I suggest the read of these few articles, especially when the products are used in critical IT departmentsīut as Ironkeys seems to have been used by US military, especially in the Afghan war, there is no doubt that this product is studied in some Chinese military labs. With the help of Ollydbg, no need bruteforce attackĪs Ironkey isolates the encryption scheme on the hardware device, this mitigate most host/pc based attacks, even cold boot attacks. Vulnerabilty that affect software design of some NIST FIPS certified popular usb keys has not affected Ironkey solutions It is true that Ironkey provide products among the most reliable in the market. This might help, even if online password resetting is not always an interesting idea
If you use a strong password, they would have spent many thousands of dollars to get to that point but would still be stuck brute force guessing your password. If they were to get the encrypted keys, they could try brute forcing the password. Maybe the NSA has developed some techniques for gaining access to the chip that holds the keys but I would expect that they only have limited success.
It would take longer than the age of the universe to brute force guess the master keys.Ī person could attempt to take the Ironkey apart and access the chip that holds the encrypted keys but, as you said, they have implemented countermeasures that fry the master keys if you try to crack it open.
Ironkey uses 256 AES so the master keys are at least 256 bits. After that happens, you are left with trying to guess the master keys. Technically, you are correct but the reality is that after 10 tries, the data is, for all intents and purposes, garbage.Īfter the 10th try fails, the Ironkey fries some circuitry on the chip that holds the master keys to the main encrypted drive. Sorry, not trying to blow you away with techno babble.
0 kommentar(er)
