26C3: Cryptographically Secure ? (lightning talk)
Posted by ChrisJohnRiley on December 30, 2009
Cryptographically Secure ?
Cracking FIPS-Certified USB Flash Drives
Lightning talk – PoC – Matthias Deeg
Demo is performed using a SanDisk Cruzer Enterprise (FIPS Edition), however is possible on other devices.
- Small mistakes often have a big impact, especially when it comes to complex devices.
USB FDU – (USB Flash Drive Unlocker)
The demo PoC tool was able to unlock the device (make it so that any arbitrary password works) within a few seconds. A number of vendors have already patched this issue and provided updates for their devices (see Links below).
Currently the PoC isn’t publicly available.
Links :




