Full Disclosure mailing list archives

By Date By Thread Western Digital - My Passport / My Book self-encrypting external hard drive series - Multiple vulnerabilities From: alendal () nym hush com

Date: Sun, 18 Oct 2015 22:35:44 +0200

Research overview: ========================== Research on Western Digital wide-spread self-encrypting hard drive series "My Passport" / "My Book". Devices researched utilizes mandatory HW AES encryption. Authors: ========================== Gunnar Alendal Christian Kison modg Paper and presentation links: ========================== Full paper at Cryptology ePrint Archive: https://eprint.iacr.org/2015/1002.pdf Presentation slides, based on research paper: http://hardwear.io/wp-content/uploads/2015/10/got-HW-crypto-slides_hardwear_gunnar-christian.pdf Vulnerabilities disclosed: ========================== Multiple vulnerabilities, including: * Multiple authentication backdoors, bypassing password authentication * AES factory key recovery attacks, exposing user data on all affected devices, regardless of user password * Exposure of HW PRNGs used in cryptographic contexts * Unauthorized patching of FW, facilitating badUSB/evil-maid attacks Vendor notification: ========================== The vendor has been informed of the research. Patches: ========================== The authors are not aware of any fixes. Architectures researched: ========================== USB Bridge Vendor - Chip model - Architecture =============== JMicron - JMS538S - Intel 8051 Symwave - SW6316 - Motorola M68k PLX - OXUF943SE - ARM7 Initio - INIC-1607E - Intel 8051 Initio - INIC-3608 - ARC 600 JMicron - JMS569 - Intel 8051 =============== _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/ By Date By Thread Current thread: Western Digital - My Passport / My Book self-encrypting external hard drive series - Multiple vulnerabilities alendal (Oct 19)