New Method of Attacking Disk Encryption
by Mark Joseph Edwards, News Editor
From: windowsitpro.com

So you've got that spiffy new Windows Vista system built, complete with
BitLocker encryption, which you hope is going to keep your data out of
the hands of folks with prying eyes. And you've also got your Mac OS X
systems all locked down with FileVault, and your Linux systems are
tightly secured with dm-crypt. Do you think your data is safe and
secure? Maybe that's not such a good assumption, and here's why....

A team of eight researchers from Princeton University, Electronic
Frontier Foundation, and Wind River Systems recently released a new
white paper that explains in detail how they were able to defeat all of
the disk encryption systems that I just mentioned. The technique to
defeat such encryption centers around two important facts: Encryption
keys are often stored in memory, and memory doesn't necessarily lose its
contents immediately when a system is powered off. Because of those two
facts a serious weakness exists that can be readily exploited to gain
access to the encryption keys, and thus your data.

Normally, unpowered DRAM memory chips lose their contents after a
several seconds. But if those chips can be kept very cool, then they
might retain their contents for up to an hour or more. That gives
someone plenty of time to read the memory in the chips and recover
encryption keys.

But wait, maybe you've got Trusted Platform Module (TPM) chips in your
systems. The chips assist cryptographic software, which can use TPM to
generate and control access to encryption keys. BitLocker can use TPM if
it's present, and as it turns out your systems can be even more
vulnerable due to TPM! According to the white paper, "TPM sometimes
makes [a system] less secure, allowing an attacker to gain access to the
data even if the machine is stolen while it is completely powered off."

What does all this mean for the security of your data? The obvious
answer is that even with strong encryption in use, your data is safe
only in direct proportion to the level of physical security that you can
provide. And, if someone gets their hands on one of your systems while
it's still powered up---even if you're logged out, or have locked the
desktop via screensaver or other similar methods---then your data might
be available to the thief. Furthermore, even if you put the system into
hibernation mode, or suspend the OS to disk, then your data might still
be vulnerable. It's as simple (and devastating) as that.

One of the eight researchers, Ed Felton, explained the risk like this:
"This is deadly for disk encryption products because they rely on
keeping master decryption keys in DRAM. This was thought to be safe
because the operating system would keep any malicious programs from
accessing the keys in memory, and there was no way to get rid of the
operating system without cutting power to the machine, which 'everybody
knew' would cause the keys to be erased."

So much for wishful thinking, eh? This attack vector isn't just some new
fuzzy theory. This is a clear real-world possibility, and the team backs
up their research with five sets of code that demonstrate how to get
your hands on encryption keys present in DRAM. You and anybody else can
get a copy of that code and test recovery methods if you want to. The
code is available along with the white paper, guides, and videos at the
URL below.

http://ct.email.windowsitpro.com/rd/cts?d=33-11491-803-202-41874-1185011-0-0-0-1-2-207

If you're serious about using the best disk encryption available, then
consider using a disk drive or disk controller that can encrypt the data
without ever moving encryption keys outside of the disk or controller's
logic circuits. Seagate and Fujitsu are two vendors I am aware of who
provide that type of hardware for desktops, servers, and laptops. Check
into Seagate's Momentus drives for desktops and servers and their
Cheetah drives for laptops. Also check into Fujitsu's MHZ2 CJ series of
drives for laptops.