Secure Solid State Disk Drives Coming Soon

While at Cebit 2011 I  came across a stall by Securedrives.  We exchanged details and we will be looking to resell their products when they are available.  What are they and what makes them so secure you may ask?

To give you an idea – I want to tell you a story:

ABC Designers Ltd has been given a brief to design the packaging for a set of top secret new products for the MP3 player market, from a leading manufacturer of electronic devices. They sign a Non Disclosure Agreement with the manufacturer and promise to keep it all a secret.

After 2 months of hard work, the project is ready to show the client.

They decide to store the whole project on a Securedrives 2.5 inch SATA Solid State Disk.

Securedrives portable SSD

Before making the trip to the client, they store all of the files required for the project (JPEGs, NDA agreement, PSD files, quotes and anything else) on the Securedrives SSD. They set the password on the keypad of the device, which also has a GSM mobile phone SIM, for which the details are kept by Maureen the office administrator.

They activate the GSM signal loss option, to self destruct the disk if it fails to pick up a signal for 5 minutes. Of course Steve can override this if they get stuck in traffic in a blackspot.

The battery is also fully charged – and so the option to self destroy the disk should the battery run down, are applied.

They also switch on the random keyboard option – which jumbles the numerical keypad at every time the device is locked, so that the pattern of the password, typed in by the user, cannot be replicated by prying eyes.

The disk is put into a briefcase and given to Steve to take to the client. He also has his trusty laptop. Steve goes out to hail a cab to make the trip across London.

Steve hailing a cab

He puts the case on the back seat next to him and chats to the cab driver as they move through the traffic. An hour later, Steve reaches his destination, pays for the cab from his wallet and jumps out of the cab while the lights are red at a junction just 20 meters from the client’s office.

Steve Lost the Briefcase

OH NO! He forgot the briefcase – ok, he found an umbrella – but that is not much good to him – the cab is long gone. Not only has he got to go and apologise to the customer, but he’s also got to explain that the data is lost and could fall into the wrong hands. Luckily they saved the data onto a Securedrives PSD64MG1 drive. He calls Maureen in the office to explain.

Maureen taking the call

Maureen initiates the remote data wipe facility by sending a text message to the drive using her mobile phone.

While sitting in the back of the taxi, still in the briefcase, the Securedrives PSD64MG1 drive receives the SMS from Maureen at which point the drive

  • …changes it’s encryption key, making it even more difficult to find the original encryption key (should anyone ever work out how to decode AES 256 bit Cypher Blocking Chaining (CBC) from a destroyed disk at any point in the future.
  • The drive’s partition table is overwritten with “white noise”, making it impossible to piece together any of the data within the NAND chips. The NAND chips are actually physically destroyed:

Physically destroyed NAND

This prevents anyone from removing the chips from the board – mounting them on another board, and somehow rebuilding the disk. All of these things are done in 300ms.

The taxi driver then drives through Blackwall tunnel, a notorious traffic blackspot, and sits in a traffic jam, where the GSM signal is lost for 10 minutes – this would normally destroy the drive – but that has already happened via the SMS from Maureen.

There are more secure options to this amazing drive. Let’s say the taxi driver hadn’t gone through the tunnel. Perhaps, the taxi driver had picked up another passenger who decided to have a nose in the briefcase. He would have had to guess the 20 length pin number (options are 4 to 20) within 8 attempts (options are 2 to 8).

If he had broken the case open to get to the NAND Flash itself – the device would also self destruct.

The GSM interface also allows the device’s location to be tracked – should they wished to have tried to recover the device before destroying it. However they didn’t have the tools to do that.

So ABC Designers were safe in the knowledge that the data could not fall into the hands of the customer’s competition. All was good in the end.

Steve, however was fired – poor chap!

Like us on Facebook to register an interest. for more info.

Post a Comment

Your email is never shared. Required fields are marked *