USB encryption

The easiest way to secure your USB thumb drive is to use hardware based encryption, these secure USB flash drive will cipher every single bit of data stored in them and are trouble free to use for users, there is no learning curve.

However, just because you are using encryption it does not mean you are safe, you will need to make sure that nobody can crack it, choose an USB thumb drive with no backdoor encrypted with a well known attack resistant algorithm like AES (Advanced Encryption Standard) and if you are going to use it in a business environment choose a FIPS (Federal Information Processing Standard) certified thumbdrive.

Benefits of hardware based encryption

  • Hardware encryption is faster than software as you are not using computer resources
  • Hardware encryption is shielded from malicious code targeting encryption software
  • Hardware encryption does not normally require you to install drivers or administration rights
  • A malicious hacker will need physical access to the device to crack it
  • Hardware based encryption requires very little training to use it

Disadvantages of hardware based encryption

  • Your encrypted USB flash drive can be stolen or misplaced and you will lose all the data
  • Hardware based encryption might not have been scrutinized as much as open source encryption
  • Hardware based encryption does not allow for scalability, i.e. increasing encrypted container size

USB flash drives using hardware encryption

Kanguru Defender Elite: Safe to be used in Government and Health environments, HIPAA, SOX and GLB compliant, it uses hardware based AES 256-bit encryption, operating system independent, FIPS 140-2 certified, its case is tamper and water resistant filled with epoxy.

Kanguru Defender Elite AES encrypted flashdrive

Kanguru Defender Elite AES encrypted flashdrive

Gemalto SmartGuardian: FIPS-140-2 level 3 certified personal security device, designed to meet the U.S. Government DAR program security requirements, metal casing is water and tamper proof, USB thumb drive solution designed for businesses.

Gemalto SmartGuardian USb flashdrive FIPS certified

Gemalto SmartGuardian USb flashdrive FIPS certified

Corsair Flash Padlock: It uses customizable 4-10 digit personal identification number to lock and unlock the encrypted USB flash drive, AES 256bit encryption secured, hacking detection locks device for 2 minutes after 5 failed PIN number attempts.

Corsair Flash Padlock hardware based encryption

Corsair Flash Padlock hardware based encryption

Imation IronKey: Encryption keyd are kept on the chip and never passed to memory, Imation IronKey uses AES 256-bit encryption in CBC mode, security level 3 FIPS 140-2 validated, tamper resistant designed hardened with epoxy compound encasing the chips, available for Mac, Linux and Windows.

Imation IronKey USB hardware encryption

Imation IronKey USB hardware encryption

CE Secure Vault: Hardware encrypted flash drive secured with AES256 in CBC mode certified FIPS-140-2, it will work on any computer OS without having to install drivers, it includes a virtual keyboard to beat keyloggers, when the wrong password is entered multiple times there will be a time out to stop dictionary attacks, if the thumbdrive is left behind it will automatically lock with an adjustable timer lock. The case is epoxy sealed and waterproof.

CE Secure Vault flash drive AES hawdware encryption

CE Secure Vault flash drive AES hawdware encryption

Super Talent SuperCrypt Pro:  Hardware based USB flash drive encryption supporting USB3.0, with 64MB Cache, SuperCrypt Pro uses 256bit AES encryption in XTS mode, encryption key is stored in hardware and never passed on the USB or system bus and it has a secure erase feature.

SuperTalent SuperCrypt Pro USB3.0 encrypted drive

SuperTalent SuperCrypt Pro USB3.0 encrypted drive

Lexar JumpDrive S3000:  Enterprise class USB flash drive, FIPS 140-2 Level 3-validated by the National Institute of Standards and Technology and AES 256-bit hardware encryption with resistant waterproof USB metal case.

Lexar JumpDrive S3000 AES 256-bit encryption FIPS

Lexar JumpDrive S3000 AES 256-bit encryption FIPS

Verbatim Store ‘n’ Go: ¬†Retractable USB Connector with no cap to lose, using 256bit-AES hardware encryption, enhanced for Windows 7/Vista ready boost, it meets meet FIPS 140-2 Level I requirements for cryptographic modules.

Verbatim Store-n-Go hardware encrypted USB flashdrive

Verbatim Store-n-Go hardware encrypted USB flashdrive

Kingston DataTraveller Vault: Waterproof ruggedized aluminium case with enterprise grade security using hardware based 256-bit Advanced Encryption Standard (AES) encryption in Cipher Block Chaining (CBC) mode.

KingsTon Datatraveller Vault encrypted USB drive

KingsTon Datatraveller Vault encrypted USB drive

Lok-It: Hardware authentication using a PIN pad embedded in the USB thumdrive, on-the-fly full disk 256-bit AES hardware encryption, hardened anodized aluminium casing filled with epoxy. This USB flash drive has been Government grade FIPS 140-2 Level 3 certified.

Lok-IT FIPS certified hardware encrypted USB thumbdrive

Lok-IT FIPS certified hardware encrypted USB thumbdrive

Patriot Bolt: Consumer oriented USB thumbdrive with built-in with hardware based 256-bit AES encryption & 512-bit RSA engine for user authentication. The drive locks down and reformats after the password is consecutively entered incorrectly 10 times.

Patriot Bolt hardware based encryption flashdrive

Patriot Bolt hardware based encryption flashdrive

Centon DataStick Secure: Consumer focused USB thumbdrive using AES 256bit hardware based encryption, LED access indicator and swivel cap.

Centon DataStick Secure AES encrypted thumbdrive

Centon DataStick Secure AES encrypted thumbdrive

Aegis Secure Key: Fully encrypted with hardware AES256bit in CBC (Cipher-Block Chained) mode, the password is comprised of 7 to 15 alphanumeric digits that are entered with a keypad, flash drive is platform independent it works on any OS without having to install drivers or needing administrator rights, the enclosure is made of aluminium and sealed with epoxy dust and water resistant. To stop brute force attacks, if an incorrect password is entered a total of 10 consecutive times the encryption keys and data will be automatically destroyed.

Aegis Secure Key USB AES hardware encryption

Aegis Secure Key USB AES hardware encryption

4 thoughts on “USB encryption

  1. The controller on the Kaguru Defender often fails rendering the drive unusable and the stored data unretrievable. Kaguru technical support states that they are aware of the problem and that the controller normally lasts between 2 and 5 years. Mine lasted 9 months.

  2. chris….perhaps many of the manufacturers purposefully fail to fix such problems since it accords very well with their wishes for planned obsolescence. What we really need is someone to do a review of usb sticks that last 5 years… a retrospective comparison of the longevity of these devices… otherwise we all end up having to buy 3 of them.. in case the main one breaks down.

  3. been looking at the Aegis Secure Key http://www.apricorn.com/ device seems they have rebranded it in the UK as http://www.istorage-uk.com or its a clone not sure the devices they sell on there look the same just website is diferant and branding

    its the auto delete data part i am interested in (bash the unlock button 10 times and its wiped) as datacryptor supports Keyfiles from a USB device (somthing truecrypt lacks) so you could boot the server up with it and take the device off site/house (even without UPS the power hardly ever goes off normally, maybe once every 2 years)

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>