The May CACM has an article on recovering passwords from RAM and using that to break protection on encrypted hard disks. It remains crucial to decide what risks you have and what the real threat is. DICOM just approved the standards for using password protection on removable media. (It already had PKI based encryption covered, but in practice the password based in far more usable. With suitable precautions it is probably just as robust against the real threats.) It protects reasonably well against exposure through media theft, but only with the assumption that the passphrase is well protected. If you write the passphrase on the media, you eliminate most of the protections.
My risk analysis based on their work is this:
- If you are personally a target, all current disk encryption methods will be breached. You might be a personal target through criminal activity, military activity, political activity, etc. Disk encryption is not protection for you.
- If you are a target of opportunity, disk encryption alone can be breached. Actually, some techniques like the default TPM and basic Bitlocker of Vista reduce your protection because they fool you into thinking that you are protected, while in fact you are not. Most people are a target of opportunity. If a thief steals your laptop and thinks - "I wonder if there are any worthwhile secrets on this thing?" you just became a target.
- If you are worried about parts depot repair, recycling, re-sale, etc. then current disk encryption is usually good protection. Just make sure to shut down a few hours before handing over the system, or make sure that they remove the disk and are not left alone to play with the system. Of course erasing the disk is even better if you know that the disk will be sold or re-used.
The problem is that at room temperature the RAM bits take too long to zero. There is ample time for someone to reboot the system using either USB boot or PXE boot and copy out the contents of RAM. You need to be power off for 30+ minutes before there is much confidence that data will not be recoverable. They did the proof by implementation that automated RAM scanners can find passwords and break in to all of the popular open source and proprietary disk encryption systems. The keys are right there. (If you use TPM and basic Vista bitlocker, you can have power off forever and still get the keys. The keys are in non-volatile RAM. Bitlocker users should use one of the more advanced modes. Microsoft should remove the basic mode.)
In practice there is also the extremely serious problem that laptops are basically left on all the time, although for power reasons they may be in standby or hibernate modes. This is because it takes too long to boot, and it takes too long to restore user context. One of the reasons that I and others like the Mac is that you can just close the lid and it goes to sleep within seconds (and nothing breaks). You can restore operation by opening the lid, and again it is ready within seconds. You can configure it to ask for a password, but the keys are not scrubbed from memory, so a sleeping system can be stolen and keys retrieved.
If boot were really fast (through techniques like saved context information on disk), the memory (or at least keys) scrubbed on sleep/shutdown, then systems might be somewhat secure.
Something to think about when protecting information from opportunistic theft.
Comments