Disk Encryption Bad News!

February 22nd, 2008

After being excited about the new version of Truecrypt and learning of FREE Compusec, this study really yanked the rug out from under full disk encryption. Researchers at Princeton discovered fairly easy ways to get a disks encryption key if a computer is on and even recently turned off. What is really bad news for some implementations of Bitlocker, and possibly other disk encryption techniques that store the key in a TPM chip, is that the computer can be turned off for months and this attack is still effective.

Other then making sure one’s computer is turned off completely — no sleep mode, even hibernation in some cases — there isn’t a good defense for software based full disk encryption. Segate’s Momentus FDE isn’t currently subject to this attack because the drive stores the key in it’s own memory chip independent of the system RAM.

This research from Princeton is certainly going to cause manufacturers to make new hardware technology to protect against RAM dump attacks.

Disk Encryption Good News!

February 22nd, 2008

Good news in the full disk encryption arena. Truecrypt 5.0, and now 5.0a, has been released. The most important new feature in the Windows version is that can encrypt the entire Windows system partition. Finally, an open source full disk encryption product for Windows. I’ve been using the full encryption on my home machine since Feb. 17th and there doesn’t seem to be any conflicts or performance issues. Steve Gibson, of GRC.com, ran a test (defragging copies of a hard drive) that showed performance to be increased under Truecrypt compared to an unencrypted drive. One limitation of TC’s full disk encryption is that it doesn’t support hibernation so it may not be suitable for most laptops.

Truecrypt also released versions for Mac OS X, though not full disk encryption. Along with Windows and Linux support Truecrypt volumes can be very portable between systems.

In addition to Truecrypt, FREE Compusec is a free, though not open source, product for full disk encryption for Windows. This product does support hibernation and it has some other features not currently in Truecrypt. I will do an evaluation of this product as well.

Disk Image Encryption for Macs

March 30th, 2007

TrueCrypt was mentioned in an earlier blog entry as a way to encrypt part of a drive. This great utility is only available for Linux and Windows. Well, Mac OS X has a built in way of encrypting disk images.

Mac Disk Encryption

As with TrueCrypt this method can be used for encrypting portions of a drive, and sections of a thumb drive as well. I’m liking Macs more and more as time goes on. ; )

Truecrypt, disk encryption software

March 20th, 2007

Truecrypt is a wonderful open source program for encrypting content on disk drives or removable media.  It works on Windows and Linux (sorry, fellow Mac users).  It is a good solution for protecting sensitive files.  When using a strong password this software can protect one’s data very, very well.

Setting up TrueCrypt to work on a portion of a hard drive is fairly straight forward.  Just follow the installation wizard.

Truecrypt can also encrypt data on a flash drive.  Though it is possible to encrypt the entire drive, that may not be the best option because by leaving a portion of the drive unencrypted then the drive can be set up in Traveler mode.  This mode can  set the drive up in a way that it can be used on most computers.  Note that it does require admin access to mount an encrypted volume, most everyone’s regular account is an admin anyway, except for Vista users (more on that in a future post).

Here is link to a video, by Chris at RioSec, that explains how to set up Traveler mode, step-by-step.

In conclusion, TrueCrypt is a wonderful open source tool that can protect data on hard drives and removable drives.  It is a good option for safeguarding confidential files.