What you really need to know about USB encryption… (Hint: It’s not all about the encryption)There are many types of encryption security algorithms out there in the world of cryptography. In the US, the National Institute of Standards and Technology has made AES (Advanced Encryption Standard) the standard for the Federal government USB flash security. All encryption algorithms used for encrypted flash drives have a single key, and this key is used to both encrypt and decrypt the data. As you can imagine, it is very important to protect this key because no matter how great the encryption algorithm is, if the key is found, the data can be decrypted. When software encryption is used, this key is stored either in the flash memory of the USB drive or on the computer or network that originated the file encryption. Neither of these cases of key storage is desirable:
- It is commonly understood that an encryption key should not be stored in the same place that the encrypted data is stored. This is like having the combination to a lock taped to the back of the combination lock.
- If an encryption key is stored on a computer or network, this significantly reduces the usability of the USB flash drive since it must be connected to that computer/network to access the files. This is similar to leaving the combination to a lock at home (and not memorizing the sequence) but wanting to use the lock while on a trip.