Slashdot Mirror

← Back to Stories (view on slashdot.org)

What's Missing From File / Disk Encryption?

Posted by ryuzaki0 on from the features-wanted dept.

lockDrive asks: "Every month, we read a news about personal information leak. Most of the time, either a laptop or a hard disk that contains sensitive information is stolen from a government or corporate office, and the data are not encrypted. Recently, Department of Veterans Affairs had lost a laptop which contained confidential information for 26.5 million veterans. The data were not encrypted. There are many products that provide a solution to such a problem. Microsoft Encrypting File System (EFS), which comes with Windows 2000 and later, encrypts data in a file system and seems to have a decent key recovery system in Windows 2003 Server CA. Products like SecureDoc and DriveCrypt encrypt an entire disk. I have tried some of them and they are not that difficult to use. What is holding people who handle sensitive information (government, health-care, insurance ...) back from encrypting their data? Are the products still too hard to use? Are they concerned about performance loss? Are they not convinced with the security gain? Are they just not adopting the technology quickly? Is there anything missing in the technology?"

30 of 177 comments (clear)

  1. Time by suso · · Score: 2, Interesting

    Time is what is needed. :-D

  2. encryption is a speed bump. by ecalkin · · Score: 3, Insightful

    it will slow people down. maybe long enough to recover the data or somehow make it less useful (change ids, passwords, etc). even good encryption will eventually fail. the best you can do is to make it difficult.

        on a positive note, someone suddenly looking for breaking tools might catch some attention. on a negative note, something encrypted tends to be a big red flag that says 'look at me, i was important enough to protect'.

        and one final thought: it you look at the care and attention that people pay to to security, it would not surprise me if most encrypted systems would be compromised by user stupidity (social engineering).

    eric

    1. Re:encryption is a speed bump. by drsmithy · · Score: 3, Insightful
      it will slow people down. maybe long enough to recover the data or somehow make it less useful (change ids, passwords, etc). even good encryption will eventually fail. the best you can do is to make it difficult.

      Note that when "eventually" is a timeframe measured in tens to hundreds of years, that's probably good enough for just about anyone.

    2. Re:encryption is a speed bump. by Nutria · · Score: 3, Informative
      Out here in the real world, you're not going to crack correctly-applied encryption in your lifetime,

      You'd better re-think that bold assertion...

      http://en.wikipedia.org/wiki/Data_Encryption_Stand ard#Security_and_cryptanalysis
      The feasibility of cracking DES quickly was demonstrated in 1998 when a custom DES-cracker was built by the Electronic Frontier Foundation (EFF), a cyberspace civil rights group, at the cost of approximately US$250,000 (see EFF DES cracker). ... The machine brute-forced a key in a little more than 2 days' search; at about the same time at least one attorney from the US Justice Department was announcing that DES was unbreakable.
      But it's only DES, you say!!! So. It is a correctly-encrypted text, and it was cracked in 56 hours.

      http://en.wikipedia.org/wiki/EFF_DES_cracker
      Six months later, in response to RSA Security's DES Challenge III, in collaboration with Distributed.net, the EFF used Deep Crack to decrypt another DES-encrypted message, winning another $10,000. This time, the operation took less than a day -- 22 hours and 15 minutes.
      --
      "I don't know, therefore Aliens" Wafflebox1
    3. Re:encryption is a speed bump. by Bazzargh · · Score: 4, Funny

      Simple, first kidnap you and your kids. Then slowly torture one of your kids to death to prove I am serious. After that you would do anything, even give up the key/passphrase to save your other kid. I am sure you can come up with several other methods that would work for people without children.

      I keep one of the twins, Alice, in the firesafe to prevent this kind of attack. Bob is kept offsite as a backup.

    4. Re:encryption is a speed bump. by peacefinder · · Score: 2, Insightful

      I think your scheme may have a data integrity problem. It seems unlikely that Alice and Bob are identical copies, so you seem doomed to some data loss in that sort of attack.

      (Or maybe you're just using some unusual naming scheme for your kids.)

      --
      With reasonable men I will reason; with humane men I will plead; but to tyrants I will give no quarter. -- William Lloyd
  3. That reminds me- by sirket · · Score: 2, Interesting

    I've been looking for an encrypted hard drive controller- something that looks to the OS like a normal disk but every single byte written to the disk is encrypted. The moment the power is pulled the key is lost and needs to re-entered when the system reboots. It would look like a disk error but when the "Non-system or disk error" message comes up you enter the key and the system boots normally.

    I would prefer there not be any chance of the OS leaving around un-encrypted information on the swap partition or hacing a back door or any other stupidity. I've seen encrypted controllers but only with 40 bit keys. I'd love to see something with an AES 256 bit key. If nothing is out there I may just have to put together something using an FPGA.

    -sirket

    1. Re:That reminds me- by sirket · · Score: 2, Interesting

      It is stored in one of the FPGA embedded RAM blocks and is wiped the moment power is lost.

  4. data loss by r00t · · Score: 2, Insightful

    Can you stick the drive in any PC running the same OS, supply your password, and get the data? If not, there's one less step before you get stuck trying to read crufty old backup tapes/CDs/etc.

  5. The real cause... by WidescreenFreak · · Score: 3, Insightful

    I think you missed the real cause -- the IWNHTM Syndrome.

    It Will NeverHappen To Me

    --
    The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.
  6. Ignorance by Merlynnus · · Score: 5, Interesting
    Clearly the problem is ignorance. And bad habits. And bad security policies.

    It's not a technological problem -- everyone in Windows & Linux land should be using Truecrypt or something similar and being smart about how they handle data. Rather it's a social problem.

  7. lack of proper policies by artifex2004 · · Score: 3, Interesting
    The biggest flaw in these schemes is always the glaringly obvious: nobody bothered to turn them on.
    Without written security policies, nobody knows what they should/can/must not do, and even if they do, they follow the rules inconsistently.

    Take a look at Cisco's SAFE, for example. It explicitly says

    This document presumes that you already have a security policy in place. Cisco does not recommend deploying security technologies without an associated policy. For further information about security policies and their use, consult the SANS Security Policy Project at:
    http://www.cisco.com/go/safe


    If you don't know what you have, who gets to access it, and when, what good is a bunch of hardware and software? You might as well hand all your workers CDs of your databases and cross your fingers. Which, possibly, actually happens in some of these cases. Sadly, this sort of stuff is Day 1 material for CCNA and MCSE and other certifications these days, so it pretty much looks like whoever is running the show in these places can't follow or doesn't know standard industry practices. That's gross negligence, IMO, and nothing to do with any sort of technical failings.
  8. And along those lines by Sycraft-fu · · Score: 2, Informative

    How about corrupted data recovery? Say I have a document, and 15 bytes are damaged and unrecoverable. No problem, I still want it because it's important. If it's unencrypted, that is unproblematic. Whatever those 15 bytes were is damaged and I'll have to fix, the rest of it is there. What about the encryption? Can it handle decrypting partially damaged files, or will it fail?

  9. How about a distro w/ initial install support by Tiamat · · Score: 4, Interesting

    I would love to a see a distro, like ubunto, that would ask me if I wanted to create a small boot parition, and a larger *encrypted* primary parition, which would then install to the encrypted partiton, and finally give me the chance to burn a CD from which to boot (or USB stick if my system supported that, etc.). Then, on boot (either from the HD small boot part, or a read-only CD), I'd enter my password to access the root partition. As it stands, getting this done requires some expertise, too much time for most of us, and lot manipulating of files, partitions, etc.. Make it easy!

    1. Re:How about a distro w/ initial install support by anti-drew · · Score: 3, Insightful

      Don't just make it easy. Make it the default. The vast majority of users start with everything at default settings. Why would you deliberately use a default which is incorrect?

    2. Re:How about a distro w/ initial install support by javifs · · Score: 4, Informative

      It will be integrated in the latest version of the Debian installer, IIRC, it will be in 'etch beta 3'. Which should be available soon (check out the PartmanCrypto stuff in the wiki and the Debian Installer pages). Since Ubuntu uses a derived version from the installer, they will presumely pick this up once it is finished.

  10. What's missing? by Kalzus · · Score: 2, Insightful

    Common sense and rigour.

    I don't care if your algorithm never exposes a weakness for ten thousand years and your messages are supposedly secret for ten billion. If you keep throwing your scratchpad in the wastebasket and leaving it there, for example, then I'll probably figure out your plaintext.

    --
    "The Devil does not know a lot because He's the Devil, He knows a lot because he's old." -- unknown
  11. Cooperation between Linux and Windows? by TerminaMorte · · Score: 2, Interesting

    I'd just like to be able to store 'personal' or 'private' information on a 1GB encrypted flash drive.

    One of the major reasons that has stopped me from using encryption, however, is the lack of compadibility for diffrent operating systems.

    If I encrypt the drive using AES-256 on linux, I'm unable to read it on Windows. If I encrypt it with one of the Windows tools, I'm unable to read it on linux.

    So I'm stuck between only being able to read my information at home on my linux machine, or only on public/windows computers.

    1. Re:Cooperation between Linux and Windows? by jzono1 · · Score: 2, Informative

      Truecrypt does what you want.

      http://truecrypt.sf.net/

    2. Re:Cooperation between Linux and Windows? by bored_engineer · · Score: 2, Informative

      You only mention windows and Linux. Truecrypt supports those two operating systems. Future support for OSX is planned.

  12. Key Management by gadzook33 · · Score: 2, Insightful

    Any organization handling truly sensitive data doesn't have the luxury of using third party key management. As soon as you have to manage keys, the difficulty of encrypting data goes way up. For these applications, a six letter password isn't going to cut it. Security has little to nothing to do with encrypting data. You can just as easily lock the data in a safe. If you encrypt the data and lock the key in a safe, what's the difference? There is none. People often equate encrypted with secure and this is rarely, rarely the case.

  13. -truecrypt? by acomj · · Score: 2, Interesting

    We had someone at work talk about this...

    http://www.truecrypt.org/

    Its not a HW controler, but a mount the file system encrypted. It seems like a well thought idea anyway. And available for Linux.

    1. Re:-truecrypt? by Merlynnus · · Score: 3, Informative

      Nonsense. I use Truecrypt, and have encrypted a whole drive. *Nothing* on it is unencrypted. It has no partition table. Any sort of analysis of it would show that it is complete indistinguishible from random noise. Taken out of the workstation that it currently resides in, it would be completely and utterly secure. And, unintelligible. Granted, it's not the boot drive, but so what?

      I also wonder about "...and realize that there is an encrypted partion...". Again, so what? Unless you've chosen an insecure passphrase, or give up the passphrase through some manner of coersion with the strong encryption algorithms, it doesn't matter if someone realizes there might be more to the noise or not. And, if you're really worried about it, Truecrypt allows you to create truely hidden encrypted areas.

      I suggest reading the fine manual that comes with Truecrypt and studying the bit about plausible deniability. And the bit about encrypting whole devices. *Then* come back and bring a informed opinion.

      The fact of the matter is that the technical problems have been mostly addressed. The problem is that the wetware doesn't follow reasonable data security policies.

    2. Re:-truecrypt? by MacroRex · · Score: 2, Insightful

      I don't think this level of deniability can be done.

      Your system needs to know it should ask for a password before it can access the disk. How can this be done so that a third party cannot deduce from the hardware that the disk contains encrypted information? We must assume that the third party has access to all hardware including any special disk controllers, custom FPGA solutions or BIOSes. IMO this means that a sufficiently smart third party can always conclude that the system contains encrypted data, possibly even without needing to look at the contents of the disk.

    3. Re:-truecrypt? by peacefinder · · Score: 2, Informative

      Truecrypt has a clever dodge for this. They offer the ability to make a hidden encrypted volume. They do this by making an encrypted volume, and filling its blank space with random data. Yet inside of that random-filled blank space is another truecrypt container, which holds deniable data. If you don't know the key, you never see anything other than random padding in that blank space. See their page on it here.

      Integrity of the inner volume seems quite fragile, due to the possibility of it being overwritten through the outer volume, but aside from that it seems like a good plan.

      --
      With reasonable men I will reason; with humane men I will plead; but to tyrants I will give no quarter. -- William Lloyd
    4. Re:-truecrypt? by sirket · · Score: 2

      Exactly how the fuck does your god damned BIOS boot your OS if _EVERYTHING_ is encrypted? Would you like to explain that to us laymen? Oh- gee- wait- you said it's not your boot drive. Great- So when Windows writes a fucking temp file to the unencrypted boot disk TrueCrypt doesn't fucking help me. I don't want a single bit to be written to the disk without it being encrypted. I don't even want it to be _POSSIBLE_ to write something unencrypted to the disk- even if someone does a write to the raw disk.

      I suggest reading the fine manual that comes with Truecrypt and studying the bit about plausible deniability. And the bit about encrypting whole devices. *Then* come back and bring a informed opinion.

      Please don't tell me to bring back an informed decision- I use TrueCrypt on my bloody laptop and know full well how it works. The plausible deniability is great- the problem is everyone knows TrueCrypt provides said feature and in this day and age just knowing it is there can be a problem. Moreover there is always the possibility that something goes wrong and unecnrypted data is written to your hard drive- or a virus gets in an disables it- or the government figures out how to crash it, etc. etc. etc. I want hardware encryption- preferably that I have designed myself.

      -sirket

    5. Re:-truecrypt? by Merlynnus · · Score: 2, Interesting

      Dude: Coffee. Or something. That much stress isn't good for you. You use Truecrypt on your laptop? OOooooh. I bow down to your obvious omniscience.

      Hardware encryption? Hah! Ask the Xbox devs how well that worked for them. Given access to the hardware, it will be broken. But .... you'll have designed it. Oh, I'm sorry, I'm sure that will solve all the hardware encryption problems.

      But mocking aside, check this out: Can I relocate the Windows temp directory somewhere else? Yes. Can I change the location of the Windows swap file? Yes, but that one is problematic, since booting without access to the swap file is difficult.

      But if you're really that paranoid, here's a solution for you:

      Virtualization

      Run your favourite flavor of Linux and install VMPlayer. Still with me? Now create a large encrypted volume. How about a large hidden encrypted volume. On that encrypted volume, create a large VMDK and a Windows VM. Do all your super-secret stuff in the VM. Which resides entirely and completely on an encrypted volume. Tempfiles, swap files, everything are encrypted. If you're are *really* paranoid you could install Truecrypt on the Windows VM.

      See? If you think it through a little bit, you'll recognize that there *are* technological solutions for all levels of paranoia. But all the technological solutions are moot when the (l)users don't adhere to the security policies. Or when no clear security policies exist.

    6. Re:-truecrypt? by jrockway · · Score: 2, Funny

      > throw you in jail for contempt

      That could be good. Let's say they're investigating you for drug trafficing, but really you're planning to overthrow the government and all the plans are on your hard drive. OK, so they assume "the worst" and that you're a big drug dealer, and they throw you in prison for 15 years or something. Meanwhile, your rebel co-conspirators weren't revealed, and they successfully overthrew the government. Obviously you are freed from jail, and everyone is happy. (I should write movies :)

      And anyway, crypto isn't always about protecting yourself -- it helps keep honest people honest, too. Do you really want your bored UNIX admin reading your mails from your girlfriend about how much she likes your hair (or whatever)? No; so encrypt it.

      (As for disk encryption, do you really want your relatives going through your e-mail and IM conversations [or pr0n stash] if you suddenly die or something? No; so encrypt it.)

      --
      My other car is first.
  14. Here's an idea: by Ayanami+Rei · · Score: 3, Informative

    Take a simple linux install disk that uses initrd of your choice and comes with cryptoloop.
    Modify the initrd so it asks for a password before setting up the "real" root device on your harddrive.
    Burn the install CD with the modified initrd. Install linux using this disk (so it installs onto the now-encrypted hard drive)
    In order to use the system, you'll have to insert the install CD and use it as a boot CD everytime. But in this fashion no un-encrypted data is on any of your hard drives. To remove evidence that you can even access it, remove the CD when you're done using the computer, and store it in an inconspicous place.

    If you prefer using windows, deal with linux to the point you can install QEMU or VMWare. Install Windows normally in the virtual environment and it is encrypted as well (including the swap file!).

    --
    THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
  15. Plausible Deniability by Niet3sche · · Score: 2, Interesting
    Nonsense. I use Truecrypt, and have encrypted a whole drive. *Nothing* on it is unencrypted. It has no partition table. Any sort of analysis of it would show that it is complete indistinguishible from random noise. Taken out of the workstation that it currently resides in, it would be completely and utterly secure. And, unintelligible. Granted, it's not the boot drive, but so what?

    The really great thing about TrueCrypt, as I see it, is plausible deniability. This means that you can "nest" volumes and only have to account for the outer "envelope" when you are tortured by Homeland Security because you are using cryptography. The short of this: it is impossible to distinguish the "signal" of a nested hidden volume from the "noise" of random bits and such on the device.