offlinelol.blogg.se - february 2022

#Turn on encryption my passport for mac software
#Turn on encryption my passport for mac password

Strong derivation would use a random salt, which then requires a source of randomness, and there is no reason otherwise to have a dedicated chip for randomness on the drive.

#Turn on encryption my passport for mac password

The derivation from the password to the key which encrypts K is probably weak, because:

Adding a MAC would likely increase development costs or decrease performance or both since they don't boast about it, chances are that there is no MAC. I assume this because a MAC requires some extra space (just a few bytes) which would destroy the nice powers-of-two sizes of individual sectors. The encryption with K does not include checked integrity (i.e. This is about the amount of what can be deduced from the information. When the password is removed, it is actually replaced with a convention password (i.e. When the user changes his password, K is decrypted with the old password and re-encrypted with the new. When the disk is unlocked, K is decrypted with the password, and kept in some RAM on the disk (disks have RAM, several megabytes, if only for caching). one hour), one can surmise that the drive data is encrypted with a drive-specific key K, which never changes, and that key is stored somewhere on the disk (possibly in some EEPROM) encrypted with a password-derived key. Since the user password can be changed (page 28) without implying a complete re-encryption of the disk (it would take some non-negligible time, e.g.

The encryption uses a key which is derived more or less directly from the user password.

The screenshot page 26 shows a warning to the effect that WD themselves won't be able to recover the data when a password is lost, so it is probable that: This reinforces the idea that everything occurs on the drive.

#Turn on encryption my passport for mac software

, we also see that a locked drive can still be used on a machine where the WD software is not installed, provided that you still use the software for a one-time unlock operation (this application is shown by the hard drive to the computer as a virtual CD-ROM emulated by the USB firmware on the drive). This hints at a security feature done on the drive itself, not in software on the host computer. All we can do is infer.įrom the documentation, we see that the password must be re-entered in a number of conditions (drive unplugged, computer shut down, computer put to sleep.) which boil down to: the drive was not powered at some time. What isn't documented, is not documented.