Friends,

First off, I'd like to thank each one of you for setting up such a fantastic supporting network to help each other.


Here's what I want to do and I think this is feasible but haven't done it myself as my focus can been more architecting web and DW solutions.

I'd like to provide my users with some confidential data on a thumb (flash) drive. There are multiple reasons I have decided upon a flash drive (see below).

What I'd like to have on the flash drive is a interface layer that performs an ID check by way of password key or biometric (finger print) options, that will in turn use an AES standard decryption routine to decrypt the sensitive information and display it to the user.

In the event that the wrong password is entered more than 12 times; I'd like a self destructive routine to enable itself on the flash drive and erase the entire content from the flash drive or lock it - primarily to avoid hackers hacking it if they find one of these thumb drives.

What I'd like to know is -

  • Is this implementation possible?
  • If yes, what technology should we use to build this interface?
  • How complicated is it to build such an application?
  • And the best part, anyone having "very" similar expr has a job (please PM me).

Thanks and I look forward to some very encouraging responses :)

Peace.

Recommended Answers

All 3 Replies

Friends,

First off, I'd like to thank each one of you for setting up such a fantastic supporting network to help each other.


Here's what I want to do and I think this is feasible but haven't done it myself as my focus can been more architecting web and DW solutions.

I'd like to provide my users with some confidential data on a thumb (flash) drive. There are multiple reasons I have decided upon a flash drive (see below).

What I'd like to have on the flash drive is a interface layer that performs an ID check by way of password key or biometric (finger print) options, that will in turn use an AES standard decryption routine to decrypt the sensitive information and display it to the user.

In the event that the wrong password is entered more than 12 times; I'd like a self destructive routine to enable itself on the flash drive and erase the entire content from the flash drive or lock it - primarily to avoid hackers hacking it if they find one of these thumb drives.

What I'd like to know is -

  • Is this implementation possible?
  • If yes, what technology should we use to build this interface?
  • How complicated is it to build such an application?
  • And the best part, anyone having "very" similar expr has a job (please PM me).

Thanks and I look forward to some very encouraging responses :)

Peace.

The wikipedia article discusses some of this, including fingerprint authentification (scroll to the bottom).

http://en.wikipedia.org/wiki/USB_flash_drive#Design_and_implementation

I think you mostly need the host computer's operating system to run any program, so any program stored on the flash drive is going to be run on the host computer, not the flash drive (there's no CPU on the flash drive, I don't think). The encryption shouldn't be a problem, but the self destruction after 12 tries might be a lot harder. I'm not sure there's any way you can prevent someone from taking the encrypted data off of the thumb drive, even if they can't decrypt it, without knowing the password. Thus once the data is safely off of the thumb drive, self destruction after 12 unsuccessful attempts doesn't do you any good since they already have it safely stored somewhere else in its raw form and can decrypt it at their leasure.

However, unless there is some vulnerability in the program that does the encryption/decryption, you can give anybody in the world as many tries as they want and they're not going to break AES. I don't think even the NSA can break AES (not that they'd tell us if they could), so I think the question breaks down to this. Anyone who can break the encryption will be able to bypass any copy protection and self destruct features, so just stick with the encryption, which should be plenty good enough, and don't worry about someone finding it because they won't be able to decrypt it. This has already been done, both with encryption and fingerprints (see the wikipedia article).

I thought there are already such product in the market? Go google "secure usb flash drive".

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.