Vulnerability to Flash Controller for Secure USB Drives

Jaein Kim, Youngjun Lee, Kyungroul Lee, Taeyoung Jung, Dmitry Volokhov, and Kangbin Yim^*

Soonchunhyang University, Asan, Republic of Korea
{boxbop, dogehk, carpedm, jtyworld, dmitry, yim}@sch.ac.kr

Abstract
This paper analyzes a vulnerability in the flash controller for secure USB drives, which is meant to enable secure USB drives to prevent unauthorized access to the data stored on them. This controller divides a driver into several partitions, one of which is configured as a secure area to store secret information. Generally, secure USB drives supporting multiple partitions may have three different areas, such as a CD-ROM area, a secure area, and a hidden area. The CD-ROM area stores the application software that manages security functions, the secure area stores the data that users wish to protect, and the hidden area stores secure information for user authentication. In this environment, it is a requirement that no one can access the data stored in the secure area when the user authentication fails. Nevertheless, attackers can access the secure area if they manipulate a vulnerability in the flash controller within the USB flash drive. In this paper, we analyze and verify this vulnerability. We expect our results will provide manufacturers with useful information for making a more secure USB flash controller.
 

Keywords: Vulnerability Analysis, Secure USB drive, Flash Controller

*: Corresponding author: Kangbin Yim
Dept. of Information Security Engineering, Soonchunhyang Univeristy, 646 Eupnae, Shinchang, Asan, Republic of Korea, Tel +82-(0)41-5301741, Web: http://lisa.sch.ac.kr

Journal of Internet Services and Information Security (JISIS), 3(3/4): 136-145, November  2013 [pdf]