Disk encryption easily cracked, researchers find

The disk encryption technology used to secure the data in your Windows, Apple and Linux laptops can be easily circumvented, according to new research out of Princeton University.

The flaw in this approach, the researchers say, is that data previously thought to disappear from dynamic RAM (DRAM) actually takes its time to dissolve, leaving the data on the computer vulnerable to thievery regardless of whether the laptop is on or off. That's because the disk encryption key, unlocked via a password when you log on to your computer, then is held in DRAM. If a thief can get a hold of the key, he can then get into the disk.

"We demonstrate our methods by using them to defeat three popular disk encryption products: BitLocker, which comes with Windows Vista; FileVault, which comes with MacOS X; and dm-crypt, which is used with Linux," writes Ed Felten, a Princeton professor, on his blog, Freedom to Tinker.

The researchers, which also included participants from the Electronic Frontier Foundation and Wind River Systems, have created a captivating video demonstrating a process (one using a program dubbed "Bit-unLocker") that can be used to snatch the data. In the video, the narrator explains that it takes seconds for data to fade and that the process can be slowed by cooling the memory chips (they chill the memory chips to around -58 F with a liquid spray and remove them without affecting the contents). The chips can even be switched to a different computer to read them. Liquid nitrogen can be used to cool the chips for hours, the researchers say.

"This is deadly for disk encryption products because they rely on keeping master decryption keys in DRAM," Felten writes.

Felten adds that even using Trusted Computing hardware doesn't help.

(A presentation from a pair of security researchers scheduled for Black Hat USA last summer that promised to undermine chip-based desktop and laptop security was suddenly withdrawn without explanation.)

The Princeton findings prompted Steven Sprague, CEO of Wave Systems, which makes management software for hardware security devices, to point out that such attacks on laptops would be preventable via hardware-based encryption offerings.

"The advantage of hardware-based encryption is that all the encryption, key management and access control all happen inside the chip so there is no software risk to reverse engineer the encryption silicon," Sprague said. The encryption key never leaves the hardware-based encryption disk in this case, he said.

Members of the Dataloss@attrition.org mailing list, which daily documents data breaches, buzzed about the findings, with some suggesting the research shows the need for multifactor authentication or partial keys stored in separate places.

US states have enacted a series of tough data disclosure laws over the past five years which force companies to notify residents whenever they lose sensitive information. Under these laws, a missing laptop can cost a company millions of dollars as well as public embarrassment as it is forced to track down and notify those whose data was lost.

However, many state laws, such as California's SB 1386 make an exception for encrypted PCs. So if a company or government agency loses an encrypted laptop containing sensitive data, they are not compelled to notify those affected.

The team's research may spur legislators to rethink that approach, Halderman said. "Maybe that law is placing too much faith in disk encryption technologies," he said. "It may be that we're not hearing about thefts of encrypted machines where that data could still be at risk."

Robert McMillan, IDG News Service, contributed to this report.