Sunday, April 6, 2008

Failures of Disk Encryption

How to break disk encryption...

"Security is not a product but a skilled continuous process which requires thought..." Jorge Sebastiao, 1999.

Even for the best technologies there is always a weak point which must be addressed, in this case Disk Encryption as its weakness. The weakness is that even in memory the keys exist in some readable format, if we can get to it, then it is game over:


Roger Halbheer said...

Hi Shoaib,
thank you for this post. I blogged on it as well on Let's be realisitc here: Disk encryption tools have to keep the key in memory unless you do complete hardware solutions close to the disk. Otherwise it is a performance issue. Now, the Princeton attack is interesting - from a theoretical perspective. In reality this would mean that I have to put my notebook in hybernation, the attacker would have to get my notebook immediatly and either dump the memory wihtin the next let's say few minutes or freeze it in that timerange. If this is the biggest security risk a company has, let's discuss it but they would be in great shape!
my 2cents

Shoaib Yousuf said...

Hi Roger,

Thanks for commenting. I will agree and disagree with your comments.

Agree in a sense that Disk Encryption tools have to keep the key in memory unless we have complete hardware solutions close to the disk.

Disagree in a sense where you commented that this might not be a biggest security risk. I think possibilities are endless. Bad guys are thinking ahead of us. Just put yourself in their shoes for a second and imagine this scenario:

I have notebook with 1 million SSN, Credit Card dtls with complete info and banking dtls. Bad guy out there is aware of that and he is chasing me each and every time. He might steal my notebook anytime and break the disk encryption sitting in the van outside the coffee shop! After all this is all organised crime.

We have to take each security risk seriously and think outside the box.