Ed Felten Defeats Hard Drive Encryption

from the ed-felten-strikes-again dept

Ed Felten, and the various grad students who work for him at Princeton, have done plenty to contribute to the computer security field (and make quite a name for themselves), from breaking the old SDMI encryption that the recording industry insisted was unbeatable (which nearly got Felten sued) to showing just how vulnerable e-voting machines are. However, he may have just broken his biggest story yet. Felten and a group of colleagues have now shown that hard disk encryption is incredibly easy to beat. This should be a huge concern, considering how many people and organizations rely on data encryption to protect important data. In fact, with many of the "lost" hard drive stories over the past few years, many organizations have insisted the risk was minimal, since the data was all encrypted. Yet, as Felten's team shows in this video below, not only is it quite easy to defeat the encryption using a simple can of compressed air, in some cases, there isn't much that can be done to protect against this. As the video notes, this won't work on some systems if the computer is turned completely off and the encryption package opens up before the operating system boots -- but otherwise, most systems are vulnerable.
Basically, they've figured out that, despite what many believe, data held in RAM does not disappear immediately when the power is cut. And, if you freeze the chip, you can make the data last a very long time. This is important, because for disk encryption, the key to unlocking the data resides in the RAM. If someone can access that key in the RAM and make a copy of it, then they can unencrypt all of the data without knowing your password.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    identicon
    Charming Charlie, Feb 22nd, 2008 @ 1:56am

    I know only a bit more about computer hardware than the normal person, but isn't it quite possible to create a hardware solution to the slow powering off of RAM bits? As in, the OS shutdown initiates a power cut off to the circuits supplying power, so that they immediately 0 out´╝č I'm imagining a capacitor or something that draws the power out of the RAM. Alternatively, couldn't the OS just manually replace all the bits the OS itself isn't using to kind of cover (mostly) it's tracks during a shutdown? In the video, they didn't show a technique which used a sleeping computer that didn't involve temporarily powering it off.

    This, combined with the password entry before the OS starts running, would cover all the bases, wouldn't it?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Dr.A, Feb 22nd, 2008 @ 2:37am

    If the key is in the memory then a trojan is by far way better for the job.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Paul`, Feb 22nd, 2008 @ 3:14am

      Re:

      Its not about whats better, its showing that it's also possible this way.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Liquid, Feb 22nd, 2008 @ 5:03am

        Re: Re:

        I agree with you on that Paul. Plus with a trojan it would most likely be picked up by virus software anyways... I think that if I had physical access to a computer like that I would just snag it and do it this way... if you think about it you wont leave tracks on the hard drive when you happen to "Find it", and return it...

         

        reply to this | link to this | view in chronology ]

      •  
        icon
        lrobbo (profile), May 23rd, 2012 @ 8:01am

        Re: Re:

        Exactly

         

        reply to this | link to this | view in chronology ]

  •  
    identicon
    Jollygreengiant, Feb 22nd, 2008 @ 3:18am

    Charlie, you could have lines that would short out the memory,and drain the charge but it would mean a complete redesign of memory systems, and would add quite a bit to shutdown/reboot times. Better maybe to have a routine that overwrites the data at shutdown.

    All of which is a bit moot as the memory doesn't even need to be in the original PC! A quick spray of liquid CO2 or N2, and just whip them out and into your own device which copies the content for later perusal...

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 22nd, 2008 @ 4:50am

      Re:

      Nevermind the fact that you don't need to actually shut down the OS. Pull the plug, pop out the chips, and anything your software was supposed to do on a graceful close is avoided.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Chronno S. Trigger, Feb 22nd, 2008 @ 5:28am

      Re:

      I have an easier way to avoid this. Don't leave your computer in standby and walk away. Always shut down the PC and wait 30sec before walking away. That way the memory chips have time to discharge. I don't know if hibernate would open a risk since the data in the memory is written to the drive during shutdown.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Johann, Feb 22nd, 2008 @ 3:26pm

        Re: Re:

        Yes it will solve the problem but people rather leave the PC on when they go to the bathroom, grab a cup of coffee, etc. And if your laptop is stolen during such time frame then your data still gets stolen.

         

        reply to this | link to this | view in chronology ]

  •  
    identicon
    me, Feb 22nd, 2008 @ 5:07am

    Ed Felten Defeats Hard Drive Encryption

    uh-oh

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    matt, Feb 22nd, 2008 @ 5:32am

    not what it seems

    although they ar5e correct there are easy methods to crack hard drives these are methods involving physical access. If you have physical access to the hard drive there are many many easier methods to get into the encryption due to human exploitation, such as software situations within the target's pc, video cameras, physical keyloggers, audio keyloggers.

    So if you can get to the hard drive or not is irrelevant, there''s plenty of methods This isn't like they magically figured out the encryption key, and also isn't the ram situation "within 1-30 minutes" or something? I mean seriously it may take half of the minute just to get access to what you're looking for.

    I salute the method, but there are just too many for this to be truly noteworthy.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Overcast, Feb 22nd, 2008 @ 5:55am

    I agree with you on that Paul. Plus with a trojan it would most likely be picked up by virus software anyways...

    Only if the AV scanner you are running is familiar with it. If you wrote one for the task, there's only a slim chance it might be detected by the heuristics - which, of course, could easily be tested on another PC, running the same AV software prior to 'delivering' the code.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    mdmadph (profile), Feb 22nd, 2008 @ 6:06am

    Or you could, I don't know, just turn off your computer when you're not using? Why would any computer that needed this level of security be left on all the time, anyway?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    delphidude, Feb 22nd, 2008 @ 6:34am

    More scare headlines

    This story is being ballyhooed far beyond what it is worth. Has anybody tried this outside of that lab? The answer is yes. Me. I have a pair of useless older PCs that are perfect for experimenting. And a box of cans of cool spray left over from my career job of fixing mainframes. These have real Freon and can freeze your katookies off if used upside down.

    I loaded a huge text file with a repeating, easy to recognize pattern of data (i.e abcdefg...) into memory on one. Hosed it down with Freon. That didn't work - it blew the memory, an experience that I have had in the past when trying to cool down components in troubleshooting. Apparently the small lands on a PC board will shrink from the cold and pull apart.

    Started again with another simm. Not so cold this time.

    Yanked it hot (as in with power on, not referring to temperature), plugged it into another old junker with a copy of Win 3.1 and powered up. Started scanning memory (that took a while, since my last experience with 3.1 must be about 15 years old.) but...

    There was nothing. And since most memory was all zeros, I couldn't be sure that the hardware/bios was not clearing memory on boot. Turned off everything in the bios, tried again, but still got nothing.

    Tried not only pulling it hot, but swapping it hot. Problem was that the receiving machine would lock solid instantly. But finally one try got it in and the receiver stayed up. Time that the memory was without power was less than 3 seconds.

    Great. Looked all over but no trace of that pattern could be found.

    So. This isn't quite as easy as the articles are making out. I am sure that the researchers did what they say, but nobody needs to panic that some DHS cop is going to whip out a spray can and a screwdriver and suddenly look through a persons surfing history. Heck, most government agents that I have run across have trouble opening the lid of the laptop.

    DelphiDude

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Chuck Norris' Enemy (deceased), Feb 22nd, 2008 @ 7:28am

      Re: More scare headlines

      Are you a Mythbuster?

      I would like to see an uncut video of a single, or even group, of people trying to pull this off. I mean, it is all described in theory with a bunch of cuts but can you physically do it the way it was shown in time to save the data.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Rick Sarvas, Feb 22nd, 2008 @ 10:17am

      Re: More scare headlines

      It has been many years since I've done any electronics work, but I think I see the problem here with delphidude's experiment with the older laptops...

      It seems to me that exploit makes use of the fact DRAM chips are powered by pulses and not a continuous supply of power as required by the Static RAM used in much older computers. In a way, it's like keeping a bucket that has a small hole in the bottom filled with water. If you top off the bucket at regular intervals as dictated by the size of the hole in the bottom, the supply of water out of the bottom of the bucket should remain the same. If you fail to fill the bucket, the supply of water will eventually run out, but not immediately. With static RAM, the bucket is more like a pipe, so an interruption of water from one end would quickly be noticed at the other.

      In short, it might be that the failure of the experiment to work (other than the RAM chips pulling away from the circuit traces when chilled) may simply be due to the fact the the memory used in the target laptops was of the wrong type for this specific type of attack to work (SRAM vs. DRAM).

      If so, the results are still interesting.

      Some background info...
      http://en.wikipedia.org/wiki/DRAM
      http://en.wikipedia.org/wiki/Static_random_access_memory

      Then again, I could be completely wrong too.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Kevin, Feb 22nd, 2008 @ 7:39am

    Clarifications

    Charlie, it's not a matter of power stored in the RAM. A bit is set in the memory cell as either on or off. Left to it's own with no power the state of the bits will drift or alter over time. Because of this, power is applied to the cells via a refresh strobe. This refresh current helps ensure that the bit state of the cell doesn't change.

    Felten's exploit is based on discovering that the bit state doesn't deteriorate very rapidly, and deterioration can be slowed even further by use of a refrigerant to chill/freeze the memory cells.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Michael S. Williamson, Feb 22nd, 2008 @ 8:21am

    Wipe the DRAM!

    Disk-encryption utilities should use a routine that overwrites the part of RAM holding the keys when unmounting a volume as this may be the best defense against this sort of attack. This would also require users to unmount their encrypted volumes before leaving them unattended.

    -Michael

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Dale, Feb 22nd, 2008 @ 8:26am

    Yes, I am an idiot

    ersonallypay Iway encryptway everythingway onway ymay ardhay riveday inway igpay atinlay.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    interval, Feb 22nd, 2008 @ 8:30am

    Ok, SO - WHAT?

    Ok, Felton has shown the possible. Lets look at the reality; the comprisor has to come in fairly soon after the user has powered down the machine. The code breaker then has to take the pc apart, freeze the ram modules and then analyze the latent charge in the modules, and how you do that I'm not sure. For some reason I still feel fairly well protected and will continue to encrypt my data. Thanks for the warning though.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Ben, Feb 22nd, 2008 @ 8:36am

    if you get the computer while it's on...

    can't you just burn everything to a CD anyway? I don't really see why this is significant. I guess it would allow you to have access to the computer any time you wanted, after turning it off or whatever, but if it requires having access to the computer after someone has already entered the password, couldn't you just get all the data you needed in that session? I suppose if there's some less barrier to access, like a screen saver password, but it just seems like this would be helpful in very few situations.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    smarmy, Feb 22nd, 2008 @ 8:47am

    Its a comprimise

    1) There's no way to program a laptop to not get stolen, so it comes right down to vigilance on the user's part, which should be security step one. Probably any laptop that will be carrying sensitive data should have sleep mode disabled, and part of the power-down process should be a memory overwrite. But other than that, I'm not too sure how much more secure you can make things anyway, even without this vulnerability.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    DRM Suxx, Feb 22nd, 2008 @ 8:51am

    sleep mode

    You are forgetting that they were able to do this when the PC was left in sleep or hibernate. I typically hibernate mine to make it faster by skipping the whole boot process. Most people I work with do the same, just setting it to open to the password prompt. The video claims the machine is vulnerable at this point.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Chuck, Feb 22nd, 2008 @ 9:32am

      Re: sleep mode

      If you hibernate the machine, you just saved them a lot of trouble. Hibernate copies the entire contents of RAM to disk for resume, you just gave them the copy they were looking for.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    xtrasico, Feb 22nd, 2008 @ 10:27am

    Need sleep mode

    I am an Auditor and Fraud Investigator. The Agency I work for gives me a laptop to do my work. Last year there was something wrong with it and the boot process use to be like 25 minutes one day and 1 minute the next. That happened everyday. I got used to leaving that laptop on sleep mode because when I needed it to boot fast to take a sworn statement or something important it was really frustrating to wait for it to boot up. All the work I do is confidential so we use encryption. This is going to change my preferences... just in case.

    Sleep mode:
    When referring to speed up the booting process of a PC I have always read everywhere on the net that hibernate is slower comparing it to the boot or sleep process. Hibernate just saves everything to hard drive so you can access it exactly as you had it when leaving the PC. In my PC the booting process is faster than waking it from hibernating, which sometimes hangs. Maybe something is wrong with my PC. I don't know...

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Steve, Feb 22nd, 2008 @ 11:31am

    Hibernation is Probably Safe with most products

    Hibernation and waiting a few minutes should thwart this attack as long as you use a product that encrypts the hibernation file. I know the product I use automatically does that.

    I hate to shut down, and hibernating takes too long (even longer now that it's being encrypted) so I just stand by. Looks like I'll have to get used to shutting down.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    dorion, Feb 22nd, 2008 @ 1:09pm

    Off Topic

    I don't know what the big deal is with data security anyway. All of our information is spread across the world anyway thanks to outsourcing IT to foreign countries. My identity was stolen when I was 19 from my local college. Someone snagged my personal info from my school records. Good thing I was too young to have any real credit. Too bad LE did not think it was important enough to pursue the crook.

    I have worked with several law enforcement companies that have sophisticated ways of dismantling a drive and pulling data off. Whom are you trying to keep the data away from anyway? If they are good enough to crack this stuff then most likely they have a job paying them more then what this data is worth.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Nicko, Feb 22nd, 2008 @ 5:22pm

    The classic method

    Well you can always go back to tamper-proofing your machine with a battery driven thermite charge. Nothing quite stops a thief quite like a 4500 degree blast.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Tony, Jul 2nd, 2008 @ 6:20pm

    this is not something new

    this type of attack is nothing new,

    I'm a computer scientist and work for Novell who make SuSe Linux.

    if you use something like these products the chances are that your password is only a very small one - as most people will not make the password overly long (aka >20 characters) and even sometimes it is something obvious!

    so the vulnerability due to a brute force attack is still about 50-100x more likely to break your encryption than this method is :| due to physical acess needed shortly after a powerdown.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Mike, Feb 26th, 2009 @ 9:38pm

    This article is misleading...

    Hard drive encryption is alive and well and living embedded in hard drives from Seagate, Hitachi, etc.. and it is NOT circumventable via the description in this article.

    So a grave disservice is done with the headline "Ed Felten Defeats Hard Drive Encryption". He has done nothing of the kind. He has only circumvented one form of it. If he can defeat the encryption in the hard drive from Seagate I will then be MOST IMPRESSED.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Mikey, Feb 22nd, 2010 @ 12:37pm

    I think people like Ed are absolutely invaluable to the encryption software industry. Without guys like him, his team and his peers pushing the tech forward, we may just be attacked more often. Think about it, if the good guys aren't cracking this code, who does that leave the job to?

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    fodder99 (profile), Jun 30th, 2012 @ 10:09am

    Ed Felten is an e security wizard !

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This