SanDisk PSP-CRE-0507-11 Computer Drive User Manual

Open as PDF

of 10

Cruzer Enterprise Product Specifications

Revision 1.0

2.2 Data Security

The Cruzer Enterprise security architecture combines hardware-based access control and security features

that are insulated from the host computer environment.

Cruzer Enterprise implements a double security mechanism, access control and data encryption, based on

SHA-1 and AES algorithms. Encrypted data is stored in a secure zone, hidden until successful authentication

is completed by the Cruzer Enterprise access control mechanism. This method of encryption and

authentication is more secure than software commands. Data is encrypted and decrypted dynamically within

the device, thus only data required by the host PC is decrypted and sent to the PC.

2.2.1 Access Control - Maximum Number of Attempts (Max

NOA)

Cruzer Enterprise locks automatically for further access after a predefined number of consecutive, incorrect

password attempts. This number is defined during the manufacturing process. This feature prevents brute

force attacks, where the hacker tries several password variations in order to determine the correct password.

2.2.2 Encryption Algorithms

Cruzer Enterprise implements industry-standard symmetric and asymmetric algorithms. No proprietary

algorithms are used.

Symmetric Algorithm

Cruzer Enterprise supports the symmetric AES algorithm described in Table 1.

The Parallel AES Coprocessor is used for fast computation of the Advanced Encryption Standard algorithm.

The AES algorithm is described by the FIPS PUB 197 Advanced Encryption Standard.

Table 1: Symmetric Algorithm used by Cruzer Enterprise

Encryption Algorithm Key Length Encryption Mode

AES 256-bit TDEA Electronic Code Book (TECB)

Figure 2 illustrates the encryption flow using the Electronic Code Book (ECB) encryption mode. Details of

the encryption and decryption cycles follow.

Figure 2: TDEA Electronic Code Book (TECB) Mode

In TECB encryption, a 256-bit plaintext data block (P) is used directly as the input block (I). The input block

is processed through the AES encoder using a 256-bit key. The resulting 256-bit output block (O) is used

directly as ciphertext (C).

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

SanDisk PSP-CRE-0507-11 Computer Drive User Manual