USB encryption software!! Help Pros!!

Discussion in 'Computer Support' started by rAgAv, Mar 13, 2008.

  1. rAgAv

    rAgAv Guest


    I just bought a 8GB Flash drive (Kingston DataTraveler). I want to
    password-protect the USB drive.

    I've tried many softwares but they all need a software in the host PC
    to decrypt the drive whenever I want to read it.

    What I want is this:-

    1) When I put the USB in a computer, it must request for the genuine
    username password combination in a dialog box that appears when the
    disk is inserted. After the genuine combination is entered, it should
    work normally.

    2) In case the username password is unknown by someone who's found the
    USB, they shouldn't be able to format the disk.

    3) All this should happen irrespective of whether the software is
    present in the PC or not. (very very important!!)

    4) It should be able to partition the encryption so that I can
    maintain a small space in the drive where I can store public files
    that are not so important and can be opened without the password.

    I don't know if this is too much to ask for but, Is there any software
    for this?

    I would very much appreciate good suggestions.

    rAgAv, Mar 13, 2008
    1. Advertisements

  2. rAgAv

    Mad Dog Guest

    You could use TrueCrypt it's free. The following is from their Faq.

    Q: How can I use TrueCrypt on a USB flash drive?

    A: You have two options:

    1. Encrypt the entire USB flash drive. However, you will not be
    able run TrueCrypt from the USB flash drive.
    Note: Windows does not support multiple partitions on USB flash

    2. Create a TrueCrypt file container on the USB flash drive (for
    information on how to do so, see the chapter Beginner's Tutorial, in
    the TrueCrypt User Guide). If you leave enough space on the USB flash
    drive (choose an appropriate size for the TrueCrypt container), you
    will also be able to store TrueCrypt on the USB flash drive (along
    with the container - not in the container) and you will be able to run
    TrueCrypt from the USB flash drive (see also the chapter Traveler Mode
    in the TrueCrypt User Guide).

    Q: Is it possible to install an application to a TrueCrypt volume and
    run it from there?

    A: Yes.
    Q: How can I use TrueCrypt on a USB flash drive?
    Mad Dog, Mar 13, 2008
    1. Advertisements

  3. rAgAv

    PeeCee Guest

    Kingston Data Traveller should do 'most' of what you want.
    Explanation of how it works here :
    Public zone.
    Private zone
    256 bit AES encryption
    Total lockout after 10 invalid password attemps.
    However these drives cannont stop someone formatting the drive to wipe data.

    I do vaguely recall a USB stick that was not formatable, but I seem to
    remember once the total lockout had been triggered the drive fused itself.
    In this case the drive was just a piece of junk after that, at least with
    the Data Traveller you could reformat and reuse it if you got it back.
    Mind you if you didn't get it back at least the 'fused' model would be
    useless to the thief!

    Trying to second guess why you don't want the drive to be formatable'
    Two options occur to me:
    a) you want to ensure you can read the USB sticks contents if you got it
    b) To prevent someone maliciously wiping your data by formatting the drive.

    In the first case the weakness with this is you have to have no limit on the
    number of times an invalid password can be tried.
    You can't have a limit on the number of attempts because the drive has no
    way of knowing when you've gained control over the drive again.
    All the thief has to do is start a brute force password program and
    eventually they will have access to your data.

    The 'reasonable' response to brute force attack is to limit the number of
    invalid passwords you can try and either lock the data permanently or to
    fuse the drive.

    As for preventing someone wiping your data by formatting the drive, the only
    way I know to stop that is to store the data on a read only device.
    You could possible get a USB stick made with your data in a read only ROM,
    but then you become exposed to a brute force attack as explained above.
    And if it is a read only device how do you make changes to your data?

    PeeCee, Mar 13, 2008
  4. I second Mad-Dog's recommendation of Truecrypt. As it applies to your
    requirements is interlaced below:

    Truecrypt would require its software to decrypt data. In "traveller
    mode" (see manual), the drivers would reside unencrypted on your flash
    drive and the encrypted data would be contained in "container files".
    Doing this automatically on a USB drive is difficult because not all
    Windows flavors recognize autoplay on insertion of a USB device.
    However you can start up the driver manually if it is contained
    unencrypted on the flash drive. (Requires Administrator privilege on
    local machine in Windows)
    This would require hardware in the USB drive to accomplish. Being that
    you've already purchased your drive (presumably without such hardware),
    this is probably impossible with any solution.
    With Truecrypt, the driver can be stored unencrypted on the flash
    drive itself. You do need administrator privilege to execute it,
    Truecrypt allows you to create encrypted "container files" of whatever
    number and size you choose. Any remaining storage space can be used
    for unencrypted data.


    John Wunderlich, Mar 13, 2008
  5. rAgAv

    Phat Sam Guest

    On Wed, 12 Mar 2008 21:34:39 -0700 (PDT), rAgAv

    Sounds like you want a "Sandisk Cruzer". but want to pay for a cheaper
    knock-off clone..... Granted, I don't have a Cruzer myself, I have
    a cheap clone, but then again I use my drives for temporary storage
    and to transfer files to other people's computers. I use mine like a
    large floppy disk....
    Phat Sam, Mar 13, 2008
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.