If you're encrypting the data on your hard drive using OS-level software encryption (e.g. Windows EFS, Vista BitBlocker, MacOS FileVault, Linux DM-Crypt, or TrueCrypt ), then a research study at Princeton University, partially funded by the Department of Homeland Security, has figured out how to read that data without your password. Well, that's just great.
Let me see if I can summarize the essential elements of the story:
- In order for OS-level encryption to work, the unencrypted keys must be held in RAM
- This includes when your system is powered on after a suspend or hibernation sequence. As soon as you see the Windows/Mac/Linux login prompt, the unencrypted key is now in RAM.
- Data stays in RAM after it's powered off, from seconds to minutes
- Here's the exploit:
- Black hat steals laptop & powers it on
- Laptop comes up to login prompt
- Black hat plugs in USB device with special hack/boot software
- Optionally the black hat sprays an upside-down can of compressed air on your RAM chip to freeze it. This causes the RAM chip's residual image to last much longer after power off, as in 10 minutes or longer.
- Black hat unplugs system (with battery out), then immediately plugs it back in
- This time the special boot/hack software copies the residual image in RAM to a file on the USB stick/drive
- Now they've got all day to scour the RAM image to find the unencrypted key. Of course they don't need that long.
- Once the find the key, they can use it to access all the encrypted data on the drive — even without your password
And there you have it. With a little bit of know-how (which they don't divulge any more than I have), and a can of compressed air if you want to take your time (good thing those are hard to find), you can render OS-level encryption completely worthless. They've demonstrated the exploit against Windows EFS, Vista BitBlocker, MacOS FileVault, Linux DM-Crypt, and TrueCrypt — and they broke every one of them. They believe that pretty much all versions of OS-level encryption will be vulnerable to this attack.
What are you to do? It sucks that you have to do this, but the answer is simple. If you are using OS-level encryption, the following two steps would work.
- Don't suspend, hibernate, or leave your system powered on when you leave it
- When you do power it off, wait a few minutes for the residual image in RAM to fade before you leave it unattended
They did mention in the report that some systems require you to enter a hard-drive level password before it will read the OS image and wake up from being suspend, and that systems so configured were also not vulnerable to this attack. But if when your system wakes up from hibernation/suspension, it comes right to a Windows/MacOS/Linux login screen, you are SOL.
Read the whole study here. Watch their YouTube video of a sample attack here. There's something about watching how easily they do it that's just downright eerie. If you're curious what a frozen RAM chip looks like, here you go.
Have a nice day. 😉
----- Signature and Disclaimer -----
Written by W. Curtis Preston (@wcpreston). For those of you unfamiliar with my work, I've specialized in backup & recovery since 1993. I've written the O'Reilly books on backup and have worked with a number of native and commercial tools. I am now Chief Technologist at Druva, the leading provider of cloud-based data protection and data management tools for endpoints, infrastructure, and cloud applications. These posts reflect my own opinion and are not necessarily the opinion of my employer.