Ed Felten Defeats Hard Drive Encryption

from the ed-felten-strikes-again dept

Ed Felten, and the various grad students who work for him at Princeton, have done plenty to contribute to the computer security field (and make quite a name for themselves), from breaking the old SDMI encryption that the recording industry insisted was unbeatable (which nearly got Felten sued) to showing just how vulnerable e-voting machines are. However, he may have just broken his biggest story yet. Felten and a group of colleagues have now shown that hard disk encryption is incredibly easy to beat. This should be a huge concern, considering how many people and organizations rely on data encryption to protect important data. In fact, with many of the "lost" hard drive stories over the past few years, many organizations have insisted the risk was minimal, since the data was all encrypted. Yet, as Felten's team shows in this video below, not only is it quite easy to defeat the encryption using a simple can of compressed air, in some cases, there isn't much that can be done to protect against this. As the video notes, this won't work on some systems if the computer is turned completely off and the encryption package opens up before the operating system boots -- but otherwise, most systems are vulnerable.
Basically, they've figured out that, despite what many believe, data held in RAM does not disappear immediately when the power is cut. And, if you freeze the chip, you can make the data last a very long time. This is important, because for disk encryption, the key to unlocking the data resides in the RAM. If someone can access that key in the RAM and make a copy of it, then they can unencrypt all of the data without knowing your password.

Filed Under: ed felten, encryption, hard drives, security

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Charming Charlie, 22 Feb 2008 @ 1:56am

    I know only a bit more about computer hardware than the normal person, but isn't it quite possible to create a hardware solution to the slow powering off of RAM bits? As in, the OS shutdown initiates a power cut off to the circuits supplying power, so that they immediately 0 out´╝č I'm imagining a capacitor or something that draws the power out of the RAM. Alternatively, couldn't the OS just manually replace all the bits the OS itself isn't using to kind of cover (mostly) it's tracks during a shutdown? In the video, they didn't show a technique which used a sleeping computer that didn't involve temporarily powering it off.

    This, combined with the password entry before the OS starts running, would cover all the bases, wouldn't it?

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Show Now: Takedown
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.