A team of security researchers have demonstrated that common disk encryption technologies that are intended to keep data on computers safe from theft can be bypassed if an attacker gets a hold of the computer while it is sleeping or waiting for a password prompt.
The attack shows that the products like Microsoft's BitLocker and Apple's FileVault -- as well as PGP's Whole Disk Encryption product -- aren't as secure as many think they are. (See previous post with full explanation and video)
PGP Corporation's Chief Technical Officer Jon Callas described the method of recovering encryption keys that are stored in temporary memory as a "very good attack."
"We always knew it was theoretically possible and they managed to do it," Callas said, referring to a team of researchers who released their findings Thursday.
But it's not time to dismiss encryption as a security solution yet.
The attack exploits the fact that RAM chips in laptops aren't cleared of data when the laptop is turned off. Instead the the data degrades in seconds or minutes - an interval that lets an attacker cut the power to a sleeping laptop and then attach a USB key with an alternate operating system. When the computer is quickly rebooted, the rogue OS grabs all the data lingering in memory and can find encryption keys (and lots of other data) in the resulting file.
Encryption products scramble data on a protected drive, but they need to store the keys in memory when the computers running in order to encrypt and decrypt data. Without the keys, it could take an attacker decades of intensive computing to break into a well-encrypted disk, while with the keys, it would be a matter of minutes.
But the attack does not work on a computer that has been shut down for more than a few minutes or when a computer is hibernated or suspended. (In the latter case, all the data in memory is saved to disk, cleared and the machine is shut down).
PGP's own disk encryption software is vulnerable to the attack, Callas says, though he says it does defend against such an attack better than some other companies' software.
And while the company is working on ways to protect against this kind of attack, there's not much any software maker can do with code, given that all modern computers have this memory flaw.
Callas still thinks the attack is an "edge condition" attack -- meaning that it's an attack that relies on specific and not-common situations. In this case an attacker would need to get access to a computer while it was at the traditional login prompt or within minutes of it being shut down.
The problem for encryption makers, according to Callas, is that when operating systems shuts down, they don't notify the disk drivers, according to Callas. If software had that notification, it could clear data like encryption keys from RAM. In the case of a hard reset, only the motherboard would have time to clear the RAM.
"Only the hardware people can protect us from a reset," Callas said.
The lesson, according to Callas, is that "sleep mode leaves a computer vulnerable in ways we didn't realize."
"Encryption is not magic pixie dust that makes everything okay," Callas said.
For instance, even an encrypted corporate computer is vulnerable to exploitation by a bribeable IT administrator. A computer with an encrypted hard drive could get compromised with spyware or a keylogger though a web browser exploit or a malicious email attachment.
The takeaway for the paranoid?
Encryption is still a solid way to protect your data privacy, but it's not failsafe.
The moral of the story, as best THREAT LEVEL can tell, is shut down or hibernate your computer when it's not in your sight, and if the feds come a'knocking, shut it down before they get a hold of it.
In fact, this correspondent admits to having habitually left an encrypted laptop running in sleep mode in the past. That security sin shall not be repeated.
See Also:
