User Manual
14
15
Aegis Secure Key Brute-Force Protection
What is Brute-Force Attack?
A Brute-Force Attack is a means of breaching a cryptographic data defense scheme by
systematically running an astronomical number of decryption possibilities. With AES 256
having never been cracked, the data stored on a Secure Key is going to be more than
well-protected against brute-force. But brute-force attacks aren’t necessarily aimed at the
bulk of the data itself, but rather, at the drive’s access PINs. After all, PINs are usually
the weakest links of any data protection plan, and as such, PINs are essentially all that a
brute-force attack needs to decrypt. The default number of maximum incorrect PIN entries
allowed is 20, but can be programmed to be as few as four.
Brute-Force Protection
1. After three unsuccessful drive authentication attempts, the Aegis Secure Key will
automatically add additional time delays to each subsequent try thereafter. The RED
LED will blink the number of failed attempts after three, all the way up to the halfway
point of total allowed attempts, e.g. 10 total programmed attempts; halfway point is 5.
2. Once that halfway point of the number of unsuccessful authentication attempts is
reached, the keypad will lock up and the RED LED will blink at a rate of three ashes
per second. No additional PIN attempts will be recognized.
3. To unlock the keypad and regain the ability to enter a PIN, press and hold the 5 button
and the
button together until the RED and GREEN LEDs blink alternately.
4. Enter the code “LastTry” (5278879) and press the
button. The RED LED will glow
steadily. --You will now have the remaining 50% of PIN attempts.
5. When the key is successfully unlocked, the Brute-Force counter will return to zero.
The number of attempts possible, both before and after the LastTry (5278879) code is
entered, can be set (in Admin Mode) between two and ten attempts.
Setting the before/after attempts to the minimum of two would allow for a total of four
attempts (two before entering the LastTry code and two after.)
To program the number of Brute-Force attempts allowed:
1. Enter the Admin mode. (Hold
+ 0 for ve seconds – with the RED LED blinking, enter
the Admin PIN and press the button.) The BLUE LED will glow solidly.
2. Press and hold the
+ 5 button for three seconds.
The RED LED will double-blink.
3. Press the number of before/after attempts desired on the numeric keypad ( 2 - 9 .)
The GREEN LED will blink the same number of times to correspond to the number
you have entered (for example: the 8 button will result in eight blinks, and yield eight
attempts before the LastTry code and another eight attempts after, yielding a total
of 16.) To return the key to its default setting, press the 1 then 0 keys to change the
number back to ten attempts.
Note: The number of before and after attempts are the same, i.e., 4 before / 4 after,
8 before / 8 after, etc.
Performing a Complete Reset
There may be circumstances (forgotten PIN, redeployment, return to factory default settings)
when you need to completely reset the key. The complete reset feature will perform a crypto-
erase on the key, generate a new encryption key, delete all users and formatting, and will
return all of the settings to factory default.
To perform a complete reset of the key, do the following:
1. Press and hold
+ LOCK + 2 together for ten seconds.
The RED and BLUE LEDs will blink alternately.
2. The GREEN and RED LEDs will glow solidly for several seconds, followed by the
GREEN LED glowing solidly for several seconds, followed nally by the GREEN and
BLUE LEDs glowing solidly which indicates that the reset is complete.
3. A new Admin PIN will need to be entered and the key will need to be reformatted before
it can be used again.