I've written previously about my security concerns about the Addonics CipherUSB. The same device is also marketed under the names Black Square Enigma and Enova Enigma.

What follows is the additional information that I learned from doing a teardown.

The enclosure is easily pried apart and can be glued back together. Personally, I wouldn't depend upon tamper being detectable.

Inside is an implementation of Enigma's X-Wall DX reference design schematic (included in the device's datasheet). They've omitted the common-mode chokes on the USB differential lines (as an apparent cost-saving measure).

Interestingly, the schematic shows another possible tamper mechanism. Through the addition of a resistor, the chip can be placed in "bypass mode" where no encryption takes place. If the attacker can access the device before the user creates new media, this would give the user the false illusion that data is being encrypted, even when it is not.

Upon power-up, the X-Wall DX chip loads a 12kByte firmware image from the SPI Flash.

The X-Wall DX datasheet talks about storing the AES key in a dedicated I2C serial PROM, however neither the reference design nor the product itself has such a chip. Further investigation was necessary to determine how the AES key was stored.

When the user enters a new password into Enigma's Windows utility, the following happens in the hardware:

The chip reloads the entire 12kByte firmware image
It performs a block erase of the same SPI Flash memory region it just read
It programs a new 12kByte firmware image

From a reliability perspective, I'm uncomfortable with it re-writing its firmware image, as it would seem to allow the device to be "bricked".

It is also questionable as to the virtues of re-writing the entire firmware image. I've compared the firmware image across different passwords, and only 64 bytes of the 12kBytes changes each time. There is no apparent operational advantage to an entire re-write; one could just reprogram the AES key region.


back to main page contact