Most successful attacks against strong, well-designed encryption take the form of ‘side channel’ attacks: ones that aren’t based on breaking the strong cryptographic algorithm, but which are based or circumventing it or subverting it somehow. Common varieties include timing attacks, which examine the precise amounts of time cryptographic equipment or software takes to perform operations, and power monitoring attacks, which examine which parts of a piece of equipment are using energy when.
Researchers at Princeton have recently uncovered a potentially significant side-channel attack against whole-disk encryption systems like BitLocker (built into Windows Vista), FileVault (same for Mac OS X), and Truecrypt. The attack is based on analyzing the random access memory (RAM) of a computer system once it has been turned off. Despite the common perception that this clears the contents of the RAM, they have demonstrated that it is possible to use simple techniques and equipment to get a copy of what is inside: including the cryptographic keys upon which these programs depend:
We found that information in most computers’ RAMs will persist from several seconds to a minute even at room temperature. We also found a cheap and widely available product — “canned air” spray dusters — can be used to produce temperatures cold enough to make RAM contents last for a long time even when the memory chips are physically removed from the computer. The other components of our attack are easy to automate and require nothing more unusual than a laptop and an Ethernet cable, or a USB Flash drive. With only these supplies, someone could carry out our attacks against a target computer in a matter of minutes.
This is bad news for anyone relying on encryption to protect the contents of their laptop: whether they are a banker, a spy, a human rights campaigner in China, or a criminal. Other technologies exist to help foil whole-disk encryption systems when the attackers are lucky enough to find a computer that is turned on and logged in.
Researchers in the same organization have done some good work on electronic voting machines.
“Think laptops. Laptop users with a half-decent OS don’t turn their machines off, they just put them to sleep. When you turn the machine on, you enter your passphrase and it mounts the encrypted disk volume. When you close the lid, the OS locks the machine. You can’t get in again without entering your pass phrase. If someone steals the machine, they can’t log back in without knowing your password. If they shut the machine down and boot from a different disk then they can’t access your data because it’s encrypted and turning off the machine wiped the decryption key from RAM.
Except, apparently, it didn’t. With the new scenario, the thief takes the cover off the machine and then pulls the battery. They then cool the RAM chips and dump the contents. They can then scan through the dump looking for the decryption key. Once they’ve found it, they mount the encrypted volume from another OS and get at all of your confidential data.”
From the Slashdot discussion
Report: Disk encryption security defeatable through DRAM vulnerability
Posted by Xeni Jardin, February 21, 2008 9:13 AM
Disk encryption may not be secure enough, new research finds
Posted by Declan McCullagh
“The reason I say this research could prompt a rethinking of how to protect data is that many of us who use encrypted file-systems believe that if our computers are lost or stolen, our data will be secure. But if a thief (or nosy border guard, or FBI agent) nabs my laptop locked with a screen saver or in sleep mode with the RAM intact, the paper shows that encryption provides no protection.
“You can’t rely on the screen saver,” said Peter Gutmann, a computer science professor at the University of Auckland in New Zealand who has done related work but is not affiliated with Thursday’s paper. “If you really are that worried, you have to turn off your PC.”
The researchers say their technique works against Apple’s FileVault, the BitLocker Drive Encryption feature included in the Enterprise and Ultimate versions of Windows Vista, the open-source product TrueCrypt, and the dm-crypt subsystem built into Linux kernels starting with 2.6. “
More discussion on Schneier’s blog
So the lesson is:
Shut down your laptop and put it somewhere warm before going through a border crossing?
Cold boot disk encryption attack is shockingly effective
It’s an old adage that no security measure is worth anything if an attacker has physical access to the machine, but things like heavy-duty disk encryption are supposed to at least slow things down. Sadly, that may not actually be the case, as a group of Princeton researchers has just published a paper detailing an exploit that requires little more than a spray duster and a screwdriver. Since the encryption key for systems like BitLocker and FileVault lives in RAM, all an attacker has to do to get it is cool the RAM modules with the air duster held upside down, yank the DIMM, and insert it into another machine, where it can then be read to access the key. Of course, this assumes that you’ve already typed in your password, but check the video after the break to see how long bits in RAM stay written — even if you’ve turned off your computer, there’s a chance the key can still be read. Looks like there’s an actual benefit to MacBook Air’s soldered-in RAM after all, eh?
Report: security glitch exposes Mac OS X passwords
Apple has confirmed a security glitch that, in many situations, will let someone with physical access to a Macintosh computer gain access to the password of the active user account.
The vulnerability arises out of a programming error that stores the account password in the computer’s memory long after it’s needed, meaning it can be retrieved and used to log into the computer and impersonate the user.
“This is a real problem and it needs to be fixed,” said Jacob Appelbaum, a San Francisco-area programmer who discovered the vulnerability and reported it to Apple. He said he disagreed with the company’s response: “They won’t put it in the latest security update or release a security update just for this issue.”
Appelbaum is one of the team of researchers who published a “cold boot” paper last week describing unrelated vulnerabilities in encrypted filesystems, including Apple’s FileVault, Windows Vista’s BitLocker, and a number of open-source ones.
Rap about encryption
“Evil Maid” Attacks on Encrypted Hard Drives
By Bruce Schneier
Earlier this month, Joanna Rutkowska implemented the “evil maid” attack against TrueCrypt. The same kind of attack should work against any whole-disk encryption, including PGP Disk and BitLocker. Basically, the attack works like this:
Step 1: Attacker gains access to your shut-down computer and boots it from a separate volume. The attacker writes a hacked bootloader onto your system, then shuts it down.
Step 2: You boot your computer using the attacker’s hacked bootloader, entering your encryption key. Once the disk is unlocked, the hacked bootloader does its mischief. It might install malware to capture the key and send it over the Internet somewhere, or store it in some location on the disk to be retrieved later, or whatever.
You can see why it’s called the “evil maid” attack; a likely scenario is that you leave your encrypted computer in your hotel room when you go out to dinner, and the maid sneaks in and installs the hacked bootloader. The same maid could even sneak back the next night and erase any traces of her actions.
…
As soon as you give up physical control of your computer, all bets are off.
1024-bit RSA encryption cracked by carefully starving CPU of electricity
Since 1977, RSA public-key encryption has protected privacy and verified authenticity when using computers, gadgets and web browsers around the globe, with only the most brutish of brute force efforts (and 1,500 years of processing time) felling its 768-bit variety earlier this year. Now, three eggheads (or Wolverines, as it were) at the University of Michigan claim they can break it simply by tweaking a device’s power supply. By fluctuating the voltage to the CPU such that it generated a single hardware error per clock cycle, they found that they could cause the server to flip single bits of the private key at a time, allowing them to slowly piece together the password. With a small cluster of 81 Pentium 4 chips and 104 hours of processing time, they were able to successfully hack 1024-bit encryption in OpenSSL on a SPARC-based system, without damaging the computer, leaving a single trace or ending human life as we know it. That’s why they’re presenting a paper at the Design, Automation and Test conference this week in Europe, and that’s why — until RSA hopefully fixes the flaw — you should keep a close eye on your server room’s power supply.
Breaking Hard-Disk Encryption
Elcomsoft Forensic Disk Decryptor acquires the necessary decryption keys by analyzing memory dumps and/or hibernation files obtained from the target PC. You’ll thus need to get a memory dump from a running PC (locked or unlocked) with encrypted volumes mounted, via a standard forensic product or via a FireWire attack. Alternatively, decryption keys can also be derived from hibernation files if a target PC is turned off.
…
Even so, none of this might actually matter. AccessData sells another program, Forensic Toolkit, that, among other things, scans a hard drive for every printable character string. It looks in documents, in the Registry, in e-mail, in swap files, in deleted space on the hard drive … everywhere. And it creates a dictionary from that, and feeds it into PRTK.
Inception is a tool for breaking into computers with full-disk encryption. It assumes that you have access to a suspended/screen-locked computer whose disk is encrypted. You access the machine over its FireWire interface (or, if it doesn’t have FireWire, you plug a FireWire card into one of its slots, and the machine will automatically fetch, install and configure the drivers, even if it’s asleep), and then use the FireWire drivers to directly access system memory, and from there, patch the password-checking routine and walk straight into the computer.
Passware Inc. is a forensics security company that develops investigation software kits to reveal passwords on seized computers. Last year it released a version of its kit that allows an investigator to reveal the passwords of Apple’s FileVault encryption technology, along with those for similar technologies such as TrueCrypt, PGP Disk, and BitLocker. Recently the kit has gained more features and now has the ability to snoop through a system’s hibernation file for Google and Facebook account passwords.
The Passware snooping technology works by accessing a system’s memory either through a port that has direct memory access (DMA), or by accessing a system’s sleepimage (hibernation) files. It scans the contents of these resources for patterns to reveal relevant passwords.