Whole-Disk Encryption Cracked
Early this week, some researchers at Princeton University’s Center for Information Technology Policy released a fascinating video of whole-disk encryption being cracked quite quickly and easily.
Whole-disk encryption products — such as PGP Whole Disk Encryption, TrueCrypt System Encryption, and Windows Vista’s BitLocker — work by encrypting the entire hard disk with a symmetric key, save for a small loader. When the computer is powered on, the loader prompts the user for a password or other authenticator (like a smart card or a certificate on a USB keyfob), which is used to decrypt the key. Assuming the correct authenticator is provided, the key is decrypted and then the OS is booted from the encrypted drive. The key remains in memory until the machine is powered off, since continuous access to the key is required to access the drive.
The purpose of whole-disk encryption is to protect against an attacker bypassing all of the operating system’s defenses (logins & passwords, filesystem ACLs, etc.) by simply pulling out the hard disk and putting it in another computer (or, equivalently, booting up a LiveCD on the system) such that the operating system isn’t loaded at all. Instead, the drive is mounted into an OS the attacker controls, where he has the ability to change ACLs, bypass logins, etc. With whole-disk encryption, you can’t do this — even if you steal a laptop, without the boot password the entire drive contains nothing but a useless encrypted bitstream.
(As a side note, Vista BitLocker has a mode in which the symmetric key is stored in the TPM of the laptop, so no boot password is required. At first this seems useless — why encrypt if decryption is automatic? — but it does provide protection against simply stealing the hard disk or booting into another OS. The OS being booted must be in that specific computer, as only it has the TPM, and must be BitLocker-aware and capable of getting the key from the TPM. It’s not completely secure in the stolen-laptop scenario, but neither is it useless.)
The Princeton group’s attack on whole-disk encryption relies on a little-known fact — computer memory (DRAM) is not wiped out when the system is powered off. Rather, it becomes unreliable, decaying over a period of seconds to minutes as it gets randomized bit by bit. It turns out that if cooled to a very low temperature, this decay is slowed considerably, to the point of being stable for tens of minutes. Thus, the attack is as follows: get access to a laptop that is currently operating (so that the whole-disk encryption key is in memory), spray the RAM with an inverted compressed air can to cool it to -50 degrees Celsius, and power the system off. Either move the RAM to a system with a custom OS, or attach an external drive to the system and boot off that. The custom OS boots with a minimal memory footprint and then copies everything from RAM to a file on disk. Thus, in less than a minute a “snapshot” of RAM has been taken. This snapshot can then be inspected to locate prospective cryptographic keys and try them on the target drive. Some knowledge of the particular whole-disk encryption product being used would be needed to find the exact spot in memory where the key is, and some error-correction techniques must be used in case a bit or two has been flipped, but it reduces the problem from cryptographically impossible to something that can be cracked in a few minutes or at worst hours.
So is this the end of whole-disk encryption? No, not at all. First of all, whole-disk encryption still successfully protects computers that are powered off (or in hibernation) — in that state, the computer does not have a copy of the encryption key available to it until the user re-enters his password. In most stolen-laptop scenarios, the computer isn’t running at the time! Whole-disk encryption is still a critical mitigation in the case of portable computers containing confidential data, and enterprises and government agencies would do well to implement it. Of course, the best mitigation for this is to not carry confidential data around on your laptop. It always strikes me as absurd when some government employee loses millions of confidential records on a stolen laptop — why did they need to have millions of records to carry around with them? Do they really need all of those on-the-go? It’s possible that in a minority of cases they do, and in those cases encryption is imperative (either of the whole-disk variety or on the file), but in most cases they’d have been better off leaving those files at the office.
Second, this is only a concern in targeted attacks. If a typical thief rips off your laptop and discovers whole-disk encryption in place, they’re not going to execute this attack and get at your data. Instead, they’ll just reformat the hard drive and sell the laptop as hardware. The only reason someone would carry out this attack is if they knew that your laptop in particular contained valuable data and thus set out to steal it specifically. In other words, if you’re a spy, and your laptop is classified TOP SECRET UMBRA, you have to worry about this attack. If you have a typical corporate desktop and aren’t widely known to carry around your company’s entire credit card database, whole-disk encryption will probably protect you just fine.
There are several things that can be done, both by end-users and whole-disk encryption vendors, to mitigate this attack. For end-users:
- If using Vista BitLocker, do not use the automatic mode — choose a mode that requires the use of a USB keyfob or a password to unlock. This makes this attack ineffective when the system is entirely powered off.
- Do not use sleep/suspend-to-RAM when the computer is not actually in your hands — either power off or use hibernate. In a sleep or suspend-to-RAM scenario, the whole-disk encryption key is still maintained in memory and can be recovered.
- If you have a few truly critical files, use file encryption (such as Windows’s Encrypted File System or PGP’s file encryption) on those files with a different password than that used on the whole-disk encryption.
For makers of whole-disk encryption software:
- Provide an option to re-encrypt the symmetric key during sleep or screen-saver activity. This would mean the the laptop would need to be stolen during a truly active state; however, it would also inconvenience the user with more frequent password prompts.
- Consider the cryptographic key expansion mitigation described in the Princeton research paper. It vastly increases the chances of even a small amount of decay of memory rendering the key unrecoverable. Of course, it does so at the cost of performance (by requiring an additional hashing and XOR operation every time the key must be used.)
If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
