Schneier on Security
A blog covering security and security technology.
« Forensic Printer Codes May Be Illegal in Europe |
| Research on Malware Distribution »
February 25, 2008
The Doghouse: Drecom
They advertise 128-bit AES encryption, but they use XOR.
This is why evaluating security products is hard: the devil is in the details.
Posted on February 25, 2008 at 1:32 PM
• 25 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
More snake oil for the gullible. As long as there are people who buy such stuff, there will be people who will sell them such crap. The cycle repeats ...
the more things change, the more they stay the same...
"Upgraded for Performance Reasons"
Innmax (The controller's manufacturer) is the one who was outright deceitful, as far as I can tell. Drecom was a little over-credulous, but if I was manufacturing a chip that used two different encryption algorithms for two different things it did, I would go out of my way to make it crystal clear what was going on, and it sounds like Innmax was...less than clear.
Reminds me of the software "encryption" offered on my Western Digital USB drive. After "encrypting" most of my files, I realized that I could zip them up in half. If you can do that, the files are not encrypted.
"Anon Indian Techie", this isn't snake oil. Such a product as was advertised is completely feasible and secure if properly implemented. No red flags such as inflated or unrealistic claims that a security expert could spot. With any such product (and there are lots) we are trusting the manufacturer to engineer the product to back up the advertising.
@Observer - failing to implement a product to the advertised spec sounds like Snake Oil to me. In fact it sounds like Bait and Switch and several other choice phrases too.
If what I've read is correct, Innmax should be sued!
I can almost hear the faint, ghostly laughter of Alan Turing and his colleagues at Bletchley Park.
I mean, Yiddish isn't that far from modern German, no? Didn't this occur to them? Or maaaaayybe not!
No, that did not occur to them, Dude.
Now what happens if you are a coder at someplace that wants to use this, your debt will not allow failure and the progenitor nephew has told his ( ommitted to avoid starting firefights ) that this is easy. I notice three characteristic of these sites that do this.
1. Fancy website editor. Not an issue of it's own but correlatable in the broader overview.
2. Wholesome female, that is proven in marketing + in this paticular case the eyes are used to draw the viewer to the peel-label stickum which conveys approval ~ a common tool used to get past review.
3. Overall sense of easyness.
None of these issues will stand critical review individually, but they will appeal to uninformed JellyBabies. Of more interest would be how to defeat an intrusion by this in a client campus. Possibly there are telltales in the traffic.
It sounds like Innmax is guilty of false advertising if Drecom's claim of the spec being misleading, is true. It probably is true. On the other hand, Drecom has an incentive to overstate how misleading the spec was, in order to divert blame from themselves. I haven't seen the spec and can't judge it.
However, spec or no spec, Drecom had some responsibility to *look* at the output of the chip, in much the way the authors of the linked article did, to verify its security before mass-producing a product based on it. The fact that they apparently didn't notice the chip was insecure shows some negligence on Drecom's side, independent of the deceptive spec.
@paul & Brant - sorry please let me in on it. I known almost no yiddish and couldn't find anything that could translate that.
Now that IS funny!
(I didn't try the root)
Without further details of the crypto analysis, it could still be encrypted but with the same key and initializing vector for each sector. My first attempt at on the fly disk encryption on a CP/M system 35 years ago had the same failing. Second attempt was much better ;-)
This "The IN7206 merely uses AES encryption when saving the RFID chip's ID in the controller's flash memory" appears to attempt to prevent determining the RFID from the drive. In the case of the corrected IN8202 chip, would we have any expectation the RFID tag would be a short range chip? One can find reference to a long range RFID chip receiver (450 feet) for asset control. How about an iButton instead?
--The company claims the IM7206 only offers basic protection and is designed for "general purpose" users.--
Well, if it's for general purpose why do they use encryption in the first place?
I think they have to admit that they don't understand anything about security nor on how encryption works.
I'm not wanting to justify the dismal security of this product, but it's perfectly possible that they are using AES, in counter mode, and simply failing to adjust the IV on each block.
"using AES, in counter mode, and simply failing to adjust the IV on each block"
I don't think that you could call it *counter* mode in this case...
"This is why evaluating security products is hard:"
No, it is quite easy in this case: Just look at their website.
- table layout
- small white fond on black background (they don't want me to read it)
I would never trust a "security company" that forces me to run untrusted programms, just to look at the product specifications.
The product probably will be scrap, just like their website.
Since nobody did it yet, here's the link to the 'security' chip page in Innmax:
Not a hint of the actual algorithm used...and they boldly advertise AES 128 bits
@The product probably will be scrap, just like their website.
Correct, and the consumer who cannot figure that out can probably be protected by what they are doing and for those who need decent protection I don't see where placing on a cell deviece something that actually needs 128 bit AES makes any sense. If you need something that strong you should probably pack a custom board in a 1510 and dress like any high-profile target would.
Customer: I need reservations to Cuttham, Burnham & Runn on the River of Gold.
Ticket vendor: Did you want a turbo-charger on your Mercedes ?
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.