|Previous news story Next news story|
Lexar LockTight tested
Lexar announced their LockTight technology back in February. LockTight is essentially an encryption and access control system which ensures that 'locked' CompactFlash cards can not be used in unauthorized cameras or read by unauthorized users on any computer but your own (and with the correct username and password). We've had an opportunity to test a Beta version of the LockTight software, card and card reader with our review Nikon D2X. UPDATE: We have received a clarification about how exactly the encryption is carried out. (2nd update)
There are four main components to to Lexar's LockTight technology. The first is the card itself, which appears to be a fairly typical Lexar Professional series high speed (80x) Type I CF card except for the LockTight logo (initially available in 512 MB and 2 GB capacities). Next is the card reader, Lexar's new Professional high-speed Firewire reader which supports both LockTight and Active Memory (AMS). The third component is the camera, for now only Nikon D2X and D2Hs digital SLR's support LockTight but clearly Lexar's hope is for wider support in the future.The fourth and last component is the software, this is made up of the Admin application (for protecting and assign permissions) and the Access utility (for enabling access to the card on the desktop). Note: this article is based on a Beta verision of the Mac (OS X) software.
Lexar has provided us with the following explanation as to how data is protected on the LockTight cards: (we understand that the encryption is carried out on the communications layer between the card and camera/computer rather than the data itself).
“Lexar employs a unique strategy to protect data on LockTight cards. LockTight cards are always “locked”. In other words no computer or camera can read or write data from/to a LockTight card until a critical authorization process takes place between the LockTight card and the host computer or host camera. This authorization process is where the 160-bit HMAC SHA-1 hash algorithm is employed.”
The Admin application allows you to manage your database of cards, users and cameras as well as actually setting or removing protection for a card. The application itself is protect from unauthorized use by an administrator login and password which is assigned upon first use, you can have multiple administrators. Each LockTight card is entered into your database by simply inserting it with LockTight Admin running, upon first insertion the card is identified and you are prompted to attach a description to it.
The next step is to create users, each user has a name, userid and password.
The next step is to add your camera, with LockTight Admin running you need to connect the camera in Mass Storage USB mode. The camera is immediately identified by Admin and you are asked to attach a description.
Finally we can assign permissions to this card, this is a simple case of drag and drop. Just select the users you wish to have permission to the card and drop them into the Users section of the card list, again the same is done for the camera. Hence the card shown below can be read by Phil or Simon (in the Lexar card reader) and can only be used in the 'dpreview.com D2X'.
Finally if you wish to remove LockTight protection from a card simply drag the card to the Trash Can icon in the bottom right corner, the Admin utility warns you that the card will now be securely formatted and all data permanently lost. After this has executed the card acts like a normal CF and can be accessed again in all cameras and readers.
The Access utility is the 'key' which opens protected cards. Run LockTight Access then insert a protected card and you are prompted for a username and password to enable access to the card. Once this had been entered correctly the card operates just like any other removable device.
How well protected? / Conclusions
As you may expect attempting to use a protected card in another camera displays either a 'Not Formatted' or 'Card Error' warning. Attempting to format the card in a different camera (a Canon EOS-1Ds Mark II) fails with a 'Cannot Format' error, returning the card back to its assigned D2X showed that no images had been lost or damaged. Attempting to read the card in another card reader or on another computer using the Lexar card reader also failed to work, Windows didn't even register that a card had been inserted.
So it's clear that the Lexar LockTight technology really does work. For the extra peace of mind and security it can provide LockTight does exactly as intended. It's a shame that for now it's limited only to Nikon's D2X and D2Hs digital SLR's, its wider use depends largely on the devices which support it.