Find solution
Using flash drive (USB drive) as Ram?

Building a self destructing USB drive

  • Today's world demands high security devices, like an aggressively self-destructing USB drive. I would like advice on the possibility of creating such a thing if one wouldn't mind offering wisdom. Hello! I have a security/electrical engineering project idea I am still fleshing out, and I would like some input on its possibilities, implementations, and execution. For high-security PC builds, it is common to have full-disk encryption on a hard disk with the whole shebang bolted down by a TPM chip. It is also reasonable practice to use a Live OS booted off of USB and use no disk at all. My idea will focus on the latter. I read some papers recently about the relationship between data retention on RAM chips and their temperature. RAM which is designed to not retain memory without a power source has an interval of time after losing power such that the data can still be retained, as it takes time for the electricity to "leak" out of the chips and leave them blanked. As I understand it the colder the chips are on a device, the slower the information "leaks" out of them. This knowledge can be used in a compromising manner towards the end user. For example, some clever researchers have discovered how to bypass Android's fulldisk encryption/bypass PINs/etc. by using a special recovery image and storing the phone in a very cold area. (https://www1.informatik.uni-erlangen.de/frost) The idea: To create a USB thumbdrive with a capacitor, small battery and charging function, hereafter lovingly referred to as NUKE. NUKE's purpose is to provide immediate current to the RAM chip in an attempt to clear any data that may be remaining, or at the least mangle it enough to make it unrecoverable. I recently realized a setup i toyed with as a child was a rapid high-discharge setup, and may be able to work in the manner i described. In my childhood years I had toyed with the flash on disposable cameras. If the two leading wires from the flash bulb were cut and stripped, the two leading wires could be applied to some [relatively] high resistance items and still discharge successfully when the button was pressed. Ask any of our friends, we tasered each other quite a bit with homemade NUKE gloves. An unsuspecting pat on the back could produce a visible wound (don't do that at home! I was a reckless child) Following this idea along, I believe NUKE could be applied to a USB drive to inflict damage throughout the RAM chip on demand by making a complete circuit through it and pumping massive current. By extension I would hope this could be applied to SSD drives for laptops/PCs as well, so long as power requirements were adjusted accordingly. I do not know much of the circuitry of USB devices. My largest fear is that the overload of electricity would not traverse the entirety of the RAM chip by causing too much damage in an early phase of discharge which would make the exercise pointless. Another fear is that the current surge may not do damage at all and could possibly just keep the data on the chip alive, not scramble it, etc. Anyway, that is the idea sitting in front of me. The finished device would behave as a normal USB drive yet at the press of a button, NUKE fires and all is lost. Can anyone experienced in this field offer some input? Implementation ideas, potential problems, or other suggestions? Thank you!

  • Answer:

    You don't erase data by overvolting the flash chip or setting it on fire (jesus christ). The correct approach is to minimize the amount of secret data, make it volatile, and make it hard to get to. So your drive encrypts all data with a symmetric cipher (like AES) on the device, before it is stored on the flash chips. The cipher key is stored in SRAM on the encryption chip, backed by a small lithium watch battery. There are tamper-sensitive sensors inside the drive housing as well as the on the encryption chip die that clear the SRAM when tampering is detected. You could design your own encryption chip on some cheap commodity 90nm process and get it fabbed.The design is pretty simple. I bet you could do it for under a million bucks, including hiring someone to design it, fabbing, etc. Alternatively, use an FPGA which already has all these tamperproof features already designed in. Companies like Xilinx have been doing this exact thing for decades to protect their customer's designs that are loaded into the FPGA. After all, you their FPGA customers don't want a shady competitor to read out the FPGA program and loading it into black market counterfeit products. The downside with using an FPGA is that there is most likely a backdoor accessible by Xilinx. It's strong enough to resist pretty serious industrial espionage type adversaries, but probably not the NSA (which would have Xilinx's cooperation of course). Googling fpga bitstream security will probably turn up some interesting papers for you to read. This is a well known, established field with plenty of neat research over the years.

fieldcannotbeblank at Ask.Metafilter.Com Visit the source

Was this solution helpful to you?

Other answers

I am no expert on the technology, but once had a day job working for a bank group that was developing (and patenting like crazy) technology to do extremely high value cash transactions over the internet. We did multiple transactions in the late 1990s in amounts of more than $20MM. Anyway… One of the things we had to be worried about was people reading the crypto keys out of our devices and creating fraudulent cash. So our devices were set to self-destruct in a wide variety of interesting ways. Anyway, I was the graphics and documents guy, not one of the hardware guys, so I don't know what our crypto keys were stored on and whether this has any similarity to how those USB drives work. But it was surprising the number of ways the memory could potentially be frozen and/or read by someone who wanted to read it. It could be heated to a certain temperature, lowered to a certain temperature, hit with a certain kind of radiation (x-ray?) in a certain kind of way, someone could try to drill into the device to gain physical access, etc. The hardware guys had to figure out ways to make the device self-destruct if any of these things was attempted, and periodically we would send one off to these guys in the NSA who would try to crack it and we would have to add other security measures depending on what they discovered. Eventually the project was killed because it wasn't obvious how the bank would be able to make money on the technology. The point of all this is that there may be a zillion ways that someone with the proper technology and skills might be able to read the memory of a USB drive.

slkinsey

http://www.ironkey.com/en-US/ devices self-destruct when you enter a wrong password too many times. You may look into the mechanism they use - they have some info http://www.ironkey.com/en-US/resources/.

olinerd

http://www.tomshardware.com/news/SSD-RunCore-InVincible-self-destruct-NAND,15668.html make something similar: a self-destructing SSD that uses over-current to fry the device when you press a button. Combine with encryption (data is useless without a key) and a case that triggers the self-destruction when tampered with, and you're on your way.

devnull

That is fantastic, thanks for the link! So if it will work for a SSD, it should work for a USB drive. That's a good sign

fieldcannotbeblank

Thank you for the link as well. I like the Ironkey but it (at least the entry models) doesn't appear to be OS independent, e.g. the F100 series doesn't have *nix support :( I looked through their documentation for some ideas, but I've finding it difficult to discover how their data blanking mechanism works. Most of the whitepapers seem to be promotional materials. From what I can tell it's not physically destructive which I would prefer, but I can't say for sure at this time.

fieldcannotbeblank

Could you short not though the flash chip, but rather through some magnesium tape wrapped around it?

pompomtom

One word: Thermite. :-)

Thug

I'd've thought thermite would be tricky to ignite from a cap.

pompomtom

I'm imagining a small charge of compressed gas which, when triggered, drives a steel pin directly through the RAM chip.

Faint of Butt

Load more

Related Q & A:

Just Added Q & A:

Find solution

For every problem there is a solution! Proved by Solucija.

  • Got an issue and looking for advice?

  • Ask Solucija to search every corner of the Web for help.

  • Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.