Wired has a short review on a new USB stick that’s pretty awesome-looking. The Crypteks USB stick was inspired by the Cryptex in The Da Vinci Code. It features 256 AES encryption for the stick itself, plus gives you an elegant and fun outer shell that’s also encrypted. Or, at least, uses the principles of encryption.
Like Your Father’s Briefcase
What’s a cryptex? Well, to begin with, it’s a word coined by the author of the above-mentioned book. It’s a portable, cylindrical vault that uses the principles of the bicycle combination lock to secure it: dial-in the correct “word” and the lock disengages, allowing you to access the cryptex’s innards.
It’s not too different from a briefcase’s three-wheel combination lock, except it uses the alphabet instead of numbers. The Crypteks USB stick uses the same principle: provide the correct word and you gain access to the USB stick. Plug the USB stick to a computer, provide a password, and you gain access to the USB stick’s contents (the USB stick is secured with 256 AES encryption, the same behind AlertBoot’s encryption software).
Of course, $130 for 8 Gigs is pretty steep, but then that’s the price you pay for a niche product. For that price, you can sign up for AlertBoot endpoint security for one year, allowing you to encrypt one computer and all the USB sticks you desire.
The real protection, of course, comes from the 256-bit AES encryption.
Wait, you might ask. If the protection comes from the AES encryption, what’s the purpose behind the Cryptex aspect? Marketing, I presume. Here’s my reasoning.
Made of aluminum: The outer case is made of the stuff cans are made of. Certainly, you can make it thicker so you can’t crush it like a can. But, if someone really wants to get to the USB disk, I imagine using a hammer to crush either end (where the USB is not resting) would be a very easy way to gain access into the shell. Other tools, of course, could be used as well.
Words limit total password space: In the Crypteks video, it notes that there are “over 14,348,907 combinations.” Based on what I know about math, it looks like there are exactly 14,348,907 combinations (27 characters on each ring, 5 rings in total = 275). However, most people would probably use normal words as their shell password, and that would significantly lower the number of combinations you have to guess. How many words do you have that are 5 characters or less? I don’t know, but it’s significantly less than 14 million.
MIT Students: Yep, that’s right. MIT students. The guys down by the Charles River. Not too long ago, they created a safe cracking robot using a motor and other assorted knickknacks. The robot literally goes through every single possible combination (i.e., it brute-forces a safe). Actually, such “robots” have been around for years, but you get the idea: it’s not anywhere near impossible to break into it. (Assuming one second per attempt, it would take about half a year to use up all passwords. In other words, you’d be guaranteed access in about 6 months, but probably before that.)
On the other hand, the AES encryption is routinely quoted as possibly being breakable if you use the entire computing power in the world for cracking it, and spent, oh, I don’t know, something in the order of one million years or some other absurd number.
Still, the Crypteks shell has one thing going for it. It’s shiny. (I actually mean it as a compliment. I’ve been wondering how you can make encryption sexy for a while now….)