists). All units shipped directly from HDD come with randomized keys and PIN codes, none of which are stored or registered by HDD - something our user manual explicitly makes a note of.

    All encryption/decryption occurs inside the Crypto Adapter, in the patented and validated [hiddn] Crypto Module. All keys are stored in the smart card, hence must this always be present to authenticate the user (together with a correct PIN). By removing the smart card, no one can access the encrypted storage media as it stores no keys. The [hiddn] Key Management System is recommended for volume deployments of [hiddn] units, for key escrow and organisation of smart cards, units and PIN codes (8 digits allowed in the current version).

    I would also like to take the opportunity to comment upon the reviewer's open question to how the Crypto Adapter can be more secure than cheaper and free alternatives. Assuming that the reviewer is pointing to software encryption, I must stress that [hiddn] is a hardware encryption solution and that hardware encryption is validated at being far more secure than software encryption, less CPU demanding and of course operating system and software/driver independent. Hardware encryption with external keys are less suspectible to hacks and "Princeton Cold Boot Attacks", and as [hiddn] stores its keys externally in an AES256 encrypted smart card, and software stores the key in plaintext on the storage media or in RAM (Flash) memory in the computer, it ought to be evident that in terms of security the Crypto Adapter is superior.

    In conclusion I wish to emphasise that these are the opinions of the Chief Marketing Officer at HDD, Tormod Fjellgard, and that there are more dimensions than one to the discussion on how to best protect sensitive data at rest. We welcome peer reviews and also the following discussion around our solutions and encryption in general. Thank you!

    ReplyDelete
  2. Thank you for the comments Tormod!

    Let me clarify:
    1. I do not believe that you keep records of shipped PINs or PUKs without telling me. That would be "suicide" for you if somebody discovered you doing that. BUT I don't know if there are humans involved in the packaging of the shipped units. Do they see the PIN/PUK label? Do they see who the package will be shipped to? That's the gut feeling I got when opening the package - this is packaged and shipped (partially) manually.

    The way it is packaged and sent, I would not put much trust in the solution without the KMS (change PIN option), since adapter, documentation, chip cards and PIN/PUK is shipped in one single package.

    2. I agree on hardware encryption with external keys is better - depending that you do it correctly. You shipped everything in the same package! As I've said earlier as well - the chip cards cant be used for anything else, so users will eventually leave their card in the device.

    That is really not your problem, but it is a potential problem to me that I need to put into my equation. With Bitlocker for "free", integrated as part of the operating system, doing hardware-accelerated encryption (with AES-NI instructions on new Intel processors), bound to a TPM chip and with pre-boot authentication...

    I think that will give me better performance, better usability and a security level that will be more acceptable for everyday users. If usability fails, security will fail.

    The security in your product is good by itself, but the usability aspects makes it weaker than necessary.

    ReplyDelete
  3. Agreed, usability and performance are key factors to whether or not users choose to implement encryption - and we firmly believe [hiddn] resolves many of the negative perceptions regarding encryption.

    1. You are of course right, and we will further enhance the security of our deliveries for the future. Having said that, I return to my recommendation to implement the [hiddn] Key Management System when deploying [hiddn] units.

    2. The smart cards used with [hiddn] products are "ordinary" smart cards with our proprietary application stored, in encrypted form, onto them. This implies that the application can be transferred onto Java-based smart cards, e.g. corporate ID cards and/or system authentication cards, enabling users to continue using their existing smart cards for authentication against [hiddn] products - again, usability and scalability is the key to successful data protection!

    Personally, I consider Bitlocker and [hiddn] complimentary to each other - Bitlocker safeguards the integrity of the system and user whilst [hiddn] upholds information assurance and protection of all data at rest. This way, the user is fully secured. HDD have tested this combination and are seeing an increase in interest from the marketplace. However, for encryption alone, [hiddn] will remain superior!

    2011 was "the year of the breach", and we are not excluded from data breaches in Norway, so I hope that in 2012 will get our heads out of the snow and realise the importance of safeguarding our data, at all times! Thank you!

    ReplyDelete
  4. hiddhdd makes a very good point here, that the reviewer seem to miss:

    "Personally, I consider Bitlocker and [hiddn] complimentary to each other - Bitlocker safeguards the integrity of the system and user whilst [hiddn] upholds information assurance and protection of all data at rest. This way, the user is fully secured. HDD have tested this combination and are seeing an increase in interest from the marketplace. However, for encryption alone, [hiddn] will remain superior!"

    Also looking at bitlocker and truecrypt as similare approaches makes me as a reader think maybe the person reviewing here shouldn't review encryption solutions.

    Using a smartcard is also a very good move by hiddn, which the reviewer also seem to miss. Using a card that users carry with them to perform other tasks, and by this not adding yet another device to the keychain is a smart move. Smartcards are like smartphones; they can perform several tasks.

    For companies or organizations that actually view software encryption with keys in memory of the operating system (cold boot attack etc) as a risk, this could/should look like a good approach. This product is better tested by persons that actually see this need, as this review show signs of a pop music fan that fell into an opera by mistake :)

    ReplyDelete
  5. In the era where product placement is everywhere I really appreciate an honest review. Will keep an eye on your blog.

    Kudos also to Mr. Fjellgard who offered the device and accepted the critique despite not being totally favorable. It shows character and if improved version will be developed I suggest you repeat the procedure.

    ReplyDelete

All comments will be moderated, primarily for spam. You are welcome to disagree with my posts of course.