Aloaha
Encyclopedia
Aloaha is a privately owned company with offices in Ibbenbueren, Germany
. Their document and security products have been used extensively in various areas.
in sizes ranging from 4 GB
to 32 GB. All drives contain the same level of hardware smart card
encryption
and are structured with one partition holding an encrypted drive image for the secure area. It includes a portable version of Mozilla Firefox
, Mozilla Thunderbird
, Password Safe
(an account/password management software), and Tor
along with anti-malware software.
One of the key design features of the Aloaha Secure Stick is a self-blocking mechanism which activates after the user enters his PIN incorrectly a certain number of consecutive times.
Another key feature is the capability to boot an encrypted OS directly from the stick if the Host OS supports booting from USB.
The open source Tor
anonymizer
network
is offering the end-users a secure and private web browsing by routing network traffic through a random selection of nodes
.
Password Safe is a password management tool. The Password Safe stores the passwords of a user in a smart card encrypted format on the device, and connects to Mozilla Firefox
and Internet Explorer
, allowing automatic logins. This prevents malware from simply copying an account database off the device for a later attack. Passwords are only visible in memory for a matter of seconds while being populated onto the web form.
Aloaha Crypt is the hard drive encryption software responsible for the encryption of the stick.
-based potting compound to protect against tampering as well as increase waterproofing
, along with increasing the device's strength. Additionally, there is a coating over the chipsets that senses any tampering by a change in the electrical impedance. It tends to be a bit larger and heavier than most current flash drive
s.
256-bit CBC encryption
together with smart card
based RSA hardware encryption.
(specifically Windows 2000
SP4, Windows XP
SP2, Windows Vista
, Windows Server 2008 R2
and Windows 7) users.
Most of the larger flash drive manufacturers have released similar products with varying feature sets; some of the more well known examples of which are:
A security flaw disclosed in January 2010 revealed that some Kingston, Sandisk, and Verbatim drives could be decrypted. Sandisk and Verbatim both issued a software update to resolve the issue, while Kingston offered to replace all affected devices.
Alternatively, software based disk encryption systems
can be used with any USB flash drive
and provide practically equivalent functionality with higher security but at a significantly lower cost.
Germany
Germany , officially the Federal Republic of Germany , is a federal parliamentary republic in Europe. The country consists of 16 states while the capital and largest city is Berlin. Germany covers an area of 357,021 km2 and has a largely temperate seasonal climate...
. Their document and security products have been used extensively in various areas.
Overwiew
Aloaha manufactures a range of secure USB flash drivesUSB flash drive security
Secure USB flash drives protect the data stored on them from access by unauthorized users. USB flash drive products have been on the market since 2000, and their use is increasing exponentially...
in sizes ranging from 4 GB
Gigabyte
The gigabyte is a multiple of the unit byte for digital information storage. The prefix giga means 109 in the International System of Units , therefore 1 gigabyte is...
to 32 GB. All drives contain the same level of hardware smart card
Smart card
A smart card, chip card, or integrated circuit card , is any pocket-sized card with embedded integrated circuits. A smart card or microprocessor cards contain volatile memory and microprocessor components. The card is made of plastic, generally polyvinyl chloride, but sometimes acrylonitrile...
encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
and are structured with one partition holding an encrypted drive image for the secure area. It includes a portable version of Mozilla Firefox
Mozilla Firefox
Mozilla Firefox is a free and open source web browser descended from the Mozilla Application Suite and managed by Mozilla Corporation. , Firefox is the second most widely used browser, with approximately 25% of worldwide usage share of web browsers...
, Mozilla Thunderbird
Mozilla Thunderbird
Mozilla Thunderbird is a free, open source, cross-platform e-mail and news client developed by the Mozilla Foundation. The project strategy is modeled after Mozilla Firefox, a project aimed at creating a web browser...
, Password Safe
Password Safe
Password Safe is a free and open source software program for storing passwords in Microsoft Windows. A beta version is also available for Ubuntu and Debian operating systems. A Java-based version is also available on SourceForge.- Design :...
(an account/password management software), and Tor
Tor (anonymity network)
Tor is a system intended to enable online anonymity. Tor client software routes Internet traffic through a worldwide volunteer network of servers in order to conceal a user's location or usage from someone conducting network surveillance or traffic analysis...
along with anti-malware software.
One of the key design features of the Aloaha Secure Stick is a self-blocking mechanism which activates after the user enters his PIN incorrectly a certain number of consecutive times.
Another key feature is the capability to boot an encrypted OS directly from the stick if the Host OS supports booting from USB.
Bundled software
The inbuild Aloaha Smartcard Middleware (Aloaha Cardconnector) supports currently approx. 45 different smart cards.The open source Tor
Tor (anonymity network)
Tor is a system intended to enable online anonymity. Tor client software routes Internet traffic through a worldwide volunteer network of servers in order to conceal a user's location or usage from someone conducting network surveillance or traffic analysis...
anonymizer
Anonymizer
An anonymizer or an anonymous proxy is a tool that attempts to make activity on the Internet untraceable.It is a proxy server computer that acts as an intermediary and privacy shield between a client computer and the rest of the Internet...
network
Computer network
A computer network, often simply referred to as a network, is a collection of hardware components and computers interconnected by communication channels that allow sharing of resources and information....
is offering the end-users a secure and private web browsing by routing network traffic through a random selection of nodes
Node (networking)
In communication networks, a node is a connection point, either a redistribution point or a communication endpoint . The definition of a node depends on the network and protocol layer referred to...
.
Password Safe is a password management tool. The Password Safe stores the passwords of a user in a smart card encrypted format on the device, and connects to Mozilla Firefox
Mozilla Firefox
Mozilla Firefox is a free and open source web browser descended from the Mozilla Application Suite and managed by Mozilla Corporation. , Firefox is the second most widely used browser, with approximately 25% of worldwide usage share of web browsers...
and Internet Explorer
Internet Explorer
Windows Internet Explorer is a series of graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating systems, starting in 1995. It was first released as part of the add-on package Plus! for Windows 95 that year...
, allowing automatic logins. This prevents malware from simply copying an account database off the device for a later attack. Passwords are only visible in memory for a matter of seconds while being populated onto the web form.
Aloaha Crypt is the hard drive encryption software responsible for the encryption of the stick.
Hardware
All models of Aloaha share the same case design. Aloaha utilizes a strong outer casing to protect against physical damage, and the internal components are sealed with an epoxyEpoxy
Epoxy, also known as polyepoxide, is a thermosetting polymer formed from reaction of an epoxide "resin" with polyamine "hardener". Epoxy has a wide range of applications, including fiber-reinforced plastic materials and general purpose adhesives....
-based potting compound to protect against tampering as well as increase waterproofing
Waterproofing
Waterproof or water-resistant describes objects relatively unaffected by water or resisting the ingress of water under specified conditions. Such items may be used in wet environments or under water to specified depths...
, along with increasing the device's strength. Additionally, there is a coating over the chipsets that senses any tampering by a change in the electrical impedance. It tends to be a bit larger and heavier than most current flash drive
USB flash drive
A flash drive is a data storage device that consists of flash memory with an integrated Universal Serial Bus interface. flash drives are typically removable and rewritable, and physically much smaller than a floppy disk. Most weigh less than 30 g...
s.
Supported smart cards
- German D-Trust/T-Systems Telesec/SignTrust/TC-Trustcenter/Banking Cards
- German Health- and Health Professional Cards (eGK/HBA/SMC)
- QuoVadisQuoVadisQuoVadis is a Certificate Authority, a Trusted Third Party which issues digital certificates for authentication and digital signatures.QuoVadis is a Qualified Certification Services Provider in several countries. This means that QuoVadis is accredited by those countries to issue Qualified...
- Swiss SuisseID
- Belgium Belpic
- Austrian e-ID
- Saudi Arabia
- CardOS
- SECCOS
- Micardo
- StarCOS
- Java/JCOPJava Card OpenPlatformJava Card OpenPlatform is a smart card operating system for the Java Card platform developed by IBM Zürich Research Laboratory.On 31 January 2006 the development and support responsibilities transferred to the IBM Smart Card Technology team in Böblingen, Germany.Since July 2007 support and...
- MULTOSMULTOSMULTOS is a multi-application smart card operating system, that enables a smart card to carry a variety of applications, from chip & pin application for payment to on-card biometric matching for secure ID and ePassport...
- MIFAREMIFAREMIFARE is the NXP Semiconductors-owned trademark of a series of chips widely used in contactless smart cards and proximity cards. According to the producers, billions of smart card chips and many millions of reader modules have been sold...
- in all approx. 45 cards
Encryption
Aloaha Secure Stick (released in 2005) uses AESAdvanced Encryption Standard
Advanced Encryption Standard is a specification for the encryption of electronic data. It has been adopted by the U.S. government and is now used worldwide. It supersedes DES...
256-bit CBC encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
together with smart card
Smart card
A smart card, chip card, or integrated circuit card , is any pocket-sized card with embedded integrated circuits. A smart card or microprocessor cards contain volatile memory and microprocessor components. The card is made of plastic, generally polyvinyl chloride, but sometimes acrylonitrile...
based RSA hardware encryption.
Operating system support
The supporting software is available to Microsoft WindowsMicrosoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
(specifically Windows 2000
Windows 2000
Windows 2000 is a line of operating systems produced by Microsoft for use on personal computers, business desktops, laptops, and servers. Windows 2000 was released to manufacturing on 15 December 1999 and launched to retail on 17 February 2000. It is the successor to Windows NT 4.0, and is the...
SP4, Windows XP
Windows XP
Windows XP is an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops and media centers. First released to computer manufacturers on August 24, 2001, it is the second most popular version of Windows, based on installed user base...
SP2, Windows Vista
Windows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
, Windows Server 2008 R2
Windows Server 2008 R2
Windows Server 2008 R2 is a server operating system produced by Microsoft. It was released to manufacturing on July 22, 2009 and launched on October 22, 2009. According to the Windows Server Team blog, the retail availability was September 14, 2009. It is built on Windows NT 6.1, the same core...
and Windows 7) users.
Partnerships
Omnikey/HID Global has partnered with Aloaha to produce the Aloaha Secure Stick.Competing products
Secure flash drives have become more common in recent years, following increases in reports of drives and laptops with confidential data being lost or stolen.Most of the larger flash drive manufacturers have released similar products with varying feature sets; some of the more well known examples of which are:
- LexarLexarLexar Media, Inc. is an American manufacturer of digital media products based in Fremont, CA. Products manufactured by Lexar include SD cards, Memory Sticks, keydrives, CompactFlash cards and card readers. Lexar's Memory Stick Duos also have versions adapted for the PSP which includes a version of...
: JumpDrive SecureII Plus - Kingston TechnologyKingston TechnologyKingston Technology Company, Inc. is an American privately held, multinational computer technology corporation that develops, manufactures, sells and supports flash memory products and other computer-related memory products. Headquartered in Fountain Valley, California, USA, Kingston Technology...
: DataTraveler Vault and DataTraveler BlackBox (with FIPS 140-2FIPS 140-2The Federal Information Processing Standard Publication 140-2, , is a U.S. government computer security standard used to accredit cryptographic modules. The title is Security Requirements for Cryptographic Modules...
Level 2 certification), and DataTraveler 5000 (with FIPS 140-2FIPS 140-2The Federal Information Processing Standard Publication 140-2, , is a U.S. government computer security standard used to accredit cryptographic modules. The title is Security Requirements for Cryptographic Modules...
Level 2 certification, and Level 3 pending). - UniKey Drive: 1GB, 4GB, and 8GB Data protection
A security flaw disclosed in January 2010 revealed that some Kingston, Sandisk, and Verbatim drives could be decrypted. Sandisk and Verbatim both issued a software update to resolve the issue, while Kingston offered to replace all affected devices.
Alternatively, software based disk encryption systems
Comparison of disk encryption software
-Background information:-Operating systems:-Features:* Hidden containers: Whether hidden containers can be created for deniable encryption...
can be used with any USB flash drive
USB flash drive
A flash drive is a data storage device that consists of flash memory with an integrated Universal Serial Bus interface. flash drives are typically removable and rewritable, and physically much smaller than a floppy disk. Most weigh less than 30 g...
and provide practically equivalent functionality with higher security but at a significantly lower cost.