With the recent craze over the Heartbleed Bug, now is a great time to visit ways to protect your information and data. This becomes even more important when data protection and encryption is necessary for your specific career, which may deal with individual’s private information. Although we can’t say for sure whether companies use USB sticks to transfer private files, there still poses the idea that this would be an excellent storage source that should require encryption. Thanks to our friends at Kingston, we have the opportunity to do just that. Today, we are taking an in-depth look at the Kingston DataTraveler Vault Privacy 3.0 Anti-Virus USB flash drive.
SPECIFICATIONS
The packaging for the DTVP 3.0 is simple, just as the rest of Kingston’s products, as the USB flash drive is clearly visible through the plastic. Included with the USB flash drive is a five-year warranty for manufacturer defects.
The USB flash drive is available in three different models: the DataTraveler Vault Privacy 3.0, or you can choose the anti-virus or management-ready versions. The drive can also be purchased in 4, 8, 16, 32 and 64 GB capacities, but today we are looking at the 32 GB.
Kingston has the DTVP 3.0 listed to have read speeds reaching 250 MB/s and write speeds reaching 40 MB/s over USB 3.0. Meanwhile, the lower capacities feature lower throughput, and the 64 GB capacity has higher write speeds.
PRIVACY FEATURES
The security of the drive is all hardware-based, meaning that the drive itself does not require any additional software in order to provide complete encryption or protection to the drive. This just makes encrypting your data that much easier. The USB drive encrypts your data with the 256-bit Advanced Encryption Standard (AES) in XTS mode, but what does that really mean? Essentially, AES takes blocks of 128 bits of data, and translates them into a different language, what is known as ciphertext. This is the most basic form/mode of AES encryption, which is refered to as Electronic Code Book (ECB). Each individual block that has been translated is individually encrypted. The downfall with this encryption is that the pattern used for encryption is easy to spot.
The next mode for encryption under AES is called Cipher Block Chaining (CBC). Similar to ECB, it translates that 128 bit block of data into ciphertext, however that resulting ciphertext from the first 128 bit block is used to encrypt the next 128 bit block. This overall process makes sure that every identical data block is translated into a different ciphertext, thus making it more difficult to spot patterns. The newest mode of encryption is XTS Block cipher mode, which encrypts the data using two different encryption keys. Basically, the algorithm encrypts the block of text with a ‘tweaked’ key of AES, and then encrypts that product again with the ‘tweaked’ key. This way by passes having to chain the encryption together, and diffuses any patterns that may be visible.
The image above shows you an example of the different encryption; the first image being a figurative 128 bit block of data, the second showing you ECB encryption and the outline/pattern of the data block, and the third showcasing XTS encryption. As you can see, XTS does a fantastic job of completely hiding any pattern that may have been generated. Kingston has posted an excellent resource that details the specific of each encryption method.
Turning our focus back to the USB flash drive, it can also be switched into ‘Read-Only Access Mode’. By doing so, the files that are on the drive can only be read and not altered in any way. This is an excellent way to easily prevent any sort of malware from altering and corrupting your files.
If that wasn’t enough, you can also set a password for the USB flash drive so that only you, or whoever actually needs to use the drive, have access to the files on the USB flash drive. If by chance you were to lose the drive, Kingston has implemented a lock down after 10 failed password attempts. The USB flash drive will lock down and will reformat, erasing any and all data found on the drive.
The DTVP 3.0 that is equipped with the anti-virus protection will take good care of the drive’s contents from anything from viruses to Trojans and worms. Provided by ESET, the drive can instantly alert you about any potential threat to the drive. The great part of this feature is that you do not have to install anything, and it is pre-installed with a license for five years.
The management-ready version of the DTVP 3.0 is developed and geared mainly towards IT professionals. It allows administrators to use it as a stand-alone drive, or adding as a part of the central management solution, and can be used to configure or remotely reset passwords and configure device policies.
Kingston has even added USB 3.0, which allows you transfer your secure data much faster than USB 2.0. Additionally, the DataTraveler Vault Privacy 3.0 is backwards compatible to USB 2.0. This means that if your USB port on your computer is not blue in colour, then you can still use the drive. You will just receive that annoying notification from Windows letting you know that the drive can perform faster in a USB 3.0 port. If your computer is not equipped with the latest USB technology, then we encourage you to have a look at our report of the HighPoint 4-Port HBA. This PCIe expansion card easily allows you to add four additional USB ports to your system, as well as the addition of USB 3.0 technology.
I see that it can supposedly be switched to read-only mode. Is this done through a hardware switch, or is it done through software? If the latter, what’s to prevent malware from flicking the switch?