Identity Manager Protection; Product Specifications - Kingston Technology imation S250 User Manual

The device password is hashed using salted SHA-256 before being transmitted to the device
firmware over a secure and unique USB channel. It is stored in an extremely inaccessible
location in the protected Cryptochip hardware. The hashed password is validated in hardware
(there is no "getPassword" function that can retrieve the hashed password), and only after the
password is validated is the AES encryption key decrypted. The password try-counter is also
implemented in hardware to prevent memory rewind attacks. Typing your password incorrectly
too many times initiates a permanent "flash-trash" self-destruct sequence, which is run in
hardware rather than using software, ensuring the ultimate protection for your data.

IDENTITY MANAGER PROTECTION

The Identity Manager and your online account work together, allowing you to back up your
online passwords to your Online Security Vault. First, you must unlock your device using two-
factor authentication. Your passwords are securely stored in a hidden hardware-encrypted area
inside the device (not in the file system), being first locally encrypted with 256-bit AES, using
randomly generated keys encrypted with a SHA-256 hash of your device password. All of this
data is then doubly encrypted with 128-bit or 256-bit AES hardware encryption. This is the
strongest password protection we have ever seen in the industry.
When you back up your passwords online, your device performs a complicated public key
cryptography handshake with Imation's services using RSA 2048-bit keys. After successful
authentication, your encrypted block of password data is securely transmitted over SSL to your
encrypted Online Security Vault within one of our highly-secure data facilities.

Product specifications

For details about your device, see "Device Info" in the Control Panel settings.
Specification
Capacity*
Dimensions
Weight
Waterproof
Operating Temperature
Operating Shock
Hardware Encryption
FIPS Certifications
Hardware
IMATION PERSONAL - POWERED BY IRONKEY - USER GUIDE
Details
Up to 64GB, depending on the model
75mm X 19mm X 9mm
0.8 oz
MIL-STD-810F
0C, 70C
16G rms
• Data: 256-bit AES (CBC Mode)
• Hardware: 256-bit AES
• Hashing: 256-bit SHA
• PKI: 2048-bit RSA
See www.imation.com/en-US/Mobile-Security/Certifications for details.
USB 2.0 (High-Speed) port recommended, USB 1.1
PAGE 8