On Dec 7, 2008, at 4:10 AM, Alexander Klimov wrote:
<http://www.heise-online.co.uk/security/Encrypting-hard-disk-housing-cracked--/news/112141
>:
With its Digittrade Security hard disk, the German vendor
Digittrade has launched another hard disk housing based on the
unsafe IM7206 controller by the Chinese manufacturer Innmax.
The German vendor prominently advertises the product's strong
128-bit AES encryption on its packaging and web page. In
practice, however, the hard disk data is only encrypted using
a primitive XOR mechanism with an identical 512-Byte block for
each sector.
Oh, but that 512-byte block is generated using Triple AES, and is
highly, highly secure! :-)
An interesting bit of wording from the site linked to above:
"According to current cryptography research, this would be virtually
impossible, even with a short key length of only 128 bits." Although
the sentence accurately states that AES-128 is thought to be secure
within the state of current and expected cryptographic knowledge, it
propagates the meme of the "short key length of only 128 bits". A key
length of 128 bits is beyond any conceivable brute force attack - in
and of itself the only kind of attack for which key length, as such,
has any meaning. But, as always, "bigger *must* be better" - which
just raises costs when it leads people to use AES-256, but all too
often opens the door for the many snake-oil "super-secure" cipher
systems using thousands of key bits.
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
