Full disk encryption isn’t quite dead

At least once a month, it seems some vendor or techie claims to have broken a version of a hard drive full-disk encryption (FDE) program scheme, whether it’s from Microsoft (my full-time employer), BitLocker, open source favorite TrueCrypt, or some other variant. All the stories and the hype are enough to make one wonder if FDE is dead.

The brief — and slightly qualified — answer is no. There are a handful of clever attacks, as well as software to make them easier to pull off. Luckily there are easy ways to prevent most of them. We will start, however, with an attack that doesn’t have an easy defense.

[ A malicious Facebook ad is redirecting users to fake antivirus software. | Learn how to secure your systems with Roger Grimes’ Security Adviser blog and Security Central newsletter, both from InfoWorld. ]

Cold boot attack In February 2008, a team including Princeton’s Dr. Edward Felton — one of the world’s premier computer security researchers — used an interesting intrinsic property of computer memory to successfully hack BitLocker [PDF]. It turns out that computer memory chips will hold their contents from a few seconds to a few minutes after the computer’s power is turned off. Further, lowering the temperature or freezing the chips enables the contents to remain in play much longer — enough time to be transferred to another specialized analysis computer so that the data can be copied to permanent storage. The attack team could then search for the primary BitLocker encryption key and unlock the data.

The “cold boot” attack is perhaps the toughest attack to defend against on a computer without specialized crypto-hardware. The flaw lies more with computer memory than the involved crypto. All software-based crypto has to eventually place the decryption key in normal memory in an unprotected state so that it can be used to decrypt the hard drive. An attacker can always find the unprotected key when he or she has a copy of memory to examine.

This plan requires the attacker to somehow acquire the victim’s computer while it’s powering down, just after it’s powered down, or when it’s coming back up from a suspended or standby state. Then the attacker has to freeze the chips, transfer them to another specialized computer, and use specially built software to find the key for the FDE cipher. If you’re worried about this attack, make sure your unattended, powered-on computers have good physical security; alternatively, consider using hardware crypto solutions that are resistant to cold boot attacks.

Manipulating cold memory chips isn’t for the faint at heart. Over the past two years, other researchers realized they could capture memory on powered-up computers by using the 1394 FireWire port found on most higher-end laptops. Here’s one discussion detailing how to crack BitLocker using the FireWire memory attack [PDF].

Exploitation via FireWire Prolific crypto- and password-cracking vendor Passware recently announced that it could crack both BitLocker- and TrueCrypt-protected disk volumes using the FireWire method. Theoretically, one can carry off similar attacks via a DMA-enabled port, such as PCI. These attacks can ultimately be successful against any software crypto product that does not use specialized hardware.

Dmitry Sumin, president of Passware, confirmed the news: “I think we could [crack] any of the popular [software FDE products]. It’s a question of time and developing the key-finding algorithm.”

The defense I discussed earlier against cold boot attacks can be used to defeat FireWire attacks. You can also beat them by simply disabling your FireWire port until needed. I asked Sumin if any of Passware’s FDE-cracking products could break into a non-powered-on computer or if the 1394 port was disabled. He said, “No. We have a brute-force attack, but the encryption is rather secure if you have a good enough password.”

The FireWire port can often be enabled or disabled through a computer’s BIOS settings or in Device Manager within Microsoft Windows. Most Linux and Unix flavors allow the FireWire port to be disabled using a boot-up command switch, a recompiled kernel, or a command-line instruction — although the last option usually does not survive reboots. Most Mac support blogs suggest unloading the AppleFWOHCI.kext kernel extension.

Unfortunately, if you have PCI, PCMCIA, or related card slots, someone can slip in a FireWire adapter card, and it will function as well as an enabled FireWire port. I’ve seen this attack mode demonstrated, and I was impressed. Turning off all DMA-enabled ports is harder to do and will probably significantly affect performance (and possibly operating system stability), so I’m not sure I recommend it. Still, you can find coverage of a wide range of port-memory attacks and mitigations across multiple platforms. If you can’t keep your powered-on computers physically secure when not in use, keep them powered off or in hibernation mode.

One way to prevent memory attacks is not to store the decryption key in normal memory. The Trusted Platform Module (TPM) chip from the Trusted Computing Group is an attempt to provide greater protection to crypto keys using specialized hardware. Most enterprise-class computers now come with a TPM chip, and several crypto vendors can take advantage of it, including Microsoft with BitLocker.

Out of sight A researcher recently accomplished an attack against the TPM chip using an electron microscope to find a BitLocker. Needless to say, this type of attack requires not only an expensive microscope, but a highly skilled individual or team of individuals. Microsoft pointed out that the TPM attack could be prevented by using any two-factor BitLocker mode that requires TPM, plus an external PIN or smart card. The electron microscope may get the key stored in the TPM chip, but it can’t find the PIN in the human mind — yet.

Some other FDE attacks involve intercepting the boot-up cycle in such a way that malware is able to bypass the crypto or eavesdrop on the decryption key; a whitepaper [PDF] from iViZ Security details such an attack. Many other hackers have created rootkits that attempt to do the same thing. Some attacks work as advertised, but others require the involved products to be configured in nondefault states or in configurations not recommended by the vendor.

Most important, all of the attacks that I’m aware of require prior successful admin or root access to the victim’s computer. If the attacker has that sort of access, why not just steal the data? You’re already in full control of the box and can easily copy the info. Why start a secondary attack when you’ve already bypassed the encryption? It doesn’t make sense.

I’ve read about other attacks that require hardware key loggers, fake boot-up screens that steal the boot-up PIN or password, or out-of-channel attacks, such as secretly placed cameras that record end-users’ keystrokes. My personal favorite attack scenario is to steal the protected computer and wait the months or years that it might take for the host operating system or running applications to suffer a remotely exploited buffer overflow, which the attacker then leverages.

FDE defense So, yes, FDE can be compromised. At least one assault, the cold boot memory exploit, is difficult to defend against if the attacker has the access, tools, and techniques. To counter that offensive, use good physical security or a crypto method that doesn’t rely on normal computer memory chips.

The rest of the attacks can be prevented by using a strong FDE solution, two-factor crypto authentication, and hibernation instead of standby or suspend mode if you’re not powering down between active sessions. Disabling unneeded interface ports (and DMA if possible) works as well.

Try to remember that risk is relative. Today’s low-cost FDE programs prevent most of the attacks that any common computer would likely face. In most cases, FDE solutions are trying to prevent common thieves or unauthorized employees from easily accessing protected data. The sophisticated, persistent attacker with enough time and motivation will probably get to your data with or without the use of encryption.

In reality, there are much easier ways to steal data than to attack the crypto. First, any common thief could just threaten the computer’s user for the decryption PIN or password. Instead of spending $70,000 on an electron microscope, the thief could spend $10 on a knife. Or what about the widespread success of social engineering or spear-phishing Trojan horse programs? They infect tens of millions of computers with an incredible success rate, and they probably cost less than a knife.

To paraphrase computer security expert Bruce Schneier, if FDE encryption is the weak link in your security defense, you’re doing better than everyone else. Conversely, if you have a legitimate need to access an encrypted hard drive and the right set of circumstances, vendors such as Passware can make it easier to accomplish.

This story, “Full disk encryption isn’t quite dead,” was originally published at InfoWorld.com. Follow the latest developments in security and read more of Roger Grimes’s Security Adviser blog at InfoWorld.com.