Click here to receive your FREE subscription to Education Channel Partner

Research Has Chilling Effect on Hard Drive Encryption

3/14/2008

Finally, they put it all together and used these techniques to successfully attack encryption products such as BitLocker, TrueCrypt, and Apple's File Vault. If you're not use wading through research findings, this means our data encryption procedures aren't as good as we thought they were. It means back to the drawing board.

But Won't 'Trusted Compuing' Hardware Solve the Problem?
The response of some security experts was that the capabilities of Trusted Computing hardware would address the kind of vulnerabilities exploited by the Princeton researchers. (Although not extensively used, Trusted Computing Modules or TCMs are now found on many--roughly 150,000--personal computers. In response, the Princeton researchers point out that even though the TCM administers which software modules can use a key, once the key is stored in DRAM by the application, it is vulnerable to the kind of attack they reported.

They also noted that they were able to defeat Microsoft's BitLocker encryption despite its use of TPM and that the use of TCM actually increased the vulnerability because the system will automatically mount hardware protected disks when the machine is powered on.

So What Can Be Done?
Defending yourself against memory imaging attacks is difficult: The key has to be stored somewhere. The Princeton research group that documented this vulnerability recommends countermeasures that focus on discarding or obscuring encryption keys before an adversary might gain physical access, preventing memory-dumping software from being executed on the machine, physically protecting DRAM chips, and possibly making the contents of memory decay more readily.

Unfortunately many of these strategies involve changes to the application or operating system software and are not under the user's control. Examples include software that overwrites encryption keys when they are no longer needed, systems that clear memory at boot time, or systems that limit booting from the network or removable media.

Other countermeasures involve hardware changes that are similarly not available to the user. For example, physically protecting the DRAM chips by encasing them in epoxy or designing chips whose memory decays very quickly when power is lost.

Finally, the Princeton group found that locking your computer screen, which leaves the computer running but requires a password before allowing user interaction, does not protect what you have stored in memory. Similarly, putting your computer in "sleep," "suspend," or hibernate mode is not effective since an attacker could simply awaken the computer and extract the contents of memory as described earlier.

Two New Rules to Protect Data on Your Laptop
Fortunately there are practical steps you can take to protect sensitive data on your personal computer:

1. If you have sensitive data on your computer and must leave it unattended, do a complete shut down. Don't put it to sleep; don't put it in hibernation. Turn it off.

2. After you do a complete shut down, wait a minute or so before leaving your computer unattended.